diff --git a/configs/config-ccm-psk-dtls1_2.h b/configs/config-ccm-psk-dtls1_2.h index 78b75c860bcf..5d7e663d650c 100644 --- a/configs/config-ccm-psk-dtls1_2.h +++ b/configs/config-ccm-psk-dtls1_2.h @@ -72,8 +72,8 @@ * save ROM and a few bytes of RAM by specifying our own ciphersuite list */ #define MBEDTLS_SSL_CIPHERSUITES \ - MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \ - MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 + MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \ + MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 /* * Save RAM at the expense of interoperability: do this only if you control diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index 3216e17f3a66..1aa52a7cbca3 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -62,8 +62,8 @@ * save ROM and a few bytes of RAM by specifying our own ciphersuite list */ #define MBEDTLS_SSL_CIPHERSUITES \ - MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \ - MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 + MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \ + MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 /* * Save RAM at the expense of interoperability: do this only if you control diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 401ac39de87e..fb2322a6bb9b 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -72,7 +72,7 @@ /** AES hardware accelerator failed. */ #define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -88,8 +88,7 @@ extern "C" { /** * \brief The AES context-type definition. */ -typedef struct mbedtls_aes_context -{ +typedef struct mbedtls_aes_context { int nr; /*!< The number of rounds. */ uint32_t *rk; /*!< AES round keys. */ uint32_t buf[68]; /*!< Unaligned data buffer. This buffer can @@ -107,8 +106,7 @@ mbedtls_aes_context; /** * \brief The AES XTS context-type definition. */ -typedef struct mbedtls_aes_xts_context -{ +typedef struct mbedtls_aes_xts_context { mbedtls_aes_context crypt; /*!< The AES context to use for AES block encryption or decryption. */ mbedtls_aes_context tweak; /*!< The AES context used for tweak @@ -128,7 +126,7 @@ typedef struct mbedtls_aes_xts_context * * \param ctx The AES context to initialize. This must not be \c NULL. */ -void mbedtls_aes_init( mbedtls_aes_context *ctx ); +void mbedtls_aes_init(mbedtls_aes_context *ctx); /** * \brief This function releases and clears the specified AES context. @@ -137,7 +135,7 @@ void mbedtls_aes_init( mbedtls_aes_context *ctx ); * If this is \c NULL, this function does nothing. * Otherwise, the context must have been at least initialized. */ -void mbedtls_aes_free( mbedtls_aes_context *ctx ); +void mbedtls_aes_free(mbedtls_aes_context *ctx); #if defined(MBEDTLS_CIPHER_MODE_XTS) /** @@ -148,7 +146,7 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx ); * * \param ctx The AES XTS context to initialize. This must not be \c NULL. */ -void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ); +void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx); /** * \brief This function releases and clears the specified AES XTS context. @@ -157,7 +155,7 @@ void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ); * If this is \c NULL, this function does nothing. * Otherwise, the context must have been at least initialized. */ -void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ); +void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx); #endif /* MBEDTLS_CIPHER_MODE_XTS */ /** @@ -176,8 +174,8 @@ void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ); * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, - unsigned int keybits ); +int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits); /** * \brief This function sets the decryption key. @@ -195,8 +193,8 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, - unsigned int keybits ); +int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits); #if defined(MBEDTLS_CIPHER_MODE_XTS) /** @@ -216,9 +214,9 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx, + const unsigned char *key, + unsigned int keybits); /** * \brief This function prepares an XTS context for decryption and @@ -237,9 +235,9 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx, + const unsigned char *key, + unsigned int keybits); #endif /* MBEDTLS_CIPHER_MODE_XTS */ /** @@ -266,10 +264,10 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); +int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -314,12 +312,12 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, * on failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_XTS) @@ -359,12 +357,12 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, * length is larger than 2^20 blocks (16 MiB). */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, - int mode, - size_t length, - const unsigned char data_unit[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx, + int mode, + size_t length, + const unsigned char data_unit[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_XTS */ #if defined(MBEDTLS_CIPHER_MODE_CFB) @@ -408,13 +406,13 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); /** * \brief This function performs an AES-CFB8 encryption or decryption @@ -453,12 +451,12 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); #endif /*MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) @@ -508,12 +506,12 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_OFB */ @@ -591,13 +589,13 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CTR */ /** @@ -612,9 +610,9 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ); +int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]); /** * \brief Internal AES block decryption function. This is only @@ -628,9 +626,9 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ); +int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -648,9 +646,9 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, * \param input Plaintext block. * \param output Output (ciphertext) block. */ -MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_aes_encrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]); /** * \brief Deprecated internal AES block decryption function @@ -662,9 +660,9 @@ MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, * \param input Ciphertext block. * \param output Output (plaintext) block. */ -MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_aes_decrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -678,7 +676,7 @@ MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, * \return \c 1 on failure. */ MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_aes_self_test( int verbose ); +int mbedtls_aes_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/aesni.h b/include/mbedtls/aesni.h index c1d22f59af3e..653b146e7f5e 100644 --- a/include/mbedtls/aesni.h +++ b/include/mbedtls/aesni.h @@ -37,8 +37,8 @@ #define MBEDTLS_AESNI_CLMUL 0x00000002u #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \ - ( defined(__amd64__) || defined(__x86_64__) ) && \ - ! defined(MBEDTLS_HAVE_X86_64) + (defined(__amd64__) || defined(__x86_64__)) && \ + !defined(MBEDTLS_HAVE_X86_64) #define MBEDTLS_HAVE_X86_64 #endif @@ -59,7 +59,7 @@ extern "C" { * * \return 1 if CPU has support for the feature, 0 otherwise */ -int mbedtls_aesni_has_support( unsigned int what ); +int mbedtls_aesni_has_support(unsigned int what); /** * \brief Internal AES-NI AES-ECB block encryption and decryption @@ -74,10 +74,10 @@ int mbedtls_aesni_has_support( unsigned int what ); * * \return 0 on success (cannot fail) */ -int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); +int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]); /** * \brief Internal GCM multiplication: c = a * b in GF(2^128) @@ -92,9 +92,9 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, * \note Both operands and result are bit strings interpreted as * elements of GF(2^128) as per the GCM spec. */ -void mbedtls_aesni_gcm_mult( unsigned char c[16], - const unsigned char a[16], - const unsigned char b[16] ); +void mbedtls_aesni_gcm_mult(unsigned char c[16], + const unsigned char a[16], + const unsigned char b[16]); /** * \brief Internal round key inversion. This function computes @@ -107,9 +107,9 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16], * \param fwdkey Original round keys (for encryption) * \param nr Number of rounds (that is, number of round keys minus one) */ -void mbedtls_aesni_inverse_key( unsigned char *invkey, - const unsigned char *fwdkey, - int nr ); +void mbedtls_aesni_inverse_key(unsigned char *invkey, + const unsigned char *fwdkey, + int nr); /** * \brief Internal key expansion for encryption @@ -123,9 +123,9 @@ void mbedtls_aesni_inverse_key( unsigned char *invkey, * * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH */ -int mbedtls_aesni_setkey_enc( unsigned char *rk, - const unsigned char *key, - size_t bits ); +int mbedtls_aesni_setkey_enc(unsigned char *rk, + const unsigned char *key, + size_t bits); #ifdef __cplusplus } diff --git a/include/mbedtls/arc4.h b/include/mbedtls/arc4.h index f4b0f9f35084..d116dda4e9d6 100644 --- a/include/mbedtls/arc4.h +++ b/include/mbedtls/arc4.h @@ -53,8 +53,7 @@ extern "C" { * security risk. We recommend considering stronger ciphers instead. * */ -typedef struct mbedtls_arc4_context -{ +typedef struct mbedtls_arc4_context { int x; /*!< permutation index */ int y; /*!< permutation index */ unsigned char m[256]; /*!< permutation table */ @@ -75,7 +74,7 @@ mbedtls_arc4_context; * instead. * */ -void mbedtls_arc4_init( mbedtls_arc4_context *ctx ); +void mbedtls_arc4_init(mbedtls_arc4_context *ctx); /** * \brief Clear ARC4 context @@ -87,7 +86,7 @@ void mbedtls_arc4_init( mbedtls_arc4_context *ctx ); * instead. * */ -void mbedtls_arc4_free( mbedtls_arc4_context *ctx ); +void mbedtls_arc4_free(mbedtls_arc4_context *ctx); /** * \brief ARC4 key schedule @@ -101,8 +100,8 @@ void mbedtls_arc4_free( mbedtls_arc4_context *ctx ); * instead. * */ -void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, - unsigned int keylen ); +void mbedtls_arc4_setup(mbedtls_arc4_context *ctx, const unsigned char *key, + unsigned int keylen); /** * \brief ARC4 cipher function @@ -119,8 +118,8 @@ void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, * instead. * */ -int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, - unsigned char *output ); +int mbedtls_arc4_crypt(mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, + unsigned char *output); #if defined(MBEDTLS_SELF_TEST) @@ -134,7 +133,7 @@ int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned * instead. * */ -int mbedtls_arc4_self_test( int verbose ); +int mbedtls_arc4_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index d294c47f2d97..9856a1cae7ee 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -48,7 +48,7 @@ #define MBEDTLS_ARIA_MAX_KEYSIZE 32 /**< Maximum size of an ARIA key in bytes. */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x005C ) +#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(-0x005C) #endif /* !MBEDTLS_DEPRECATED_REMOVED */ /** Bad input data. */ #define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C @@ -76,8 +76,7 @@ extern "C" { /** * \brief The ARIA context-type definition. */ -typedef struct mbedtls_aria_context -{ +typedef struct mbedtls_aria_context { unsigned char nr; /*!< The number of rounds (12, 14 or 16) */ /*! The ARIA round keys. */ uint32_t rk[MBEDTLS_ARIA_MAX_ROUNDS + 1][MBEDTLS_ARIA_BLOCKSIZE / 4]; @@ -96,7 +95,7 @@ mbedtls_aria_context; * * \param ctx The ARIA context to initialize. This must not be \c NULL. */ -void mbedtls_aria_init( mbedtls_aria_context *ctx ); +void mbedtls_aria_init(mbedtls_aria_context *ctx); /** * \brief This function releases and clears the specified ARIA context. @@ -105,7 +104,7 @@ void mbedtls_aria_init( mbedtls_aria_context *ctx ); * case this function returns immediately. If it is not \c NULL, * it must point to an initialized ARIA context. */ -void mbedtls_aria_free( mbedtls_aria_context *ctx ); +void mbedtls_aria_free(mbedtls_aria_context *ctx); /** * \brief This function sets the encryption key. @@ -122,9 +121,9 @@ void mbedtls_aria_free( mbedtls_aria_context *ctx ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, + const unsigned char *key, + unsigned int keybits); /** * \brief This function sets the decryption key. @@ -141,9 +140,9 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, + const unsigned char *key, + unsigned int keybits); /** * \brief This function performs an ARIA single-block encryption or @@ -165,9 +164,9 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, - const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], - unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] ); +int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx, + const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], + unsigned char output[MBEDTLS_ARIA_BLOCKSIZE]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -211,12 +210,12 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, - int mode, - size_t length, - unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx, + int mode, + size_t length, + unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) @@ -261,13 +260,13 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) @@ -348,13 +347,13 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE], - unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE], + unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_SELF_TEST) @@ -363,7 +362,7 @@ int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, * * \return \c 0 on success, or \c 1 on failure. */ -int mbedtls_aria_self_test( int verbose ); +int mbedtls_aria_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 5117fc7a4184..540cdcc46947 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -97,15 +97,15 @@ /* Slightly smaller way to check if tag is a string tag * compared to canonical implementation. */ -#define MBEDTLS_ASN1_IS_STRING_TAG( tag ) \ - ( ( tag ) < 32u && ( \ - ( ( 1u << ( tag ) ) & ( ( 1u << MBEDTLS_ASN1_BMP_STRING ) | \ - ( 1u << MBEDTLS_ASN1_UTF8_STRING ) | \ - ( 1u << MBEDTLS_ASN1_T61_STRING ) | \ - ( 1u << MBEDTLS_ASN1_IA5_STRING ) | \ - ( 1u << MBEDTLS_ASN1_UNIVERSAL_STRING ) | \ - ( 1u << MBEDTLS_ASN1_PRINTABLE_STRING ) | \ - ( 1u << MBEDTLS_ASN1_BIT_STRING ) ) ) != 0 ) ) +#define MBEDTLS_ASN1_IS_STRING_TAG(tag) \ + ((tag) < 32u && ( \ + ((1u << (tag)) & ((1u << MBEDTLS_ASN1_BMP_STRING) | \ + (1u << MBEDTLS_ASN1_UTF8_STRING) | \ + (1u << MBEDTLS_ASN1_T61_STRING) | \ + (1u << MBEDTLS_ASN1_IA5_STRING) | \ + (1u << MBEDTLS_ASN1_UNIVERSAL_STRING) | \ + (1u << MBEDTLS_ASN1_PRINTABLE_STRING) | \ + (1u << MBEDTLS_ASN1_BIT_STRING))) != 0)) /* * Bit masks for each of the components of an ASN.1 tag as specified in @@ -133,12 +133,12 @@ * 'unsigned char *oid' here! */ #define MBEDTLS_OID_CMP(oid_str, oid_buf) \ - ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) || \ - memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 ) + ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len) || \ + memcmp((oid_str), (oid_buf)->p, (oid_buf)->len) != 0) #define MBEDTLS_OID_CMP_RAW(oid_str, oid_buf, oid_buf_len) \ - ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len) ) || \ - memcmp( (oid_str), (oid_buf), (oid_buf_len) ) != 0 ) + ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len)) || \ + memcmp((oid_str), (oid_buf), (oid_buf_len)) != 0) #ifdef __cplusplus extern "C" { @@ -152,8 +152,7 @@ extern "C" { /** * Type-length-value structure that allows for ASN1 using DER. */ -typedef struct mbedtls_asn1_buf -{ +typedef struct mbedtls_asn1_buf { int tag; /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */ size_t len; /**< ASN1 length, in octets. */ unsigned char *p; /**< ASN1 data, e.g. in ASCII. */ @@ -163,8 +162,7 @@ mbedtls_asn1_buf; /** * Container for ASN1 bit strings. */ -typedef struct mbedtls_asn1_bitstring -{ +typedef struct mbedtls_asn1_bitstring { size_t len; /**< ASN1 length, in octets. */ unsigned char unused_bits; /**< Number of unused bits at the end of the string */ unsigned char *p; /**< Raw ASN1 data for the bit string */ @@ -174,8 +172,7 @@ mbedtls_asn1_bitstring; /** * Container for a sequence of ASN.1 items */ -typedef struct mbedtls_asn1_sequence -{ +typedef struct mbedtls_asn1_sequence { mbedtls_asn1_buf buf; /**< Buffer containing the given ASN.1 item. */ struct mbedtls_asn1_sequence *next; /**< The next entry in the sequence. */ } @@ -184,8 +181,7 @@ mbedtls_asn1_sequence; /** * Container for a sequence or list of 'named' ASN.1 data items */ -typedef struct mbedtls_asn1_named_data -{ +typedef struct mbedtls_asn1_named_data { mbedtls_asn1_buf oid; /**< The object identifier. */ mbedtls_asn1_buf val; /**< The named value. */ struct mbedtls_asn1_named_data *next; /**< The next entry in the sequence. */ @@ -211,9 +207,9 @@ mbedtls_asn1_named_data; * would end beyond \p end. * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable. */ -int mbedtls_asn1_get_len( unsigned char **p, - const unsigned char *end, - size_t *len ); +int mbedtls_asn1_get_len(unsigned char **p, + const unsigned char *end, + size_t *len); /** * \brief Get the tag and length of the element. @@ -236,9 +232,9 @@ int mbedtls_asn1_get_len( unsigned char **p, * would end beyond \p end. * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable. */ -int mbedtls_asn1_get_tag( unsigned char **p, - const unsigned char *end, - size_t *len, int tag ); +int mbedtls_asn1_get_tag(unsigned char **p, + const unsigned char *end, + size_t *len, int tag); /** * \brief Retrieve a boolean ASN.1 tag and its value. @@ -255,9 +251,9 @@ int mbedtls_asn1_get_tag( unsigned char **p, * \return An ASN.1 error code if the input does not start with * a valid ASN.1 BOOLEAN. */ -int mbedtls_asn1_get_bool( unsigned char **p, - const unsigned char *end, - int *val ); +int mbedtls_asn1_get_bool(unsigned char **p, + const unsigned char *end, + int *val); /** * \brief Retrieve an integer ASN.1 tag and its value. @@ -276,9 +272,9 @@ int mbedtls_asn1_get_bool( unsigned char **p, * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does * not fit in an \c int. */ -int mbedtls_asn1_get_int( unsigned char **p, - const unsigned char *end, - int *val ); +int mbedtls_asn1_get_int(unsigned char **p, + const unsigned char *end, + int *val); /** * \brief Retrieve an enumerated ASN.1 tag and its value. @@ -297,9 +293,9 @@ int mbedtls_asn1_get_int( unsigned char **p, * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does * not fit in an \c int. */ -int mbedtls_asn1_get_enum( unsigned char **p, - const unsigned char *end, - int *val ); +int mbedtls_asn1_get_enum(unsigned char **p, + const unsigned char *end, + int *val); /** * \brief Retrieve a bitstring ASN.1 tag and its value. @@ -318,8 +314,8 @@ int mbedtls_asn1_get_enum( unsigned char **p, * \return An ASN.1 error code if the input does not start with * a valid ASN.1 BIT STRING. */ -int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, - mbedtls_asn1_bitstring *bs ); +int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end, + mbedtls_asn1_bitstring *bs); /** * \brief Retrieve a bitstring ASN.1 tag without unused bits and its @@ -339,9 +335,9 @@ int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, * \return An ASN.1 error code if the input does not start with * a valid ASN.1 BIT STRING. */ -int mbedtls_asn1_get_bitstring_null( unsigned char **p, - const unsigned char *end, - size_t *len ); +int mbedtls_asn1_get_bitstring_null(unsigned char **p, + const unsigned char *end, + size_t *len); /** * \brief Parses and splits an ASN.1 "SEQUENCE OF ". @@ -390,10 +386,10 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p, * \return An ASN.1 error code if the input does not start with * a valid ASN.1 SEQUENCE. */ -int mbedtls_asn1_get_sequence_of( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_sequence *cur, - int tag ); +int mbedtls_asn1_get_sequence_of(unsigned char **p, + const unsigned char *end, + mbedtls_asn1_sequence *cur, + int tag); /** * \brief Free a heap-allocated linked list presentation of * an ASN.1 sequence, including the first element. @@ -415,7 +411,7 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p, * be \c NULL, in which case this functions returns * immediately. */ -void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ); +void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq); /** * \brief Traverse an ASN.1 SEQUENCE container and @@ -507,9 +503,9 @@ int mbedtls_asn1_traverse_sequence_of( const unsigned char *end, unsigned char tag_must_mask, unsigned char tag_must_val, unsigned char tag_may_mask, unsigned char tag_may_val, - int (*cb)( void *ctx, int tag, - unsigned char* start, size_t len ), - void *ctx ); + int (*cb)(void *ctx, int tag, + unsigned char *start, size_t len), + void *ctx); #if defined(MBEDTLS_BIGNUM_C) /** @@ -530,9 +526,9 @@ int mbedtls_asn1_traverse_sequence_of( * not fit in an \c int. * \return An MPI error code if the parsed value is too large. */ -int mbedtls_asn1_get_mpi( unsigned char **p, - const unsigned char *end, - mbedtls_mpi *X ); +int mbedtls_asn1_get_mpi(unsigned char **p, + const unsigned char *end, + mbedtls_mpi *X); #endif /* MBEDTLS_BIGNUM_C */ /** @@ -551,9 +547,9 @@ int mbedtls_asn1_get_mpi( unsigned char **p, * * \return 0 if successful or a specific ASN.1 or MPI error code. */ -int mbedtls_asn1_get_alg( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ); +int mbedtls_asn1_get_alg(unsigned char **p, + const unsigned char *end, + mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params); /** * \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no @@ -570,9 +566,9 @@ int mbedtls_asn1_get_alg( unsigned char **p, * * \return 0 if successful or a specific ASN.1 or MPI error code. */ -int mbedtls_asn1_get_alg_null( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_buf *alg ); +int mbedtls_asn1_get_alg_null(unsigned char **p, + const unsigned char *end, + mbedtls_asn1_buf *alg); /** * \brief Find a specific named_data entry in a sequence or list based on @@ -584,8 +580,8 @@ int mbedtls_asn1_get_alg_null( unsigned char **p, * * \return NULL if not found, or a pointer to the existing entry. */ -mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list, - const char *oid, size_t len ); +mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(mbedtls_asn1_named_data *list, + const char *oid, size_t len); /** * \brief Free a mbedtls_asn1_named_data entry @@ -594,7 +590,7 @@ mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data * * This function calls mbedtls_free() on * `entry->oid.p` and `entry->val.p`. */ -void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry ); +void mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *entry); /** * \brief Free all entries in a mbedtls_asn1_named_data list. @@ -604,7 +600,7 @@ void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry ); * mbedtls_free() on each list element and * sets \c *head to \c NULL. */ -void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ); +void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head); /** \} name Functions to parse ASN.1 data structures */ /** \} addtogroup asn1_module */ diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 5da7654bb403..a439268b0ea6 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -33,11 +33,11 @@ #define MBEDTLS_ASN1_CHK_ADD(g, f) \ do \ { \ - if( ( ret = (f) ) < 0 ) \ - return( ret ); \ + if ((ret = (f)) < 0) \ + return ret; \ else \ - (g) += ret; \ - } while( 0 ) + (g) += ret; \ + } while (0) #ifdef __cplusplus extern "C" { @@ -55,8 +55,8 @@ extern "C" { * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, - size_t len ); +int mbedtls_asn1_write_len(unsigned char **p, unsigned char *start, + size_t len); /** * \brief Write an ASN.1 tag in ASN.1 format. * @@ -69,8 +69,8 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, - unsigned char tag ); +int mbedtls_asn1_write_tag(unsigned char **p, unsigned char *start, + unsigned char tag); /** * \brief Write raw buffer data. @@ -85,8 +85,8 @@ int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t size ); +int mbedtls_asn1_write_raw_buffer(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t size); #if defined(MBEDTLS_BIGNUM_C) /** @@ -103,8 +103,8 @@ int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, - const mbedtls_mpi *X ); +int mbedtls_asn1_write_mpi(unsigned char **p, unsigned char *start, + const mbedtls_mpi *X); #endif /* MBEDTLS_BIGNUM_C */ /** @@ -119,7 +119,7 @@ int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ); +int mbedtls_asn1_write_null(unsigned char **p, unsigned char *start); /** * \brief Write an OID tag (#MBEDTLS_ASN1_OID) and data @@ -135,8 +135,8 @@ int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ); * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len ); +int mbedtls_asn1_write_oid(unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len); /** * \brief Write an AlgorithmIdentifier sequence in ASN.1 format. @@ -153,10 +153,10 @@ int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, - unsigned char *start, - const char *oid, size_t oid_len, - size_t par_len ); +int mbedtls_asn1_write_algorithm_identifier(unsigned char **p, + unsigned char *start, + const char *oid, size_t oid_len, + size_t par_len); /** * \brief Write a boolean tag (#MBEDTLS_ASN1_BOOLEAN) and value @@ -171,8 +171,8 @@ int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, - int boolean ); +int mbedtls_asn1_write_bool(unsigned char **p, unsigned char *start, + int boolean); /** * \brief Write an int tag (#MBEDTLS_ASN1_INTEGER) and value @@ -188,7 +188,7 @@ int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ); +int mbedtls_asn1_write_int(unsigned char **p, unsigned char *start, int val); /** * \brief Write an enum tag (#MBEDTLS_ASN1_ENUMERATED) and value @@ -203,7 +203,7 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ); * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val ); +int mbedtls_asn1_write_enum(unsigned char **p, unsigned char *start, int val); /** * \brief Write a string in ASN.1 format using a specific @@ -222,9 +222,9 @@ int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val ); * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, - int tag, const char *text, - size_t text_len ); +int mbedtls_asn1_write_tagged_string(unsigned char **p, unsigned char *start, + int tag, const char *text, + size_t text_len); /** * \brief Write a string in ASN.1 format using the PrintableString @@ -241,9 +241,9 @@ int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_printable_string( unsigned char **p, - unsigned char *start, - const char *text, size_t text_len ); +int mbedtls_asn1_write_printable_string(unsigned char **p, + unsigned char *start, + const char *text, size_t text_len); /** * \brief Write a UTF8 string in ASN.1 format using the UTF8String @@ -260,8 +260,8 @@ int mbedtls_asn1_write_printable_string( unsigned char **p, * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ); +int mbedtls_asn1_write_utf8_string(unsigned char **p, unsigned char *start, + const char *text, size_t text_len); /** * \brief Write a string in ASN.1 format using the IA5String @@ -278,8 +278,8 @@ int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ); +int mbedtls_asn1_write_ia5_string(unsigned char **p, unsigned char *start, + const char *text, size_t text_len); /** * \brief Write a bitstring tag (#MBEDTLS_ASN1_BIT_STRING) and @@ -295,8 +295,8 @@ int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t bits ); +int mbedtls_asn1_write_bitstring(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t bits); /** * \brief This function writes a named bitstring tag @@ -315,10 +315,10 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_named_bitstring( unsigned char **p, - unsigned char *start, - const unsigned char *buf, - size_t bits ); +int mbedtls_asn1_write_named_bitstring(unsigned char **p, + unsigned char *start, + const unsigned char *buf, + size_t bits); /** * \brief Write an octet string tag (#MBEDTLS_ASN1_OCTET_STRING) @@ -334,8 +334,8 @@ int mbedtls_asn1_write_named_bitstring( unsigned char **p, * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t size ); +int mbedtls_asn1_write_octet_string(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t size); /** * \brief Create or find a specific named_data entry for writing in a @@ -358,10 +358,10 @@ int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, * \return A pointer to the new / existing entry on success. * \return \c NULL if if there was a memory allocation error. */ -mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list, - const char *oid, size_t oid_len, - const unsigned char *val, - size_t val_len ); +mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data **list, + const char *oid, size_t oid_len, + const unsigned char *val, + size_t val_len); #ifdef __cplusplus } diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h index cf4149e731dc..ec9c408f5280 100644 --- a/include/mbedtls/base64.h +++ b/include/mbedtls/base64.h @@ -58,8 +58,8 @@ extern "C" { * \note Call this function with dlen = 0 to obtain the * required buffer size in *olen */ -int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, - const unsigned char *src, size_t slen ); +int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen, + const unsigned char *src, size_t slen); /** * \brief Decode a base64-formatted buffer @@ -78,8 +78,8 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, * \note Call this function with *dst = NULL or dlen = 0 to obtain * the required buffer size in *olen */ -int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, - const unsigned char *src, size_t slen ); +int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen, + const unsigned char *src, size_t slen); #if defined(MBEDTLS_SELF_TEST) /** @@ -87,7 +87,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_base64_self_test( int verbose ); +int mbedtls_base64_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index c61db82c6d79..d706a2c4c87e 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -55,9 +55,9 @@ #define MBEDTLS_MPI_CHK(f) \ do \ { \ - if( ( ret = (f) ) != 0 ) \ - goto cleanup; \ - } while( 0 ) + if ((ret = (f)) != 0) \ + goto cleanup; \ + } while (0) /* * Maximum size MPIs are allowed to grow to in number of limbs. @@ -88,7 +88,7 @@ #define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ #endif /* !MBEDTLS_MPI_MAX_SIZE */ -#define MBEDTLS_MPI_MAX_BITS ( 8 * MBEDTLS_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */ +#define MBEDTLS_MPI_MAX_BITS (8 * MBEDTLS_MPI_MAX_SIZE) /**< Maximum number of bits for usable MPIs. */ /* * When reading from files with mbedtls_mpi_read_file() and writing to files with @@ -108,9 +108,11 @@ * MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) + * LabelSize + 6 */ -#define MBEDTLS_MPI_MAX_BITS_SCALE100 ( 100 * MBEDTLS_MPI_MAX_BITS ) +#define MBEDTLS_MPI_MAX_BITS_SCALE100 (100 * MBEDTLS_MPI_MAX_BITS) #define MBEDTLS_LN_2_DIV_LN_10_SCALE100 332 -#define MBEDTLS_MPI_RW_BUFFER_SIZE ( ((MBEDTLS_MPI_MAX_BITS_SCALE100 + MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6 ) +#define MBEDTLS_MPI_RW_BUFFER_SIZE (((MBEDTLS_MPI_MAX_BITS_SCALE100 + \ + MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / \ + MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6) /* * Define the base integer type, architecture-wise. @@ -124,60 +126,60 @@ */ #if !defined(MBEDTLS_HAVE_INT32) #if defined(_MSC_VER) && defined(_M_AMD64) - /* Always choose 64-bit when using MSC */ +/* Always choose 64-bit when using MSC */ #if !defined(MBEDTLS_HAVE_INT64) #define MBEDTLS_HAVE_INT64 #endif /* !MBEDTLS_HAVE_INT64 */ - typedef int64_t mbedtls_mpi_sint; - typedef uint64_t mbedtls_mpi_uint; +typedef int64_t mbedtls_mpi_sint; +typedef uint64_t mbedtls_mpi_uint; #elif defined(__GNUC__) && ( \ - defined(__amd64__) || defined(__x86_64__) || \ - defined(__ppc64__) || defined(__powerpc64__) || \ - defined(__ia64__) || defined(__alpha__) || \ - ( defined(__sparc__) && defined(__arch64__) ) || \ - defined(__s390x__) || defined(__mips64) || \ - defined(__aarch64__) ) + defined(__amd64__) || defined(__x86_64__) || \ + defined(__ppc64__) || defined(__powerpc64__) || \ + defined(__ia64__) || defined(__alpha__) || \ + (defined(__sparc__) && defined(__arch64__)) || \ + defined(__s390x__) || defined(__mips64) || \ + defined(__aarch64__)) #if !defined(MBEDTLS_HAVE_INT64) #define MBEDTLS_HAVE_INT64 #endif /* MBEDTLS_HAVE_INT64 */ - typedef int64_t mbedtls_mpi_sint; - typedef uint64_t mbedtls_mpi_uint; +typedef int64_t mbedtls_mpi_sint; +typedef uint64_t mbedtls_mpi_uint; #if !defined(MBEDTLS_NO_UDBL_DIVISION) - /* mbedtls_t_udbl defined as 128-bit unsigned int */ - typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI))); +/* mbedtls_t_udbl defined as 128-bit unsigned int */ +typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI))); #define MBEDTLS_HAVE_UDBL #endif /* !MBEDTLS_NO_UDBL_DIVISION */ #elif defined(__ARMCC_VERSION) && defined(__aarch64__) - /* - * __ARMCC_VERSION is defined for both armcc and armclang and - * __aarch64__ is only defined by armclang when compiling 64-bit code - */ +/* + * __ARMCC_VERSION is defined for both armcc and armclang and + * __aarch64__ is only defined by armclang when compiling 64-bit code + */ #if !defined(MBEDTLS_HAVE_INT64) #define MBEDTLS_HAVE_INT64 #endif /* !MBEDTLS_HAVE_INT64 */ - typedef int64_t mbedtls_mpi_sint; - typedef uint64_t mbedtls_mpi_uint; +typedef int64_t mbedtls_mpi_sint; +typedef uint64_t mbedtls_mpi_uint; #if !defined(MBEDTLS_NO_UDBL_DIVISION) - /* mbedtls_t_udbl defined as 128-bit unsigned int */ - typedef __uint128_t mbedtls_t_udbl; +/* mbedtls_t_udbl defined as 128-bit unsigned int */ +typedef __uint128_t mbedtls_t_udbl; #define MBEDTLS_HAVE_UDBL #endif /* !MBEDTLS_NO_UDBL_DIVISION */ #elif defined(MBEDTLS_HAVE_INT64) - /* Force 64-bit integers with unknown compiler */ - typedef int64_t mbedtls_mpi_sint; - typedef uint64_t mbedtls_mpi_uint; +/* Force 64-bit integers with unknown compiler */ +typedef int64_t mbedtls_mpi_sint; +typedef uint64_t mbedtls_mpi_uint; #endif #endif /* !MBEDTLS_HAVE_INT32 */ #if !defined(MBEDTLS_HAVE_INT64) - /* Default to 32-bit compilation */ +/* Default to 32-bit compilation */ #if !defined(MBEDTLS_HAVE_INT32) #define MBEDTLS_HAVE_INT32 #endif /* !MBEDTLS_HAVE_INT32 */ - typedef int32_t mbedtls_mpi_sint; - typedef uint32_t mbedtls_mpi_uint; +typedef int32_t mbedtls_mpi_sint; +typedef uint32_t mbedtls_mpi_uint; #if !defined(MBEDTLS_NO_UDBL_DIVISION) - typedef uint64_t mbedtls_t_udbl; +typedef uint64_t mbedtls_t_udbl; #define MBEDTLS_HAVE_UDBL #endif /* !MBEDTLS_NO_UDBL_DIVISION */ #endif /* !MBEDTLS_HAVE_INT64 */ @@ -203,8 +205,7 @@ extern "C" { /** * \brief MPI structure */ -typedef struct mbedtls_mpi -{ +typedef struct mbedtls_mpi { /** Sign: -1 if the mpi is negative, 1 otherwise. * * The number 0 must be represented with `s = +1`. Although many library @@ -237,7 +238,7 @@ mbedtls_mpi; * * \param X The MPI context to initialize. This must not be \c NULL. */ -void mbedtls_mpi_init( mbedtls_mpi *X ); +void mbedtls_mpi_init(mbedtls_mpi *X); /** * \brief This function frees the components of an MPI context. @@ -246,7 +247,7 @@ void mbedtls_mpi_init( mbedtls_mpi *X ); * in which case this function is a no-op. If it is * not \c NULL, it must point to an initialized MPI. */ -void mbedtls_mpi_free( mbedtls_mpi *X ); +void mbedtls_mpi_free(mbedtls_mpi *X); /** * \brief Enlarge an MPI to the specified number of limbs. @@ -261,7 +262,7 @@ void mbedtls_mpi_free( mbedtls_mpi *X ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ); +int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs); /** * \brief This function resizes an MPI downwards, keeping at least the @@ -278,7 +279,7 @@ int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ); * (this can only happen when resizing up). * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ); +int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs); /** * \brief Make a copy of an MPI. @@ -293,7 +294,7 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ); +int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y); /** * \brief Swap the contents of two MPIs. @@ -301,7 +302,7 @@ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ); * \param X The first MPI. It must be initialized. * \param Y The second MPI. It must be initialized. */ -void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ); +void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y); /** * \brief Perform a safe conditional copy of MPI which doesn't @@ -331,7 +332,7 @@ void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign ); +int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign); /** * \brief Perform a safe conditional swap which doesn't @@ -360,7 +361,7 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned * \return Another negative error code on other kinds of failure. * */ -int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap ); +int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap); /** * \brief Store integer value in MPI. @@ -372,7 +373,7 @@ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char sw * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ); +int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z); /** * \brief Get a specific bit from an MPI. @@ -384,7 +385,7 @@ int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ); * of \c X is unset or set. * \return A negative error code on failure. */ -int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos ); +int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos); /** * \brief Modify a specific bit in an MPI. @@ -401,7 +402,7 @@ int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val ); +int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val); /** * \brief Return the number of bits of value \c 0 before the @@ -415,7 +416,7 @@ int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val ); * \return The number of bits of value \c 0 before the least significant * bit of value \c 1 in \p X. */ -size_t mbedtls_mpi_lsb( const mbedtls_mpi *X ); +size_t mbedtls_mpi_lsb(const mbedtls_mpi *X); /** * \brief Return the number of bits up to and including the most @@ -429,7 +430,7 @@ size_t mbedtls_mpi_lsb( const mbedtls_mpi *X ); * \return The number of bits up to and including the most * significant bit of value \c 1. */ -size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X ); +size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X); /** * \brief Return the total size of an MPI value in bytes. @@ -444,7 +445,7 @@ size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X ); * \return The least number of bytes capable of storing * the absolute value of \p X. */ -size_t mbedtls_mpi_size( const mbedtls_mpi *X ); +size_t mbedtls_mpi_size(const mbedtls_mpi *X); /** * \brief Import an MPI from an ASCII string. @@ -456,7 +457,7 @@ size_t mbedtls_mpi_size( const mbedtls_mpi *X ); * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ); +int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s); /** * \brief Export an MPI to an ASCII string. @@ -480,8 +481,8 @@ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ); * size of \p buf required for a successful call. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, - char *buf, size_t buflen, size_t *olen ); +int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix, + char *buf, size_t buflen, size_t *olen); #if defined(MBEDTLS_FS_IO) /** @@ -505,7 +506,7 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, * is too small. * \return Another negative error code on failure. */ -int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ); +int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin); /** * \brief Export an MPI into an opened file. @@ -522,8 +523,8 @@ int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ); * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, - int radix, FILE *fout ); +int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X, + int radix, FILE *fout); #endif /* MBEDTLS_FS_IO */ /** @@ -538,8 +539,8 @@ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, - size_t buflen ); +int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, + size_t buflen); /** * \brief Import X from unsigned binary data, little endian @@ -553,8 +554,8 @@ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, - const unsigned char *buf, size_t buflen ); +int mbedtls_mpi_read_binary_le(mbedtls_mpi *X, + const unsigned char *buf, size_t buflen); /** * \brief Export X into unsigned binary data, big endian. @@ -571,8 +572,8 @@ int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, * large enough to hold the value of \p X. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, - size_t buflen ); +int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf, + size_t buflen); /** * \brief Export X into unsigned binary data, little endian. @@ -589,8 +590,8 @@ int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, * large enough to hold the value of \p X. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X, - unsigned char *buf, size_t buflen ); +int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X, + unsigned char *buf, size_t buflen); /** * \brief Perform a left-shift on an MPI: X <<= count @@ -602,7 +603,7 @@ int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ); +int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count); /** * \brief Perform a right-shift on an MPI: X >>= count @@ -614,7 +615,7 @@ int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ); +int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count); /** * \brief Compare the absolute values of two MPIs. @@ -626,7 +627,7 @@ int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ); * \return \c -1 if `|X|` is lesser than `|Y|`. * \return \c 0 if `|X|` is equal to `|Y|`. */ -int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ); +int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y); /** * \brief Compare two MPIs. @@ -638,7 +639,7 @@ int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ); * \return \c -1 if \p X is lesser than \p Y. * \return \c 0 if \p X is equal to \p Y. */ -int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ); +int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y); /** * \brief Check if an MPI is less than the other in constant time. @@ -655,8 +656,8 @@ int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ); * \return MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of * the two input MPIs is not the same. */ -int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, - unsigned *ret ); +int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, const mbedtls_mpi *Y, + unsigned *ret); /** * \brief Compare an MPI with an integer. @@ -668,7 +669,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, * \return \c -1 if \p X is lesser than \p z. * \return \c 0 if \p X is equal to \p z. */ -int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ); +int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z); /** * \brief Perform an unsigned addition of MPIs: X = |A| + |B| @@ -681,8 +682,8 @@ int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform an unsigned subtraction of MPIs: X = |A| - |B| @@ -696,8 +697,8 @@ int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, * \return Another negative error code on different kinds of failure. * */ -int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform a signed addition of MPIs: X = A + B @@ -710,8 +711,8 @@ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform a signed subtraction of MPIs: X = A - B @@ -724,8 +725,8 @@ int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform a signed addition of an MPI and an integer: X = A + b @@ -738,8 +739,8 @@ int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, - mbedtls_mpi_sint b ); +int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A, + mbedtls_mpi_sint b); /** * \brief Perform a signed subtraction of an MPI and an integer: @@ -753,8 +754,8 @@ int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, - mbedtls_mpi_sint b ); +int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A, + mbedtls_mpi_sint b); /** * \brief Perform a multiplication of two MPIs: X = A * B @@ -768,8 +769,8 @@ int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, * \return Another negative error code on different kinds of failure. * */ -int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform a multiplication of an MPI with an unsigned integer: @@ -784,8 +785,8 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, * \return Another negative error code on different kinds of failure. * */ -int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, - mbedtls_mpi_uint b ); +int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A, + mbedtls_mpi_uint b); /** * \brief Perform a division with remainder of two MPIs: @@ -805,8 +806,8 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform a division with remainder of an MPI by an integer: @@ -826,8 +827,8 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, - mbedtls_mpi_sint b ); +int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, + mbedtls_mpi_sint b); /** * \brief Perform a modular reduction. R = A mod B @@ -846,8 +847,8 @@ int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, * \return Another negative error code on different kinds of failure. * */ -int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform a modular reduction with respect to an integer. @@ -865,8 +866,8 @@ int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, - mbedtls_mpi_sint b ); +int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A, + mbedtls_mpi_sint b); /** * \brief Perform a sliding-window exponentiation: X = A^E mod N @@ -895,9 +896,9 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, * \return Another negative error code on different kinds of failures. * */ -int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *E, const mbedtls_mpi *N, - mbedtls_mpi *prec_RR ); +int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *E, const mbedtls_mpi *N, + mbedtls_mpi *prec_RR); /** * \brief Fill an MPI with a number of random bytes. @@ -916,9 +917,9 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, * as a big-endian representation of an MPI; this can * be relevant in applications like deterministic ECDSA. */ -int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** Generate a random number uniformly in a range. * @@ -952,11 +953,11 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, * for all usual cryptographic applications. * \return Another negative error code on failure. */ -int mbedtls_mpi_random( mbedtls_mpi *X, - mbedtls_mpi_sint min, - const mbedtls_mpi *N, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_mpi_random(mbedtls_mpi *X, + mbedtls_mpi_sint min, + const mbedtls_mpi *N, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Compute the greatest common divisor: G = gcd(A, B) @@ -969,8 +970,8 @@ int mbedtls_mpi_random( mbedtls_mpi *X, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Compute the modular inverse: X = A^-1 mod N @@ -988,8 +989,8 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse * with respect to \p N. */ -int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *N ); +int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *N); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -1016,9 +1017,9 @@ int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime. * \return Another negative error code on other kinds of failure. */ -MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime(const mbedtls_mpi *X, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -1049,9 +1050,9 @@ MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X, * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime. * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Flags for mbedtls_mpi_gen_prime() * @@ -1082,9 +1083,9 @@ typedef enum { * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between * \c 3 and #MBEDTLS_MPI_MAX_BITS. */ -int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #if defined(MBEDTLS_SELF_TEST) @@ -1093,7 +1094,7 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_mpi_self_test( int verbose ); +int mbedtls_mpi_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/blowfish.h b/include/mbedtls/blowfish.h index d5f809921fa4..7936d2f8a490 100644 --- a/include/mbedtls/blowfish.h +++ b/include/mbedtls/blowfish.h @@ -41,7 +41,7 @@ #define MBEDTLS_BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0016 ) +#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(-0x0016) #endif /* !MBEDTLS_DEPRECATED_REMOVED */ /** Bad input data. */ #define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016 @@ -65,8 +65,7 @@ extern "C" { /** * \brief Blowfish context structure */ -typedef struct mbedtls_blowfish_context -{ +typedef struct mbedtls_blowfish_context { uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */ uint32_t S[4][256]; /*!< key dependent S-boxes */ } @@ -82,7 +81,7 @@ mbedtls_blowfish_context; * \param ctx The Blowfish context to be initialized. * This must not be \c NULL. */ -void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ); +void mbedtls_blowfish_init(mbedtls_blowfish_context *ctx); /** * \brief Clear a Blowfish context. @@ -92,7 +91,7 @@ void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ); * returns immediately. If it is not \c NULL, it must * point to an initialized Blowfish context. */ -void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ); +void mbedtls_blowfish_free(mbedtls_blowfish_context *ctx); /** * \brief Perform a Blowfish key schedule operation. @@ -106,8 +105,8 @@ void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ); * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key, - unsigned int keybits ); +int mbedtls_blowfish_setkey(mbedtls_blowfish_context *ctx, const unsigned char *key, + unsigned int keybits); /** * \brief Perform a Blowfish-ECB block encryption/decryption operation. @@ -125,10 +124,10 @@ int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, - int mode, - const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE], - unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] ); +int mbedtls_blowfish_crypt_ecb(mbedtls_blowfish_context *ctx, + int mode, + const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE], + unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -159,12 +158,12 @@ int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, - int mode, - size_t length, - unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); +int mbedtls_blowfish_crypt_cbc(mbedtls_blowfish_context *ctx, + int mode, + size_t length, + unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) @@ -199,13 +198,13 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); +int mbedtls_blowfish_crypt_cfb64(mbedtls_blowfish_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output); #endif /*MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) @@ -272,13 +271,13 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE], - unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); +int mbedtls_blowfish_crypt_ctr(mbedtls_blowfish_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE], + unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CTR */ #ifdef __cplusplus diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h index bce9ce38c351..a0bc4d061d3f 100644 --- a/include/mbedtls/bn_mul.h +++ b/include/mbedtls/bn_mul.h @@ -51,36 +51,36 @@ */ #if defined(MBEDTLS_HAVE_INT32) -#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \ - ( (mbedtls_mpi_uint) (a) << 0 ) | \ - ( (mbedtls_mpi_uint) (b) << 8 ) | \ - ( (mbedtls_mpi_uint) (c) << 16 ) | \ - ( (mbedtls_mpi_uint) (d) << 24 ) +#define MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d) \ + ((mbedtls_mpi_uint) (a) << 0) | \ + ((mbedtls_mpi_uint) (b) << 8) | \ + ((mbedtls_mpi_uint) (c) << 16) | \ + ((mbedtls_mpi_uint) (d) << 24) -#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \ - MBEDTLS_BYTES_TO_T_UINT_4( a, b, 0, 0 ) +#define MBEDTLS_BYTES_TO_T_UINT_2(a, b) \ + MBEDTLS_BYTES_TO_T_UINT_4(a, b, 0, 0) -#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ - MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ), \ - MBEDTLS_BYTES_TO_T_UINT_4( e, f, g, h ) +#define MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, e, f, g, h) \ + MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d), \ + MBEDTLS_BYTES_TO_T_UINT_4(e, f, g, h) #else /* 64-bits */ -#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ - ( (mbedtls_mpi_uint) (a) << 0 ) | \ - ( (mbedtls_mpi_uint) (b) << 8 ) | \ - ( (mbedtls_mpi_uint) (c) << 16 ) | \ - ( (mbedtls_mpi_uint) (d) << 24 ) | \ - ( (mbedtls_mpi_uint) (e) << 32 ) | \ - ( (mbedtls_mpi_uint) (f) << 40 ) | \ - ( (mbedtls_mpi_uint) (g) << 48 ) | \ - ( (mbedtls_mpi_uint) (h) << 56 ) - -#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \ - MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 ) - -#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \ - MBEDTLS_BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 ) +#define MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, e, f, g, h) \ + ((mbedtls_mpi_uint) (a) << 0) | \ + ((mbedtls_mpi_uint) (b) << 8) | \ + ((mbedtls_mpi_uint) (c) << 16) | \ + ((mbedtls_mpi_uint) (d) << 24) | \ + ((mbedtls_mpi_uint) (e) << 32) | \ + ((mbedtls_mpi_uint) (f) << 40) | \ + ((mbedtls_mpi_uint) (g) << 48) | \ + ((mbedtls_mpi_uint) (h) << 56) + +#define MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d) \ + MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, 0, 0, 0, 0) + +#define MBEDTLS_BYTES_TO_T_UINT_2(a, b) \ + MBEDTLS_BYTES_TO_T_UINT_8(a, b, 0, 0, 0, 0, 0, 0) #endif /* bits in mbedtls_mpi_uint */ diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h index d39d932fa2cf..05397d23166a 100644 --- a/include/mbedtls/camellia.h +++ b/include/mbedtls/camellia.h @@ -37,7 +37,7 @@ #define MBEDTLS_CAMELLIA_DECRYPT 0 #if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0024 ) +#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(-0x0024) #endif /* !MBEDTLS_DEPRECATED_REMOVED */ /** Bad input data. */ #define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024 @@ -61,8 +61,7 @@ extern "C" { /** * \brief CAMELLIA context structure */ -typedef struct mbedtls_camellia_context -{ +typedef struct mbedtls_camellia_context { int nr; /*!< number of rounds */ uint32_t rk[68]; /*!< CAMELLIA round keys */ } @@ -78,7 +77,7 @@ mbedtls_camellia_context; * \param ctx The CAMELLIA context to be initialized. * This must not be \c NULL. */ -void mbedtls_camellia_init( mbedtls_camellia_context *ctx ); +void mbedtls_camellia_init(mbedtls_camellia_context *ctx); /** * \brief Clear a CAMELLIA context. @@ -87,7 +86,7 @@ void mbedtls_camellia_init( mbedtls_camellia_context *ctx ); * in which case this function returns immediately. If it is not * \c NULL, it must be initialized. */ -void mbedtls_camellia_free( mbedtls_camellia_context *ctx ); +void mbedtls_camellia_free(mbedtls_camellia_context *ctx); /** * \brief Perform a CAMELLIA key schedule operation for encryption. @@ -101,9 +100,9 @@ void mbedtls_camellia_free( mbedtls_camellia_context *ctx ); * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, + const unsigned char *key, + unsigned int keybits); /** * \brief Perform a CAMELLIA key schedule operation for decryption. @@ -117,9 +116,9 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx, + const unsigned char *key, + unsigned int keybits); /** * \brief Perform a CAMELLIA-ECB block encryption/decryption operation. @@ -136,10 +135,10 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); +int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -170,12 +169,12 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_camellia_crypt_cbc(mbedtls_camellia_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) @@ -216,13 +215,13 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) @@ -300,13 +299,13 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_camellia_crypt_ctr(mbedtls_camellia_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_SELF_TEST) @@ -316,7 +315,7 @@ int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_camellia_self_test( int verbose ); +int mbedtls_camellia_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index ece5a901cb63..f082aba054d9 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -76,8 +76,7 @@ extern "C" { * \brief The CCM context-type definition. The CCM context is passed * to the APIs called. */ -typedef struct mbedtls_ccm_context -{ +typedef struct mbedtls_ccm_context { mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */ } mbedtls_ccm_context; @@ -93,7 +92,7 @@ mbedtls_ccm_context; * * \param ctx The CCM context to initialize. This must not be \c NULL. */ -void mbedtls_ccm_init( mbedtls_ccm_context *ctx ); +void mbedtls_ccm_init(mbedtls_ccm_context *ctx); /** * \brief This function initializes the CCM context set in the @@ -108,10 +107,10 @@ void mbedtls_ccm_init( mbedtls_ccm_context *ctx ); * \return \c 0 on success. * \return A CCM or cipher-specific error code on failure. */ -int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, - mbedtls_cipher_id_t cipher, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits); /** * \brief This function releases and clears the specified CCM context @@ -120,7 +119,7 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, * \param ctx The CCM context to clear. If this is \c NULL, the function * has no effect. Otherwise, this must be initialized. */ -void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); +void mbedtls_ccm_free(mbedtls_ccm_context *ctx); /** * \brief This function encrypts a buffer using CCM. @@ -158,11 +157,11 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); * \return \c 0 on success. * \return A CCM or cipher-specific error code on failure. */ -int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - unsigned char *tag, size_t tag_len ); +int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len); /** * \brief This function encrypts a buffer using CCM*. @@ -206,11 +205,11 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, * \return \c 0 on success. * \return A CCM or cipher-specific error code on failure. */ -int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - unsigned char *tag, size_t tag_len ); +int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len); /** * \brief This function performs a CCM authenticated decryption of a @@ -243,11 +242,11 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, * \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match. * \return A cipher-specific error code on calculation failure. */ -int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - const unsigned char *tag, size_t tag_len ); +int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len); /** * \brief This function performs a CCM* authenticated decryption of a @@ -288,11 +287,11 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match. * \return A cipher-specific error code on calculation failure. */ -int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - const unsigned char *tag, size_t tag_len ); +int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len); #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) /** @@ -301,7 +300,7 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_ccm_self_test( int verbose ); +int mbedtls_ccm_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #ifdef __cplusplus diff --git a/include/mbedtls/certs.h b/include/mbedtls/certs.h index c93c741c7fff..0ec6971e8330 100644 --- a/include/mbedtls/certs.h +++ b/include/mbedtls/certs.h @@ -37,11 +37,11 @@ extern "C" { /* List of all PEM-encoded CA certificates, terminated by NULL; * PEM encoded if MBEDTLS_PEM_PARSE_C is enabled, DER encoded * otherwise. */ -extern const char * mbedtls_test_cas[]; +extern const char *mbedtls_test_cas[]; extern const size_t mbedtls_test_cas_len[]; /* List of all DER-encoded CA certificates, terminated by NULL */ -extern const unsigned char * mbedtls_test_cas_der[]; +extern const unsigned char *mbedtls_test_cas_der[]; extern const size_t mbedtls_test_cas_der_len[]; #if defined(MBEDTLS_PEM_PARSE_C) @@ -112,9 +112,9 @@ extern const size_t mbedtls_test_ca_crt_rsa_len; /* Config-dependent dispatch between EC and RSA * (RSA if enabled, otherwise EC) */ -extern const char * mbedtls_test_ca_crt; -extern const char * mbedtls_test_ca_key; -extern const char * mbedtls_test_ca_pwd; +extern const char *mbedtls_test_ca_crt; +extern const char *mbedtls_test_ca_key; +extern const char *mbedtls_test_ca_pwd; extern const size_t mbedtls_test_ca_crt_len; extern const size_t mbedtls_test_ca_key_len; extern const size_t mbedtls_test_ca_pwd_len; @@ -181,9 +181,9 @@ extern const size_t mbedtls_test_srv_crt_rsa_len; /* Config-dependent dispatch between EC and RSA * (RSA if enabled, otherwise EC) */ -extern const char * mbedtls_test_srv_crt; -extern const char * mbedtls_test_srv_key; -extern const char * mbedtls_test_srv_pwd; +extern const char *mbedtls_test_srv_crt; +extern const char *mbedtls_test_srv_key; +extern const char *mbedtls_test_srv_pwd; extern const size_t mbedtls_test_srv_crt_len; extern const size_t mbedtls_test_srv_key_len; extern const size_t mbedtls_test_srv_pwd_len; @@ -236,9 +236,9 @@ extern const size_t mbedtls_test_cli_crt_rsa_len; /* Config-dependent dispatch between EC and RSA * (RSA if enabled, otherwise EC) */ -extern const char * mbedtls_test_cli_crt; -extern const char * mbedtls_test_cli_key; -extern const char * mbedtls_test_cli_pwd; +extern const char *mbedtls_test_cli_crt; +extern const char *mbedtls_test_cli_key; +extern const char *mbedtls_test_cli_pwd; extern const size_t mbedtls_test_cli_crt_len; extern const size_t mbedtls_test_cli_key_len; extern const size_t mbedtls_test_cli_pwd_len; diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h index 03b48714780b..cd9f91a93171 100644 --- a/include/mbedtls/chacha20.h +++ b/include/mbedtls/chacha20.h @@ -60,8 +60,7 @@ extern "C" { #if !defined(MBEDTLS_CHACHA20_ALT) -typedef struct mbedtls_chacha20_context -{ +typedef struct mbedtls_chacha20_context { uint32_t state[16]; /*! The state (before round operations). */ uint8_t keystream8[64]; /*! Leftover keystream bytes. */ size_t keystream_bytes_used; /*! Number of keystream bytes already used. */ @@ -87,7 +86,7 @@ mbedtls_chacha20_context; * \param ctx The ChaCha20 context to initialize. * This must not be \c NULL. */ -void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx ); +void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx); /** * \brief This function releases and clears the specified @@ -98,7 +97,7 @@ void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx ); * \c NULL, it must point to an initialized context. * */ -void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ); +void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx); /** * \brief This function sets the encryption/decryption key. @@ -116,8 +115,8 @@ void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ); * \return \c 0 on success. * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL. */ -int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, - const unsigned char key[32] ); +int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx, + const unsigned char key[32]); /** * \brief This function sets the nonce and initial counter value. @@ -138,9 +137,9 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is * NULL. */ -int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, - const unsigned char nonce[12], - uint32_t counter ); +int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx, + const unsigned char nonce[12], + uint32_t counter); /** * \brief This function encrypts or decrypts data. @@ -171,10 +170,10 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, - size_t size, - const unsigned char *input, - unsigned char *output ); +int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx, + size_t size, + const unsigned char *input, + unsigned char *output); /** * \brief This function encrypts or decrypts data with ChaCha20 and @@ -204,12 +203,12 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_chacha20_crypt( const unsigned char key[32], - const unsigned char nonce[12], - uint32_t counter, - size_t size, - const unsigned char* input, - unsigned char* output ); +int mbedtls_chacha20_crypt(const unsigned char key[32], + const unsigned char nonce[12], + uint32_t counter, + size_t size, + const unsigned char *input, + unsigned char *output); #if defined(MBEDTLS_SELF_TEST) /** @@ -218,7 +217,7 @@ int mbedtls_chacha20_crypt( const unsigned char key[32], * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_chacha20_self_test( int verbose ); +int mbedtls_chacha20_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h index ed568bc98b73..c3f172070466 100644 --- a/include/mbedtls/chachapoly.h +++ b/include/mbedtls/chachapoly.h @@ -50,8 +50,7 @@ extern "C" { #endif -typedef enum -{ +typedef enum { MBEDTLS_CHACHAPOLY_ENCRYPT, /**< The mode value for performing encryption. */ MBEDTLS_CHACHAPOLY_DECRYPT /**< The mode value for performing decryption. */ } @@ -61,8 +60,7 @@ mbedtls_chachapoly_mode_t; #include "mbedtls/chacha20.h" -typedef struct mbedtls_chachapoly_context -{ +typedef struct mbedtls_chachapoly_context { mbedtls_chacha20_context chacha20_ctx; /**< The ChaCha20 context. */ mbedtls_poly1305_context poly1305_ctx; /**< The Poly1305 context. */ uint64_t aad_len; /**< The length (bytes) of the Additional Authenticated Data. */ @@ -118,7 +116,7 @@ mbedtls_chachapoly_context; * * \param ctx The ChachaPoly context to initialize. Must not be \c NULL. */ -void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ); +void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx); /** * \brief This function releases and clears the specified @@ -127,7 +125,7 @@ void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ); * \param ctx The ChachaPoly context to clear. This may be \c NULL, in which * case this function is a no-op. */ -void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ); +void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx); /** * \brief This function sets the ChaCha20-Poly1305 @@ -140,8 +138,8 @@ void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, - const unsigned char key[32] ); +int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx, + const unsigned char key[32]); /** * \brief This function starts a ChaCha20-Poly1305 encryption or @@ -168,9 +166,9 @@ int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, - const unsigned char nonce[12], - mbedtls_chachapoly_mode_t mode ); +int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx, + const unsigned char nonce[12], + mbedtls_chachapoly_mode_t mode); /** * \brief This function feeds additional data to be authenticated @@ -211,9 +209,9 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, * if the operations has not been started or has been * finished, or if the AAD has been finished. */ -int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, - const unsigned char *aad, - size_t aad_len ); +int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx, + const unsigned char *aad, + size_t aad_len); /** * \brief Thus function feeds data to be encrypted or decrypted @@ -246,10 +244,10 @@ int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, * finished. * \return Another negative error code on other kinds of failure. */ -int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, - size_t len, - const unsigned char *input, - unsigned char *output ); +int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx, + size_t len, + const unsigned char *input, + unsigned char *output); /** * \brief This function finished the ChaCha20-Poly1305 operation and @@ -267,8 +265,8 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, * finished. * \return Another negative error code on other kinds of failure. */ -int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, - unsigned char mac[16] ); +int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx, + unsigned char mac[16]); /** * \brief This function performs a complete ChaCha20-Poly1305 @@ -299,14 +297,14 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, - size_t length, - const unsigned char nonce[12], - const unsigned char *aad, - size_t aad_len, - const unsigned char *input, - unsigned char *output, - unsigned char tag[16] ); +int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx, + size_t length, + const unsigned char nonce[12], + const unsigned char *aad, + size_t aad_len, + const unsigned char *input, + unsigned char *output, + unsigned char tag[16]); /** * \brief This function performs a complete ChaCha20-Poly1305 @@ -333,14 +331,14 @@ int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, * if the data was not authentic. * \return Another negative error code on other kinds of failure. */ -int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, - size_t length, - const unsigned char nonce[12], - const unsigned char *aad, - size_t aad_len, - const unsigned char tag[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx, + size_t length, + const unsigned char nonce[12], + const unsigned char *aad, + size_t aad_len, + const unsigned char tag[16], + const unsigned char *input, + unsigned char *output); #if defined(MBEDTLS_SELF_TEST) /** @@ -349,7 +347,7 @@ int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_chachapoly_self_test( int verbose ); +int mbedtls_chachapoly_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index ce100d3ed213..02421e4c80b0 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -49,7 +49,7 @@ #define MBEDTLS_CIPHER_MODE_STREAM #endif -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -273,8 +273,7 @@ typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t; * Cipher information. Allows calling cipher functions * in a generic way. */ -typedef struct mbedtls_cipher_info_t -{ +typedef struct mbedtls_cipher_info_t { /** Full cipher identifier. For example, * MBEDTLS_CIPHER_AES_256_CBC. */ @@ -290,7 +289,7 @@ typedef struct mbedtls_cipher_info_t unsigned int key_bitlen; /** Name of the cipher. */ - const char * name; + const char *name; /** IV or nonce size, in Bytes. * For ciphers that accept variable IV sizes, @@ -315,8 +314,7 @@ typedef struct mbedtls_cipher_info_t /** * Generic cipher context. */ -typedef struct mbedtls_cipher_context_t -{ +typedef struct mbedtls_cipher_context_t { /** Information about the associated cipher. */ const mbedtls_cipher_info_t *cipher_info; @@ -332,8 +330,8 @@ typedef struct mbedtls_cipher_context_t /** Padding functions to use, if relevant for * the specific cipher mode. */ - void (*add_padding)( unsigned char *output, size_t olen, size_t data_len ); - int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len ); + void (*add_padding)(unsigned char *output, size_t olen, size_t data_len); + int (*get_padding)(unsigned char *input, size_t ilen, size_t *data_len); #endif /** Buffer for input that has not been processed yet. */ @@ -383,7 +381,7 @@ typedef struct mbedtls_cipher_context_t * \return A statically-allocated array of cipher identifiers * of type cipher_type_t. The last entry is zero. */ -const int *mbedtls_cipher_list( void ); +const int *mbedtls_cipher_list(void); /** * \brief This function retrieves the cipher-information @@ -396,7 +394,7 @@ const int *mbedtls_cipher_list( void ); * given \p cipher_name. * \return \c NULL if the associated cipher information is not found. */ -const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name ); +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string(const char *cipher_name); /** * \brief This function retrieves the cipher-information @@ -408,7 +406,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher * given \p cipher_type. * \return \c NULL if the associated cipher information is not found. */ -const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type ); +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type); /** * \brief This function retrieves the cipher-information @@ -424,16 +422,16 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher * given \p cipher_id. * \return \c NULL if the associated cipher information is not found. */ -const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id, - int key_bitlen, - const mbedtls_cipher_mode_t mode ); +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id, + int key_bitlen, + const mbedtls_cipher_mode_t mode); /** * \brief This function initializes a \p cipher_context as NONE. * * \param ctx The context to be initialized. This must not be \c NULL. */ -void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ); +void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx); /** * \brief This function frees and clears the cipher-specific @@ -444,7 +442,7 @@ void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ); * function has no effect, otherwise this must point to an * initialized context. */ -void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); +void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx); /** @@ -464,8 +462,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); * In future versions, the caller will be required to call * mbedtls_cipher_init() on the structure first. */ -int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, - const mbedtls_cipher_info_t *cipher_info ); +int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info); #if defined(MBEDTLS_USE_PSA_CRYPTO) /** @@ -489,9 +487,9 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the * cipher-specific context fails. */ -int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, - const mbedtls_cipher_info_t *cipher_info, - size_t taglen ); +int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info, + size_t taglen); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /** @@ -503,11 +501,12 @@ int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, * \return \c 0 if \p ctx has not been initialized. */ static inline unsigned int mbedtls_cipher_get_block_size( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); - if( ctx->cipher_info == NULL ) + MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0); + if (ctx->cipher_info == NULL) { return 0; + } return ctx->cipher_info->block_size; } @@ -522,11 +521,12 @@ static inline unsigned int mbedtls_cipher_get_block_size( * \return #MBEDTLS_MODE_NONE if \p ctx has not been initialized. */ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE ); - if( ctx->cipher_info == NULL ) + MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, MBEDTLS_MODE_NONE); + if (ctx->cipher_info == NULL) { return MBEDTLS_MODE_NONE; + } return ctx->cipher_info->mode; } @@ -542,14 +542,16 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( * \return The actual size if an IV has been set. */ static inline int mbedtls_cipher_get_iv_size( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); - if( ctx->cipher_info == NULL ) + MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0); + if (ctx->cipher_info == NULL) { return 0; + } - if( ctx->iv_size != 0 ) + if (ctx->iv_size != 0) { return (int) ctx->iv_size; + } return (int) ctx->cipher_info->iv_size; } @@ -563,12 +565,13 @@ static inline int mbedtls_cipher_get_iv_size( * \return #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized. */ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { MBEDTLS_INTERNAL_VALIDATE_RET( - ctx != NULL, MBEDTLS_CIPHER_NONE ); - if( ctx->cipher_info == NULL ) + ctx != NULL, MBEDTLS_CIPHER_NONE); + if (ctx->cipher_info == NULL) { return MBEDTLS_CIPHER_NONE; + } return ctx->cipher_info->type; } @@ -583,11 +586,12 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( * \return NULL if \p ctx has not been not initialized. */ static inline const char *mbedtls_cipher_get_name( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); - if( ctx->cipher_info == NULL ) + MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0); + if (ctx->cipher_info == NULL) { return 0; + } return ctx->cipher_info->name; } @@ -602,12 +606,13 @@ static inline const char *mbedtls_cipher_get_name( * initialized. */ static inline int mbedtls_cipher_get_key_bitlen( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { MBEDTLS_INTERNAL_VALIDATE_RET( - ctx != NULL, MBEDTLS_KEY_LENGTH_NONE ); - if( ctx->cipher_info == NULL ) + ctx != NULL, MBEDTLS_KEY_LENGTH_NONE); + if (ctx->cipher_info == NULL) { return MBEDTLS_KEY_LENGTH_NONE; + } return (int) ctx->cipher_info->key_bitlen; } @@ -621,12 +626,13 @@ static inline int mbedtls_cipher_get_key_bitlen( * \return #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized. */ static inline mbedtls_operation_t mbedtls_cipher_get_operation( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { MBEDTLS_INTERNAL_VALIDATE_RET( - ctx != NULL, MBEDTLS_OPERATION_NONE ); - if( ctx->cipher_info == NULL ) + ctx != NULL, MBEDTLS_OPERATION_NONE); + if (ctx->cipher_info == NULL) { return MBEDTLS_OPERATION_NONE; + } return ctx->operation; } @@ -647,10 +653,10 @@ static inline mbedtls_operation_t mbedtls_cipher_get_operation( * parameter-verification failure. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, - const unsigned char *key, - int key_bitlen, - const mbedtls_operation_t operation ); +int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, + const unsigned char *key, + int key_bitlen, + const mbedtls_operation_t operation); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /** @@ -669,8 +675,8 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode * does not support padding. */ -int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, - mbedtls_cipher_padding_t mode ); +int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, + mbedtls_cipher_padding_t mode); #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ /** @@ -691,9 +697,9 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on * parameter-verification failure. */ -int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, - size_t iv_len ); +int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, + size_t iv_len); /** * \brief This function resets the cipher state. @@ -704,7 +710,7 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on * parameter-verification failure. */ -int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ); +int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /** @@ -721,8 +727,8 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ); * \return \c 0 on success. * \return A specific error code on failure. */ -int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, - const unsigned char *ad, size_t ad_len ); +int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, + const unsigned char *ad, size_t ad_len); #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ /** @@ -759,10 +765,10 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, * unsupported mode for a cipher. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, - const unsigned char *input, - size_t ilen, unsigned char *output, - size_t *olen ); +int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, + const unsigned char *input, + size_t ilen, unsigned char *output, + size_t *olen); /** * \brief The generic cipher finalization function. If data still @@ -786,8 +792,8 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, * while decrypting. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, - unsigned char *output, size_t *olen ); +int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, + unsigned char *output, size_t *olen); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /** @@ -806,8 +812,8 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, * \return \c 0 on success. * \return A specific error code on failure. */ -int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, - unsigned char *tag, size_t tag_len ); +int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, + unsigned char *tag, size_t tag_len); /** * \brief This function checks the tag for AEAD ciphers. @@ -822,8 +828,8 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, * \return \c 0 on success. * \return A specific error code on failure. */ -int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, - const unsigned char *tag, size_t tag_len ); +int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, + const unsigned char *tag, size_t tag_len); #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ /** @@ -859,13 +865,13 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, * while decrypting. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen ); +int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen); #if defined(MBEDTLS_CIPHER_MODE_AEAD) -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) #else @@ -918,12 +924,12 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, * \return A cipher-specific error code on failure. */ int MBEDTLS_DEPRECATED mbedtls_cipher_auth_encrypt( - mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - unsigned char *tag, size_t tag_len ); + mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + unsigned char *tag, size_t tag_len); /** * \brief The generic authenticated decryption (AEAD) function. @@ -977,12 +983,12 @@ int MBEDTLS_DEPRECATED mbedtls_cipher_auth_encrypt( * \return A cipher-specific error code on failure. */ int MBEDTLS_DEPRECATED mbedtls_cipher_auth_decrypt( - mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - const unsigned char *tag, size_t tag_len ); + mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + const unsigned char *tag, size_t tag_len); #undef MBEDTLS_DEPRECATED #endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_CIPHER_MODE_AEAD */ @@ -1032,12 +1038,12 @@ int MBEDTLS_DEPRECATED mbedtls_cipher_auth_decrypt( * parameter-verification failure. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t output_len, - size_t *olen, size_t tag_len ); +int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t output_len, + size_t *olen, size_t tag_len); /** * \brief The authenticated encryption (AEAD/NIST_KW) function. @@ -1088,12 +1094,12 @@ int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t output_len, - size_t *olen, size_t tag_len ); +int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t output_len, + size_t *olen, size_t tag_len); #endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ #ifdef __cplusplus } diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h index 2484c01c7a49..c77bb8cc9f17 100644 --- a/include/mbedtls/cipher_internal.h +++ b/include/mbedtls/cipher_internal.h @@ -43,82 +43,79 @@ extern "C" { /** * Base cipher information. The non-mode specific functions and values. */ -struct mbedtls_cipher_base_t -{ +struct mbedtls_cipher_base_t { /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */ mbedtls_cipher_id_t cipher; /** Encrypt using ECB */ - int (*ecb_func)( void *ctx, mbedtls_operation_t mode, - const unsigned char *input, unsigned char *output ); + int (*ecb_func)(void *ctx, mbedtls_operation_t mode, + const unsigned char *input, unsigned char *output); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** Encrypt using CBC */ - int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length, - unsigned char *iv, const unsigned char *input, - unsigned char *output ); + int (*cbc_func)(void *ctx, mbedtls_operation_t mode, size_t length, + unsigned char *iv, const unsigned char *input, + unsigned char *output); #endif #if defined(MBEDTLS_CIPHER_MODE_CFB) /** Encrypt using CFB (Full length) */ - int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off, - unsigned char *iv, const unsigned char *input, - unsigned char *output ); + int (*cfb_func)(void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off, + unsigned char *iv, const unsigned char *input, + unsigned char *output); #endif #if defined(MBEDTLS_CIPHER_MODE_OFB) /** Encrypt using OFB (Full length) */ - int (*ofb_func)( void *ctx, size_t length, size_t *iv_off, - unsigned char *iv, - const unsigned char *input, - unsigned char *output ); + int (*ofb_func)(void *ctx, size_t length, size_t *iv_off, + unsigned char *iv, + const unsigned char *input, + unsigned char *output); #endif #if defined(MBEDTLS_CIPHER_MODE_CTR) /** Encrypt using CTR */ - int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ); + int (*ctr_func)(void *ctx, size_t length, size_t *nc_off, + unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output); #endif #if defined(MBEDTLS_CIPHER_MODE_XTS) /** Encrypt or decrypt using XTS. */ - int (*xts_func)( void *ctx, mbedtls_operation_t mode, size_t length, - const unsigned char data_unit[16], - const unsigned char *input, unsigned char *output ); + int (*xts_func)(void *ctx, mbedtls_operation_t mode, size_t length, + const unsigned char data_unit[16], + const unsigned char *input, unsigned char *output); #endif #if defined(MBEDTLS_CIPHER_MODE_STREAM) /** Encrypt using STREAM */ - int (*stream_func)( void *ctx, size_t length, - const unsigned char *input, unsigned char *output ); + int (*stream_func)(void *ctx, size_t length, + const unsigned char *input, unsigned char *output); #endif /** Set key for encryption purposes */ - int (*setkey_enc_func)( void *ctx, const unsigned char *key, - unsigned int key_bitlen ); + int (*setkey_enc_func)(void *ctx, const unsigned char *key, + unsigned int key_bitlen); /** Set key for decryption purposes */ - int (*setkey_dec_func)( void *ctx, const unsigned char *key, - unsigned int key_bitlen); + int (*setkey_dec_func)(void *ctx, const unsigned char *key, + unsigned int key_bitlen); /** Allocate a new context */ - void * (*ctx_alloc_func)( void ); + void * (*ctx_alloc_func)(void); /** Free the given context */ - void (*ctx_free_func)( void *ctx ); + void (*ctx_free_func)(void *ctx); }; -typedef struct -{ +typedef struct { mbedtls_cipher_type_t type; const mbedtls_cipher_info_t *info; } mbedtls_cipher_definition_t; #if defined(MBEDTLS_USE_PSA_CRYPTO) -typedef enum -{ +typedef enum { MBEDTLS_CIPHER_PSA_KEY_UNSET = 0, MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */ /* use raw key material internally imported */ @@ -131,8 +128,7 @@ typedef enum /* destroyed when the context is freed. */ } mbedtls_cipher_psa_key_ownership; -typedef struct -{ +typedef struct { psa_algorithm_t alg; psa_key_id_t slot; mbedtls_cipher_psa_key_ownership slot_state; diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index 8934886af743..254995ca12ce 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -56,8 +56,7 @@ extern "C" { /** * The CMAC context structure. */ -struct mbedtls_cmac_context_t -{ +struct mbedtls_cmac_context_t { /** The internal state of the CMAC algorithm. */ unsigned char state[MBEDTLS_CIPHER_BLKSIZE_MAX]; @@ -103,8 +102,8 @@ struct mbedtls_cmac_context_t * \return \c 0 on success. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, - const unsigned char *key, size_t keybits ); +int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx, + const unsigned char *key, size_t keybits); /** * \brief This function feeds an input buffer into an ongoing CMAC @@ -128,8 +127,8 @@ int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * if parameter verification fails. */ -int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, - const unsigned char *input, size_t ilen ); +int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx, + const unsigned char *input, size_t ilen); /** * \brief This function finishes an ongoing CMAC operation, and @@ -147,8 +146,8 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * if parameter verification fails. */ -int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, - unsigned char *output ); +int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx, + unsigned char *output); /** * \brief This function starts a new CMAC operation with the same @@ -166,7 +165,7 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * if parameter verification fails. */ -int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); +int mbedtls_cipher_cmac_reset(mbedtls_cipher_context_t *ctx); /** * \brief This function calculates the full generic CMAC @@ -195,10 +194,10 @@ int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * if parameter verification fails. */ -int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, - const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ); +int mbedtls_cipher_cmac(const mbedtls_cipher_info_t *cipher_info, + const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output); #if defined(MBEDTLS_AES_C) /** @@ -218,12 +217,12 @@ int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, * * \return \c 0 on success. */ -int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len, - const unsigned char *input, size_t in_len, - unsigned char output[16] ); +int mbedtls_aes_cmac_prf_128(const unsigned char *key, size_t key_len, + const unsigned char *input, size_t in_len, + unsigned char output[16]); #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) ) +#if defined(MBEDTLS_SELF_TEST) && (defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C)) /** * \brief The CMAC checkup routine. * @@ -237,7 +236,7 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len, * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_cmac_self_test( int verbose ); +int mbedtls_cmac_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ #ifdef __cplusplus diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h index 40177512cabb..3a34cf6d269f 100644 --- a/include/mbedtls/compat-1.3.h +++ b/include/mbedtls/compat-1.3.h @@ -29,7 +29,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #warning "Including compat-1.3.h is deprecated" @@ -597,7 +597,8 @@ #define POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 #endif #if defined MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION -#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION +#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION \ + MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION #endif #if defined MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE #define POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE @@ -1382,8 +1383,8 @@ #define SSL_ANTI_REPLAY_ENABLED MBEDTLS_SSL_ANTI_REPLAY_ENABLED #define SSL_ARC4_DISABLED MBEDTLS_SSL_ARC4_DISABLED #define SSL_ARC4_ENABLED MBEDTLS_SSL_ARC4_ENABLED -#define SSL_BUFFER_LEN ( ( ( MBEDTLS_SSL_IN_BUFFER_LEN ) < ( MBEDTLS_SSL_OUT_BUFFER_LEN ) ) \ - ? ( MBEDTLS_SSL_IN_BUFFER_LEN ) : ( MBEDTLS_SSL_OUT_BUFFER_LEN ) ) +#define SSL_BUFFER_LEN (((MBEDTLS_SSL_IN_BUFFER_LEN) < (MBEDTLS_SSL_OUT_BUFFER_LEN)) \ + ? (MBEDTLS_SSL_IN_BUFFER_LEN) : (MBEDTLS_SSL_OUT_BUFFER_LEN)) #define SSL_CACHE_DEFAULT_MAX_ENTRIES MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES #define SSL_CACHE_DEFAULT_TIMEOUT MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT #define SSL_CBC_RECORD_SPLITTING_DISABLED MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED @@ -1554,10 +1555,14 @@ #define TLS_ECDHE_ECDSA_WITH_AES_256_CCM MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM #define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 #define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 -#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 -#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 -#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 -#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 \ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 \ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 \ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 \ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 #define TLS_ECDHE_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA #define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA #define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA @@ -1565,8 +1570,10 @@ #define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 #define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA #define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 -#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 -#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 \ + MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 \ + MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 #define TLS_ECDHE_PSK_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA #define TLS_ECDHE_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 #define TLS_ECDHE_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 @@ -1578,10 +1585,14 @@ #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 -#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 -#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 -#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 -#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 \ + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 \ + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 \ + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 \ + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 #define TLS_ECDHE_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA #define TLS_ECDHE_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA @@ -1591,10 +1602,14 @@ #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 #define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 -#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 -#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 -#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 -#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 \ + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 \ + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 \ + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 \ + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 #define TLS_ECDH_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA #define TLS_ECDH_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA #define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA @@ -2492,7 +2507,8 @@ #define x509write_crt_free mbedtls_x509write_crt_free #define x509write_crt_init mbedtls_x509write_crt_init #define x509write_crt_pem mbedtls_x509write_crt_pem -#define x509write_crt_set_authority_key_identifier mbedtls_x509write_crt_set_authority_key_identifier +#define x509write_crt_set_authority_key_identifier \ + mbedtls_x509write_crt_set_authority_key_identifier #define x509write_crt_set_basic_constraints mbedtls_x509write_crt_set_basic_constraints #define x509write_crt_set_extension mbedtls_x509write_crt_set_extension #define x509write_crt_set_issuer_key mbedtls_x509write_crt_set_issuer_key diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index d27fb54b0334..8a5c68f5c515 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -274,9 +274,9 @@ extern "C" { (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \ defined(PSA_WANT_ALG_ECB_NO_PADDING) || \ (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ + !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ (defined(PSA_WANT_ALG_CBC_PKCS7) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ + !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)) #define PSA_HAVE_SOFT_BLOCK_MODE 1 #endif diff --git a/include/mbedtls/constant_time.h b/include/mbedtls/constant_time.h index c5de57a01f08..8419c991380c 100644 --- a/include/mbedtls/constant_time.h +++ b/include/mbedtls/constant_time.h @@ -38,8 +38,8 @@ * \return Zero if the content of the two buffer is the same, * otherwise non-zero. */ -int mbedtls_ct_memcmp( const void *a, - const void *b, - size_t n ); +int mbedtls_ct_memcmp(const void *a, + const void *b, + size_t n); #endif /* MBEDTLS_CONSTANT_TIME_H */ diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index e68237a439ae..1bf427c437b7 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -80,8 +80,8 @@ */ #endif -#define MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 ) /**< The key size for the DRBG operation, in bits. */ -#define MBEDTLS_CTR_DRBG_SEEDLEN ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE ) /**< The seed length, calculated as (counter + AES key). */ +#define MBEDTLS_CTR_DRBG_KEYBITS (MBEDTLS_CTR_DRBG_KEYSIZE * 8) /**< The key size for the DRBG operation, in bits. */ +#define MBEDTLS_CTR_DRBG_SEEDLEN (MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE) /**< The seed length, calculated as (counter + AES key). */ /** * \name SECTION: Module settings @@ -164,14 +164,13 @@ extern "C" { * the entropy source does not provide enough material to form a nonce. * See the documentation of mbedtls_ctr_drbg_seed() for more information. */ -#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN ( MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1 ) / 2 +#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2 #endif /** * \brief The CTR_DRBG context structure. */ -typedef struct mbedtls_ctr_drbg_context -{ +typedef struct mbedtls_ctr_drbg_context { unsigned char counter[16]; /*!< The counter (V). */ int reseed_counter; /*!< The reseed counter. * This is the number of requests that have @@ -199,7 +198,7 @@ typedef struct mbedtls_ctr_drbg_context * Callbacks (Entropy) */ int (*f_entropy)(void *, unsigned char *, size_t); - /*!< The entropy callback function. */ + /*!< The entropy callback function. */ void *p_entropy; /*!< The context for the entropy function. */ @@ -228,7 +227,7 @@ mbedtls_ctr_drbg_context; * * \param ctx The CTR_DRBG context to initialize. */ -void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); +void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx); /** * \brief This function seeds and sets up the CTR_DRBG @@ -329,11 +328,11 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * \return \c 0 on success. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure. */ -int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len ); +int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len); /** * \brief This function resets CTR_DRBG context to the state immediately @@ -341,7 +340,7 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, * * \param ctx The CTR_DRBG context to clear. */ -void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ); +void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx); /** * \brief This function turns prediction resistance on or off. @@ -356,8 +355,8 @@ void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ); * \param ctx The CTR_DRBG context. * \param resistance #MBEDTLS_CTR_DRBG_PR_ON or #MBEDTLS_CTR_DRBG_PR_OFF. */ -void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, - int resistance ); +void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx, + int resistance); /** * \brief This function sets the amount of entropy grabbed on each @@ -383,8 +382,8 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, * and at most the maximum length accepted by the * entropy function that is set in the context. */ -void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, - size_t len ); +void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx, + size_t len); /** * \brief This function sets the amount of entropy grabbed @@ -405,8 +404,8 @@ void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED * if the initial seeding has already taken place. */ -int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx, - size_t len ); +int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx, + size_t len); /** * \brief This function sets the reseed interval. @@ -420,8 +419,8 @@ int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx, * \param ctx The CTR_DRBG context. * \param interval The reseed interval. */ -void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, - int interval ); +void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx, + int interval); /** * \brief This function reseeds the CTR_DRBG context, that is @@ -443,8 +442,8 @@ void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, * \return \c 0 on success. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure. */ -int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, size_t len ); +int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, size_t len); /** * \brief This function updates the state of the CTR_DRBG context. @@ -466,9 +465,9 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. * \return An error from the underlying AES cipher on failure. */ -int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ); +int mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t add_len); /** * \brief This function updates a CTR_DRBG instance with additional @@ -501,9 +500,9 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or * #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure. */ -int mbedtls_ctr_drbg_random_with_add( void *p_rng, - unsigned char *output, size_t output_len, - const unsigned char *additional, size_t add_len ); +int mbedtls_ctr_drbg_random_with_add(void *p_rng, + unsigned char *output, size_t output_len, + const unsigned char *additional, size_t add_len); /** * \brief This function uses CTR_DRBG to generate random data. @@ -529,11 +528,11 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or * #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure. */ -int mbedtls_ctr_drbg_random( void *p_rng, - unsigned char *output, size_t output_len ); +int mbedtls_ctr_drbg_random(void *p_rng, + unsigned char *output, size_t output_len); -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) #else @@ -557,7 +556,7 @@ int mbedtls_ctr_drbg_random( void *p_rng, MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, - size_t add_len ); + size_t add_len); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -573,7 +572,7 @@ MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update( * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on reseed * failure. */ -int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); +int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path); /** * \brief This function reads and updates a seed file. The seed @@ -589,7 +588,7 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char * \return #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if the existing * seed file is too large. */ -int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); +int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path); #endif /* MBEDTLS_FS_IO */ #if defined(MBEDTLS_SELF_TEST) @@ -600,7 +599,7 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_ctr_drbg_self_test( int verbose ); +int mbedtls_ctr_drbg_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index 4fc4662d9ab7..bcc640c6112a 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -36,47 +36,47 @@ #if defined(MBEDTLS_DEBUG_C) -#define MBEDTLS_DEBUG_STRIP_PARENS( ... ) __VA_ARGS__ +#define MBEDTLS_DEBUG_STRIP_PARENS(...) __VA_ARGS__ -#define MBEDTLS_SSL_DEBUG_MSG( level, args ) \ - mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__, \ - MBEDTLS_DEBUG_STRIP_PARENS args ) +#define MBEDTLS_SSL_DEBUG_MSG(level, args) \ + mbedtls_debug_print_msg(ssl, level, __FILE__, __LINE__, \ + MBEDTLS_DEBUG_STRIP_PARENS args) -#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) \ - mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret ) +#define MBEDTLS_SSL_DEBUG_RET(level, text, ret) \ + mbedtls_debug_print_ret(ssl, level, __FILE__, __LINE__, text, ret) -#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) \ - mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len ) +#define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len) \ + mbedtls_debug_print_buf(ssl, level, __FILE__, __LINE__, text, buf, len) #if defined(MBEDTLS_BIGNUM_C) -#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) \ - mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X ) +#define MBEDTLS_SSL_DEBUG_MPI(level, text, X) \ + mbedtls_debug_print_mpi(ssl, level, __FILE__, __LINE__, text, X) #endif #if defined(MBEDTLS_ECP_C) -#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) \ - mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X ) +#define MBEDTLS_SSL_DEBUG_ECP(level, text, X) \ + mbedtls_debug_print_ecp(ssl, level, __FILE__, __LINE__, text, X) #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) -#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \ - mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ) +#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) \ + mbedtls_debug_print_crt(ssl, level, __FILE__, __LINE__, text, crt) #endif #if defined(MBEDTLS_ECDH_C) -#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) \ - mbedtls_debug_printf_ecdh( ssl, level, __FILE__, __LINE__, ecdh, attr ) +#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) \ + mbedtls_debug_printf_ecdh(ssl, level, __FILE__, __LINE__, ecdh, attr) #endif #else /* MBEDTLS_DEBUG_C */ -#define MBEDTLS_SSL_DEBUG_MSG( level, args ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_MSG(level, args) do { } while (0) +#define MBEDTLS_SSL_DEBUG_RET(level, text, ret) do { } while (0) +#define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len) do { } while (0) +#define MBEDTLS_SSL_DEBUG_MPI(level, text, X) do { } while (0) +#define MBEDTLS_SSL_DEBUG_ECP(level, text, X) do { } while (0) +#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) do { } while (0) +#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) do { } while (0) #endif /* MBEDTLS_DEBUG_C */ @@ -96,7 +96,7 @@ #if __has_attribute(format) #if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \ - __attribute__((__format__ (gnu_printf, string_index, first_to_check))) + __attribute__((__format__(gnu_printf, string_index, first_to_check))) #else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */ #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \ __attribute__((format(printf, string_index, first_to_check))) @@ -124,10 +124,12 @@ #include #define MBEDTLS_PRINTF_SIZET PRIuPTR #define MBEDTLS_PRINTF_LONGLONG "I64d" -#else /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ +#else \ + /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ #define MBEDTLS_PRINTF_SIZET "zu" #define MBEDTLS_PRINTF_LONGLONG "lld" -#endif /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ +#endif \ + /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ #ifdef __cplusplus extern "C" { @@ -148,7 +150,7 @@ extern "C" { * - 3 Informational * - 4 Verbose */ -void mbedtls_debug_set_threshold( int threshold ); +void mbedtls_debug_set_threshold(int threshold); /** * \brief Print a message to the debug output. This function is always used @@ -165,9 +167,9 @@ void mbedtls_debug_set_threshold( int threshold ); * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *format, ... ) MBEDTLS_PRINTF_ATTRIBUTE(5, 6); +void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *format, ...) MBEDTLS_PRINTF_ATTRIBUTE(5, 6); /** * \brief Print the return value of a function to the debug output. This @@ -184,9 +186,9 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, int ret ); +void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, int ret); /** * \brief Output a buffer of size len bytes to the debug output. This function @@ -205,9 +207,9 @@ void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, const char *text, - const unsigned char *buf, size_t len ); +void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text, + const unsigned char *buf, size_t len); #if defined(MBEDTLS_BIGNUM_C) /** @@ -226,9 +228,9 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_mpi *X ); +void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_mpi *X); #endif #if defined(MBEDTLS_ECP_C) @@ -248,9 +250,9 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_ecp_point *X ); +void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_ecp_point *X); #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -269,14 +271,13 @@ void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_x509_crt *crt ); +void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_x509_crt *crt); #endif #if defined(MBEDTLS_ECDH_C) -typedef enum -{ +typedef enum { MBEDTLS_DEBUG_ECDH_Q, MBEDTLS_DEBUG_ECDH_QP, MBEDTLS_DEBUG_ECDH_Z, @@ -298,10 +299,10 @@ typedef enum * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const mbedtls_ecdh_context *ecdh, - mbedtls_debug_ecdh_attr attr ); +void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr); #endif #ifdef __cplusplus diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h index 325aab536442..2944d5cf1966 100644 --- a/include/mbedtls/des.h +++ b/include/mbedtls/des.h @@ -64,8 +64,7 @@ extern "C" { * security risk. We recommend considering stronger ciphers * instead. */ -typedef struct mbedtls_des_context -{ +typedef struct mbedtls_des_context { uint32_t sk[32]; /*!< DES subkeys */ } mbedtls_des_context; @@ -73,8 +72,7 @@ mbedtls_des_context; /** * \brief Triple-DES context structure */ -typedef struct mbedtls_des3_context -{ +typedef struct mbedtls_des3_context { uint32_t sk[96]; /*!< 3DES subkeys */ } mbedtls_des3_context; @@ -92,7 +90,7 @@ mbedtls_des3_context; * security risk. We recommend considering stronger ciphers * instead. */ -void mbedtls_des_init( mbedtls_des_context *ctx ); +void mbedtls_des_init(mbedtls_des_context *ctx); /** * \brief Clear DES context @@ -103,21 +101,21 @@ void mbedtls_des_init( mbedtls_des_context *ctx ); * security risk. We recommend considering stronger ciphers * instead. */ -void mbedtls_des_free( mbedtls_des_context *ctx ); +void mbedtls_des_free(mbedtls_des_context *ctx); /** * \brief Initialize Triple-DES context * * \param ctx DES3 context to be initialized */ -void mbedtls_des3_init( mbedtls_des3_context *ctx ); +void mbedtls_des3_init(mbedtls_des3_context *ctx); /** * \brief Clear Triple-DES context * * \param ctx DES3 context to be cleared */ -void mbedtls_des3_free( mbedtls_des3_context *ctx ); +void mbedtls_des3_free(mbedtls_des3_context *ctx); /** * \brief Set key parity on the given key to odd. @@ -131,7 +129,7 @@ void mbedtls_des3_free( mbedtls_des3_context *ctx ); * security risk. We recommend considering stronger ciphers * instead. */ -void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] ); +void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]); /** * \brief Check that key parity on the given key is odd. @@ -148,7 +146,7 @@ void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] ); * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); +int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE]); /** * \brief Check that key is not a weak or semi-weak DES key @@ -162,7 +160,7 @@ int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SI * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); +int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]); /** * \brief DES key schedule (56-bit, encryption) @@ -177,7 +175,7 @@ int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); +int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]); /** * \brief DES key schedule (56-bit, decryption) @@ -192,7 +190,7 @@ int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MB * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); +int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]); /** * \brief Triple-DES key schedule (112-bit, encryption) @@ -203,8 +201,8 @@ int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MB * \return 0 */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ); +int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]); /** * \brief Triple-DES key schedule (112-bit, decryption) @@ -215,8 +213,8 @@ int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx, * \return 0 */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ); +int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]); /** * \brief Triple-DES key schedule (168-bit, encryption) @@ -227,8 +225,8 @@ int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx, * \return 0 */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ); +int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]); /** * \brief Triple-DES key schedule (168-bit, decryption) @@ -239,8 +237,8 @@ int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx, * \return 0 */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ); +int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]); /** * \brief DES-ECB block encryption/decryption @@ -256,9 +254,9 @@ int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx, * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, - const unsigned char input[8], - unsigned char output[8] ); +int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx, + const unsigned char input[8], + unsigned char output[8]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -284,12 +282,12 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output ); +int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ /** @@ -302,9 +300,9 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, * \return 0 if successful */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, - const unsigned char input[8], - unsigned char output[8] ); +int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx, + const unsigned char input[8], + unsigned char output[8]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -328,12 +326,12 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, * \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output ); +int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ /** @@ -348,8 +346,8 @@ int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx, * security risk. We recommend considering stronger ciphers * instead. */ -void mbedtls_des_setkey( uint32_t SK[32], - const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); +void mbedtls_des_setkey(uint32_t SK[32], + const unsigned char key[MBEDTLS_DES_KEY_SIZE]); #if defined(MBEDTLS_SELF_TEST) @@ -359,7 +357,7 @@ void mbedtls_des_setkey( uint32_t SK[32], * \return 0 if successful, or 1 if the test failed */ MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_des_self_test( int verbose ); +int mbedtls_des_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index c4b15a2c4527..117af9340006 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -108,8 +108,7 @@ extern "C" { /** * \brief The DHM context structure. */ -typedef struct mbedtls_dhm_context -{ +typedef struct mbedtls_dhm_context { size_t len; /*!< The size of \p P in Bytes. */ mbedtls_mpi P; /*!< The prime modulus. */ mbedtls_mpi G; /*!< The generator. */ @@ -133,7 +132,7 @@ mbedtls_dhm_context; * * \param ctx The DHM context to initialize. */ -void mbedtls_dhm_init( mbedtls_dhm_context *ctx ); +void mbedtls_dhm_init(mbedtls_dhm_context *ctx); /** * \brief This function parses the DHM parameters in a @@ -157,9 +156,9 @@ void mbedtls_dhm_init( mbedtls_dhm_context *ctx ); * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ -int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, - unsigned char **p, - const unsigned char *end ); +int mbedtls_dhm_read_params(mbedtls_dhm_context *ctx, + unsigned char **p, + const unsigned char *end); /** * \brief This function generates a DHM key pair and exports its @@ -193,10 +192,10 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ -int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, - unsigned char *output, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size, + unsigned char *output, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function sets the prime modulus and generator. @@ -213,9 +212,9 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, * \return \c 0 if successful. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ -int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, - const mbedtls_mpi *P, - const mbedtls_mpi *G ); +int mbedtls_dhm_set_group(mbedtls_dhm_context *ctx, + const mbedtls_mpi *P, + const mbedtls_mpi *G); /** * \brief This function imports the raw public value of the peer. @@ -233,8 +232,8 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ -int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, - const unsigned char *input, size_t ilen ); +int mbedtls_dhm_read_public(mbedtls_dhm_context *ctx, + const unsigned char *input, size_t ilen); /** * \brief This function creates a DHM key pair and exports @@ -260,10 +259,10 @@ int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ -int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, - unsigned char *output, size_t olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_dhm_make_public(mbedtls_dhm_context *ctx, int x_size, + unsigned char *output, size_t olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function derives and exports the shared secret @@ -291,10 +290,10 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ -int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, - unsigned char *output, size_t output_size, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx, + unsigned char *output, size_t output_size, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function frees and clears the components @@ -304,7 +303,7 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, * in which case this function is a no-op. If it is not \c NULL, * it must point to an initialized DHM context. */ -void mbedtls_dhm_free( mbedtls_dhm_context *ctx ); +void mbedtls_dhm_free(mbedtls_dhm_context *ctx); #if defined(MBEDTLS_ASN1_PARSE_C) /** @@ -321,8 +320,8 @@ void mbedtls_dhm_free( mbedtls_dhm_context *ctx ); * \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX error * code on failure. */ -int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, - size_t dhminlen ); +int mbedtls_dhm_parse_dhm(mbedtls_dhm_context *dhm, const unsigned char *dhmin, + size_t dhminlen); #if defined(MBEDTLS_FS_IO) /** @@ -337,7 +336,7 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, * \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX * error code on failure. */ -int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ); +int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path); #endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_ASN1_PARSE_C */ @@ -349,7 +348,7 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ); * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_dhm_self_test( int verbose ); +int mbedtls_dhm_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus @@ -426,7 +425,7 @@ int mbedtls_dhm_self_test( int verbose ); "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" \ "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763" \ "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \ - "CF9DE5384E71B81C0AC4DFFE0C10E64F" ) + "CF9DE5384E71B81C0AC4DFFE0C10E64F") /** * The hexadecimal presentation of the chosen generator of the 2048-bit MODP @@ -445,7 +444,7 @@ int mbedtls_dhm_self_test( int verbose ); "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381" \ "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269" \ "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179" \ - "81BC087F2A7065B384B890D3191F2BFA" ) + "81BC087F2A7065B384B890D3191F2BFA") /** * The hexadecimal presentation of the prime underlying the 2048-bit MODP @@ -470,7 +469,7 @@ int mbedtls_dhm_self_test( int verbose ); "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ - "15728E5A8AACAA68FFFFFFFFFFFFFFFF" ) + "15728E5A8AACAA68FFFFFFFFFFFFFFFF") /** * The hexadecimal presentation of the chosen generator of the 2048-bit MODP @@ -478,7 +477,7 @@ int mbedtls_dhm_self_test( int verbose ); * Diffie-Hellman groups for Internet Key Exchange (IKE). */ #define MBEDTLS_DHM_RFC3526_MODP_2048_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" ) + MBEDTLS_DEPRECATED_STRING_CONSTANT("02") /** * The hexadecimal presentation of the prime underlying the 3072-bit MODP @@ -502,7 +501,7 @@ int mbedtls_dhm_self_test( int verbose ); "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ - "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" ) + "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF") /** * The hexadecimal presentation of the chosen generator of the 3072-bit MODP @@ -510,7 +509,7 @@ int mbedtls_dhm_self_test( int verbose ); * Diffie-Hellman groups for Internet Key Exchange (IKE). */ #define MBEDTLS_DHM_RFC3526_MODP_3072_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" ) + MBEDTLS_DEPRECATED_STRING_CONSTANT("02") /** * The hexadecimal presentation of the prime underlying the 4096-bit MODP @@ -540,7 +539,7 @@ int mbedtls_dhm_self_test( int verbose ); "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" \ "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" \ "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" \ - "FFFFFFFFFFFFFFFF" ) + "FFFFFFFFFFFFFFFF") /** * The hexadecimal presentation of the chosen generator of the 4096-bit MODP @@ -548,7 +547,7 @@ int mbedtls_dhm_self_test( int verbose ); * Diffie-Hellman groups for Internet Key Exchange (IKE). */ #define MBEDTLS_DHM_RFC3526_MODP_4096_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" ) + MBEDTLS_DEPRECATED_STRING_CONSTANT("02") #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -557,546 +556,546 @@ int mbedtls_dhm_self_test( int verbose ); */ #define MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \ - 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \ - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \ - 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \ - 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \ - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \ - 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \ - 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \ - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \ - 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \ - 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \ - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \ - 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \ - 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \ - 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \ - 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \ - 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \ - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \ - 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \ - 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \ - 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \ - 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \ - 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \ - 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \ - 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \ - 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \ - 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \ - 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \ - 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \ - 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \ + 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \ + 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \ + 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \ + 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \ + 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \ + 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \ + 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \ + 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \ + 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \ + 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \ + 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \ + 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \ + 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \ + 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \ + 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \ + 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \ + 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \ + 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \ + 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \ + 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \ + 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \ + 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \ + 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \ + 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \ + 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \ + 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \ + 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \ + 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \ + 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC3526_MODP_3072_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \ - 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \ - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \ - 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \ - 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \ - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \ - 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \ - 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \ - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \ - 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \ - 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \ - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \ - 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \ - 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \ - 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \ - 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \ - 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \ - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \ - 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \ - 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \ - 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \ - 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \ - 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \ - 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \ - 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \ - 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \ - 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \ - 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \ - 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \ - 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \ - 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \ - 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \ - 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \ - 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \ - 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \ - 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \ - 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \ - 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \ - 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \ - 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \ - 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \ - 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \ - 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \ - 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \ - 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \ - 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \ + 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \ + 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \ + 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \ + 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \ + 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \ + 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \ + 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \ + 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \ + 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \ + 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \ + 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \ + 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \ + 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \ + 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \ + 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \ + 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \ + 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \ + 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \ + 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \ + 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \ + 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \ + 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \ + 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \ + 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \ + 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \ + 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \ + 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \ + 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \ + 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \ + 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \ + 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \ + 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \ + 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \ + 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \ + 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \ + 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \ + 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \ + 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \ + 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \ + 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \ + 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \ + 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \ + 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \ + 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \ + 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC3526_MODP_3072_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC3526_MODP_4096_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \ - 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \ - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \ - 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \ - 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \ - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \ - 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \ - 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \ - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \ - 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \ - 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \ - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \ - 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \ - 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \ - 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \ - 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \ - 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \ - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \ - 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \ - 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \ - 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \ - 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \ - 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \ - 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \ - 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \ - 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \ - 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \ - 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \ - 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \ - 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \ - 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \ - 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \ - 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \ - 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \ - 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \ - 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \ - 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \ - 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \ - 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \ - 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \ - 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \ - 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \ - 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \ - 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \ - 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \ - 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, \ - 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, \ - 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, \ - 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, \ - 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, \ - 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, \ - 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, \ - 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, \ - 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, \ - 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, \ - 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, \ - 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, \ - 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, \ - 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, \ - 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, \ - 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, \ - 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \ + 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \ + 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \ + 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \ + 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \ + 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \ + 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \ + 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \ + 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \ + 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \ + 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \ + 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \ + 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \ + 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \ + 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \ + 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \ + 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \ + 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \ + 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \ + 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \ + 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \ + 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \ + 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \ + 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \ + 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \ + 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \ + 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \ + 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \ + 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \ + 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \ + 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \ + 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \ + 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \ + 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \ + 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \ + 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \ + 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \ + 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \ + 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \ + 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \ + 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \ + 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \ + 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \ + 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \ + 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \ + 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, \ + 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, \ + 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, \ + 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, \ + 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, \ + 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, \ + 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, \ + 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, \ + 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, \ + 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, \ + 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, \ + 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, \ + 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, \ + 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, \ + 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, \ + 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, \ + 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC3526_MODP_4096_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC7919_FFDHE2048_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ - 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ - 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ - 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ - 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ - 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ - 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ - 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ - 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ - 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ - 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ - 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ - 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ - 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ - 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ - 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ - 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ - 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ - 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ - 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ - 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ - 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ - 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ - 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ - 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ - 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ - 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ - 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ - 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ - 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ + 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ + 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ + 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ + 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ + 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ + 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ + 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ + 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ + 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ + 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ + 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ + 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ + 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ + 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ + 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ + 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ + 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ + 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ + 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ + 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ + 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ + 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ + 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ + 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ + 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ + 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ + 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ + 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ + 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, } #define MBEDTLS_DHM_RFC7919_FFDHE2048_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ - 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ - 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ - 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ - 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ - 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ - 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ - 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ - 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ - 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ - 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ - 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ - 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ - 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ - 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ - 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ - 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ - 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ - 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ - 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ - 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ - 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ - 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ - 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ - 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ - 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ - 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ - 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ - 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ - 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ - 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ - 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ - 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ - 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ - 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ - 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ - 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ - 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ - 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ - 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ - 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ - 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ - 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ - 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ - 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ - 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ + 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ + 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ + 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ + 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ + 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ + 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ + 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ + 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ + 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ + 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ + 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ + 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ + 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ + 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ + 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ + 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ + 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ + 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ + 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ + 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ + 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ + 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ + 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ + 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ + 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ + 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ + 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ + 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ + 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ + 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ + 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ + 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ + 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ + 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ + 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ + 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ + 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ + 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ + 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ + 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ + 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ + 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ + 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ + 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ + 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC7919_FFDHE3072_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ - 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ - 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ - 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ - 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ - 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ - 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ - 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ - 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ - 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ - 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ - 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ - 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ - 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ - 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ - 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ - 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ - 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ - 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ - 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ - 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ - 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ - 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ - 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ - 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ - 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ - 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ - 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ - 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ - 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ - 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ - 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ - 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ - 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ - 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ - 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ - 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ - 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ - 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ - 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ - 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ - 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ - 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ - 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ - 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ - 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \ - 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \ - 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \ - 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \ - 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \ - 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \ - 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \ - 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \ - 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \ - 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \ - 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \ - 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \ - 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \ - 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \ - 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \ - 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \ - 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ + 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ + 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ + 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ + 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ + 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ + 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ + 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ + 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ + 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ + 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ + 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ + 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ + 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ + 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ + 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ + 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ + 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ + 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ + 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ + 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ + 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ + 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ + 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ + 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ + 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ + 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ + 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ + 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ + 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ + 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ + 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ + 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ + 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ + 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ + 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ + 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ + 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ + 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ + 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ + 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ + 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ + 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ + 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ + 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ + 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \ + 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \ + 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \ + 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \ + 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \ + 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \ + 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \ + 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \ + 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \ + 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \ + 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \ + 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \ + 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \ + 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \ + 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \ + 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \ + 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC7919_FFDHE4096_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ - 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ - 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ - 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ - 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ - 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ - 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ - 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ - 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ - 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ - 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ - 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ - 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ - 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ - 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ - 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ - 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ - 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ - 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ - 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ - 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ - 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ - 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ - 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ - 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ - 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ - 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ - 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ - 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ - 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ - 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ - 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ - 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ - 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ - 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ - 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ - 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ - 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ - 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ - 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ - 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ - 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ - 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ - 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ - 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ - 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \ - 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \ - 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \ - 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \ - 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \ - 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \ - 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \ - 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \ - 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \ - 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \ - 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \ - 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \ - 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \ - 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \ - 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \ - 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \ - 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \ - 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \ - 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \ - 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \ - 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \ - 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \ - 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \ - 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \ - 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \ - 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \ - 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \ - 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \ - 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \ - 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \ - 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \ - 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \ - 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \ - 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \ - 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \ - 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \ - 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \ - 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \ - 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \ - 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \ - 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \ - 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \ - 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \ - 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \ - 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \ - 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \ - 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \ - 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \ - 0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ + 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ + 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ + 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ + 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ + 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ + 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ + 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ + 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ + 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ + 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ + 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ + 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ + 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ + 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ + 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ + 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ + 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ + 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ + 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ + 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ + 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ + 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ + 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ + 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ + 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ + 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ + 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ + 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ + 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ + 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ + 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ + 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ + 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ + 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ + 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ + 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ + 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ + 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ + 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ + 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ + 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ + 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ + 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ + 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ + 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \ + 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \ + 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \ + 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \ + 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \ + 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \ + 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \ + 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \ + 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \ + 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \ + 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \ + 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \ + 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \ + 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \ + 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \ + 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \ + 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \ + 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \ + 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \ + 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \ + 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \ + 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \ + 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \ + 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \ + 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \ + 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \ + 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \ + 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \ + 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \ + 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \ + 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \ + 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \ + 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \ + 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \ + 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \ + 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \ + 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \ + 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \ + 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \ + 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \ + 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \ + 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \ + 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \ + 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \ + 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \ + 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \ + 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \ + 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \ + 0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC7919_FFDHE6144_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ - 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ - 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ - 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ - 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ - 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ - 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ - 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ - 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ - 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ - 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ - 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ - 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ - 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ - 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ - 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ - 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ - 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ - 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ - 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ - 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ - 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ - 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ - 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ - 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ - 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ - 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ - 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ - 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ - 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ - 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ - 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ - 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ - 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ - 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ - 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ - 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ - 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ - 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ - 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ - 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ - 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ - 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ - 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ - 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ - 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \ - 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \ - 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \ - 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \ - 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \ - 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \ - 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \ - 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \ - 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \ - 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \ - 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \ - 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \ - 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \ - 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \ - 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \ - 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \ - 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \ - 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \ - 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \ - 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \ - 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \ - 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \ - 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \ - 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \ - 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \ - 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \ - 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \ - 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \ - 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \ - 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \ - 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \ - 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \ - 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \ - 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \ - 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \ - 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \ - 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \ - 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \ - 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \ - 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \ - 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \ - 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \ - 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \ - 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \ - 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \ - 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \ - 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \ - 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \ - 0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, \ - 0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, \ - 0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, \ - 0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, \ - 0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, \ - 0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, \ - 0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, \ - 0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, \ - 0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, \ - 0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, \ - 0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, \ - 0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, \ - 0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, \ - 0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, \ - 0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, \ - 0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, \ - 0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, \ - 0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, \ - 0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, \ - 0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, \ - 0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, \ - 0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, \ - 0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, \ - 0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, \ - 0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, \ - 0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, \ - 0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, \ - 0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, \ - 0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, \ - 0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, \ - 0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, \ - 0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, \ - 0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ + 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ + 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ + 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ + 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ + 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ + 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ + 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ + 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ + 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ + 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ + 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ + 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ + 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ + 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ + 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ + 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ + 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ + 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ + 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ + 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ + 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ + 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ + 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ + 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ + 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ + 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ + 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ + 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ + 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ + 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ + 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ + 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ + 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ + 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ + 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ + 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ + 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ + 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ + 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ + 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ + 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ + 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ + 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ + 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ + 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \ + 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \ + 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \ + 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \ + 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \ + 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \ + 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \ + 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \ + 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \ + 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \ + 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \ + 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \ + 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \ + 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \ + 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \ + 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \ + 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \ + 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \ + 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \ + 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \ + 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \ + 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \ + 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \ + 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \ + 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \ + 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \ + 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \ + 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \ + 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \ + 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \ + 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \ + 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \ + 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \ + 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \ + 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \ + 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \ + 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \ + 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \ + 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \ + 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \ + 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \ + 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \ + 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \ + 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \ + 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \ + 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \ + 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \ + 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \ + 0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, \ + 0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, \ + 0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, \ + 0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, \ + 0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, \ + 0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, \ + 0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, \ + 0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, \ + 0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, \ + 0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, \ + 0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, \ + 0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, \ + 0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, \ + 0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, \ + 0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, \ + 0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, \ + 0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, \ + 0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, \ + 0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, \ + 0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, \ + 0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, \ + 0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, \ + 0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, \ + 0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, \ + 0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, \ + 0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, \ + 0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, \ + 0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, \ + 0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, \ + 0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, \ + 0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, \ + 0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, \ + 0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC7919_FFDHE8192_G_BIN { 0x02 } diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 05855cdf10bb..aade25a42e06 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -52,8 +52,7 @@ extern "C" { /** * Defines the source of the imported EC key. */ -typedef enum -{ +typedef enum { MBEDTLS_ECDH_OURS, /**< Our key. */ MBEDTLS_ECDH_THEIRS, /**< The key of the peer. */ } mbedtls_ecdh_side; @@ -65,8 +64,7 @@ typedef enum * Later versions of the library may add new variants, therefore users should * not make any assumptions about them. */ -typedef enum -{ +typedef enum { MBEDTLS_ECDH_VARIANT_NONE = 0, /*!< Implementation not defined. */ MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0,/*!< The default Mbed TLS implementation */ #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) @@ -81,8 +79,7 @@ typedef enum * should not make any assumptions about the structure of * mbedtls_ecdh_context_mbed. */ -typedef struct mbedtls_ecdh_context_mbed -{ +typedef struct mbedtls_ecdh_context_mbed { mbedtls_ecp_group grp; /*!< The elliptic curve used. */ mbedtls_mpi d; /*!< The private key. */ mbedtls_ecp_point Q; /*!< The public key. */ @@ -101,8 +98,7 @@ typedef struct mbedtls_ecdh_context_mbed * should not be shared between multiple threads. * \brief The ECDH context structure. */ -typedef struct mbedtls_ecdh_context -{ +typedef struct mbedtls_ecdh_context { #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) mbedtls_ecp_group grp; /*!< The elliptic curve used. */ mbedtls_mpi d; /*!< The private key. */ @@ -119,24 +115,23 @@ typedef struct mbedtls_ecdh_context #endif /* MBEDTLS_ECP_RESTARTABLE */ #else uint8_t point_format; /*!< The format of point export in TLS messages - as defined in RFC 4492. */ + as defined in RFC 4492. */ mbedtls_ecp_group_id grp_id;/*!< The elliptic curve used. */ mbedtls_ecdh_variant var; /*!< The ECDH implementation/structure used. */ - union - { + union { mbedtls_ecdh_context_mbed mbed_ecdh; #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) mbedtls_ecdh_context_everest everest_ecdh; #endif } ctx; /*!< Implementation-specific context. The - context in use is specified by the \c var - field. */ + context in use is specified by the \c var + field. */ #if defined(MBEDTLS_ECP_RESTARTABLE) uint8_t restart_enabled; /*!< The flag for restartable mode. Functions of - an alternative implementation not supporting - restartable mode must return - MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error - if this flag is set. */ + an alternative implementation not supporting + restartable mode must return + MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error + if this flag is set. */ #endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */ } @@ -149,7 +144,7 @@ mbedtls_ecdh_context; * * \return \c 1 if the group can be used, \c 0 otherwise */ -int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ); +int mbedtls_ecdh_can_do(mbedtls_ecp_group_id gid); /** * \brief This function generates an ECDH keypair on an elliptic @@ -176,9 +171,9 @@ int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ); * \return Another \c MBEDTLS_ERR_ECP_XXX or * \c MBEDTLS_MPI_XXX error code on failure. */ -int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecdh_gen_public(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function computes the shared secret. @@ -214,17 +209,17 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp * \return Another \c MBEDTLS_ERR_ECP_XXX or * \c MBEDTLS_MPI_XXX error code on failure. */ -int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, - const mbedtls_ecp_point *Q, const mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecdh_compute_shared(mbedtls_ecp_group *grp, mbedtls_mpi *z, + const mbedtls_ecp_point *Q, const mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function initializes an ECDH context. * * \param ctx The ECDH context to initialize. This must not be \c NULL. */ -void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ); +void mbedtls_ecdh_init(mbedtls_ecdh_context *ctx); /** * \brief This function sets up the ECDH context with the information @@ -242,8 +237,8 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ); * * \return \c 0 on success. */ -int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, - mbedtls_ecp_group_id grp_id ); +int mbedtls_ecdh_setup(mbedtls_ecdh_context *ctx, + mbedtls_ecp_group_id grp_id); /** * \brief This function frees a context. @@ -252,7 +247,7 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, * case this function does nothing. If it is not \c NULL, * it must point to an initialized ECDH context. */ -void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ); +void mbedtls_ecdh_free(mbedtls_ecdh_context *ctx); /** * \brief This function generates an EC key pair and exports its @@ -279,10 +274,10 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ); * operations was reached: see \c mbedtls_ecp_set_max_ops(). * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecdh_make_params(mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function parses the ECDHE parameters in a @@ -308,9 +303,9 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * */ -int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, - const unsigned char **buf, - const unsigned char *end ); +int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx, + const unsigned char **buf, + const unsigned char *end); /** * \brief This function sets up an ECDH context from an EC key. @@ -331,9 +326,9 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. * */ -int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, - const mbedtls_ecp_keypair *key, - mbedtls_ecdh_side side ); +int mbedtls_ecdh_get_params(mbedtls_ecdh_context *ctx, + const mbedtls_ecp_keypair *key, + mbedtls_ecdh_side side); /** * \brief This function generates a public key and exports it @@ -361,10 +356,10 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, * operations was reached: see \c mbedtls_ecp_set_max_ops(). * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecdh_make_public(mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function parses and processes the ECDHE payload of a @@ -385,8 +380,8 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, - const unsigned char *buf, size_t blen ); +int mbedtls_ecdh_read_public(mbedtls_ecdh_context *ctx, + const unsigned char *buf, size_t blen); /** * \brief This function derives and exports the shared secret. @@ -418,10 +413,10 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, * operations was reached: see \c mbedtls_ecp_set_max_ops(). * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecdh_calc_secret(mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #if defined(MBEDTLS_ECP_RESTARTABLE) /** @@ -436,7 +431,7 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, * * \param ctx The ECDH context to use. This must be initialized. */ -void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx ); +void mbedtls_ecdh_enable_restart(mbedtls_ecdh_context *ctx); #endif /* MBEDTLS_ECP_RESTARTABLE */ #ifdef __cplusplus diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 118f7cedb1ee..e42d114c4216 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -56,13 +56,13 @@ * * For each of r and s, the value (V) may include an extra initial "0" bit. */ -#define MBEDTLS_ECDSA_MAX_SIG_LEN( bits ) \ - ( /*T,L of SEQUENCE*/ ( ( bits ) >= 61 * 8 ? 3 : 2 ) + \ - /*T,L of r,s*/ 2 * ( ( ( bits ) >= 127 * 8 ? 3 : 2 ) + \ - /*V of r,s*/ ( ( bits ) + 8 ) / 8 ) ) +#define MBEDTLS_ECDSA_MAX_SIG_LEN(bits) \ + (/*T,L of SEQUENCE*/ ((bits) >= 61 * 8 ? 3 : 2) + \ + /*T,L of r,s*/ 2 * (((bits) >= 127 * 8 ? 3 : 2) + \ + /*V of r,s*/ ((bits) + 8) / 8)) /** The maximal size of an ECDSA signature in Bytes. */ -#define MBEDTLS_ECDSA_MAX_LEN MBEDTLS_ECDSA_MAX_SIG_LEN( MBEDTLS_ECP_MAX_BITS ) +#define MBEDTLS_ECDSA_MAX_LEN MBEDTLS_ECDSA_MAX_SIG_LEN(MBEDTLS_ECP_MAX_BITS) #ifdef __cplusplus extern "C" { @@ -105,8 +105,7 @@ typedef struct mbedtls_ecdsa_restart_det mbedtls_ecdsa_restart_det_ctx; /** * \brief General context for resuming ECDSA operations */ -typedef struct -{ +typedef struct { mbedtls_ecp_restart_ctx ecp; /*!< base context for ECP restart and shared administrative info */ mbedtls_ecdsa_restart_ver_ctx *ver; /*!< ecdsa_verify() sub-context */ @@ -131,7 +130,7 @@ typedef void mbedtls_ecdsa_restart_ctx; * * \return \c 1 if the group can be used, \c 0 otherwise */ -int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ); +int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid); /** * \brief This function computes the ECDSA signature of a @@ -169,12 +168,12 @@ int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ); * \return An \c MBEDTLS_ERR_ECP_XXX * or \c MBEDTLS_MPI_XXX error code on failure. */ -int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) #else @@ -228,10 +227,10 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX * error code on failure. */ -int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED; +int mbedtls_ecdsa_sign_det(mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg) MBEDTLS_DEPRECATED; #undef MBEDTLS_DEPRECATED #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -274,12 +273,12 @@ int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX * error code on failure. */ -int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg, - int (*f_rng_blind)(void *, unsigned char *, size_t), - void *p_rng_blind ); +int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind); #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ /** @@ -312,10 +311,10 @@ int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX * error code on failure. */ -int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, - const unsigned char *buf, size_t blen, - const mbedtls_ecp_point *Q, const mbedtls_mpi *r, - const mbedtls_mpi *s); +int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, const mbedtls_mpi *r, + const mbedtls_mpi *s); /** * \brief This function computes the ECDSA signature and writes it @@ -365,12 +364,12 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, * \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or * \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function computes the ECDSA signature and writes it @@ -411,16 +410,16 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, * \return Another \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or * \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecdsa_restart_ctx *rs_ctx ); +int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecdsa_restart_ctx *rs_ctx); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) #else @@ -469,10 +468,10 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, * \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or * \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED; +int mbedtls_ecdsa_write_signature_det(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + mbedtls_md_type_t md_alg) MBEDTLS_DEPRECATED; #undef MBEDTLS_DEPRECATED #endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ @@ -504,9 +503,9 @@ int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX * error code on failure for any other reason. */ -int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - const unsigned char *sig, size_t slen ); +int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + const unsigned char *sig, size_t slen); /** * \brief This function reads and verifies an ECDSA signature, @@ -539,10 +538,10 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, * \return Another \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX * error code on failure for any other reason. */ -int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - const unsigned char *sig, size_t slen, - mbedtls_ecdsa_restart_ctx *rs_ctx ); +int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + const unsigned char *sig, size_t slen, + mbedtls_ecdsa_restart_ctx *rs_ctx); /** * \brief This function generates an ECDSA keypair on the given curve. @@ -560,8 +559,8 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX code on failure. */ -int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** * \brief This function sets up an ECDSA context from an EC key pair. @@ -578,8 +577,8 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX code on failure. */ -int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, - const mbedtls_ecp_keypair *key ); +int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx, + const mbedtls_ecp_keypair *key); /** * \brief This function initializes an ECDSA context. @@ -587,7 +586,7 @@ int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, * \param ctx The ECDSA context to initialize. * This must not be \c NULL. */ -void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ); +void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx); /** * \brief This function frees an ECDSA context. @@ -596,7 +595,7 @@ void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ); * in which case this function does nothing. If it * is not \c NULL, it must be initialized. */ -void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx ); +void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx); #if defined(MBEDTLS_ECP_RESTARTABLE) /** @@ -605,7 +604,7 @@ void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx ); * \param ctx The restart context to initialize. * This must not be \c NULL. */ -void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx ); +void mbedtls_ecdsa_restart_init(mbedtls_ecdsa_restart_ctx *ctx); /** * \brief Free the components of a restart context. @@ -614,7 +613,7 @@ void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx ); * in which case this function does nothing. If it * is not \c NULL, it must be initialized. */ -void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx ); +void mbedtls_ecdsa_restart_free(mbedtls_ecdsa_restart_ctx *ctx); #endif /* MBEDTLS_ECP_RESTARTABLE */ #ifdef __cplusplus diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index 3564ff8dd3e8..b9928386dcd3 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -71,8 +71,7 @@ typedef enum { * convention from the Thread v1.0 spec. Correspondence is indicated in the * description as a pair C: client name, S: server name */ -typedef struct mbedtls_ecjpake_context -{ +typedef struct mbedtls_ecjpake_context { const mbedtls_md_info_t *md_info; /**< Hash to use */ mbedtls_ecp_group grp; /**< Elliptic curve */ mbedtls_ecjpake_role role; /**< Are we client or server? */ @@ -100,7 +99,7 @@ typedef struct mbedtls_ecjpake_context * \param ctx The ECJPAKE context to initialize. * This must not be \c NULL. */ -void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ); +void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx); /** * \brief Set up an ECJPAKE context for use. @@ -123,12 +122,12 @@ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ); * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, - mbedtls_ecjpake_role role, - mbedtls_md_type_t hash, - mbedtls_ecp_group_id curve, - const unsigned char *secret, - size_t len ); +int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx, + mbedtls_ecjpake_role role, + mbedtls_md_type_t hash, + mbedtls_ecp_group_id curve, + const unsigned char *secret, + size_t len); /** * \brief Check if an ECJPAKE context is ready for use. @@ -139,7 +138,7 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, * \return \c 0 if the context is ready for use. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise. */ -int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ); +int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx); /** * \brief Generate and write the first round message @@ -160,10 +159,10 @@ int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ); * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx, - unsigned char *buf, size_t len, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx, + unsigned char *buf, size_t len, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Read and process the first round message @@ -179,9 +178,9 @@ int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx, - const unsigned char *buf, - size_t len ); +int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx, + const unsigned char *buf, + size_t len); /** * \brief Generate and write the second round message @@ -201,10 +200,10 @@ int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, - unsigned char *buf, size_t len, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx, + unsigned char *buf, size_t len, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Read and process the second round message @@ -219,9 +218,9 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, - const unsigned char *buf, - size_t len ); +int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx, + const unsigned char *buf, + size_t len); /** * \brief Derive the shared secret @@ -241,10 +240,10 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, - unsigned char *buf, size_t len, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx, + unsigned char *buf, size_t len, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This clears an ECJPAKE context and frees any @@ -254,7 +253,7 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, * in which case this function does nothing. If it is not * \c NULL, it must point to an initialized ECJPAKE context. */ -void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ); +void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx); #if defined(MBEDTLS_SELF_TEST) @@ -263,7 +262,7 @@ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ); * * \return 0 if successful, or 1 if a test failed */ -int mbedtls_ecjpake_self_test( int verbose ); +int mbedtls_ecjpake_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 64a0bccda055..5402e74b00ac 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -117,8 +117,7 @@ extern "C" { * - Add the curve to the ecp_supported_curves array in ecp.c. * - Add the curve to applicable profiles in x509_crt.c if applicable. */ -typedef enum -{ +typedef enum { MBEDTLS_ECP_DP_NONE = 0, /*!< Curve not defined. */ MBEDTLS_ECP_DP_SECP192R1, /*!< Domain parameters for the 192-bit curve defined by FIPS 186-4 and SEC1. */ MBEDTLS_ECP_DP_SECP224R1, /*!< Domain parameters for the 224-bit curve defined by FIPS 186-4 and SEC1. */ @@ -145,8 +144,7 @@ typedef enum /* * Curve types */ -typedef enum -{ +typedef enum { MBEDTLS_ECP_TYPE_NONE = 0, MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS, /* y^2 = x^3 + a x + b */ MBEDTLS_ECP_TYPE_MONTGOMERY, /* y^2 = x^3 + a x^2 + x */ @@ -155,8 +153,7 @@ typedef enum /** * Curve information, for use by other modules. */ -typedef struct mbedtls_ecp_curve_info -{ +typedef struct mbedtls_ecp_curve_info { mbedtls_ecp_group_id grp_id; /*!< An internal identifier. */ uint16_t tls_id; /*!< The TLS NamedCurve identifier. */ uint16_t bit_size; /*!< The curve size in bits. */ @@ -174,8 +171,7 @@ typedef struct mbedtls_ecp_curve_info * Otherwise, \p X and \p Y are its standard (affine) * coordinates. */ -typedef struct mbedtls_ecp_point -{ +typedef struct mbedtls_ecp_point { mbedtls_mpi X; /*!< The X coordinate of the ECP point. */ mbedtls_mpi Y; /*!< The Y coordinate of the ECP point. */ mbedtls_mpi Z; /*!< The Z coordinate of the ECP point. */ @@ -257,8 +253,7 @@ mbedtls_ecp_point; * identical. * */ -typedef struct mbedtls_ecp_group -{ +typedef struct mbedtls_ecp_group { mbedtls_ecp_group_id id; /*!< An internal group identifier. */ mbedtls_mpi P; /*!< The prime modulus of the base field. */ mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For @@ -309,8 +304,8 @@ mbedtls_ecp_group; #define MBEDTLS_ECP_MAX_BITS 1 #endif -#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 ) -#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 ) +#define MBEDTLS_ECP_MAX_BYTES ((MBEDTLS_ECP_MAX_BITS + 7) / 8) +#define MBEDTLS_ECP_MAX_PT_LEN (2 * MBEDTLS_ECP_MAX_BYTES + 1) #if !defined(MBEDTLS_ECP_WINDOW_SIZE) /* @@ -376,8 +371,7 @@ typedef struct mbedtls_ecp_restart_muladd mbedtls_ecp_restart_muladd_ctx; /** * \brief General context for resuming ECC operations */ -typedef struct -{ +typedef struct { unsigned ops_done; /*!< current ops count */ unsigned depth; /*!< call depth (0 = top-level) */ mbedtls_ecp_restart_mul_ctx *rsm; /*!< ecp_mul_comb() sub-context */ @@ -403,18 +397,18 @@ typedef struct * \return \c 0 if doing \p ops basic ops is still allowed, * \return #MBEDTLS_ERR_ECP_IN_PROGRESS otherwise. */ -int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp, - mbedtls_ecp_restart_ctx *rs_ctx, - unsigned ops ); +int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp, + mbedtls_ecp_restart_ctx *rs_ctx, + unsigned ops); /* Utility macro for checking and updating ops budget */ -#define MBEDTLS_ECP_BUDGET( ops ) \ - MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, rs_ctx, \ - (unsigned) (ops) ) ); +#define MBEDTLS_ECP_BUDGET(ops) \ + MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, rs_ctx, \ + (unsigned) (ops))); #else /* MBEDTLS_ECP_RESTARTABLE */ -#define MBEDTLS_ECP_BUDGET( ops ) /* no-op; for compatibility */ +#define MBEDTLS_ECP_BUDGET(ops) /* no-op; for compatibility */ /* We want to declare restartable versions of existing functions anyway */ typedef void mbedtls_ecp_restart_ctx; @@ -429,8 +423,7 @@ typedef void mbedtls_ecp_restart_ctx; * \note Members are deliberately in the same order as in the * ::mbedtls_ecdsa_context structure. */ -typedef struct mbedtls_ecp_keypair -{ +typedef struct mbedtls_ecp_keypair { mbedtls_ecp_group grp; /*!< Elliptic curve and base point */ mbedtls_mpi d; /*!< our secret value */ mbedtls_ecp_point Q; /*!< our public value */ @@ -506,7 +499,7 @@ mbedtls_ecp_keypair; * * \note This setting is currently ignored by Curve25519. */ -void mbedtls_ecp_set_max_ops( unsigned max_ops ); +void mbedtls_ecp_set_max_ops(unsigned max_ops); /** * \brief Check if restart is enabled (max_ops != 0) @@ -514,13 +507,13 @@ void mbedtls_ecp_set_max_ops( unsigned max_ops ); * \return \c 0 if \c max_ops == 0 (restart disabled) * \return \c 1 otherwise (restart enabled) */ -int mbedtls_ecp_restart_is_enabled( void ); +int mbedtls_ecp_restart_is_enabled(void); #endif /* MBEDTLS_ECP_RESTARTABLE */ /* * Get the type of a curve */ -mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp ); +mbedtls_ecp_curve_type mbedtls_ecp_get_type(const mbedtls_ecp_group *grp); /** * \brief This function retrieves the information defined in @@ -534,7 +527,7 @@ mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp ); * * \return A statically allocated array. The last entry is 0. */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void ); +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list(void); /** * \brief This function retrieves the list of internal group @@ -550,7 +543,7 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void ); * \return A statically allocated array, * terminated with MBEDTLS_ECP_DP_NONE. */ -const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void ); +const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list(void); /** * \brief This function retrieves curve information from an internal @@ -561,7 +554,7 @@ const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void ); * \return The associated curve information on success. * \return NULL on failure. */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id ); +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id); /** * \brief This function retrieves curve information from a TLS @@ -572,7 +565,7 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_gr * \return The associated curve information on success. * \return NULL on failure. */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id ); +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id); /** * \brief This function retrieves curve information from a @@ -583,14 +576,14 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_i * \return The associated curve information on success. * \return NULL on failure. */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name ); +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name(const char *name); /** * \brief This function initializes a point as zero. * * \param pt The point to initialize. */ -void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ); +void mbedtls_ecp_point_init(mbedtls_ecp_point *pt); /** * \brief This function initializes an ECP group context @@ -601,21 +594,21 @@ void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ); * mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group() * functions. */ -void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ); +void mbedtls_ecp_group_init(mbedtls_ecp_group *grp); /** * \brief This function initializes a key pair as an invalid one. * * \param key The key pair to initialize. */ -void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key ); +void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key); /** * \brief This function frees the components of a point. * * \param pt The point to free. */ -void mbedtls_ecp_point_free( mbedtls_ecp_point *pt ); +void mbedtls_ecp_point_free(mbedtls_ecp_point *pt); /** * \brief This function frees the components of an ECP group. @@ -624,7 +617,7 @@ void mbedtls_ecp_point_free( mbedtls_ecp_point *pt ); * case this function returns immediately. If it is not * \c NULL, it must point to an initialized ECP group. */ -void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ); +void mbedtls_ecp_group_free(mbedtls_ecp_group *grp); /** * \brief This function frees the components of a key pair. @@ -633,7 +626,7 @@ void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ); * case this function returns immediately. If it is not * \c NULL, it must point to an initialized ECP key pair. */ -void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ); +void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key); #if defined(MBEDTLS_ECP_RESTARTABLE) /** @@ -642,7 +635,7 @@ void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ); * \param ctx The restart context to initialize. This must * not be \c NULL. */ -void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx ); +void mbedtls_ecp_restart_init(mbedtls_ecp_restart_ctx *ctx); /** * \brief Free the components of a restart context. @@ -651,7 +644,7 @@ void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx ); * case this function returns immediately. If it is not * \c NULL, it must point to an initialized restart context. */ -void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx ); +void mbedtls_ecp_restart_free(mbedtls_ecp_restart_ctx *ctx); #endif /* MBEDTLS_ECP_RESTARTABLE */ /** @@ -665,7 +658,7 @@ void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return Another negative error code for other kinds of failure. */ -int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ); +int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q); /** * \brief This function copies the contents of group \p src into @@ -678,8 +671,8 @@ int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, - const mbedtls_ecp_group *src ); +int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst, + const mbedtls_ecp_group *src); /** * \brief This function sets a point to the point at infinity. @@ -690,7 +683,7 @@ int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ); +int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt); /** * \brief This function checks if a point is the point at infinity. @@ -701,7 +694,7 @@ int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ); * \return \c 0 if the point is non-zero. * \return A negative error code on failure. */ -int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ); +int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt); /** * \brief This function compares two points. @@ -715,8 +708,8 @@ int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ); * \return \c 0 if the points are equal. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the points are not equal. */ -int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P, - const mbedtls_ecp_point *Q ); +int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P, + const mbedtls_ecp_point *Q); /** * \brief This function imports a non-zero point from two ASCII @@ -730,8 +723,8 @@ int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_MPI_XXX error code on failure. */ -int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, - const char *x, const char *y ); +int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix, + const char *x, const char *y); /** * \brief This function exports a point into unsigned binary data. @@ -758,10 +751,10 @@ int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, * or the export for the given group is not implemented. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, - const mbedtls_ecp_point *P, - int format, size_t *olen, - unsigned char *buf, size_t buflen ); +int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *P, + int format, size_t *olen, + unsigned char *buf, size_t buflen); /** * \brief This function imports a point from unsigned binary data. @@ -785,9 +778,9 @@ int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the import for the * given group is not implemented. */ -int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *P, - const unsigned char *buf, size_t ilen ); +int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *P, + const unsigned char *buf, size_t ilen); /** * \brief This function imports a point from a TLS ECPoint record. @@ -807,9 +800,9 @@ int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, * failure. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid. */ -int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *pt, - const unsigned char **buf, size_t len ); +int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt, + const unsigned char **buf, size_t len); /** * \brief This function exports a point as a TLS ECPoint record @@ -833,10 +826,10 @@ int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, * is too small to hold the exported point. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, - const mbedtls_ecp_point *pt, - int format, size_t *olen, - unsigned char *buf, size_t blen ); +int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *pt, + int format, size_t *olen, + unsigned char *buf, size_t blen); /** * \brief This function sets up an ECP group context @@ -855,7 +848,7 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, * correspond to a known group. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ); +int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id); /** * \brief This function sets up an ECP group context from a TLS @@ -874,8 +867,8 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ); * recognized. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, - const unsigned char **buf, size_t len ); +int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp, + const unsigned char **buf, size_t len); /** * \brief This function extracts an elliptic curve group ID from a @@ -895,9 +888,9 @@ int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, * recognized. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp, - const unsigned char **buf, - size_t len ); +int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp, + const unsigned char **buf, + size_t len); /** * \brief This function exports an elliptic curve as a TLS * ECParameters record as defined in RFC 4492, Section 5.4. @@ -916,9 +909,9 @@ int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp, * buffer is too small to hold the exported group. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, - size_t *olen, - unsigned char *buf, size_t blen ); +int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp, + size_t *olen, + unsigned char *buf, size_t blen); /** * \brief This function performs a scalar multiplication of a point @@ -956,9 +949,9 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** * \brief This function performs multiplication of a point by @@ -990,10 +983,10 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * operations was reached: see \c mbedtls_ecp_set_max_ops(). * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ); +int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx); #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) /** @@ -1031,9 +1024,9 @@ int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * designate a short Weierstrass curve. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - const mbedtls_mpi *n, const mbedtls_ecp_point *Q ); +int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + const mbedtls_mpi *n, const mbedtls_ecp_point *Q); /** * \brief This function performs multiplication and addition of two @@ -1076,10 +1069,10 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * \return Another negative error code on other kinds of failure. */ int mbedtls_ecp_muladd_restartable( - mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - const mbedtls_mpi *n, const mbedtls_ecp_point *Q, - mbedtls_ecp_restart_ctx *rs_ctx ); + mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + const mbedtls_mpi *n, const mbedtls_ecp_point *Q, + mbedtls_ecp_restart_ctx *rs_ctx); #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ /** @@ -1109,8 +1102,8 @@ int mbedtls_ecp_muladd_restartable( * a valid public key for the given curve. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, - const mbedtls_ecp_point *pt ); +int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *pt); /** * \brief This function checks that an \p mbedtls_mpi is a @@ -1131,8 +1124,8 @@ int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, * private key for the given curve. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, - const mbedtls_mpi *d ); +int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp, + const mbedtls_mpi *d); /** * \brief This function generates a private key. @@ -1149,10 +1142,10 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * on failure. */ -int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, - mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function generates a keypair with a configurable base @@ -1181,11 +1174,11 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * on failure. */ -int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, - const mbedtls_ecp_point *G, - mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp, + const mbedtls_ecp_point *G, + mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function generates an ECP keypair. @@ -1210,10 +1203,10 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * on failure. */ -int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d, - mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, mbedtls_mpi *d, + mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function generates an ECP key. @@ -1228,9 +1221,9 @@ int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * on failure. */ -int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function reads an elliptic curve private key. @@ -1250,8 +1243,8 @@ int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, * the group is not implemented. * \return Another negative error code on different kinds of failure. */ -int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, - const unsigned char *buf, size_t buflen ); +int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, + const unsigned char *buf, size_t buflen); /** * \brief This function exports an elliptic curve private key. @@ -1269,8 +1262,8 @@ int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, * the group is not implemented. * \return Another negative error code on different kinds of failure. */ -int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key, - unsigned char *buf, size_t buflen ); +int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key, + unsigned char *buf, size_t buflen); /** * \brief This function checks that the keypair objects @@ -1289,8 +1282,8 @@ int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key, * \return An \c MBEDTLS_ERR_ECP_XXX or an \c MBEDTLS_ERR_MPI_XXX * error code on calculation failure. */ -int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, - const mbedtls_ecp_keypair *prv ); +int mbedtls_ecp_check_pub_priv(const mbedtls_ecp_keypair *pub, + const mbedtls_ecp_keypair *prv); #if defined(MBEDTLS_SELF_TEST) @@ -1300,7 +1293,7 @@ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_ecp_self_test( int verbose ); +int mbedtls_ecp_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/ecp_internal.h b/include/mbedtls/ecp_internal.h index 6a47a8ff27e8..acaaa087d6cc 100644 --- a/include/mbedtls/ecp_internal.h +++ b/include/mbedtls/ecp_internal.h @@ -76,7 +76,7 @@ * * \return Non-zero if successful. */ -unsigned char mbedtls_internal_ecp_grp_capable( const mbedtls_ecp_group *grp ); +unsigned char mbedtls_internal_ecp_grp_capable(const mbedtls_ecp_group *grp); /** * \brief Initialise the Elliptic Curve Point module extension. @@ -93,7 +93,7 @@ unsigned char mbedtls_internal_ecp_grp_capable( const mbedtls_ecp_group *grp ); * * \return 0 if successful. */ -int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ); +int mbedtls_internal_ecp_init(const mbedtls_ecp_group *grp); /** * \brief Frees and deallocates the Elliptic Curve Point module @@ -101,7 +101,7 @@ int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ); * * \param grp The pointer to the group the module was initialised for. */ -void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ); +void mbedtls_internal_ecp_free(const mbedtls_ecp_group *grp); #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) @@ -121,9 +121,11 @@ void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ); * * \return 0 if successful. */ -int mbedtls_internal_ecp_randomize_jac( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *pt, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_internal_ecp_randomize_jac(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt, int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng); #endif #if defined(MBEDTLS_ECP_ADD_MIXED_ALT) @@ -166,9 +168,9 @@ int mbedtls_internal_ecp_randomize_jac( const mbedtls_ecp_group *grp, * * \return 0 if successful. */ -int mbedtls_internal_ecp_add_mixed( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, const mbedtls_ecp_point *P, - const mbedtls_ecp_point *Q ); +int mbedtls_internal_ecp_add_mixed(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, const mbedtls_ecp_point *P, + const mbedtls_ecp_point *Q); #endif /** @@ -191,8 +193,8 @@ int mbedtls_internal_ecp_add_mixed( const mbedtls_ecp_group *grp, * \return 0 if successful. */ #if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) -int mbedtls_internal_ecp_double_jac( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, const mbedtls_ecp_point *P ); +int mbedtls_internal_ecp_double_jac(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, const mbedtls_ecp_point *P); #endif /** @@ -221,8 +223,8 @@ int mbedtls_internal_ecp_double_jac( const mbedtls_ecp_group *grp, * an error if one of the points is zero. */ #if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) -int mbedtls_internal_ecp_normalize_jac_many( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *T[], size_t t_len ); +int mbedtls_internal_ecp_normalize_jac_many(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *T[], size_t t_len); #endif /** @@ -239,8 +241,8 @@ int mbedtls_internal_ecp_normalize_jac_many( const mbedtls_ecp_group *grp, * \return 0 if successful. */ #if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) -int mbedtls_internal_ecp_normalize_jac( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *pt ); +int mbedtls_internal_ecp_normalize_jac(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt); #endif #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ @@ -248,9 +250,12 @@ int mbedtls_internal_ecp_normalize_jac( const mbedtls_ecp_group *grp, #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) #if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) -int mbedtls_internal_ecp_double_add_mxz( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, mbedtls_ecp_point *S, const mbedtls_ecp_point *P, - const mbedtls_ecp_point *Q, const mbedtls_mpi *d ); +int mbedtls_internal_ecp_double_add_mxz(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, + mbedtls_ecp_point *S, + const mbedtls_ecp_point *P, + const mbedtls_ecp_point *Q, + const mbedtls_mpi *d); #endif /** @@ -269,9 +274,11 @@ int mbedtls_internal_ecp_double_add_mxz( const mbedtls_ecp_group *grp, * \return 0 if successful */ #if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) -int mbedtls_internal_ecp_randomize_mxz( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_internal_ecp_randomize_mxz(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *P, int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng); #endif /** @@ -285,8 +292,8 @@ int mbedtls_internal_ecp_randomize_mxz( const mbedtls_ecp_group *grp, * \return 0 if successful */ #if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) -int mbedtls_internal_ecp_normalize_mxz( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *P ); +int mbedtls_internal_ecp_normalize_mxz(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *P); #endif #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ @@ -294,4 +301,3 @@ int mbedtls_internal_ecp_normalize_mxz( const mbedtls_ecp_group *grp, #endif /* MBEDTLS_ECP_INTERNAL_ALT */ #endif /* ecp_internal.h */ - diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index 40259ebc8a19..4075d2ae606a 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -105,15 +105,14 @@ extern "C" { * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise */ typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, size_t len, - size_t *olen); + size_t *olen); /** * \brief Entropy source state */ -typedef struct mbedtls_entropy_source_state -{ +typedef struct mbedtls_entropy_source_state { mbedtls_entropy_f_source_ptr f_source; /**< The entropy source callback */ - void * p_source; /**< The callback data pointer */ + void *p_source; /**< The callback data pointer */ size_t size; /**< Amount received in bytes */ size_t threshold; /**< Minimum bytes required before release */ int strong; /**< Is the source strong? */ @@ -123,8 +122,7 @@ mbedtls_entropy_source_state; /** * \brief Entropy context structure */ -typedef struct mbedtls_entropy_context -{ +typedef struct mbedtls_entropy_context { int accumulator_started; /* 0 after init. * 1 after the first update. * -1 after free. */ @@ -152,14 +150,14 @@ mbedtls_entropy_context; * * \param ctx Entropy context to initialize */ -void mbedtls_entropy_init( mbedtls_entropy_context *ctx ); +void mbedtls_entropy_init(mbedtls_entropy_context *ctx); /** * \brief Free the data in the context * * \param ctx Entropy context to free */ -void mbedtls_entropy_free( mbedtls_entropy_context *ctx ); +void mbedtls_entropy_free(mbedtls_entropy_context *ctx); /** * \brief Adds an entropy source to poll @@ -178,9 +176,9 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx ); * * \return 0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES */ -int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, - mbedtls_entropy_f_source_ptr f_source, void *p_source, - size_t threshold, int strong ); +int mbedtls_entropy_add_source(mbedtls_entropy_context *ctx, + mbedtls_entropy_f_source_ptr f_source, void *p_source, + size_t threshold, int strong); /** * \brief Trigger an extra gather poll for the accumulator @@ -190,7 +188,7 @@ int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, * * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED */ -int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ); +int mbedtls_entropy_gather(mbedtls_entropy_context *ctx); /** * \brief Retrieve entropy from the accumulator @@ -203,7 +201,7 @@ int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ); * * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED */ -int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ); +int mbedtls_entropy_func(void *data, unsigned char *output, size_t len); /** * \brief Add data to the accumulator manually @@ -215,8 +213,8 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ); * * \return 0 if successful */ -int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, - const unsigned char *data, size_t len ); +int mbedtls_entropy_update_manual(mbedtls_entropy_context *ctx, + const unsigned char *data, size_t len); #if defined(MBEDTLS_ENTROPY_NV_SEED) /** @@ -227,7 +225,7 @@ int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, * * \return 0 if successful */ -int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx ); +int mbedtls_entropy_update_nv_seed(mbedtls_entropy_context *ctx); #endif /* MBEDTLS_ENTROPY_NV_SEED */ #if defined(MBEDTLS_FS_IO) @@ -241,7 +239,7 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx ); * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED */ -int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path ); +int mbedtls_entropy_write_seed_file(mbedtls_entropy_context *ctx, const char *path); /** * \brief Read and update a seed file. Seed is added to this @@ -255,7 +253,7 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED */ -int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path ); +int mbedtls_entropy_update_seed_file(mbedtls_entropy_context *ctx, const char *path); #endif /* MBEDTLS_FS_IO */ #if defined(MBEDTLS_SELF_TEST) @@ -267,7 +265,7 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char * * * \return 0 if successful, or 1 if a test failed */ -int mbedtls_entropy_self_test( int verbose ); +int mbedtls_entropy_self_test(int verbose); #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) /** @@ -283,7 +281,7 @@ int mbedtls_entropy_self_test( int verbose ); * * \return 0 if successful, or 1 if a test failed */ -int mbedtls_entropy_source_self_test( int verbose ); +int mbedtls_entropy_source_self_test(int verbose); #endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/entropy_poll.h b/include/mbedtls/entropy_poll.h index e1d7491aa218..eca3b5620cc2 100644 --- a/include/mbedtls/entropy_poll.h +++ b/include/mbedtls/entropy_poll.h @@ -48,16 +48,16 @@ extern "C" { * \brief Entropy poll callback that provides 0 entropy. */ #if defined(MBEDTLS_TEST_NULL_ENTROPY) - int mbedtls_null_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); +int mbedtls_null_entropy_poll(void *data, + unsigned char *output, size_t len, size_t *olen); #endif #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) /** * \brief Platform-specific entropy poll callback */ -int mbedtls_platform_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); +int mbedtls_platform_entropy_poll(void *data, + unsigned char *output, size_t len, size_t *olen); #endif #if defined(MBEDTLS_HAVEGE_C) @@ -66,16 +66,16 @@ int mbedtls_platform_entropy_poll( void *data, * * Requires an HAVEGE state as its data pointer. */ -int mbedtls_havege_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); +int mbedtls_havege_poll(void *data, + unsigned char *output, size_t len, size_t *olen); #endif #if defined(MBEDTLS_TIMING_C) /** * \brief mbedtls_timing_hardclock-based entropy poll callback */ -int mbedtls_hardclock_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); +int mbedtls_hardclock_poll(void *data, + unsigned char *output, size_t len, size_t *olen); #endif #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) @@ -87,8 +87,8 @@ int mbedtls_hardclock_poll( void *data, * * \note This must accept NULL as its first argument. */ -int mbedtls_hardware_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); +int mbedtls_hardware_poll(void *data, + unsigned char *output, size_t len, size_t *olen); #endif #if defined(MBEDTLS_ENTROPY_NV_SEED) @@ -97,8 +97,8 @@ int mbedtls_hardware_poll( void *data, * * \note This must accept NULL as its first argument. */ -int mbedtls_nv_seed_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); +int mbedtls_nv_seed_poll(void *data, + unsigned char *output, size_t len, size_t *olen); #endif #ifdef __cplusplus diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 50f253850804..dd3c787d6cb6 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -30,7 +30,7 @@ #include -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -127,15 +127,15 @@ extern "C" { * Wrapper macro for mbedtls_error_add(). See that function for * more details. */ -#define MBEDTLS_ERROR_ADD( high, low ) \ - mbedtls_error_add( high, low, __FILE__, __LINE__ ) +#define MBEDTLS_ERROR_ADD(high, low) \ + mbedtls_error_add(high, low, __FILE__, __LINE__) #if defined(MBEDTLS_TEST_HOOKS) /** * \brief Testing hook called before adding/combining two error codes together. * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. */ -extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +extern void (*mbedtls_test_hook_error_add)(int, int, const char *, int); #endif /** @@ -156,17 +156,18 @@ extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); * \param file file where this error code addition occurred. * \param line line where this error code addition occurred. */ -static inline int mbedtls_error_add( int high, int low, - const char *file, int line ) +static inline int mbedtls_error_add(int high, int low, + const char *file, int line) { #if defined(MBEDTLS_TEST_HOOKS) - if( *mbedtls_test_hook_error_add != NULL ) - ( *mbedtls_test_hook_error_add )( high, low, file, line ); + if (*mbedtls_test_hook_error_add != NULL) { + (*mbedtls_test_hook_error_add)(high, low, file, line); + } #endif - (void)file; - (void)line; + (void) file; + (void) line; - return( high + low ); + return high + low; } /** @@ -178,7 +179,7 @@ static inline int mbedtls_error_add( int high, int low, * \param buffer buffer to place representation in * \param buflen length of the buffer */ -void mbedtls_strerror( int errnum, char *buffer, size_t buflen ); +void mbedtls_strerror(int errnum, char *buffer, size_t buflen); /** * \brief Translate the high-level part of an Mbed TLS error code into a string @@ -193,7 +194,7 @@ void mbedtls_strerror( int errnum, char *buffer, size_t buflen ); * \return The string representation of the error code, or \c NULL if the error * code is unknown. */ -const char * mbedtls_high_level_strerr( int error_code ); +const char *mbedtls_high_level_strerr(int error_code); /** * \brief Translate the low-level part of an Mbed TLS error code into a string @@ -208,7 +209,7 @@ const char * mbedtls_high_level_strerr( int error_code ); * \return The string representation of the error code, or \c NULL if the error * code is unknown. */ -const char * mbedtls_low_level_strerr( int error_code ); +const char *mbedtls_low_level_strerr(int error_code); #ifdef __cplusplus } diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 9723a17b65fd..c04088388cdd 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -63,8 +63,7 @@ extern "C" { /** * \brief The GCM context structure. */ -typedef struct mbedtls_gcm_context -{ +typedef struct mbedtls_gcm_context { mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */ uint64_t HL[16]; /*!< Precalculated HTable low. */ uint64_t HH[16]; /*!< Precalculated HTable high. */ @@ -74,8 +73,8 @@ typedef struct mbedtls_gcm_context unsigned char y[16]; /*!< The Y working value. */ unsigned char buf[16]; /*!< The buf working value. */ int mode; /*!< The operation to perform: - #MBEDTLS_GCM_ENCRYPT or - #MBEDTLS_GCM_DECRYPT. */ + #MBEDTLS_GCM_ENCRYPT or + #MBEDTLS_GCM_DECRYPT. */ } mbedtls_gcm_context; @@ -94,7 +93,7 @@ mbedtls_gcm_context; * * \param ctx The GCM context to initialize. This must not be \c NULL. */ -void mbedtls_gcm_init( mbedtls_gcm_context *ctx ); +void mbedtls_gcm_init(mbedtls_gcm_context *ctx); /** * \brief This function associates a GCM context with a @@ -112,10 +111,10 @@ void mbedtls_gcm_init( mbedtls_gcm_context *ctx ); * \return \c 0 on success. * \return A cipher-specific error code on failure. */ -int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, - mbedtls_cipher_id_t cipher, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits); /** * \brief This function performs GCM encryption or decryption of a buffer. @@ -168,17 +167,17 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, * not valid or a cipher-specific error code if the encryption * or decryption failed. */ -int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, - int mode, - size_t length, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len, - const unsigned char *input, - unsigned char *output, - size_t tag_len, - unsigned char *tag ); +int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx, + int mode, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *input, + unsigned char *output, + size_t tag_len, + unsigned char *tag); /** * \brief This function performs a GCM authenticated decryption of a @@ -213,16 +212,16 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, * not valid or a cipher-specific error code if the decryption * failed. */ -int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, - size_t length, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len, - const unsigned char *tag, - size_t tag_len, - const unsigned char *input, - unsigned char *output ); +int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *tag, + size_t tag_len, + const unsigned char *input, + unsigned char *output); /** * \brief This function starts a GCM encryption or decryption @@ -241,12 +240,12 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, * * \return \c 0 on success. */ -int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, - int mode, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len ); +int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, + int mode, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len); /** * \brief This function feeds an input buffer into an ongoing GCM @@ -273,10 +272,10 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, * \return \c 0 on success. * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure. */ -int mbedtls_gcm_update( mbedtls_gcm_context *ctx, - size_t length, - const unsigned char *input, - unsigned char *output ); +int mbedtls_gcm_update(mbedtls_gcm_context *ctx, + size_t length, + const unsigned char *input, + unsigned char *output); /** * \brief This function finishes the GCM operation and generates @@ -294,9 +293,9 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, * \return \c 0 on success. * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure. */ -int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, - unsigned char *tag, - size_t tag_len ); +int mbedtls_gcm_finish(mbedtls_gcm_context *ctx, + unsigned char *tag, + size_t tag_len); /** * \brief This function clears a GCM context and the underlying @@ -305,7 +304,7 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, * \param ctx The GCM context to clear. If this is \c NULL, the call has * no effect. Otherwise, this must be initialized. */ -void mbedtls_gcm_free( mbedtls_gcm_context *ctx ); +void mbedtls_gcm_free(mbedtls_gcm_context *ctx); #if defined(MBEDTLS_SELF_TEST) @@ -315,7 +314,7 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx ); * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_gcm_self_test( int verbose ); +int mbedtls_gcm_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/havege.h b/include/mbedtls/havege.h index 7d27039e8c70..7d042d1966fb 100644 --- a/include/mbedtls/havege.h +++ b/include/mbedtls/havege.h @@ -40,8 +40,7 @@ extern "C" { /** * \brief HAVEGE state structure */ -typedef struct mbedtls_havege_state -{ +typedef struct mbedtls_havege_state { uint32_t PT1, PT2, offset[2]; uint32_t pool[MBEDTLS_HAVEGE_COLLECT_SIZE]; uint32_t WALK[8192]; @@ -53,14 +52,14 @@ mbedtls_havege_state; * * \param hs HAVEGE state to be initialized */ -void mbedtls_havege_init( mbedtls_havege_state *hs ); +void mbedtls_havege_init(mbedtls_havege_state *hs); /** * \brief Clear HAVEGE state * * \param hs HAVEGE state to be cleared */ -void mbedtls_havege_free( mbedtls_havege_state *hs ); +void mbedtls_havege_free(mbedtls_havege_state *hs); /** * \brief HAVEGE rand function @@ -71,7 +70,7 @@ void mbedtls_havege_free( mbedtls_havege_state *hs ); * * \return 0 */ -int mbedtls_havege_random( void *p_rng, unsigned char *output, size_t len ); +int mbedtls_havege_random(void *p_rng, unsigned char *output, size_t len); #ifdef __cplusplus } diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index 111d960e568a..3118369f0ded 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -69,10 +69,10 @@ extern "C" { * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, - size_t salt_len, const unsigned char *ikm, size_t ikm_len, - const unsigned char *info, size_t info_len, - unsigned char *okm, size_t okm_len ); +int mbedtls_hkdf(const mbedtls_md_info_t *md, const unsigned char *salt, + size_t salt_len, const unsigned char *ikm, size_t ikm_len, + const unsigned char *info, size_t info_len, + unsigned char *okm, size_t okm_len); /** * \brief Take the input keying material \p ikm and extract from it a @@ -98,10 +98,10 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, - const unsigned char *salt, size_t salt_len, - const unsigned char *ikm, size_t ikm_len, - unsigned char *prk ); +int mbedtls_hkdf_extract(const mbedtls_md_info_t *md, + const unsigned char *salt, size_t salt_len, + const unsigned char *ikm, size_t ikm_len, + unsigned char *prk); /** * \brief Expand the supplied \p prk into several additional pseudorandom @@ -129,9 +129,9 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, - size_t prk_len, const unsigned char *info, - size_t info_len, unsigned char *okm, size_t okm_len ); +int mbedtls_hkdf_expand(const mbedtls_md_info_t *md, const unsigned char *prk, + size_t prk_len, const unsigned char *info, + size_t info_len, unsigned char *okm, size_t okm_len); #ifdef __cplusplus } diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 6d372b9788e4..3ccf61c7fdbc 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -86,8 +86,7 @@ extern "C" { /** * HMAC_DRBG context. */ -typedef struct mbedtls_hmac_drbg_context -{ +typedef struct mbedtls_hmac_drbg_context { /* Working state: the key K is not stored explicitly, * but is implied by the HMAC context */ mbedtls_md_context_t md_ctx; /*!< HMAC context (inc. K) */ @@ -129,7 +128,7 @@ typedef struct mbedtls_hmac_drbg_context * * \param ctx HMAC_DRBG context to be initialized. */ -void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); +void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx); /** * \brief HMAC_DRBG initial seeding. @@ -199,12 +198,12 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED * if the call to \p f_entropy failed. */ -int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len ); +int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx, + const mbedtls_md_info_t *md_info, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len); /** * \brief Initialisation of simplified HMAC_DRBG (never reseeds). @@ -234,9 +233,9 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, * \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough * memory to allocate context data. */ -int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, - const unsigned char *data, size_t data_len ); +int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx, + const mbedtls_md_info_t *md_info, + const unsigned char *data, size_t data_len); /** * \brief This function turns prediction resistance on or off. @@ -251,8 +250,8 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, * \param ctx The HMAC_DRBG context. * \param resistance #MBEDTLS_HMAC_DRBG_PR_ON or #MBEDTLS_HMAC_DRBG_PR_OFF. */ -void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx, - int resistance ); +void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx, + int resistance); /** * \brief This function sets the amount of entropy grabbed on each @@ -263,8 +262,8 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx * \param ctx The HMAC_DRBG context. * \param len The amount of entropy to grab, in bytes. */ -void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, - size_t len ); +void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx, + size_t len); /** * \brief Set the reseed interval. @@ -278,8 +277,8 @@ void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, * \param ctx The HMAC_DRBG context. * \param interval The reseed interval. */ -void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, - int interval ); +void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx, + int interval); /** * \brief This function updates the state of the HMAC_DRBG context. @@ -298,8 +297,8 @@ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, * \return \c 0 on success, or an error from the underlying * hash calculation. */ -int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t add_len ); +int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, size_t add_len); /** * \brief This function reseeds the HMAC_DRBG context, that is @@ -325,8 +324,8 @@ int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED * if a call to the entropy function failed. */ -int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t len ); +int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, size_t len); /** * \brief This function updates an HMAC_DRBG instance with additional @@ -359,10 +358,10 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, * \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if * \p add_len > #MBEDTLS_HMAC_DRBG_MAX_INPUT. */ -int mbedtls_hmac_drbg_random_with_add( void *p_rng, - unsigned char *output, size_t output_len, - const unsigned char *additional, - size_t add_len ); +int mbedtls_hmac_drbg_random_with_add(void *p_rng, + unsigned char *output, size_t output_len, + const unsigned char *additional, + size_t add_len); /** * \brief This function uses HMAC_DRBG to generate random data. @@ -391,7 +390,7 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, * \return #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if * \p out_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST. */ -int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ); +int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len); /** * \brief This function resets HMAC_DRBG context to the state immediately @@ -399,9 +398,9 @@ int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len * * \param ctx The HMAC_DRBG context to free. */ -void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); +void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx); -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) #else @@ -421,7 +420,7 @@ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); */ MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t add_len ); + const unsigned char *additional, size_t add_len); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -437,7 +436,7 @@ MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update( * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on reseed * failure. */ -int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ); +int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path); /** * \brief This function reads and updates a seed file. The seed @@ -453,7 +452,7 @@ int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const cha * \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if the existing * seed file is too large. */ -int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ); +int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path); #endif /* MBEDTLS_FS_IO */ @@ -464,7 +463,7 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch * \return \c 0 if successful. * \return \c 1 if the test failed. */ -int mbedtls_hmac_drbg_self_test( int verbose ); +int mbedtls_hmac_drbg_self_test(int verbose); #endif #ifdef __cplusplus diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 9cea40a89c69..db4d14c044e8 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -1,4 +1,4 @@ - /** +/** * \file md.h * * \brief This file contains the generic message-digest wrapper. @@ -92,8 +92,7 @@ typedef struct mbedtls_md_info_t mbedtls_md_info_t; /** * The generic message-digest context. */ -typedef struct mbedtls_md_context_t -{ +typedef struct mbedtls_md_context_t { /** Information about the associated message digest. */ const mbedtls_md_info_t *md_info; @@ -115,7 +114,7 @@ typedef struct mbedtls_md_context_t * message-digest enumeration #mbedtls_md_type_t. * The last entry is 0. */ -const int *mbedtls_md_list( void ); +const int *mbedtls_md_list(void); /** * \brief This function returns the message-digest information @@ -126,7 +125,7 @@ const int *mbedtls_md_list( void ); * \return The message-digest information associated with \p md_name. * \return NULL if the associated message-digest information is not found. */ -const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); +const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name); /** * \brief This function returns the message-digest information @@ -137,7 +136,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); * \return The message-digest information associated with \p md_type. * \return NULL if the associated message-digest information is not found. */ -const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); +const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type); /** * \brief This function initializes a message-digest context without @@ -147,7 +146,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); * context for mbedtls_md_setup() for binding it to a * message-digest algorithm. */ -void mbedtls_md_init( mbedtls_md_context_t *ctx ); +void mbedtls_md_init(mbedtls_md_context_t *ctx); /** * \brief This function clears the internal structure of \p ctx and @@ -162,9 +161,9 @@ void mbedtls_md_init( mbedtls_md_context_t *ctx ); * You must not call this function if you have not called * mbedtls_md_init(). */ -void mbedtls_md_free( mbedtls_md_context_t *ctx ); +void mbedtls_md_free(mbedtls_md_context_t *ctx); -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) #else @@ -188,7 +187,8 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ); * failure. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. */ -int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED; +int mbedtls_md_init_ctx(mbedtls_md_context_t *ctx, + const mbedtls_md_info_t *md_info) MBEDTLS_DEPRECATED; #undef MBEDTLS_DEPRECATED #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -212,7 +212,7 @@ int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_ * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ); +int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac); /** * \brief This function clones the state of a message-digest @@ -234,8 +234,8 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_clone( mbedtls_md_context_t *dst, - const mbedtls_md_context_t *src ); +int mbedtls_md_clone(mbedtls_md_context_t *dst, + const mbedtls_md_context_t *src); /** * \brief This function extracts the message-digest size from the @@ -246,7 +246,7 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, * * \return The size of the message-digest output in Bytes. */ -unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); +unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info); /** * \brief This function extracts the message-digest type from the @@ -257,7 +257,7 @@ unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); * * \return The type of the message digest. */ -mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); +mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info); /** * \brief This function extracts the message-digest name from the @@ -268,7 +268,7 @@ mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); * * \return The name of the message digest. */ -const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); +const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info); /** * \brief This function starts a message-digest computation. @@ -284,7 +284,7 @@ const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_starts( mbedtls_md_context_t *ctx ); +int mbedtls_md_starts(mbedtls_md_context_t *ctx); /** * \brief This function feeds an input buffer into an ongoing @@ -303,7 +303,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ); * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ); +int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen); /** * \brief This function finishes the digest operation, @@ -324,7 +324,7 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); +int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output); /** * \brief This function calculates the message-digest of a buffer, @@ -345,8 +345,8 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, - unsigned char *output ); +int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, + unsigned char *output); #if defined(MBEDTLS_FS_IO) /** @@ -367,8 +367,8 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, - unsigned char *output ); +int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path, + unsigned char *output); #endif /* MBEDTLS_FS_IO */ /** @@ -390,8 +390,8 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, - size_t keylen ); +int mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const unsigned char *key, + size_t keylen); /** * \brief This function feeds an input buffer into an ongoing HMAC @@ -413,8 +413,8 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, - size_t ilen ); +int mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const unsigned char *input, + size_t ilen); /** * \brief This function finishes the HMAC operation, and writes @@ -435,7 +435,7 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output); +int mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, unsigned char *output); /** * \brief This function prepares to authenticate a new message with @@ -453,7 +453,7 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output); * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); +int mbedtls_md_hmac_reset(mbedtls_md_context_t *ctx); /** * \brief This function calculates the full generic HMAC @@ -478,13 +478,13 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ); +int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output); /* Internal use */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ); +int mbedtls_md_process(mbedtls_md_context_t *ctx, const unsigned char *data); #ifdef __cplusplus } diff --git a/include/mbedtls/md2.h b/include/mbedtls/md2.h index 7f3d5cf446c9..68b0d327122d 100644 --- a/include/mbedtls/md2.h +++ b/include/mbedtls/md2.h @@ -55,8 +55,7 @@ extern "C" { * stronger message digests instead. * */ -typedef struct mbedtls_md2_context -{ +typedef struct mbedtls_md2_context { unsigned char cksum[16]; /*!< checksum of the data block */ unsigned char state[48]; /*!< intermediate digest state */ unsigned char buffer[16]; /*!< data block being processed */ @@ -78,7 +77,7 @@ mbedtls_md2_context; * stronger message digests instead. * */ -void mbedtls_md2_init( mbedtls_md2_context *ctx ); +void mbedtls_md2_init(mbedtls_md2_context *ctx); /** * \brief Clear MD2 context @@ -90,7 +89,7 @@ void mbedtls_md2_init( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -void mbedtls_md2_free( mbedtls_md2_context *ctx ); +void mbedtls_md2_free(mbedtls_md2_context *ctx); /** * \brief Clone (the state of) an MD2 context @@ -103,8 +102,8 @@ void mbedtls_md2_free( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -void mbedtls_md2_clone( mbedtls_md2_context *dst, - const mbedtls_md2_context *src ); +void mbedtls_md2_clone(mbedtls_md2_context *dst, + const mbedtls_md2_context *src); /** * \brief MD2 context setup @@ -118,7 +117,7 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst, * stronger message digests instead. * */ -int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx ); +int mbedtls_md2_starts_ret(mbedtls_md2_context *ctx); /** * \brief MD2 process buffer @@ -134,9 +133,9 @@ int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -int mbedtls_md2_update_ret( mbedtls_md2_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_md2_update_ret(mbedtls_md2_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief MD2 final digest @@ -151,8 +150,8 @@ int mbedtls_md2_update_ret( mbedtls_md2_context *ctx, * stronger message digests instead. * */ -int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx, - unsigned char output[16] ); +int mbedtls_md2_finish_ret(mbedtls_md2_context *ctx, + unsigned char output[16]); /** * \brief MD2 process data block (internal use only) @@ -166,7 +165,7 @@ int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx, * stronger message digests instead. * */ -int mbedtls_internal_md2_process( mbedtls_md2_context *ctx ); +int mbedtls_internal_md2_process(mbedtls_md2_context *ctx); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -186,7 +185,7 @@ int mbedtls_internal_md2_process( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md2_starts( mbedtls_md2_context *ctx ); +MBEDTLS_DEPRECATED void mbedtls_md2_starts(mbedtls_md2_context *ctx); /** * \brief MD2 process buffer @@ -202,9 +201,9 @@ MBEDTLS_DEPRECATED void mbedtls_md2_starts( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md2_update( mbedtls_md2_context *ctx, - const unsigned char *input, - size_t ilen ); +MBEDTLS_DEPRECATED void mbedtls_md2_update(mbedtls_md2_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief MD2 final digest @@ -219,8 +218,8 @@ MBEDTLS_DEPRECATED void mbedtls_md2_update( mbedtls_md2_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md2_finish( mbedtls_md2_context *ctx, - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_md2_finish(mbedtls_md2_context *ctx, + unsigned char output[16]); /** * \brief MD2 process data block (internal use only) @@ -234,7 +233,7 @@ MBEDTLS_DEPRECATED void mbedtls_md2_finish( mbedtls_md2_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md2_process( mbedtls_md2_context *ctx ); +MBEDTLS_DEPRECATED void mbedtls_md2_process(mbedtls_md2_context *ctx); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -251,9 +250,9 @@ MBEDTLS_DEPRECATED void mbedtls_md2_process( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -int mbedtls_md2_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +int mbedtls_md2_ret(const unsigned char *input, + size_t ilen, + unsigned char output[16]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -275,9 +274,9 @@ int mbedtls_md2_ret( const unsigned char *input, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md2( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_md2(const unsigned char *input, + size_t ilen, + unsigned char output[16]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -294,7 +293,7 @@ MBEDTLS_DEPRECATED void mbedtls_md2( const unsigned char *input, * stronger message digests instead. * */ -int mbedtls_md2_self_test( int verbose ); +int mbedtls_md2_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/md4.h b/include/mbedtls/md4.h index 0238c6723a6b..fd64710a1bc8 100644 --- a/include/mbedtls/md4.h +++ b/include/mbedtls/md4.h @@ -56,8 +56,7 @@ extern "C" { * stronger message digests instead. * */ -typedef struct mbedtls_md4_context -{ +typedef struct mbedtls_md4_context { uint32_t total[2]; /*!< number of bytes processed */ uint32_t state[4]; /*!< intermediate digest state */ unsigned char buffer[64]; /*!< data block being processed */ @@ -78,7 +77,7 @@ mbedtls_md4_context; * stronger message digests instead. * */ -void mbedtls_md4_init( mbedtls_md4_context *ctx ); +void mbedtls_md4_init(mbedtls_md4_context *ctx); /** * \brief Clear MD4 context @@ -90,7 +89,7 @@ void mbedtls_md4_init( mbedtls_md4_context *ctx ); * stronger message digests instead. * */ -void mbedtls_md4_free( mbedtls_md4_context *ctx ); +void mbedtls_md4_free(mbedtls_md4_context *ctx); /** * \brief Clone (the state of) an MD4 context @@ -103,8 +102,8 @@ void mbedtls_md4_free( mbedtls_md4_context *ctx ); * stronger message digests instead. * */ -void mbedtls_md4_clone( mbedtls_md4_context *dst, - const mbedtls_md4_context *src ); +void mbedtls_md4_clone(mbedtls_md4_context *dst, + const mbedtls_md4_context *src); /** * \brief MD4 context setup @@ -117,7 +116,7 @@ void mbedtls_md4_clone( mbedtls_md4_context *dst, * constitutes a security risk. We recommend considering * stronger message digests instead. */ -int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx ); +int mbedtls_md4_starts_ret(mbedtls_md4_context *ctx); /** * \brief MD4 process buffer @@ -133,9 +132,9 @@ int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx ); * stronger message digests instead. * */ -int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_md4_update_ret(mbedtls_md4_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief MD4 final digest @@ -150,8 +149,8 @@ int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx, - unsigned char output[16] ); +int mbedtls_md4_finish_ret(mbedtls_md4_context *ctx, + unsigned char output[16]); /** * \brief MD4 process data block (internal use only) @@ -166,8 +165,8 @@ int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, - const unsigned char data[64] ); +int mbedtls_internal_md4_process(mbedtls_md4_context *ctx, + const unsigned char data[64]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -187,7 +186,7 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md4_starts( mbedtls_md4_context *ctx ); +MBEDTLS_DEPRECATED void mbedtls_md4_starts(mbedtls_md4_context *ctx); /** * \brief MD4 process buffer @@ -203,9 +202,9 @@ MBEDTLS_DEPRECATED void mbedtls_md4_starts( mbedtls_md4_context *ctx ); * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md4_update( mbedtls_md4_context *ctx, - const unsigned char *input, - size_t ilen ); +MBEDTLS_DEPRECATED void mbedtls_md4_update(mbedtls_md4_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief MD4 final digest @@ -220,8 +219,8 @@ MBEDTLS_DEPRECATED void mbedtls_md4_update( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md4_finish( mbedtls_md4_context *ctx, - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_md4_finish(mbedtls_md4_context *ctx, + unsigned char output[16]); /** * \brief MD4 process data block (internal use only) @@ -236,8 +235,8 @@ MBEDTLS_DEPRECATED void mbedtls_md4_finish( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md4_process( mbedtls_md4_context *ctx, - const unsigned char data[64] ); +MBEDTLS_DEPRECATED void mbedtls_md4_process(mbedtls_md4_context *ctx, + const unsigned char data[64]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -256,9 +255,9 @@ MBEDTLS_DEPRECATED void mbedtls_md4_process( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -int mbedtls_md4_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +int mbedtls_md4_ret(const unsigned char *input, + size_t ilen, + unsigned char output[16]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -280,9 +279,9 @@ int mbedtls_md4_ret( const unsigned char *input, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_md4(const unsigned char *input, + size_t ilen, + unsigned char output[16]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -299,7 +298,7 @@ MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input, * stronger message digests instead. * */ -int mbedtls_md4_self_test( int verbose ); +int mbedtls_md4_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h index 73e4dd2c2a78..04f71ee3f5aa 100644 --- a/include/mbedtls/md5.h +++ b/include/mbedtls/md5.h @@ -55,8 +55,7 @@ extern "C" { * stronger message digests instead. * */ -typedef struct mbedtls_md5_context -{ +typedef struct mbedtls_md5_context { uint32_t total[2]; /*!< number of bytes processed */ uint32_t state[4]; /*!< intermediate digest state */ unsigned char buffer[64]; /*!< data block being processed */ @@ -77,7 +76,7 @@ mbedtls_md5_context; * stronger message digests instead. * */ -void mbedtls_md5_init( mbedtls_md5_context *ctx ); +void mbedtls_md5_init(mbedtls_md5_context *ctx); /** * \brief Clear MD5 context @@ -89,7 +88,7 @@ void mbedtls_md5_init( mbedtls_md5_context *ctx ); * stronger message digests instead. * */ -void mbedtls_md5_free( mbedtls_md5_context *ctx ); +void mbedtls_md5_free(mbedtls_md5_context *ctx); /** * \brief Clone (the state of) an MD5 context @@ -102,8 +101,8 @@ void mbedtls_md5_free( mbedtls_md5_context *ctx ); * stronger message digests instead. * */ -void mbedtls_md5_clone( mbedtls_md5_context *dst, - const mbedtls_md5_context *src ); +void mbedtls_md5_clone(mbedtls_md5_context *dst, + const mbedtls_md5_context *src); /** * \brief MD5 context setup @@ -117,7 +116,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst, * stronger message digests instead. * */ -int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ); +int mbedtls_md5_starts_ret(mbedtls_md5_context *ctx); /** * \brief MD5 process buffer @@ -133,9 +132,9 @@ int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ); * stronger message digests instead. * */ -int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_md5_update_ret(mbedtls_md5_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief MD5 final digest @@ -150,8 +149,8 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, - unsigned char output[16] ); +int mbedtls_md5_finish_ret(mbedtls_md5_context *ctx, + unsigned char output[16]); /** * \brief MD5 process data block (internal use only) @@ -166,8 +165,8 @@ int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, - const unsigned char data[64] ); +int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, + const unsigned char data[64]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -187,7 +186,7 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx ); +MBEDTLS_DEPRECATED void mbedtls_md5_starts(mbedtls_md5_context *ctx); /** * \brief MD5 process buffer @@ -203,9 +202,9 @@ MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx ); * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx, - const unsigned char *input, - size_t ilen ); +MBEDTLS_DEPRECATED void mbedtls_md5_update(mbedtls_md5_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief MD5 final digest @@ -220,8 +219,8 @@ MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx, - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_md5_finish(mbedtls_md5_context *ctx, + unsigned char output[16]); /** * \brief MD5 process data block (internal use only) @@ -236,8 +235,8 @@ MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md5_process( mbedtls_md5_context *ctx, - const unsigned char data[64] ); +MBEDTLS_DEPRECATED void mbedtls_md5_process(mbedtls_md5_context *ctx, + const unsigned char data[64]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -256,9 +255,9 @@ MBEDTLS_DEPRECATED void mbedtls_md5_process( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -int mbedtls_md5_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +int mbedtls_md5_ret(const unsigned char *input, + size_t ilen, + unsigned char output[16]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -280,9 +279,9 @@ int mbedtls_md5_ret( const unsigned char *input, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_md5(const unsigned char *input, + size_t ilen, + unsigned char output[16]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -299,7 +298,7 @@ MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input, * stronger message digests instead. * */ -int mbedtls_md5_self_test( int verbose ); +int mbedtls_md5_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index f33cdf6086da..9e10f2409d31 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -42,10 +42,9 @@ extern "C" { * Message digest information. * Allows message digest functions to be called in a generic way. */ -struct mbedtls_md_info_t -{ +struct mbedtls_md_info_t { /** Name of the message digest */ - const char * name; + const char *name; /** Digest identifier */ mbedtls_md_type_t type; diff --git a/include/mbedtls/memory_buffer_alloc.h b/include/mbedtls/memory_buffer_alloc.h index 3954b36ab56e..bc2825211370 100644 --- a/include/mbedtls/memory_buffer_alloc.h +++ b/include/mbedtls/memory_buffer_alloc.h @@ -47,7 +47,8 @@ #define MBEDTLS_MEMORY_VERIFY_NONE 0 #define MBEDTLS_MEMORY_VERIFY_ALLOC (1 << 0) #define MBEDTLS_MEMORY_VERIFY_FREE (1 << 1) -#define MBEDTLS_MEMORY_VERIFY_ALWAYS (MBEDTLS_MEMORY_VERIFY_ALLOC | MBEDTLS_MEMORY_VERIFY_FREE) +#define MBEDTLS_MEMORY_VERIFY_ALWAYS (MBEDTLS_MEMORY_VERIFY_ALLOC | \ + MBEDTLS_MEMORY_VERIFY_FREE) #ifdef __cplusplus extern "C" { @@ -68,12 +69,12 @@ extern "C" { * \param buf buffer to use as heap * \param len size of the buffer */ -void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len ); +void mbedtls_memory_buffer_alloc_init(unsigned char *buf, size_t len); /** * \brief Free the mutex for thread-safety and clear remaining memory */ -void mbedtls_memory_buffer_alloc_free( void ); +void mbedtls_memory_buffer_alloc_free(void); /** * \brief Determine when the allocator should automatically verify the state @@ -83,7 +84,7 @@ void mbedtls_memory_buffer_alloc_free( void ); * \param verify One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC, * MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS */ -void mbedtls_memory_buffer_set_verify( int verify ); +void mbedtls_memory_buffer_set_verify(int verify); #if defined(MBEDTLS_MEMORY_DEBUG) /** @@ -92,7 +93,7 @@ void mbedtls_memory_buffer_set_verify( int verify ); * Prints out a list of 'still allocated' blocks and their stack * trace if MBEDTLS_MEMORY_BACKTRACE is defined. */ -void mbedtls_memory_buffer_alloc_status( void ); +void mbedtls_memory_buffer_alloc_status(void); /** * \brief Get the peak heap usage so far @@ -102,12 +103,12 @@ void mbedtls_memory_buffer_alloc_status( void ); * into smaller blocks but larger than the requested size. * \param max_blocks Peak number of blocks in use, including free and used */ -void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ); +void mbedtls_memory_buffer_alloc_max_get(size_t *max_used, size_t *max_blocks); /** * \brief Reset peak statistics */ -void mbedtls_memory_buffer_alloc_max_reset( void ); +void mbedtls_memory_buffer_alloc_max_reset(void); /** * \brief Get the current heap usage @@ -117,7 +118,7 @@ void mbedtls_memory_buffer_alloc_max_reset( void ); * into smaller blocks but larger than the requested size. * \param cur_blocks Current number of blocks in use, including free and used */ -void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ); +void mbedtls_memory_buffer_alloc_cur_get(size_t *cur_used, size_t *cur_blocks); #endif /* MBEDTLS_MEMORY_DEBUG */ /** @@ -131,7 +132,7 @@ void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ) * * \return 0 if verified, 1 otherwise */ -int mbedtls_memory_buffer_alloc_verify( void ); +int mbedtls_memory_buffer_alloc_verify(void); #if defined(MBEDTLS_SELF_TEST) /** @@ -139,7 +140,7 @@ int mbedtls_memory_buffer_alloc_verify( void ); * * \return 0 if successful, or 1 if a test failed */ -int mbedtls_memory_buffer_alloc_self_test( int verbose ); +int mbedtls_memory_buffer_alloc_self_test(int verbose); #endif #ifdef __cplusplus diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h index ceb7d5f65277..c8bcde069868 100644 --- a/include/mbedtls/net_sockets.h +++ b/include/mbedtls/net_sockets.h @@ -95,8 +95,7 @@ extern "C" { * (eg two file descriptors for combined IPv4 + IPv6 support, or additional * structures for hand-made UDP demultiplexing). */ -typedef struct mbedtls_net_context -{ +typedef struct mbedtls_net_context { int fd; /**< The underlying file descriptor */ } mbedtls_net_context; @@ -107,7 +106,7 @@ mbedtls_net_context; * * \param ctx Context to initialize */ -void mbedtls_net_init( mbedtls_net_context *ctx ); +void mbedtls_net_init(mbedtls_net_context *ctx); /** * \brief Initiate a connection with host:port in the given protocol @@ -124,7 +123,7 @@ void mbedtls_net_init( mbedtls_net_context *ctx ); * * \note Sets the socket in connected mode even with UDP. */ -int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto ); +int mbedtls_net_connect(mbedtls_net_context *ctx, const char *host, const char *port, int proto); /** * \brief Create a receiving socket on bind_ip:port in the chosen @@ -144,7 +143,7 @@ int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char * \note Regardless of the protocol, opens the sockets and binds it. * In addition, make the socket listening if protocol is TCP. */ -int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ); +int mbedtls_net_bind(mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto); /** * \brief Accept a connection from a remote client @@ -164,9 +163,9 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char * MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to * non-blocking and accept() would block. */ -int mbedtls_net_accept( mbedtls_net_context *bind_ctx, - mbedtls_net_context *client_ctx, - void *client_ip, size_t buf_size, size_t *ip_len ); +int mbedtls_net_accept(mbedtls_net_context *bind_ctx, + mbedtls_net_context *client_ctx, + void *client_ip, size_t buf_size, size_t *ip_len); /** * \brief Check and wait for the context to be ready for read/write @@ -193,7 +192,7 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx, * \return Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE * on success or timeout, or a negative return code otherwise. */ -int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ); +int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout); /** * \brief Set the socket blocking @@ -202,7 +201,7 @@ int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ); * * \return 0 if successful, or a non-zero error code */ -int mbedtls_net_set_block( mbedtls_net_context *ctx ); +int mbedtls_net_set_block(mbedtls_net_context *ctx); /** * \brief Set the socket non-blocking @@ -211,7 +210,7 @@ int mbedtls_net_set_block( mbedtls_net_context *ctx ); * * \return 0 if successful, or a non-zero error code */ -int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ); +int mbedtls_net_set_nonblock(mbedtls_net_context *ctx); /** * \brief Portable usleep helper @@ -221,7 +220,7 @@ int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ); * \note Real amount of time slept will not be less than * select()'s timeout granularity (typically, 10ms). */ -void mbedtls_net_usleep( unsigned long usec ); +void mbedtls_net_usleep(unsigned long usec); /** * \brief Read at most 'len' characters. If no error occurs, @@ -235,7 +234,7 @@ void mbedtls_net_usleep( unsigned long usec ); * or a non-zero error code; with a non-blocking socket, * MBEDTLS_ERR_SSL_WANT_READ indicates read() would block. */ -int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ); +int mbedtls_net_recv(void *ctx, unsigned char *buf, size_t len); /** * \brief Write at most 'len' characters. If no error occurs, @@ -249,7 +248,7 @@ int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ); * or a non-zero error code; with a non-blocking socket, * MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block. */ -int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ); +int mbedtls_net_send(void *ctx, const unsigned char *buf, size_t len); /** * \brief Read at most 'len' characters, blocking for at most @@ -277,22 +276,22 @@ int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ); * non-blocking. Handling timeouts with non-blocking reads * requires a different strategy. */ -int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len, - uint32_t timeout ); +int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, size_t len, + uint32_t timeout); /** * \brief Closes down the connection and free associated data * * \param ctx The context to close */ -void mbedtls_net_close( mbedtls_net_context *ctx ); +void mbedtls_net_close(mbedtls_net_context *ctx); /** * \brief Gracefully shutdown the connection and free associated data * * \param ctx The context to free */ -void mbedtls_net_free( mbedtls_net_context *ctx ); +void mbedtls_net_free(mbedtls_net_context *ctx); #ifdef __cplusplus } diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h index 7f3e64a525d4..8d3a4a53b1c7 100644 --- a/include/mbedtls/nist_kw.h +++ b/include/mbedtls/nist_kw.h @@ -47,8 +47,7 @@ extern "C" { #endif -typedef enum -{ +typedef enum { MBEDTLS_KW_MODE_KW = 0, MBEDTLS_KW_MODE_KWP = 1 } mbedtls_nist_kw_mode_t; @@ -80,7 +79,7 @@ typedef struct { * \param ctx The key wrapping context to initialize. * */ -void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx ); +void mbedtls_nist_kw_init(mbedtls_nist_kw_context *ctx); /** * \brief This function initializes the key wrapping context set in the @@ -98,11 +97,11 @@ void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx ); * which are not supported. * \return cipher-specific error code on failure of the underlying cipher. */ -int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, - mbedtls_cipher_id_t cipher, - const unsigned char *key, - unsigned int keybits, - const int is_wrap ); +int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits, + const int is_wrap); /** * \brief This function releases and clears the specified key wrapping context @@ -110,7 +109,7 @@ int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, * * \param ctx The key wrapping context to clear. */ -void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx ); +void mbedtls_nist_kw_free(mbedtls_nist_kw_context *ctx); /** * \brief This function encrypts a buffer using key wrapping. @@ -133,9 +132,9 @@ void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx ); * \return \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length. * \return cipher-specific error code on failure of the underlying cipher. */ -int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode, - const unsigned char *input, size_t in_len, - unsigned char *output, size_t* out_len, size_t out_size ); +int mbedtls_nist_kw_wrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode, + const unsigned char *input, size_t in_len, + unsigned char *output, size_t *out_len, size_t out_size); /** * \brief This function decrypts a buffer using key wrapping. @@ -160,9 +159,9 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t m * \return \c MBEDTLS_ERR_CIPHER_AUTH_FAILED for verification failure of the ciphertext. * \return cipher-specific error code on failure of the underlying cipher. */ -int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode, - const unsigned char *input, size_t in_len, - unsigned char *output, size_t* out_len, size_t out_size); +int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode, + const unsigned char *input, size_t in_len, + unsigned char *output, size_t *out_len, size_t out_size); #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) @@ -172,7 +171,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_nist_kw_self_test( int verbose ); +int mbedtls_nist_kw_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #ifdef __cplusplus diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 018621780444..a64eaebef2f2 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -82,10 +82,10 @@ #define MBEDTLS_OID_COUNTRY_US "\x86\x48" /* {us(840)} */ #define MBEDTLS_OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */ #define MBEDTLS_OID_RSA_COMPANY MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \ - MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */ + MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */ #define MBEDTLS_OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */ #define MBEDTLS_OID_ANSI_X9_62 MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \ - MBEDTLS_OID_ORG_ANSI_X9_62 + MBEDTLS_OID_ORG_ANSI_X9_62 /* * ISO Identified organization OID parts @@ -96,15 +96,18 @@ #define MBEDTLS_OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG "\x02" #define MBEDTLS_OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_ALG "\x1a" #define MBEDTLS_OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */ -#define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_CERTICOM +#define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG \ + MBEDTLS_OID_ORG_CERTICOM #define MBEDTLS_OID_ORG_TELETRUST "\x24" /* teletrust(36) */ -#define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_TELETRUST +#define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG \ + MBEDTLS_OID_ORG_TELETRUST /* * ISO ITU OID parts */ #define MBEDTLS_OID_ORGANIZATION "\x01" /* {organization(1)} */ -#define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */ +#define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US \ + MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */ #define MBEDTLS_OID_ORG_GOV "\x65" /* {gov(101)} */ #define MBEDTLS_OID_GOV MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */ @@ -122,7 +125,8 @@ * { iso(1) identified-organization(3) dod(6) internet(1) * security(5) mechanisms(5) pkix(7) } */ -#define MBEDTLS_OID_INTERNET MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01" +#define MBEDTLS_OID_INTERNET MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD \ + "\x01" #define MBEDTLS_OID_PKIX MBEDTLS_OID_INTERNET "\x05\x05\x07" /* @@ -254,7 +258,8 @@ #define MBEDTLS_OID_DIGEST_ALG_MD2 MBEDTLS_OID_RSA_COMPANY "\x02\x02" /**< id-mbedtls_md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */ #define MBEDTLS_OID_DIGEST_ALG_MD4 MBEDTLS_OID_RSA_COMPANY "\x02\x04" /**< id-mbedtls_md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */ #define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */ -#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG \ + MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA256 MBEDTLS_OID_NIST_ALG "\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */ @@ -277,7 +282,8 @@ /* * Encryption algorithms */ -#define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */ +#define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG \ + MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */ #define MBEDTLS_OID_DES_EDE3_CBC MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */ #define MBEDTLS_OID_AES MBEDTLS_OID_NIST_ALG "\x01" /** aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1 } */ @@ -439,8 +445,7 @@ extern "C" { /** * \brief Base OID descriptor structure */ -typedef struct mbedtls_oid_descriptor_t -{ +typedef struct mbedtls_oid_descriptor_t { const char *asn1; /*!< OID ASN.1 representation */ size_t asn1_len; /*!< length of asn1 */ const char *name; /*!< official name (e.g. from RFC) */ @@ -458,7 +463,7 @@ typedef struct mbedtls_oid_descriptor_t * \return Length of the string written (excluding final NULL) or * MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error */ -int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid ); +int mbedtls_oid_get_numeric_string(char *buf, size_t size, const mbedtls_asn1_buf *oid); /** * \brief Translate an X.509 extension OID into local values @@ -468,7 +473,7 @@ int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_b * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type ); +int mbedtls_oid_get_x509_ext_type(const mbedtls_asn1_buf *oid, int *ext_type); /** * \brief Translate an X.509 attribute type OID into the short name @@ -479,7 +484,7 @@ int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type ); * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **short_name ); +int mbedtls_oid_get_attr_short_name(const mbedtls_asn1_buf *oid, const char **short_name); /** * \brief Translate PublicKeyAlgorithm OID into pk_type @@ -489,7 +494,7 @@ int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **s * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg ); +int mbedtls_oid_get_pk_alg(const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg); /** * \brief Translate pk_type into PublicKeyAlgorithm OID @@ -500,8 +505,8 @@ int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_a * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg, - const char **oid, size_t *olen ); +int mbedtls_oid_get_oid_by_pk_alg(mbedtls_pk_type_t pk_alg, + const char **oid, size_t *olen); #if defined(MBEDTLS_ECP_C) /** @@ -512,7 +517,7 @@ int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg, * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id ); +int mbedtls_oid_get_ec_grp(const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id); /** * \brief Translate EC group identifier into NamedCurve OID @@ -523,8 +528,8 @@ int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *g * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id, - const char **oid, size_t *olen ); +int mbedtls_oid_get_oid_by_ec_grp(mbedtls_ecp_group_id grp_id, + const char **oid, size_t *olen); #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_MD_C) @@ -537,8 +542,8 @@ int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id, * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid, - mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg ); +int mbedtls_oid_get_sig_alg(const mbedtls_asn1_buf *oid, + mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg); /** * \brief Translate SignatureAlgorithm OID into description @@ -548,7 +553,7 @@ int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid, * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc ); +int mbedtls_oid_get_sig_alg_desc(const mbedtls_asn1_buf *oid, const char **desc); /** * \brief Translate md_type and pk_type into SignatureAlgorithm OID @@ -560,8 +565,8 @@ int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, - const char **oid, size_t *olen ); +int mbedtls_oid_get_oid_by_sig_alg(mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, + const char **oid, size_t *olen); /** * \brief Translate hash algorithm OID into md_type @@ -571,7 +576,7 @@ int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg ); +int mbedtls_oid_get_md_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg); /** * \brief Translate hmac algorithm OID into md_type @@ -581,7 +586,7 @@ int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_a * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac ); +int mbedtls_oid_get_md_hmac(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac); #endif /* MBEDTLS_MD_C */ /** @@ -592,7 +597,7 @@ int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_ * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc ); +int mbedtls_oid_get_extended_key_usage(const mbedtls_asn1_buf *oid, const char **desc); /** * \brief Translate certificate policies OID into description @@ -602,7 +607,7 @@ int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const char **desc ); +int mbedtls_oid_get_certificate_policies(const mbedtls_asn1_buf *oid, const char **desc); /** * \brief Translate md_type into hash algorithm OID @@ -613,7 +618,7 @@ int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const cha * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_t *olen ); +int mbedtls_oid_get_oid_by_md(mbedtls_md_type_t md_alg, const char **oid, size_t *olen); #if defined(MBEDTLS_CIPHER_C) /** @@ -624,7 +629,7 @@ int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_ * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg ); +int mbedtls_oid_get_cipher_alg(const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg); #endif /* MBEDTLS_CIPHER_C */ #if defined(MBEDTLS_PKCS12_C) @@ -638,8 +643,8 @@ int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_pkcs12_pbe_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg, - mbedtls_cipher_type_t *cipher_alg ); +int mbedtls_oid_get_pkcs12_pbe_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg, + mbedtls_cipher_type_t *cipher_alg); #endif /* MBEDTLS_PKCS12_C */ #ifdef __cplusplus diff --git a/include/mbedtls/padlock.h b/include/mbedtls/padlock.h index 624d02dff55d..01069ea7dd43 100644 --- a/include/mbedtls/padlock.h +++ b/include/mbedtls/padlock.h @@ -74,7 +74,7 @@ extern "C" { * * \return non-zero if CPU has support for the feature, 0 otherwise */ -int mbedtls_padlock_has_support( int feature ); +int mbedtls_padlock_has_support(int feature); /** * \brief Internal PadLock AES-ECB block en(de)cryption @@ -89,10 +89,10 @@ int mbedtls_padlock_has_support( int feature ); * * \return 0 if success, 1 if operation failed */ -int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); +int mbedtls_padlock_xcryptecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]); /** * \brief Internal PadLock AES-CBC buffer en(de)cryption @@ -109,12 +109,12 @@ int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, * * \return 0 if success, 1 if operation failed */ -int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); #ifdef __cplusplus } diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index daa71c886bac..fee32a3bdb0c 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -64,8 +64,7 @@ extern "C" { /** * \brief PEM context structure */ -typedef struct mbedtls_pem_context -{ +typedef struct mbedtls_pem_context { unsigned char *buf; /*!< buffer for decoded data */ size_t buflen; /*!< length of the buffer */ unsigned char *info; /*!< buffer for extra header information */ @@ -77,7 +76,7 @@ mbedtls_pem_context; * * \param ctx context to be initialized */ -void mbedtls_pem_init( mbedtls_pem_context *ctx ); +void mbedtls_pem_init(mbedtls_pem_context *ctx); /** * \brief Read a buffer for PEM information and store the resulting @@ -101,17 +100,17 @@ void mbedtls_pem_init( mbedtls_pem_context *ctx ); * * \return 0 on success, or a specific PEM error code */ -int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer, - const unsigned char *data, - const unsigned char *pwd, - size_t pwdlen, size_t *use_len ); +int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const char *footer, + const unsigned char *data, + const unsigned char *pwd, + size_t pwdlen, size_t *use_len); /** * \brief PEM context memory freeing * * \param ctx context to be freed */ -void mbedtls_pem_free( mbedtls_pem_context *ctx ); +void mbedtls_pem_free(mbedtls_pem_context *ctx); #endif /* MBEDTLS_PEM_PARSE_C */ #if defined(MBEDTLS_PEM_WRITE_C) @@ -141,9 +140,9 @@ void mbedtls_pem_free( mbedtls_pem_context *ctx ); * the required minimum size of \p buf. * \return Another PEM or BASE64 error code on other kinds of failure. */ -int mbedtls_pem_write_buffer( const char *header, const char *footer, - const unsigned char *der_data, size_t der_len, - unsigned char *buf, size_t buf_len, size_t *olen ); +int mbedtls_pem_write_buffer(const char *header, const char *footer, + const unsigned char *der_data, size_t der_len, + unsigned char *buf, size_t buf_len, size_t *olen); #endif /* MBEDTLS_PEM_WRITE_C */ #ifdef __cplusplus diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index c9a13f484ed1..a226e717339c 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -47,7 +47,7 @@ #include "psa/crypto.h" #endif -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -107,8 +107,7 @@ typedef enum { * \brief Options for RSASSA-PSS signature verification. * See \c mbedtls_rsa_rsassa_pss_verify_ext() */ -typedef struct mbedtls_pk_rsassa_pss_options -{ +typedef struct mbedtls_pk_rsassa_pss_options { mbedtls_md_type_t mgf1_hash_id; int expected_salt_len; @@ -128,7 +127,7 @@ typedef struct mbedtls_pk_rsassa_pss_options */ #define MBEDTLS_PK_SIGNATURE_MAX_SIZE 0 -#if ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT) ) && \ +#if (defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT)) && \ MBEDTLS_MPI_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE /* For RSA, the signature can be as large as the bignum module allows. * For RSA_ALT, the signature size is not necessarily tied to what the @@ -162,15 +161,14 @@ typedef struct mbedtls_pk_rsassa_pss_options * types, lengths (represented by up to 2 bytes), and potential leading * zeros of the INTEGERs and the SEQUENCE. */ #undef MBEDTLS_PK_SIGNATURE_MAX_SIZE -#define MBEDTLS_PK_SIGNATURE_MAX_SIZE ( PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11 ) +#define MBEDTLS_PK_SIGNATURE_MAX_SIZE (PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11) #endif #endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */ /** * \brief Types for interfacing with the debug module */ -typedef enum -{ +typedef enum { MBEDTLS_PK_DEBUG_NONE = 0, MBEDTLS_PK_DEBUG_MPI, MBEDTLS_PK_DEBUG_ECP, @@ -179,8 +177,7 @@ typedef enum /** * \brief Item to send to the debug module */ -typedef struct mbedtls_pk_debug_item -{ +typedef struct mbedtls_pk_debug_item { mbedtls_pk_debug_type type; const char *name; void *value; @@ -197,20 +194,18 @@ typedef struct mbedtls_pk_info_t mbedtls_pk_info_t; /** * \brief Public key container */ -typedef struct mbedtls_pk_context -{ - const mbedtls_pk_info_t * pk_info; /**< Public key information */ - void * pk_ctx; /**< Underlying public key context */ +typedef struct mbedtls_pk_context { + const mbedtls_pk_info_t *pk_info; /**< Public key information */ + void *pk_ctx; /**< Underlying public key context */ } mbedtls_pk_context; #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /** * \brief Context for resuming operations */ -typedef struct -{ - const mbedtls_pk_info_t * pk_info; /**< Public key information */ - void * rs_ctx; /**< Underlying restart context */ +typedef struct { + const mbedtls_pk_info_t *pk_info; /**< Public key information */ + void *rs_ctx; /**< Underlying restart context */ } mbedtls_pk_restart_ctx; #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /* Now we can declare functions that take a pointer to that */ @@ -221,14 +216,16 @@ typedef void mbedtls_pk_restart_ctx; /** * \brief Types for RSA-alt abstraction */ -typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen, - const unsigned char *input, unsigned char *output, - size_t output_max_len ); -typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, - const unsigned char *hash, unsigned char *sig ); -typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx ); +typedef int (*mbedtls_pk_rsa_alt_decrypt_func)(void *ctx, int mode, size_t *olen, + const unsigned char *input, unsigned char *output, + size_t output_max_len); +typedef int (*mbedtls_pk_rsa_alt_sign_func)(void *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, unsigned char *sig); +typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)(void *ctx); #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ /** @@ -238,7 +235,7 @@ typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx ); * * \return The PK info associated with the type or NULL if not found. */ -const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ); +const mbedtls_pk_info_t *mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type); /** * \brief Initialize a #mbedtls_pk_context (as NONE). @@ -246,7 +243,7 @@ const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ); * \param ctx The context to initialize. * This must not be \c NULL. */ -void mbedtls_pk_init( mbedtls_pk_context *ctx ); +void mbedtls_pk_init(mbedtls_pk_context *ctx); /** * \brief Free the components of a #mbedtls_pk_context. @@ -259,7 +256,7 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx ); * PSA key and you still need to call psa_destroy_key() * independently if you want to destroy that key. */ -void mbedtls_pk_free( mbedtls_pk_context *ctx ); +void mbedtls_pk_free(mbedtls_pk_context *ctx); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /** @@ -268,7 +265,7 @@ void mbedtls_pk_free( mbedtls_pk_context *ctx ); * \param ctx The context to initialize. * This must not be \c NULL. */ -void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ); +void mbedtls_pk_restart_init(mbedtls_pk_restart_ctx *ctx); /** * \brief Free the components of a restart context @@ -276,7 +273,7 @@ void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ); * \param ctx The context to clear. It must have been initialized. * If this is \c NULL, this function does nothing. */ -void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ); +void mbedtls_pk_restart_free(mbedtls_pk_restart_ctx *ctx); #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /** @@ -294,7 +291,7 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ); * \note For contexts holding an RSA-alt key, use * \c mbedtls_pk_setup_rsa_alt() instead. */ -int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); +int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info); #if defined(MBEDTLS_USE_PSA_CRYPTO) /** @@ -325,8 +322,8 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); * ECC key pair. * \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. */ -int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, - const psa_key_id_t key ); +int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx, + const psa_key_id_t key); #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) @@ -345,10 +342,10 @@ int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, * * \note This function replaces \c mbedtls_pk_setup() for RSA-alt. */ -int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, - mbedtls_pk_rsa_alt_decrypt_func decrypt_func, - mbedtls_pk_rsa_alt_sign_func sign_func, - mbedtls_pk_rsa_alt_key_len_func key_len_func ); +int mbedtls_pk_setup_rsa_alt(mbedtls_pk_context *ctx, void *key, + mbedtls_pk_rsa_alt_decrypt_func decrypt_func, + mbedtls_pk_rsa_alt_sign_func sign_func, + mbedtls_pk_rsa_alt_key_len_func key_len_func); #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ /** @@ -358,7 +355,7 @@ int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, * * \return Key size in bits, or 0 on error */ -size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ); +size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx); /** * \brief Get the length in bytes of the underlying key @@ -367,9 +364,9 @@ size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ); * * \return Key length in bytes, or 0 on error */ -static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx ) +static inline size_t mbedtls_pk_get_len(const mbedtls_pk_context *ctx) { - return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 ); + return (mbedtls_pk_get_bitlen(ctx) + 7) / 8; } /** @@ -384,7 +381,7 @@ static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx ) * been initialized but not set up, or that has been * cleared with mbedtls_pk_free(). */ -int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ); +int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type); /** * \brief Verify signature (including padding if relevant). @@ -410,9 +407,9 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ); * * \note md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0 */ -int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ); +int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len); /** * \brief Restartable version of \c mbedtls_pk_verify() @@ -434,11 +431,11 @@ int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * operations was reached: see \c mbedtls_ecp_set_max_ops(). */ -int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - mbedtls_pk_restart_ctx *rs_ctx ); +int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + mbedtls_pk_restart_ctx *rs_ctx); /** * \brief Verify signature, with options. @@ -469,10 +466,10 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, * to a mbedtls_pk_rsassa_pss_options structure, * otherwise it must be NULL. */ -int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, - mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ); +int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options, + mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len); /** * \brief Make signature, including padding if relevant. @@ -504,10 +501,10 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0. * For ECDSA, md_alg may never be MBEDTLS_MD_NONE. */ -int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** * \brief Restartable version of \c mbedtls_pk_sign() @@ -537,12 +534,12 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * operations was reached: see \c mbedtls_ecp_set_max_ops(). */ -int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_pk_restart_ctx *rs_ctx ); +int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_pk_restart_ctx *rs_ctx); /** * \brief Decrypt message (including padding if relevant). @@ -561,10 +558,10 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, * * \return 0 on success, or a specific error code. */ -int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_pk_decrypt(mbedtls_pk_context *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** * \brief Encrypt message (including padding if relevant). @@ -582,10 +579,10 @@ int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, * * \return 0 on success, or a specific error code. */ -int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_pk_encrypt(mbedtls_pk_context *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** * \brief Check if a public-private pair of keys matches. @@ -599,7 +596,7 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid. * \return Another non-zero value if the keys do not match. */ -int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ); +int mbedtls_pk_check_pair(const mbedtls_pk_context *pub, const mbedtls_pk_context *prv); /** * \brief Export debug information @@ -609,7 +606,7 @@ int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_conte * * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA */ -int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items ); +int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items); /** * \brief Access the type name @@ -618,7 +615,7 @@ int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *item * * \return Type name on success, or "invalid PK" */ -const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx ); +const char *mbedtls_pk_get_name(const mbedtls_pk_context *ctx); /** * \brief Get the key type @@ -628,7 +625,7 @@ const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx ); * \return Type on success. * \return #MBEDTLS_PK_NONE for a context that has not been set up. */ -mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); +mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx); #if defined(MBEDTLS_RSA_C) /** @@ -641,14 +638,13 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); * * \return The internal RSA context held by the PK context, or NULL. */ -static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) +static inline mbedtls_rsa_context *mbedtls_pk_rsa(const mbedtls_pk_context pk) { - switch( mbedtls_pk_get_type( &pk ) ) - { + switch (mbedtls_pk_get_type(&pk)) { case MBEDTLS_PK_RSA: - return( (mbedtls_rsa_context *) (pk).pk_ctx ); + return (mbedtls_rsa_context *) (pk).pk_ctx; default: - return( NULL ); + return NULL; } } #endif /* MBEDTLS_RSA_C */ @@ -665,16 +661,15 @@ static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) * * \return The internal EC context held by the PK context, or NULL. */ -static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) +static inline mbedtls_ecp_keypair *mbedtls_pk_ec(const mbedtls_pk_context pk) { - switch( mbedtls_pk_get_type( &pk ) ) - { + switch (mbedtls_pk_get_type(&pk)) { case MBEDTLS_PK_ECKEY: case MBEDTLS_PK_ECKEY_DH: case MBEDTLS_PK_ECDSA: - return( (mbedtls_ecp_keypair *) (pk).pk_ctx ); + return (mbedtls_ecp_keypair *) (pk).pk_ctx; default: - return( NULL ); + return NULL; } } #endif /* MBEDTLS_ECP_C */ @@ -709,9 +704,9 @@ static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) * * \return 0 if successful, or a specific PK or PEM error code */ -int mbedtls_pk_parse_key( mbedtls_pk_context *ctx, - const unsigned char *key, size_t keylen, - const unsigned char *pwd, size_t pwdlen ); +int mbedtls_pk_parse_key(mbedtls_pk_context *ctx, + const unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen); /** \ingroup pk_module */ /** @@ -735,8 +730,8 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *ctx, * * \return 0 if successful, or a specific PK or PEM error code */ -int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, - const unsigned char *key, size_t keylen ); +int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, + const unsigned char *key, size_t keylen); #if defined(MBEDTLS_FS_IO) /** \ingroup pk_module */ @@ -760,8 +755,8 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, * * \return 0 if successful, or a specific PK or PEM error code */ -int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, - const char *path, const char *password ); +int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx, + const char *path, const char *password); /** \ingroup pk_module */ /** @@ -780,7 +775,7 @@ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, * * \return 0 if successful, or a specific PK or PEM error code */ -int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ); +int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path); #endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_PK_PARSE_C */ @@ -798,7 +793,7 @@ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) * \return length of data written if successful, or a specific * error code */ -int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); +int mbedtls_pk_write_key_der(mbedtls_pk_context *ctx, unsigned char *buf, size_t size); /** * \brief Write a public key to a SubjectPublicKeyInfo DER structure @@ -813,7 +808,7 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_ * \return length of data written if successful, or a specific * error code */ -int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); +int mbedtls_pk_write_pubkey_der(mbedtls_pk_context *ctx, unsigned char *buf, size_t size); #if defined(MBEDTLS_PEM_WRITE_C) /** @@ -826,7 +821,7 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, si * * \return 0 if successful, or a specific error code */ -int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); +int mbedtls_pk_write_pubkey_pem(mbedtls_pk_context *ctx, unsigned char *buf, size_t size); /** * \brief Write a private key to a PKCS#1 or SEC1 PEM string @@ -838,7 +833,7 @@ int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, si * * \return 0 if successful, or a specific error code */ -int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); +int mbedtls_pk_write_key_pem(mbedtls_pk_context *ctx, unsigned char *buf, size_t size); #endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PK_WRITE_C */ @@ -858,8 +853,8 @@ int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_ * * \return 0 if successful, or a specific PK error code */ -int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, - mbedtls_pk_context *pk ); +int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, + mbedtls_pk_context *pk); #endif /* MBEDTLS_PK_PARSE_C */ #if defined(MBEDTLS_PK_WRITE_C) @@ -873,8 +868,8 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, * * \return the length written or a negative error code */ -int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, - const mbedtls_pk_context *key ); +int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, + const mbedtls_pk_context *key); #endif /* MBEDTLS_PK_WRITE_C */ /* @@ -882,7 +877,7 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, * know you do. */ #if defined(MBEDTLS_FS_IO) -int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); +int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n); #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -906,9 +901,9 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); * \return \c 0 if successful. * \return An Mbed TLS error code otherwise. */ -int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, - psa_key_id_t *key, - psa_algorithm_t hash_alg ); +int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk, + psa_key_id_t *key, + psa_algorithm_t hash_alg); #endif /* MBEDTLS_USE_PSA_CRYPTO */ #ifdef __cplusplus diff --git a/include/mbedtls/pk_internal.h b/include/mbedtls/pk_internal.h index 47f7767700cd..8a0c30f5ffd3 100644 --- a/include/mbedtls/pk_internal.h +++ b/include/mbedtls/pk_internal.h @@ -31,8 +31,7 @@ #include "mbedtls/pk.h" -struct mbedtls_pk_info_t -{ +struct mbedtls_pk_info_t { /** Public key type */ mbedtls_pk_type_t type; @@ -40,75 +39,74 @@ struct mbedtls_pk_info_t const char *name; /** Get key size in bits */ - size_t (*get_bitlen)( const void * ); + size_t (*get_bitlen)(const void *); /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */ - int (*can_do)( mbedtls_pk_type_t type ); + int (*can_do)(mbedtls_pk_type_t type); /** Verify signature */ - int (*verify_func)( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ); + int (*verify_func)(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len); /** Make signature */ - int (*sign_func)( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); + int (*sign_func)(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /** Verify signature (restartable) */ - int (*verify_rs_func)( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - void *rs_ctx ); + int (*verify_rs_func)(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx); /** Make signature (restartable) */ - int (*sign_rs_func)( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, void *rs_ctx ); + int (*sign_rs_func)(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, void *rs_ctx); #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /** Decrypt message */ - int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); + int (*decrypt_func)(void *ctx, const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** Encrypt message */ - int (*encrypt_func)( void *ctx, const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); + int (*encrypt_func)(void *ctx, const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** Check public-private key pair */ - int (*check_pair_func)( const void *pub, const void *prv ); + int (*check_pair_func)(const void *pub, const void *prv); /** Allocate a new context */ - void * (*ctx_alloc_func)( void ); + void * (*ctx_alloc_func)(void); /** Free the given context */ - void (*ctx_free_func)( void *ctx ); + void (*ctx_free_func)(void *ctx); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /** Allocate the restart context */ - void * (*rs_alloc_func)( void ); + void *(*rs_alloc_func)(void); /** Free the restart context */ - void (*rs_free_func)( void *rs_ctx ); + void (*rs_free_func)(void *rs_ctx); #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /** Interface with the debug module */ - void (*debug_func)( const void *ctx, mbedtls_pk_debug_item *items ); + void (*debug_func)(const void *ctx, mbedtls_pk_debug_item *items); }; #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /* Container for RSA-alt */ -typedef struct -{ +typedef struct { void *key; mbedtls_pk_rsa_alt_decrypt_func decrypt_func; mbedtls_pk_rsa_alt_sign_func sign_func; diff --git a/include/mbedtls/pkcs11.h b/include/mbedtls/pkcs11.h index 3530ee168898..80a8a9c423c6 100644 --- a/include/mbedtls/pkcs11.h +++ b/include/mbedtls/pkcs11.h @@ -36,7 +36,7 @@ #include -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -50,10 +50,9 @@ extern "C" { /** * Context for PKCS #11 private keys. */ -typedef struct mbedtls_pkcs11_context -{ - pkcs11h_certificate_t pkcs11h_cert; - int len; +typedef struct mbedtls_pkcs11_context { + pkcs11h_certificate_t pkcs11h_cert; + int len; } mbedtls_pkcs11_context; #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -69,7 +68,7 @@ typedef struct mbedtls_pkcs11_context * \deprecated This function is deprecated and will be removed in a * future version of the library. */ -MBEDTLS_DEPRECATED void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ); +MBEDTLS_DEPRECATED void mbedtls_pkcs11_init(mbedtls_pkcs11_context *ctx); /** * Fill in a mbed TLS certificate, based on the given PKCS11 helper certificate. @@ -82,8 +81,8 @@ MBEDTLS_DEPRECATED void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ); * * \return 0 on success. */ -MBEDTLS_DEPRECATED int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, - pkcs11h_certificate_t pkcs11h_cert ); +MBEDTLS_DEPRECATED int mbedtls_pkcs11_x509_cert_bind(mbedtls_x509_crt *cert, + pkcs11h_certificate_t pkcs11h_cert); /** * Set up a mbedtls_pkcs11_context storing the given certificate. Note that the @@ -99,8 +98,8 @@ MBEDTLS_DEPRECATED int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, * \return 0 on success */ MBEDTLS_DEPRECATED int mbedtls_pkcs11_priv_key_bind( - mbedtls_pkcs11_context *priv_key, - pkcs11h_certificate_t pkcs11_cert ); + mbedtls_pkcs11_context *priv_key, + pkcs11h_certificate_t pkcs11_cert); /** * Free the contents of the given private key context. Note that the structure @@ -112,7 +111,7 @@ MBEDTLS_DEPRECATED int mbedtls_pkcs11_priv_key_bind( * \param priv_key Private key structure to cleanup */ MBEDTLS_DEPRECATED void mbedtls_pkcs11_priv_key_free( - mbedtls_pkcs11_context *priv_key ); + mbedtls_pkcs11_context *priv_key); /** * \brief Do an RSA private key decrypt, then remove the message @@ -134,11 +133,11 @@ MBEDTLS_DEPRECATED void mbedtls_pkcs11_priv_key_free( * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * an error is thrown. */ -MBEDTLS_DEPRECATED int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ); +MBEDTLS_DEPRECATED int mbedtls_pkcs11_decrypt(mbedtls_pkcs11_context *ctx, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len); /** * \brief Do a private RSA to sign a message digest @@ -159,12 +158,12 @@ MBEDTLS_DEPRECATED int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx, * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). */ -MBEDTLS_DEPRECATED int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ); +MBEDTLS_DEPRECATED int mbedtls_pkcs11_sign(mbedtls_pkcs11_context *ctx, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig); /** * SSL/TLS wrappers for PKCS#11 functions @@ -172,13 +171,15 @@ MBEDTLS_DEPRECATED int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, * \deprecated This function is deprecated and will be removed in a future * version of the library. */ -MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, - int mode, size_t *olen, - const unsigned char *input, unsigned char *output, - size_t output_max_len ) +MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_decrypt(void *ctx, + int mode, + size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len) { - return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output, - output_max_len ); + return mbedtls_pkcs11_decrypt((mbedtls_pkcs11_context *) ctx, mode, olen, input, output, + output_max_len); } /** @@ -207,15 +208,21 @@ MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, * ctx->N. For example, 128 bytes if RSA-1024 is * used. */ -MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_sign( void *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, - const unsigned char *hash, unsigned char *sig ) +MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_sign(void *ctx, + int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig) { ((void) f_rng); ((void) p_rng); - return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg, - hashlen, hash, sig ); + return mbedtls_pkcs11_sign((mbedtls_pkcs11_context *) ctx, mode, md_alg, + hashlen, hash, sig); } /** @@ -228,9 +235,9 @@ MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_sign( void *ctx, * * \return The length of the private key. */ -MBEDTLS_DEPRECATED static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx ) +MBEDTLS_DEPRECATED static inline size_t mbedtls_ssl_pkcs11_key_len(void *ctx) { - return ( (mbedtls_pkcs11_context *) ctx )->len; + return ((mbedtls_pkcs11_context *) ctx)->len; } #undef MBEDTLS_DEPRECATED diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index d9e85b1d1265..cd1385277904 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -70,10 +70,10 @@ extern "C" { * * \return 0 if successful, or a MBEDTLS_ERR_XXX code */ -int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *input, size_t len, - unsigned char *output ); +int mbedtls_pkcs12_pbe_sha1_rc4_128(mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *input, size_t len, + unsigned char *output); /** * \brief PKCS12 Password Based function (encryption / decryption) @@ -93,11 +93,11 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, * * \return 0 if successful, or a MBEDTLS_ERR_XXX code */ -int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, - mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *input, size_t len, - unsigned char *output ); +int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *input, size_t len, + unsigned char *output); #endif /* MBEDTLS_ASN1_PARSE_C */ @@ -128,10 +128,10 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, * * \return 0 if successful, or a MD, BIGNUM type error. */ -int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *salt, size_t saltlen, - mbedtls_md_type_t mbedtls_md, int id, int iterations ); +int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *salt, size_t saltlen, + mbedtls_md_type_t mbedtls_md, int id, int iterations); #ifdef __cplusplus } diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h index 696930f745f0..12dec0547fcd 100644 --- a/include/mbedtls/pkcs5.h +++ b/include/mbedtls/pkcs5.h @@ -67,10 +67,10 @@ extern "C" { * * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. */ -int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *data, size_t datalen, - unsigned char *output ); +int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output); #endif /* MBEDTLS_ASN1_PARSE_C */ @@ -88,10 +88,10 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, * * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. */ -int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password, - size_t plen, const unsigned char *salt, size_t slen, - unsigned int iteration_count, - uint32_t key_length, unsigned char *output ); +int mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, const unsigned char *password, + size_t plen, const unsigned char *salt, size_t slen, + unsigned int iteration_count, + uint32_t key_length, unsigned char *output); #if defined(MBEDTLS_SELF_TEST) @@ -100,7 +100,7 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_pkcs5_self_test( int verbose ); +int mbedtls_pkcs5_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index eaf5122bec7a..9033852be13e 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -149,8 +149,8 @@ extern "C" { #else /* For size_t */ #include -extern void *mbedtls_calloc( size_t n, size_t size ); -extern void mbedtls_free( void *ptr ); +extern void *mbedtls_calloc(size_t n, size_t size); +extern void mbedtls_free(void *ptr); /** * \brief This function dynamically sets the memory-management @@ -161,8 +161,8 @@ extern void mbedtls_free( void *ptr ); * * \return \c 0. */ -int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), - void (*free_func)( void * ) ); +int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t), + void (*free_func)(void *)); #endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */ #else /* !MBEDTLS_PLATFORM_MEMORY */ #define mbedtls_free free @@ -175,7 +175,7 @@ int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), #if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) /* We need FILE * */ #include -extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... ); +extern int (*mbedtls_fprintf)(FILE *stream, const char *format, ...); /** * \brief This function dynamically configures the fprintf @@ -186,8 +186,8 @@ extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... ); * * \return \c 0. */ -int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *, - ... ) ); +int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *, + ...)); #else #if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) #define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO @@ -200,7 +200,7 @@ int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char * The function pointers for printf */ #if defined(MBEDTLS_PLATFORM_PRINTF_ALT) -extern int (*mbedtls_printf)( const char *format, ... ); +extern int (*mbedtls_printf)(const char *format, ...); /** * \brief This function dynamically configures the snprintf @@ -211,7 +211,7 @@ extern int (*mbedtls_printf)( const char *format, ... ); * * \return \c 0 on success. */ -int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ); +int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...)); #else /* !MBEDTLS_PLATFORM_PRINTF_ALT */ #if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) #define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO @@ -231,11 +231,11 @@ int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ); */ #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF) /* For Windows (inc. MSYS2), we provide our own fixed implementation */ -int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ); +int mbedtls_platform_win32_snprintf(char *s, size_t n, const char *fmt, ...); #endif #if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) -extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... ); +extern int (*mbedtls_snprintf)(char *s, size_t n, const char *format, ...); /** * \brief This function allows configuring a custom @@ -245,8 +245,8 @@ extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... ); * * \return \c 0 on success. */ -int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, - const char * format, ... ) ); +int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n, + const char *format, ...)); #else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ #if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) #define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO @@ -267,12 +267,12 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF) #include /* For Older Windows (inc. MSYS2), we provide our own fixed implementation */ -int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg ); +int mbedtls_platform_win32_vsnprintf(char *s, size_t n, const char *fmt, va_list arg); #endif #if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) #include -extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_list arg ); +extern int (*mbedtls_vsnprintf)(char *s, size_t n, const char *format, va_list arg); /** * \brief Set your own snprintf function pointer @@ -281,8 +281,8 @@ extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_lis * * \return \c 0 */ -int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n, - const char * format, va_list arg ) ); +int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n, + const char *format, va_list arg)); #else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ #if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) #define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO @@ -295,7 +295,7 @@ int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n, * The function pointers for exit */ #if defined(MBEDTLS_PLATFORM_EXIT_ALT) -extern void (*mbedtls_exit)( int status ); +extern void (*mbedtls_exit)(int status); /** * \brief This function dynamically configures the exit @@ -306,7 +306,7 @@ extern void (*mbedtls_exit)( int status ); * * \return \c 0 on success. */ -int mbedtls_platform_set_exit( void (*exit_func)( int status ) ); +int mbedtls_platform_set_exit(void (*exit_func)(int status)); #else #if defined(MBEDTLS_PLATFORM_EXIT_MACRO) #define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO @@ -338,13 +338,13 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) ); #if defined(MBEDTLS_ENTROPY_NV_SEED) #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO) /* Internal standard platform definitions */ -int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len ); -int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len ); +int mbedtls_platform_std_nv_seed_read(unsigned char *buf, size_t buf_len); +int mbedtls_platform_std_nv_seed_write(unsigned char *buf, size_t buf_len); #endif #if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) -extern int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ); -extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ); +extern int (*mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len); +extern int (*mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len); /** * \brief This function allows configuring custom seed file writing and @@ -356,9 +356,9 @@ extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ); * \return \c 0 on success. */ int mbedtls_platform_set_nv_seed( - int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ), - int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len ) - ); + int (*nv_seed_read_func)(unsigned char *buf, size_t buf_len), + int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len) + ); #else #if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \ defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) @@ -379,8 +379,7 @@ int mbedtls_platform_set_nv_seed( * \note This structure may be used to assist platform-specific * setup or teardown operations. */ -typedef struct mbedtls_platform_context -{ +typedef struct mbedtls_platform_context { char dummy; /**< A placeholder member, as empty structs are not portable. */ } mbedtls_platform_context; @@ -404,7 +403,7 @@ mbedtls_platform_context; * * \return \c 0 on success. */ -int mbedtls_platform_setup( mbedtls_platform_context *ctx ); +int mbedtls_platform_setup(mbedtls_platform_context *ctx); /** * \brief This function performs any platform teardown operations. * @@ -419,7 +418,7 @@ int mbedtls_platform_setup( mbedtls_platform_context *ctx ); * \param ctx The platform context. * */ -void mbedtls_platform_teardown( mbedtls_platform_context *ctx ); +void mbedtls_platform_teardown(mbedtls_platform_context *ctx); #ifdef __cplusplus } diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h index 94055711b2e8..eee61d695a3c 100644 --- a/include/mbedtls/platform_time.h +++ b/include/mbedtls/platform_time.h @@ -47,7 +47,7 @@ typedef time_t mbedtls_time_t; * The function pointers for time */ #if defined(MBEDTLS_PLATFORM_TIME_ALT) -extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time ); +extern mbedtls_time_t (*mbedtls_time)(mbedtls_time_t *time); /** * \brief Set your own time function pointer @@ -56,7 +56,7 @@ extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time ); * * \return 0 */ -int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time ) ); +int mbedtls_platform_set_time(mbedtls_time_t (*time_func)(mbedtls_time_t *time)); #else #if defined(MBEDTLS_PLATFORM_TIME_MACRO) #define mbedtls_time MBEDTLS_PLATFORM_TIME_MACRO diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h index cd112ab58e21..55fc43113101 100644 --- a/include/mbedtls/platform_util.h +++ b/include/mbedtls/platform_util.h @@ -56,12 +56,12 @@ extern "C" { #define MBEDTLS_PARAM_FAILED_ALT #elif defined(MBEDTLS_CHECK_PARAMS_ASSERT) -#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) +#define MBEDTLS_PARAM_FAILED(cond) assert(cond) #define MBEDTLS_PARAM_FAILED_ALT #else /* MBEDTLS_PARAM_FAILED */ -#define MBEDTLS_PARAM_FAILED( cond ) \ - mbedtls_param_failed( #cond, __FILE__, __LINE__ ) +#define MBEDTLS_PARAM_FAILED(cond) \ + mbedtls_param_failed( #cond, __FILE__, __LINE__) /** * \brief User supplied callback function for parameter validation failure. @@ -78,36 +78,36 @@ extern "C" { * \param file The file where the assertion failed. * \param line The line in the file where the assertion failed. */ -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ); +void mbedtls_param_failed(const char *failure_condition, + const char *file, + int line); #endif /* MBEDTLS_PARAM_FAILED */ /* Internal macro meant to be called only from within the library. */ -#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) \ +#define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret) \ do { \ - if( !(cond) ) \ + if (!(cond)) \ { \ - MBEDTLS_PARAM_FAILED( cond ); \ - return( ret ); \ + MBEDTLS_PARAM_FAILED(cond); \ + return ret; \ } \ - } while( 0 ) + } while (0) /* Internal macro meant to be called only from within the library. */ -#define MBEDTLS_INTERNAL_VALIDATE( cond ) \ +#define MBEDTLS_INTERNAL_VALIDATE(cond) \ do { \ - if( !(cond) ) \ + if (!(cond)) \ { \ - MBEDTLS_PARAM_FAILED( cond ); \ + MBEDTLS_PARAM_FAILED(cond); \ return; \ } \ - } while( 0 ) + } while (0) #else /* MBEDTLS_CHECK_PARAMS */ /* Internal macros meant to be called only from within the library. */ -#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) do { } while( 0 ) -#define MBEDTLS_INTERNAL_VALIDATE( cond ) do { } while( 0 ) +#define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret) do { } while (0) +#define MBEDTLS_INTERNAL_VALIDATE(cond) do { } while (0) #endif /* MBEDTLS_CHECK_PARAMS */ @@ -119,16 +119,16 @@ void mbedtls_param_failed( const char *failure_condition, * it, too. We might want to move all these definitions here at * some point for uniformity. */ #define MBEDTLS_DEPRECATED __attribute__((deprecated)) -MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_string_constant_t; -#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) \ - ( (mbedtls_deprecated_string_constant_t) ( VAL ) ) +MBEDTLS_DEPRECATED typedef char const *mbedtls_deprecated_string_constant_t; +#define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL) \ + ((mbedtls_deprecated_string_constant_t) (VAL)) MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; -#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) \ - ( (mbedtls_deprecated_numeric_constant_t) ( VAL ) ) +#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL) \ + ((mbedtls_deprecated_numeric_constant_t) (VAL)) #undef MBEDTLS_DEPRECATED #else /* MBEDTLS_DEPRECATED_WARNING */ -#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) VAL -#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) VAL +#define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL) VAL +#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL) VAL #endif /* MBEDTLS_DEPRECATED_WARNING */ #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -218,7 +218,7 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; * https://stackoverflow.com/questions/40576003/ignoring-warning-wunused-result * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c34 */ -#define MBEDTLS_IGNORE_RETURN(result) ( (void) !( result ) ) +#define MBEDTLS_IGNORE_RETURN(result) ((void) !(result)) #endif /** @@ -243,7 +243,7 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; * \param len Length of the buffer in bytes * */ -void mbedtls_platform_zeroize( void *buf, size_t len ); +void mbedtls_platform_zeroize(void *buf, size_t len); #if defined(MBEDTLS_HAVE_TIME_DATE) /** @@ -272,8 +272,8 @@ void mbedtls_platform_zeroize( void *buf, size_t len ); * \return Pointer to an object of type struct tm on success, otherwise * NULL */ -struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt, - struct tm *tm_buf ); +struct tm *mbedtls_platform_gmtime_r(const mbedtls_time_t *tt, + struct tm *tm_buf); #endif /* MBEDTLS_HAVE_TIME_DATE */ #ifdef __cplusplus diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h index a69ede98b5ef..7b1faa51f321 100644 --- a/include/mbedtls/poly1305.h +++ b/include/mbedtls/poly1305.h @@ -60,8 +60,7 @@ extern "C" { #if !defined(MBEDTLS_POLY1305_ALT) -typedef struct mbedtls_poly1305_context -{ +typedef struct mbedtls_poly1305_context { uint32_t r[4]; /** The value for 'r' (low 128 bits of the key). */ uint32_t s[4]; /** The value for 's' (high 128 bits of the key). */ uint32_t acc[5]; /** The accumulator number. */ @@ -89,7 +88,7 @@ mbedtls_poly1305_context; * \param ctx The Poly1305 context to initialize. This must * not be \c NULL. */ -void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ); +void mbedtls_poly1305_init(mbedtls_poly1305_context *ctx); /** * \brief This function releases and clears the specified @@ -99,7 +98,7 @@ void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ); * case this function is a no-op. If it is not \c NULL, it must * point to an initialized Poly1305 context. */ -void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx ); +void mbedtls_poly1305_free(mbedtls_poly1305_context *ctx); /** * \brief This function sets the one-time authentication key. @@ -114,8 +113,8 @@ void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, - const unsigned char key[32] ); +int mbedtls_poly1305_starts(mbedtls_poly1305_context *ctx, + const unsigned char key[32]); /** * \brief This functions feeds an input buffer into an ongoing @@ -135,9 +134,9 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_poly1305_update(mbedtls_poly1305_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function generates the Poly1305 Message @@ -151,8 +150,8 @@ int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, - unsigned char mac[16] ); +int mbedtls_poly1305_finish(mbedtls_poly1305_context *ctx, + unsigned char mac[16]); /** * \brief This function calculates the Poly1305 MAC of the input @@ -172,10 +171,10 @@ int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_poly1305_mac( const unsigned char key[32], - const unsigned char *input, - size_t ilen, - unsigned char mac[16] ); +int mbedtls_poly1305_mac(const unsigned char key[32], + const unsigned char *input, + size_t ilen, + unsigned char mac[16]); #if defined(MBEDTLS_SELF_TEST) /** @@ -184,7 +183,7 @@ int mbedtls_poly1305_mac( const unsigned char key[32], * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_poly1305_self_test( int verbose ); +int mbedtls_poly1305_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index af7a809e40b6..9a1a2eae2f7c 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -46,10 +46,9 @@ /* Translations for symmetric crypto. */ static inline psa_key_type_t mbedtls_psa_translate_cipher_type( - mbedtls_cipher_type_t cipher ) + mbedtls_cipher_type_t cipher) { - switch( cipher ) - { + switch (cipher) { case MBEDTLS_CIPHER_AES_128_CCM: case MBEDTLS_CIPHER_AES_192_CCM: case MBEDTLS_CIPHER_AES_256_CCM: @@ -62,7 +61,7 @@ static inline psa_key_type_t mbedtls_psa_translate_cipher_type( case MBEDTLS_CIPHER_AES_128_ECB: case MBEDTLS_CIPHER_AES_192_ECB: case MBEDTLS_CIPHER_AES_256_ECB: - return( PSA_KEY_TYPE_AES ); + return PSA_KEY_TYPE_AES; /* ARIA not yet supported in PSA. */ /* case MBEDTLS_CIPHER_ARIA_128_CCM: @@ -77,87 +76,85 @@ static inline psa_key_type_t mbedtls_psa_translate_cipher_type( return( PSA_KEY_TYPE_ARIA ); */ default: - return( 0 ); + return 0; } } static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode( - mbedtls_cipher_mode_t mode, size_t taglen ) + mbedtls_cipher_mode_t mode, size_t taglen) { - switch( mode ) - { + switch (mode) { case MBEDTLS_MODE_ECB: - return( PSA_ALG_ECB_NO_PADDING ); + return PSA_ALG_ECB_NO_PADDING; case MBEDTLS_MODE_GCM: - return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, taglen ) ); + return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, taglen); case MBEDTLS_MODE_CCM: - return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) ); + return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen); case MBEDTLS_MODE_CBC: - if( taglen == 0 ) - return( PSA_ALG_CBC_NO_PADDING ); - else - return( 0 ); + if (taglen == 0) { + return PSA_ALG_CBC_NO_PADDING; + } else { + return 0; + } default: - return( 0 ); + return 0; } } static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation( - mbedtls_operation_t op ) + mbedtls_operation_t op) { - switch( op ) - { + switch (op) { case MBEDTLS_ENCRYPT: - return( PSA_KEY_USAGE_ENCRYPT ); + return PSA_KEY_USAGE_ENCRYPT; case MBEDTLS_DECRYPT: - return( PSA_KEY_USAGE_DECRYPT ); + return PSA_KEY_USAGE_DECRYPT; default: - return( 0 ); + return 0; } } /* Translations for hashing. */ -static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg ) +static inline psa_algorithm_t mbedtls_psa_translate_md(mbedtls_md_type_t md_alg) { - switch( md_alg ) - { + switch (md_alg) { #if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - return( PSA_ALG_MD2 ); + case MBEDTLS_MD_MD2: + return PSA_ALG_MD2; #endif #if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - return( PSA_ALG_MD4 ); + case MBEDTLS_MD_MD4: + return PSA_ALG_MD4; #endif #if defined(MBEDTLS_MD5_C) - case MBEDTLS_MD_MD5: - return( PSA_ALG_MD5 ); + case MBEDTLS_MD_MD5: + return PSA_ALG_MD5; #endif #if defined(MBEDTLS_SHA1_C) - case MBEDTLS_MD_SHA1: - return( PSA_ALG_SHA_1 ); + case MBEDTLS_MD_SHA1: + return PSA_ALG_SHA_1; #endif #if defined(MBEDTLS_SHA256_C) - case MBEDTLS_MD_SHA224: - return( PSA_ALG_SHA_224 ); - case MBEDTLS_MD_SHA256: - return( PSA_ALG_SHA_256 ); + case MBEDTLS_MD_SHA224: + return PSA_ALG_SHA_224; + case MBEDTLS_MD_SHA256: + return PSA_ALG_SHA_256; #endif #if defined(MBEDTLS_SHA512_C) - case MBEDTLS_MD_SHA384: - return( PSA_ALG_SHA_384 ); - case MBEDTLS_MD_SHA512: - return( PSA_ALG_SHA_512 ); + case MBEDTLS_MD_SHA384: + return PSA_ALG_SHA_384; + case MBEDTLS_MD_SHA512: + return PSA_ALG_SHA_512; #endif #if defined(MBEDTLS_RIPEMD160_C) - case MBEDTLS_MD_RIPEMD160: - return( PSA_ALG_RIPEMD160 ); + case MBEDTLS_MD_RIPEMD160: + return PSA_ALG_RIPEMD160; #endif - case MBEDTLS_MD_NONE: - return( 0 ); - default: - return( 0 ); + case MBEDTLS_MD_NONE: + return 0; + default: + return 0; } } @@ -165,202 +162,197 @@ static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg static inline int mbedtls_psa_get_ecc_oid_from_id( psa_ecc_family_t curve, size_t bits, - char const **oid, size_t *oid_len ) + char const **oid, size_t *oid_len) { - switch( curve ) - { + switch (curve) { case PSA_ECC_FAMILY_SECP_R1: - switch( bits ) - { + switch (bits) { #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) case 192: *oid = MBEDTLS_OID_EC_GRP_SECP192R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192R1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) case 224: *oid = MBEDTLS_OID_EC_GRP_SECP224R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224R1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) case 256: *oid = MBEDTLS_OID_EC_GRP_SECP256R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256R1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) case 384: *oid = MBEDTLS_OID_EC_GRP_SECP384R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP384R1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) case 521: *oid = MBEDTLS_OID_EC_GRP_SECP521R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP521R1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ } break; case PSA_ECC_FAMILY_SECP_K1: - switch( bits ) - { + switch (bits) { #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) case 192: *oid = MBEDTLS_OID_EC_GRP_SECP192K1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192K1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) case 224: *oid = MBEDTLS_OID_EC_GRP_SECP224K1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224K1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) case 256: *oid = MBEDTLS_OID_EC_GRP_SECP256K1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256K1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ } break; case PSA_ECC_FAMILY_BRAINPOOL_P_R1: - switch( bits ) - { + switch (bits) { #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) case 256: *oid = MBEDTLS_OID_EC_GRP_BP256R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP256R1); + return 0; #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) case 384: *oid = MBEDTLS_OID_EC_GRP_BP384R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP384R1); + return 0; #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) case 512: *oid = MBEDTLS_OID_EC_GRP_BP512R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP512R1); + return 0; #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ } break; } (void) oid; (void) oid_len; - return( -1 ); + return -1; } #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((192 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((192 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((224 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((224 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((384 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((384 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 521 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((521 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 521 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((521 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((192 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((192 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((224 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((224 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((384 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((384 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 512 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((512 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 512 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((512 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ /* Translations for PK layer */ -static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) +static inline int mbedtls_psa_err_translate_pk(psa_status_t status) { - switch( status ) - { + switch (status) { case PSA_SUCCESS: - return( 0 ); + return 0; case PSA_ERROR_NOT_SUPPORTED: - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; case PSA_ERROR_INSUFFICIENT_MEMORY: - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + return MBEDTLS_ERR_PK_ALLOC_FAILED; case PSA_ERROR_INSUFFICIENT_ENTROPY: - return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); + return MBEDTLS_ERR_ECP_RANDOM_FAILED; case PSA_ERROR_BAD_STATE: - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; /* All other failures */ case PSA_ERROR_COMMUNICATION_FAILURE: case PSA_ERROR_HARDWARE_FAILURE: case PSA_ERROR_CORRUPTION_DETECTED: - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + return MBEDTLS_ERR_PK_HW_ACCEL_FAILED; default: /* We return the same as for the 'other failures', * but list them separately nonetheless to indicate * which failure conditions we have considered. */ - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + return MBEDTLS_ERR_PK_HW_ACCEL_FAILED; } } @@ -371,14 +363,15 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) * into a PSA ECC group identifier. */ #if defined(MBEDTLS_ECP_C) static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group( - uint16_t tls_ecc_grp_reg_id, size_t *bits ) + uint16_t tls_ecc_grp_reg_id, size_t *bits) { const mbedtls_ecp_curve_info *curve_info = - mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id ); - if( curve_info == NULL ) - return( 0 ); - return( PSA_KEY_TYPE_ECC_KEY_PAIR( - mbedtls_ecc_group_to_psa( curve_info->grp_id, bits ) ) ); + mbedtls_ecp_curve_info_from_tls_id(tls_ecc_grp_reg_id); + if (curve_info == NULL) { + return 0; + } + return PSA_KEY_TYPE_ECC_KEY_PAIR( + mbedtls_ecc_group_to_psa(curve_info->grp_id, bits)); } #endif /* MBEDTLS_ECP_C */ @@ -392,14 +385,14 @@ static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group( * as a subbuffer, and the function merely selects this subbuffer instead * of making a copy. */ -static inline int mbedtls_psa_tls_psa_ec_to_ecpoint( unsigned char *src, - size_t srclen, - unsigned char **dst, - size_t *dstlen ) +static inline int mbedtls_psa_tls_psa_ec_to_ecpoint(unsigned char *src, + size_t srclen, + unsigned char **dst, + size_t *dstlen) { *dst = src; *dstlen = srclen; - return( 0 ); + return 0; } /* This function takes a buffer holding an ECPoint structure @@ -407,18 +400,19 @@ static inline int mbedtls_psa_tls_psa_ec_to_ecpoint( unsigned char *src, * exchanges) and converts it into a format that the PSA key * agreement API understands. */ -static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( unsigned char const *src, - size_t srclen, - unsigned char *dst, - size_t dstlen, - size_t *olen ) +static inline int mbedtls_psa_tls_ecpoint_to_psa_ec(unsigned char const *src, + size_t srclen, + unsigned char *dst, + size_t dstlen, + size_t *olen) { - if( srclen > dstlen ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (srclen > dstlen) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - memcpy( dst, src, srclen ); + memcpy(dst, src, srclen); *olen = srclen; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -435,7 +429,7 @@ static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( unsigned char const *src, * This type name is not part of the Mbed TLS stable API. It may be renamed * or moved without warning. */ -typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_size ); +typedef int mbedtls_f_rng_t(void *p_rng, unsigned char *output, size_t output_size); #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) @@ -474,9 +468,9 @@ typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_s * `MBEDTLS_ERR_CTR_DRBG_xxx` or * `MBEDTLS_ERR_HMAC_DRBG_xxx` on error. */ -int mbedtls_psa_get_random( void *p_rng, - unsigned char *output, - size_t output_size ); +int mbedtls_psa_get_random(void *p_rng, + unsigned char *output, + size_t output_size); /** The random generator state for the PSA subsystem. * diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h index f890aefaeecb..6d9a1a2a32de 100644 --- a/include/mbedtls/ripemd160.h +++ b/include/mbedtls/ripemd160.h @@ -47,8 +47,7 @@ extern "C" { /** * \brief RIPEMD-160 context structure */ -typedef struct mbedtls_ripemd160_context -{ +typedef struct mbedtls_ripemd160_context { uint32_t total[2]; /*!< number of bytes processed */ uint32_t state[5]; /*!< intermediate digest state */ unsigned char buffer[64]; /*!< data block being processed */ @@ -64,14 +63,14 @@ mbedtls_ripemd160_context; * * \param ctx RIPEMD-160 context to be initialized */ -void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx ); +void mbedtls_ripemd160_init(mbedtls_ripemd160_context *ctx); /** * \brief Clear RIPEMD-160 context * * \param ctx RIPEMD-160 context to be cleared */ -void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx ); +void mbedtls_ripemd160_free(mbedtls_ripemd160_context *ctx); /** * \brief Clone (the state of) a RIPEMD-160 context @@ -79,8 +78,8 @@ void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx ); * \param dst The destination context * \param src The context to be cloned */ -void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, - const mbedtls_ripemd160_context *src ); +void mbedtls_ripemd160_clone(mbedtls_ripemd160_context *dst, + const mbedtls_ripemd160_context *src); /** * \brief RIPEMD-160 context setup @@ -89,7 +88,7 @@ void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, * * \return 0 if successful */ -int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx ); +int mbedtls_ripemd160_starts_ret(mbedtls_ripemd160_context *ctx); /** * \brief RIPEMD-160 process buffer @@ -100,9 +99,9 @@ int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx ); * * \return 0 if successful */ -int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_ripemd160_update_ret(mbedtls_ripemd160_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief RIPEMD-160 final digest @@ -112,8 +111,8 @@ int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, * * \return 0 if successful */ -int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx, - unsigned char output[20] ); +int mbedtls_ripemd160_finish_ret(mbedtls_ripemd160_context *ctx, + unsigned char output[20]); /** * \brief RIPEMD-160 process data block (internal use only) @@ -123,8 +122,8 @@ int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx, * * \return 0 if successful */ -int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, - const unsigned char data[64] ); +int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx, + const unsigned char data[64]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -140,7 +139,7 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, * \param ctx context to be initialized */ MBEDTLS_DEPRECATED void mbedtls_ripemd160_starts( - mbedtls_ripemd160_context *ctx ); + mbedtls_ripemd160_context *ctx); /** * \brief RIPEMD-160 process buffer @@ -152,9 +151,9 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160_starts( * \param ilen length of the input data */ MBEDTLS_DEPRECATED void mbedtls_ripemd160_update( - mbedtls_ripemd160_context *ctx, - const unsigned char *input, - size_t ilen ); + mbedtls_ripemd160_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief RIPEMD-160 final digest @@ -165,8 +164,8 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160_update( * \param output RIPEMD-160 checksum result */ MBEDTLS_DEPRECATED void mbedtls_ripemd160_finish( - mbedtls_ripemd160_context *ctx, - unsigned char output[20] ); + mbedtls_ripemd160_context *ctx, + unsigned char output[20]); /** * \brief RIPEMD-160 process data block (internal use only) @@ -177,8 +176,8 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160_finish( * \param data buffer holding one block of data */ MBEDTLS_DEPRECATED void mbedtls_ripemd160_process( - mbedtls_ripemd160_context *ctx, - const unsigned char data[64] ); + mbedtls_ripemd160_context *ctx, + const unsigned char data[64]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -192,9 +191,9 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160_process( * * \return 0 if successful */ -int mbedtls_ripemd160_ret( const unsigned char *input, - size_t ilen, - unsigned char output[20] ); +int mbedtls_ripemd160_ret(const unsigned char *input, + size_t ilen, + unsigned char output[20]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -211,9 +210,9 @@ int mbedtls_ripemd160_ret( const unsigned char *input, * \param ilen length of the input data * \param output RIPEMD-160 checksum result */ -MBEDTLS_DEPRECATED void mbedtls_ripemd160( const unsigned char *input, - size_t ilen, - unsigned char output[20] ); +MBEDTLS_DEPRECATED void mbedtls_ripemd160(const unsigned char *input, + size_t ilen, + unsigned char output[20]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -225,7 +224,7 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160( const unsigned char *input, * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_ripemd160_self_test( int verbose ); +int mbedtls_ripemd160_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 8559f67bb978..f8725ffb1e34 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -106,8 +106,7 @@ extern "C" { * is deprecated. All manipulation should instead be done through * the public interface functions. */ -typedef struct mbedtls_rsa_context -{ +typedef struct mbedtls_rsa_context { int ver; /*!< Reserved for internal purposes. * Do not set this field in application * code. Its meaning might change without @@ -134,8 +133,8 @@ typedef struct mbedtls_rsa_context mbedtls_mpi Vf; /*!< The cached un-blinding value. */ int padding; /*!< Selects padding mode: - #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and - #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */ + #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and + #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */ int hash_id; /*!< Hash identifier of mbedtls_md_type_t type, as specified in md.h for use in the MGF mask generating function used in the @@ -178,9 +177,9 @@ mbedtls_rsa_context; * \p padding is #MBEDTLS_RSA_PKCS_V21. It is unused * otherwise. */ -void mbedtls_rsa_init( mbedtls_rsa_context *ctx, - int padding, - int hash_id ); +void mbedtls_rsa_init(mbedtls_rsa_context *ctx, + int padding, + int hash_id); /** * \brief This function imports a set of core parameters into an @@ -211,10 +210,10 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return A non-zero error code on failure. */ -int mbedtls_rsa_import( mbedtls_rsa_context *ctx, - const mbedtls_mpi *N, - const mbedtls_mpi *P, const mbedtls_mpi *Q, - const mbedtls_mpi *D, const mbedtls_mpi *E ); +int mbedtls_rsa_import(mbedtls_rsa_context *ctx, + const mbedtls_mpi *N, + const mbedtls_mpi *P, const mbedtls_mpi *Q, + const mbedtls_mpi *D, const mbedtls_mpi *E); /** * \brief This function imports core RSA parameters, in raw big-endian @@ -250,12 +249,12 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return A non-zero error code on failure. */ -int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, - unsigned char const *N, size_t N_len, - unsigned char const *P, size_t P_len, - unsigned char const *Q, size_t Q_len, - unsigned char const *D, size_t D_len, - unsigned char const *E, size_t E_len ); +int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx, + unsigned char const *N, size_t N_len, + unsigned char const *P, size_t P_len, + unsigned char const *Q, size_t Q_len, + unsigned char const *D, size_t D_len, + unsigned char const *E, size_t E_len); /** * \brief This function completes an RSA context from @@ -289,7 +288,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, * failed. * */ -int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ); +int mbedtls_rsa_complete(mbedtls_rsa_context *ctx); /** * \brief This function exports the core parameters of an RSA key. @@ -331,9 +330,9 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ); * \return A non-zero return code on any other failure. * */ -int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, - mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, - mbedtls_mpi *D, mbedtls_mpi *E ); +int mbedtls_rsa_export(const mbedtls_rsa_context *ctx, + mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, + mbedtls_mpi *D, mbedtls_mpi *E); /** * \brief This function exports core parameters of an RSA key @@ -382,12 +381,12 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, * functionality or because of security policies. * \return A non-zero return code on any other failure. */ -int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx, - unsigned char *N, size_t N_len, - unsigned char *P, size_t P_len, - unsigned char *Q, size_t Q_len, - unsigned char *D, size_t D_len, - unsigned char *E, size_t E_len ); +int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx, + unsigned char *N, size_t N_len, + unsigned char *P, size_t P_len, + unsigned char *Q, size_t Q_len, + unsigned char *D, size_t D_len, + unsigned char *E, size_t E_len); /** * \brief This function exports CRT parameters of a private RSA key. @@ -408,8 +407,8 @@ int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx, * \return A non-zero error code on failure. * */ -int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, - mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP ); +int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx, + mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP); /** * \brief This function sets padding for an already initialized RSA @@ -420,8 +419,8 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, * #MBEDTLS_RSA_PKCS_V15 or #MBEDTLS_RSA_PKCS_V21. * \param hash_id The #MBEDTLS_RSA_PKCS_V21 hash identifier. */ -void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, - int hash_id ); +void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, + int hash_id); /** * \brief This function retrieves the length of RSA modulus in Bytes. @@ -431,7 +430,7 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, * \return The length of the RSA modulus in Bytes. * */ -size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ); +size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx); /** * \brief This function generates an RSA keypair. @@ -451,10 +450,10 @@ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ); * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - unsigned int nbits, int exponent ); +int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + unsigned int nbits, int exponent); /** * \brief This function checks if a context contains at least an RSA @@ -470,7 +469,7 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * */ -int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ); +int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx); /** * \brief This function checks if a context contains an RSA private key @@ -508,7 +507,7 @@ int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ); * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ); +int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx); /** * \brief This function checks a public-private RSA key pair. @@ -521,8 +520,8 @@ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ); * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, - const mbedtls_rsa_context *prv ); +int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub, + const mbedtls_rsa_context *prv); /** * \brief This function performs an RSA public key operation. @@ -543,9 +542,9 @@ int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_public( mbedtls_rsa_context *ctx, - const unsigned char *input, - unsigned char *output ); +int mbedtls_rsa_public(mbedtls_rsa_context *ctx, + const unsigned char *input, + unsigned char *output); /** * \brief This function performs an RSA private key operation. @@ -578,11 +577,11 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * */ -int mbedtls_rsa_private( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - const unsigned char *input, - unsigned char *output ); +int mbedtls_rsa_private(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + const unsigned char *input, + unsigned char *output); /** * \brief This function adds the message padding, then performs an RSA @@ -623,12 +622,12 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t ilen, - const unsigned char *input, - unsigned char *output ); +int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output); /** * \brief This function performs a PKCS#1 v1.5 encryption operation @@ -664,12 +663,12 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t ilen, - const unsigned char *input, - unsigned char *output ); +int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output); /** * \brief This function performs a PKCS#1 v2.1 OAEP encryption @@ -709,14 +708,14 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - const unsigned char *label, size_t label_len, - size_t ilen, - const unsigned char *input, - unsigned char *output ); +int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + const unsigned char *label, size_t label_len, + size_t ilen, + const unsigned char *input, + unsigned char *output); /** * \brief This function performs an RSA operation, then removes the @@ -762,13 +761,13 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ); +int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len); /** * \brief This function performs a PKCS#1 v1.5 decryption @@ -812,13 +811,13 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * */ -int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ); +int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len); /** * \brief This function performs a PKCS#1 v2.1 OAEP decryption @@ -866,15 +865,15 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - const unsigned char *label, size_t label_len, - size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ); +int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + const unsigned char *label, size_t label_len, + size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len); /** * \brief This function performs a private RSA operation to sign @@ -926,14 +925,14 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ); +int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig); /** * \brief This function performs a PKCS#1 v1.5 signature @@ -974,14 +973,14 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ); +int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig); /** * \brief This function performs a PKCS#1 v2.1 PSS signature @@ -1029,14 +1028,14 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - int saltlen, - unsigned char *sig ); +int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + int saltlen, + unsigned char *sig); /** * \brief This function performs a PKCS#1 v2.1 PSS signature @@ -1093,14 +1092,14 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ); +int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig); /** * \brief This function performs a public RSA operation and checks @@ -1146,14 +1145,14 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * \return \c 0 if the verify operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ); +int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig); /** * \brief This function performs a PKCS#1 v1.5 verification @@ -1192,14 +1191,14 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, * \return \c 0 if the verify operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ); +int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig); /** * \brief This function performs a PKCS#1 v2.1 PSS verification @@ -1248,14 +1247,14 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * \return \c 0 if the verify operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ); +int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig); /** * \brief This function performs a PKCS#1 v2.1 PSS verification @@ -1301,16 +1300,16 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * \return \c 0 if the verify operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - mbedtls_md_type_t mgf1_hash_id, - int expected_salt_len, - const unsigned char *sig ); +int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + mbedtls_md_type_t mgf1_hash_id, + int expected_salt_len, + const unsigned char *sig); /** * \brief This function copies the components of an RSA context. @@ -1321,7 +1320,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure. */ -int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ); +int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src); /** * \brief This function frees the components of an RSA key. @@ -1330,7 +1329,7 @@ int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ) * this function is a no-op. If it is not \c NULL, it must * point to an initialized RSA context. */ -void mbedtls_rsa_free( mbedtls_rsa_context *ctx ); +void mbedtls_rsa_free(mbedtls_rsa_context *ctx); #if defined(MBEDTLS_SELF_TEST) @@ -1340,7 +1339,7 @@ void mbedtls_rsa_free( mbedtls_rsa_context *ctx ); * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_rsa_self_test( int verbose ); +int mbedtls_rsa_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/rsa_internal.h b/include/mbedtls/rsa_internal.h index d55492bb16bc..017018bca96c 100644 --- a/include/mbedtls/rsa_internal.h +++ b/include/mbedtls/rsa_internal.h @@ -92,9 +92,9 @@ extern "C" { * use the helper function \c mbedtls_rsa_validate_params. * */ -int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, mbedtls_mpi const *E, - mbedtls_mpi const *D, - mbedtls_mpi *P, mbedtls_mpi *Q ); +int mbedtls_rsa_deduce_primes(mbedtls_mpi const *N, mbedtls_mpi const *E, + mbedtls_mpi const *D, + mbedtls_mpi *P, mbedtls_mpi *Q); /** * \brief Compute RSA private exponent from @@ -117,10 +117,10 @@ int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, mbedtls_mpi const *E, * \note This function does not check whether P and Q are primes. * */ -int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P, - mbedtls_mpi const *Q, - mbedtls_mpi const *E, - mbedtls_mpi *D ); +int mbedtls_rsa_deduce_private_exponent(mbedtls_mpi const *P, + mbedtls_mpi const *Q, + mbedtls_mpi const *E, + mbedtls_mpi *D); /** @@ -143,9 +143,9 @@ int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P, * prime and whether D is a valid private exponent. * */ -int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q, - const mbedtls_mpi *D, mbedtls_mpi *DP, - mbedtls_mpi *DQ, mbedtls_mpi *QP ); +int mbedtls_rsa_deduce_crt(const mbedtls_mpi *P, const mbedtls_mpi *Q, + const mbedtls_mpi *D, mbedtls_mpi *DP, + mbedtls_mpi *DQ, mbedtls_mpi *QP); /** @@ -178,11 +178,11 @@ int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q, * to perform specific checks only. E.g., calling it with * (-,P,-,-,-) and a PRNG amounts to a primality check for P. */ -int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, - const mbedtls_mpi *Q, const mbedtls_mpi *D, - const mbedtls_mpi *E, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_rsa_validate_params(const mbedtls_mpi *N, const mbedtls_mpi *P, + const mbedtls_mpi *Q, const mbedtls_mpi *D, + const mbedtls_mpi *E, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Check validity of RSA CRT parameters @@ -213,9 +213,9 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, * to perform specific checks only. E.g., calling it with the * parameters (P, -, D, DP, -, -) will check DP = D mod P-1. */ -int mbedtls_rsa_validate_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q, - const mbedtls_mpi *D, const mbedtls_mpi *DP, - const mbedtls_mpi *DQ, const mbedtls_mpi *QP ); +int mbedtls_rsa_validate_crt(const mbedtls_mpi *P, const mbedtls_mpi *Q, + const mbedtls_mpi *D, const mbedtls_mpi *DP, + const mbedtls_mpi *DQ, const mbedtls_mpi *QP); #ifdef __cplusplus } diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h index 4c3251b4a128..7a7319f26ae2 100644 --- a/include/mbedtls/sha1.h +++ b/include/mbedtls/sha1.h @@ -60,8 +60,7 @@ extern "C" { * stronger message digests instead. * */ -typedef struct mbedtls_sha1_context -{ +typedef struct mbedtls_sha1_context { uint32_t total[2]; /*!< The number of Bytes processed. */ uint32_t state[5]; /*!< The intermediate digest state. */ unsigned char buffer[64]; /*!< The data block being processed. */ @@ -83,7 +82,7 @@ mbedtls_sha1_context; * This must not be \c NULL. * */ -void mbedtls_sha1_init( mbedtls_sha1_context *ctx ); +void mbedtls_sha1_init(mbedtls_sha1_context *ctx); /** * \brief This function clears a SHA-1 context. @@ -98,7 +97,7 @@ void mbedtls_sha1_init( mbedtls_sha1_context *ctx ); * SHA-1 context. * */ -void mbedtls_sha1_free( mbedtls_sha1_context *ctx ); +void mbedtls_sha1_free(mbedtls_sha1_context *ctx); /** * \brief This function clones the state of a SHA-1 context. @@ -111,8 +110,8 @@ void mbedtls_sha1_free( mbedtls_sha1_context *ctx ); * \param src The SHA-1 context to clone from. This must be initialized. * */ -void mbedtls_sha1_clone( mbedtls_sha1_context *dst, - const mbedtls_sha1_context *src ); +void mbedtls_sha1_clone(mbedtls_sha1_context *dst, + const mbedtls_sha1_context *src); /** * \brief This function starts a SHA-1 checksum calculation. @@ -127,7 +126,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst, * \return A negative error code on failure. * */ -int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ); +int mbedtls_sha1_starts_ret(mbedtls_sha1_context *ctx); /** * \brief This function feeds an input buffer into an ongoing SHA-1 @@ -146,9 +145,9 @@ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_sha1_update_ret(mbedtls_sha1_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function finishes the SHA-1 operation, and writes @@ -166,8 +165,8 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, - unsigned char output[20] ); +int mbedtls_sha1_finish_ret(mbedtls_sha1_context *ctx, + unsigned char output[20]); /** * \brief SHA-1 process data block (internal use only). @@ -184,8 +183,8 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, * \return A negative error code on failure. * */ -int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, - const unsigned char data[64] ); +int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, + const unsigned char data[64]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -205,7 +204,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, * \param ctx The SHA-1 context to initialize. This must be initialized. * */ -MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ); +MBEDTLS_DEPRECATED void mbedtls_sha1_starts(mbedtls_sha1_context *ctx); /** * \brief This function feeds an input buffer into an ongoing SHA-1 @@ -224,9 +223,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ); * \param ilen The length of the input data \p input in Bytes. * */ -MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx, - const unsigned char *input, - size_t ilen ); +MBEDTLS_DEPRECATED void mbedtls_sha1_update(mbedtls_sha1_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function finishes the SHA-1 operation, and writes @@ -243,8 +242,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx, * \param output The SHA-1 checksum result. * This must be a writable buffer of length \c 20 Bytes. */ -MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, - unsigned char output[20] ); +MBEDTLS_DEPRECATED void mbedtls_sha1_finish(mbedtls_sha1_context *ctx, + unsigned char output[20]); /** * \brief SHA-1 process data block (internal use only). @@ -260,8 +259,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, * This must be a readable buffer of length \c 64 bytes. * */ -MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx, - const unsigned char data[64] ); +MBEDTLS_DEPRECATED void mbedtls_sha1_process(mbedtls_sha1_context *ctx, + const unsigned char data[64]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -289,9 +288,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx, * \return A negative error code on failure. * */ -int mbedtls_sha1_ret( const unsigned char *input, - size_t ilen, - unsigned char output[20] ); +int mbedtls_sha1_ret(const unsigned char *input, + size_t ilen, + unsigned char output[20]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -321,9 +320,9 @@ int mbedtls_sha1_ret( const unsigned char *input, * buffer of size \c 20 Bytes. * */ -MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input, - size_t ilen, - unsigned char output[20] ); +MBEDTLS_DEPRECATED void mbedtls_sha1(const unsigned char *input, + size_t ilen, + unsigned char output[20]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -341,7 +340,7 @@ MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input, * \return \c 1 on failure. * */ -int mbedtls_sha1_self_test( int verbose ); +int mbedtls_sha1_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 5b54be214259..00bd17d0cf8e 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -55,8 +55,7 @@ extern "C" { * checksum calculations. The choice between these two is * made in the call to mbedtls_sha256_starts_ret(). */ -typedef struct mbedtls_sha256_context -{ +typedef struct mbedtls_sha256_context { uint32_t total[2]; /*!< The number of Bytes processed. */ uint32_t state[8]; /*!< The intermediate digest state. */ unsigned char buffer[64]; /*!< The data block being processed. */ @@ -74,7 +73,7 @@ mbedtls_sha256_context; * * \param ctx The SHA-256 context to initialize. This must not be \c NULL. */ -void mbedtls_sha256_init( mbedtls_sha256_context *ctx ); +void mbedtls_sha256_init(mbedtls_sha256_context *ctx); /** * \brief This function clears a SHA-256 context. @@ -83,7 +82,7 @@ void mbedtls_sha256_init( mbedtls_sha256_context *ctx ); * case this function returns immediately. If it is not \c NULL, * it must point to an initialized SHA-256 context. */ -void mbedtls_sha256_free( mbedtls_sha256_context *ctx ); +void mbedtls_sha256_free(mbedtls_sha256_context *ctx); /** * \brief This function clones the state of a SHA-256 context. @@ -91,8 +90,8 @@ void mbedtls_sha256_free( mbedtls_sha256_context *ctx ); * \param dst The destination context. This must be initialized. * \param src The context to clone. This must be initialized. */ -void mbedtls_sha256_clone( mbedtls_sha256_context *dst, - const mbedtls_sha256_context *src ); +void mbedtls_sha256_clone(mbedtls_sha256_context *dst, + const mbedtls_sha256_context *src); /** * \brief This function starts a SHA-224 or SHA-256 checksum @@ -105,7 +104,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ); +int mbedtls_sha256_starts_ret(mbedtls_sha256_context *ctx, int is224); /** * \brief This function feeds an input buffer into an ongoing @@ -120,9 +119,9 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_sha256_update_ret(mbedtls_sha256_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function finishes the SHA-256 operation, and writes @@ -136,8 +135,8 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, - unsigned char output[32] ); +int mbedtls_sha256_finish_ret(mbedtls_sha256_context *ctx, + unsigned char output[32]); /** * \brief This function processes a single data block within @@ -151,8 +150,8 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, - const unsigned char data[64] ); +int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, + const unsigned char data[64]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -170,8 +169,8 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, * \param is224 Determines which function to use. This must be * either \c 0 for SHA-256, or \c 1 for SHA-224. */ -MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, - int is224 ); +MBEDTLS_DEPRECATED void mbedtls_sha256_starts(mbedtls_sha256_context *ctx, + int is224); /** * \brief This function feeds an input buffer into an ongoing @@ -185,9 +184,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, * buffer of length \p ilen Bytes. * \param ilen The length of the input data in Bytes. */ -MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx, - const unsigned char *input, - size_t ilen ); +MBEDTLS_DEPRECATED void mbedtls_sha256_update(mbedtls_sha256_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function finishes the SHA-256 operation, and writes @@ -200,8 +199,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx, * \param output The SHA-224 or SHA-256 checksum result. This must be * a writable buffer of length \c 32 Bytes. */ -MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, - unsigned char output[32] ); +MBEDTLS_DEPRECATED void mbedtls_sha256_finish(mbedtls_sha256_context *ctx, + unsigned char output[32]); /** * \brief This function processes a single data block within @@ -214,8 +213,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, * \param data The buffer holding one block of data. This must be * a readable buffer of size \c 64 Bytes. */ -MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx, - const unsigned char data[64] ); +MBEDTLS_DEPRECATED void mbedtls_sha256_process(mbedtls_sha256_context *ctx, + const unsigned char data[64]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -241,10 +240,10 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha256_ret( const unsigned char *input, - size_t ilen, - unsigned char output[32], - int is224 ); +int mbedtls_sha256_ret(const unsigned char *input, + size_t ilen, + unsigned char output[32], + int is224); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -273,10 +272,10 @@ int mbedtls_sha256_ret( const unsigned char *input, * \param is224 Determines which function to use. This must be either * \c 0 for SHA-256, or \c 1 for SHA-224. */ -MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input, - size_t ilen, - unsigned char output[32], - int is224 ); +MBEDTLS_DEPRECATED void mbedtls_sha256(const unsigned char *input, + size_t ilen, + unsigned char output[32], + int is224); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -289,7 +288,7 @@ MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input, * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_sha256_self_test( int verbose ); +int mbedtls_sha256_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index cca47c2fe620..1df87f99f7a7 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -54,8 +54,7 @@ extern "C" { * checksum calculations. The choice between these two is * made in the call to mbedtls_sha512_starts_ret(). */ -typedef struct mbedtls_sha512_context -{ +typedef struct mbedtls_sha512_context { uint64_t total[2]; /*!< The number of Bytes processed. */ uint64_t state[8]; /*!< The intermediate digest state. */ unsigned char buffer[128]; /*!< The data block being processed. */ @@ -76,7 +75,7 @@ mbedtls_sha512_context; * \param ctx The SHA-512 context to initialize. This must * not be \c NULL. */ -void mbedtls_sha512_init( mbedtls_sha512_context *ctx ); +void mbedtls_sha512_init(mbedtls_sha512_context *ctx); /** * \brief This function clears a SHA-512 context. @@ -86,7 +85,7 @@ void mbedtls_sha512_init( mbedtls_sha512_context *ctx ); * is not \c NULL, it must point to an initialized * SHA-512 context. */ -void mbedtls_sha512_free( mbedtls_sha512_context *ctx ); +void mbedtls_sha512_free(mbedtls_sha512_context *ctx); /** * \brief This function clones the state of a SHA-512 context. @@ -94,8 +93,8 @@ void mbedtls_sha512_free( mbedtls_sha512_context *ctx ); * \param dst The destination context. This must be initialized. * \param src The context to clone. This must be initialized. */ -void mbedtls_sha512_clone( mbedtls_sha512_context *dst, - const mbedtls_sha512_context *src ); +void mbedtls_sha512_clone(mbedtls_sha512_context *dst, + const mbedtls_sha512_context *src); /** * \brief This function starts a SHA-384 or SHA-512 checksum @@ -112,7 +111,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ); +int mbedtls_sha512_starts_ret(mbedtls_sha512_context *ctx, int is384); /** * \brief This function feeds an input buffer into an ongoing @@ -127,9 +126,9 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_sha512_update_ret(mbedtls_sha512_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function finishes the SHA-512 operation, and writes @@ -143,8 +142,8 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, - unsigned char output[64] ); +int mbedtls_sha512_finish_ret(mbedtls_sha512_context *ctx, + unsigned char output[64]); /** * \brief This function processes a single data block within @@ -158,8 +157,8 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, - const unsigned char data[128] ); +int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, + const unsigned char data[128]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) @@ -179,8 +178,8 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * \note When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must * be \c 0, or the function will fail to work. */ -MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, - int is384 ); +MBEDTLS_DEPRECATED void mbedtls_sha512_starts(mbedtls_sha512_context *ctx, + int is384); /** * \brief This function feeds an input buffer into an ongoing @@ -194,9 +193,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, * buffer of length \p ilen Bytes. * \param ilen The length of the input data in Bytes. */ -MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx, - const unsigned char *input, - size_t ilen ); +MBEDTLS_DEPRECATED void mbedtls_sha512_update(mbedtls_sha512_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function finishes the SHA-512 operation, and writes @@ -209,8 +208,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx, * \param output The SHA-384 or SHA-512 checksum result. This must * be a writable buffer of size \c 64 Bytes. */ -MBEDTLS_DEPRECATED void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, - unsigned char output[64] ); +MBEDTLS_DEPRECATED void mbedtls_sha512_finish(mbedtls_sha512_context *ctx, + unsigned char output[64]); /** * \brief This function processes a single data block within @@ -224,8 +223,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, * a readable buffer of length \c 128 Bytes. */ MBEDTLS_DEPRECATED void mbedtls_sha512_process( - mbedtls_sha512_context *ctx, - const unsigned char data[128] ); + mbedtls_sha512_context *ctx, + const unsigned char data[128]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -255,10 +254,10 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_process( * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha512_ret( const unsigned char *input, - size_t ilen, - unsigned char output[64], - int is384 ); +int mbedtls_sha512_ret(const unsigned char *input, + size_t ilen, + unsigned char output[64], + int is384); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -290,23 +289,23 @@ int mbedtls_sha512_ret( const unsigned char *input, * \note When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must * be \c 0, or the function will fail to work. */ -MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input, - size_t ilen, - unsigned char output[64], - int is384 ); +MBEDTLS_DEPRECATED void mbedtls_sha512(const unsigned char *input, + size_t ilen, + unsigned char output[64], + int is384); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_SELF_TEST) - /** +/** * \brief The SHA-384 or SHA-512 checkup routine. * * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_sha512_self_test( int verbose ); +int mbedtls_sha512_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index aecac93f3348..7836ecec6e8d 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -54,11 +54,13 @@ #if defined(MBEDTLS_ZLIB_SUPPORT) #if defined(MBEDTLS_DEPRECATED_WARNING) -#warning "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and will be removed in the next major revision of the library" +#warning \ + "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and will be removed in the next major revision of the library" #endif #if defined(MBEDTLS_DEPRECATED_REMOVED) -#error "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and cannot be used if MBEDTLS_DEPRECATED_REMOVED is set" +#error \ + "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and cannot be used if MBEDTLS_DEPRECATED_REMOVED is set" #endif #include "zlib.h" @@ -491,8 +493,7 @@ #endif /* Dummy type used only for its size */ -union mbedtls_ssl_premaster_secret -{ +union mbedtls_ssl_premaster_secret { #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */ #endif @@ -510,21 +511,21 @@ union mbedtls_ssl_premaster_secret #endif #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) unsigned char _pms_dhe_psk[4 + MBEDTLS_MPI_MAX_SIZE - + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */ + + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */ #endif #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) unsigned char _pms_rsa_psk[52 + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 4 */ #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) unsigned char _pms_ecdhe_psk[4 + MBEDTLS_ECP_MAX_BYTES - + MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */ + + MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */ #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) unsigned char _pms_ecjpake[32]; /* Thread spec: SHA-256 output */ #endif }; -#define MBEDTLS_PREMASTER_SIZE sizeof( union mbedtls_ssl_premaster_secret ) +#define MBEDTLS_PREMASTER_SIZE sizeof(union mbedtls_ssl_premaster_secret) #ifdef __cplusplus extern "C" { @@ -533,8 +534,7 @@ extern "C" { /* * SSL state machine */ -typedef enum -{ +typedef enum { MBEDTLS_SSL_HELLO_REQUEST, MBEDTLS_SSL_CLIENT_HELLO, MBEDTLS_SSL_SERVER_HELLO, @@ -560,13 +560,12 @@ mbedtls_ssl_states; /* * The tls_prf function types. */ -typedef enum -{ - MBEDTLS_SSL_TLS_PRF_NONE, - MBEDTLS_SSL_TLS_PRF_SSL3, - MBEDTLS_SSL_TLS_PRF_TLS1, - MBEDTLS_SSL_TLS_PRF_SHA384, - MBEDTLS_SSL_TLS_PRF_SHA256 +typedef enum { + MBEDTLS_SSL_TLS_PRF_NONE, + MBEDTLS_SSL_TLS_PRF_SSL3, + MBEDTLS_SSL_TLS_PRF_TLS1, + MBEDTLS_SSL_TLS_PRF_SHA384, + MBEDTLS_SSL_TLS_PRF_SHA256 } mbedtls_tls_prf_types; /** @@ -586,9 +585,9 @@ mbedtls_tls_prf_types; * \note The callback is allowed to send fewer bytes than requested. * It must always return the number of bytes actually sent. */ -typedef int mbedtls_ssl_send_t( void *ctx, - const unsigned char *buf, - size_t len ); +typedef int mbedtls_ssl_send_t(void *ctx, + const unsigned char *buf, + size_t len); /** * \brief Callback type: receive data from the network. @@ -610,9 +609,9 @@ typedef int mbedtls_ssl_send_t( void *ctx, * buffer. It must always return the number of bytes actually * received and written to the buffer. */ -typedef int mbedtls_ssl_recv_t( void *ctx, - unsigned char *buf, - size_t len ); +typedef int mbedtls_ssl_recv_t(void *ctx, + unsigned char *buf, + size_t len); /** * \brief Callback type: receive data from the network, with timeout @@ -636,10 +635,10 @@ typedef int mbedtls_ssl_recv_t( void *ctx, * buffer. It must always return the number of bytes actually * received and written to the buffer. */ -typedef int mbedtls_ssl_recv_timeout_t( void *ctx, - unsigned char *buf, - size_t len, - uint32_t timeout ); +typedef int mbedtls_ssl_recv_timeout_t(void *ctx, + unsigned char *buf, + size_t len, + uint32_t timeout); /** * \brief Callback type: set a pair of timers/delays to watch * @@ -662,9 +661,9 @@ typedef int mbedtls_ssl_recv_timeout_t( void *ctx, * function while a timer is running must cancel it. Cancelled * timers must not generate any event. */ -typedef void mbedtls_ssl_set_timer_t( void * ctx, - uint32_t int_ms, - uint32_t fin_ms ); +typedef void mbedtls_ssl_set_timer_t(void *ctx, + uint32_t int_ms, + uint32_t fin_ms); /** * \brief Callback type: get status of timers/delays @@ -677,7 +676,7 @@ typedef void mbedtls_ssl_set_timer_t( void * ctx, * 1 if only the intermediate delay has passed, * 2 if the final delay has passed. */ -typedef int mbedtls_ssl_get_timer_t( void * ctx ); +typedef int mbedtls_ssl_get_timer_t(void *ctx); /* Defined below */ typedef struct mbedtls_ssl_session mbedtls_ssl_session; @@ -768,11 +767,11 @@ typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item; * use \c MBEDTLS_ERR_SSL_xxx error codes except as * directed in the documentation of this callback. */ -typedef int mbedtls_ssl_async_sign_t( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - mbedtls_md_type_t md_alg, - const unsigned char *hash, - size_t hash_len ); +typedef int mbedtls_ssl_async_sign_t(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + mbedtls_md_type_t md_alg, + const unsigned char *hash, + size_t hash_len); /** * \brief Callback type: start external decryption operation. @@ -834,10 +833,10 @@ typedef int mbedtls_ssl_async_sign_t( mbedtls_ssl_context *ssl, * use \c MBEDTLS_ERR_SSL_xxx error codes except as * directed in the documentation of this callback. */ -typedef int mbedtls_ssl_async_decrypt_t( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - const unsigned char *input, - size_t input_len ); +typedef int mbedtls_ssl_async_decrypt_t(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + const unsigned char *input, + size_t input_len); #endif /* MBEDTLS_X509_CRT_PARSE_C */ /** @@ -882,10 +881,10 @@ typedef int mbedtls_ssl_async_decrypt_t( mbedtls_ssl_context *ssl, * use \c MBEDTLS_ERR_SSL_xxx error codes except as * directed in the documentation of this callback. */ -typedef int mbedtls_ssl_async_resume_t( mbedtls_ssl_context *ssl, - unsigned char *output, - size_t *output_len, - size_t output_size ); +typedef int mbedtls_ssl_async_resume_t(mbedtls_ssl_context *ssl, + unsigned char *output, + size_t *output_len, + size_t output_size); /** * \brief Callback type: cancel external operation. @@ -904,7 +903,7 @@ typedef int mbedtls_ssl_async_resume_t( mbedtls_ssl_context *ssl, * \param ssl The SSL connection instance. It should not be * modified. */ -typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl ); +typedef void mbedtls_ssl_async_cancel_t(mbedtls_ssl_context *ssl); #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ @@ -939,17 +938,16 @@ typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl ); * Reminder: if this list is expanded mbedtls_ssl_check_srtp_profile_value * must be updated too. */ -#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80 ( (uint16_t) 0x0001) -#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32 ( (uint16_t) 0x0002) -#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80 ( (uint16_t) 0x0005) -#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 ( (uint16_t) 0x0006) +#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80 ((uint16_t) 0x0001) +#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32 ((uint16_t) 0x0002) +#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80 ((uint16_t) 0x0005) +#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 ((uint16_t) 0x0006) /* This one is not iana defined, but for code readability. */ -#define MBEDTLS_TLS_SRTP_UNSET ( (uint16_t) 0x0000) +#define MBEDTLS_TLS_SRTP_UNSET ((uint16_t) 0x0000) typedef uint16_t mbedtls_ssl_srtp_profile; -typedef struct mbedtls_dtls_srtp_info_t -{ +typedef struct mbedtls_dtls_srtp_info_t { /*! The SRTP profile that was negotiated. */ mbedtls_ssl_srtp_profile chosen_dtls_srtp_profile; /*! The length of mki_value. */ @@ -972,8 +970,7 @@ mbedtls_dtls_srtp_info; * mbedtls_ssl_session_save() and ssl_session_load() * ssl_session_copy() */ -struct mbedtls_ssl_session -{ +struct mbedtls_ssl_session { #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) unsigned char mfl_code; /*!< MaxFragmentLength negotiated by peer */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ @@ -1018,8 +1015,7 @@ struct mbedtls_ssl_session /** * SSL/TLS configuration to be shared between mbedtls_ssl_context structures. */ -struct mbedtls_ssl_config -{ +struct mbedtls_ssl_config { /* Group items by size and reorder them to maximize usage of immediate offset access. */ /* @@ -1074,7 +1070,7 @@ struct mbedtls_ssl_config #endif #if defined(MBEDTLS_SSL_SRV_C) uint8_t cert_req_ca_list /*bool*/; /*!< enable sending CA list in - Certificate Request messages? */ + Certificate Request messages? */ #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) uint8_t ignore_unexpected_cid /*bool*/; /*!< Determines whether DTLS @@ -1153,33 +1149,33 @@ struct mbedtls_ssl_config #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) /** Callback to create & write a cookie for ClientHello verification */ - int (*f_cookie_write)( void *, unsigned char **, unsigned char *, - const unsigned char *, size_t ); + int (*f_cookie_write)(void *, unsigned char **, unsigned char *, + const unsigned char *, size_t); /** Callback to verify validity of a ClientHello cookie */ - int (*f_cookie_check)( void *, const unsigned char *, size_t, - const unsigned char *, size_t ); + int (*f_cookie_check)(void *, const unsigned char *, size_t, + const unsigned char *, size_t); void *p_cookie; /*!< context for the cookie callbacks */ #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) /** Callback to create & write a session ticket */ - int (*f_ticket_write)( void *, const mbedtls_ssl_session *, - unsigned char *, const unsigned char *, size_t *, uint32_t * ); + int (*f_ticket_write)(void *, const mbedtls_ssl_session *, + unsigned char *, const unsigned char *, size_t *, uint32_t *); /** Callback to parse a session ticket into a session structure */ - int (*f_ticket_parse)( void *, mbedtls_ssl_session *, unsigned char *, size_t); + int (*f_ticket_parse)(void *, mbedtls_ssl_session *, unsigned char *, size_t); void *p_ticket; /*!< context for the ticket callbacks */ #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) /** Callback to export key block and master secret */ - int (*f_export_keys)( void *, const unsigned char *, - const unsigned char *, size_t, size_t, size_t ); + int (*f_export_keys)(void *, const unsigned char *, + const unsigned char *, size_t, size_t, size_t); /** Callback to export key block, master secret, * tls_prf and random bytes. Should replace f_export_keys */ - int (*f_export_keys_ext)( void *, const unsigned char *, - const unsigned char *, size_t, size_t, size_t, - const unsigned char[32], const unsigned char[32], - mbedtls_tls_prf_types ); + int (*f_export_keys_ext)(void *, const unsigned char *, + const unsigned char *, size_t, size_t, size_t, + const unsigned char[32], const unsigned char[32], + mbedtls_tls_prf_types); void *p_export_keys; /*!< context for key export callback */ #endif @@ -1267,8 +1263,7 @@ struct mbedtls_ssl_config #endif /* MBEDTLS_SSL_DTLS_SRTP */ }; -struct mbedtls_ssl_context -{ +struct mbedtls_ssl_context { const mbedtls_ssl_config *conf; /*!< configuration information */ /* @@ -1278,8 +1273,8 @@ struct mbedtls_ssl_context #if defined(MBEDTLS_SSL_RENEGOTIATION) int renego_status; /*!< Initial, in progress, pending? */ int renego_records_seen; /*!< Records since renego request, or with DTLS, - number of retransmissions of request if - renego_max_records is < 0 */ + number of retransmissions of request if + renego_max_records is < 0 */ #endif /* MBEDTLS_SSL_RENEGOTIATION */ int major_ver; /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */ @@ -1298,7 +1293,7 @@ struct mbedtls_ssl_context mbedtls_ssl_send_t *f_send; /*!< Callback for network send */ mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */ mbedtls_ssl_recv_timeout_t *f_recv_timeout; - /*!< Callback for network receive with timeout */ + /*!< Callback for network receive with timeout */ void *p_bio; /*!< context for I/O operations */ @@ -1311,7 +1306,7 @@ struct mbedtls_ssl_context mbedtls_ssl_session *session_negotiate; /*!< session data in negotiation */ mbedtls_ssl_handshake_params *handshake; /*!< params required only during - the handshake process */ + the handshake process */ /* * Record layer transformations @@ -1459,7 +1454,7 @@ struct mbedtls_ssl_context * all subsequent handshakes. This may be different from the * CID currently used in case the user has re-configured the CID * after an initial handshake. */ - unsigned char own_cid[ MBEDTLS_SSL_CID_IN_LEN_MAX ]; + unsigned char own_cid[MBEDTLS_SSL_CID_IN_LEN_MAX]; uint8_t own_cid_len; /*!< The length of \c own_cid. */ uint8_t negotiate_cid; /*!< This indicates whether the CID extension should * be negotiated in the next handshake or not. @@ -1472,8 +1467,8 @@ struct mbedtls_ssl_context #if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define MBEDTLS_SSL_CHANNEL_OUTBOUND MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( 0 ) -#define MBEDTLS_SSL_CHANNEL_INBOUND MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( 1 ) +#define MBEDTLS_SSL_CHANNEL_OUTBOUND MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(0) +#define MBEDTLS_SSL_CHANNEL_INBOUND MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(1) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) @@ -1482,24 +1477,24 @@ struct mbedtls_ssl_context #endif /* MBEDTLS_DEPRECATED_WARNING */ MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_init)( - mbedtls_ssl_context *ssl, - const unsigned char *key_enc, const unsigned char *key_dec, - size_t keylen, - const unsigned char *iv_enc, const unsigned char *iv_dec, - size_t ivlen, - const unsigned char *mac_enc, const unsigned char *mac_dec, - size_t maclen); + mbedtls_ssl_context *ssl, + const unsigned char *key_enc, const unsigned char *key_dec, + size_t keylen, + const unsigned char *iv_enc, const unsigned char *iv_dec, + size_t ivlen, + const unsigned char *mac_enc, const unsigned char *mac_dec, + size_t maclen); MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_activate)( - mbedtls_ssl_context *ssl, - int direction ); + mbedtls_ssl_context *ssl, + int direction); MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_reset)( - mbedtls_ssl_context *ssl ); + mbedtls_ssl_context *ssl); MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_write)( - mbedtls_ssl_context *ssl ); + mbedtls_ssl_context *ssl); MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_read)( - mbedtls_ssl_context *ssl ); + mbedtls_ssl_context *ssl); MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_finish)( - mbedtls_ssl_context *ssl ); + mbedtls_ssl_context *ssl); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -1514,7 +1509,7 @@ MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_finish)( * * \return a string containing the ciphersuite name */ -const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ); +const char *mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id); /** * \brief Return the ID of the ciphersuite associated with the @@ -1524,7 +1519,7 @@ const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ); * * \return the ID with the ciphersuite or 0 if not found */ -int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ); +int mbedtls_ssl_get_ciphersuite_id(const char *ciphersuite_name); /** * \brief Initialize an SSL context @@ -1533,7 +1528,7 @@ int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ); * * \param ssl SSL context */ -void mbedtls_ssl_init( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_init(mbedtls_ssl_context *ssl); /** * \brief Set up an SSL context for use @@ -1555,8 +1550,8 @@ void mbedtls_ssl_init( mbedtls_ssl_context *ssl ); * \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED if * memory allocation failed */ -int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, - const mbedtls_ssl_config *conf ); +int mbedtls_ssl_setup(mbedtls_ssl_context *ssl, + const mbedtls_ssl_config *conf); /** * \brief Reset an already initialized SSL context for re-use @@ -1568,7 +1563,7 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, MBEDTLS_ERR_SSL_HW_ACCEL_FAILED or * MBEDTLS_ERR_SSL_COMPRESSION_FAILED */ -int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl); /** * \brief Set the current endpoint type @@ -1576,7 +1571,7 @@ int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ); * \param conf SSL configuration * \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER */ -void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ); +void mbedtls_ssl_conf_endpoint(mbedtls_ssl_config *conf, int endpoint); /** * \brief Set the transport type (TLS or DTLS). @@ -1592,7 +1587,7 @@ void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ); * MBEDTLS_SSL_TRANSPORT_STREAM for TLS, * MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS. */ -void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ); +void mbedtls_ssl_conf_transport(mbedtls_ssl_config *conf, int transport); /** * \brief Set the certificate verification mode @@ -1620,7 +1615,7 @@ void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ); * the verification as soon as possible. For example, REQUIRED was protecting * against the "triple handshake" attack even before it was found. */ -void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); +void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode); #if defined(MBEDTLS_X509_CRT_PARSE_C) /** @@ -1638,9 +1633,9 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); * \param f_vrfy The verification callback to use during CRT verification. * \param p_vrfy The opaque context to be passed to the callback. */ -void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); +void mbedtls_ssl_conf_verify(mbedtls_ssl_config *conf, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy); #endif /* MBEDTLS_X509_CRT_PARSE_C */ /** @@ -1650,9 +1645,9 @@ void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, * \param f_rng RNG function * \param p_rng RNG parameter */ -void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +void mbedtls_ssl_conf_rng(mbedtls_ssl_config *conf, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Set the debug callback @@ -1668,9 +1663,9 @@ void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, * \param f_dbg debug function * \param p_dbg debug parameter */ -void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, - void (*f_dbg)(void *, int, const char *, int, const char *), - void *p_dbg ); +void mbedtls_ssl_conf_dbg(mbedtls_ssl_config *conf, + void (*f_dbg)(void *, int, const char *, int, const char *), + void *p_dbg); /** * \brief Set the underlying BIO callbacks for write, read and @@ -1702,11 +1697,11 @@ void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, * \c mbedtls_net_recv_timeout() that are suitable to be used * here. */ -void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, - void *p_bio, - mbedtls_ssl_send_t *f_send, - mbedtls_ssl_recv_t *f_recv, - mbedtls_ssl_recv_timeout_t *f_recv_timeout ); +void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl, + void *p_bio, + mbedtls_ssl_send_t *f_send, + mbedtls_ssl_recv_t *f_recv, + mbedtls_ssl_recv_timeout_t *f_recv_timeout); #if defined(MBEDTLS_SSL_PROTO_DTLS) @@ -1796,10 +1791,10 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, * applies to the next handshake. * \return A negative error code on failure. */ -int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, - int enable, - unsigned char const *own_cid, - size_t own_cid_len ); +int mbedtls_ssl_set_cid(mbedtls_ssl_context *ssl, + int enable, + unsigned char const *own_cid, + size_t own_cid_len); /** * \brief Get information about the use of the CID extension @@ -1838,10 +1833,10 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, - int *enabled, - unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ], - size_t *peer_cid_len ); +int mbedtls_ssl_get_peer_cid(mbedtls_ssl_context *ssl, + int *enabled, + unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX], + size_t *peer_cid_len); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -1887,7 +1882,7 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, * \param ssl SSL context * \param mtu Value of the path MTU in bytes */ -void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu ); +void mbedtls_ssl_set_mtu(mbedtls_ssl_context *ssl, uint16_t mtu); #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -1909,9 +1904,9 @@ void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu ); * \param f_vrfy The verification callback to use during CRT verification. * \param p_vrfy The opaque context to be passed to the callback. */ -void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); +void mbedtls_ssl_set_verify(mbedtls_ssl_context *ssl, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy); #endif /* MBEDTLS_X509_CRT_PARSE_C */ /** @@ -1930,7 +1925,7 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, * \note With non-blocking I/O, you may also skip this function * altogether and handle timeouts at the application layer. */ -void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ); +void mbedtls_ssl_conf_read_timeout(mbedtls_ssl_config *conf, uint32_t timeout); #if defined(MBEDTLS_SSL_RECORD_CHECKING) /** @@ -1977,9 +1972,9 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) * In this case, the SSL context becomes unusable and needs * to be freed or reset before reuse. */ -int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, - unsigned char *buf, - size_t buflen ); +int mbedtls_ssl_check_record(mbedtls_ssl_context const *ssl, + unsigned char *buf, + size_t buflen); #endif /* MBEDTLS_SSL_RECORD_CHECKING */ /** @@ -2002,10 +1997,10 @@ int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, * \note See also the "DTLS tutorial" article in our knowledge base. * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/dtls-tutorial */ -void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, - void *p_timer, - mbedtls_ssl_set_timer_t *f_set_timer, - mbedtls_ssl_get_timer_t *f_get_timer ); +void mbedtls_ssl_set_timer_cb(mbedtls_ssl_context *ssl, + void *p_timer, + mbedtls_ssl_set_timer_t *f_set_timer, + mbedtls_ssl_get_timer_t *f_get_timer); /** * \brief Callback type: generate and write session ticket @@ -2026,12 +2021,12 @@ void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, * \return 0 if successful, or * a specific MBEDTLS_ERR_XXX code. */ -typedef int mbedtls_ssl_ticket_write_t( void *p_ticket, - const mbedtls_ssl_session *session, - unsigned char *start, - const unsigned char *end, - size_t *tlen, - uint32_t *lifetime ); +typedef int mbedtls_ssl_ticket_write_t(void *p_ticket, + const mbedtls_ssl_session *session, + unsigned char *start, + const unsigned char *end, + size_t *tlen, + uint32_t *lifetime); #if defined(MBEDTLS_SSL_EXPORT_KEYS) /** @@ -2054,12 +2049,12 @@ typedef int mbedtls_ssl_ticket_write_t( void *p_ticket, * \return 0 if successful, or * a specific MBEDTLS_ERR_XXX code. */ -typedef int mbedtls_ssl_export_keys_t( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen ); +typedef int mbedtls_ssl_export_keys_t(void *p_expkey, + const unsigned char *ms, + const unsigned char *kb, + size_t maclen, + size_t keylen, + size_t ivlen); /** * \brief Callback type: Export key block, master secret, @@ -2086,15 +2081,15 @@ typedef int mbedtls_ssl_export_keys_t( void *p_expkey, * \return 0 if successful, or * a specific MBEDTLS_ERR_XXX code. */ -typedef int mbedtls_ssl_export_keys_ext_t( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ); +typedef int mbedtls_ssl_export_keys_ext_t(void *p_expkey, + const unsigned char *ms, + const unsigned char *kb, + size_t maclen, + size_t keylen, + size_t ivlen, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type); #endif /* MBEDTLS_SSL_EXPORT_KEYS */ /** @@ -2120,10 +2115,10 @@ typedef int mbedtls_ssl_export_keys_ext_t( void *p_expkey, * MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED if expired, or * any other non-zero code for other failures. */ -typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket, - mbedtls_ssl_session *session, - unsigned char *buf, - size_t len ); +typedef int mbedtls_ssl_ticket_parse_t(void *p_ticket, + mbedtls_ssl_session *session, + unsigned char *buf, + size_t len); #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) /** @@ -2140,10 +2135,10 @@ typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket, * \param f_ticket_parse Callback for parsing a ticket * \param p_ticket Context shared by the two callbacks */ -void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_ticket_write_t *f_ticket_write, - mbedtls_ssl_ticket_parse_t *f_ticket_parse, - void *p_ticket ); +void mbedtls_ssl_conf_session_tickets_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_ticket_write_t *f_ticket_write, + mbedtls_ssl_ticket_parse_t *f_ticket_parse, + void *p_ticket); #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) @@ -2157,9 +2152,9 @@ void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, * \param f_export_keys Callback for exporting keys * \param p_export_keys Context for the callback */ -void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_t *f_export_keys, - void *p_export_keys ); +void mbedtls_ssl_conf_export_keys_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_export_keys_t *f_export_keys, + void *p_export_keys); /** * \brief Configure extended key export callback. @@ -2173,9 +2168,9 @@ void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, * \param f_export_keys_ext Callback for exporting keys * \param p_export_keys Context for the callback */ -void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_ext_t *f_export_keys_ext, - void *p_export_keys ); +void mbedtls_ssl_conf_export_keys_ext_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_export_keys_ext_t *f_export_keys_ext, + void *p_export_keys); #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) @@ -2209,12 +2204,12 @@ void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf, * mbedtls_ssl_conf_get_async_config_data(). The * library stores this value without dereferencing it. */ -void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_async_sign_t *f_async_sign, - mbedtls_ssl_async_decrypt_t *f_async_decrypt, - mbedtls_ssl_async_resume_t *f_async_resume, - mbedtls_ssl_async_cancel_t *f_async_cancel, - void *config_data ); +void mbedtls_ssl_conf_async_private_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_async_sign_t *f_async_sign, + mbedtls_ssl_async_decrypt_t *f_async_decrypt, + mbedtls_ssl_async_resume_t *f_async_resume, + mbedtls_ssl_async_cancel_t *f_async_cancel, + void *config_data); /** * \brief Retrieve the configuration data set by @@ -2224,7 +2219,7 @@ void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf, * \return The configuration data set by * mbedtls_ssl_conf_async_private_cb(). */ -void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf ); +void *mbedtls_ssl_conf_get_async_config_data(const mbedtls_ssl_config *conf); /** * \brief Retrieve the asynchronous operation user context. @@ -2240,7 +2235,7 @@ void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf ); * called during the current handshake, this function returns * \c NULL. */ -void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl ); +void *mbedtls_ssl_get_async_operation_data(const mbedtls_ssl_context *ssl); /** * \brief Retrieve the asynchronous operation user context. @@ -2253,8 +2248,8 @@ void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl ); * Call mbedtls_ssl_get_async_operation_data() later during the * same handshake to retrieve this value. */ -void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl, - void *ctx ); +void mbedtls_ssl_set_async_operation_data(mbedtls_ssl_context *ssl, + void *ctx); #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ /** @@ -2271,9 +2266,9 @@ void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl, * \return The callback must return 0 on success, * or a negative error code. */ -typedef int mbedtls_ssl_cookie_write_t( void *ctx, - unsigned char **p, unsigned char *end, - const unsigned char *info, size_t ilen ); +typedef int mbedtls_ssl_cookie_write_t(void *ctx, + unsigned char **p, unsigned char *end, + const unsigned char *info, size_t ilen); /** * \brief Callback type: verify a cookie @@ -2288,9 +2283,9 @@ typedef int mbedtls_ssl_cookie_write_t( void *ctx, * \return The callback must return 0 if cookie is valid, * or a negative error code. */ -typedef int mbedtls_ssl_cookie_check_t( void *ctx, - const unsigned char *cookie, size_t clen, - const unsigned char *info, size_t ilen ); +typedef int mbedtls_ssl_cookie_check_t(void *ctx, + const unsigned char *cookie, size_t clen, + const unsigned char *info, size_t ilen); #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) /** @@ -2321,10 +2316,10 @@ typedef int mbedtls_ssl_cookie_check_t( void *ctx, * \param f_cookie_check Cookie check callback * \param p_cookie Context for both callbacks */ -void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, - mbedtls_ssl_cookie_write_t *f_cookie_write, - mbedtls_ssl_cookie_check_t *f_cookie_check, - void *p_cookie ); +void mbedtls_ssl_conf_dtls_cookies(mbedtls_ssl_config *conf, + mbedtls_ssl_cookie_write_t *f_cookie_write, + mbedtls_ssl_cookie_check_t *f_cookie_check, + void *p_cookie); /** * \brief Set client's transport-level identification info. @@ -2345,9 +2340,9 @@ void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used on client, * MBEDTLS_ERR_SSL_ALLOC_FAILED if out of memory. */ -int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, - const unsigned char *info, - size_t ilen ); +int mbedtls_ssl_set_client_transport_id(mbedtls_ssl_context *ssl, + const unsigned char *info, + size_t ilen); #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ @@ -2367,7 +2362,7 @@ int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, * packets and needs information about them to adjust its * transmission strategy, then you'll want to disable this. */ -void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ); +void mbedtls_ssl_conf_dtls_anti_replay(mbedtls_ssl_config *conf, char mode); #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) @@ -2394,7 +2389,7 @@ void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ); * might make us waste resources checking authentication on * many bogus packets. */ -void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ); +void mbedtls_ssl_conf_dtls_badmac_limit(mbedtls_ssl_config *conf, unsigned limit); #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_SSL_PROTO_DTLS) @@ -2427,8 +2422,8 @@ void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limi * are currently always sent in separate datagrams. * */ -void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl, - unsigned allow_packing ); +void mbedtls_ssl_set_datagram_packing(mbedtls_ssl_context *ssl, + unsigned allow_packing); /** * \brief Set retransmit timeout values for the DTLS handshake. @@ -2461,7 +2456,7 @@ void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl, * goes: send ... 1s -> resend ... 2s -> resend ... 4s -> * resend ... 5s -> give up and return a timeout error. */ -void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max ); +void mbedtls_ssl_conf_handshake_timeout(mbedtls_ssl_config *conf, uint32_t min, uint32_t max); #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_SRV_C) @@ -2502,10 +2497,10 @@ void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, * \param f_get_cache session get callback * \param f_set_cache session set callback */ -void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, - void *p_cache, - int (*f_get_cache)(void *, mbedtls_ssl_session *), - int (*f_set_cache)(void *, const mbedtls_ssl_session *) ); +void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf, + void *p_cache, + int (*f_get_cache)(void *, mbedtls_ssl_session *), + int (*f_set_cache)(void *, const mbedtls_ssl_session *)); #endif /* MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_CLI_C) @@ -2523,7 +2518,7 @@ void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, * * \sa mbedtls_ssl_get_session() */ -int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session ); +int mbedtls_ssl_set_session(mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session); #endif /* MBEDTLS_SSL_CLI_C */ /** @@ -2558,9 +2553,9 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session * \return Another negative value for other kinds of errors (for * example, unsupported features in the embedded certificate). */ -int mbedtls_ssl_session_load( mbedtls_ssl_session *session, - const unsigned char *buf, - size_t len ); +int mbedtls_ssl_session_load(mbedtls_ssl_session *session, + const unsigned char *buf, + size_t len); /** * \brief Save session structure as serialized data in a buffer. @@ -2588,10 +2583,10 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session, * \return \c 0 if successful. * \return #MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL if \p buf is too small. */ -int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, - unsigned char *buf, - size_t buf_len, - size_t *olen ); +int mbedtls_ssl_session_save(const mbedtls_ssl_session *session, + unsigned char *buf, + size_t buf_len, + size_t *olen); /** * \brief Get a pointer to the current session structure, for example @@ -2608,7 +2603,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, * \return A pointer to the current session if successful. * \return \c NULL if no session is active. */ -const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl ); +const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer(const mbedtls_ssl_context *ssl); /** * \brief Set the list of allowed ciphersuites and the preference @@ -2625,8 +2620,8 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co * \param conf SSL configuration * \param ciphersuites 0-terminated list of allowed ciphersuites */ -void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, - const int *ciphersuites ); +void mbedtls_ssl_conf_ciphersuites(mbedtls_ssl_config *conf, + const int *ciphersuites); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 0 @@ -2663,8 +2658,8 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p own_cid_len * is too large. */ -int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len, - int ignore_other_cids ); +int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, size_t len, + int ignore_other_cids); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ /** @@ -2686,9 +2681,9 @@ int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len, * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 * and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 */ -void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, - const int *ciphersuites, - int major, int minor ); +void mbedtls_ssl_conf_ciphersuites_for_version(mbedtls_ssl_config *conf, + const int *ciphersuites, + int major, int minor); #if defined(MBEDTLS_X509_CRT_PARSE_C) /** @@ -2701,8 +2696,8 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, * \param conf SSL configuration * \param profile Profile to use */ -void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, - const mbedtls_x509_crt_profile *profile ); +void mbedtls_ssl_conf_cert_profile(mbedtls_ssl_config *conf, + const mbedtls_x509_crt_profile *profile); /** * \brief Set the data required to verify peer certificate @@ -2715,9 +2710,9 @@ void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) * \param ca_crl trusted CA CRLs */ -void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, +void mbedtls_ssl_conf_ca_chain(mbedtls_ssl_config *conf, mbedtls_x509_crt *ca_chain, - mbedtls_x509_crl *ca_crl ); + mbedtls_x509_crl *ca_crl); #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) /** @@ -2771,9 +2766,9 @@ void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, * to guarantee this (for example through a mutex * contained in the callback context pointed to by \p p_ca_cb). */ -void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb ); +void mbedtls_ssl_conf_ca_cb(mbedtls_ssl_config *conf, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb); #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ /** @@ -2812,9 +2807,9 @@ void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, * * \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED */ -int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, +int mbedtls_ssl_conf_own_cert(mbedtls_ssl_config *conf, mbedtls_x509_crt *own_cert, - mbedtls_pk_context *pk_key ); + mbedtls_pk_context *pk_key); #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) @@ -2849,9 +2844,9 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, * \return \c 0 if successful. * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ -int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, - const unsigned char *psk, size_t psk_len, - const unsigned char *psk_identity, size_t psk_identity_len ); +int mbedtls_ssl_conf_psk(mbedtls_ssl_config *conf, + const unsigned char *psk, size_t psk_len, + const unsigned char *psk_identity, size_t psk_identity_len); #if defined(MBEDTLS_USE_PSA_CRYPTO) /** @@ -2890,10 +2885,10 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * \return \c 0 if successful. * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ -int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, - psa_key_id_t psk, - const unsigned char *psk_identity, - size_t psk_identity_len ); +int mbedtls_ssl_conf_psk_opaque(mbedtls_ssl_config *conf, + psa_key_id_t psk, + const unsigned char *psk_identity, + size_t psk_identity_len); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /** @@ -2912,8 +2907,8 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, * \return \c 0 if successful. * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ -int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, - const unsigned char *psk, size_t psk_len ); +int mbedtls_ssl_set_hs_psk(mbedtls_ssl_context *ssl, + const unsigned char *psk, size_t psk_len); #if defined(MBEDTLS_USE_PSA_CRYPTO) /** @@ -2932,12 +2927,12 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, * PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows its * use for the key derivation algorithm * applied in the handshake. - * + * * \return \c 0 if successful. * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ -int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, - psa_key_id_t psk ); +int mbedtls_ssl_set_hs_psk_opaque(mbedtls_ssl_context *ssl, + psa_key_id_t psk); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /** @@ -2978,10 +2973,10 @@ int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, * \param p_psk A pointer to an opaque structure to be passed to * the callback, for example a PSK store. */ -void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, - int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, - size_t), - void *p_psk ); +void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf, + int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, + size_t), + void *p_psk); #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) @@ -3007,9 +3002,9 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, * * \return 0 if successful */ -MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, - const char *dhm_P, - const char *dhm_G ); +MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param(mbedtls_ssl_config *conf, + const char *dhm_P, + const char *dhm_G); #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -3026,9 +3021,9 @@ MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, * * \return 0 if successful */ -int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf, - const unsigned char *dhm_P, size_t P_len, - const unsigned char *dhm_G, size_t G_len ); +int mbedtls_ssl_conf_dh_param_bin(mbedtls_ssl_config *conf, + const unsigned char *dhm_P, size_t P_len, + const unsigned char *dhm_G, size_t G_len); /** * \brief Set the Diffie-Hellman public P and G values, @@ -3039,7 +3034,7 @@ int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf, * * \return 0 if successful */ -int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ); +int mbedtls_ssl_conf_dh_param_ctx(mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx); #endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */ #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) @@ -3051,8 +3046,8 @@ int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context * \param conf SSL configuration * \param bitlen Minimum bit length of the DHM prime */ -void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, - unsigned int bitlen ); +void mbedtls_ssl_conf_dhm_min_bitlen(mbedtls_ssl_config *conf, + unsigned int bitlen); #endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_ECP_C) @@ -3085,8 +3080,8 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, * \param curves Ordered list of allowed curves, * terminated by MBEDTLS_ECP_DP_NONE. */ -void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, - const mbedtls_ecp_group_id *curves ); +void mbedtls_ssl_conf_curves(mbedtls_ssl_config *conf, + const mbedtls_ecp_group_id *curves); #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) @@ -3110,8 +3105,8 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, * \param hashes Ordered list of allowed signature hashes, * terminated by \c MBEDTLS_MD_NONE. */ -void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, - const int *hashes ); +void mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, + const int *hashes); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -3133,7 +3128,7 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, * when NULL). On allocation failure hostname is cleared. * On too long input failure, old hostname is unchanged. */ -int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ); +int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname); #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) @@ -3149,9 +3144,9 @@ int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ); * * \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED */ -int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *own_cert, - mbedtls_pk_context *pk_key ); +int mbedtls_ssl_set_hs_own_cert(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *own_cert, + mbedtls_pk_context *pk_key); /** * \brief Set the data required to verify peer certificate for the @@ -3164,9 +3159,9 @@ int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) * \param ca_crl trusted CA CRLs */ -void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *ca_chain, - mbedtls_x509_crl *ca_crl ); +void mbedtls_ssl_set_hs_ca_chain(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *ca_chain, + mbedtls_x509_crl *ca_crl); /** * \brief Set authmode for the current handshake. @@ -3178,8 +3173,8 @@ void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, * \param authmode MBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL or * MBEDTLS_SSL_VERIFY_REQUIRED */ -void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, - int authmode ); +void mbedtls_ssl_set_hs_authmode(mbedtls_ssl_context *ssl, + int authmode); /** * \brief Set server side ServerName TLS extension callback @@ -3204,10 +3199,10 @@ void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, * \param f_sni verification function * \param p_sni verification parameter */ -void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, - int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, - size_t), - void *p_sni ); +void mbedtls_ssl_conf_sni(mbedtls_ssl_config *conf, + int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, + size_t), + void *p_sni); #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) @@ -3228,9 +3223,9 @@ void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, * * \return 0 on success, or a negative error code. */ -int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, - const unsigned char *pw, - size_t pw_len ); +int mbedtls_ssl_set_hs_ecjpake_password(mbedtls_ssl_context *ssl, + const unsigned char *pw, + size_t pw_len); #endif /*MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_ALPN) @@ -3246,7 +3241,7 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, * * \return 0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA. */ -int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos ); +int mbedtls_ssl_conf_alpn_protocols(mbedtls_ssl_config *conf, const char **protos); /** * \brief Get the name of the negotiated Application Layer Protocol. @@ -3257,26 +3252,25 @@ int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **prot * * \return Protocol name, or NULL if no protocol was negotiated. */ -const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl ); +const char *mbedtls_ssl_get_alpn_protocol(const mbedtls_ssl_context *ssl); #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) #if defined(MBEDTLS_DEBUG_C) -static inline const char *mbedtls_ssl_get_srtp_profile_as_string( mbedtls_ssl_srtp_profile profile ) +static inline const char *mbedtls_ssl_get_srtp_profile_as_string(mbedtls_ssl_srtp_profile profile) { - switch( profile ) - { + switch (profile) { case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80: - return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" ); + return "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80"; case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32: - return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" ); + return "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32"; case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80: - return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" ); + return "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80"; case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32: - return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" ); + return "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32"; default: break; } - return( "" ); + return ""; } #endif /* MBEDTLS_DEBUG_C */ /** @@ -3292,8 +3286,8 @@ static inline const char *mbedtls_ssl_get_srtp_profile_as_string( mbedtls_ssl_sr * #MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED * or #MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED. */ -void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf, - int support_mki_value ); +void mbedtls_ssl_conf_srtp_mki_value_supported(mbedtls_ssl_config *conf, + int support_mki_value); /** * \brief Set the supported DTLS-SRTP protection profiles. @@ -3315,8 +3309,8 @@ void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf, * protection profiles is incorrect. */ int mbedtls_ssl_conf_dtls_srtp_protection_profiles - ( mbedtls_ssl_config *conf, - const mbedtls_ssl_srtp_profile *profiles ); + (mbedtls_ssl_config *conf, + const mbedtls_ssl_srtp_profile *profiles); /** * \brief Set the mki_value for the current DTLS-SRTP session. @@ -3334,9 +3328,9 @@ int mbedtls_ssl_conf_dtls_srtp_protection_profiles * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE */ -int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl, - unsigned char *mki_value, - uint16_t mki_len ); +int mbedtls_ssl_dtls_srtp_set_mki_value(mbedtls_ssl_context *ssl, + unsigned char *mki_value, + uint16_t mki_len); /** * \brief Get the negotiated DTLS-SRTP information: * Protection profile and MKI value. @@ -3355,8 +3349,8 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl, * or peer's Hello packet was not parsed yet. * - mki size and value( if size is > 0 ). */ -void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl, - mbedtls_dtls_srtp_info *dtls_srtp_info ); +void mbedtls_ssl_get_dtls_srtp_negotiation_result(const mbedtls_ssl_context *ssl, + mbedtls_dtls_srtp_info *dtls_srtp_info); #endif /* MBEDTLS_SSL_DTLS_SRTP */ /** @@ -3375,7 +3369,7 @@ void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ss * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, * MBEDTLS_SSL_MINOR_VERSION_3 supported) */ -void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ); +void mbedtls_ssl_conf_max_version(mbedtls_ssl_config *conf, int major, int minor); /** * \brief Set the minimum accepted SSL/TLS protocol version @@ -3395,7 +3389,7 @@ void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int mino * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, * MBEDTLS_SSL_MINOR_VERSION_3 supported) */ -void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ); +void mbedtls_ssl_conf_min_version(mbedtls_ssl_config *conf, int major, int minor); #if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) /** @@ -3417,7 +3411,7 @@ void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int mino * \param conf SSL configuration * \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK */ -void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ); +void mbedtls_ssl_conf_fallback(mbedtls_ssl_config *conf, char fallback); #endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) @@ -3432,7 +3426,7 @@ void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ); * \param conf SSL configuration * \param etm MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED */ -void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ); +void mbedtls_ssl_conf_encrypt_then_mac(mbedtls_ssl_config *conf, char etm); #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) @@ -3447,7 +3441,7 @@ void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ); * \param conf SSL configuration * \param ems MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED */ -void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ); +void mbedtls_ssl_conf_extended_master_secret(mbedtls_ssl_config *conf, char ems); #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_ARC4_C) @@ -3466,7 +3460,7 @@ void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems * \param conf SSL configuration * \param arc4 MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED */ -void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ); +void mbedtls_ssl_conf_arc4_support(mbedtls_ssl_config *conf, char arc4); #endif /* MBEDTLS_ARC4_C */ #if defined(MBEDTLS_SSL_SRV_C) @@ -3479,8 +3473,8 @@ void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ); * \param cert_req_ca_list MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED or * MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED */ -void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, - char cert_req_ca_list ); +void mbedtls_ssl_conf_cert_req_ca_list(mbedtls_ssl_config *conf, + char cert_req_ca_list); #endif /* MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) @@ -3518,7 +3512,7 @@ void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, * * \return 0 if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA */ -int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ); +int mbedtls_ssl_conf_max_frag_len(mbedtls_ssl_config *conf, unsigned char mfl_code); #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) @@ -3530,7 +3524,7 @@ int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_c * \param truncate Enable or disable (MBEDTLS_SSL_TRUNC_HMAC_ENABLED or * MBEDTLS_SSL_TRUNC_HMAC_DISABLED) */ -void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ); +void mbedtls_ssl_conf_truncated_hmac(mbedtls_ssl_config *conf, int truncate); #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) @@ -3545,7 +3539,7 @@ void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ); * \param split MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or * MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED */ -void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ); +void mbedtls_ssl_conf_cbc_record_splitting(mbedtls_ssl_config *conf, char split); #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) @@ -3559,7 +3553,7 @@ void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split * \param use_tickets Enable or disable (MBEDTLS_SSL_SESSION_TICKETS_ENABLED or * MBEDTLS_SSL_SESSION_TICKETS_DISABLED) */ -void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ); +void mbedtls_ssl_conf_session_tickets(mbedtls_ssl_config *conf, int use_tickets); #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_SSL_RENEGOTIATION) @@ -3580,7 +3574,7 @@ void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets * \param renegotiation Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or * MBEDTLS_SSL_RENEGOTIATION_DISABLED) */ -void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation ); +void mbedtls_ssl_conf_renegotiation(mbedtls_ssl_config *conf, int renegotiation); #endif /* MBEDTLS_SSL_RENEGOTIATION */ /** @@ -3610,7 +3604,7 @@ void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation * SSL_ALLOW_LEGACY_RENEGOTIATION or * MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) */ -void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ); +void mbedtls_ssl_conf_legacy_renegotiation(mbedtls_ssl_config *conf, int allow_legacy); #if defined(MBEDTLS_SSL_RENEGOTIATION) /** @@ -3650,7 +3644,7 @@ void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_ * enforce renegotiation, or a non-negative value to enforce * it but allow for a grace period of max_records records. */ -void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records ); +void mbedtls_ssl_conf_renegotiation_enforced(mbedtls_ssl_config *conf, int max_records); /** * \brief Set record counter threshold for periodic renegotiation. @@ -3677,8 +3671,8 @@ void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_ * \param conf SSL configuration * \param period The threshold value: a big-endian 64-bit number. */ -void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, - const unsigned char period[8] ); +void mbedtls_ssl_conf_renegotiation_period(mbedtls_ssl_config *conf, + const unsigned char period[8]); #endif /* MBEDTLS_SSL_RENEGOTIATION */ /** @@ -3719,7 +3713,7 @@ void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, * that all internal data has been processed. * */ -int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ); +int mbedtls_ssl_check_pending(const mbedtls_ssl_context *ssl); /** * \brief Return the number of application data bytes @@ -3736,7 +3730,7 @@ int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ); * amount of data fitting into the input buffer. * */ -size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ); +size_t mbedtls_ssl_get_bytes_avail(const mbedtls_ssl_context *ssl); /** * \brief Return the result of the certificate verification @@ -3750,7 +3744,7 @@ size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ); * \return A bitwise combination of \c MBEDTLS_X509_BADCERT_XXX * and \c MBEDTLS_X509_BADCRL_XXX failure flags; see x509.h. */ -uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ); +uint32_t mbedtls_ssl_get_verify_result(const mbedtls_ssl_context *ssl); /** * \brief Return the name of the current ciphersuite @@ -3759,7 +3753,7 @@ uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ); * * \return a string containing the ciphersuite name */ -const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ); +const char *mbedtls_ssl_get_ciphersuite(const mbedtls_ssl_context *ssl); /** * \brief Return the current SSL version (SSLv3/TLSv1/etc) @@ -3768,7 +3762,7 @@ const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ); * * \return a string containing the SSL version */ -const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ); +const char *mbedtls_ssl_get_version(const mbedtls_ssl_context *ssl); /** * \brief Return the (maximum) number of bytes added by the record @@ -3783,7 +3777,7 @@ const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ); * MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if compression is * enabled, which makes expansion much less predictable */ -int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); +int mbedtls_ssl_get_record_expansion(const mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) /** @@ -3799,7 +3793,7 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); * * \return Current maximum fragment length for the output buffer. */ -size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ); +size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl); /** * \brief Return the maximum fragment length (payload, in bytes) for @@ -3815,7 +3809,7 @@ size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ); * * \return Current maximum fragment length for the output buffer. */ -size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl ); +size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl); #if !defined(MBEDTLS_DEPRECATED_REMOVED) @@ -3840,7 +3834,7 @@ size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl ); * \return Current maximum fragment length for the output buffer. */ MBEDTLS_DEPRECATED size_t mbedtls_ssl_get_max_frag_len( - const mbedtls_ssl_context *ssl ); + const mbedtls_ssl_context *ssl); #endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ @@ -3871,7 +3865,7 @@ MBEDTLS_DEPRECATED size_t mbedtls_ssl_get_max_frag_len( * \return Current maximum payload for an outgoing record, * or a negative error code. */ -int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); +int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl); #if defined(MBEDTLS_X509_CRT_PARSE_C) /** @@ -3904,7 +3898,7 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); * If you want to use the certificate across API calls, * you must make a copy. */ -const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ); +const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl); #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_CLI_C) @@ -3934,7 +3928,7 @@ const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ss * * \sa mbedtls_ssl_set_session() */ -int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session ); +int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session); #endif /* MBEDTLS_SSL_CLI_C */ /** @@ -3987,7 +3981,7 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session * currently being processed might or might not contain further * DTLS records. */ -int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl); /** * \brief Perform a single step of the SSL handshake @@ -4009,7 +4003,7 @@ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ); * re-using it for a new connection; the current connection * must be closed. */ -int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_RENEGOTIATION) /** @@ -4035,7 +4029,7 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ); * must be closed. * */ -int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl); #endif /* MBEDTLS_SSL_RENEGOTIATION */ /** @@ -4115,7 +4109,7 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ); * \c mbedtls_ssl_check_pending to check for remaining records. * */ -int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ); +int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len); /** * \brief Try to write exactly 'len' application data bytes @@ -4177,7 +4171,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) * \note Attempting to write 0 bytes will result in an empty TLS * application record being sent. */ -int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ); +int mbedtls_ssl_write(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len); /** * \brief Send an alert message @@ -4195,9 +4189,9 @@ int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_ * call \c mbedtls_ssl_session_reset() on it before re-using it * for a new connection; the current connection must be closed. */ -int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, - unsigned char level, - unsigned char message ); +int mbedtls_ssl_send_alert_message(mbedtls_ssl_context *ssl, + unsigned char level, + unsigned char message); /** * \brief Notify the peer that the connection is being closed * @@ -4211,14 +4205,14 @@ int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, * call \c mbedtls_ssl_session_reset() on it before re-using it * for a new connection; the current connection must be closed. */ -int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl); /** * \brief Free referenced items in an SSL context and clear memory * * \param ssl SSL context */ -void mbedtls_ssl_free( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_free(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) /** @@ -4269,10 +4263,10 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl ); * or the connection does not use DTLS 1.2 with an AEAD * ciphersuite, or renegotiation is enabled. */ -int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t buf_len, - size_t *olen ); +int mbedtls_ssl_context_save(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t buf_len, + size_t *olen); /** * \brief Load serialized connection data to an SSL context. @@ -4339,9 +4333,9 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, * comes from a different Mbed TLS version or build. * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if input data is invalid. */ -int mbedtls_ssl_context_load( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ); +int mbedtls_ssl_context_load(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len); #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ /** @@ -4354,7 +4348,7 @@ int mbedtls_ssl_context_load( mbedtls_ssl_context *ssl, * * \param conf SSL configuration context */ -void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ); +void mbedtls_ssl_config_init(mbedtls_ssl_config *conf); /** * \brief Load reasonable default SSL configuration values. @@ -4371,22 +4365,22 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ); * \return 0 if successful, or * MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error. */ -int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, - int endpoint, int transport, int preset ); +int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf, + int endpoint, int transport, int preset); /** * \brief Free an SSL configuration context * * \param conf SSL configuration context */ -void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ); +void mbedtls_ssl_config_free(mbedtls_ssl_config *conf); /** * \brief Initialize SSL session structure * * \param session SSL session */ -void mbedtls_ssl_session_init( mbedtls_ssl_session *session ); +void mbedtls_ssl_session_init(mbedtls_ssl_session *session); /** * \brief Free referenced items in an SSL session including the @@ -4397,7 +4391,7 @@ void mbedtls_ssl_session_init( mbedtls_ssl_session *session ); * * \param session SSL session */ -void mbedtls_ssl_session_free( mbedtls_ssl_session *session ); +void mbedtls_ssl_session_free(mbedtls_ssl_session *session); /** * \brief TLS-PRF function for key derivation. @@ -4414,11 +4408,11 @@ void mbedtls_ssl_session_free( mbedtls_ssl_session *session ); * * \return 0 on success. An SSL specific error on failure. */ -int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf, - const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ); +int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf, + const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen); #ifdef __cplusplus } diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index 02eab96d4523..e358c6c7e081 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -62,8 +62,7 @@ typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry; /** * \brief This structure is used for storing cache entries */ -struct mbedtls_ssl_cache_entry -{ +struct mbedtls_ssl_cache_entry { #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t timestamp; /*!< entry timestamp */ #endif @@ -78,8 +77,7 @@ struct mbedtls_ssl_cache_entry /** * \brief Cache context */ -struct mbedtls_ssl_cache_context -{ +struct mbedtls_ssl_cache_context { mbedtls_ssl_cache_entry *chain; /*!< start of the chain */ int timeout; /*!< cache entry timeout */ int max_entries; /*!< maximum entries */ @@ -93,7 +91,7 @@ struct mbedtls_ssl_cache_context * * \param cache SSL cache context */ -void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ); +void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache); /** * \brief Cache get callback implementation @@ -102,7 +100,7 @@ void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ); * \param data SSL cache context * \param session session to retrieve entry for */ -int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ); +int mbedtls_ssl_cache_get(void *data, mbedtls_ssl_session *session); /** * \brief Cache set callback implementation @@ -111,7 +109,7 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ); * \param data SSL cache context * \param session session to store entry for */ -int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ); +int mbedtls_ssl_cache_set(void *data, const mbedtls_ssl_session *session); #if defined(MBEDTLS_HAVE_TIME) /** @@ -123,7 +121,7 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ); * \param cache SSL cache context * \param timeout cache entry timeout in seconds */ -void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ); +void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout); #endif /* MBEDTLS_HAVE_TIME */ /** @@ -133,14 +131,14 @@ void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeou * \param cache SSL cache context * \param max cache entry maximum */ -void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ); +void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max); /** * \brief Free referenced items in a cache context and clear memory * * \param cache SSL cache context */ -void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ); +void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache); #ifdef __cplusplus } diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 93c32a5edac0..5300125f945c 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -385,10 +385,9 @@ typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t; /** * \brief This structure is used for storing ciphersuite information */ -struct mbedtls_ssl_ciphersuite_t -{ +struct mbedtls_ssl_ciphersuite_t { int id; - const char * name; + const char *name; mbedtls_cipher_type_t cipher; mbedtls_md_type_t mac; @@ -402,92 +401,87 @@ struct mbedtls_ssl_ciphersuite_t unsigned char flags; }; -const int *mbedtls_ssl_list_ciphersuites( void ); +const int *mbedtls_ssl_list_ciphersuites(void); -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name ); -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id ); +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(const char *ciphersuite_name); +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite_id); #if defined(MBEDTLS_PK_C) -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ); -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ); +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info); +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info); #endif -int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ); -int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ); +int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info); +int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED) -static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) -static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_PSK: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */ -static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } -static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: case MBEDTLS_KEY_EXCHANGE_DHE_RSA: @@ -495,56 +489,54 @@ static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphe case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_server_signature( + const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h index 2aa373177b8d..334c005a820b 100644 --- a/include/mbedtls/ssl_cookie.h +++ b/include/mbedtls/ssl_cookie.h @@ -54,8 +54,7 @@ extern "C" { /** * \brief Context for the default cookie functions. */ -typedef struct mbedtls_ssl_cookie_ctx -{ +typedef struct mbedtls_ssl_cookie_ctx { mbedtls_md_context_t hmac_ctx; /*!< context for the HMAC portion */ #if !defined(MBEDTLS_HAVE_TIME) unsigned long serial; /*!< serial number for expiration */ @@ -71,14 +70,14 @@ typedef struct mbedtls_ssl_cookie_ctx /** * \brief Initialize cookie context */ -void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ); +void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx); /** * \brief Setup cookie context (generate keys) */ -int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Set expiration delay for cookies @@ -89,12 +88,12 @@ int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, * issued in the meantime. * 0 to disable expiration (NOT recommended) */ -void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ); +void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay); /** * \brief Free cookie context */ -void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ); +void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx); /** * \brief Generate cookie, see \c mbedtls_ssl_cookie_write_t diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 77ad755477a8..b1915c8a1b6a 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -60,7 +60,7 @@ #include "mbedtls/psa_util.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -146,19 +146,19 @@ /* This macro determines whether CBC is supported. */ #if defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_AES_C) || \ - defined(MBEDTLS_CAMELLIA_C) || \ - defined(MBEDTLS_ARIA_C) || \ - defined(MBEDTLS_DES_C) ) + (defined(MBEDTLS_AES_C) || \ + defined(MBEDTLS_CAMELLIA_C) || \ + defined(MBEDTLS_ARIA_C) || \ + defined(MBEDTLS_DES_C)) #define MBEDTLS_SSL_SOME_SUITES_USE_CBC #endif /* This macro determines whether the CBC construct used in TLS 1.0-1.2 (as * opposed to the very different CBC construct used in SSLv3) is supported. */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \ - ( defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) ) + (defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2)) #define MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC #endif @@ -193,18 +193,18 @@ #define MBEDTLS_SSL_MAX_CID_EXPANSION 0 #endif -#define MBEDTLS_SSL_PAYLOAD_OVERHEAD ( MBEDTLS_SSL_COMPRESSION_ADD + \ - MBEDTLS_MAX_IV_LENGTH + \ - MBEDTLS_SSL_MAC_ADD + \ - MBEDTLS_SSL_PADDING_ADD + \ - MBEDTLS_SSL_MAX_CID_EXPANSION \ - ) +#define MBEDTLS_SSL_PAYLOAD_OVERHEAD (MBEDTLS_SSL_COMPRESSION_ADD + \ + MBEDTLS_MAX_IV_LENGTH + \ + MBEDTLS_SSL_MAC_ADD + \ + MBEDTLS_SSL_PADDING_ADD + \ + MBEDTLS_SSL_MAX_CID_EXPANSION \ + ) -#define MBEDTLS_SSL_IN_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ - ( MBEDTLS_SSL_IN_CONTENT_LEN ) ) +#define MBEDTLS_SSL_IN_PAYLOAD_LEN (MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ + (MBEDTLS_SSL_IN_CONTENT_LEN)) -#define MBEDTLS_SSL_OUT_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ - ( MBEDTLS_SSL_OUT_CONTENT_LEN ) ) +#define MBEDTLS_SSL_OUT_PAYLOAD_LEN (MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ + (MBEDTLS_SSL_OUT_CONTENT_LEN)) /* The maximum number of buffered handshake messages. */ #define MBEDTLS_SSL_MAX_BUFFERED_HS 4 @@ -215,8 +215,8 @@ */ #define MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ( \ (MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_OUT_CONTENT_LEN) \ - ? ( MBEDTLS_SSL_OUT_CONTENT_LEN ) \ - : ( MBEDTLS_SSL_IN_CONTENT_LEN ) \ + ? (MBEDTLS_SSL_OUT_CONTENT_LEN) \ + : (MBEDTLS_SSL_IN_CONTENT_LEN) \ ) /* Maximum size in bytes of list in sig-hash algorithm ext., RFC 5246 */ @@ -234,11 +234,13 @@ #endif #if MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN -#error "Bad configuration - incoming record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." +#error \ + "Bad configuration - incoming record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." #endif #if MBEDTLS_SSL_OUT_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN -#error "Bad configuration - outgoing record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." +#error \ + "Bad configuration - outgoing record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." #endif #if MBEDTLS_SSL_IN_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048 @@ -258,44 +260,44 @@ #if !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #define MBEDTLS_SSL_IN_BUFFER_LEN \ - ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) ) + ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_IN_PAYLOAD_LEN)) #else #define MBEDTLS_SSL_IN_BUFFER_LEN \ - ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) \ - + ( MBEDTLS_SSL_CID_IN_LEN_MAX ) ) + ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_IN_PAYLOAD_LEN) \ + + (MBEDTLS_SSL_CID_IN_LEN_MAX)) #endif #if !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #define MBEDTLS_SSL_OUT_BUFFER_LEN \ - ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) ) + ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_OUT_PAYLOAD_LEN)) #else #define MBEDTLS_SSL_OUT_BUFFER_LEN \ - ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) \ - + ( MBEDTLS_SSL_CID_OUT_LEN_MAX ) ) + ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_OUT_PAYLOAD_LEN) \ + + (MBEDTLS_SSL_CID_OUT_LEN_MAX)) #endif #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) -static inline size_t mbedtls_ssl_get_output_buflen( const mbedtls_ssl_context *ctx ) +static inline size_t mbedtls_ssl_get_output_buflen(const mbedtls_ssl_context *ctx) { -#if defined (MBEDTLS_SSL_DTLS_CONNECTION_ID) - return mbedtls_ssl_get_output_max_frag_len( ctx ) - + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD - + MBEDTLS_SSL_CID_OUT_LEN_MAX; +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + return mbedtls_ssl_get_output_max_frag_len(ctx) + + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD + + MBEDTLS_SSL_CID_OUT_LEN_MAX; #else - return mbedtls_ssl_get_output_max_frag_len( ctx ) - + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD; + return mbedtls_ssl_get_output_max_frag_len(ctx) + + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD; #endif } -static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ctx ) +static inline size_t mbedtls_ssl_get_input_buflen(const mbedtls_ssl_context *ctx) { -#if defined (MBEDTLS_SSL_DTLS_CONNECTION_ID) - return mbedtls_ssl_get_input_max_frag_len( ctx ) - + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD - + MBEDTLS_SSL_CID_IN_LEN_MAX; +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + return mbedtls_ssl_get_input_max_frag_len(ctx) + + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD + + MBEDTLS_SSL_CID_IN_LEN_MAX; #else - return mbedtls_ssl_get_input_max_frag_len( ctx ) - + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD; + return mbedtls_ssl_get_input_max_frag_len(ctx) + + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD; #endif } #endif @@ -303,7 +305,7 @@ static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ct #ifdef MBEDTLS_ZLIB_SUPPORT /* Compression buffer holds both IN and OUT buffers, so should be size of the larger */ #define MBEDTLS_SSL_COMPRESS_BUFFER_LEN ( \ - ( MBEDTLS_SSL_IN_BUFFER_LEN > MBEDTLS_SSL_OUT_BUFFER_LEN ) \ + (MBEDTLS_SSL_IN_BUFFER_LEN > MBEDTLS_SSL_OUT_BUFFER_LEN) \ ? MBEDTLS_SSL_IN_BUFFER_LEN \ : MBEDTLS_SSL_OUT_BUFFER_LEN \ ) @@ -328,10 +330,10 @@ static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ct * \return Zero if the needed space is available in the buffer, non-zero * otherwise. */ -static inline int mbedtls_ssl_chk_buf_ptr( const uint8_t *cur, - const uint8_t *end, size_t need ) +static inline int mbedtls_ssl_chk_buf_ptr(const uint8_t *cur, + const uint8_t *end, size_t need) { - return( ( cur > end ) || ( need > (size_t)( end - cur ) ) ); + return (cur > end) || (need > (size_t) (end - cur)); } /** @@ -344,13 +346,13 @@ static inline int mbedtls_ssl_chk_buf_ptr( const uint8_t *cur, * \param need Needed space in bytes. * */ -#define MBEDTLS_SSL_CHK_BUF_PTR( cur, end, need ) \ +#define MBEDTLS_SSL_CHK_BUF_PTR(cur, end, need) \ do { \ - if( mbedtls_ssl_chk_buf_ptr( ( cur ), ( end ), ( need ) ) != 0 ) \ + if (mbedtls_ssl_chk_buf_ptr((cur), (end), (need)) != 0) \ { \ - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); \ + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; \ } \ - } while( 0 ) + } while (0) #ifdef __cplusplus extern "C" { @@ -361,8 +363,7 @@ extern "C" { /* * Abstraction for a grid of allowed signature-hash-algorithm pairs. */ -struct mbedtls_ssl_sig_hash_set_t -{ +struct mbedtls_ssl_sig_hash_set_t { /* At the moment, we only need to remember a single suitable * hash algorithm per signature algorithm. As long as that's * the case - and we don't need a general lookup function - @@ -374,10 +375,10 @@ struct mbedtls_ssl_sig_hash_set_t #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -typedef int mbedtls_ssl_tls_prf_cb( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ); +typedef int mbedtls_ssl_tls_prf_cb(const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen); /* cipher.h exports the maximum IV, key and block length from * all ciphers enabled in the config, regardless of whether those @@ -403,16 +404,15 @@ typedef int mbedtls_ssl_tls_prf_cb( const unsigned char *secret, size_t slen, * \brief The data structure holding the cryptographic material (key and IV) * used for record protection in TLS 1.3. */ -struct mbedtls_ssl_key_set -{ +struct mbedtls_ssl_key_set { /*! The key for client->server records. */ - unsigned char client_write_key[ MBEDTLS_SSL_MAX_KEY_LENGTH ]; + unsigned char client_write_key[MBEDTLS_SSL_MAX_KEY_LENGTH]; /*! The key for server->client records. */ - unsigned char server_write_key[ MBEDTLS_SSL_MAX_KEY_LENGTH ]; + unsigned char server_write_key[MBEDTLS_SSL_MAX_KEY_LENGTH]; /*! The IV for client->server records. */ - unsigned char client_write_iv[ MBEDTLS_SSL_MAX_IV_LENGTH ]; + unsigned char client_write_iv[MBEDTLS_SSL_MAX_IV_LENGTH]; /*! The IV for server->client records. */ - unsigned char server_write_iv[ MBEDTLS_SSL_MAX_IV_LENGTH ]; + unsigned char server_write_iv[MBEDTLS_SSL_MAX_IV_LENGTH]; size_t key_len; /*!< The length of client_write_key and * server_write_key, in Bytes. */ @@ -424,8 +424,7 @@ typedef struct mbedtls_ssl_key_set mbedtls_ssl_key_set; /* * This structure contains the parameters only needed during handshake. */ -struct mbedtls_ssl_handshake_params -{ +struct mbedtls_ssl_handshake_params { /* * Handshake specific crypto variables */ @@ -544,16 +543,14 @@ struct mbedtls_ssl_handshake_params #endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - struct - { + struct { size_t total_bytes_buffered; /*!< Cumulative size of heap allocated * buffers used for message buffering. */ uint8_t seen_ccs; /*!< Indicates if a CCS message has * been seen in the current flight. */ - struct mbedtls_ssl_hs_buffer - { + struct mbedtls_ssl_hs_buffer { unsigned is_valid : 1; unsigned is_fragmented : 1; unsigned is_complete : 1; @@ -561,8 +558,7 @@ struct mbedtls_ssl_handshake_params size_t data_len; } hs[MBEDTLS_SSL_MAX_BUFFERED_HS]; - struct - { + struct { unsigned char *data; size_t len; unsigned epoch; @@ -585,7 +581,7 @@ struct mbedtls_ssl_handshake_params unsigned int in_flight_start_seq; /*!< Minimum message sequence in the flight being received */ mbedtls_ssl_transform *alt_transform_out; /*!< Alternative transform for - resending messages */ + resending messages */ unsigned char alt_out_ctr[8]; /*!< Alternative record epoch/counter for resending messages */ @@ -596,7 +592,7 @@ struct mbedtls_ssl_handshake_params * has been negotiated. Possible values are * #MBEDTLS_SSL_CID_ENABLED and * #MBEDTLS_SSL_CID_DISABLED. */ - unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; /*! The peer's CID */ + unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX]; /*! The peer's CID */ uint8_t peer_cid_len; /*!< The length of * \c peer_cid. */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -631,7 +627,7 @@ struct mbedtls_ssl_handshake_params unsigned char randbytes[64]; /*!< random bytes */ unsigned char premaster[MBEDTLS_PREMASTER_SIZE]; - /*!< premaster secret */ + /*!< premaster secret */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) /** Asynchronous operation context. This field is meant for use by the @@ -744,8 +740,7 @@ typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer; * in other transformations. * */ -struct mbedtls_ssl_transform -{ +struct mbedtls_ssl_transform { /* * Session specific crypto layer */ @@ -782,8 +777,8 @@ struct mbedtls_ssl_transform #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) uint8_t in_cid_len; uint8_t out_cid_len; - unsigned char in_cid [ MBEDTLS_SSL_CID_IN_LEN_MAX ]; - unsigned char out_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; + unsigned char in_cid[MBEDTLS_SSL_CID_IN_LEN_MAX]; + unsigned char out_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX]; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ /* @@ -806,13 +801,13 @@ struct mbedtls_ssl_transform * Equivalently, return 0 if a separate MAC is used, 1 otherwise. */ static inline int mbedtls_ssl_transform_uses_aead( - const mbedtls_ssl_transform *transform ) + const mbedtls_ssl_transform *transform) { #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - return( transform->maclen == 0 && transform->taglen != 0 ); + return transform->maclen == 0 && transform->taglen != 0; #else (void) transform; - return( 1 ); + return 1; #endif } @@ -842,8 +837,7 @@ static inline int mbedtls_ssl_transform_uses_aead( #define MBEDTLS_SSL_CID_LEN_MAX MBEDTLS_SSL_CID_IN_LEN_MAX #endif -typedef struct -{ +typedef struct { uint8_t ctr[8]; /* In TLS: The implicit record sequence number. * In DTLS: The 2-byte epoch followed by * the 6-byte sequence number. @@ -866,7 +860,7 @@ typedef struct #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) uint8_t cid_len; /* Length of the CID (0 if not present) */ - unsigned char cid[ MBEDTLS_SSL_CID_LEN_MAX ]; /* The CID */ + unsigned char cid[MBEDTLS_SSL_CID_LEN_MAX]; /* The CID */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ } mbedtls_record; @@ -874,8 +868,7 @@ typedef struct /* * List of certificate + private key pairs */ -struct mbedtls_ssl_key_cert -{ +struct mbedtls_ssl_key_cert { mbedtls_x509_crt *cert; /*!< cert */ mbedtls_pk_context *key; /*!< private key */ mbedtls_ssl_key_cert *next; /*!< next key/cert pair */ @@ -886,8 +879,7 @@ struct mbedtls_ssl_key_cert /* * List of handshake messages kept around for resending */ -struct mbedtls_ssl_flight_item -{ +struct mbedtls_ssl_flight_item { unsigned char *p; /*!< message, including handshake headers */ size_t len; /*!< length of p */ unsigned char type; /*!< type of the message: handshake or CCS */ @@ -899,20 +891,20 @@ struct mbedtls_ssl_flight_item defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* Find an entry in a signature-hash set matching a given hash algorithm. */ -mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg ); +mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find(mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg); /* Add a signature-hash-pair to a signature-hash set */ -void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg, - mbedtls_md_type_t md_alg ); +void mbedtls_ssl_sig_hash_set_add(mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg, + mbedtls_md_type_t md_alg); /* Allow exactly one hash algorithm for each signature. */ -void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_md_type_t md_alg ); +void mbedtls_ssl_sig_hash_set_const_hash(mbedtls_ssl_sig_hash_set_t *set, + mbedtls_md_type_t md_alg); /* Setup an empty signature-hash set */ -static inline void mbedtls_ssl_sig_hash_set_init( mbedtls_ssl_sig_hash_set_t *set ) +static inline void mbedtls_ssl_sig_hash_set_init(mbedtls_ssl_sig_hash_set_t *set) { - mbedtls_ssl_sig_hash_set_const_hash( set, MBEDTLS_MD_NONE ); + mbedtls_ssl_sig_hash_set_const_hash(set, MBEDTLS_MD_NONE); } #endif /* MBEDTLS_SSL_PROTO_TLS1_2) && @@ -924,7 +916,7 @@ static inline void mbedtls_ssl_sig_hash_set_init( mbedtls_ssl_sig_hash_set_t *se * * \param transform SSL transform context */ -void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ); +void mbedtls_ssl_transform_free(mbedtls_ssl_transform *transform); /** * \brief Free referenced items in an SSL handshake context and clear @@ -932,26 +924,26 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ); * * \param ssl SSL context */ -void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_handshake_client_step(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_handshake_server_step(mbedtls_ssl_context *ssl); +void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context *ssl); -void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_handle_message_type(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl); +void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl); /** * \brief Update record layer @@ -1030,39 +1022,39 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ); * */ MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, - unsigned update_hs_digest ); +int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl, + unsigned update_hs_digest); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ); +int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_handshake_msg(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ); +int mbedtls_ssl_write_record(mbedtls_ssl_context *ssl, uint8_t force_flush); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_flush_output(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_parse_change_cipher_spec(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_change_cipher_spec(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl); -void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, - const mbedtls_ssl_ciphersuite_t *ciphersuite_info ); +void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl, + const mbedtls_ssl_ciphersuite_t *ciphersuite_info); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex ); +int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex); /** * Get the first defined PSK by order of precedence: @@ -1070,29 +1062,22 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch * 2. static PSK configured by \c mbedtls_ssl_conf_psk() * Return a code and update the pair (PSK, PSK length) passed to this function */ -static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl, - const unsigned char **psk, size_t *psk_len ) +static inline int mbedtls_ssl_get_psk(const mbedtls_ssl_context *ssl, + const unsigned char **psk, size_t *psk_len) { - if( ssl->handshake->psk != NULL && ssl->handshake->psk_len > 0 ) - { + if (ssl->handshake->psk != NULL && ssl->handshake->psk_len > 0) { *psk = ssl->handshake->psk; *psk_len = ssl->handshake->psk_len; - } - - else if( ssl->conf->psk != NULL && ssl->conf->psk_len > 0 ) - { + } else if (ssl->conf->psk != NULL && ssl->conf->psk_len > 0) { *psk = ssl->conf->psk; *psk_len = ssl->conf->psk_len; - } - - else - { + } else { *psk = NULL; *psk_len = 0; - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED; } - return( 0 ); + return 0; } #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -1104,50 +1089,51 @@ static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl, * Return an opaque PSK */ static inline psa_key_id_t mbedtls_ssl_get_opaque_psk( - const mbedtls_ssl_context *ssl ) + const mbedtls_ssl_context *ssl) { - if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) - return( ssl->handshake->psk_opaque ); + if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { + return ssl->handshake->psk_opaque; + } - if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) ) - return( ssl->conf->psk_opaque ); + if (!mbedtls_svc_key_id_is_null(ssl->conf->psk_opaque)) { + return ssl->conf->psk_opaque; + } - return( MBEDTLS_SVC_KEY_ID_INIT ); + return MBEDTLS_SVC_KEY_ID_INIT; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_PK_C) -unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk ); -unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type ); -mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ); +unsigned char mbedtls_ssl_sig_from_pk(mbedtls_pk_context *pk); +unsigned char mbedtls_ssl_sig_from_pk_alg(mbedtls_pk_type_t type); +mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig); #endif -mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ); -unsigned char mbedtls_ssl_hash_from_md_alg( int md ); +mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash); +unsigned char mbedtls_ssl_hash_from_md_alg(int md); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ); +int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md); #if defined(MBEDTLS_ECP_C) MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ); +int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_check_curve_tls_id( const mbedtls_ssl_context *ssl, uint16_t tls_id ); +int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_id); #endif #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl, - mbedtls_md_type_t md ); +int mbedtls_ssl_check_sig_hash(const mbedtls_ssl_context *ssl, + mbedtls_md_type_t md); #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value - ( const uint16_t srtp_profile_value ) + (const uint16_t srtp_profile_value) { - switch( srtp_profile_value ) - { + switch (srtp_profile_value) { case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80: case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32: case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80: @@ -1155,33 +1141,35 @@ static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value return srtp_profile_value; default: break; } - return( MBEDTLS_TLS_SRTP_UNSET ); + return MBEDTLS_TLS_SRTP_UNSET; } #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) -static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl ) +static inline mbedtls_pk_context *mbedtls_ssl_own_key(mbedtls_ssl_context *ssl) { mbedtls_ssl_key_cert *key_cert; - if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL ) + if (ssl->handshake != NULL && ssl->handshake->key_cert != NULL) { key_cert = ssl->handshake->key_cert; - else + } else { key_cert = ssl->conf->key_cert; + } - return( key_cert == NULL ? NULL : key_cert->key ); + return key_cert == NULL ? NULL : key_cert->key; } -static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl ) +static inline mbedtls_x509_crt *mbedtls_ssl_own_cert(mbedtls_ssl_context *ssl) { mbedtls_ssl_key_cert *key_cert; - if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL ) + if (ssl->handshake != NULL && ssl->handshake->key_cert != NULL) { key_cert = ssl->handshake->key_cert; - else + } else { key_cert = ssl->conf->key_cert; + } - return( key_cert == NULL ? NULL : key_cert->cert ); + return key_cert == NULL ? NULL : key_cert->cert; } /* @@ -1194,77 +1182,76 @@ static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl ) * Return 0 if everything is OK, -1 if not. */ MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, - const mbedtls_ssl_ciphersuite_t *ciphersuite, - int cert_endpoint, - uint32_t *flags ); +int mbedtls_ssl_check_cert_usage(const mbedtls_x509_crt *cert, + const mbedtls_ssl_ciphersuite_t *ciphersuite, + int cert_endpoint, + uint32_t *flags); #endif /* MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_ssl_write_version( int major, int minor, int transport, - unsigned char ver[2] ); -void mbedtls_ssl_read_version( int *major, int *minor, int transport, - const unsigned char ver[2] ); +void mbedtls_ssl_write_version(int major, int minor, int transport, + unsigned char ver[2]); +void mbedtls_ssl_read_version(int *major, int *minor, int transport, + const unsigned char ver[2]); -static inline size_t mbedtls_ssl_in_hdr_len( const mbedtls_ssl_context *ssl ) +static inline size_t mbedtls_ssl_in_hdr_len(const mbedtls_ssl_context *ssl) { #if !defined(MBEDTLS_SSL_PROTO_DTLS) ((void) ssl); #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - return( 13 ); - } - else + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return 13; + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { - return( 5 ); + return 5; } } -static inline size_t mbedtls_ssl_out_hdr_len( const mbedtls_ssl_context *ssl ) +static inline size_t mbedtls_ssl_out_hdr_len(const mbedtls_ssl_context *ssl) { - return( (size_t) ( ssl->out_iv - ssl->out_hdr ) ); + return (size_t) (ssl->out_iv - ssl->out_hdr); } -static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl ) +static inline size_t mbedtls_ssl_hs_hdr_len(const mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 12 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return 12; + } #else ((void) ssl); #endif - return( 4 ); + return 4; } #if defined(MBEDTLS_SSL_PROTO_DTLS) -void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_send_flight_completed(mbedtls_ssl_context *ssl); +void mbedtls_ssl_recv_flight_completed(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_resend(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl); #endif /* Visible for testing purposes only */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context const *ssl ); -void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_dtls_replay_check(mbedtls_ssl_context const *ssl); +void mbedtls_ssl_dtls_replay_update(mbedtls_ssl_context *ssl); #endif MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, - const mbedtls_ssl_session *src ); +int mbedtls_ssl_session_copy(mbedtls_ssl_session *dst, + const mbedtls_ssl_session *src); #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, - unsigned char *output, - unsigned char *data, size_t data_len ); +int mbedtls_ssl_get_key_exchange_md_ssl_tls(mbedtls_ssl_context *ssl, + unsigned char *output, + unsigned char *data, size_t data_len); #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ MBEDTLS_SSL_PROTO_TLS1_1 */ @@ -1272,10 +1259,10 @@ int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, defined(MBEDTLS_SSL_PROTO_TLS1_2) /* The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length. */ MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, - unsigned char *hash, size_t *hashlen, - unsigned char *data, size_t data_len, - mbedtls_md_type_t md_alg ); +int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl, + unsigned char *hash, size_t *hashlen, + unsigned char *data, size_t data_len, + mbedtls_md_type_t md_alg); #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -1283,70 +1270,71 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, } #endif -void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform ); +void mbedtls_ssl_transform_init(mbedtls_ssl_transform *transform); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, - mbedtls_ssl_transform *transform, - mbedtls_record *rec, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform, + mbedtls_record *rec, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, - mbedtls_ssl_transform *transform, - mbedtls_record *rec ); +int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, + mbedtls_ssl_transform *transform, + mbedtls_record *rec); /* Length of the "epoch" field in the record header */ -static inline size_t mbedtls_ssl_ep_len( const mbedtls_ssl_context *ssl ) +static inline size_t mbedtls_ssl_ep_len(const mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 2 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return 2; + } #else ((void) ssl); #endif - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_DTLS) MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_resend_hello_request( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_resend_hello_request(mbedtls_ssl_context *ssl); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -void mbedtls_ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs ); +void mbedtls_ssl_set_timer(mbedtls_ssl_context *ssl, uint32_t millisecs); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_check_timer(mbedtls_ssl_context *ssl); -void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl, - mbedtls_ssl_transform *transform ); -void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_reset_in_out_pointers(mbedtls_ssl_context *ssl); +void mbedtls_ssl_update_out_pointers(mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform); +void mbedtls_ssl_update_in_pointers(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ); +int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial); #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -void mbedtls_ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_dtls_replay_reset(mbedtls_ssl_context *ssl); #endif -void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_handshake_wrapup_free_hs_transform(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_RENEGOTIATION) MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_start_renegotiation( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_start_renegotiation(mbedtls_ssl_context *ssl); #endif /* MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_SSL_PROTO_DTLS) -size_t mbedtls_ssl_get_current_mtu( const mbedtls_ssl_context *ssl ); -void mbedtls_ssl_buffering_free( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight ); +size_t mbedtls_ssl_get_current_mtu(const mbedtls_ssl_context *ssl); +void mbedtls_ssl_buffering_free(mbedtls_ssl_context *ssl); +void mbedtls_ssl_flight_free(mbedtls_ssl_flight_item *flight); #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_TEST_HOOKS) int mbedtls_ssl_check_dtls_clihlo_cookie( - mbedtls_ssl_context *ssl, - const unsigned char *cli_id, size_t cli_id_len, - const unsigned char *in, size_t in_len, - unsigned char *obuf, size_t buf_len, size_t *olen ); + mbedtls_ssl_context *ssl, + const unsigned char *cli_id, size_t cli_id_len, + const unsigned char *in, size_t in_len, + unsigned char *obuf, size_t buf_len, size_t *olen); #endif #endif /* ssl_internal.h */ diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h index 8221051b2470..401df7c8546c 100644 --- a/include/mbedtls/ssl_ticket.h +++ b/include/mbedtls/ssl_ticket.h @@ -48,8 +48,7 @@ extern "C" { /** * \brief Information for session ticket protection */ -typedef struct mbedtls_ssl_ticket_key -{ +typedef struct mbedtls_ssl_ticket_key { unsigned char name[4]; /*!< random key identifier */ uint32_t generation_time; /*!< key generation timestamp (seconds) */ mbedtls_cipher_context_t ctx; /*!< context for auth enc/decryption */ @@ -59,8 +58,7 @@ mbedtls_ssl_ticket_key; /** * \brief Context for session ticket handling functions */ -typedef struct mbedtls_ssl_ticket_context -{ +typedef struct mbedtls_ssl_ticket_context { mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys */ unsigned char active; /*!< index of the currently active key */ @@ -83,7 +81,7 @@ mbedtls_ssl_ticket_context; * * \param ctx Context to be initialized */ -void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ); +void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx); /** * \brief Prepare context to be actually used @@ -107,10 +105,10 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ); * \return 0 if successful, * or a specific MBEDTLS_ERR_XXX error code */ -int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_cipher_type_t cipher, - uint32_t lifetime ); +int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_cipher_type_t cipher, + uint32_t lifetime); /** * \brief Implementation of the ticket write callback @@ -131,7 +129,7 @@ mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse; * * \param ctx Context to be cleaned up */ -void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx ); +void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx); #ifdef __cplusplus } diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index d147c73f0668..25de77e7d499 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -46,8 +46,7 @@ extern "C" { #if defined(MBEDTLS_THREADING_PTHREAD) #include -typedef struct mbedtls_threading_mutex_t -{ +typedef struct mbedtls_threading_mutex_t { pthread_mutex_t mutex; /* is_valid is 0 after a failed init or a free, and nonzero after a * successful init. This field is not considered part of the public @@ -78,15 +77,15 @@ typedef struct mbedtls_threading_mutex_t * \param mutex_lock the lock function implementation * \param mutex_unlock the unlock function implementation */ -void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ), - void (*mutex_free)( mbedtls_threading_mutex_t * ), - int (*mutex_lock)( mbedtls_threading_mutex_t * ), - int (*mutex_unlock)( mbedtls_threading_mutex_t * ) ); +void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *), + void (*mutex_free)(mbedtls_threading_mutex_t *), + int (*mutex_lock)(mbedtls_threading_mutex_t *), + int (*mutex_unlock)(mbedtls_threading_mutex_t *)); /** * \brief Free global mutexes. */ -void mbedtls_threading_free_alt( void ); +void mbedtls_threading_free_alt(void); #endif /* MBEDTLS_THREADING_ALT */ #if defined(MBEDTLS_THREADING_C) @@ -95,10 +94,10 @@ void mbedtls_threading_free_alt( void ); * * All these functions are expected to work or the result will be undefined. */ -extern void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t *mutex ); -extern void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t *mutex ); -extern int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t *mutex ); -extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex ); +extern void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *mutex); +extern void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *mutex); +extern int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *mutex); +extern int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *mutex); /* * Global mutexes diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index b7290cfcabc6..597ef75211ce 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -41,16 +41,14 @@ extern "C" { /** * \brief timer structure */ -struct mbedtls_timing_hr_time -{ +struct mbedtls_timing_hr_time { unsigned char opaque[32]; }; /** * \brief Context for mbedtls_timing_set/get_delay() */ -typedef struct mbedtls_timing_delay_context -{ +typedef struct mbedtls_timing_delay_context { struct mbedtls_timing_hr_time timer; uint32_t int_ms; uint32_t fin_ms; @@ -72,7 +70,7 @@ extern volatile int mbedtls_timing_alarmed; * \note This value starts at an unspecified origin and * may wrap around. */ -unsigned long mbedtls_timing_hardclock( void ); +unsigned long mbedtls_timing_hardclock(void); /** * \brief Return the elapsed time in milliseconds @@ -91,7 +89,7 @@ unsigned long mbedtls_timing_hardclock( void ); * get_timer(0) }` the value time1+time2 is only approximately * the delay since the first reset. */ -unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ); +unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset); /** * \brief Setup an alarm clock @@ -103,7 +101,7 @@ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int * context, this means one for the whole process, not one per * thread. */ -void mbedtls_set_alarm( int seconds ); +void mbedtls_set_alarm(int seconds); /** * \brief Set a pair of delays to watch @@ -119,7 +117,7 @@ void mbedtls_set_alarm( int seconds ); * \note To set a single delay, either use \c mbedtls_timing_set_timer * directly or use this function with int_ms == fin_ms. */ -void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ); +void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms); /** * \brief Get the status of delays @@ -133,7 +131,7 @@ void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ); * 1 if only the intermediate delay is passed, * 2 if the final delay is passed. */ -int mbedtls_timing_get_delay( void *data ); +int mbedtls_timing_get_delay(void *data); #if defined(MBEDTLS_SELF_TEST) /** @@ -141,7 +139,7 @@ int mbedtls_timing_get_delay( void *data ); * * \return 0 if successful, or 1 if a test failed */ -int mbedtls_timing_self_test( int verbose ); +int mbedtls_timing_self_test(int verbose); #endif #ifdef __cplusplus diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index b3b441d46b60..1324eaebe4f9 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -61,7 +61,7 @@ extern "C" { * \return The constructed version number in the format * MMNNPP00 (Major, Minor, Patch). */ -unsigned int mbedtls_version_get_number( void ); +unsigned int mbedtls_version_get_number(void); /** * Get the version string ("x.y.z"). @@ -69,7 +69,7 @@ unsigned int mbedtls_version_get_number( void ); * \param string The string that will receive the value. * (Should be at least 9 bytes in size) */ -void mbedtls_version_get_string( char *string ); +void mbedtls_version_get_string(char *string); /** * Get the full version string ("mbed TLS x.y.z"). @@ -80,7 +80,7 @@ void mbedtls_version_get_string( char *string ); * (So the buffer should be at least 18 bytes to receive this * version string). */ -void mbedtls_version_get_string_full( char *string ); +void mbedtls_version_get_string_full(char *string); /** * \brief Check if support for a feature was compiled into this @@ -99,7 +99,7 @@ void mbedtls_version_get_string_full( char *string ); * -2 if support for feature checking as a whole was not * compiled in. */ -int mbedtls_version_check_feature( const char *feature ); +int mbedtls_version_check_feature(const char *feature); #ifdef __cplusplus } diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index 31b78df32f52..8fd321a02095 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -247,8 +247,7 @@ typedef mbedtls_asn1_named_data mbedtls_x509_name; typedef mbedtls_asn1_sequence mbedtls_x509_sequence; /** Container for date and time (precision in seconds). */ -typedef struct mbedtls_x509_time -{ +typedef struct mbedtls_x509_time { int year, mon, day; /**< Date. */ int hour, min, sec; /**< Time. */ } @@ -267,7 +266,7 @@ mbedtls_x509_time; * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ -int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ); +int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn); /** * \brief Store the certificate serial in printable form into buf; @@ -280,7 +279,7 @@ int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ); * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ -int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ); +int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial); /** * \brief Check a given mbedtls_x509_time against the system time @@ -294,7 +293,7 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se * \return 1 if the given time is in the past or an error occurred, * 0 otherwise. */ -int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ); +int mbedtls_x509_time_is_past(const mbedtls_x509_time *to); /** * \brief Check a given mbedtls_x509_time against the system time @@ -308,7 +307,7 @@ int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ); * \return 1 if the given time is in the future or an error occurred, * 0 otherwise. */ -int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ); +int mbedtls_x509_time_is_future(const mbedtls_x509_time *from); /** \} addtogroup x509_module */ @@ -319,7 +318,7 @@ int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ); * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_x509_self_test( int verbose ); +int mbedtls_x509_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ @@ -327,51 +326,51 @@ int mbedtls_x509_self_test( int verbose ); * Internal module functions. You probably do not want to use these unless you * know you do. */ -int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, - mbedtls_x509_name *cur ); -int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg ); -int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg, mbedtls_x509_buf *params ); +int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end, + mbedtls_x509_name *cur); +int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg); +int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg, mbedtls_x509_buf *params); #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) -int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, - mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, - int *salt_len ); +int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params, + mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, + int *salt_len); #endif -int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ); -int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, - mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, - void **sig_opts ); -int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, - mbedtls_x509_time *t ); -int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *serial ); -int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *ext, int tag ); -int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, - mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, - const void *sig_opts ); -int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ); -int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ); -int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, - int critical, const unsigned char *val, - size_t val_len ); -int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ); -int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ); -int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len, - unsigned char *sig, size_t size ); +int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig); +int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, + mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, + void **sig_opts); +int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end, + mbedtls_x509_time *t); +int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *serial); +int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *ext, int tag); +int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid, + mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, + const void *sig_opts); +int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name); +int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name); +int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, + int critical, const unsigned char *val, + size_t val_len); +int mbedtls_x509_write_extensions(unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first); +int mbedtls_x509_write_names(unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first); +int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len, + unsigned char *sig, size_t size); #define MBEDTLS_X509_SAFE_SNPRINTF \ do { \ - if( ret < 0 || (size_t) ret >= n ) \ - return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); \ - \ + if (ret < 0 || (size_t) ret >= n) \ + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; \ + \ n -= (size_t) ret; \ p += (size_t) ret; \ - } while( 0 ) + } while (0) #ifdef __cplusplus } diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h index 92220090197a..895eca0d613a 100644 --- a/include/mbedtls/x509_crl.h +++ b/include/mbedtls/x509_crl.h @@ -47,8 +47,7 @@ extern "C" { * Certificate revocation list entry. * Contains the CA-specific serial numbers and revocation dates. */ -typedef struct mbedtls_x509_crl_entry -{ +typedef struct mbedtls_x509_crl_entry { mbedtls_x509_buf raw; mbedtls_x509_buf serial; @@ -65,8 +64,7 @@ mbedtls_x509_crl_entry; * Certificate revocation list structure. * Every CRL may have multiple entries. */ -typedef struct mbedtls_x509_crl -{ +typedef struct mbedtls_x509_crl { mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ @@ -104,8 +102,8 @@ mbedtls_x509_crl; * * \return 0 if successful, or a specific X509 or PEM error code */ -int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, - const unsigned char *buf, size_t buflen ); +int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain, + const unsigned char *buf, size_t buflen); /** * \brief Parse one or more CRLs and append them to the chained list * @@ -118,7 +116,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, * * \return 0 if successful, or a specific X509 or PEM error code */ -int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ); +int mbedtls_x509_crl_parse(mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen); #if defined(MBEDTLS_FS_IO) /** @@ -131,7 +129,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s * * \return 0 if successful, or a specific X509 or PEM error code */ -int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); +int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path); #endif /* MBEDTLS_FS_IO */ /** @@ -145,22 +143,22 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ -int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_crl *crl ); +int mbedtls_x509_crl_info(char *buf, size_t size, const char *prefix, + const mbedtls_x509_crl *crl); /** * \brief Initialize a CRL (chain) * * \param crl CRL chain to initialize */ -void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ); +void mbedtls_x509_crl_init(mbedtls_x509_crl *crl); /** * \brief Unallocate all CRL data * * \param crl CRL chain to free */ -void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ); +void mbedtls_x509_crl_free(mbedtls_x509_crl *crl); /** \} name Structures and functions for parsing CRLs */ /** \} addtogroup x509_module */ diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 0f2885a7ee4e..235e00c066d8 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -49,8 +49,7 @@ extern "C" { /** * Container for an X.509 certificate. The certificate may be chained. */ -typedef struct mbedtls_x509_crt -{ +typedef struct mbedtls_x509_crt { int own_buffer; /**< Indicates if \c raw is owned * by the structure or not. */ mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ @@ -104,24 +103,21 @@ mbedtls_x509_crt; * type-id OBJECT IDENTIFIER, * value [0] EXPLICIT ANY DEFINED BY type-id } */ -typedef struct mbedtls_x509_san_other_name -{ +typedef struct mbedtls_x509_san_other_name { /** * The type_id is an OID as defined in RFC 5280. * To check the value of the type id, you should use * \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf. */ mbedtls_x509_buf type_id; /**< The type id. */ - union - { + union { /** * From RFC 4108 section 5: * HardwareModuleName ::= SEQUENCE { * hwType OBJECT IDENTIFIER, * hwSerialNum OCTET STRING } */ - struct - { + struct { mbedtls_x509_buf oid; /**< The object identifier. */ mbedtls_x509_buf val; /**< The named value. */ } @@ -134,8 +130,7 @@ mbedtls_x509_san_other_name; /** * A structure for holding the parsed Subject Alternative Name, according to type */ -typedef struct mbedtls_x509_subject_alternative_name -{ +typedef struct mbedtls_x509_subject_alternative_name { int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */ union { mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */ @@ -149,15 +144,14 @@ mbedtls_x509_subject_alternative_name; * Build flag from an algorithm/curve identifier (pk, md, ecp) * Since 0 is always XXX_NONE, ignore it. */ -#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( (id) - 1 ) ) +#define MBEDTLS_X509_ID_FLAG(id) (1 << ((id) - 1)) /** * Security profile for certificate verification. * * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG(). */ -typedef struct mbedtls_x509_crt_profile -{ +typedef struct mbedtls_x509_crt_profile { uint32_t allowed_mds; /**< MDs for signatures */ uint32_t allowed_pks; /**< PK algs for public keys; * this applies to all certificates @@ -174,15 +168,14 @@ mbedtls_x509_crt_profile; #define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32 #define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15 -#if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN ) +#if !defined(MBEDTLS_X509_MAX_FILE_PATH_LEN) #define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 #endif /** * Container for writing a certificate (CRT) */ -typedef struct mbedtls_x509write_cert -{ +typedef struct mbedtls_x509write_cert { int version; mbedtls_mpi serial; mbedtls_pk_context *subject_key; @@ -207,13 +200,12 @@ typedef struct { /** * Max size of verification chain: end-entity + intermediates + trusted root */ -#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) +#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE (MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2) /** * Verification chain as built by \c mbedtls_crt_verify_chain() */ -typedef struct -{ +typedef struct { mbedtls_x509_crt_verify_chain_item items[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE]; unsigned len; @@ -231,8 +223,7 @@ typedef struct /** * \brief Context for resuming X.509 verify operations */ -typedef struct -{ +typedef struct { /* for check_signature() */ mbedtls_pk_restart_ctx pk; @@ -308,9 +299,9 @@ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb; * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ); +int mbedtls_x509_crt_parse_der(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen); /** * \brief The type of certificate extension callbacks. @@ -342,12 +333,12 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, * \return \c 0 on success. * \return A negative error code on failure. */ -typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx, - mbedtls_x509_crt const *crt, - mbedtls_x509_buf const *oid, - int critical, - const unsigned char *p, - const unsigned char *end ); +typedef int (*mbedtls_x509_crt_ext_cb_t)(void *p_ctx, + mbedtls_x509_crt const *crt, + mbedtls_x509_buf const *oid, + int critical, + const unsigned char *p, + const unsigned char *end); /** * \brief Parse a single DER formatted certificate and add it @@ -389,12 +380,12 @@ typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen, - int make_copy, - mbedtls_x509_crt_ext_cb_t cb, - void *p_ctx ); +int mbedtls_x509_crt_parse_der_with_ext_cb(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen, + int make_copy, + mbedtls_x509_crt_ext_cb_t cb, + void *p_ctx); /** * \brief Parse a single DER formatted certificate and add it @@ -423,9 +414,9 @@ int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ); +int mbedtls_x509_crt_parse_der_nocopy(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen); /** * \brief Parse one DER-encoded or one or more concatenated PEM-encoded @@ -457,7 +448,7 @@ int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, * \return A negative X509 or PEM error code otherwise. * */ -int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ); +int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen); #if defined(MBEDTLS_FS_IO) /** @@ -473,7 +464,7 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, s * \return 0 if all certificates parsed successfully, a positive number * if partly successful or a specific X509 or PEM error code */ -int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ); +int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path); /** * \brief Load one or more certificate files from a path and add them @@ -488,7 +479,7 @@ int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ); * \return 0 if all certificates parsed successfully, a positive number * if partly successful or a specific X509 or PEM error code */ -int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); +int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path); #endif /* MBEDTLS_FS_IO */ /** @@ -518,8 +509,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); * SAN type. * \return Another negative value for any other failure. */ -int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, - mbedtls_x509_subject_alternative_name *san ); +int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf, + mbedtls_x509_subject_alternative_name *san); /** * \brief Returns an informational string about the * certificate. @@ -532,8 +523,8 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ -int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_crt *crt ); +int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix, + const mbedtls_x509_crt *crt); /** * \brief Returns an informational string about the @@ -547,8 +538,8 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ -int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, - uint32_t flags ); +int mbedtls_x509_crt_verify_info(char *buf, size_t size, const char *prefix, + uint32_t flags); /** * \brief Verify a chain of certificates. @@ -616,12 +607,12 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, * \return Another negative error code in case of a fatal error * encountered during the verification process. */ -int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); +int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy); /** * \brief Verify a chain of certificates with respect to @@ -657,13 +648,13 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, * \return Another negative error code in case of a fatal error * encountered during the verification process. */ -int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); +int mbedtls_x509_crt_verify_with_profile(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy); /** * \brief Restartable version of \c mbedtls_crt_verify_with_profile() @@ -691,14 +682,14 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * operations was reached: see \c mbedtls_ecp_set_max_ops(). */ -int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy, - mbedtls_x509_crt_restart_ctx *rs_ctx ); +int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy, + mbedtls_x509_crt_restart_ctx *rs_ctx); /** * \brief The type of trusted certificate callbacks. @@ -730,9 +721,9 @@ int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, * to the caller. * \return A negative error code on failure. */ -typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx, - mbedtls_x509_crt const *child, - mbedtls_x509_crt **candidate_cas ); +typedef int (*mbedtls_x509_crt_ca_cb_t)(void *p_ctx, + mbedtls_x509_crt const *child, + mbedtls_x509_crt **candidate_cas); #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) /** @@ -757,13 +748,13 @@ typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx, * * \return See \c mbedtls_crt_verify_with_profile(). */ -int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); +int mbedtls_x509_crt_verify_with_ca_cb(mbedtls_x509_crt *crt, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy); #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ @@ -789,8 +780,8 @@ int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, * (intermediate) CAs the keyUsage extension is automatically * checked by \c mbedtls_x509_crt_verify(). */ -int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, - unsigned int usage ); +int mbedtls_x509_crt_check_key_usage(const mbedtls_x509_crt *crt, + unsigned int usage); #endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */ #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) @@ -807,9 +798,9 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, * * \note Usually only makes sense on leaf certificates. */ -int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, - const char *usage_oid, - size_t usage_len ); +int mbedtls_x509_crt_check_extended_key_usage(const mbedtls_x509_crt *crt, + const char *usage_oid, + size_t usage_len); #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ #if defined(MBEDTLS_X509_CRL_PARSE_C) @@ -822,7 +813,7 @@ int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, * \return 1 if the certificate is revoked, 0 otherwise * */ -int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ); +int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl); #endif /* MBEDTLS_X509_CRL_PARSE_C */ /** @@ -830,25 +821,25 @@ int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509 * * \param crt Certificate chain to initialize */ -void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ); +void mbedtls_x509_crt_init(mbedtls_x509_crt *crt); /** * \brief Unallocate all certificate data * * \param crt Certificate chain to free */ -void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ); +void mbedtls_x509_crt_free(mbedtls_x509_crt *crt); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /** * \brief Initialize a restart context */ -void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ); +void mbedtls_x509_crt_restart_init(mbedtls_x509_crt_restart_ctx *ctx); /** * \brief Free the components of a restart context */ -void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ); +void mbedtls_x509_crt_restart_free(mbedtls_x509_crt_restart_ctx *ctx); #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ @@ -860,7 +851,7 @@ void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ); * * \param ctx CRT context to initialize */ -void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ); +void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx); /** * \brief Set the version for a Certificate @@ -870,7 +861,7 @@ void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ); * \param version version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or * MBEDTLS_X509_CRT_VERSION_3) */ -void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version ); +void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx, int version); /** * \brief Set the serial number for a Certificate. @@ -880,7 +871,7 @@ void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version * * \return 0 if successful */ -int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial ); +int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial); /** * \brief Set the validity period for a Certificate @@ -896,8 +887,8 @@ int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls * \return 0 if timestamp was parsed successfully, or * a specific error code */ -int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before, - const char *not_after ); +int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, const char *not_before, + const char *not_after); /** * \brief Set the issuer name for a Certificate @@ -911,8 +902,8 @@ int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char * \return 0 if issuer name was parsed successfully, or * a specific error code */ -int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, - const char *issuer_name ); +int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx, + const char *issuer_name); /** * \brief Set the subject name for a Certificate @@ -926,8 +917,8 @@ int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, * \return 0 if subject name was parsed successfully, or * a specific error code */ -int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, - const char *subject_name ); +int mbedtls_x509write_crt_set_subject_name(mbedtls_x509write_cert *ctx, + const char *subject_name); /** * \brief Set the subject public key for the certificate @@ -935,7 +926,7 @@ int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, * \param ctx CRT context to use * \param key public key to include */ -void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); +void mbedtls_x509write_crt_set_subject_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key); /** * \brief Set the issuer key used for signing the certificate @@ -943,7 +934,7 @@ void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls * \param ctx CRT context to use * \param key private key to sign with */ -void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); +void mbedtls_x509write_crt_set_issuer_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key); /** * \brief Set the MD algorithm to use for the signature @@ -952,7 +943,7 @@ void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_ * \param ctx CRT context to use * \param md_alg MD algorithm to use */ -void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg ); +void mbedtls_x509write_crt_set_md_alg(mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg); /** * \brief Generic function to add to or replace an extension in the @@ -967,10 +958,10 @@ void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_t * * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, - const char *oid, size_t oid_len, - int critical, - const unsigned char *val, size_t val_len ); +int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx, + const char *oid, size_t oid_len, + int critical, + const unsigned char *val, size_t val_len); /** * \brief Set the basicConstraints extension for a CRT @@ -983,8 +974,8 @@ int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, * * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, - int is_ca, int max_pathlen ); +int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx, + int is_ca, int max_pathlen); #if defined(MBEDTLS_SHA1_C) /** @@ -996,7 +987,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, * * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ); +int mbedtls_x509write_crt_set_subject_key_identifier(mbedtls_x509write_cert *ctx); /** * \brief Set the authorityKeyIdentifier extension for a CRT @@ -1007,7 +998,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct * * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ); +int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *ctx); #endif /* MBEDTLS_SHA1_C */ /** @@ -1019,8 +1010,8 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert * * * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, - unsigned int key_usage ); +int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx, + unsigned int key_usage); /** * \brief Set the Netscape Cert Type flags @@ -1031,15 +1022,15 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, * * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, - unsigned char ns_cert_type ); +int mbedtls_x509write_crt_set_ns_cert_type(mbedtls_x509write_cert *ctx, + unsigned char ns_cert_type); /** * \brief Free the contents of a CRT write context * * \param ctx CRT context to free */ -void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ); +void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx); /** * \brief Write a built up certificate to a X509 DER structure @@ -1061,9 +1052,9 @@ void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ); * for countermeasures against timing attacks). * ECDSA signatures always require a non-NULL f_rng. */ -int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #if defined(MBEDTLS_PEM_WRITE_C) /** @@ -1082,9 +1073,9 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, * for countermeasures against timing attacks). * ECDSA signatures always require a non-NULL f_rng. */ -int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_X509_CRT_WRITE_C */ diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index 2a1c04613155..fa7ef04a264e 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -46,8 +46,7 @@ extern "C" { /** * Certificate Signing Request (CSR) structure. */ -typedef struct mbedtls_x509_csr -{ +typedef struct mbedtls_x509_csr { mbedtls_x509_buf raw; /**< The raw CSR data (DER). */ mbedtls_x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */ @@ -69,8 +68,7 @@ mbedtls_x509_csr; /** * Container for writing a CSR */ -typedef struct mbedtls_x509write_csr -{ +typedef struct mbedtls_x509write_csr { mbedtls_pk_context *key; mbedtls_asn1_named_data *subject; mbedtls_md_type_t md_alg; @@ -90,8 +88,8 @@ mbedtls_x509write_csr; * * \return 0 if successful, or a specific X509 error code */ -int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, - const unsigned char *buf, size_t buflen ); +int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr, + const unsigned char *buf, size_t buflen); /** * \brief Load a Certificate Signing Request (CSR), DER or PEM format @@ -105,7 +103,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, * * \return 0 if successful, or a specific X509 or PEM error code */ -int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ); +int mbedtls_x509_csr_parse(mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen); #if defined(MBEDTLS_FS_IO) /** @@ -118,7 +116,7 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz * * \return 0 if successful, or a specific X509 or PEM error code */ -int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); +int mbedtls_x509_csr_parse_file(mbedtls_x509_csr *csr, const char *path); #endif /* MBEDTLS_FS_IO */ /** @@ -133,22 +131,22 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ -int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_csr *csr ); +int mbedtls_x509_csr_info(char *buf, size_t size, const char *prefix, + const mbedtls_x509_csr *csr); /** * \brief Initialize a CSR * * \param csr CSR to initialize */ -void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ); +void mbedtls_x509_csr_init(mbedtls_x509_csr *csr); /** * \brief Unallocate all CSR data * * \param csr CSR to free */ -void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ); +void mbedtls_x509_csr_free(mbedtls_x509_csr *csr); #endif /* MBEDTLS_X509_CSR_PARSE_C */ /** \} name Structures and functions for X.509 Certificate Signing Requests (CSR) */ @@ -159,7 +157,7 @@ void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ); * * \param ctx CSR context to initialize */ -void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ); +void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx); /** * \brief Set the subject name for a CSR @@ -173,8 +171,8 @@ void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ); * \return 0 if subject name was parsed successfully, or * a specific error code */ -int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, - const char *subject_name ); +int mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr *ctx, + const char *subject_name); /** * \brief Set the key for a CSR (public key will be included, @@ -183,7 +181,7 @@ int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, * \param ctx CSR context to use * \param key Asymmetric key to include */ -void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ); +void mbedtls_x509write_csr_set_key(mbedtls_x509write_csr *ctx, mbedtls_pk_context *key); /** * \brief Set the MD algorithm to use for the signature @@ -192,7 +190,7 @@ void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_conte * \param ctx CSR context to use * \param md_alg MD algorithm to use */ -void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ); +void mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg); /** * \brief Set the Key Usage Extension flags @@ -211,7 +209,7 @@ void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_ty * #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this * function. */ -int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ); +int mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr *ctx, unsigned char key_usage); /** * \brief Set the Netscape Cert Type flags @@ -222,8 +220,8 @@ int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned ch * * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, - unsigned char ns_cert_type ); +int mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr *ctx, + unsigned char ns_cert_type); /** * \brief Generic function to add to or replace an extension in the @@ -237,16 +235,16 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, * * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, - const char *oid, size_t oid_len, - const unsigned char *val, size_t val_len ); +int mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr *ctx, + const char *oid, size_t oid_len, + const unsigned char *val, size_t val_len); /** * \brief Free the contents of a CSR context * * \param ctx CSR context to free */ -void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ); +void mbedtls_x509write_csr_free(mbedtls_x509write_csr *ctx); /** * \brief Write a CSR (Certificate Signing Request) to a @@ -269,9 +267,9 @@ void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ); * for countermeasures against timing attacks). * ECDSA signatures always require a non-NULL f_rng. */ -int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #if defined(MBEDTLS_PEM_WRITE_C) /** @@ -291,9 +289,9 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s * for countermeasures against timing attacks). * ECDSA signatures always require a non-NULL f_rng. */ -int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_X509_CSR_WRITE_C */ diff --git a/include/mbedtls/xtea.h b/include/mbedtls/xtea.h index 4bdc711fda02..9b12a1bb52f3 100644 --- a/include/mbedtls/xtea.h +++ b/include/mbedtls/xtea.h @@ -52,8 +52,7 @@ extern "C" { /** * \brief XTEA context structure */ -typedef struct mbedtls_xtea_context -{ +typedef struct mbedtls_xtea_context { uint32_t k[4]; /*!< key */ } mbedtls_xtea_context; @@ -67,14 +66,14 @@ mbedtls_xtea_context; * * \param ctx XTEA context to be initialized */ -void mbedtls_xtea_init( mbedtls_xtea_context *ctx ); +void mbedtls_xtea_init(mbedtls_xtea_context *ctx); /** * \brief Clear XTEA context * * \param ctx XTEA context to be cleared */ -void mbedtls_xtea_free( mbedtls_xtea_context *ctx ); +void mbedtls_xtea_free(mbedtls_xtea_context *ctx); /** * \brief XTEA key schedule @@ -82,7 +81,7 @@ void mbedtls_xtea_free( mbedtls_xtea_context *ctx ); * \param ctx XTEA context to be initialized * \param key the secret key */ -void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] ); +void mbedtls_xtea_setup(mbedtls_xtea_context *ctx, const unsigned char key[16]); /** * \brief XTEA cipher function @@ -94,10 +93,10 @@ void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] * * \return 0 if successful */ -int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, - int mode, - const unsigned char input[8], - unsigned char output[8] ); +int mbedtls_xtea_crypt_ecb(mbedtls_xtea_context *ctx, + int mode, + const unsigned char input[8], + unsigned char output[8]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -113,12 +112,12 @@ int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, * \return 0 if successful, * MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0 */ -int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output); +int mbedtls_xtea_crypt_cbc(mbedtls_xtea_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_SELF_TEST) @@ -128,7 +127,7 @@ int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_xtea_self_test( int verbose ); +int mbedtls_xtea_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b75947cdb497..a6875ac3f2c4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -116,7 +116,7 @@ psa_status_t psa_crypto_init(void); /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_KEY_ATTRIBUTES_INIT {0} +#define PSA_KEY_ATTRIBUTES_INIT { 0 } #endif /** Return an initial value for a key attributes structure. @@ -143,8 +143,8 @@ static psa_key_attributes_t psa_key_attributes_init(void); * \param[out] attributes The attribute structure to write to. * \param key The persistent identifier for the key. */ -static void psa_set_key_id( psa_key_attributes_t *attributes, - mbedtls_svc_key_id_t key ); +static void psa_set_key_id(psa_key_attributes_t *attributes, + mbedtls_svc_key_id_t key); #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER /** Set the owner identifier of a key. @@ -161,8 +161,8 @@ static void psa_set_key_id( psa_key_attributes_t *attributes, * \param[out] attributes The attribute structure to write to. * \param owner The key owner identifier. */ -static void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, - mbedtls_key_owner_id_t owner ); +static void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes, + mbedtls_key_owner_id_t owner); #endif /** Set the location of a persistent key. @@ -944,7 +944,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_HASH_OPERATION_INIT {0} +#define PSA_HASH_OPERATION_INIT { 0 } #endif /** Return an initial value for a hash operation object. @@ -1308,7 +1308,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_MAC_OPERATION_INIT {0} +#define PSA_MAC_OPERATION_INIT { 0 } #endif /** Return an initial value for a MAC operation object. @@ -1727,7 +1727,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_CIPHER_OPERATION_INIT {0} +#define PSA_CIPHER_OPERATION_INIT { 0 } #endif /** Return an initial value for a cipher operation object. @@ -2251,7 +2251,7 @@ typedef struct psa_aead_operation_s psa_aead_operation_t; /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_AEAD_OPERATION_INIT {0} +#define PSA_AEAD_OPERATION_INIT { 0 } #endif /** Return an initial value for an AEAD operation object. @@ -2913,13 +2913,13 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - uint8_t * signature, - size_t signature_size, - size_t * signature_length ); +psa_status_t psa_sign_message(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length); /** \brief Verify the signature of a message with a public key, using * a hash-and-sign verification algorithm. @@ -2965,12 +2965,12 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - const uint8_t * signature, - size_t signature_length ); +psa_status_t psa_verify_message(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length); /** * \brief Sign a hash or short message with a private key. @@ -3244,7 +3244,7 @@ typedef struct psa_key_derivation_s psa_key_derivation_operation_t; /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_KEY_DERIVATION_OPERATION_INIT {0} +#define PSA_KEY_DERIVATION_OPERATION_INIT { 0 } #endif /** Return an initial value for a key derivation operation object. @@ -3371,7 +3371,7 @@ psa_status_t psa_key_derivation_set_capacity( * The value of the maximum possible capacity depends on the key derivation * algorithm. */ -#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1)) +#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t) (-1)) /** Provide an input for key derivation or key agreement. * diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h index 711c43df7850..63cb17342f2a 100644 --- a/include/psa/crypto_builtin_composites.h +++ b/include/psa/crypto_builtin_composites.h @@ -50,8 +50,7 @@ #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST) -typedef struct -{ +typedef struct { /** The HMAC algorithm in use */ psa_algorithm_t alg; /** The hash context. */ @@ -60,16 +59,14 @@ typedef struct uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; } mbedtls_psa_hmac_operation_t; -#define MBEDTLS_PSA_HMAC_OPERATION_INIT {0, PSA_HASH_OPERATION_INIT, {0}} +#define MBEDTLS_PSA_HMAC_OPERATION_INIT { 0, PSA_HASH_OPERATION_INIT, { 0 } } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ #include "mbedtls/cmac.h" -typedef struct -{ +typedef struct { psa_algorithm_t alg; - union - { + union { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST) mbedtls_psa_hmac_operation_t hmac; @@ -80,6 +77,6 @@ typedef struct } ctx; } mbedtls_psa_mac_operation_t; -#define MBEDTLS_PSA_MAC_OPERATION_INIT {0, {0}} +#define MBEDTLS_PSA_MAC_OPERATION_INIT { 0, { 0 } } #endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */ diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index 96c45290bdbf..6989cfed69c3 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -59,11 +59,9 @@ #define MBEDTLS_PSA_BUILTIN_HASH #endif -typedef struct -{ +typedef struct { psa_algorithm_t alg; - union - { + union { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) mbedtls_md2_context md2; @@ -81,17 +79,17 @@ typedef struct mbedtls_sha1_context sha1; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) mbedtls_sha256_context sha256; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) mbedtls_sha512_context sha512; #endif } ctx; } mbedtls_psa_hash_operation_t; -#define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}} +#define MBEDTLS_PSA_HASH_OPERATION_INIT { 0, { 0 } } /* * Cipher multi-part operation definitions. @@ -120,6 +118,6 @@ typedef struct { } ctx; } mbedtls_psa_cipher_operation_t; -#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}} +#define MBEDTLS_PSA_CIPHER_OPERATION_INIT { 0, 0, 0, { 0 } } #endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */ diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 0d184042e340..7ae6cbbf704f 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -50,9 +50,9 @@ typedef mbedtls_svc_key_id_t psa_key_handle_t; * * \return Non-zero if the handle is null, zero otherwise. */ -static inline int psa_key_handle_is_null( psa_key_handle_t handle ) +static inline int psa_key_handle_is_null(psa_key_handle_t handle) { - return( mbedtls_svc_key_id_is_null( handle ) ); + return mbedtls_svc_key_id_is_null(handle); } #if !defined(MBEDTLS_DEPRECATED_REMOVED) @@ -78,196 +78,197 @@ typedef MBEDTLS_PSA_DEPRECATED psa_algorithm_t mbedtls_deprecated_psa_algorithm_ #define PSA_KEY_TYPE_GET_CURVE PSA_KEY_TYPE_ECC_GET_FAMILY #define PSA_KEY_TYPE_GET_GROUP PSA_KEY_TYPE_DH_GET_FAMILY -#define MBEDTLS_DEPRECATED_CONSTANT( type, value ) \ - ( (mbedtls_deprecated_##type) ( value ) ) +#define MBEDTLS_DEPRECATED_CONSTANT(type, value) \ + ((mbedtls_deprecated_##type) (value)) /* * Deprecated PSA Crypto error code definitions (PSA Crypto API <= 1.0 beta2) */ #define PSA_ERROR_UNKNOWN_ERROR \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_GENERIC_ERROR ) + MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_GENERIC_ERROR) #define PSA_ERROR_OCCUPIED_SLOT \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_ALREADY_EXISTS ) + MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_ALREADY_EXISTS) #define PSA_ERROR_EMPTY_SLOT \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_DOES_NOT_EXIST ) + MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_DOES_NOT_EXIST) #define PSA_ERROR_INSUFFICIENT_CAPACITY \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_INSUFFICIENT_DATA ) + MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_INSUFFICIENT_DATA) #define PSA_ERROR_TAMPERING_DETECTED \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_CORRUPTION_DETECTED ) + MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_CORRUPTION_DETECTED) /* * Deprecated PSA Crypto numerical encodings (PSA Crypto API <= 1.0 beta3) */ #define PSA_KEY_USAGE_SIGN \ - MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_SIGN_HASH ) + MBEDTLS_DEPRECATED_CONSTANT(psa_key_usage_t, PSA_KEY_USAGE_SIGN_HASH) #define PSA_KEY_USAGE_VERIFY \ - MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_VERIFY_HASH ) + MBEDTLS_DEPRECATED_CONSTANT(psa_key_usage_t, PSA_KEY_USAGE_VERIFY_HASH) /* * Deprecated PSA Crypto size calculation macros (PSA Crypto API <= 1.0 beta3) */ #define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGNATURE_MAX_SIZE ) -#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) ) -#define PSA_KEY_EXPORT_MAX_SIZE( key_type, key_bits ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) ) -#define PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ) ) + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_SIGNATURE_MAX_SIZE) +#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)) +#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits)) +#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_BLOCK_CIPHER_BLOCK_LENGTH(type)) #define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE ) -#define PSA_HASH_SIZE( alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_HASH_LENGTH( alg ) ) -#define PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_MAC_LENGTH( key_type, key_bits, alg ) ) + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE) +#define PSA_HASH_SIZE(alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_HASH_LENGTH(alg)) +#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_MAC_LENGTH(key_type, key_bits, alg)) #define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE ) + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE) /* * Deprecated PSA Crypto function names (PSA Crypto API <= 1.0 beta3) */ -MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_sign( psa_key_handle_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length ) +MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_sign(psa_key_handle_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) { - return psa_sign_hash( key, alg, hash, hash_length, signature, signature_size, signature_length ); + return psa_sign_hash(key, alg, hash, hash_length, signature, signature_size, signature_length); } -MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key_handle_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *signature, - size_t signature_length ) +MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify(psa_key_handle_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) { - return psa_verify_hash( key, alg, hash, hash_length, signature, signature_length ); + return psa_verify_hash(key, alg, hash, hash_length, signature, signature_length); } /* * Size-specific elliptic curve families. */ #define PSA_ECC_CURVE_SECP160K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1) #define PSA_ECC_CURVE_SECP192K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1) #define PSA_ECC_CURVE_SECP224K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1) #define PSA_ECC_CURVE_SECP256K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1) #define PSA_ECC_CURVE_SECP160R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP192R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP224R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP256R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP384R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP521R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP160R2 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2) #define PSA_ECC_CURVE_SECT163K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT233K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT239K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT283K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT409K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT571K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT163R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT193R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT233R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT283R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT409R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT571R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT163R2 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2) #define PSA_ECC_CURVE_SECT193R2 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2) #define PSA_ECC_CURVE_BRAINPOOL_P256R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1) #define PSA_ECC_CURVE_BRAINPOOL_P384R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1) #define PSA_ECC_CURVE_BRAINPOOL_P512R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1) #define PSA_ECC_CURVE_CURVE25519 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY) #define PSA_ECC_CURVE_CURVE448 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY) /* * Curves that changed name due to PSA specification. */ #define PSA_ECC_CURVE_SECP_K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1) #define PSA_ECC_CURVE_SECP_R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP_R2 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2) #define PSA_ECC_CURVE_SECT_K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT_R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT_R2 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2) #define PSA_ECC_CURVE_BRAINPOOL_P_R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1) #define PSA_ECC_CURVE_MONTGOMERY \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY) /* * Finite-field Diffie-Hellman families. */ #define PSA_DH_GROUP_FFDHE2048 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919) #define PSA_DH_GROUP_FFDHE3072 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919) #define PSA_DH_GROUP_FFDHE4096 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919) #define PSA_DH_GROUP_FFDHE6144 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919) #define PSA_DH_GROUP_FFDHE8192 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919) /* * Diffie-Hellman families that changed name due to PSA specification. */ #define PSA_DH_GROUP_RFC7919 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919) #define PSA_DH_GROUP_CUSTOM \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_CUSTOM ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_CUSTOM) /* * Deprecated PSA Crypto stream cipher algorithms (PSA Crypto API <= 1.0 beta3) */ #define PSA_ALG_ARC4 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_STREAM_CIPHER ) + MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, PSA_ALG_STREAM_CIPHER) #define PSA_ALG_CHACHA20 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_STREAM_CIPHER ) + MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, PSA_ALG_STREAM_CIPHER) /* * Renamed AEAD tag length macros (PSA Crypto API <= 1.0 beta3) */ -#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( aead_alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( aead_alg ) ) -#define PSA_ALG_AEAD_WITH_TAG_LENGTH( aead_alg, tag_length ) \ - MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_AEAD_WITH_SHORTENED_TAG( aead_alg, tag_length ) ) +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \ + MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg)) +#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \ + MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, \ + PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length)) /* * Deprecated PSA AEAD output size macros (PSA Crypto API <= 1.0 beta3) @@ -285,11 +286,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * the ciphertext, return 0. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_TAG_LENGTH_1_ARG( alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD( alg ) ? \ - PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ - 0 ) +#define PSA_AEAD_TAG_LENGTH_1_ARG(alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD(alg) ? \ + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ + 0) /** The maximum size of the output of psa_aead_encrypt(), in bytes. * @@ -311,11 +312,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG( alg, plaintext_length ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD( alg ) ? \ - (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ - 0 ) +#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG(alg, plaintext_length) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD(alg) ? \ + (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ + 0) /** The maximum size of the output of psa_aead_decrypt(), in bytes. * @@ -337,12 +338,12 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG( alg, ciphertext_length ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD( alg ) && \ - (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) ? \ - (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ - 0 ) +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG(alg, ciphertext_length) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD(alg) && \ + (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \ + (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ + 0) /** A sufficient output buffer size for psa_aead_update(). * @@ -368,11 +369,12 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * to emit output without delay. However, hardware may not always be * capable of this. So for modes based on a block cipher, allow the * implementation to delay the output until it has a full block. */ -#define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG( alg, input_length ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \ - PSA_ROUND_UP_TO_MULTIPLE( PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length) ) : \ - (input_length) ) +#define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG(alg, input_length) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, \ + (input_length)) : \ + (input_length)) /** A sufficient ciphertext buffer size for psa_aead_finish(). * @@ -389,11 +391,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * specified algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG( alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \ - PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ - 0 ) +#define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG(alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ + 0) /** A sufficient plaintext buffer size for psa_aead_verify(). * @@ -410,11 +412,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * specified algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG( alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \ - PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ - 0 ) +#define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG(alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ + 0) #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -478,8 +480,8 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_open_key( mbedtls_svc_key_id_t key, - psa_key_handle_t *handle ); +psa_status_t psa_open_key(mbedtls_svc_key_id_t key, + psa_key_handle_t *handle); /** Close a key handle. * diff --git a/include/psa/crypto_driver_contexts_composites.h b/include/psa/crypto_driver_contexts_composites.h index a7220091ea3b..34e6fd61c3a9 100644 --- a/include/psa/crypto_driver_contexts_composites.h +++ b/include/psa/crypto_driver_contexts_composites.h @@ -50,25 +50,25 @@ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) typedef libtestdriver1_mbedtls_psa_mac_operation_t - mbedtls_transparent_test_driver_mac_operation_t; + mbedtls_transparent_test_driver_mac_operation_t; typedef libtestdriver1_mbedtls_psa_mac_operation_t - mbedtls_opaque_test_driver_mac_operation_t; + mbedtls_opaque_test_driver_mac_operation_t; #define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \ - LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT + LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT #define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \ - LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT + LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT #else typedef mbedtls_psa_mac_operation_t - mbedtls_transparent_test_driver_mac_operation_t; + mbedtls_transparent_test_driver_mac_operation_t; typedef mbedtls_psa_mac_operation_t - mbedtls_opaque_test_driver_mac_operation_t; + mbedtls_opaque_test_driver_mac_operation_t; #define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \ - MBEDTLS_PSA_MAC_OPERATION_INIT + MBEDTLS_PSA_MAC_OPERATION_INIT #define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \ - MBEDTLS_PSA_MAC_OPERATION_INIT + MBEDTLS_PSA_MAC_OPERATION_INIT #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 */ #endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/include/psa/crypto_driver_contexts_primitives.h b/include/psa/crypto_driver_contexts_primitives.h index 2bb01ed432f7..620a4b3a7783 100644 --- a/include/psa/crypto_driver_contexts_primitives.h +++ b/include/psa/crypto_driver_contexts_primitives.h @@ -50,32 +50,32 @@ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) typedef libtestdriver1_mbedtls_psa_cipher_operation_t - mbedtls_transparent_test_driver_cipher_operation_t; + mbedtls_transparent_test_driver_cipher_operation_t; #define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ - LIBTESTDRIVER1_MBEDTLS_PSA_CIPHER_OPERATION_INIT + LIBTESTDRIVER1_MBEDTLS_PSA_CIPHER_OPERATION_INIT #else typedef mbedtls_psa_cipher_operation_t - mbedtls_transparent_test_driver_cipher_operation_t; + mbedtls_transparent_test_driver_cipher_operation_t; #define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ - MBEDTLS_PSA_CIPHER_OPERATION_INIT + MBEDTLS_PSA_CIPHER_OPERATION_INIT #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER */ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) typedef libtestdriver1_mbedtls_psa_hash_operation_t - mbedtls_transparent_test_driver_hash_operation_t; + mbedtls_transparent_test_driver_hash_operation_t; #define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \ - LIBTESTDRIVER1_MBEDTLS_PSA_HASH_OPERATION_INIT + LIBTESTDRIVER1_MBEDTLS_PSA_HASH_OPERATION_INIT #else typedef mbedtls_psa_hash_operation_t - mbedtls_transparent_test_driver_hash_operation_t; + mbedtls_transparent_test_driver_hash_operation_t; #define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \ - MBEDTLS_PSA_HASH_OPERATION_INIT + MBEDTLS_PSA_HASH_OPERATION_INIT #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH */ @@ -85,7 +85,7 @@ typedef struct { } mbedtls_opaque_test_driver_cipher_operation_t; #define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \ - { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT } + { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT } #endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index a34d55164589..b62acdbb8c08 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -84,7 +84,7 @@ static inline void psa_set_key_enrollment_algorithm( static inline psa_algorithm_t psa_get_key_enrollment_algorithm( const psa_key_attributes_t *attributes) { - return( attributes->core.policy.alg2 ); + return attributes->core.policy.alg2; } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -113,7 +113,7 @@ static inline psa_algorithm_t psa_get_key_enrollment_algorithm( */ psa_status_t psa_get_key_slot_number( const psa_key_attributes_t *attributes, - psa_key_slot_number_t *slot_number ); + psa_key_slot_number_t *slot_number); /** Choose the slot number where a key is stored. * @@ -140,7 +140,7 @@ psa_status_t psa_get_key_slot_number( */ static inline void psa_set_key_slot_number( psa_key_attributes_t *attributes, - psa_key_slot_number_t slot_number ) + psa_key_slot_number_t slot_number) { attributes->core.flags |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; attributes->slot_number = slot_number; @@ -153,7 +153,7 @@ static inline void psa_set_key_slot_number( * \param[out] attributes The attribute structure to write to. */ static inline void psa_clear_key_slot_number( - psa_key_attributes_t *attributes ) + psa_key_attributes_t *attributes) { attributes->core.flags &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; } @@ -213,7 +213,7 @@ psa_status_t mbedtls_psa_register_se_key( * * This is an Mbed TLS extension. */ -void mbedtls_psa_crypto_free( void ); +void mbedtls_psa_crypto_free(void); /** \brief Statistics about * resource consumption related to the PSA keystore. @@ -221,8 +221,7 @@ void mbedtls_psa_crypto_free( void ); * \note The content of this structure is not part of the stable API and ABI * of Mbed Crypto and may change arbitrarily from version to version. */ -typedef struct mbedtls_psa_stats_s -{ +typedef struct mbedtls_psa_stats_s { /** Number of slots containing key material for a volatile key. */ size_t volatile_slots; /** Number of slots containing key material for a key which is in @@ -253,7 +252,7 @@ typedef struct mbedtls_psa_stats_s * between the application and the keystore, the service may or * may not expose this function. */ -void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ); +void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats); /** * \brief Inject an initial entropy seed for the random generator into @@ -336,7 +335,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * string. The length of the byte string is the length of the base prime `p` * in bytes. */ -#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x4002) +#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t) 0x4002) /** DSA key pair (private and public key). * @@ -354,13 +353,13 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * Add 1 to the resulting integer and use this as the private key *x*. * */ -#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002) +#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t) 0x7002) /** Whether a key type is a DSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_DSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) -#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x06000400) +#define PSA_ALG_DSA_BASE ((psa_algorithm_t) 0x06000400) /** DSA signature with hashing. * * This is the signature scheme defined by FIPS 186-4, @@ -377,7 +376,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, */ #define PSA_ALG_DSA(hash_alg) \ (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x06000500) +#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t) 0x06000500) #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG /** Deterministic DSA signature with hashing. * @@ -584,53 +583,52 @@ psa_status_t psa_get_key_domain_parameters( * (`PSA_ECC_FAMILY_xxx`). * \return \c 0 on failure (\p grpid is not recognized). */ -static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, - size_t *bits ) +static inline psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, + size_t *bits) { - switch( grpid ) - { + switch (grpid) { case MBEDTLS_ECP_DP_SECP192R1: *bits = 192; - return( PSA_ECC_FAMILY_SECP_R1 ); + return PSA_ECC_FAMILY_SECP_R1; case MBEDTLS_ECP_DP_SECP224R1: *bits = 224; - return( PSA_ECC_FAMILY_SECP_R1 ); + return PSA_ECC_FAMILY_SECP_R1; case MBEDTLS_ECP_DP_SECP256R1: *bits = 256; - return( PSA_ECC_FAMILY_SECP_R1 ); + return PSA_ECC_FAMILY_SECP_R1; case MBEDTLS_ECP_DP_SECP384R1: *bits = 384; - return( PSA_ECC_FAMILY_SECP_R1 ); + return PSA_ECC_FAMILY_SECP_R1; case MBEDTLS_ECP_DP_SECP521R1: *bits = 521; - return( PSA_ECC_FAMILY_SECP_R1 ); + return PSA_ECC_FAMILY_SECP_R1; case MBEDTLS_ECP_DP_BP256R1: *bits = 256; - return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); + return PSA_ECC_FAMILY_BRAINPOOL_P_R1; case MBEDTLS_ECP_DP_BP384R1: *bits = 384; - return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); + return PSA_ECC_FAMILY_BRAINPOOL_P_R1; case MBEDTLS_ECP_DP_BP512R1: *bits = 512; - return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); + return PSA_ECC_FAMILY_BRAINPOOL_P_R1; case MBEDTLS_ECP_DP_CURVE25519: *bits = 255; - return( PSA_ECC_FAMILY_MONTGOMERY ); + return PSA_ECC_FAMILY_MONTGOMERY; case MBEDTLS_ECP_DP_SECP192K1: *bits = 192; - return( PSA_ECC_FAMILY_SECP_K1 ); + return PSA_ECC_FAMILY_SECP_K1; case MBEDTLS_ECP_DP_SECP224K1: *bits = 224; - return( PSA_ECC_FAMILY_SECP_K1 ); + return PSA_ECC_FAMILY_SECP_K1; case MBEDTLS_ECP_DP_SECP256K1: *bits = 256; - return( PSA_ECC_FAMILY_SECP_K1 ); + return PSA_ECC_FAMILY_SECP_K1; case MBEDTLS_ECP_DP_CURVE448: *bits = 448; - return( PSA_ECC_FAMILY_MONTGOMERY ); + return PSA_ECC_FAMILY_MONTGOMERY; default: *bits = 0; - return( 0 ); + return 0; } } @@ -653,9 +651,9 @@ static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id gr * \return #MBEDTLS_ECP_DP_NONE if \p bits is not * correct for \p curve. */ -mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, - size_t bits, - int bits_is_sloppy ); +mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, + size_t bits, + int bits_is_sloppy); #endif /* MBEDTLS_ECP_C */ /**@}*/ @@ -706,7 +704,7 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, */ psa_status_t mbedtls_psa_external_get_random( mbedtls_psa_external_random_context_t *context, - uint8_t *output, size_t output_size, size_t *output_length ); + uint8_t *output, size_t output_size, size_t *output_length); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ /**@}*/ @@ -726,14 +724,14 @@ psa_status_t mbedtls_psa_external_get_random( * This value is part of the library's ABI since changing it would invalidate * the values of built-in key identifiers in applications. */ -#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t)0x7fff0000) +#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t) 0x7fff0000) /** The maximum value for a key identifier that is built into the * implementation. * * See #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information. */ -#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t)0x7fffefff) +#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t) 0x7fffefff) /** A slot number identifying a key in a driver. * @@ -751,10 +749,10 @@ typedef uint64_t psa_drv_slot_number_t; * \retval 0 * The key identifier is not a builtin key identifier. */ -static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) +static inline int psa_key_id_is_builtin(psa_key_id_t key_id) { - return( ( key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ) && - ( key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ) ); + return (key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN) && + (key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX); } /** Platform function to obtain the location and slot number of a built-in key. @@ -804,7 +802,7 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) psa_status_t mbedtls_psa_platform_get_builtin_key( mbedtls_svc_key_id_t key_id, psa_key_lifetime_t *lifetime, - psa_drv_slot_number_t *slot_number ); + psa_drv_slot_number_t *slot_number); #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ /** @} */ diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index d3f518e32765..a173c7834663 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -48,7 +48,7 @@ /* PSA requires several types which C99 provides in stdint.h. */ #include -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -73,10 +73,10 @@ typedef int32_t mbedtls_key_owner_id_t; * * \return Non-zero if the two key owner identifiers are equal, zero otherwise. */ -static inline int mbedtls_key_owner_id_equal( mbedtls_key_owner_id_t id1, - mbedtls_key_owner_id_t id2 ) +static inline int mbedtls_key_owner_id_equal(mbedtls_key_owner_id_t id1, + mbedtls_key_owner_id_t id2) { - return( id1 == id2 ); + return id1 == id2; } #endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index f8f8c92e8833..bffebdd51c3a 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -322,7 +322,7 @@ typedef psa_status_t (*psa_drv_se_mac_verify_t)(psa_drv_se_context_t *drv_contex typedef struct { /**The size in bytes of the hardware-specific secure element MAC context * structure - */ + */ size_t context_size; /** Function that performs a MAC setup operation */ @@ -814,8 +814,7 @@ typedef struct { /** An enumeration indicating how a key is created. */ -typedef enum -{ +typedef enum { PSA_KEY_CREATION_IMPORT, /**< During psa_import_key() */ PSA_KEY_CREATION_GENERATE, /**< During psa_generate_key() */ PSA_KEY_CREATION_DERIVE, /**< During psa_key_derivation_output_key() */ @@ -1234,7 +1233,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context, * \retval #PSA_SUCCESS */ typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context, - psa_key_slot_number_t dest_key); + psa_key_slot_number_t dest_key); /** \brief A function that performs the final step of a secure element key * agreement and place the generated key material in a buffer diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index a0a52876bef8..9f58c7fb5e1f 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -275,7 +275,7 @@ ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \ PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) : \ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ - ((void)(key_type), (void)(key_bits), 0)) + ((void) (key_type), (void) (key_bits), 0)) /** The maximum size of the output of psa_aead_encrypt(), in bytes. * @@ -358,8 +358,8 @@ */ #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ - (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \ - (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ + (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \ + (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ 0) /** A sufficient output buffer size for psa_aead_decrypt(), for any of the @@ -381,7 +381,7 @@ * */ #define PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(ciphertext_length) \ - (ciphertext_length) + (ciphertext_length) /** The default nonce size for an AEAD algorithm, in bytes. * @@ -410,11 +410,11 @@ */ #define PSA_AEAD_NONCE_LENGTH(key_type, alg) \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \ - MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \ - MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \ - 0 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \ + 0 : \ (key_type) == PSA_KEY_TYPE_CHACHA20 && \ - MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \ 0) /** The maximum default nonce size among all supported pairs of key types and @@ -462,9 +462,9 @@ * implementation to delay the output until it has a full block. */ #define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \ - (input_length) : \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \ + (input_length) : \ 0) /** A sufficient output buffer size for psa_aead_update(), for any of the @@ -503,8 +503,8 @@ */ #define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ 0) /** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the @@ -537,8 +537,8 @@ */ #define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ 0) /** A sufficient plaintext buffer size for psa_aead_verify(), for any of the @@ -590,9 +590,9 @@ * return value is unspecified. */ #define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ - ((void)alg, 0)) + ((void) alg, 0)) #define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \ PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) @@ -636,7 +636,7 @@ */ #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? \ - ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ + ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \ 0) /** A sufficient output buffer size for psa_asymmetric_encrypt(), for any @@ -991,14 +991,14 @@ */ #define PSA_CIPHER_IV_LENGTH(key_type, alg) \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1 && \ - ((alg) == PSA_ALG_CTR || \ - (alg) == PSA_ALG_CFB || \ - (alg) == PSA_ALG_OFB || \ - (alg) == PSA_ALG_XTS || \ - (alg) == PSA_ALG_CBC_NO_PADDING || \ - (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ + ((alg) == PSA_ALG_CTR || \ + (alg) == PSA_ALG_CFB || \ + (alg) == PSA_ALG_OFB || \ + (alg) == PSA_ALG_XTS || \ + (alg) == PSA_ALG_CBC_NO_PADDING || \ + (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ (key_type) == PSA_KEY_TYPE_CHACHA20 && \ - (alg) == PSA_ALG_STREAM_CIPHER ? 12 : \ + (alg) == PSA_ALG_STREAM_CIPHER ? 12 : \ 0) /** The maximum IV size for all supported cipher algorithms, in bytes. @@ -1033,12 +1033,12 @@ #define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \ (alg == PSA_ALG_CBC_PKCS7 ? \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ - (input_length) + 1) + \ - PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) : \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ + (input_length) + 1) + \ + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) : \ (PSA_ALG_IS_CIPHER(alg) ? \ (input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \ - 0)) + 0)) /** A sufficient output buffer size for psa_cipher_encrypt(), for any of the * supported key types and cipher algorithms. @@ -1114,13 +1114,13 @@ */ #define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ (PSA_ALG_IS_CIPHER(alg) ? \ - (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ - (((alg) == PSA_ALG_CBC_PKCS7 || \ - (alg) == PSA_ALG_CBC_NO_PADDING || \ - (alg) == PSA_ALG_ECB_NO_PADDING) ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ + (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ + (((alg) == PSA_ALG_CBC_PKCS7 || \ + (alg) == PSA_ALG_CBC_NO_PADDING || \ + (alg) == PSA_ALG_ECB_NO_PADDING) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ input_length) : \ - (input_length)) : 0) : \ + (input_length)) : 0) : \ 0) /** A sufficient output buffer size for psa_cipher_update(), for any of the diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 511b3973b86b..743c6adeec84 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -80,8 +80,7 @@ extern "C" { * algorithms. */ #include "psa/crypto_driver_contexts_primitives.h" -struct psa_hash_operation_s -{ +struct psa_hash_operation_s { /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -92,15 +91,14 @@ struct psa_hash_operation_s psa_driver_hash_context_t ctx; }; -#define PSA_HASH_OPERATION_INIT {0, {0}} -static inline struct psa_hash_operation_s psa_hash_operation_init( void ) +#define PSA_HASH_OPERATION_INIT { 0, { 0 } } +static inline struct psa_hash_operation_s psa_hash_operation_init(void) { const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; - return( v ); + return v; } -struct psa_cipher_operation_s -{ +struct psa_cipher_operation_s { /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -117,19 +115,18 @@ struct psa_cipher_operation_s psa_driver_cipher_context_t ctx; }; -#define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, {0}} -static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) +#define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } } +static inline struct psa_cipher_operation_s psa_cipher_operation_init(void) { const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; - return( v ); + return v; } /* Include the context definition for the compiled-in drivers for the composite * algorithms. */ #include "psa/crypto_driver_contexts_composites.h" -struct psa_mac_operation_s -{ +struct psa_mac_operation_s { /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -142,37 +139,34 @@ struct psa_mac_operation_s psa_driver_mac_context_t ctx; }; -#define PSA_MAC_OPERATION_INIT {0, 0, 0, {0}} -static inline struct psa_mac_operation_s psa_mac_operation_init( void ) +#define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } } +static inline struct psa_mac_operation_s psa_mac_operation_init(void) { const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; - return( v ); + return v; } -struct psa_aead_operation_s -{ +struct psa_aead_operation_s { psa_algorithm_t alg; unsigned int key_set : 1; unsigned int iv_set : 1; uint8_t iv_size; uint8_t block_size; - union - { + union { unsigned dummy; /* Enable easier initializing of the union. */ mbedtls_cipher_context_t cipher; } ctx; }; -#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, {0}} -static inline struct psa_aead_operation_s psa_aead_operation_init( void ) +#define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, { 0 } } +static inline struct psa_aead_operation_s psa_aead_operation_init(void) { const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; - return( v ); + return v; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) -typedef struct -{ +typedef struct { uint8_t *info; size_t info_length; #if PSA_HASH_MAX_SIZE > 0xff @@ -190,8 +184,7 @@ typedef struct #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) -typedef enum -{ +typedef enum { PSA_TLS12_PRF_STATE_INIT, /* no input provided */ PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */ PSA_TLS12_PRF_STATE_KEY_SET, /* key has been set */ @@ -199,8 +192,7 @@ typedef enum PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */ } psa_tls12_prf_key_derivation_state_t; -typedef struct psa_tls12_prf_key_derivation_s -{ +typedef struct psa_tls12_prf_key_derivation_s { #if PSA_HASH_MAX_SIZE > 0xff #error "PSA_HASH_MAX_SIZE does not fit in uint8_t" #endif @@ -229,46 +221,43 @@ typedef struct psa_tls12_prf_key_derivation_s #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ -struct psa_key_derivation_s -{ +struct psa_key_derivation_s { psa_algorithm_t alg; unsigned int can_output_key : 1; size_t capacity; - union - { + union { /* Make the union non-empty even with no supported algorithms. */ uint8_t dummy; #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) psa_hkdf_key_derivation_t hkdf; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) + defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) psa_tls12_prf_key_derivation_t tls12_prf; #endif } ctx; }; /* This only zeroes out the first byte in the union, the rest is unspecified. */ -#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, 0, {0}} -static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void ) +#define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } } +static inline struct psa_key_derivation_s psa_key_derivation_operation_init(void) { const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; - return( v ); + return v; } -struct psa_key_policy_s -{ +struct psa_key_policy_s { psa_key_usage_t usage; psa_algorithm_t alg; psa_algorithm_t alg2; }; typedef struct psa_key_policy_s psa_key_policy_t; -#define PSA_KEY_POLICY_INIT {0, 0, 0} -static inline struct psa_key_policy_s psa_key_policy_init( void ) +#define PSA_KEY_POLICY_INIT { 0, 0, 0 } +static inline struct psa_key_policy_s psa_key_policy_init(void) { const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; - return( v ); + return v; } /* The type used internally for key sizes. @@ -276,7 +265,7 @@ static inline struct psa_key_policy_s psa_key_policy_init( void ) typedef uint16_t psa_key_bits_t; /* The maximum value of the type used to represent bit-sizes. * This is used to mark an invalid key size. */ -#define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) ) +#define PSA_KEY_BITS_TOO_LARGE ((psa_key_bits_t) (-1)) /* The maximum size of a key in bits. * Currently defined as the maximum that can be represented, rounded down * to a whole number of bytes. @@ -294,21 +283,20 @@ typedef uint16_t psa_key_bits_t; typedef uint16_t psa_key_attributes_flag_t; #define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \ - ( (psa_key_attributes_flag_t) 0x0001 ) + ((psa_key_attributes_flag_t) 0x0001) /* A mask of key attribute flags used externally only. * Only meant for internal checks inside the library. */ #define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \ MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \ - 0 ) + 0) /* A mask of key attribute flags used both internally and externally. * Currently there aren't any. */ #define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \ - 0 ) + 0) -typedef struct -{ +typedef struct { psa_key_type_t type; psa_key_bits_t bits; psa_key_lifetime_t lifetime; @@ -317,10 +305,10 @@ typedef struct psa_key_attributes_flag_t flags; } psa_core_key_attributes_t; -#define PSA_CORE_KEY_ATTRIBUTES_INIT {PSA_KEY_TYPE_NONE, 0, PSA_KEY_LIFETIME_VOLATILE, MBEDTLS_SVC_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0} +#define PSA_CORE_KEY_ATTRIBUTES_INIT { PSA_KEY_TYPE_NONE, 0, PSA_KEY_LIFETIME_VOLATILE, \ + MBEDTLS_SVC_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0 } -struct psa_key_attributes_s -{ +struct psa_key_attributes_s { psa_core_key_attributes_t core; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) psa_key_slot_number_t slot_number; @@ -330,42 +318,41 @@ struct psa_key_attributes_s }; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0} +#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0 } #else -#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0} +#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0 } #endif -static inline struct psa_key_attributes_s psa_key_attributes_init( void ) +static inline struct psa_key_attributes_s psa_key_attributes_init(void) { const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; - return( v ); + return v; } -static inline void psa_set_key_id( psa_key_attributes_t *attributes, - mbedtls_svc_key_id_t key ) +static inline void psa_set_key_id(psa_key_attributes_t *attributes, + mbedtls_svc_key_id_t key) { psa_key_lifetime_t lifetime = attributes->core.lifetime; attributes->core.id = key; - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { attributes->core.lifetime = PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_LIFETIME_PERSISTENT, - PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) ); + PSA_KEY_LIFETIME_GET_LOCATION(lifetime)); } } static inline mbedtls_svc_key_id_t psa_get_key_id( const psa_key_attributes_t *attributes) { - return( attributes->core.id ); + return attributes->core.id; } #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER -static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, - mbedtls_key_owner_id_t owner ) +static inline void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes, + mbedtls_key_owner_id_t owner) { attributes->core.id.owner = owner; } @@ -375,8 +362,7 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime) { attributes->core.lifetime = lifetime; - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER attributes->core.id.key_id = 0; #else @@ -388,29 +374,31 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, static inline psa_key_lifetime_t psa_get_key_lifetime( const psa_key_attributes_t *attributes) { - return( attributes->core.lifetime ); + return attributes->core.lifetime; } -static inline void psa_extend_key_usage_flags( psa_key_usage_t *usage_flags ) +static inline void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags) { - if( *usage_flags & PSA_KEY_USAGE_SIGN_HASH ) + if (*usage_flags & PSA_KEY_USAGE_SIGN_HASH) { *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE; + } - if( *usage_flags & PSA_KEY_USAGE_VERIFY_HASH ) + if (*usage_flags & PSA_KEY_USAGE_VERIFY_HASH) { *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE; + } } static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags) { - psa_extend_key_usage_flags( &usage_flags ); + psa_extend_key_usage_flags(&usage_flags); attributes->core.policy.usage = usage_flags; } static inline psa_key_usage_t psa_get_key_usage_flags( const psa_key_attributes_t *attributes) { - return( attributes->core.policy.usage ); + return attributes->core.policy.usage; } static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, @@ -422,7 +410,7 @@ static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, static inline psa_algorithm_t psa_get_key_algorithm( const psa_key_attributes_t *attributes) { - return( attributes->core.policy.alg ); + return attributes->core.policy.alg; } /* This function is declared in crypto_extra.h, which comes after this @@ -435,40 +423,38 @@ psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, static inline void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type) { - if( attributes->domain_parameters == NULL ) - { + if (attributes->domain_parameters == NULL) { /* Common case: quick path */ attributes->core.type = type; - } - else - { + } else { /* Call the bigger function to free the old domain parameters. * Ignore any errors which may arise due to type requiring * non-default domain parameters, since this function can't * report errors. */ - (void) psa_set_key_domain_parameters( attributes, type, NULL, 0 ); + (void) psa_set_key_domain_parameters(attributes, type, NULL, 0); } } static inline psa_key_type_t psa_get_key_type( const psa_key_attributes_t *attributes) { - return( attributes->core.type ); + return attributes->core.type; } static inline void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits) { - if( bits > PSA_MAX_KEY_BITS ) + if (bits > PSA_MAX_KEY_BITS) { attributes->core.bits = PSA_KEY_BITS_TOO_LARGE; - else + } else { attributes->core.bits = (psa_key_bits_t) bits; + } } static inline size_t psa_get_key_bits( const psa_key_attributes_t *attributes) { - return( attributes->core.bits ); + return attributes->core.bits; } #ifdef __cplusplus diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 679cbc48e6a4..54662a54ac7c 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -290,7 +290,7 @@ typedef uint32_t psa_key_id_t; * Any changes to existing values will require bumping the storage * format version and providing a translation when reading the old * format. -*/ + */ #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) typedef psa_key_id_t mbedtls_svc_key_id_t; @@ -300,8 +300,7 @@ typedef psa_key_id_t mbedtls_svc_key_id_t; * client and encodes the client identity in the key identifier argument of * functions such as psa_open_key(). */ -typedef struct -{ +typedef struct { psa_key_id_t key_id; mbedtls_key_owner_id_t owner; } mbedtls_svc_key_id_t; diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index a9fddb79768f..a6214bda987b 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -352,7 +352,7 @@ * * Zero is not the encoding of any key type. */ -#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x0000) +#define PSA_KEY_TYPE_NONE ((psa_key_type_t) 0x0000) /** Vendor-defined key type flag. * @@ -361,15 +361,15 @@ * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should * respect the bitwise structure used by standard encodings whenever practical. */ -#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x8000) +#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t) 0x8000) -#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7000) -#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x1000) -#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x2000) -#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x4000) -#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x7000) +#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t) 0x7000) +#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t) 0x1000) +#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t) 0x2000) +#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t) 0x4000) +#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t) 0x7000) -#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x3000) +#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t) 0x3000) /** Whether a key type is vendor-defined. * @@ -427,7 +427,7 @@ * * A "key" of this type cannot be used for any cryptographic operation. * Applications may use this type to store arbitrary data in the keystore. */ -#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x1001) +#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t) 0x1001) /** HMAC key. * @@ -437,25 +437,25 @@ * HMAC keys should generally have the same size as the underlying hash. * This size can be calculated with #PSA_HASH_LENGTH(\c alg) where * \c alg is the HMAC algorithm or the underlying hash algorithm. */ -#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100) +#define PSA_KEY_TYPE_HMAC ((psa_key_type_t) 0x1100) /** A secret for key derivation. * * The key policy determines which key derivation algorithm the key * can be used for. */ -#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x1200) +#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t) 0x1200) /** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher. * * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). */ -#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x2400) +#define PSA_KEY_TYPE_AES ((psa_key_type_t) 0x2400) /** Key for a cipher, AEAD or MAC algorithm based on the * ARIA block cipher. */ -#define PSA_KEY_TYPE_ARIA ((psa_key_type_t)0x2406) +#define PSA_KEY_TYPE_ARIA ((psa_key_type_t) 0x2406) /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). * @@ -466,17 +466,17 @@ * deprecated and should only be used to decrypt legacy data. 3-key 3DES * is weak and deprecated and should only be used in legacy protocols. */ -#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x2301) +#define PSA_KEY_TYPE_DES ((psa_key_type_t) 0x2301) /** Key for a cipher, AEAD or MAC algorithm based on the * Camellia block cipher. */ -#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403) +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t) 0x2403) /** Key for the ARC4 stream cipher (also known as RC4 or ARCFOUR). * * Note that ARC4 is weak and deprecated and should only be used in * legacy protocols. */ -#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x2002) +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t) 0x2002) /** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. * @@ -485,25 +485,25 @@ * Implementations must support 12-byte nonces, may support 8-byte nonces, * and should reject other sizes. */ -#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004) +#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t) 0x2004) /** RSA public key. * * The size of an RSA key is the bit size of the modulus. */ -#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x4001) +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t) 0x4001) /** RSA key pair (private and public key). * * The size of an RSA key is the bit size of the modulus. */ -#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7001) +#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t) 0x7001) /** Whether a key type is an RSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_RSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x4100) -#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x7100) -#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff) +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4100) +#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t) 0x7100) +#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t) 0x00ff) /** Elliptic curve key pair. * * The size of an elliptic curve key is the bit size associated with the curve, @@ -543,8 +543,8 @@ /** Extract the curve from an elliptic curve key type. */ #define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \ ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \ - ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ - 0)) + ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ + 0)) /** SEC Koblitz curves over prime fields. * @@ -635,9 +635,9 @@ */ #define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42) -#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x4200) -#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200) -#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff) +#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4200) +#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t) 0x7200) +#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t) 0x00ff) /** Diffie-Hellman key pair. * * \param group A value of type ::psa_dh_family_t that identifies the @@ -669,8 +669,8 @@ /** Extract the group from a Diffie-Hellman key type. */ #define PSA_KEY_TYPE_DH_GET_FAMILY(type) \ ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \ - ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \ - 0)) + ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \ + 0)) /** Diffie-Hellman groups defined in RFC 7919 Appendix A. * @@ -703,7 +703,7 @@ #define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \ (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \ 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \ - 0u) + 0u) /* Note that algorithm values are embedded in the persistent key store, * as part of key metadata. As a consequence, they must not be changed @@ -717,17 +717,17 @@ * the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure * used by standard encodings whenever practical. */ -#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) +#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t) 0x80000000) -#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) -#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x02000000) -#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x03000000) -#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) -#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x05000000) -#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x06000000) -#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000) -#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000) -#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000) +#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t) 0x7f000000) +#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t) 0x02000000) +#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t) 0x03000000) +#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t) 0x04000000) +#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t) 0x05000000) +#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t) 0x06000000) +#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t) 0x07000000) +#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t) 0x08000000) +#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t) 0x09000000) /** Whether an algorithm is vendor-defined. * @@ -832,44 +832,44 @@ #define PSA_ALG_NONE ((psa_algorithm_t)0) /* *INDENT-ON* */ -#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) +#define PSA_ALG_HASH_MASK ((psa_algorithm_t) 0x000000ff) /** MD2 */ -#define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001) +#define PSA_ALG_MD2 ((psa_algorithm_t) 0x02000001) /** MD4 */ -#define PSA_ALG_MD4 ((psa_algorithm_t)0x02000002) +#define PSA_ALG_MD4 ((psa_algorithm_t) 0x02000002) /** MD5 */ -#define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003) +#define PSA_ALG_MD5 ((psa_algorithm_t) 0x02000003) /** PSA_ALG_RIPEMD160 */ -#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x02000004) +#define PSA_ALG_RIPEMD160 ((psa_algorithm_t) 0x02000004) /** SHA1 */ -#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x02000005) +#define PSA_ALG_SHA_1 ((psa_algorithm_t) 0x02000005) /** SHA2-224 */ -#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x02000008) +#define PSA_ALG_SHA_224 ((psa_algorithm_t) 0x02000008) /** SHA2-256 */ -#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x02000009) +#define PSA_ALG_SHA_256 ((psa_algorithm_t) 0x02000009) /** SHA2-384 */ -#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0200000a) +#define PSA_ALG_SHA_384 ((psa_algorithm_t) 0x0200000a) /** SHA2-512 */ -#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0200000b) +#define PSA_ALG_SHA_512 ((psa_algorithm_t) 0x0200000b) /** SHA2-512/224 */ -#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0200000c) +#define PSA_ALG_SHA_512_224 ((psa_algorithm_t) 0x0200000c) /** SHA2-512/256 */ -#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0200000d) +#define PSA_ALG_SHA_512_256 ((psa_algorithm_t) 0x0200000d) /** SHA3-224 */ -#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x02000010) +#define PSA_ALG_SHA3_224 ((psa_algorithm_t) 0x02000010) /** SHA3-256 */ -#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x02000011) +#define PSA_ALG_SHA3_256 ((psa_algorithm_t) 0x02000011) /** SHA3-384 */ -#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x02000012) +#define PSA_ALG_SHA3_384 ((psa_algorithm_t) 0x02000012) /** SHA3-512 */ -#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x02000013) +#define PSA_ALG_SHA3_512 ((psa_algorithm_t) 0x02000013) /** The first 512 bits (64 bytes) of the SHAKE256 output. * * This is the prehashing for Ed448ph (see #PSA_ALG_ED448PH). For other * scenarios where a hash function based on SHA3/SHAKE is desired, SHA3-512 * has the same output size and a (theoretically) higher security strength. */ -#define PSA_ALG_SHAKE256_512 ((psa_algorithm_t)0x02000015) +#define PSA_ALG_SHAKE256_512 ((psa_algorithm_t) 0x02000015) /** In a hash-and-sign algorithm policy, allow any hash algorithm. * @@ -904,10 +904,10 @@ * This value may not be used to build an algorithm specification to * perform an operation. It is only valid to build policies. */ -#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x020000ff) +#define PSA_ALG_ANY_HASH ((psa_algorithm_t) 0x020000ff) -#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) -#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x03800000) +#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t) 0x00c00000) +#define PSA_ALG_HMAC_BASE ((psa_algorithm_t) 0x03800000) /** Macro to build an HMAC algorithm. * * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. @@ -946,7 +946,7 @@ * reach up to 63; the largest MAC is 64 bytes so its trivial truncation * to full length is correctly encoded as 0 and any non-trivial truncation * is correctly encoded as a value between 1 and 63. */ -#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x003f0000) +#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t) 0x003f0000) #define PSA_MAC_TRUNCATION_OFFSET 16 /* In the encoding of a MAC algorithm, the bit corresponding to @@ -955,7 +955,7 @@ * algorithm policy can be used with any algorithm corresponding to the * same base class and having a (potentially truncated) MAC length greater or * equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */ -#define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000) +#define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000) /** Macro to build a truncated MAC algorithm. * @@ -1050,18 +1050,18 @@ * too large for the specified MAC algorithm. */ #define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \ - ( PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \ - PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) + (PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \ + PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) -#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x03c00000) +#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t) 0x03c00000) /** The CBC-MAC construction over a block cipher * * \warning CBC-MAC is insecure in many cases. * A more secure mode, such as #PSA_ALG_CMAC, is recommended. */ -#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100) +#define PSA_ALG_CBC_MAC ((psa_algorithm_t) 0x03c00100) /** The CMAC construction over a block cipher */ -#define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200) +#define PSA_ALG_CMAC ((psa_algorithm_t) 0x03c00200) /** Whether the specified algorithm is a MAC algorithm based on a block cipher. * @@ -1075,8 +1075,8 @@ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ PSA_ALG_CIPHER_MAC_BASE) -#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) -#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) +#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t) 0x00800000) +#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000) /** Whether the specified algorithm is a stream cipher. * @@ -1092,7 +1092,7 @@ */ #define PSA_ALG_IS_STREAM_CIPHER(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \ - (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) + (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) /** The stream cipher mode of a stream cipher algorithm. * @@ -1100,7 +1100,7 @@ * - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20. * - To use ARC4, use a key type of #PSA_KEY_TYPE_ARC4. */ -#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100) +#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t) 0x04800100) /** The CTR stream cipher mode. * @@ -1109,19 +1109,19 @@ * For example, to use AES-128-CTR, use this algorithm with * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). */ -#define PSA_ALG_CTR ((psa_algorithm_t)0x04c01000) +#define PSA_ALG_CTR ((psa_algorithm_t) 0x04c01000) /** The CFB stream cipher mode. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_CFB ((psa_algorithm_t)0x04c01100) +#define PSA_ALG_CFB ((psa_algorithm_t) 0x04c01100) /** The OFB stream cipher mode. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_OFB ((psa_algorithm_t)0x04c01200) +#define PSA_ALG_OFB ((psa_algorithm_t) 0x04c01200) /** The XTS cipher mode. * @@ -1129,7 +1129,7 @@ * least one full block of input, but beyond this minimum the input * does not need to be a whole number of blocks. */ -#define PSA_ALG_XTS ((psa_algorithm_t)0x0440ff00) +#define PSA_ALG_XTS ((psa_algorithm_t) 0x0440ff00) /** The Electronic Code Book (ECB) mode of a block cipher, with no padding. * @@ -1149,7 +1149,7 @@ * multi-part cipher operation with this algorithm, psa_cipher_generate_iv() * and psa_cipher_set_iv() must not be called. */ -#define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t)0x04404400) +#define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t) 0x04404400) /** The CBC block cipher chaining mode, with no padding. * @@ -1158,7 +1158,7 @@ * This symmetric cipher mode can only be used with messages whose lengths * are whole number of blocks for the chosen block cipher. */ -#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04404000) +#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t) 0x04404000) /** The CBC block cipher chaining mode with PKCS#7 padding. * @@ -1166,9 +1166,9 @@ * * This is the padding method defined by PKCS#7 (RFC 2315) §10.3. */ -#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04404100) +#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t) 0x04404100) -#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) +#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000) /** Whether the specified algorithm is an AEAD mode on a block cipher. * @@ -1187,13 +1187,13 @@ * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_CCM ((psa_algorithm_t)0x05500100) +#define PSA_ALG_CCM ((psa_algorithm_t) 0x05500100) /** The GCM authenticated encryption algorithm. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_GCM ((psa_algorithm_t)0x05500200) +#define PSA_ALG_GCM ((psa_algorithm_t) 0x05500200) /** The Chacha20-Poly1305 AEAD algorithm. * @@ -1204,13 +1204,13 @@ * * Implementations must support 16-byte tags and should reject other sizes. */ -#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500) +#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t) 0x05100500) /* In the encoding of an AEAD algorithm, the bits corresponding to * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. * The constants for default lengths follow this encoding. */ -#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x003f0000) +#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t) 0x003f0000) #define PSA_AEAD_TAG_LENGTH_OFFSET 16 /* In the encoding of an AEAD algorithm, the bit corresponding to @@ -1219,7 +1219,7 @@ * algorithm policy can be used with any algorithm corresponding to the * same base class and having a tag length greater than or equal to the one * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */ -#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000) +#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000) /** Macro to build a shortened AEAD algorithm. * @@ -1243,7 +1243,7 @@ (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \ PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \ ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ - PSA_ALG_AEAD_TAG_LENGTH_MASK)) + PSA_ALG_AEAD_TAG_LENGTH_MASK)) /** Retrieve the tag length of a specified AEAD algorithm * @@ -1257,7 +1257,7 @@ */ #define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \ (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \ - PSA_AEAD_TAG_LENGTH_OFFSET ) + PSA_AEAD_TAG_LENGTH_OFFSET) /** Calculate the corresponding AEAD algorithm with the default tag length. * @@ -1303,10 +1303,10 @@ * or too large for the specified AEAD algorithm. */ #define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \ - ( PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \ - PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) + (PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \ + PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) -#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x06000200) +#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t) 0x06000200) /** RSA PKCS#1 v1.5 signature with hashing. * * This is the signature scheme defined by RFC 8017 @@ -1334,8 +1334,8 @@ #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) -#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x06000300) -#define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t)0x06001300) +#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t) 0x06000300) +#define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t) 0x06001300) /** RSA PSS signature with hashing. * * This is the signature scheme defined by RFC 8017 @@ -1424,7 +1424,7 @@ (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \ PSA_ALG_IS_RSA_PSS_ANY_SALT(alg)) -#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x06000600) +#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t) 0x06000600) /** ECDSA signature with hashing. * * This is the ECDSA signature scheme defined by ANSI X9.62, @@ -1457,7 +1457,7 @@ * the curve size. */ #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE -#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x06000700) +#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t) 0x06000700) /** Deterministic ECDSA signature with hashing. * * This is the deterministic ECDSA signature scheme defined by RFC 6979. @@ -1482,7 +1482,7 @@ */ #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00000100) +#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t) 0x00000100) #define PSA_ALG_IS_ECDSA(alg) \ (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \ PSA_ALG_ECDSA_BASE) @@ -1521,9 +1521,9 @@ * RFC 8032 §5.1.6 and §5.2.6 (a 64-byte string for Ed25519, a 114-byte * string for Ed448). */ -#define PSA_ALG_PURE_EDDSA ((psa_algorithm_t)0x06000800) +#define PSA_ALG_PURE_EDDSA ((psa_algorithm_t) 0x06000800) -#define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t)0x06000900) +#define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t) 0x06000900) #define PSA_ALG_IS_HASH_EDDSA(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE) @@ -1615,7 +1615,7 @@ * supported algorithm identifier. */ #define PSA_ALG_IS_SIGN_MESSAGE(alg) \ - (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA ) + (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA) /** Whether the specified algorithm is a hash-and-sign algorithm. * @@ -1672,9 +1672,9 @@ /** RSA PKCS#1 v1.5 encryption. */ -#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x07000200) +#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t) 0x07000200) -#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x07000300) +#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t) 0x07000300) /** RSA OAEP encryption. * * This is the encryption scheme defined by RFC 8017 @@ -1698,7 +1698,7 @@ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ 0) -#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x08000100) +#define PSA_ALG_HKDF_BASE ((psa_algorithm_t) 0x08000100) /** Macro to build an HKDF algorithm. * * For example, `PSA_ALG_HKDF(PSA_ALG_SHA_256)` is HKDF using HMAC-SHA-256. @@ -1737,7 +1737,7 @@ #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x08000200) +#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t) 0x08000200) /** Macro to build a TLS-1.2 PRF algorithm. * * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, @@ -1780,7 +1780,7 @@ #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x08000300) +#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t) 0x08000300) /** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. * * In a pure-PSK handshake in TLS 1.2, the master secret is derived @@ -1826,8 +1826,8 @@ #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff) -#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000) +#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t) 0xfe00ffff) +#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t) 0xffff0000) /** Macro to build a combined algorithm that chains a key agreement with * a key derivation. @@ -1880,7 +1880,7 @@ * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` * in bits. */ -#define PSA_ALG_FFDH ((psa_algorithm_t)0x09010000) +#define PSA_ALG_FFDH ((psa_algorithm_t) 0x09010000) /** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. * @@ -1922,7 +1922,7 @@ * in big-endian byte order. * The bit size is `m` for the field `F_{2^m}`. */ -#define PSA_ALG_ECDH ((psa_algorithm_t)0x09020000) +#define PSA_ALG_ECDH ((psa_algorithm_t) 0x09020000) /** Whether the specified algorithm is an elliptic curve Diffie-Hellman * algorithm. @@ -1985,7 +1985,7 @@ * it must release all the resources associated with the key and erase the * key material if the calling application terminates. */ -#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) +#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t) 0x00000000) /** The default lifetime for persistent keys. * @@ -1999,31 +1999,31 @@ * application. Integrations of Mbed TLS may support other persistent lifetimes. * See ::psa_key_lifetime_t for more information. */ -#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) +#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t) 0x00000001) /** The persistence level of volatile keys. * * See ::psa_key_persistence_t for more information. */ -#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00) +#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t) 0x00) /** The default persistence level for persistent keys. * * See ::psa_key_persistence_t for more information. */ -#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01) +#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t) 0x01) /** A persistence level indicating that a key is never destroyed. * * See ::psa_key_persistence_t for more information. */ -#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) +#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t) 0xff) #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \ - ((psa_key_persistence_t)((lifetime) & 0x000000ff)) + ((psa_key_persistence_t) ((lifetime) & 0x000000ff)) #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \ - ((psa_key_location_t)((lifetime) >> 8)) + ((psa_key_location_t) ((lifetime) >> 8)) /** Whether a key lifetime indicates that the key is volatile. * @@ -2085,9 +2085,9 @@ * * See ::psa_key_location_t for more information. */ -#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000) +#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t) 0x000000) -#define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000) +#define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t) 0x800000) /* Note that key identifier values are embedded in the * persistent key store, as part of key metadata. As a consequence, they @@ -2101,23 +2101,23 @@ /* *INDENT-ON* */ /** The minimum value for a key identifier chosen by the application. */ -#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) +#define PSA_KEY_ID_USER_MIN ((psa_key_id_t) 0x00000001) /** The maximum value for a key identifier chosen by the application. */ -#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) +#define PSA_KEY_ID_USER_MAX ((psa_key_id_t) 0x3fffffff) /** The minimum value for a key identifier chosen by the implementation. */ -#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) +#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t) 0x40000000) /** The maximum value for a key identifier chosen by the implementation. */ -#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) +#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t) 0x7fffffff) #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) -#define MBEDTLS_SVC_KEY_ID_INIT ( (psa_key_id_t)0 ) -#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( id ) -#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( 0 ) +#define MBEDTLS_SVC_KEY_ID_INIT ((psa_key_id_t) 0) +#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) (id) +#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) (0) /** Utility to initialize a key identifier at runtime. * @@ -2125,11 +2125,11 @@ * \param key_id Identifier of the key. */ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( - unsigned int unused, psa_key_id_t key_id ) + unsigned int unused, psa_key_id_t key_id) { - (void)unused; + (void) unused; - return( key_id ); + return key_id; } /** Compare two key identifiers. @@ -2139,10 +2139,10 @@ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( * * \return Non-zero if the two key identifier are equal, zero otherwise. */ -static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, - mbedtls_svc_key_id_t id2 ) +static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1, + mbedtls_svc_key_id_t id2) { - return( id1 == id2 ); + return id1 == id2; } /** Check whether a key identifier is null. @@ -2151,16 +2151,16 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, * * \return Non-zero if the key identifier is null, zero otherwise. */ -static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) +static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key) { - return( key == 0 ); + return key == 0; } #else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ -#define MBEDTLS_SVC_KEY_ID_INIT ( (mbedtls_svc_key_id_t){ 0, 0 } ) -#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( ( id ).key_id ) -#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( ( id ).owner ) +#define MBEDTLS_SVC_KEY_ID_INIT ((mbedtls_svc_key_id_t){ 0, 0 }) +#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) ((id).key_id) +#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) ((id).owner) /** Utility to initialize a key identifier at runtime. * @@ -2168,10 +2168,10 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * \param key_id Identifier of the key. */ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( - mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id ) + mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id) { - return( (mbedtls_svc_key_id_t){ .key_id = key_id, - .owner = owner_id } ); + return (mbedtls_svc_key_id_t){ .key_id = key_id, + .owner = owner_id }; } /** Compare two key identifiers. @@ -2181,11 +2181,11 @@ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( * * \return Non-zero if the two key identifier are equal, zero otherwise. */ -static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, - mbedtls_svc_key_id_t id2 ) +static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1, + mbedtls_svc_key_id_t id2) { - return( ( id1.key_id == id2.key_id ) && - mbedtls_key_owner_id_equal( id1.owner, id2.owner ) ); + return (id1.key_id == id2.key_id) && + mbedtls_key_owner_id_equal(id1.owner, id2.owner); } /** Check whether a key identifier is null. @@ -2194,9 +2194,9 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, * * \return Non-zero if the key identifier is null, zero otherwise. */ -static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) +static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key) { - return( key.key_id == 0 ); + return key.key_id == 0; } #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ @@ -2223,7 +2223,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * The key may however be exportable in a wrapped form, i.e. in a form * where it is encrypted by another key. */ -#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) +#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t) 0x00000001) /** Whether the key may be copied. * @@ -2239,7 +2239,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY * is sufficient to permit the copy. */ -#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002) +#define PSA_KEY_USAGE_COPY ((psa_key_usage_t) 0x00000002) /** Whether the key may be used to encrypt a message. * @@ -2250,7 +2250,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the public key. */ -#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) +#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t) 0x00000100) /** Whether the key may be used to decrypt a message. * @@ -2261,7 +2261,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the private key. */ -#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) +#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t) 0x00000200) /** Whether the key may be used to sign a message. * @@ -2271,7 +2271,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the private key. */ -#define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t)0x00000400) +#define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t) 0x00000400) /** Whether the key may be used to verify a message. * @@ -2281,7 +2281,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the public key. */ -#define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t)0x00000800) +#define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t) 0x00000800) /** Whether the key may be used to sign a message. * @@ -2291,7 +2291,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the private key. */ -#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00001000) +#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t) 0x00001000) /** Whether the key may be used to verify a message signature. * @@ -2301,11 +2301,11 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the public key. */ -#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00002000) +#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t) 0x00002000) /** Whether the key may be used to derive other keys. */ -#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000) +#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t) 0x00004000) /**@}*/ @@ -2328,35 +2328,35 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * may not be used to derive keys: the operation will only allow * psa_key_derivation_output_bytes(), not psa_key_derivation_output_key(). */ -#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) +#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101) /** A label for key derivation. * * This should be a direct input. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. */ -#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) +#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201) /** A salt for key derivation. * * This should be a direct input. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. */ -#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) +#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202) /** An information string for key derivation. * * This should be a direct input. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. */ -#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) +#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203) /** A seed for key derivation. * * This should be a direct input. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. */ -#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) +#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204) /**@}*/ diff --git a/library/aes.c b/library/aes.c index 74ea2672b0ff..bcdf3c782bce 100644 --- a/library/aes.c +++ b/library/aes.c @@ -45,13 +45,13 @@ #if !defined(MBEDTLS_AES_ALT) /* Parameter validation macros based on platform_util.h */ -#define AES_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_AES_BAD_INPUT_DATA ) -#define AES_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define AES_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_AES_BAD_INPUT_DATA) +#define AES_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #if defined(MBEDTLS_PADLOCK_C) && \ - ( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) ) + (defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16)) static int aes_padlock_ace = -1; #endif @@ -100,86 +100,86 @@ static const unsigned char FSb[256] = */ #define FT \ \ - V(A5,63,63,C6), V(84,7C,7C,F8), V(99,77,77,EE), V(8D,7B,7B,F6), \ - V(0D,F2,F2,FF), V(BD,6B,6B,D6), V(B1,6F,6F,DE), V(54,C5,C5,91), \ - V(50,30,30,60), V(03,01,01,02), V(A9,67,67,CE), V(7D,2B,2B,56), \ - V(19,FE,FE,E7), V(62,D7,D7,B5), V(E6,AB,AB,4D), V(9A,76,76,EC), \ - V(45,CA,CA,8F), V(9D,82,82,1F), V(40,C9,C9,89), V(87,7D,7D,FA), \ - V(15,FA,FA,EF), V(EB,59,59,B2), V(C9,47,47,8E), V(0B,F0,F0,FB), \ - V(EC,AD,AD,41), V(67,D4,D4,B3), V(FD,A2,A2,5F), V(EA,AF,AF,45), \ - V(BF,9C,9C,23), V(F7,A4,A4,53), V(96,72,72,E4), V(5B,C0,C0,9B), \ - V(C2,B7,B7,75), V(1C,FD,FD,E1), V(AE,93,93,3D), V(6A,26,26,4C), \ - V(5A,36,36,6C), V(41,3F,3F,7E), V(02,F7,F7,F5), V(4F,CC,CC,83), \ - V(5C,34,34,68), V(F4,A5,A5,51), V(34,E5,E5,D1), V(08,F1,F1,F9), \ - V(93,71,71,E2), V(73,D8,D8,AB), V(53,31,31,62), V(3F,15,15,2A), \ - V(0C,04,04,08), V(52,C7,C7,95), V(65,23,23,46), V(5E,C3,C3,9D), \ - V(28,18,18,30), V(A1,96,96,37), V(0F,05,05,0A), V(B5,9A,9A,2F), \ - V(09,07,07,0E), V(36,12,12,24), V(9B,80,80,1B), V(3D,E2,E2,DF), \ - V(26,EB,EB,CD), V(69,27,27,4E), V(CD,B2,B2,7F), V(9F,75,75,EA), \ - V(1B,09,09,12), V(9E,83,83,1D), V(74,2C,2C,58), V(2E,1A,1A,34), \ - V(2D,1B,1B,36), V(B2,6E,6E,DC), V(EE,5A,5A,B4), V(FB,A0,A0,5B), \ - V(F6,52,52,A4), V(4D,3B,3B,76), V(61,D6,D6,B7), V(CE,B3,B3,7D), \ - V(7B,29,29,52), V(3E,E3,E3,DD), V(71,2F,2F,5E), V(97,84,84,13), \ - V(F5,53,53,A6), V(68,D1,D1,B9), V(00,00,00,00), V(2C,ED,ED,C1), \ - V(60,20,20,40), V(1F,FC,FC,E3), V(C8,B1,B1,79), V(ED,5B,5B,B6), \ - V(BE,6A,6A,D4), V(46,CB,CB,8D), V(D9,BE,BE,67), V(4B,39,39,72), \ - V(DE,4A,4A,94), V(D4,4C,4C,98), V(E8,58,58,B0), V(4A,CF,CF,85), \ - V(6B,D0,D0,BB), V(2A,EF,EF,C5), V(E5,AA,AA,4F), V(16,FB,FB,ED), \ - V(C5,43,43,86), V(D7,4D,4D,9A), V(55,33,33,66), V(94,85,85,11), \ - V(CF,45,45,8A), V(10,F9,F9,E9), V(06,02,02,04), V(81,7F,7F,FE), \ - V(F0,50,50,A0), V(44,3C,3C,78), V(BA,9F,9F,25), V(E3,A8,A8,4B), \ - V(F3,51,51,A2), V(FE,A3,A3,5D), V(C0,40,40,80), V(8A,8F,8F,05), \ - V(AD,92,92,3F), V(BC,9D,9D,21), V(48,38,38,70), V(04,F5,F5,F1), \ - V(DF,BC,BC,63), V(C1,B6,B6,77), V(75,DA,DA,AF), V(63,21,21,42), \ - V(30,10,10,20), V(1A,FF,FF,E5), V(0E,F3,F3,FD), V(6D,D2,D2,BF), \ - V(4C,CD,CD,81), V(14,0C,0C,18), V(35,13,13,26), V(2F,EC,EC,C3), \ - V(E1,5F,5F,BE), V(A2,97,97,35), V(CC,44,44,88), V(39,17,17,2E), \ - V(57,C4,C4,93), V(F2,A7,A7,55), V(82,7E,7E,FC), V(47,3D,3D,7A), \ - V(AC,64,64,C8), V(E7,5D,5D,BA), V(2B,19,19,32), V(95,73,73,E6), \ - V(A0,60,60,C0), V(98,81,81,19), V(D1,4F,4F,9E), V(7F,DC,DC,A3), \ - V(66,22,22,44), V(7E,2A,2A,54), V(AB,90,90,3B), V(83,88,88,0B), \ - V(CA,46,46,8C), V(29,EE,EE,C7), V(D3,B8,B8,6B), V(3C,14,14,28), \ - V(79,DE,DE,A7), V(E2,5E,5E,BC), V(1D,0B,0B,16), V(76,DB,DB,AD), \ - V(3B,E0,E0,DB), V(56,32,32,64), V(4E,3A,3A,74), V(1E,0A,0A,14), \ - V(DB,49,49,92), V(0A,06,06,0C), V(6C,24,24,48), V(E4,5C,5C,B8), \ - V(5D,C2,C2,9F), V(6E,D3,D3,BD), V(EF,AC,AC,43), V(A6,62,62,C4), \ - V(A8,91,91,39), V(A4,95,95,31), V(37,E4,E4,D3), V(8B,79,79,F2), \ - V(32,E7,E7,D5), V(43,C8,C8,8B), V(59,37,37,6E), V(B7,6D,6D,DA), \ - V(8C,8D,8D,01), V(64,D5,D5,B1), V(D2,4E,4E,9C), V(E0,A9,A9,49), \ - V(B4,6C,6C,D8), V(FA,56,56,AC), V(07,F4,F4,F3), V(25,EA,EA,CF), \ - V(AF,65,65,CA), V(8E,7A,7A,F4), V(E9,AE,AE,47), V(18,08,08,10), \ - V(D5,BA,BA,6F), V(88,78,78,F0), V(6F,25,25,4A), V(72,2E,2E,5C), \ - V(24,1C,1C,38), V(F1,A6,A6,57), V(C7,B4,B4,73), V(51,C6,C6,97), \ - V(23,E8,E8,CB), V(7C,DD,DD,A1), V(9C,74,74,E8), V(21,1F,1F,3E), \ - V(DD,4B,4B,96), V(DC,BD,BD,61), V(86,8B,8B,0D), V(85,8A,8A,0F), \ - V(90,70,70,E0), V(42,3E,3E,7C), V(C4,B5,B5,71), V(AA,66,66,CC), \ - V(D8,48,48,90), V(05,03,03,06), V(01,F6,F6,F7), V(12,0E,0E,1C), \ - V(A3,61,61,C2), V(5F,35,35,6A), V(F9,57,57,AE), V(D0,B9,B9,69), \ - V(91,86,86,17), V(58,C1,C1,99), V(27,1D,1D,3A), V(B9,9E,9E,27), \ - V(38,E1,E1,D9), V(13,F8,F8,EB), V(B3,98,98,2B), V(33,11,11,22), \ - V(BB,69,69,D2), V(70,D9,D9,A9), V(89,8E,8E,07), V(A7,94,94,33), \ - V(B6,9B,9B,2D), V(22,1E,1E,3C), V(92,87,87,15), V(20,E9,E9,C9), \ - V(49,CE,CE,87), V(FF,55,55,AA), V(78,28,28,50), V(7A,DF,DF,A5), \ - V(8F,8C,8C,03), V(F8,A1,A1,59), V(80,89,89,09), V(17,0D,0D,1A), \ - V(DA,BF,BF,65), V(31,E6,E6,D7), V(C6,42,42,84), V(B8,68,68,D0), \ - V(C3,41,41,82), V(B0,99,99,29), V(77,2D,2D,5A), V(11,0F,0F,1E), \ - V(CB,B0,B0,7B), V(FC,54,54,A8), V(D6,BB,BB,6D), V(3A,16,16,2C) - -#define V(a,b,c,d) 0x##a##b##c##d + V(A5, 63, 63, C6), V(84, 7C, 7C, F8), V(99, 77, 77, EE), V(8D, 7B, 7B, F6), \ + V(0D, F2, F2, FF), V(BD, 6B, 6B, D6), V(B1, 6F, 6F, DE), V(54, C5, C5, 91), \ + V(50, 30, 30, 60), V(03, 01, 01, 02), V(A9, 67, 67, CE), V(7D, 2B, 2B, 56), \ + V(19, FE, FE, E7), V(62, D7, D7, B5), V(E6, AB, AB, 4D), V(9A, 76, 76, EC), \ + V(45, CA, CA, 8F), V(9D, 82, 82, 1F), V(40, C9, C9, 89), V(87, 7D, 7D, FA), \ + V(15, FA, FA, EF), V(EB, 59, 59, B2), V(C9, 47, 47, 8E), V(0B, F0, F0, FB), \ + V(EC, AD, AD, 41), V(67, D4, D4, B3), V(FD, A2, A2, 5F), V(EA, AF, AF, 45), \ + V(BF, 9C, 9C, 23), V(F7, A4, A4, 53), V(96, 72, 72, E4), V(5B, C0, C0, 9B), \ + V(C2, B7, B7, 75), V(1C, FD, FD, E1), V(AE, 93, 93, 3D), V(6A, 26, 26, 4C), \ + V(5A, 36, 36, 6C), V(41, 3F, 3F, 7E), V(02, F7, F7, F5), V(4F, CC, CC, 83), \ + V(5C, 34, 34, 68), V(F4, A5, A5, 51), V(34, E5, E5, D1), V(08, F1, F1, F9), \ + V(93, 71, 71, E2), V(73, D8, D8, AB), V(53, 31, 31, 62), V(3F, 15, 15, 2A), \ + V(0C, 04, 04, 08), V(52, C7, C7, 95), V(65, 23, 23, 46), V(5E, C3, C3, 9D), \ + V(28, 18, 18, 30), V(A1, 96, 96, 37), V(0F, 05, 05, 0A), V(B5, 9A, 9A, 2F), \ + V(09, 07, 07, 0E), V(36, 12, 12, 24), V(9B, 80, 80, 1B), V(3D, E2, E2, DF), \ + V(26, EB, EB, CD), V(69, 27, 27, 4E), V(CD, B2, B2, 7F), V(9F, 75, 75, EA), \ + V(1B, 09, 09, 12), V(9E, 83, 83, 1D), V(74, 2C, 2C, 58), V(2E, 1A, 1A, 34), \ + V(2D, 1B, 1B, 36), V(B2, 6E, 6E, DC), V(EE, 5A, 5A, B4), V(FB, A0, A0, 5B), \ + V(F6, 52, 52, A4), V(4D, 3B, 3B, 76), V(61, D6, D6, B7), V(CE, B3, B3, 7D), \ + V(7B, 29, 29, 52), V(3E, E3, E3, DD), V(71, 2F, 2F, 5E), V(97, 84, 84, 13), \ + V(F5, 53, 53, A6), V(68, D1, D1, B9), V(00, 00, 00, 00), V(2C, ED, ED, C1), \ + V(60, 20, 20, 40), V(1F, FC, FC, E3), V(C8, B1, B1, 79), V(ED, 5B, 5B, B6), \ + V(BE, 6A, 6A, D4), V(46, CB, CB, 8D), V(D9, BE, BE, 67), V(4B, 39, 39, 72), \ + V(DE, 4A, 4A, 94), V(D4, 4C, 4C, 98), V(E8, 58, 58, B0), V(4A, CF, CF, 85), \ + V(6B, D0, D0, BB), V(2A, EF, EF, C5), V(E5, AA, AA, 4F), V(16, FB, FB, ED), \ + V(C5, 43, 43, 86), V(D7, 4D, 4D, 9A), V(55, 33, 33, 66), V(94, 85, 85, 11), \ + V(CF, 45, 45, 8A), V(10, F9, F9, E9), V(06, 02, 02, 04), V(81, 7F, 7F, FE), \ + V(F0, 50, 50, A0), V(44, 3C, 3C, 78), V(BA, 9F, 9F, 25), V(E3, A8, A8, 4B), \ + V(F3, 51, 51, A2), V(FE, A3, A3, 5D), V(C0, 40, 40, 80), V(8A, 8F, 8F, 05), \ + V(AD, 92, 92, 3F), V(BC, 9D, 9D, 21), V(48, 38, 38, 70), V(04, F5, F5, F1), \ + V(DF, BC, BC, 63), V(C1, B6, B6, 77), V(75, DA, DA, AF), V(63, 21, 21, 42), \ + V(30, 10, 10, 20), V(1A, FF, FF, E5), V(0E, F3, F3, FD), V(6D, D2, D2, BF), \ + V(4C, CD, CD, 81), V(14, 0C, 0C, 18), V(35, 13, 13, 26), V(2F, EC, EC, C3), \ + V(E1, 5F, 5F, BE), V(A2, 97, 97, 35), V(CC, 44, 44, 88), V(39, 17, 17, 2E), \ + V(57, C4, C4, 93), V(F2, A7, A7, 55), V(82, 7E, 7E, FC), V(47, 3D, 3D, 7A), \ + V(AC, 64, 64, C8), V(E7, 5D, 5D, BA), V(2B, 19, 19, 32), V(95, 73, 73, E6), \ + V(A0, 60, 60, C0), V(98, 81, 81, 19), V(D1, 4F, 4F, 9E), V(7F, DC, DC, A3), \ + V(66, 22, 22, 44), V(7E, 2A, 2A, 54), V(AB, 90, 90, 3B), V(83, 88, 88, 0B), \ + V(CA, 46, 46, 8C), V(29, EE, EE, C7), V(D3, B8, B8, 6B), V(3C, 14, 14, 28), \ + V(79, DE, DE, A7), V(E2, 5E, 5E, BC), V(1D, 0B, 0B, 16), V(76, DB, DB, AD), \ + V(3B, E0, E0, DB), V(56, 32, 32, 64), V(4E, 3A, 3A, 74), V(1E, 0A, 0A, 14), \ + V(DB, 49, 49, 92), V(0A, 06, 06, 0C), V(6C, 24, 24, 48), V(E4, 5C, 5C, B8), \ + V(5D, C2, C2, 9F), V(6E, D3, D3, BD), V(EF, AC, AC, 43), V(A6, 62, 62, C4), \ + V(A8, 91, 91, 39), V(A4, 95, 95, 31), V(37, E4, E4, D3), V(8B, 79, 79, F2), \ + V(32, E7, E7, D5), V(43, C8, C8, 8B), V(59, 37, 37, 6E), V(B7, 6D, 6D, DA), \ + V(8C, 8D, 8D, 01), V(64, D5, D5, B1), V(D2, 4E, 4E, 9C), V(E0, A9, A9, 49), \ + V(B4, 6C, 6C, D8), V(FA, 56, 56, AC), V(07, F4, F4, F3), V(25, EA, EA, CF), \ + V(AF, 65, 65, CA), V(8E, 7A, 7A, F4), V(E9, AE, AE, 47), V(18, 08, 08, 10), \ + V(D5, BA, BA, 6F), V(88, 78, 78, F0), V(6F, 25, 25, 4A), V(72, 2E, 2E, 5C), \ + V(24, 1C, 1C, 38), V(F1, A6, A6, 57), V(C7, B4, B4, 73), V(51, C6, C6, 97), \ + V(23, E8, E8, CB), V(7C, DD, DD, A1), V(9C, 74, 74, E8), V(21, 1F, 1F, 3E), \ + V(DD, 4B, 4B, 96), V(DC, BD, BD, 61), V(86, 8B, 8B, 0D), V(85, 8A, 8A, 0F), \ + V(90, 70, 70, E0), V(42, 3E, 3E, 7C), V(C4, B5, B5, 71), V(AA, 66, 66, CC), \ + V(D8, 48, 48, 90), V(05, 03, 03, 06), V(01, F6, F6, F7), V(12, 0E, 0E, 1C), \ + V(A3, 61, 61, C2), V(5F, 35, 35, 6A), V(F9, 57, 57, AE), V(D0, B9, B9, 69), \ + V(91, 86, 86, 17), V(58, C1, C1, 99), V(27, 1D, 1D, 3A), V(B9, 9E, 9E, 27), \ + V(38, E1, E1, D9), V(13, F8, F8, EB), V(B3, 98, 98, 2B), V(33, 11, 11, 22), \ + V(BB, 69, 69, D2), V(70, D9, D9, A9), V(89, 8E, 8E, 07), V(A7, 94, 94, 33), \ + V(B6, 9B, 9B, 2D), V(22, 1E, 1E, 3C), V(92, 87, 87, 15), V(20, E9, E9, C9), \ + V(49, CE, CE, 87), V(FF, 55, 55, AA), V(78, 28, 28, 50), V(7A, DF, DF, A5), \ + V(8F, 8C, 8C, 03), V(F8, A1, A1, 59), V(80, 89, 89, 09), V(17, 0D, 0D, 1A), \ + V(DA, BF, BF, 65), V(31, E6, E6, D7), V(C6, 42, 42, 84), V(B8, 68, 68, D0), \ + V(C3, 41, 41, 82), V(B0, 99, 99, 29), V(77, 2D, 2D, 5A), V(11, 0F, 0F, 1E), \ + V(CB, B0, B0, 7B), V(FC, 54, 54, A8), V(D6, BB, BB, 6D), V(3A, 16, 16, 2C) + +#define V(a, b, c, d) 0x##a##b##c##d static const uint32_t FT0[256] = { FT }; #undef V #if !defined(MBEDTLS_AES_FEWER_TABLES) -#define V(a,b,c,d) 0x##b##c##d##a +#define V(a, b, c, d) 0x##b##c##d##a static const uint32_t FT1[256] = { FT }; #undef V -#define V(a,b,c,d) 0x##c##d##a##b +#define V(a, b, c, d) 0x##c##d##a##b static const uint32_t FT2[256] = { FT }; #undef V -#define V(a,b,c,d) 0x##d##a##b##c +#define V(a, b, c, d) 0x##d##a##b##c static const uint32_t FT3[256] = { FT }; #undef V @@ -231,86 +231,86 @@ static const unsigned char RSb[256] = */ #define RT \ \ - V(50,A7,F4,51), V(53,65,41,7E), V(C3,A4,17,1A), V(96,5E,27,3A), \ - V(CB,6B,AB,3B), V(F1,45,9D,1F), V(AB,58,FA,AC), V(93,03,E3,4B), \ - V(55,FA,30,20), V(F6,6D,76,AD), V(91,76,CC,88), V(25,4C,02,F5), \ - V(FC,D7,E5,4F), V(D7,CB,2A,C5), V(80,44,35,26), V(8F,A3,62,B5), \ - V(49,5A,B1,DE), V(67,1B,BA,25), V(98,0E,EA,45), V(E1,C0,FE,5D), \ - V(02,75,2F,C3), V(12,F0,4C,81), V(A3,97,46,8D), V(C6,F9,D3,6B), \ - V(E7,5F,8F,03), V(95,9C,92,15), V(EB,7A,6D,BF), V(DA,59,52,95), \ - V(2D,83,BE,D4), V(D3,21,74,58), V(29,69,E0,49), V(44,C8,C9,8E), \ - V(6A,89,C2,75), V(78,79,8E,F4), V(6B,3E,58,99), V(DD,71,B9,27), \ - V(B6,4F,E1,BE), V(17,AD,88,F0), V(66,AC,20,C9), V(B4,3A,CE,7D), \ - V(18,4A,DF,63), V(82,31,1A,E5), V(60,33,51,97), V(45,7F,53,62), \ - V(E0,77,64,B1), V(84,AE,6B,BB), V(1C,A0,81,FE), V(94,2B,08,F9), \ - V(58,68,48,70), V(19,FD,45,8F), V(87,6C,DE,94), V(B7,F8,7B,52), \ - V(23,D3,73,AB), V(E2,02,4B,72), V(57,8F,1F,E3), V(2A,AB,55,66), \ - V(07,28,EB,B2), V(03,C2,B5,2F), V(9A,7B,C5,86), V(A5,08,37,D3), \ - V(F2,87,28,30), V(B2,A5,BF,23), V(BA,6A,03,02), V(5C,82,16,ED), \ - V(2B,1C,CF,8A), V(92,B4,79,A7), V(F0,F2,07,F3), V(A1,E2,69,4E), \ - V(CD,F4,DA,65), V(D5,BE,05,06), V(1F,62,34,D1), V(8A,FE,A6,C4), \ - V(9D,53,2E,34), V(A0,55,F3,A2), V(32,E1,8A,05), V(75,EB,F6,A4), \ - V(39,EC,83,0B), V(AA,EF,60,40), V(06,9F,71,5E), V(51,10,6E,BD), \ - V(F9,8A,21,3E), V(3D,06,DD,96), V(AE,05,3E,DD), V(46,BD,E6,4D), \ - V(B5,8D,54,91), V(05,5D,C4,71), V(6F,D4,06,04), V(FF,15,50,60), \ - V(24,FB,98,19), V(97,E9,BD,D6), V(CC,43,40,89), V(77,9E,D9,67), \ - V(BD,42,E8,B0), V(88,8B,89,07), V(38,5B,19,E7), V(DB,EE,C8,79), \ - V(47,0A,7C,A1), V(E9,0F,42,7C), V(C9,1E,84,F8), V(00,00,00,00), \ - V(83,86,80,09), V(48,ED,2B,32), V(AC,70,11,1E), V(4E,72,5A,6C), \ - V(FB,FF,0E,FD), V(56,38,85,0F), V(1E,D5,AE,3D), V(27,39,2D,36), \ - V(64,D9,0F,0A), V(21,A6,5C,68), V(D1,54,5B,9B), V(3A,2E,36,24), \ - V(B1,67,0A,0C), V(0F,E7,57,93), V(D2,96,EE,B4), V(9E,91,9B,1B), \ - V(4F,C5,C0,80), V(A2,20,DC,61), V(69,4B,77,5A), V(16,1A,12,1C), \ - V(0A,BA,93,E2), V(E5,2A,A0,C0), V(43,E0,22,3C), V(1D,17,1B,12), \ - V(0B,0D,09,0E), V(AD,C7,8B,F2), V(B9,A8,B6,2D), V(C8,A9,1E,14), \ - V(85,19,F1,57), V(4C,07,75,AF), V(BB,DD,99,EE), V(FD,60,7F,A3), \ - V(9F,26,01,F7), V(BC,F5,72,5C), V(C5,3B,66,44), V(34,7E,FB,5B), \ - V(76,29,43,8B), V(DC,C6,23,CB), V(68,FC,ED,B6), V(63,F1,E4,B8), \ - V(CA,DC,31,D7), V(10,85,63,42), V(40,22,97,13), V(20,11,C6,84), \ - V(7D,24,4A,85), V(F8,3D,BB,D2), V(11,32,F9,AE), V(6D,A1,29,C7), \ - V(4B,2F,9E,1D), V(F3,30,B2,DC), V(EC,52,86,0D), V(D0,E3,C1,77), \ - V(6C,16,B3,2B), V(99,B9,70,A9), V(FA,48,94,11), V(22,64,E9,47), \ - V(C4,8C,FC,A8), V(1A,3F,F0,A0), V(D8,2C,7D,56), V(EF,90,33,22), \ - V(C7,4E,49,87), V(C1,D1,38,D9), V(FE,A2,CA,8C), V(36,0B,D4,98), \ - V(CF,81,F5,A6), V(28,DE,7A,A5), V(26,8E,B7,DA), V(A4,BF,AD,3F), \ - V(E4,9D,3A,2C), V(0D,92,78,50), V(9B,CC,5F,6A), V(62,46,7E,54), \ - V(C2,13,8D,F6), V(E8,B8,D8,90), V(5E,F7,39,2E), V(F5,AF,C3,82), \ - V(BE,80,5D,9F), V(7C,93,D0,69), V(A9,2D,D5,6F), V(B3,12,25,CF), \ - V(3B,99,AC,C8), V(A7,7D,18,10), V(6E,63,9C,E8), V(7B,BB,3B,DB), \ - V(09,78,26,CD), V(F4,18,59,6E), V(01,B7,9A,EC), V(A8,9A,4F,83), \ - V(65,6E,95,E6), V(7E,E6,FF,AA), V(08,CF,BC,21), V(E6,E8,15,EF), \ - V(D9,9B,E7,BA), V(CE,36,6F,4A), V(D4,09,9F,EA), V(D6,7C,B0,29), \ - V(AF,B2,A4,31), V(31,23,3F,2A), V(30,94,A5,C6), V(C0,66,A2,35), \ - V(37,BC,4E,74), V(A6,CA,82,FC), V(B0,D0,90,E0), V(15,D8,A7,33), \ - V(4A,98,04,F1), V(F7,DA,EC,41), V(0E,50,CD,7F), V(2F,F6,91,17), \ - V(8D,D6,4D,76), V(4D,B0,EF,43), V(54,4D,AA,CC), V(DF,04,96,E4), \ - V(E3,B5,D1,9E), V(1B,88,6A,4C), V(B8,1F,2C,C1), V(7F,51,65,46), \ - V(04,EA,5E,9D), V(5D,35,8C,01), V(73,74,87,FA), V(2E,41,0B,FB), \ - V(5A,1D,67,B3), V(52,D2,DB,92), V(33,56,10,E9), V(13,47,D6,6D), \ - V(8C,61,D7,9A), V(7A,0C,A1,37), V(8E,14,F8,59), V(89,3C,13,EB), \ - V(EE,27,A9,CE), V(35,C9,61,B7), V(ED,E5,1C,E1), V(3C,B1,47,7A), \ - V(59,DF,D2,9C), V(3F,73,F2,55), V(79,CE,14,18), V(BF,37,C7,73), \ - V(EA,CD,F7,53), V(5B,AA,FD,5F), V(14,6F,3D,DF), V(86,DB,44,78), \ - V(81,F3,AF,CA), V(3E,C4,68,B9), V(2C,34,24,38), V(5F,40,A3,C2), \ - V(72,C3,1D,16), V(0C,25,E2,BC), V(8B,49,3C,28), V(41,95,0D,FF), \ - V(71,01,A8,39), V(DE,B3,0C,08), V(9C,E4,B4,D8), V(90,C1,56,64), \ - V(61,84,CB,7B), V(70,B6,32,D5), V(74,5C,6C,48), V(42,57,B8,D0) - -#define V(a,b,c,d) 0x##a##b##c##d + V(50, A7, F4, 51), V(53, 65, 41, 7E), V(C3, A4, 17, 1A), V(96, 5E, 27, 3A), \ + V(CB, 6B, AB, 3B), V(F1, 45, 9D, 1F), V(AB, 58, FA, AC), V(93, 03, E3, 4B), \ + V(55, FA, 30, 20), V(F6, 6D, 76, AD), V(91, 76, CC, 88), V(25, 4C, 02, F5), \ + V(FC, D7, E5, 4F), V(D7, CB, 2A, C5), V(80, 44, 35, 26), V(8F, A3, 62, B5), \ + V(49, 5A, B1, DE), V(67, 1B, BA, 25), V(98, 0E, EA, 45), V(E1, C0, FE, 5D), \ + V(02, 75, 2F, C3), V(12, F0, 4C, 81), V(A3, 97, 46, 8D), V(C6, F9, D3, 6B), \ + V(E7, 5F, 8F, 03), V(95, 9C, 92, 15), V(EB, 7A, 6D, BF), V(DA, 59, 52, 95), \ + V(2D, 83, BE, D4), V(D3, 21, 74, 58), V(29, 69, E0, 49), V(44, C8, C9, 8E), \ + V(6A, 89, C2, 75), V(78, 79, 8E, F4), V(6B, 3E, 58, 99), V(DD, 71, B9, 27), \ + V(B6, 4F, E1, BE), V(17, AD, 88, F0), V(66, AC, 20, C9), V(B4, 3A, CE, 7D), \ + V(18, 4A, DF, 63), V(82, 31, 1A, E5), V(60, 33, 51, 97), V(45, 7F, 53, 62), \ + V(E0, 77, 64, B1), V(84, AE, 6B, BB), V(1C, A0, 81, FE), V(94, 2B, 08, F9), \ + V(58, 68, 48, 70), V(19, FD, 45, 8F), V(87, 6C, DE, 94), V(B7, F8, 7B, 52), \ + V(23, D3, 73, AB), V(E2, 02, 4B, 72), V(57, 8F, 1F, E3), V(2A, AB, 55, 66), \ + V(07, 28, EB, B2), V(03, C2, B5, 2F), V(9A, 7B, C5, 86), V(A5, 08, 37, D3), \ + V(F2, 87, 28, 30), V(B2, A5, BF, 23), V(BA, 6A, 03, 02), V(5C, 82, 16, ED), \ + V(2B, 1C, CF, 8A), V(92, B4, 79, A7), V(F0, F2, 07, F3), V(A1, E2, 69, 4E), \ + V(CD, F4, DA, 65), V(D5, BE, 05, 06), V(1F, 62, 34, D1), V(8A, FE, A6, C4), \ + V(9D, 53, 2E, 34), V(A0, 55, F3, A2), V(32, E1, 8A, 05), V(75, EB, F6, A4), \ + V(39, EC, 83, 0B), V(AA, EF, 60, 40), V(06, 9F, 71, 5E), V(51, 10, 6E, BD), \ + V(F9, 8A, 21, 3E), V(3D, 06, DD, 96), V(AE, 05, 3E, DD), V(46, BD, E6, 4D), \ + V(B5, 8D, 54, 91), V(05, 5D, C4, 71), V(6F, D4, 06, 04), V(FF, 15, 50, 60), \ + V(24, FB, 98, 19), V(97, E9, BD, D6), V(CC, 43, 40, 89), V(77, 9E, D9, 67), \ + V(BD, 42, E8, B0), V(88, 8B, 89, 07), V(38, 5B, 19, E7), V(DB, EE, C8, 79), \ + V(47, 0A, 7C, A1), V(E9, 0F, 42, 7C), V(C9, 1E, 84, F8), V(00, 00, 00, 00), \ + V(83, 86, 80, 09), V(48, ED, 2B, 32), V(AC, 70, 11, 1E), V(4E, 72, 5A, 6C), \ + V(FB, FF, 0E, FD), V(56, 38, 85, 0F), V(1E, D5, AE, 3D), V(27, 39, 2D, 36), \ + V(64, D9, 0F, 0A), V(21, A6, 5C, 68), V(D1, 54, 5B, 9B), V(3A, 2E, 36, 24), \ + V(B1, 67, 0A, 0C), V(0F, E7, 57, 93), V(D2, 96, EE, B4), V(9E, 91, 9B, 1B), \ + V(4F, C5, C0, 80), V(A2, 20, DC, 61), V(69, 4B, 77, 5A), V(16, 1A, 12, 1C), \ + V(0A, BA, 93, E2), V(E5, 2A, A0, C0), V(43, E0, 22, 3C), V(1D, 17, 1B, 12), \ + V(0B, 0D, 09, 0E), V(AD, C7, 8B, F2), V(B9, A8, B6, 2D), V(C8, A9, 1E, 14), \ + V(85, 19, F1, 57), V(4C, 07, 75, AF), V(BB, DD, 99, EE), V(FD, 60, 7F, A3), \ + V(9F, 26, 01, F7), V(BC, F5, 72, 5C), V(C5, 3B, 66, 44), V(34, 7E, FB, 5B), \ + V(76, 29, 43, 8B), V(DC, C6, 23, CB), V(68, FC, ED, B6), V(63, F1, E4, B8), \ + V(CA, DC, 31, D7), V(10, 85, 63, 42), V(40, 22, 97, 13), V(20, 11, C6, 84), \ + V(7D, 24, 4A, 85), V(F8, 3D, BB, D2), V(11, 32, F9, AE), V(6D, A1, 29, C7), \ + V(4B, 2F, 9E, 1D), V(F3, 30, B2, DC), V(EC, 52, 86, 0D), V(D0, E3, C1, 77), \ + V(6C, 16, B3, 2B), V(99, B9, 70, A9), V(FA, 48, 94, 11), V(22, 64, E9, 47), \ + V(C4, 8C, FC, A8), V(1A, 3F, F0, A0), V(D8, 2C, 7D, 56), V(EF, 90, 33, 22), \ + V(C7, 4E, 49, 87), V(C1, D1, 38, D9), V(FE, A2, CA, 8C), V(36, 0B, D4, 98), \ + V(CF, 81, F5, A6), V(28, DE, 7A, A5), V(26, 8E, B7, DA), V(A4, BF, AD, 3F), \ + V(E4, 9D, 3A, 2C), V(0D, 92, 78, 50), V(9B, CC, 5F, 6A), V(62, 46, 7E, 54), \ + V(C2, 13, 8D, F6), V(E8, B8, D8, 90), V(5E, F7, 39, 2E), V(F5, AF, C3, 82), \ + V(BE, 80, 5D, 9F), V(7C, 93, D0, 69), V(A9, 2D, D5, 6F), V(B3, 12, 25, CF), \ + V(3B, 99, AC, C8), V(A7, 7D, 18, 10), V(6E, 63, 9C, E8), V(7B, BB, 3B, DB), \ + V(09, 78, 26, CD), V(F4, 18, 59, 6E), V(01, B7, 9A, EC), V(A8, 9A, 4F, 83), \ + V(65, 6E, 95, E6), V(7E, E6, FF, AA), V(08, CF, BC, 21), V(E6, E8, 15, EF), \ + V(D9, 9B, E7, BA), V(CE, 36, 6F, 4A), V(D4, 09, 9F, EA), V(D6, 7C, B0, 29), \ + V(AF, B2, A4, 31), V(31, 23, 3F, 2A), V(30, 94, A5, C6), V(C0, 66, A2, 35), \ + V(37, BC, 4E, 74), V(A6, CA, 82, FC), V(B0, D0, 90, E0), V(15, D8, A7, 33), \ + V(4A, 98, 04, F1), V(F7, DA, EC, 41), V(0E, 50, CD, 7F), V(2F, F6, 91, 17), \ + V(8D, D6, 4D, 76), V(4D, B0, EF, 43), V(54, 4D, AA, CC), V(DF, 04, 96, E4), \ + V(E3, B5, D1, 9E), V(1B, 88, 6A, 4C), V(B8, 1F, 2C, C1), V(7F, 51, 65, 46), \ + V(04, EA, 5E, 9D), V(5D, 35, 8C, 01), V(73, 74, 87, FA), V(2E, 41, 0B, FB), \ + V(5A, 1D, 67, B3), V(52, D2, DB, 92), V(33, 56, 10, E9), V(13, 47, D6, 6D), \ + V(8C, 61, D7, 9A), V(7A, 0C, A1, 37), V(8E, 14, F8, 59), V(89, 3C, 13, EB), \ + V(EE, 27, A9, CE), V(35, C9, 61, B7), V(ED, E5, 1C, E1), V(3C, B1, 47, 7A), \ + V(59, DF, D2, 9C), V(3F, 73, F2, 55), V(79, CE, 14, 18), V(BF, 37, C7, 73), \ + V(EA, CD, F7, 53), V(5B, AA, FD, 5F), V(14, 6F, 3D, DF), V(86, DB, 44, 78), \ + V(81, F3, AF, CA), V(3E, C4, 68, B9), V(2C, 34, 24, 38), V(5F, 40, A3, C2), \ + V(72, C3, 1D, 16), V(0C, 25, E2, BC), V(8B, 49, 3C, 28), V(41, 95, 0D, FF), \ + V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \ + V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0) + +#define V(a, b, c, d) 0x##a##b##c##d static const uint32_t RT0[256] = { RT }; #undef V #if !defined(MBEDTLS_AES_FEWER_TABLES) -#define V(a,b,c,d) 0x##b##c##d##a +#define V(a, b, c, d) 0x##b##c##d##a static const uint32_t RT1[256] = { RT }; #undef V -#define V(a,b,c,d) 0x##c##d##a##b +#define V(a, b, c, d) 0x##c##d##a##b static const uint32_t RT2[256] = { RT }; #undef V -#define V(a,b,c,d) 0x##d##a##b##c +#define V(a, b, c, d) 0x##d##a##b##c static const uint32_t RT3[256] = { RT }; #undef V @@ -360,13 +360,13 @@ static uint32_t RCON[10]; /* * Tables generation code */ -#define ROTL8(x) ( ( (x) << 8 ) & 0xFFFFFFFF ) | ( (x) >> 24 ) -#define XTIME(x) ( ( (x) << 1 ) ^ ( ( (x) & 0x80 ) ? 0x1B : 0x00 ) ) -#define MUL(x,y) ( ( (x) && (y) ) ? pow[(log[(x)]+log[(y)]) % 255] : 0 ) +#define ROTL8(x) (((x) << 8) & 0xFFFFFFFF) | ((x) >> 24) +#define XTIME(x) (((x) << 1) ^ (((x) & 0x80) ? 0x1B : 0x00)) +#define MUL(x, y) (((x) && (y)) ? pow[(log[(x)]+log[(y)]) % 255] : 0) static int aes_init_done = 0; -static void aes_gen_tables( void ) +static void aes_gen_tables(void) { int i, x, y, z; int pow[256]; @@ -375,20 +375,18 @@ static void aes_gen_tables( void ) /* * compute pow and log tables over GF(2^8) */ - for( i = 0, x = 1; i < 256; i++ ) - { + for (i = 0, x = 1; i < 256; i++) { pow[i] = x; log[x] = i; - x = MBEDTLS_BYTE_0( x ^ XTIME( x ) ); + x = MBEDTLS_BYTE_0(x ^ XTIME(x)); } /* * calculate the round constants */ - for( i = 0, x = 1; i < 10; i++ ) - { + for (i = 0, x = 1; i < 10; i++) { RCON[i] = (uint32_t) x; - x = MBEDTLS_BYTE_0( XTIME( x ) ); + x = MBEDTLS_BYTE_0(XTIME(x)); } /* @@ -397,14 +395,13 @@ static void aes_gen_tables( void ) FSb[0x00] = 0x63; RSb[0x63] = 0x00; - for( i = 1; i < 256; i++ ) - { + for (i = 1; i < 256; i++) { x = pow[255 - log[i]]; - y = x; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); - x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); - x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); - x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + y = x; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7)); + x ^= y; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7)); + x ^= y; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7)); + x ^= y; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7)); x ^= y ^ 0x63; FSb[i] = (unsigned char) x; @@ -414,34 +411,33 @@ static void aes_gen_tables( void ) /* * generate the forward and reverse tables */ - for( i = 0; i < 256; i++ ) - { + for (i = 0; i < 256; i++) { x = FSb[i]; - y = MBEDTLS_BYTE_0( XTIME( x ) ); - z = MBEDTLS_BYTE_0( y ^ x ); + y = MBEDTLS_BYTE_0(XTIME(x)); + z = MBEDTLS_BYTE_0(y ^ x); - FT0[i] = ( (uint32_t) y ) ^ - ( (uint32_t) x << 8 ) ^ - ( (uint32_t) x << 16 ) ^ - ( (uint32_t) z << 24 ); + FT0[i] = ((uint32_t) y) ^ + ((uint32_t) x << 8) ^ + ((uint32_t) x << 16) ^ + ((uint32_t) z << 24); #if !defined(MBEDTLS_AES_FEWER_TABLES) - FT1[i] = ROTL8( FT0[i] ); - FT2[i] = ROTL8( FT1[i] ); - FT3[i] = ROTL8( FT2[i] ); + FT1[i] = ROTL8(FT0[i]); + FT2[i] = ROTL8(FT1[i]); + FT3[i] = ROTL8(FT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ x = RSb[i]; - RT0[i] = ( (uint32_t) MUL( 0x0E, x ) ) ^ - ( (uint32_t) MUL( 0x09, x ) << 8 ) ^ - ( (uint32_t) MUL( 0x0D, x ) << 16 ) ^ - ( (uint32_t) MUL( 0x0B, x ) << 24 ); + RT0[i] = ((uint32_t) MUL(0x0E, x)) ^ + ((uint32_t) MUL(0x09, x) << 8) ^ + ((uint32_t) MUL(0x0D, x) << 16) ^ + ((uint32_t) MUL(0x0B, x) << 24); #if !defined(MBEDTLS_AES_FEWER_TABLES) - RT1[i] = ROTL8( RT0[i] ); - RT2[i] = ROTL8( RT1[i] ); - RT3[i] = ROTL8( RT2[i] ); + RT1[i] = ROTL8(RT0[i]); + RT2[i] = ROTL8(RT1[i]); + RT3[i] = ROTL8(RT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ } } @@ -452,19 +448,19 @@ static void aes_gen_tables( void ) #if defined(MBEDTLS_AES_FEWER_TABLES) -#define ROTL8(x) ( (uint32_t)( ( x ) << 8 ) + (uint32_t)( ( x ) >> 24 ) ) -#define ROTL16(x) ( (uint32_t)( ( x ) << 16 ) + (uint32_t)( ( x ) >> 16 ) ) -#define ROTL24(x) ( (uint32_t)( ( x ) << 24 ) + (uint32_t)( ( x ) >> 8 ) ) +#define ROTL8(x) ((uint32_t) ((x) << 8) + (uint32_t) ((x) >> 24)) +#define ROTL16(x) ((uint32_t) ((x) << 16) + (uint32_t) ((x) >> 16)) +#define ROTL24(x) ((uint32_t) ((x) << 24) + (uint32_t) ((x) >> 8)) #define AES_RT0(idx) RT0[idx] -#define AES_RT1(idx) ROTL8( RT0[idx] ) -#define AES_RT2(idx) ROTL16( RT0[idx] ) -#define AES_RT3(idx) ROTL24( RT0[idx] ) +#define AES_RT1(idx) ROTL8(RT0[idx]) +#define AES_RT2(idx) ROTL16(RT0[idx]) +#define AES_RT3(idx) ROTL24(RT0[idx]) #define AES_FT0(idx) FT0[idx] -#define AES_FT1(idx) ROTL8( FT0[idx] ) -#define AES_FT2(idx) ROTL16( FT0[idx] ) -#define AES_FT3(idx) ROTL24( FT0[idx] ) +#define AES_FT1(idx) ROTL8(FT0[idx]) +#define AES_FT2(idx) ROTL16(FT0[idx]) +#define AES_FT3(idx) ROTL24(FT0[idx]) #else /* MBEDTLS_AES_FEWER_TABLES */ @@ -480,37 +476,39 @@ static void aes_gen_tables( void ) #endif /* MBEDTLS_AES_FEWER_TABLES */ -void mbedtls_aes_init( mbedtls_aes_context *ctx ) +void mbedtls_aes_init(mbedtls_aes_context *ctx) { - AES_VALIDATE( ctx != NULL ); + AES_VALIDATE(ctx != NULL); - memset( ctx, 0, sizeof( mbedtls_aes_context ) ); + memset(ctx, 0, sizeof(mbedtls_aes_context)); } -void mbedtls_aes_free( mbedtls_aes_context *ctx ) +void mbedtls_aes_free(mbedtls_aes_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aes_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_aes_context)); } #if defined(MBEDTLS_CIPHER_MODE_XTS) -void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ) +void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx) { - AES_VALIDATE( ctx != NULL ); + AES_VALIDATE(ctx != NULL); - mbedtls_aes_init( &ctx->crypt ); - mbedtls_aes_init( &ctx->tweak ); + mbedtls_aes_init(&ctx->crypt); + mbedtls_aes_init(&ctx->tweak); } -void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ) +void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_aes_free( &ctx->crypt ); - mbedtls_aes_free( &ctx->tweak ); + mbedtls_aes_free(&ctx->crypt); + mbedtls_aes_free(&ctx->tweak); } #endif /* MBEDTLS_CIPHER_MODE_XTS */ @@ -518,62 +516,59 @@ void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ) * AES key schedule (encryption) */ #if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) -int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, - unsigned int keybits ) +int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits) { unsigned int i; uint32_t *RK; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(key != NULL); - switch( keybits ) - { + switch (keybits) { case 128: ctx->nr = 10; break; case 192: ctx->nr = 12; break; case 256: ctx->nr = 14; break; - default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); + default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; } #if !defined(MBEDTLS_AES_ROM_TABLES) - if( aes_init_done == 0 ) - { + if (aes_init_done == 0) { aes_gen_tables(); aes_init_done = 1; } #endif #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) - if( aes_padlock_ace == -1 ) - aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE ); + if (aes_padlock_ace == -1) { + aes_padlock_ace = mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE); + } - if( aes_padlock_ace ) - ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf ); - else + if (aes_padlock_ace) { + ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16(ctx->buf); + } else #endif ctx->rk = RK = ctx->buf; #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) - return( mbedtls_aesni_setkey_enc( (unsigned char *) ctx->rk, key, keybits ) ); + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { + return mbedtls_aesni_setkey_enc((unsigned char *) ctx->rk, key, keybits); + } #endif - for( i = 0; i < ( keybits >> 5 ); i++ ) - { - RK[i] = MBEDTLS_GET_UINT32_LE( key, i << 2 ); + for (i = 0; i < (keybits >> 5); i++) { + RK[i] = MBEDTLS_GET_UINT32_LE(key, i << 2); } - switch( ctx->nr ) - { + switch (ctx->nr) { case 10: - for( i = 0; i < 10; i++, RK += 4 ) - { + for (i = 0; i < 10; i++, RK += 4) { RK[4] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[3] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[3] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[3] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[3] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[3])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[3])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[3])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_0(RK[3])] << 24); RK[5] = RK[1] ^ RK[4]; RK[6] = RK[2] ^ RK[5]; @@ -583,13 +578,12 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, case 12: - for( i = 0; i < 8; i++, RK += 6 ) - { + for (i = 0; i < 8; i++, RK += 6) { RK[6] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[5] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[5] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[5] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[5] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[5])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[5])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[5])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_0(RK[5])] << 24); RK[7] = RK[1] ^ RK[6]; RK[8] = RK[2] ^ RK[7]; @@ -601,23 +595,22 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, case 14: - for( i = 0; i < 7; i++, RK += 8 ) - { + for (i = 0; i < 7; i++, RK += 8) { RK[8] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[7] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[7] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[7] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[7] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[7])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[7])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[7])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_0(RK[7])] << 24); RK[9] = RK[1] ^ RK[8]; RK[10] = RK[2] ^ RK[9]; RK[11] = RK[3] ^ RK[10]; RK[12] = RK[4] ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[11] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[11] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[11] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[11] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_0(RK[11])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[11])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[11])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[11])] << 24); RK[13] = RK[5] ^ RK[12]; RK[14] = RK[6] ^ RK[13]; @@ -626,7 +619,7 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, break; } - return( 0 ); + return 0; } #endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */ @@ -634,40 +627,41 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, * AES key schedule (decryption) */ #if !defined(MBEDTLS_AES_SETKEY_DEC_ALT) -int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, - unsigned int keybits ) +int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits) { int i, j, ret; mbedtls_aes_context cty; uint32_t *RK; uint32_t *SK; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(key != NULL); - mbedtls_aes_init( &cty ); + mbedtls_aes_init(&cty); #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) - if( aes_padlock_ace == -1 ) - aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE ); + if (aes_padlock_ace == -1) { + aes_padlock_ace = mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE); + } - if( aes_padlock_ace ) - ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf ); - else + if (aes_padlock_ace) { + ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16(ctx->buf); + } else #endif ctx->rk = RK = ctx->buf; /* Also checks keybits */ - if( ( ret = mbedtls_aes_setkey_enc( &cty, key, keybits ) ) != 0 ) + if ((ret = mbedtls_aes_setkey_enc(&cty, key, keybits)) != 0) { goto exit; + } ctx->nr = cty.nr; #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) - { - mbedtls_aesni_inverse_key( (unsigned char *) ctx->rk, - (const unsigned char *) cty.rk, ctx->nr ); + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { + mbedtls_aesni_inverse_key((unsigned char *) ctx->rk, + (const unsigned char *) cty.rk, ctx->nr); goto exit; } #endif @@ -679,14 +673,12 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, *RK++ = *SK++; *RK++ = *SK++; - for( i = ctx->nr - 1, SK -= 8; i > 0; i--, SK -= 8 ) - { - for( j = 0; j < 4; j++, SK++ ) - { - *RK++ = AES_RT0( FSb[ MBEDTLS_BYTE_0( *SK ) ] ) ^ - AES_RT1( FSb[ MBEDTLS_BYTE_1( *SK ) ] ) ^ - AES_RT2( FSb[ MBEDTLS_BYTE_2( *SK ) ] ) ^ - AES_RT3( FSb[ MBEDTLS_BYTE_3( *SK ) ] ); + for (i = ctx->nr - 1, SK -= 8; i > 0; i--, SK -= 8) { + for (j = 0; j < 4; j++, SK++) { + *RK++ = AES_RT0(FSb[MBEDTLS_BYTE_0(*SK)]) ^ + AES_RT1(FSb[MBEDTLS_BYTE_1(*SK)]) ^ + AES_RT2(FSb[MBEDTLS_BYTE_2(*SK)]) ^ + AES_RT3(FSb[MBEDTLS_BYTE_3(*SK)]); } } @@ -696,28 +688,27 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, *RK++ = *SK++; exit: - mbedtls_aes_free( &cty ); + mbedtls_aes_free(&cty); - return( ret ); + return ret; } #endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */ #if defined(MBEDTLS_CIPHER_MODE_XTS) -static int mbedtls_aes_xts_decode_keys( const unsigned char *key, - unsigned int keybits, - const unsigned char **key1, - unsigned int *key1bits, - const unsigned char **key2, - unsigned int *key2bits ) +static int mbedtls_aes_xts_decode_keys(const unsigned char *key, + unsigned int keybits, + const unsigned char **key1, + unsigned int *key1bits, + const unsigned char **key2, + unsigned int *key2bits) { const unsigned int half_keybits = keybits / 2; const unsigned int half_keybytes = half_keybits / 8; - switch( keybits ) - { + switch (keybits) { case 256: break; case 512: break; - default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); + default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; } *key1bits = half_keybits; @@ -728,175 +719,177 @@ static int mbedtls_aes_xts_decode_keys( const unsigned char *key, return 0; } -int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits) +int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx, + const unsigned char *key, + unsigned int keybits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *key1, *key2; unsigned int key1bits, key2bits; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(key != NULL); - ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits, - &key2, &key2bits ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aes_xts_decode_keys(key, keybits, &key1, &key1bits, + &key2, &key2bits); + if (ret != 0) { + return ret; + } /* Set the tweak key. Always set tweak key for the encryption mode. */ - ret = mbedtls_aes_setkey_enc( &ctx->tweak, key2, key2bits ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aes_setkey_enc(&ctx->tweak, key2, key2bits); + if (ret != 0) { + return ret; + } /* Set crypt key for encryption. */ - return mbedtls_aes_setkey_enc( &ctx->crypt, key1, key1bits ); + return mbedtls_aes_setkey_enc(&ctx->crypt, key1, key1bits); } -int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits) +int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx, + const unsigned char *key, + unsigned int keybits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *key1, *key2; unsigned int key1bits, key2bits; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(key != NULL); - ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits, - &key2, &key2bits ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aes_xts_decode_keys(key, keybits, &key1, &key1bits, + &key2, &key2bits); + if (ret != 0) { + return ret; + } /* Set the tweak key. Always set tweak key for encryption. */ - ret = mbedtls_aes_setkey_enc( &ctx->tweak, key2, key2bits ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aes_setkey_enc(&ctx->tweak, key2, key2bits); + if (ret != 0) { + return ret; + } /* Set crypt key for decryption. */ - return mbedtls_aes_setkey_dec( &ctx->crypt, key1, key1bits ); + return mbedtls_aes_setkey_dec(&ctx->crypt, key1, key1bits); } #endif /* MBEDTLS_CIPHER_MODE_XTS */ -#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ +#define AES_FROUND(X0, X1, X2, X3, Y0, Y1, Y2, Y3) \ do \ { \ - (X0) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \ - AES_FT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \ - AES_FT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \ - AES_FT3( MBEDTLS_BYTE_3( Y3 ) ); \ + (X0) = *RK++ ^ AES_FT0(MBEDTLS_BYTE_0(Y0)) ^ \ + AES_FT1(MBEDTLS_BYTE_1(Y1)) ^ \ + AES_FT2(MBEDTLS_BYTE_2(Y2)) ^ \ + AES_FT3(MBEDTLS_BYTE_3(Y3)); \ \ - (X1) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \ - AES_FT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \ - AES_FT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \ - AES_FT3( MBEDTLS_BYTE_3( Y0 ) ); \ + (X1) = *RK++ ^ AES_FT0(MBEDTLS_BYTE_0(Y1)) ^ \ + AES_FT1(MBEDTLS_BYTE_1(Y2)) ^ \ + AES_FT2(MBEDTLS_BYTE_2(Y3)) ^ \ + AES_FT3(MBEDTLS_BYTE_3(Y0)); \ \ - (X2) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \ - AES_FT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \ - AES_FT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \ - AES_FT3( MBEDTLS_BYTE_3( Y1 ) ); \ + (X2) = *RK++ ^ AES_FT0(MBEDTLS_BYTE_0(Y2)) ^ \ + AES_FT1(MBEDTLS_BYTE_1(Y3)) ^ \ + AES_FT2(MBEDTLS_BYTE_2(Y0)) ^ \ + AES_FT3(MBEDTLS_BYTE_3(Y1)); \ \ - (X3) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \ - AES_FT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \ - AES_FT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \ - AES_FT3( MBEDTLS_BYTE_3( Y2 ) ); \ - } while( 0 ) + (X3) = *RK++ ^ AES_FT0(MBEDTLS_BYTE_0(Y3)) ^ \ + AES_FT1(MBEDTLS_BYTE_1(Y0)) ^ \ + AES_FT2(MBEDTLS_BYTE_2(Y1)) ^ \ + AES_FT3(MBEDTLS_BYTE_3(Y2)); \ + } while (0) -#define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ +#define AES_RROUND(X0, X1, X2, X3, Y0, Y1, Y2, Y3) \ do \ { \ - (X0) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \ - AES_RT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \ - AES_RT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \ - AES_RT3( MBEDTLS_BYTE_3( Y1 ) ); \ + (X0) = *RK++ ^ AES_RT0(MBEDTLS_BYTE_0(Y0)) ^ \ + AES_RT1(MBEDTLS_BYTE_1(Y3)) ^ \ + AES_RT2(MBEDTLS_BYTE_2(Y2)) ^ \ + AES_RT3(MBEDTLS_BYTE_3(Y1)); \ \ - (X1) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \ - AES_RT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \ - AES_RT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \ - AES_RT3( MBEDTLS_BYTE_3( Y2 ) ); \ + (X1) = *RK++ ^ AES_RT0(MBEDTLS_BYTE_0(Y1)) ^ \ + AES_RT1(MBEDTLS_BYTE_1(Y0)) ^ \ + AES_RT2(MBEDTLS_BYTE_2(Y3)) ^ \ + AES_RT3(MBEDTLS_BYTE_3(Y2)); \ \ - (X2) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \ - AES_RT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \ - AES_RT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \ - AES_RT3( MBEDTLS_BYTE_3( Y3 ) ); \ + (X2) = *RK++ ^ AES_RT0(MBEDTLS_BYTE_0(Y2)) ^ \ + AES_RT1(MBEDTLS_BYTE_1(Y1)) ^ \ + AES_RT2(MBEDTLS_BYTE_2(Y0)) ^ \ + AES_RT3(MBEDTLS_BYTE_3(Y3)); \ \ - (X3) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \ - AES_RT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \ - AES_RT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \ - AES_RT3( MBEDTLS_BYTE_3( Y0 ) ); \ - } while( 0 ) + (X3) = *RK++ ^ AES_RT0(MBEDTLS_BYTE_0(Y3)) ^ \ + AES_RT1(MBEDTLS_BYTE_1(Y2)) ^ \ + AES_RT2(MBEDTLS_BYTE_2(Y1)) ^ \ + AES_RT3(MBEDTLS_BYTE_3(Y0)); \ + } while (0) /* * AES-ECB block encryption */ #if !defined(MBEDTLS_AES_ENCRYPT_ALT) -int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) +int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]) { int i; uint32_t *RK = ctx->rk; - struct - { + struct { uint32_t X[4]; uint32_t Y[4]; } t; - t.X[0] = MBEDTLS_GET_UINT32_LE( input, 0 ); t.X[0] ^= *RK++; - t.X[1] = MBEDTLS_GET_UINT32_LE( input, 4 ); t.X[1] ^= *RK++; - t.X[2] = MBEDTLS_GET_UINT32_LE( input, 8 ); t.X[2] ^= *RK++; - t.X[3] = MBEDTLS_GET_UINT32_LE( input, 12 ); t.X[3] ^= *RK++; + t.X[0] = MBEDTLS_GET_UINT32_LE(input, 0); t.X[0] ^= *RK++; + t.X[1] = MBEDTLS_GET_UINT32_LE(input, 4); t.X[1] ^= *RK++; + t.X[2] = MBEDTLS_GET_UINT32_LE(input, 8); t.X[2] ^= *RK++; + t.X[3] = MBEDTLS_GET_UINT32_LE(input, 12); t.X[3] ^= *RK++; - for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) - { - AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); - AES_FROUND( t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3] ); + for (i = (ctx->nr >> 1) - 1; i > 0; i--) { + AES_FROUND(t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3]); + AES_FROUND(t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3]); } - AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); + AES_FROUND(t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3]); t.X[0] = *RK++ ^ \ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_0(t.Y[0])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_1(t.Y[1])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(t.Y[2])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(t.Y[3])] << 24); t.X[1] = *RK++ ^ \ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_0(t.Y[1])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_1(t.Y[2])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(t.Y[3])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(t.Y[0])] << 24); t.X[2] = *RK++ ^ \ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_0(t.Y[2])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_1(t.Y[3])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(t.Y[0])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(t.Y[1])] << 24); t.X[3] = *RK++ ^ \ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_0(t.Y[3])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_1(t.Y[0])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(t.Y[1])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(t.Y[2])] << 24); - MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); - MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); - MBEDTLS_PUT_UINT32_LE( t.X[2], output, 8 ); - MBEDTLS_PUT_UINT32_LE( t.X[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE(t.X[0], output, 0); + MBEDTLS_PUT_UINT32_LE(t.X[1], output, 4); + MBEDTLS_PUT_UINT32_LE(t.X[2], output, 8); + MBEDTLS_PUT_UINT32_LE(t.X[3], output, 12); - mbedtls_platform_zeroize( &t, sizeof( t ) ); + mbedtls_platform_zeroize(&t, sizeof(t)); - return( 0 ); + return 0; } #endif /* !MBEDTLS_AES_ENCRYPT_ALT */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) +void mbedtls_aes_encrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]) { - MBEDTLS_IGNORE_RETURN( mbedtls_internal_aes_encrypt( ctx, input, output ) ); + MBEDTLS_IGNORE_RETURN(mbedtls_internal_aes_encrypt(ctx, input, output)); } #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -904,99 +897,98 @@ void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, * AES-ECB block decryption */ #if !defined(MBEDTLS_AES_DECRYPT_ALT) -int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) +int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]) { int i; uint32_t *RK = ctx->rk; - struct - { + struct { uint32_t X[4]; uint32_t Y[4]; } t; - t.X[0] = MBEDTLS_GET_UINT32_LE( input, 0 ); t.X[0] ^= *RK++; - t.X[1] = MBEDTLS_GET_UINT32_LE( input, 4 ); t.X[1] ^= *RK++; - t.X[2] = MBEDTLS_GET_UINT32_LE( input, 8 ); t.X[2] ^= *RK++; - t.X[3] = MBEDTLS_GET_UINT32_LE( input, 12 ); t.X[3] ^= *RK++; + t.X[0] = MBEDTLS_GET_UINT32_LE(input, 0); t.X[0] ^= *RK++; + t.X[1] = MBEDTLS_GET_UINT32_LE(input, 4); t.X[1] ^= *RK++; + t.X[2] = MBEDTLS_GET_UINT32_LE(input, 8); t.X[2] ^= *RK++; + t.X[3] = MBEDTLS_GET_UINT32_LE(input, 12); t.X[3] ^= *RK++; - for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) - { - AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); - AES_RROUND( t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3] ); + for (i = (ctx->nr >> 1) - 1; i > 0; i--) { + AES_RROUND(t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3]); + AES_RROUND(t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3]); } - AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); + AES_RROUND(t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3]); t.X[0] = *RK++ ^ \ - ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 ); + ((uint32_t) RSb[MBEDTLS_BYTE_0(t.Y[0])]) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_1(t.Y[3])] << 8) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_2(t.Y[2])] << 16) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_3(t.Y[1])] << 24); t.X[1] = *RK++ ^ \ - ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 ); + ((uint32_t) RSb[MBEDTLS_BYTE_0(t.Y[1])]) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_1(t.Y[0])] << 8) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_2(t.Y[3])] << 16) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_3(t.Y[2])] << 24); t.X[2] = *RK++ ^ \ - ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 ); + ((uint32_t) RSb[MBEDTLS_BYTE_0(t.Y[2])]) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_1(t.Y[1])] << 8) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_2(t.Y[0])] << 16) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_3(t.Y[3])] << 24); t.X[3] = *RK++ ^ \ - ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 ); + ((uint32_t) RSb[MBEDTLS_BYTE_0(t.Y[3])]) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_1(t.Y[2])] << 8) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_2(t.Y[1])] << 16) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_3(t.Y[0])] << 24); - MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); - MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); - MBEDTLS_PUT_UINT32_LE( t.X[2], output, 8 ); - MBEDTLS_PUT_UINT32_LE( t.X[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE(t.X[0], output, 0); + MBEDTLS_PUT_UINT32_LE(t.X[1], output, 4); + MBEDTLS_PUT_UINT32_LE(t.X[2], output, 8); + MBEDTLS_PUT_UINT32_LE(t.X[3], output, 12); - mbedtls_platform_zeroize( &t, sizeof( t ) ); + mbedtls_platform_zeroize(&t, sizeof(t)); - return( 0 ); + return 0; } #endif /* !MBEDTLS_AES_DECRYPT_ALT */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) +void mbedtls_aes_decrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]) { - MBEDTLS_IGNORE_RETURN( mbedtls_internal_aes_decrypt( ctx, input, output ) ); + MBEDTLS_IGNORE_RETURN(mbedtls_internal_aes_decrypt(ctx, input, output)); } #endif /* !MBEDTLS_DEPRECATED_REMOVED */ /* * AES-ECB block encryption/decryption */ -int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ) +int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]) { - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); + AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT); #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) - return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) ); + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { + return mbedtls_aesni_crypt_ecb(ctx, mode, input, output); + } #endif #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) - if( aes_padlock_ace ) - { - if( mbedtls_padlock_xcryptecb( ctx, mode, input, output ) == 0 ) - return( 0 ); + if (aes_padlock_ace) { + if (mbedtls_padlock_xcryptecb(ctx, mode, input, output) == 0) { + return 0; + } // If padlock data misaligned, we just fall back to // unaccelerated mode @@ -1004,42 +996,44 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, } #endif - if( mode == MBEDTLS_AES_ENCRYPT ) - return( mbedtls_internal_aes_encrypt( ctx, input, output ) ); - else - return( mbedtls_internal_aes_decrypt( ctx, input, output ) ); + if (mode == MBEDTLS_AES_ENCRYPT) { + return mbedtls_internal_aes_encrypt(ctx, input, output); + } else { + return mbedtls_internal_aes_decrypt(ctx, input, output); + } } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * AES-CBC buffer encryption/decryption */ -int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char temp[16]; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - AES_VALIDATE_RET( iv != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT); + AES_VALIDATE_RET(iv != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); - if( length % 16 ) - return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); + if (length % 16) { + return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; + } #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) - if( aes_padlock_ace ) - { - if( mbedtls_padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 ) - return( 0 ); + if (aes_padlock_ace) { + if (mbedtls_padlock_xcryptcbc(ctx, mode, length, iv, input, output) == 0) { + return 0; + } // If padlock data misaligned, we just fall back to // unaccelerated mode @@ -1047,36 +1041,35 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, } #endif - if( mode == MBEDTLS_AES_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, 16 ); - ret = mbedtls_aes_crypt_ecb( ctx, mode, input, output ); - if( ret != 0 ) + if (mode == MBEDTLS_AES_DECRYPT) { + while (length > 0) { + memcpy(temp, input, 16); + ret = mbedtls_aes_crypt_ecb(ctx, mode, input, output); + if (ret != 0) { goto exit; + } - for( i = 0; i < 16; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < 16; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, 16 ); + memcpy(iv, temp, 16); input += 16; output += 16; length -= 16; } - } - else - { - while( length > 0 ) - { - for( i = 0; i < 16; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + } else { + while (length > 0) { + for (i = 0; i < 16; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - ret = mbedtls_aes_crypt_ecb( ctx, mode, output, output ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_ecb(ctx, mode, output, output); + if (ret != 0) { goto exit; - memcpy( iv, output, 16 ); + } + memcpy(iv, output, 16); input += 16; output += 16; @@ -1086,7 +1079,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, ret = 0; exit: - return( ret ); + return ret; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -1102,30 +1095,30 @@ typedef unsigned char mbedtls_be128[16]; * for machine endianness and hence works correctly on both big and little * endian machines. */ -static void mbedtls_gf128mul_x_ble( unsigned char r[16], - const unsigned char x[16] ) +static void mbedtls_gf128mul_x_ble(unsigned char r[16], + const unsigned char x[16]) { uint64_t a, b, ra, rb; - a = MBEDTLS_GET_UINT64_LE( x, 0 ); - b = MBEDTLS_GET_UINT64_LE( x, 8 ); + a = MBEDTLS_GET_UINT64_LE(x, 0); + b = MBEDTLS_GET_UINT64_LE(x, 8); - ra = ( a << 1 ) ^ 0x0087 >> ( 8 - ( ( b >> 63 ) << 3 ) ); - rb = ( a >> 63 ) | ( b << 1 ); + ra = (a << 1) ^ 0x0087 >> (8 - ((b >> 63) << 3)); + rb = (a >> 63) | (b << 1); - MBEDTLS_PUT_UINT64_LE( ra, r, 0 ); - MBEDTLS_PUT_UINT64_LE( rb, r, 8 ); + MBEDTLS_PUT_UINT64_LE(ra, r, 0); + MBEDTLS_PUT_UINT64_LE(rb, r, 8); } /* * AES-XTS buffer encryption/decryption */ -int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, - int mode, - size_t length, - const unsigned char data_unit[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx, + int mode, + size_t length, + const unsigned char data_unit[16], + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t blocks = length / 16; @@ -1134,61 +1127,64 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, unsigned char prev_tweak[16]; unsigned char tmp[16]; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - AES_VALIDATE_RET( data_unit != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT); + AES_VALIDATE_RET(data_unit != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); /* Data units must be at least 16 bytes long. */ - if( length < 16 ) + if (length < 16) { return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; + } /* NIST SP 800-38E disallows data units larger than 2**20 blocks. */ - if( length > ( 1 << 20 ) * 16 ) + if (length > (1 << 20) * 16) { return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; + } /* Compute the tweak. */ - ret = mbedtls_aes_crypt_ecb( &ctx->tweak, MBEDTLS_AES_ENCRYPT, - data_unit, tweak ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aes_crypt_ecb(&ctx->tweak, MBEDTLS_AES_ENCRYPT, + data_unit, tweak); + if (ret != 0) { + return ret; + } - while( blocks-- ) - { + while (blocks--) { size_t i; - if( leftover && ( mode == MBEDTLS_AES_DECRYPT ) && blocks == 0 ) - { + if (leftover && (mode == MBEDTLS_AES_DECRYPT) && blocks == 0) { /* We are on the last block in a decrypt operation that has * leftover bytes, so we need to use the next tweak for this block, * and this tweak for the leftover bytes. Save the current tweak for * the leftovers and then update the current tweak for use on this, * the last full block. */ - memcpy( prev_tweak, tweak, sizeof( tweak ) ); - mbedtls_gf128mul_x_ble( tweak, tweak ); + memcpy(prev_tweak, tweak, sizeof(tweak)); + mbedtls_gf128mul_x_ble(tweak, tweak); } - for( i = 0; i < 16; i++ ) + for (i = 0; i < 16; i++) { tmp[i] = input[i] ^ tweak[i]; + } - ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aes_crypt_ecb(&ctx->crypt, mode, tmp, tmp); + if (ret != 0) { + return ret; + } - for( i = 0; i < 16; i++ ) + for (i = 0; i < 16; i++) { output[i] = tmp[i] ^ tweak[i]; + } /* Update the tweak for the next block. */ - mbedtls_gf128mul_x_ble( tweak, tweak ); + mbedtls_gf128mul_x_ble(tweak, tweak); output += 16; input += 16; } - if( leftover ) - { + if (leftover) { /* If we are on the leftover bytes in a decrypt operation, we need to * use the previous tweak for these bytes (as saved in prev_tweak). */ unsigned char *t = mode == MBEDTLS_AES_DECRYPT ? prev_tweak : tweak; @@ -1202,28 +1198,30 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, * byte of ciphertext we won't steal. At the same time, copy the * remainder of the input for this final round (since the loop bounds * are the same). */ - for( i = 0; i < leftover; i++ ) - { + for (i = 0; i < leftover; i++) { output[i] = prev_output[i]; tmp[i] = input[i] ^ t[i]; } /* Copy ciphertext bytes from the previous block for input in this * round. */ - for( ; i < 16; i++ ) + for (; i < 16; i++) { tmp[i] = prev_output[i] ^ t[i]; + } - ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_ecb(&ctx->crypt, mode, tmp, tmp); + if (ret != 0) { return ret; + } /* Write the result back to the previous block, overriding the previous * output we copied. */ - for( i = 0; i < 16; i++ ) + for (i = 0; i < 16; i++) { prev_output[i] = tmp[i] ^ t[i]; + } } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_XTS */ @@ -1231,63 +1229,59 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, /* * AES-CFB128 buffer encryption/decryption */ -int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - AES_VALIDATE_RET( iv_off != NULL ); - AES_VALIDATE_RET( iv != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT); + AES_VALIDATE_RET(iv_off != NULL); + AES_VALIDATE_RET(iv != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); n = *iv_off; - if( n > 15 ) - return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); + if (n > 15) { + return MBEDTLS_ERR_AES_BAD_INPUT_DATA; + } - if( mode == MBEDTLS_AES_DECRYPT ) - { - while( length-- ) - { - if( n == 0 ) - { - ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - if( ret != 0 ) + if (mode == MBEDTLS_AES_DECRYPT) { + while (length--) { + if (n == 0) { + ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv); + if (ret != 0) { goto exit; + } } c = *input++; - *output++ = (unsigned char)( c ^ iv[n] ); + *output++ = (unsigned char) (c ^ iv[n]); iv[n] = (unsigned char) c; - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } - } - else - { - while( length-- ) - { - if( n == 0 ) - { - ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - if( ret != 0 ) + } else { + while (length--) { + if (n == 0) { + ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv); + if (ret != 0) { goto exit; + } } - iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); + iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++); - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } } @@ -1295,50 +1289,52 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, ret = 0; exit: - return( ret ); + return ret; } /* * AES-CFB8 buffer encryption/decryption */ -int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char c; unsigned char ov[17]; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - AES_VALIDATE_RET( iv != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); - while( length-- ) - { - memcpy( ov, iv, 16 ); - ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - if( ret != 0 ) + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT); + AES_VALIDATE_RET(iv != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); + while (length--) { + memcpy(ov, iv, 16); + ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv); + if (ret != 0) { goto exit; + } - if( mode == MBEDTLS_AES_DECRYPT ) + if (mode == MBEDTLS_AES_DECRYPT) { ov[16] = *input; + } - c = *output++ = (unsigned char)( iv[0] ^ *input++ ); + c = *output++ = (unsigned char) (iv[0] ^ *input++); - if( mode == MBEDTLS_AES_ENCRYPT ) + if (mode == MBEDTLS_AES_ENCRYPT) { ov[16] = c; + } - memcpy( iv, ov + 1, 16 ); + memcpy(iv, ov + 1, 16); } ret = 0; exit: - return( ret ); + return ret; } #endif /* MBEDTLS_CIPHER_MODE_CFB */ @@ -1346,44 +1342,44 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, /* * AES-OFB (Output Feedback Mode) buffer encryption/decryption */ -int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int ret = 0; size_t n; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( iv_off != NULL ); - AES_VALIDATE_RET( iv != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(iv_off != NULL); + AES_VALIDATE_RET(iv != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); n = *iv_off; - if( n > 15 ) - return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); + if (n > 15) { + return MBEDTLS_ERR_AES_BAD_INPUT_DATA; + } - while( length-- ) - { - if( n == 0 ) - { - ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - if( ret != 0 ) + while (length--) { + if (n == 0) { + ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv); + if (ret != 0) { goto exit; + } } *output++ = *input++ ^ iv[n]; - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } *iv_off = n; exit: - return( ret ); + return ret; } #endif /* MBEDTLS_CIPHER_MODE_OFB */ @@ -1391,52 +1387,55 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, /* * AES-CTR buffer encryption/decryption */ -int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output) { int c, i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( nc_off != NULL ); - AES_VALIDATE_RET( nonce_counter != NULL ); - AES_VALIDATE_RET( stream_block != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(nc_off != NULL); + AES_VALIDATE_RET(nonce_counter != NULL); + AES_VALIDATE_RET(stream_block != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); n = *nc_off; - if ( n > 0x0F ) - return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); + if (n > 0x0F) { + return MBEDTLS_ERR_AES_BAD_INPUT_DATA; + } - while( length-- ) - { - if( n == 0 ) { - ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block ); - if( ret != 0 ) + while (length--) { + if (n == 0) { + ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block); + if (ret != 0) { goto exit; + } - for( i = 16; i > 0; i-- ) - if( ++nonce_counter[i - 1] != 0 ) + for (i = 16; i > 0; i--) { + if (++nonce_counter[i - 1] != 0) { break; + } + } } c = *input++; - *output++ = (unsigned char)( c ^ stream_block[n] ); + *output++ = (unsigned char) (c ^ stream_block[n]); - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } *nc_off = n; ret = 0; exit: - return( ret ); + return ret; } #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -1682,7 +1681,7 @@ static const unsigned char aes_test_ctr_ct[3][48] = }; static const int aes_test_ctr_len[3] = - { 16, 32, 36 }; +{ 16, 32, 36 }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) @@ -1743,12 +1742,12 @@ static const unsigned char aes_test_xts_ct32[][32] = static const unsigned char aes_test_xts_data_unit[][16] = { - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, }; #endif /* MBEDTLS_CIPHER_MODE_XTS */ @@ -1756,7 +1755,7 @@ static const unsigned char aes_test_xts_data_unit[][16] = /* * Checkup routine */ -int mbedtls_aes_self_test( int verbose ) +int mbedtls_aes_self_test(int verbose) { int ret = 0, i, j, u, mode; unsigned int keybits; @@ -1783,32 +1782,29 @@ int mbedtls_aes_self_test( int verbose ) #endif mbedtls_aes_context ctx; - memset( key, 0, 32 ); - mbedtls_aes_init( &ctx ); + memset(key, 0, 32); + mbedtls_aes_init(&ctx); /* * ECB mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; keybits = 128 + u * 64; mode = i & 1; - if( verbose != 0 ) - mbedtls_printf( " AES-ECB-%3u (%s): ", keybits, - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-ECB-%3u (%s): ", keybits, + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - memset( buf, 0, 16 ); + memset(buf, 0, 16); - if( mode == MBEDTLS_AES_DECRYPT ) - { - ret = mbedtls_aes_setkey_dec( &ctx, key, keybits ); + if (mode == MBEDTLS_AES_DECRYPT) { + ret = mbedtls_aes_setkey_dec(&ctx, key, keybits); aes_tests = aes_test_ecb_dec[u]; - } - else - { - ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); + } else { + ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); aes_tests = aes_test_ecb_enc[u]; } @@ -1817,62 +1813,57 @@ int mbedtls_aes_self_test( int verbose ) * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) - { - mbedtls_printf( "skipped\n" ); + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { + mbedtls_printf("skipped\n"); continue; - } - else if( ret != 0 ) - { + } else if (ret != 0) { goto exit; } - for( j = 0; j < 10000; j++ ) - { - ret = mbedtls_aes_crypt_ecb( &ctx, mode, buf, buf ); - if( ret != 0 ) + for (j = 0; j < 10000; j++) { + ret = mbedtls_aes_crypt_ecb(&ctx, mode, buf, buf); + if (ret != 0) { goto exit; + } } - if( memcmp( buf, aes_tests, 16 ) != 0 ) - { + if (memcmp(buf, aes_tests, 16) != 0) { ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * CBC mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; keybits = 128 + u * 64; mode = i & 1; - if( verbose != 0 ) - mbedtls_printf( " AES-CBC-%3u (%s): ", keybits, - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-CBC-%3u (%s): ", keybits, + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - memset( iv , 0, 16 ); - memset( prv, 0, 16 ); - memset( buf, 0, 16 ); + memset(iv, 0, 16); + memset(prv, 0, 16); + memset(buf, 0, 16); - if( mode == MBEDTLS_AES_DECRYPT ) - { - ret = mbedtls_aes_setkey_dec( &ctx, key, keybits ); + if (mode == MBEDTLS_AES_DECRYPT) { + ret = mbedtls_aes_setkey_dec(&ctx, key, keybits); aes_tests = aes_test_cbc_dec[u]; - } - else - { - ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); + } else { + ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); aes_tests = aes_test_cbc_enc[u]; } @@ -1881,301 +1872,292 @@ int mbedtls_aes_self_test( int verbose ) * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) - { - mbedtls_printf( "skipped\n" ); + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { + mbedtls_printf("skipped\n"); continue; - } - else if( ret != 0 ) - { + } else if (ret != 0) { goto exit; } - for( j = 0; j < 10000; j++ ) - { - if( mode == MBEDTLS_AES_ENCRYPT ) - { + for (j = 0; j < 10000; j++) { + if (mode == MBEDTLS_AES_ENCRYPT) { unsigned char tmp[16]; - memcpy( tmp, prv, 16 ); - memcpy( prv, buf, 16 ); - memcpy( buf, tmp, 16 ); + memcpy(tmp, prv, 16); + memcpy(prv, buf, 16); + memcpy(buf, tmp, 16); } - ret = mbedtls_aes_crypt_cbc( &ctx, mode, 16, iv, buf, buf ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_cbc(&ctx, mode, 16, iv, buf, buf); + if (ret != 0) { goto exit; + } } - if( memcmp( buf, aes_tests, 16 ) != 0 ) - { + if (memcmp(buf, aes_tests, 16) != 0) { ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) /* * CFB128 mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; keybits = 128 + u * 64; mode = i & 1; - if( verbose != 0 ) - mbedtls_printf( " AES-CFB128-%3u (%s): ", keybits, - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-CFB128-%3u (%s): ", keybits, + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - memcpy( iv, aes_test_cfb128_iv, 16 ); - memcpy( key, aes_test_cfb128_key[u], keybits / 8 ); + memcpy(iv, aes_test_cfb128_iv, 16); + memcpy(key, aes_test_cfb128_key[u], keybits / 8); offset = 0; - ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); + ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); /* * AES-192 is an optional feature that may be unavailable when * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) - { - mbedtls_printf( "skipped\n" ); + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { + mbedtls_printf("skipped\n"); continue; - } - else if( ret != 0 ) - { + } else if (ret != 0) { goto exit; } - if( mode == MBEDTLS_AES_DECRYPT ) - { - memcpy( buf, aes_test_cfb128_ct[u], 64 ); + if (mode == MBEDTLS_AES_DECRYPT) { + memcpy(buf, aes_test_cfb128_ct[u], 64); aes_tests = aes_test_cfb128_pt; - } - else - { - memcpy( buf, aes_test_cfb128_pt, 64 ); + } else { + memcpy(buf, aes_test_cfb128_pt, 64); aes_tests = aes_test_cfb128_ct[u]; } - ret = mbedtls_aes_crypt_cfb128( &ctx, mode, 64, &offset, iv, buf, buf ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_cfb128(&ctx, mode, 64, &offset, iv, buf, buf); + if (ret != 0) { goto exit; + } - if( memcmp( buf, aes_tests, 64 ) != 0 ) - { + if (memcmp(buf, aes_tests, 64) != 0) { ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) /* * OFB mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; keybits = 128 + u * 64; mode = i & 1; - if( verbose != 0 ) - mbedtls_printf( " AES-OFB-%3u (%s): ", keybits, - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-OFB-%3u (%s): ", keybits, + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - memcpy( iv, aes_test_ofb_iv, 16 ); - memcpy( key, aes_test_ofb_key[u], keybits / 8 ); + memcpy(iv, aes_test_ofb_iv, 16); + memcpy(key, aes_test_ofb_key[u], keybits / 8); offset = 0; - ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); + ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); /* * AES-192 is an optional feature that may be unavailable when * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) - { - mbedtls_printf( "skipped\n" ); + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { + mbedtls_printf("skipped\n"); continue; - } - else if( ret != 0 ) - { + } else if (ret != 0) { goto exit; } - if( mode == MBEDTLS_AES_DECRYPT ) - { - memcpy( buf, aes_test_ofb_ct[u], 64 ); + if (mode == MBEDTLS_AES_DECRYPT) { + memcpy(buf, aes_test_ofb_ct[u], 64); aes_tests = aes_test_ofb_pt; - } - else - { - memcpy( buf, aes_test_ofb_pt, 64 ); + } else { + memcpy(buf, aes_test_ofb_pt, 64); aes_tests = aes_test_ofb_ct[u]; } - ret = mbedtls_aes_crypt_ofb( &ctx, 64, &offset, iv, buf, buf ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_ofb(&ctx, 64, &offset, iv, buf, buf); + if (ret != 0) { goto exit; + } - if( memcmp( buf, aes_tests, 64 ) != 0 ) - { + if (memcmp(buf, aes_tests, 64) != 0) { ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) /* * CTR mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; mode = i & 1; - if( verbose != 0 ) - mbedtls_printf( " AES-CTR-128 (%s): ", - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-CTR-128 (%s): ", + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 ); - memcpy( key, aes_test_ctr_key[u], 16 ); + memcpy(nonce_counter, aes_test_ctr_nonce_counter[u], 16); + memcpy(key, aes_test_ctr_key[u], 16); offset = 0; - if( ( ret = mbedtls_aes_setkey_enc( &ctx, key, 128 ) ) != 0 ) + if ((ret = mbedtls_aes_setkey_enc(&ctx, key, 128)) != 0) { goto exit; + } len = aes_test_ctr_len[u]; - if( mode == MBEDTLS_AES_DECRYPT ) - { - memcpy( buf, aes_test_ctr_ct[u], len ); + if (mode == MBEDTLS_AES_DECRYPT) { + memcpy(buf, aes_test_ctr_ct[u], len); aes_tests = aes_test_ctr_pt[u]; - } - else - { - memcpy( buf, aes_test_ctr_pt[u], len ); + } else { + memcpy(buf, aes_test_ctr_pt[u], len); aes_tests = aes_test_ctr_ct[u]; } - ret = mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, - stream_block, buf, buf ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_ctr(&ctx, len, &offset, nonce_counter, + stream_block, buf, buf); + if (ret != 0) { goto exit; + } - if( memcmp( buf, aes_tests, len ) != 0 ) - { + if (memcmp(buf, aes_tests, len) != 0) { ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) { - static const int num_tests = - sizeof(aes_test_xts_key) / sizeof(*aes_test_xts_key); - mbedtls_aes_xts_context ctx_xts; + static const int num_tests = + sizeof(aes_test_xts_key) / sizeof(*aes_test_xts_key); + mbedtls_aes_xts_context ctx_xts; - /* - * XTS mode - */ - mbedtls_aes_xts_init( &ctx_xts ); + /* + * XTS mode + */ + mbedtls_aes_xts_init(&ctx_xts); - for( i = 0; i < num_tests << 1; i++ ) - { - const unsigned char *data_unit; - u = i >> 1; - mode = i & 1; + for (i = 0; i < num_tests << 1; i++) { + const unsigned char *data_unit; + u = i >> 1; + mode = i & 1; - if( verbose != 0 ) - mbedtls_printf( " AES-XTS-128 (%s): ", - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-XTS-128 (%s): ", + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - memset( key, 0, sizeof( key ) ); - memcpy( key, aes_test_xts_key[u], 32 ); - data_unit = aes_test_xts_data_unit[u]; + memset(key, 0, sizeof(key)); + memcpy(key, aes_test_xts_key[u], 32); + data_unit = aes_test_xts_data_unit[u]; - len = sizeof( *aes_test_xts_ct32 ); + len = sizeof(*aes_test_xts_ct32); - if( mode == MBEDTLS_AES_DECRYPT ) - { - ret = mbedtls_aes_xts_setkey_dec( &ctx_xts, key, 256 ); - if( ret != 0) - goto exit; - memcpy( buf, aes_test_xts_ct32[u], len ); - aes_tests = aes_test_xts_pt32[u]; - } - else - { - ret = mbedtls_aes_xts_setkey_enc( &ctx_xts, key, 256 ); - if( ret != 0) - goto exit; - memcpy( buf, aes_test_xts_pt32[u], len ); - aes_tests = aes_test_xts_ct32[u]; - } + if (mode == MBEDTLS_AES_DECRYPT) { + ret = mbedtls_aes_xts_setkey_dec(&ctx_xts, key, 256); + if (ret != 0) { + goto exit; + } + memcpy(buf, aes_test_xts_ct32[u], len); + aes_tests = aes_test_xts_pt32[u]; + } else { + ret = mbedtls_aes_xts_setkey_enc(&ctx_xts, key, 256); + if (ret != 0) { + goto exit; + } + memcpy(buf, aes_test_xts_pt32[u], len); + aes_tests = aes_test_xts_ct32[u]; + } - ret = mbedtls_aes_crypt_xts( &ctx_xts, mode, len, data_unit, - buf, buf ); - if( ret != 0 ) - goto exit; + ret = mbedtls_aes_crypt_xts(&ctx_xts, mode, len, data_unit, + buf, buf); + if (ret != 0) { + goto exit; + } - if( memcmp( buf, aes_tests, len ) != 0 ) - { - ret = 1; - goto exit; - } + if (memcmp(buf, aes_tests, len) != 0) { + ret = 1; + goto exit; + } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } + if (verbose != 0) { + mbedtls_printf("passed\n"); + } + } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - mbedtls_aes_xts_free( &ctx_xts ); + mbedtls_aes_xts_free(&ctx_xts); } #endif /* MBEDTLS_CIPHER_MODE_XTS */ ret = 0; exit: - if( ret != 0 && verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (ret != 0 && verbose != 0) { + mbedtls_printf("failed\n"); + } - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/aesni.c b/library/aesni.c index 4b16d925045b..2a44b0ea32ea 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -28,7 +28,8 @@ #if defined(__has_feature) #if __has_feature(memory_sanitizer) -#warning "MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code." +#warning \ + "MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code." #endif #endif @@ -47,22 +48,21 @@ /* * AES-NI support detection routine */ -int mbedtls_aesni_has_support( unsigned int what ) +int mbedtls_aesni_has_support(unsigned int what) { static int done = 0; static unsigned int c = 0; - if( ! done ) - { - asm( "movl $1, %%eax \n\t" + if (!done) { + asm ("movl $1, %%eax \n\t" "cpuid \n\t" : "=c" (c) : - : "eax", "ebx", "edx" ); + : "eax", "ebx", "edx"); done = 1; } - return( ( c & what ) != 0 ); + return (c & what) != 0; } /* @@ -94,12 +94,12 @@ int mbedtls_aesni_has_support( unsigned int what ) /* * AES-NI AES-ECB block en(de)cryption */ -int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ) +int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]) { - asm( "movdqu (%3), %%xmm0 \n\t" // load input + asm ("movdqu (%3), %%xmm0 \n\t" // load input "movdqu (%1), %%xmm1 \n\t" // load round key 0 "pxor %%xmm1, %%xmm0 \n\t" // round 0 "add $16, %1 \n\t" // point to next round key @@ -110,51 +110,50 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, "1: \n\t" // encryption loop "movdqu (%1), %%xmm1 \n\t" // load round key AESENC xmm1_xmm0 "\n\t" // do round - "add $16, %1 \n\t" // point to next round key - "subl $1, %0 \n\t" // loop - "jnz 1b \n\t" - "movdqu (%1), %%xmm1 \n\t" // load round key + "add $16, %1 \n\t" // point to next round key + "subl $1, %0 \n\t" // loop + "jnz 1b \n\t" + "movdqu (%1), %%xmm1 \n\t" // load round key AESENCLAST xmm1_xmm0 "\n\t" // last round - "jmp 3f \n\t" + "jmp 3f \n\t" - "2: \n\t" // decryption loop - "movdqu (%1), %%xmm1 \n\t" + "2: \n\t" // decryption loop + "movdqu (%1), %%xmm1 \n\t" AESDEC xmm1_xmm0 "\n\t" // do round - "add $16, %1 \n\t" - "subl $1, %0 \n\t" - "jnz 2b \n\t" - "movdqu (%1), %%xmm1 \n\t" // load round key + "add $16, %1 \n\t" + "subl $1, %0 \n\t" + "jnz 2b \n\t" + "movdqu (%1), %%xmm1 \n\t" // load round key AESDECLAST xmm1_xmm0 "\n\t" // last round - "3: \n\t" - "movdqu %%xmm0, (%4) \n\t" // export output + "3: \n\t" + "movdqu %%xmm0, (%4) \n\t" // export output : : "r" (ctx->nr), "r" (ctx->rk), "r" (mode), "r" (input), "r" (output) - : "memory", "cc", "xmm0", "xmm1" ); + : "memory", "cc", "xmm0", "xmm1"); - return( 0 ); + return 0; } /* * GCM multiplication: c = a times b in GF(2^128) * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5. */ -void mbedtls_aesni_gcm_mult( unsigned char c[16], - const unsigned char a[16], - const unsigned char b[16] ) +void mbedtls_aesni_gcm_mult(unsigned char c[16], + const unsigned char a[16], + const unsigned char b[16]) { unsigned char aa[16], bb[16], cc[16]; size_t i; /* The inputs are in big-endian order, so byte-reverse them */ - for( i = 0; i < 16; i++ ) - { + for (i = 0; i < 16; i++) { aa[i] = a[15 - i]; bb[i] = b[15 - i]; } - asm( "movdqu (%0), %%xmm0 \n\t" // a1:a0 + asm ("movdqu (%0), %%xmm0 \n\t" // a1:a0 "movdqu (%1), %%xmm1 \n\t" // b1:b0 /* @@ -168,30 +167,30 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16], PCLMULQDQ xmm0_xmm2 ",0x11 \n\t" // a1*b1 = d1:d0 PCLMULQDQ xmm0_xmm3 ",0x10 \n\t" // a0*b1 = e1:e0 PCLMULQDQ xmm0_xmm4 ",0x01 \n\t" // a1*b0 = f1:f0 - "pxor %%xmm3, %%xmm4 \n\t" // e1+f1:e0+f0 - "movdqa %%xmm4, %%xmm3 \n\t" // same - "psrldq $8, %%xmm4 \n\t" // 0:e1+f1 - "pslldq $8, %%xmm3 \n\t" // e0+f0:0 - "pxor %%xmm4, %%xmm2 \n\t" // d1:d0+e1+f1 - "pxor %%xmm3, %%xmm1 \n\t" // c1+e0+f1:c0 + "pxor %%xmm3, %%xmm4 \n\t" // e1+f1:e0+f0 + "movdqa %%xmm4, %%xmm3 \n\t" // same + "psrldq $8, %%xmm4 \n\t" // 0:e1+f1 + "pslldq $8, %%xmm3 \n\t" // e0+f0:0 + "pxor %%xmm4, %%xmm2 \n\t" // d1:d0+e1+f1 + "pxor %%xmm3, %%xmm1 \n\t" // c1+e0+f1:c0 /* * Now shift the result one bit to the left, * taking advantage of [CLMUL-WP] eq 27 (p. 20) */ - "movdqa %%xmm1, %%xmm3 \n\t" // r1:r0 - "movdqa %%xmm2, %%xmm4 \n\t" // r3:r2 - "psllq $1, %%xmm1 \n\t" // r1<<1:r0<<1 - "psllq $1, %%xmm2 \n\t" // r3<<1:r2<<1 - "psrlq $63, %%xmm3 \n\t" // r1>>63:r0>>63 - "psrlq $63, %%xmm4 \n\t" // r3>>63:r2>>63 - "movdqa %%xmm3, %%xmm5 \n\t" // r1>>63:r0>>63 - "pslldq $8, %%xmm3 \n\t" // r0>>63:0 - "pslldq $8, %%xmm4 \n\t" // r2>>63:0 - "psrldq $8, %%xmm5 \n\t" // 0:r1>>63 - "por %%xmm3, %%xmm1 \n\t" // r1<<1|r0>>63:r0<<1 - "por %%xmm4, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1 - "por %%xmm5, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1|r1>>63 + "movdqa %%xmm1, %%xmm3 \n\t" // r1:r0 + "movdqa %%xmm2, %%xmm4 \n\t" // r3:r2 + "psllq $1, %%xmm1 \n\t" // r1<<1:r0<<1 + "psllq $1, %%xmm2 \n\t" // r3<<1:r2<<1 + "psrlq $63, %%xmm3 \n\t" // r1>>63:r0>>63 + "psrlq $63, %%xmm4 \n\t" // r3>>63:r2>>63 + "movdqa %%xmm3, %%xmm5 \n\t" // r1>>63:r0>>63 + "pslldq $8, %%xmm3 \n\t" // r0>>63:0 + "pslldq $8, %%xmm4 \n\t" // r2>>63:0 + "psrldq $8, %%xmm5 \n\t" // 0:r1>>63 + "por %%xmm3, %%xmm1 \n\t" // r1<<1|r0>>63:r0<<1 + "por %%xmm4, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1 + "por %%xmm5, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1|r1>>63 /* * Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1 @@ -199,51 +198,52 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16], * Currently xmm2:xmm1 holds x3:x2:x1:x0 (already shifted). */ /* Step 2 (1) */ - "movdqa %%xmm1, %%xmm3 \n\t" // x1:x0 - "movdqa %%xmm1, %%xmm4 \n\t" // same - "movdqa %%xmm1, %%xmm5 \n\t" // same - "psllq $63, %%xmm3 \n\t" // x1<<63:x0<<63 = stuff:a - "psllq $62, %%xmm4 \n\t" // x1<<62:x0<<62 = stuff:b - "psllq $57, %%xmm5 \n\t" // x1<<57:x0<<57 = stuff:c + "movdqa %%xmm1, %%xmm3 \n\t" // x1:x0 + "movdqa %%xmm1, %%xmm4 \n\t" // same + "movdqa %%xmm1, %%xmm5 \n\t" // same + "psllq $63, %%xmm3 \n\t" // x1<<63:x0<<63 = stuff:a + "psllq $62, %%xmm4 \n\t" // x1<<62:x0<<62 = stuff:b + "psllq $57, %%xmm5 \n\t" // x1<<57:x0<<57 = stuff:c /* Step 2 (2) */ - "pxor %%xmm4, %%xmm3 \n\t" // stuff:a+b - "pxor %%xmm5, %%xmm3 \n\t" // stuff:a+b+c - "pslldq $8, %%xmm3 \n\t" // a+b+c:0 - "pxor %%xmm3, %%xmm1 \n\t" // x1+a+b+c:x0 = d:x0 + "pxor %%xmm4, %%xmm3 \n\t" // stuff:a+b + "pxor %%xmm5, %%xmm3 \n\t" // stuff:a+b+c + "pslldq $8, %%xmm3 \n\t" // a+b+c:0 + "pxor %%xmm3, %%xmm1 \n\t" // x1+a+b+c:x0 = d:x0 /* Steps 3 and 4 */ - "movdqa %%xmm1,%%xmm0 \n\t" // d:x0 - "movdqa %%xmm1,%%xmm4 \n\t" // same - "movdqa %%xmm1,%%xmm5 \n\t" // same - "psrlq $1, %%xmm0 \n\t" // e1:x0>>1 = e1:e0' - "psrlq $2, %%xmm4 \n\t" // f1:x0>>2 = f1:f0' - "psrlq $7, %%xmm5 \n\t" // g1:x0>>7 = g1:g0' - "pxor %%xmm4, %%xmm0 \n\t" // e1+f1:e0'+f0' - "pxor %%xmm5, %%xmm0 \n\t" // e1+f1+g1:e0'+f0'+g0' + "movdqa %%xmm1,%%xmm0 \n\t" // d:x0 + "movdqa %%xmm1,%%xmm4 \n\t" // same + "movdqa %%xmm1,%%xmm5 \n\t" // same + "psrlq $1, %%xmm0 \n\t" // e1:x0>>1 = e1:e0' + "psrlq $2, %%xmm4 \n\t" // f1:x0>>2 = f1:f0' + "psrlq $7, %%xmm5 \n\t" // g1:x0>>7 = g1:g0' + "pxor %%xmm4, %%xmm0 \n\t" // e1+f1:e0'+f0' + "pxor %%xmm5, %%xmm0 \n\t" // e1+f1+g1:e0'+f0'+g0' // e0'+f0'+g0' is almost e0+f0+g0, ex\tcept for some missing // bits carried from d. Now get those\t bits back in. - "movdqa %%xmm1,%%xmm3 \n\t" // d:x0 - "movdqa %%xmm1,%%xmm4 \n\t" // same - "movdqa %%xmm1,%%xmm5 \n\t" // same - "psllq $63, %%xmm3 \n\t" // d<<63:stuff - "psllq $62, %%xmm4 \n\t" // d<<62:stuff - "psllq $57, %%xmm5 \n\t" // d<<57:stuff - "pxor %%xmm4, %%xmm3 \n\t" // d<<63+d<<62:stuff - "pxor %%xmm5, %%xmm3 \n\t" // missing bits of d:stuff - "psrldq $8, %%xmm3 \n\t" // 0:missing bits of d - "pxor %%xmm3, %%xmm0 \n\t" // e1+f1+g1:e0+f0+g0 - "pxor %%xmm1, %%xmm0 \n\t" // h1:h0 - "pxor %%xmm2, %%xmm0 \n\t" // x3+h1:x2+h0 - - "movdqu %%xmm0, (%2) \n\t" // done + "movdqa %%xmm1,%%xmm3 \n\t" // d:x0 + "movdqa %%xmm1,%%xmm4 \n\t" // same + "movdqa %%xmm1,%%xmm5 \n\t" // same + "psllq $63, %%xmm3 \n\t" // d<<63:stuff + "psllq $62, %%xmm4 \n\t" // d<<62:stuff + "psllq $57, %%xmm5 \n\t" // d<<57:stuff + "pxor %%xmm4, %%xmm3 \n\t" // d<<63+d<<62:stuff + "pxor %%xmm5, %%xmm3 \n\t" // missing bits of d:stuff + "psrldq $8, %%xmm3 \n\t" // 0:missing bits of d + "pxor %%xmm3, %%xmm0 \n\t" // e1+f1+g1:e0+f0+g0 + "pxor %%xmm1, %%xmm0 \n\t" // h1:h0 + "pxor %%xmm2, %%xmm0 \n\t" // x3+h1:x2+h0 + + "movdqu %%xmm0, (%2) \n\t" // done : : "r" (aa), "r" (bb), "r" (cc) - : "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5" ); + : "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5"); /* Now byte-reverse the outputs */ - for( i = 0; i < 16; i++ ) + for (i = 0; i < 16; i++) { c[i] = cc[15 - i]; + } return; } @@ -251,32 +251,33 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16], /* * Compute decryption round keys from encryption round keys */ -void mbedtls_aesni_inverse_key( unsigned char *invkey, - const unsigned char *fwdkey, int nr ) +void mbedtls_aesni_inverse_key(unsigned char *invkey, + const unsigned char *fwdkey, int nr) { unsigned char *ik = invkey; const unsigned char *fk = fwdkey + 16 * nr; - memcpy( ik, fk, 16 ); + memcpy(ik, fk, 16); - for( fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16 ) - asm( "movdqu (%0), %%xmm0 \n\t" + for (fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16) { + asm ("movdqu (%0), %%xmm0 \n\t" AESIMC xmm0_xmm0 "\n\t" - "movdqu %%xmm0, (%1) \n\t" + "movdqu %%xmm0, (%1) \n\t" : : "r" (fk), "r" (ik) - : "memory", "xmm0" ); + : "memory", "xmm0"); + } - memcpy( ik, fk, 16 ); + memcpy(ik, fk, 16); } /* * Key expansion, 128-bit case */ -static void aesni_setkey_enc_128( unsigned char *rk, - const unsigned char *key ) +static void aesni_setkey_enc_128(unsigned char *rk, + const unsigned char *key) { - asm( "movdqu (%1), %%xmm0 \n\t" // copy the original key + asm ("movdqu (%1), %%xmm0 \n\t" // copy the original key "movdqu %%xmm0, (%0) \n\t" // as round key 0 "jmp 2f \n\t" // skip auxiliary routine @@ -317,16 +318,16 @@ static void aesni_setkey_enc_128( unsigned char *rk, AESKEYGENA xmm0_xmm1 ",0x36 \n\tcall 1b \n\t" : : "r" (rk), "r" (key) - : "memory", "cc", "0" ); + : "memory", "cc", "0"); } /* * Key expansion, 192-bit case */ -static void aesni_setkey_enc_192( unsigned char *rk, - const unsigned char *key ) +static void aesni_setkey_enc_192(unsigned char *rk, + const unsigned char *key) { - asm( "movdqu (%1), %%xmm0 \n\t" // copy original round key + asm ("movdqu (%1), %%xmm0 \n\t" // copy original round key "movdqu %%xmm0, (%0) \n\t" "add $16, %0 \n\t" "movq 16(%1), %%xmm1 \n\t" @@ -374,16 +375,16 @@ static void aesni_setkey_enc_192( unsigned char *rk, : : "r" (rk), "r" (key) - : "memory", "cc", "0" ); + : "memory", "cc", "0"); } /* * Key expansion, 256-bit case */ -static void aesni_setkey_enc_256( unsigned char *rk, - const unsigned char *key ) +static void aesni_setkey_enc_256(unsigned char *rk, + const unsigned char *key) { - asm( "movdqu (%1), %%xmm0 \n\t" + asm ("movdqu (%1), %%xmm0 \n\t" "movdqu %%xmm0, (%0) \n\t" "add $16, %0 \n\t" "movdqu 16(%1), %%xmm1 \n\t" @@ -414,23 +415,23 @@ static void aesni_setkey_enc_256( unsigned char *rk, /* Set xmm2 to stuff:Y:stuff:stuff with Y = subword( r11 ) * and proceed to generate next round key from there */ AESKEYGENA xmm0_xmm2 ",0x00 \n\t" - "pshufd $0xaa, %%xmm2, %%xmm2 \n\t" - "pxor %%xmm1, %%xmm2 \n\t" - "pslldq $4, %%xmm1 \n\t" - "pxor %%xmm1, %%xmm2 \n\t" - "pslldq $4, %%xmm1 \n\t" - "pxor %%xmm1, %%xmm2 \n\t" - "pslldq $4, %%xmm1 \n\t" - "pxor %%xmm2, %%xmm1 \n\t" - "add $16, %0 \n\t" - "movdqu %%xmm1, (%0) \n\t" - "ret \n\t" + "pshufd $0xaa, %%xmm2, %%xmm2 \n\t" + "pxor %%xmm1, %%xmm2 \n\t" + "pslldq $4, %%xmm1 \n\t" + "pxor %%xmm1, %%xmm2 \n\t" + "pslldq $4, %%xmm1 \n\t" + "pxor %%xmm1, %%xmm2 \n\t" + "pslldq $4, %%xmm1 \n\t" + "pxor %%xmm2, %%xmm1 \n\t" + "add $16, %0 \n\t" + "movdqu %%xmm1, (%0) \n\t" + "ret \n\t" /* * Main "loop" - Generating one more key than necessary, * see definition of mbedtls_aes_context.buf */ - "2: \n\t" + "2: \n\t" AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t" AESKEYGENA xmm1_xmm2 ",0x02 \n\tcall 1b \n\t" AESKEYGENA xmm1_xmm2 ",0x04 \n\tcall 1b \n\t" @@ -440,25 +441,24 @@ static void aesni_setkey_enc_256( unsigned char *rk, AESKEYGENA xmm1_xmm2 ",0x40 \n\tcall 1b \n\t" : : "r" (rk), "r" (key) - : "memory", "cc", "0" ); + : "memory", "cc", "0"); } /* * Key expansion, wrapper */ -int mbedtls_aesni_setkey_enc( unsigned char *rk, - const unsigned char *key, - size_t bits ) +int mbedtls_aesni_setkey_enc(unsigned char *rk, + const unsigned char *key, + size_t bits) { - switch( bits ) - { - case 128: aesni_setkey_enc_128( rk, key ); break; - case 192: aesni_setkey_enc_192( rk, key ); break; - case 256: aesni_setkey_enc_256( rk, key ); break; - default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); + switch (bits) { + case 128: aesni_setkey_enc_128(rk, key); break; + case 192: aesni_setkey_enc_192(rk, key); break; + case 256: aesni_setkey_enc_256(rk, key); break; + default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; } - return( 0 ); + return 0; } #endif /* MBEDTLS_HAVE_X86_64 */ diff --git a/library/arc4.c b/library/arc4.c index dcc13d539afe..aa5e3a2b3a24 100644 --- a/library/arc4.c +++ b/library/arc4.c @@ -35,24 +35,25 @@ #if !defined(MBEDTLS_ARC4_ALT) -void mbedtls_arc4_init( mbedtls_arc4_context *ctx ) +void mbedtls_arc4_init(mbedtls_arc4_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_arc4_context ) ); + memset(ctx, 0, sizeof(mbedtls_arc4_context)); } -void mbedtls_arc4_free( mbedtls_arc4_context *ctx ) +void mbedtls_arc4_free(mbedtls_arc4_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_arc4_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_arc4_context)); } /* * ARC4 key schedule */ -void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, - unsigned int keylen ) +void mbedtls_arc4_setup(mbedtls_arc4_context *ctx, const unsigned char *key, + unsigned int keylen) { int i, j, a; unsigned int k; @@ -62,17 +63,19 @@ void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, ctx->y = 0; m = ctx->m; - for( i = 0; i < 256; i++ ) + for (i = 0; i < 256; i++) { m[i] = (unsigned char) i; + } j = k = 0; - for( i = 0; i < 256; i++, k++ ) - { - if( k >= keylen ) k = 0; + for (i = 0; i < 256; i++, k++) { + if (k >= keylen) { + k = 0; + } a = m[i]; - j = ( j + a + key[k] ) & 0xFF; + j = (j + a + key[k]) & 0xFF; m[i] = m[j]; m[j] = (unsigned char) a; } @@ -81,8 +84,8 @@ void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, /* * ARC4 cipher function */ -int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, - unsigned char *output ) +int mbedtls_arc4_crypt(mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, + unsigned char *output) { int x, y, a, b; size_t i; @@ -92,22 +95,21 @@ int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned y = ctx->y; m = ctx->m; - for( i = 0; i < length; i++ ) - { - x = ( x + 1 ) & 0xFF; a = m[x]; - y = ( y + a ) & 0xFF; b = m[y]; + for (i = 0; i < length; i++) { + x = (x + 1) & 0xFF; a = m[x]; + y = (y + a) & 0xFF; b = m[y]; m[x] = (unsigned char) b; m[y] = (unsigned char) a; output[i] = (unsigned char) - ( input[i] ^ m[(unsigned char)( a + b )] ); + (input[i] ^ m[(unsigned char) (a + b)]); } ctx->x = x; ctx->y = y; - return( 0 ); + return 0; } #endif /* !MBEDTLS_ARC4_ALT */ @@ -142,45 +144,47 @@ static const unsigned char arc4_test_ct[3][8] = /* * Checkup routine */ -int mbedtls_arc4_self_test( int verbose ) +int mbedtls_arc4_self_test(int verbose) { int i, ret = 0; unsigned char ibuf[8]; unsigned char obuf[8]; mbedtls_arc4_context ctx; - mbedtls_arc4_init( &ctx ); + mbedtls_arc4_init(&ctx); - for( i = 0; i < 3; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " ARC4 test #%d: ", i + 1 ); + for (i = 0; i < 3; i++) { + if (verbose != 0) { + mbedtls_printf(" ARC4 test #%d: ", i + 1); + } - memcpy( ibuf, arc4_test_pt[i], 8 ); + memcpy(ibuf, arc4_test_pt[i], 8); - mbedtls_arc4_setup( &ctx, arc4_test_key[i], 8 ); - mbedtls_arc4_crypt( &ctx, 8, ibuf, obuf ); + mbedtls_arc4_setup(&ctx, arc4_test_key[i], 8); + mbedtls_arc4_crypt(&ctx, 8, ibuf, obuf); - if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (memcmp(obuf, arc4_test_ct[i], 8) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } exit: - mbedtls_arc4_free( &ctx ); + mbedtls_arc4_free(&ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/aria.c b/library/aria.c index 5e52eea91ecd..d958ef615ddc 100644 --- a/library/aria.c +++ b/library/aria.c @@ -38,10 +38,10 @@ #include "mbedtls/platform_util.h" /* Parameter validation macros */ -#define ARIA_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ) -#define ARIA_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define ARIA_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA) +#define ARIA_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) /* * modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes @@ -55,30 +55,30 @@ #if defined(__arm__) /* rev16 available from v6 up */ /* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */ #if defined(__GNUC__) && \ - ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) && \ + (!defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000) && \ __ARM_ARCH >= 6 -static inline uint32_t aria_p1( uint32_t x ) +static inline uint32_t aria_p1(uint32_t x) { uint32_t r; - __asm( "rev16 %0, %1" : "=l" (r) : "l" (x) ); - return( r ); + __asm("rev16 %0, %1" : "=l" (r) : "l" (x)); + return r; } #define ARIA_P1 aria_p1 #elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \ - ( __TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3 ) -static inline uint32_t aria_p1( uint32_t x ) + (__TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3) +static inline uint32_t aria_p1(uint32_t x) { uint32_t r; - __asm( "rev16 r, x" ); - return( r ); + __asm("rev16 r, x"); + return r; } #define ARIA_P1 aria_p1 #endif #endif /* arm */ #if defined(__GNUC__) && \ - defined(__i386__) || defined(__amd64__) || defined( __x86_64__) + defined(__i386__) || defined(__amd64__) || defined(__x86_64__) /* I couldn't find an Intel equivalent of rev16, so two instructions */ -#define ARIA_P1(x) ARIA_P2( ARIA_P3( x ) ) +#define ARIA_P1(x) ARIA_P2(ARIA_P3(x)) #endif /* x86 gnuc */ #endif /* MBEDTLS_HAVE_ASM && GNUC */ #if !defined(ARIA_P1) @@ -106,38 +106,38 @@ static inline uint32_t aria_p1( uint32_t x ) #if defined(__arm__) /* rev available from v6 up */ /* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */ #if defined(__GNUC__) && \ - ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) && \ + (!defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000) && \ __ARM_ARCH >= 6 -static inline uint32_t aria_p3( uint32_t x ) +static inline uint32_t aria_p3(uint32_t x) { uint32_t r; - __asm( "rev %0, %1" : "=l" (r) : "l" (x) ); - return( r ); + __asm("rev %0, %1" : "=l" (r) : "l" (x)); + return r; } #define ARIA_P3 aria_p3 #elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \ - ( __TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3 ) -static inline uint32_t aria_p3( uint32_t x ) + (__TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3) +static inline uint32_t aria_p3(uint32_t x) { uint32_t r; - __asm( "rev r, x" ); - return( r ); + __asm("rev r, x"); + return r; } #define ARIA_P3 aria_p3 #endif #endif /* arm */ #if defined(__GNUC__) && \ - defined(__i386__) || defined(__amd64__) || defined( __x86_64__) -static inline uint32_t aria_p3( uint32_t x ) + defined(__i386__) || defined(__amd64__) || defined(__x86_64__) +static inline uint32_t aria_p3(uint32_t x) { - __asm( "bswap %0" : "=r" (x) : "0" (x) ); - return( x ); + __asm("bswap %0" : "=r" (x) : "0" (x)); + return x; } #define ARIA_P3 aria_p3 #endif /* x86 gnuc */ #endif /* MBEDTLS_HAVE_ASM && GNUC */ #if !defined(ARIA_P3) -#define ARIA_P3(x) ARIA_P2( ARIA_P1 ( x ) ) +#define ARIA_P3(x) ARIA_P2(ARIA_P1(x)) #endif /* @@ -163,28 +163,28 @@ static inline uint32_t aria_p3( uint32_t x ) * half of App. B.1 in [1] in terms of 4-byte operators P1, P2, P3 and P4. * The implementation below uses only P1 and P2 as they are sufficient. */ -static inline void aria_a( uint32_t *a, uint32_t *b, - uint32_t *c, uint32_t *d ) +static inline void aria_a(uint32_t *a, uint32_t *b, + uint32_t *c, uint32_t *d) { uint32_t ta, tb, tc; ta = *b; // 4567 *b = *a; // 0123 - *a = ARIA_P2( ta ); // 6745 - tb = ARIA_P2( *d ); // efcd - *d = ARIA_P1( *c ); // 98ba - *c = ARIA_P1( tb ); // fedc + *a = ARIA_P2(ta); // 6745 + tb = ARIA_P2(*d); // efcd + *d = ARIA_P1(*c); // 98ba + *c = ARIA_P1(tb); // fedc ta ^= *d; // 4567+98ba - tc = ARIA_P2( *b ); // 2301 - ta = ARIA_P1( ta ) ^ tc ^ *c; // 2301+5476+89ab+fedc - tb ^= ARIA_P2( *d ); // ba98+efcd - tc ^= ARIA_P1( *a ); // 2301+7654 + tc = ARIA_P2(*b); // 2301 + ta = ARIA_P1(ta) ^ tc ^ *c; // 2301+5476+89ab+fedc + tb ^= ARIA_P2(*d); // ba98+efcd + tc ^= ARIA_P1(*a); // 2301+7654 *b ^= ta ^ tb; // 0123+2301+5476+89ab+ba98+efcd+fedc OUT - tb = ARIA_P2( tb ) ^ ta; // 2301+5476+89ab+98ba+cdef+fedc - *a ^= ARIA_P1( tb ); // 3210+4567+6745+89ab+98ba+dcfe+efcd OUT - ta = ARIA_P2( ta ); // 0123+7654+ab89+dcfe - *d ^= ARIA_P1( ta ) ^ tc; // 1032+2301+6745+7654+98ba+ba98+cdef OUT - tc = ARIA_P2( tc ); // 0123+5476 - *c ^= ARIA_P1( tc ) ^ ta; // 0123+1032+4567+7654+ab89+dcfe+fedc OUT + tb = ARIA_P2(tb) ^ ta; // 2301+5476+89ab+98ba+cdef+fedc + *a ^= ARIA_P1(tb); // 3210+4567+6745+89ab+98ba+dcfe+efcd OUT + ta = ARIA_P2(ta); // 0123+7654+ab89+dcfe + *d ^= ARIA_P1(ta) ^ tc; // 1032+2301+6745+7654+98ba+ba98+cdef OUT + tc = ARIA_P2(tc); // 0123+5476 + *c ^= ARIA_P1(tc) ^ ta; // 0123+1032+4567+7654+ab89+dcfe+fedc OUT } /* @@ -195,27 +195,27 @@ static inline void aria_a( uint32_t *a, uint32_t *b, * By passing sb1, sb2, is1, is2 as S-Boxes you get SL1 * By passing is1, is2, sb1, sb2 as S-Boxes you get SL2 */ -static inline void aria_sl( uint32_t *a, uint32_t *b, - uint32_t *c, uint32_t *d, - const uint8_t sa[256], const uint8_t sb[256], - const uint8_t sc[256], const uint8_t sd[256] ) +static inline void aria_sl(uint32_t *a, uint32_t *b, + uint32_t *c, uint32_t *d, + const uint8_t sa[256], const uint8_t sb[256], + const uint8_t sc[256], const uint8_t sd[256]) { - *a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ] ) ^ - (((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) << 8) ^ - (((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^ - (((uint32_t) sd[ MBEDTLS_BYTE_3( *a ) ]) << 24); - *b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ] ) ^ - (((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) << 8) ^ - (((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^ - (((uint32_t) sd[ MBEDTLS_BYTE_3( *b ) ]) << 24); - *c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ] ) ^ - (((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) << 8) ^ - (((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^ - (((uint32_t) sd[ MBEDTLS_BYTE_3( *c ) ]) << 24); - *d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ] ) ^ - (((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) << 8) ^ - (((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^ - (((uint32_t) sd[ MBEDTLS_BYTE_3( *d ) ]) << 24); + *a = ((uint32_t) sa[MBEDTLS_BYTE_0(*a)]) ^ + (((uint32_t) sb[MBEDTLS_BYTE_1(*a)]) << 8) ^ + (((uint32_t) sc[MBEDTLS_BYTE_2(*a)]) << 16) ^ + (((uint32_t) sd[MBEDTLS_BYTE_3(*a)]) << 24); + *b = ((uint32_t) sa[MBEDTLS_BYTE_0(*b)]) ^ + (((uint32_t) sb[MBEDTLS_BYTE_1(*b)]) << 8) ^ + (((uint32_t) sc[MBEDTLS_BYTE_2(*b)]) << 16) ^ + (((uint32_t) sd[MBEDTLS_BYTE_3(*b)]) << 24); + *c = ((uint32_t) sa[MBEDTLS_BYTE_0(*c)]) ^ + (((uint32_t) sb[MBEDTLS_BYTE_1(*c)]) << 8) ^ + (((uint32_t) sc[MBEDTLS_BYTE_2(*c)]) << 16) ^ + (((uint32_t) sd[MBEDTLS_BYTE_3(*c)]) << 24); + *d = ((uint32_t) sa[MBEDTLS_BYTE_0(*d)]) ^ + (((uint32_t) sb[MBEDTLS_BYTE_1(*d)]) << 8) ^ + (((uint32_t) sc[MBEDTLS_BYTE_2(*d)]) << 16) ^ + (((uint32_t) sd[MBEDTLS_BYTE_3(*d)]) << 24); } /* @@ -328,8 +328,8 @@ static const uint8_t aria_is2[256] = /* * Helper for key schedule: r = FO( p, k ) ^ x */ -static void aria_fo_xor( uint32_t r[4], const uint32_t p[4], - const uint32_t k[4], const uint32_t x[4] ) +static void aria_fo_xor(uint32_t r[4], const uint32_t p[4], + const uint32_t k[4], const uint32_t x[4]) { uint32_t a, b, c, d; @@ -338,8 +338,8 @@ static void aria_fo_xor( uint32_t r[4], const uint32_t p[4], c = p[2] ^ k[2]; d = p[3] ^ k[3]; - aria_sl( &a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2 ); - aria_a( &a, &b, &c, &d ); + aria_sl(&a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2); + aria_a(&a, &b, &c, &d); r[0] = a ^ x[0]; r[1] = b ^ x[1]; @@ -350,8 +350,8 @@ static void aria_fo_xor( uint32_t r[4], const uint32_t p[4], /* * Helper for key schedule: r = FE( p, k ) ^ x */ -static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], - const uint32_t k[4], const uint32_t x[4] ) +static void aria_fe_xor(uint32_t r[4], const uint32_t p[4], + const uint32_t k[4], const uint32_t x[4]) { uint32_t a, b, c, d; @@ -360,8 +360,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], c = p[2] ^ k[2]; d = p[3] ^ k[3]; - aria_sl( &a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2 ); - aria_a( &a, &b, &c, &d ); + aria_sl(&a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2); + aria_a(&a, &b, &c, &d); r[0] = a ^ x[0]; r[1] = b ^ x[1]; @@ -376,8 +376,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], * MBEDTLS_GET_UINT32_LE / MBEDTLS_PUT_UINT32_LE ) so we need to reverse * bytes here. */ -static void aria_rot128( uint32_t r[4], const uint32_t a[4], - const uint32_t b[4], uint8_t n ) +static void aria_rot128(uint32_t r[4], const uint32_t a[4], + const uint32_t b[4], uint8_t n) { uint8_t i, j; uint32_t t, u; @@ -385,15 +385,14 @@ static void aria_rot128( uint32_t r[4], const uint32_t a[4], const uint8_t n1 = n % 32; // bit offset const uint8_t n2 = n1 ? 32 - n1 : 0; // reverse bit offset - j = ( n / 32 ) % 4; // initial word offset - t = ARIA_P3( b[j] ); // big endian - for( i = 0; i < 4; i++ ) - { - j = ( j + 1 ) % 4; // get next word, big endian - u = ARIA_P3( b[j] ); + j = (n / 32) % 4; // initial word offset + t = ARIA_P3(b[j]); // big endian + for (i = 0; i < 4; i++) { + j = (j + 1) % 4; // get next word, big endian + u = ARIA_P3(b[j]); t <<= n1; // rotate t |= u >> n2; - t = ARIA_P3( t ); // back to little endian + t = ARIA_P3(t); // back to little endian r[i] = a[i] ^ t; // store t = u; // move to next word } @@ -402,8 +401,8 @@ static void aria_rot128( uint32_t r[4], const uint32_t a[4], /* * Set encryption key */ -int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, - const unsigned char *key, unsigned int keybits ) +int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, + const unsigned char *key, unsigned int keybits) { /* round constant masks */ const uint32_t rc[3][4] = @@ -415,74 +414,71 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, int i; uint32_t w[4][4], *w2; - ARIA_VALIDATE_RET( ctx != NULL ); - ARIA_VALIDATE_RET( key != NULL ); + ARIA_VALIDATE_RET(ctx != NULL); + ARIA_VALIDATE_RET(key != NULL); - if( keybits != 128 && keybits != 192 && keybits != 256 ) - return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); + if (keybits != 128 && keybits != 192 && keybits != 256) { + return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA; + } /* Copy key to W0 (and potential remainder to W1) */ - w[0][0] = MBEDTLS_GET_UINT32_LE( key, 0 ); - w[0][1] = MBEDTLS_GET_UINT32_LE( key, 4 ); - w[0][2] = MBEDTLS_GET_UINT32_LE( key, 8 ); - w[0][3] = MBEDTLS_GET_UINT32_LE( key, 12 ); - - memset( w[1], 0, 16 ); - if( keybits >= 192 ) - { - w[1][0] = MBEDTLS_GET_UINT32_LE( key, 16 ); // 192 bit key - w[1][1] = MBEDTLS_GET_UINT32_LE( key, 20 ); + w[0][0] = MBEDTLS_GET_UINT32_LE(key, 0); + w[0][1] = MBEDTLS_GET_UINT32_LE(key, 4); + w[0][2] = MBEDTLS_GET_UINT32_LE(key, 8); + w[0][3] = MBEDTLS_GET_UINT32_LE(key, 12); + + memset(w[1], 0, 16); + if (keybits >= 192) { + w[1][0] = MBEDTLS_GET_UINT32_LE(key, 16); // 192 bit key + w[1][1] = MBEDTLS_GET_UINT32_LE(key, 20); } - if( keybits == 256 ) - { - w[1][2] = MBEDTLS_GET_UINT32_LE( key, 24 ); // 256 bit key - w[1][3] = MBEDTLS_GET_UINT32_LE( key, 28 ); + if (keybits == 256) { + w[1][2] = MBEDTLS_GET_UINT32_LE(key, 24); // 256 bit key + w[1][3] = MBEDTLS_GET_UINT32_LE(key, 28); } - i = ( keybits - 128 ) >> 6; // index: 0, 1, 2 + i = (keybits - 128) >> 6; // index: 0, 1, 2 ctx->nr = 12 + 2 * i; // no. rounds: 12, 14, 16 - aria_fo_xor( w[1], w[0], rc[i], w[1] ); // W1 = FO(W0, CK1) ^ KR + aria_fo_xor(w[1], w[0], rc[i], w[1]); // W1 = FO(W0, CK1) ^ KR i = i < 2 ? i + 1 : 0; - aria_fe_xor( w[2], w[1], rc[i], w[0] ); // W2 = FE(W1, CK2) ^ W0 + aria_fe_xor(w[2], w[1], rc[i], w[0]); // W2 = FE(W1, CK2) ^ W0 i = i < 2 ? i + 1 : 0; - aria_fo_xor( w[3], w[2], rc[i], w[1] ); // W3 = FO(W2, CK3) ^ W1 + aria_fo_xor(w[3], w[2], rc[i], w[1]); // W3 = FO(W2, CK3) ^ W1 - for( i = 0; i < 4; i++ ) // create round keys - { + for (i = 0; i < 4; i++) { // create round keys w2 = w[(i + 1) & 3]; - aria_rot128( ctx->rk[i ], w[i], w2, 128 - 19 ); - aria_rot128( ctx->rk[i + 4], w[i], w2, 128 - 31 ); - aria_rot128( ctx->rk[i + 8], w[i], w2, 61 ); - aria_rot128( ctx->rk[i + 12], w[i], w2, 31 ); + aria_rot128(ctx->rk[i], w[i], w2, 128 - 19); + aria_rot128(ctx->rk[i + 4], w[i], w2, 128 - 31); + aria_rot128(ctx->rk[i + 8], w[i], w2, 61); + aria_rot128(ctx->rk[i + 12], w[i], w2, 31); } - aria_rot128( ctx->rk[16], w[0], w[1], 19 ); + aria_rot128(ctx->rk[16], w[0], w[1], 19); /* w holds enough info to reconstruct the round keys */ - mbedtls_platform_zeroize( w, sizeof( w ) ); + mbedtls_platform_zeroize(w, sizeof(w)); - return( 0 ); + return 0; } /* * Set decryption key */ -int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, - const unsigned char *key, unsigned int keybits ) +int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, + const unsigned char *key, unsigned int keybits) { int i, j, k, ret; - ARIA_VALIDATE_RET( ctx != NULL ); - ARIA_VALIDATE_RET( key != NULL ); + ARIA_VALIDATE_RET(ctx != NULL); + ARIA_VALIDATE_RET(key != NULL); - ret = mbedtls_aria_setkey_enc( ctx, key, keybits ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aria_setkey_enc(ctx, key, keybits); + if (ret != 0) { + return ret; + } /* flip the order of round keys */ - for( i = 0, j = ctx->nr; i < j; i++, j-- ) - { - for( k = 0; k < 4; k++ ) - { + for (i = 0, j = ctx->nr; i < j; i++, j--) { + for (k = 0; k < 4; k++) { uint32_t t = ctx->rk[i][k]; ctx->rk[i][k] = ctx->rk[j][k]; ctx->rk[j][k] = t; @@ -490,45 +486,43 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, } /* apply affine transform to middle keys */ - for( i = 1; i < ctx->nr; i++ ) - { - aria_a( &ctx->rk[i][0], &ctx->rk[i][1], - &ctx->rk[i][2], &ctx->rk[i][3] ); + for (i = 1; i < ctx->nr; i++) { + aria_a(&ctx->rk[i][0], &ctx->rk[i][1], + &ctx->rk[i][2], &ctx->rk[i][3]); } - return( 0 ); + return 0; } /* * Encrypt a block */ -int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, - const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], - unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] ) +int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx, + const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], + unsigned char output[MBEDTLS_ARIA_BLOCKSIZE]) { int i; uint32_t a, b, c, d; - ARIA_VALIDATE_RET( ctx != NULL ); - ARIA_VALIDATE_RET( input != NULL ); - ARIA_VALIDATE_RET( output != NULL ); + ARIA_VALIDATE_RET(ctx != NULL); + ARIA_VALIDATE_RET(input != NULL); + ARIA_VALIDATE_RET(output != NULL); - a = MBEDTLS_GET_UINT32_LE( input, 0 ); - b = MBEDTLS_GET_UINT32_LE( input, 4 ); - c = MBEDTLS_GET_UINT32_LE( input, 8 ); - d = MBEDTLS_GET_UINT32_LE( input, 12 ); + a = MBEDTLS_GET_UINT32_LE(input, 0); + b = MBEDTLS_GET_UINT32_LE(input, 4); + c = MBEDTLS_GET_UINT32_LE(input, 8); + d = MBEDTLS_GET_UINT32_LE(input, 12); i = 0; - while( 1 ) - { + while (1) { a ^= ctx->rk[i][0]; b ^= ctx->rk[i][1]; c ^= ctx->rk[i][2]; d ^= ctx->rk[i][3]; i++; - aria_sl( &a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2 ); - aria_a( &a, &b, &c, &d ); + aria_sl(&a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2); + aria_a(&a, &b, &c, &d); a ^= ctx->rk[i][0]; b ^= ctx->rk[i][1]; @@ -536,10 +530,11 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, d ^= ctx->rk[i][3]; i++; - aria_sl( &a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2 ); - if( i >= ctx->nr ) + aria_sl(&a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2); + if (i >= ctx->nr) { break; - aria_a( &a, &b, &c, &d ); + } + aria_a(&a, &b, &c, &d); } /* final key mixing */ @@ -548,80 +543,79 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, c ^= ctx->rk[i][2]; d ^= ctx->rk[i][3]; - MBEDTLS_PUT_UINT32_LE( a, output, 0 ); - MBEDTLS_PUT_UINT32_LE( b, output, 4 ); - MBEDTLS_PUT_UINT32_LE( c, output, 8 ); - MBEDTLS_PUT_UINT32_LE( d, output, 12 ); + MBEDTLS_PUT_UINT32_LE(a, output, 0); + MBEDTLS_PUT_UINT32_LE(b, output, 4); + MBEDTLS_PUT_UINT32_LE(c, output, 8); + MBEDTLS_PUT_UINT32_LE(d, output, 12); - return( 0 ); + return 0; } /* Initialize context */ -void mbedtls_aria_init( mbedtls_aria_context *ctx ) +void mbedtls_aria_init(mbedtls_aria_context *ctx) { - ARIA_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_aria_context ) ); + ARIA_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_aria_context)); } /* Clear context */ -void mbedtls_aria_free( mbedtls_aria_context *ctx ) +void mbedtls_aria_free(mbedtls_aria_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aria_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_aria_context)); } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * ARIA-CBC buffer encryption/decryption */ -int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, - int mode, - size_t length, - unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx, + int mode, + size_t length, + unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], + const unsigned char *input, + unsigned char *output) { int i; unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE]; - ARIA_VALIDATE_RET( ctx != NULL ); - ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT || - mode == MBEDTLS_ARIA_DECRYPT ); - ARIA_VALIDATE_RET( length == 0 || input != NULL ); - ARIA_VALIDATE_RET( length == 0 || output != NULL ); - ARIA_VALIDATE_RET( iv != NULL ); + ARIA_VALIDATE_RET(ctx != NULL); + ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT || + mode == MBEDTLS_ARIA_DECRYPT); + ARIA_VALIDATE_RET(length == 0 || input != NULL); + ARIA_VALIDATE_RET(length == 0 || output != NULL); + ARIA_VALIDATE_RET(iv != NULL); - if( length % MBEDTLS_ARIA_BLOCKSIZE ) - return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH ); + if (length % MBEDTLS_ARIA_BLOCKSIZE) { + return MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH; + } - if( mode == MBEDTLS_ARIA_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, MBEDTLS_ARIA_BLOCKSIZE ); - mbedtls_aria_crypt_ecb( ctx, input, output ); + if (mode == MBEDTLS_ARIA_DECRYPT) { + while (length > 0) { + memcpy(temp, input, MBEDTLS_ARIA_BLOCKSIZE); + mbedtls_aria_crypt_ecb(ctx, input, output); - for( i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, MBEDTLS_ARIA_BLOCKSIZE ); + memcpy(iv, temp, MBEDTLS_ARIA_BLOCKSIZE); input += MBEDTLS_ARIA_BLOCKSIZE; output += MBEDTLS_ARIA_BLOCKSIZE; length -= MBEDTLS_ARIA_BLOCKSIZE; } - } - else - { - while( length > 0 ) - { - for( i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + } else { + while (length > 0) { + for (i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - mbedtls_aria_crypt_ecb( ctx, output, output ); - memcpy( iv, output, MBEDTLS_ARIA_BLOCKSIZE ); + mbedtls_aria_crypt_ecb(ctx, output, output); + memcpy(iv, output, MBEDTLS_ARIA_BLOCKSIZE); input += MBEDTLS_ARIA_BLOCKSIZE; output += MBEDTLS_ARIA_BLOCKSIZE; @@ -629,7 +623,7 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, } } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -637,63 +631,61 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, /* * ARIA-CFB128 buffer encryption/decryption */ -int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], + const unsigned char *input, + unsigned char *output) { unsigned char c; size_t n; - ARIA_VALIDATE_RET( ctx != NULL ); - ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT || - mode == MBEDTLS_ARIA_DECRYPT ); - ARIA_VALIDATE_RET( length == 0 || input != NULL ); - ARIA_VALIDATE_RET( length == 0 || output != NULL ); - ARIA_VALIDATE_RET( iv != NULL ); - ARIA_VALIDATE_RET( iv_off != NULL ); + ARIA_VALIDATE_RET(ctx != NULL); + ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT || + mode == MBEDTLS_ARIA_DECRYPT); + ARIA_VALIDATE_RET(length == 0 || input != NULL); + ARIA_VALIDATE_RET(length == 0 || output != NULL); + ARIA_VALIDATE_RET(iv != NULL); + ARIA_VALIDATE_RET(iv_off != NULL); n = *iv_off; /* An overly large value of n can lead to an unlimited * buffer overflow. Therefore, guard against this * outside of parameter validation. */ - if( n >= MBEDTLS_ARIA_BLOCKSIZE ) - return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); + if (n >= MBEDTLS_ARIA_BLOCKSIZE) { + return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA; + } - if( mode == MBEDTLS_ARIA_DECRYPT ) - { - while( length-- ) - { - if( n == 0 ) - mbedtls_aria_crypt_ecb( ctx, iv, iv ); + if (mode == MBEDTLS_ARIA_DECRYPT) { + while (length--) { + if (n == 0) { + mbedtls_aria_crypt_ecb(ctx, iv, iv); + } c = *input++; *output++ = c ^ iv[n]; iv[n] = c; - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } - } - else - { - while( length-- ) - { - if( n == 0 ) - mbedtls_aria_crypt_ecb( ctx, iv, iv ); + } else { + while (length--) { + if (n == 0) { + mbedtls_aria_crypt_ecb(ctx, iv, iv); + } - iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); + iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++); - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } } *iv_off = n; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CFB */ @@ -701,50 +693,52 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, /* * ARIA-CTR buffer encryption/decryption */ -int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE], - unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE], + unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE], + const unsigned char *input, + unsigned char *output) { int c, i; size_t n; - ARIA_VALIDATE_RET( ctx != NULL ); - ARIA_VALIDATE_RET( length == 0 || input != NULL ); - ARIA_VALIDATE_RET( length == 0 || output != NULL ); - ARIA_VALIDATE_RET( nonce_counter != NULL ); - ARIA_VALIDATE_RET( stream_block != NULL ); - ARIA_VALIDATE_RET( nc_off != NULL ); + ARIA_VALIDATE_RET(ctx != NULL); + ARIA_VALIDATE_RET(length == 0 || input != NULL); + ARIA_VALIDATE_RET(length == 0 || output != NULL); + ARIA_VALIDATE_RET(nonce_counter != NULL); + ARIA_VALIDATE_RET(stream_block != NULL); + ARIA_VALIDATE_RET(nc_off != NULL); n = *nc_off; /* An overly large value of n can lead to an unlimited * buffer overflow. Therefore, guard against this * outside of parameter validation. */ - if( n >= MBEDTLS_ARIA_BLOCKSIZE ) - return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); + if (n >= MBEDTLS_ARIA_BLOCKSIZE) { + return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA; + } - while( length-- ) - { - if( n == 0 ) { - mbedtls_aria_crypt_ecb( ctx, nonce_counter, - stream_block ); + while (length--) { + if (n == 0) { + mbedtls_aria_crypt_ecb(ctx, nonce_counter, + stream_block); - for( i = MBEDTLS_ARIA_BLOCKSIZE; i > 0; i-- ) - if( ++nonce_counter[i - 1] != 0 ) + for (i = MBEDTLS_ARIA_BLOCKSIZE; i > 0; i--) { + if (++nonce_counter[i - 1] != 0) { break; + } + } } c = *input++; - *output++ = (unsigned char)( c ^ stream_block[n] ); + *output++ = (unsigned char) (c ^ stream_block[n]); - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } *nc_off = n; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* !MBEDTLS_ARIA_ALT */ @@ -883,22 +877,22 @@ static const uint8_t aria_test2_ctr_ct[3][48] = // CTR ciphertext }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ -#define ARIA_SELF_TEST_ASSERT( cond ) \ - do { \ - if( cond ) { \ - if( verbose ) \ - mbedtls_printf( "failed\n" ); \ - goto exit; \ - } else { \ - if( verbose ) \ - mbedtls_printf( "passed\n" ); \ - } \ - } while( 0 ) +#define ARIA_SELF_TEST_ASSERT(cond) \ + do { \ + if (cond) { \ + if (verbose) \ + mbedtls_printf("failed\n"); \ + goto exit; \ + } else { \ + if (verbose) \ + mbedtls_printf("passed\n"); \ + } \ + } while (0) /* * Checkup routine */ -int mbedtls_aria_self_test( int verbose ) +int mbedtls_aria_self_test(int verbose) { int i; uint8_t blk[MBEDTLS_ARIA_BLOCKSIZE]; @@ -910,134 +904,142 @@ int mbedtls_aria_self_test( int verbose ) #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) || \ - defined(MBEDTLS_CIPHER_MODE_CFB) || \ - defined(MBEDTLS_CIPHER_MODE_CTR)) + defined(MBEDTLS_CIPHER_MODE_CFB) || \ + defined(MBEDTLS_CIPHER_MODE_CTR)) uint8_t buf[48], iv[MBEDTLS_ARIA_BLOCKSIZE]; #endif - mbedtls_aria_init( &ctx ); + mbedtls_aria_init(&ctx); /* * Test set 1 */ - for( i = 0; i < 3; i++ ) - { + for (i = 0; i < 3; i++) { /* test ECB encryption */ - if( verbose ) - mbedtls_printf( " ARIA-ECB-%d (enc): ", 128 + 64 * i ); - mbedtls_aria_setkey_enc( &ctx, aria_test1_ecb_key, 128 + 64 * i ); - mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_pt, blk ); + if (verbose) { + mbedtls_printf(" ARIA-ECB-%d (enc): ", 128 + 64 * i); + } + mbedtls_aria_setkey_enc(&ctx, aria_test1_ecb_key, 128 + 64 * i); + mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_pt, blk); ARIA_SELF_TEST_ASSERT( - memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE ) - != 0 ); + memcmp(blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE) + != 0); /* test ECB decryption */ - if( verbose ) - mbedtls_printf( " ARIA-ECB-%d (dec): ", 128 + 64 * i ); - mbedtls_aria_setkey_dec( &ctx, aria_test1_ecb_key, 128 + 64 * i ); - mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_ct[i], blk ); + if (verbose) { + mbedtls_printf(" ARIA-ECB-%d (dec): ", 128 + 64 * i); + } + mbedtls_aria_setkey_dec(&ctx, aria_test1_ecb_key, 128 + 64 * i); + mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_ct[i], blk); ARIA_SELF_TEST_ASSERT( - memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE ) - != 0 ); + memcmp(blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE) + != 0); + } + if (verbose) { + mbedtls_printf("\n"); } - if( verbose ) - mbedtls_printf( "\n" ); /* * Test set 2 */ #if defined(MBEDTLS_CIPHER_MODE_CBC) - for( i = 0; i < 3; i++ ) - { + for (i = 0; i < 3; i++) { /* Test CBC encryption */ - if( verbose ) - mbedtls_printf( " ARIA-CBC-%d (enc): ", 128 + 64 * i ); - mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); - memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); - memset( buf, 0x55, sizeof( buf ) ); - mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv, - aria_test2_pt, buf ); - ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_cbc_ct[i], 48 ) - != 0 ); + if (verbose) { + mbedtls_printf(" ARIA-CBC-%d (enc): ", 128 + 64 * i); + } + mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i); + memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE); + memset(buf, 0x55, sizeof(buf)); + mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv, + aria_test2_pt, buf); + ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_cbc_ct[i], 48) + != 0); /* Test CBC decryption */ - if( verbose ) - mbedtls_printf( " ARIA-CBC-%d (dec): ", 128 + 64 * i ); - mbedtls_aria_setkey_dec( &ctx, aria_test2_key, 128 + 64 * i ); - memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); - memset( buf, 0xAA, sizeof( buf ) ); - mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, 48, iv, - aria_test2_cbc_ct[i], buf ); - ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 ); + if (verbose) { + mbedtls_printf(" ARIA-CBC-%d (dec): ", 128 + 64 * i); + } + mbedtls_aria_setkey_dec(&ctx, aria_test2_key, 128 + 64 * i); + memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE); + memset(buf, 0xAA, sizeof(buf)); + mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_DECRYPT, 48, iv, + aria_test2_cbc_ct[i], buf); + ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0); + } + if (verbose) { + mbedtls_printf("\n"); } - if( verbose ) - mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - for( i = 0; i < 3; i++ ) - { + for (i = 0; i < 3; i++) { /* Test CFB encryption */ - if( verbose ) - mbedtls_printf( " ARIA-CFB-%d (enc): ", 128 + 64 * i ); - mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); - memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); - memset( buf, 0x55, sizeof( buf ) ); + if (verbose) { + mbedtls_printf(" ARIA-CFB-%d (enc): ", 128 + 64 * i); + } + mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i); + memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE); + memset(buf, 0x55, sizeof(buf)); j = 0; - mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv, - aria_test2_pt, buf ); - ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_cfb_ct[i], 48 ) != 0 ); + mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv, + aria_test2_pt, buf); + ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_cfb_ct[i], 48) != 0); /* Test CFB decryption */ - if( verbose ) - mbedtls_printf( " ARIA-CFB-%d (dec): ", 128 + 64 * i ); - mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); - memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); - memset( buf, 0xAA, sizeof( buf ) ); + if (verbose) { + mbedtls_printf(" ARIA-CFB-%d (dec): ", 128 + 64 * i); + } + mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i); + memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE); + memset(buf, 0xAA, sizeof(buf)); j = 0; - mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, 48, &j, - iv, aria_test2_cfb_ct[i], buf ); - ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 ); + mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_DECRYPT, 48, &j, + iv, aria_test2_cfb_ct[i], buf); + ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0); + } + if (verbose) { + mbedtls_printf("\n"); } - if( verbose ) - mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - for( i = 0; i < 3; i++ ) - { + for (i = 0; i < 3; i++) { /* Test CTR encryption */ - if( verbose ) - mbedtls_printf( " ARIA-CTR-%d (enc): ", 128 + 64 * i ); - mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); - memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 - memset( buf, 0x55, sizeof( buf ) ); + if (verbose) { + mbedtls_printf(" ARIA-CTR-%d (enc): ", 128 + 64 * i); + } + mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i); + memset(iv, 0, MBEDTLS_ARIA_BLOCKSIZE); // IV = 0 + memset(buf, 0x55, sizeof(buf)); j = 0; - mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk, - aria_test2_pt, buf ); - ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_ctr_ct[i], 48 ) != 0 ); + mbedtls_aria_crypt_ctr(&ctx, 48, &j, iv, blk, + aria_test2_pt, buf); + ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_ctr_ct[i], 48) != 0); /* Test CTR decryption */ - if( verbose ) - mbedtls_printf( " ARIA-CTR-%d (dec): ", 128 + 64 * i ); - mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); - memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 - memset( buf, 0xAA, sizeof( buf ) ); + if (verbose) { + mbedtls_printf(" ARIA-CTR-%d (dec): ", 128 + 64 * i); + } + mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i); + memset(iv, 0, MBEDTLS_ARIA_BLOCKSIZE); // IV = 0 + memset(buf, 0xAA, sizeof(buf)); j = 0; - mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk, - aria_test2_ctr_ct[i], buf ); - ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 ); + mbedtls_aria_crypt_ctr(&ctx, 48, &j, iv, blk, + aria_test2_ctr_ct[i], buf); + ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0); + } + if (verbose) { + mbedtls_printf("\n"); } - if( verbose ) - mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CTR */ ret = 0; exit: - mbedtls_aria_free( &ctx ); - return( ret ); + mbedtls_aria_free(&ctx); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/asn1parse.c b/library/asn1parse.c index bf9758528937..6a8cd6c54547 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -36,203 +36,219 @@ /* * ASN.1 DER decoding routines */ -int mbedtls_asn1_get_len( unsigned char **p, - const unsigned char *end, - size_t *len ) +int mbedtls_asn1_get_len(unsigned char **p, + const unsigned char *end, + size_t *len) { - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + if ((end - *p) < 1) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } - if( ( **p & 0x80 ) == 0 ) + if ((**p & 0x80) == 0) { *len = *(*p)++; - else - { - switch( **p & 0x7F ) - { - case 1: - if( ( end - *p ) < 2 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - *len = (*p)[1]; - (*p) += 2; - break; - - case 2: - if( ( end - *p ) < 3 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - *len = ( (size_t)(*p)[1] << 8 ) | (*p)[2]; - (*p) += 3; - break; - - case 3: - if( ( end - *p ) < 4 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - *len = ( (size_t)(*p)[1] << 16 ) | - ( (size_t)(*p)[2] << 8 ) | (*p)[3]; - (*p) += 4; - break; - - case 4: - if( ( end - *p ) < 5 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - *len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) | - ( (size_t)(*p)[3] << 8 ) | (*p)[4]; - (*p) += 5; - break; - - default: - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + } else { + switch (**p & 0x7F) { + case 1: + if ((end - *p) < 2) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } + + *len = (*p)[1]; + (*p) += 2; + break; + + case 2: + if ((end - *p) < 3) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } + + *len = ((size_t) (*p)[1] << 8) | (*p)[2]; + (*p) += 3; + break; + + case 3: + if ((end - *p) < 4) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } + + *len = ((size_t) (*p)[1] << 16) | + ((size_t) (*p)[2] << 8) | (*p)[3]; + (*p) += 4; + break; + + case 4: + if ((end - *p) < 5) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } + + *len = ((size_t) (*p)[1] << 24) | ((size_t) (*p)[2] << 16) | + ((size_t) (*p)[3] << 8) | (*p)[4]; + (*p) += 5; + break; + + default: + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; } } - if( *len > (size_t) ( end - *p ) ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + if (*len > (size_t) (end - *p)) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } - return( 0 ); + return 0; } -int mbedtls_asn1_get_tag( unsigned char **p, - const unsigned char *end, - size_t *len, int tag ) +int mbedtls_asn1_get_tag(unsigned char **p, + const unsigned char *end, + size_t *len, int tag) { - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + if ((end - *p) < 1) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } - if( **p != tag ) - return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + if (**p != tag) { + return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG; + } (*p)++; - return( mbedtls_asn1_get_len( p, end, len ) ); + return mbedtls_asn1_get_len(p, end, len); } -int mbedtls_asn1_get_bool( unsigned char **p, - const unsigned char *end, - int *val ) +int mbedtls_asn1_get_bool(unsigned char **p, + const unsigned char *end, + int *val) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_BOOLEAN)) != 0) { + return ret; + } - if( len != 1 ) - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + if (len != 1) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } - *val = ( **p != 0 ) ? 1 : 0; + *val = (**p != 0) ? 1 : 0; (*p)++; - return( 0 ); + return 0; } -static int asn1_get_tagged_int( unsigned char **p, - const unsigned char *end, - int tag, int *val ) +static int asn1_get_tagged_int(unsigned char **p, + const unsigned char *end, + int tag, int *val) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, tag ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, tag)) != 0) { + return ret; + } /* * len==0 is malformed (0 must be represented as 020100 for INTEGER, * or 0A0100 for ENUMERATED tags */ - if( len == 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + if (len == 0) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } /* This is a cryptography library. Reject negative integers. */ - if( ( **p & 0x80 ) != 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + if ((**p & 0x80) != 0) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } /* Skip leading zeros. */ - while( len > 0 && **p == 0 ) - { - ++( *p ); + while (len > 0 && **p == 0) { + ++(*p); --len; } /* Reject integers that don't fit in an int. This code assumes that * the int type has no padding bit. */ - if( len > sizeof( int ) ) - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); - if( len == sizeof( int ) && ( **p & 0x80 ) != 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + if (len > sizeof(int)) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } + if (len == sizeof(int) && (**p & 0x80) != 0) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } *val = 0; - while( len-- > 0 ) - { - *val = ( *val << 8 ) | **p; + while (len-- > 0) { + *val = (*val << 8) | **p; (*p)++; } - return( 0 ); + return 0; } -int mbedtls_asn1_get_int( unsigned char **p, - const unsigned char *end, - int *val ) +int mbedtls_asn1_get_int(unsigned char **p, + const unsigned char *end, + int *val) { - return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_INTEGER, val) ); + return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_INTEGER, val); } -int mbedtls_asn1_get_enum( unsigned char **p, - const unsigned char *end, - int *val ) +int mbedtls_asn1_get_enum(unsigned char **p, + const unsigned char *end, + int *val) { - return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_ENUMERATED, val) ); + return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_ENUMERATED, val); } #if defined(MBEDTLS_BIGNUM_C) -int mbedtls_asn1_get_mpi( unsigned char **p, - const unsigned char *end, - mbedtls_mpi *X ) +int mbedtls_asn1_get_mpi(unsigned char **p, + const unsigned char *end, + mbedtls_mpi *X) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { + return ret; + } - ret = mbedtls_mpi_read_binary( X, *p, len ); + ret = mbedtls_mpi_read_binary(X, *p, len); *p += len; - return( ret ); + return ret; } #endif /* MBEDTLS_BIGNUM_C */ -int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, - mbedtls_asn1_bitstring *bs) +int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end, + mbedtls_asn1_bitstring *bs) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Certificate type is a single byte bitstring */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING)) != 0) { + return ret; + } /* Check length, subtract one for actual bit string length */ - if( bs->len < 1 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + if (bs->len < 1) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } bs->len -= 1; /* Get number of unused bits, ensure unused bits <= 7 */ bs->unused_bits = **p; - if( bs->unused_bits > 7 ) - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + if (bs->unused_bits > 7) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } (*p)++; /* Get actual bitstring */ bs->p = *p; *p += bs->len; - if( *p != end ) - return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (*p != end) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } - return( 0 ); + return 0; } /* @@ -244,105 +260,106 @@ int mbedtls_asn1_traverse_sequence_of( const unsigned char *end, unsigned char tag_must_mask, unsigned char tag_must_val, unsigned char tag_may_mask, unsigned char tag_may_val, - int (*cb)( void *ctx, int tag, - unsigned char *start, size_t len ), - void *ctx ) + int (*cb)(void *ctx, int tag, + unsigned char *start, size_t len), + void *ctx) { int ret; size_t len; /* Get main sequence tag */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return ret; } - if( *p + len != end ) - return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (*p + len != end) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } - while( *p < end ) - { + while (*p < end) { unsigned char const tag = *(*p)++; - if( ( tag & tag_must_mask ) != tag_must_val ) - return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + if ((tag & tag_must_mask) != tag_must_val) { + return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG; + } - if( ( ret = mbedtls_asn1_get_len( p, end, &len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_len(p, end, &len)) != 0) { + return ret; + } - if( ( tag & tag_may_mask ) == tag_may_val ) - { - if( cb != NULL ) - { - ret = cb( ctx, tag, *p, len ); - if( ret != 0 ) - return( ret ); + if ((tag & tag_may_mask) == tag_may_val) { + if (cb != NULL) { + ret = cb(ctx, tag, *p, len); + if (ret != 0) { + return ret; + } } } *p += len; } - return( 0 ); + return 0; } /* * Get a bit string without unused bits */ -int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, - size_t *len ) +int mbedtls_asn1_get_bitstring_null(unsigned char **p, const unsigned char *end, + size_t *len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, len, MBEDTLS_ASN1_BIT_STRING)) != 0) { + return ret; + } - if( *len == 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_DATA ); - --( *len ); + if (*len == 0) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + --(*len); - if( **p != 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_DATA ); - ++( *p ); + if (**p != 0) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + ++(*p); - return( 0 ); + return 0; } -void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ) +void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq) { - while( seq != NULL ) - { + while (seq != NULL) { mbedtls_asn1_sequence *next = seq->next; - mbedtls_platform_zeroize( seq, sizeof( *seq ) ); - mbedtls_free( seq ); + mbedtls_platform_zeroize(seq, sizeof(*seq)); + mbedtls_free(seq); seq = next; } } -typedef struct -{ +typedef struct { int tag; mbedtls_asn1_sequence *cur; } asn1_get_sequence_of_cb_ctx_t; -static int asn1_get_sequence_of_cb( void *ctx, - int tag, - unsigned char *start, - size_t len ) +static int asn1_get_sequence_of_cb(void *ctx, + int tag, + unsigned char *start, + size_t len) { asn1_get_sequence_of_cb_ctx_t *cb_ctx = (asn1_get_sequence_of_cb_ctx_t *) ctx; mbedtls_asn1_sequence *cur = cb_ctx->cur; - if( cur->buf.p != NULL ) - { + if (cur->buf.p != NULL) { cur->next = - mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); + mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence)); - if( cur->next == NULL ) - return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); + if (cur->next == NULL) { + return MBEDTLS_ERR_ASN1_ALLOC_FAILED; + } cur = cur->next; } @@ -352,124 +369,128 @@ static int asn1_get_sequence_of_cb( void *ctx, cur->buf.tag = tag; cb_ctx->cur = cur; - return( 0 ); + return 0; } /* * Parses and splits an ASN.1 "SEQUENCE OF " */ -int mbedtls_asn1_get_sequence_of( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_sequence *cur, - int tag) +int mbedtls_asn1_get_sequence_of(unsigned char **p, + const unsigned char *end, + mbedtls_asn1_sequence *cur, + int tag) { asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur }; - memset( cur, 0, sizeof( mbedtls_asn1_sequence ) ); - return( mbedtls_asn1_traverse_sequence_of( - p, end, 0xFF, tag, 0, 0, - asn1_get_sequence_of_cb, &cb_ctx ) ); + memset(cur, 0, sizeof(mbedtls_asn1_sequence)); + return mbedtls_asn1_traverse_sequence_of( + p, end, 0xFF, tag, 0, 0, + asn1_get_sequence_of_cb, &cb_ctx); } -int mbedtls_asn1_get_alg( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ) +int mbedtls_asn1_get_alg(unsigned char **p, + const unsigned char *end, + mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return ret; + } - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + if ((end - *p) < 1) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } alg->tag = **p; end = *p + len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &alg->len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &alg->len, MBEDTLS_ASN1_OID)) != 0) { + return ret; + } alg->p = *p; *p += alg->len; - if( *p == end ) - { - mbedtls_platform_zeroize( params, sizeof(mbedtls_asn1_buf) ); - return( 0 ); + if (*p == end) { + mbedtls_platform_zeroize(params, sizeof(mbedtls_asn1_buf)); + return 0; } params->tag = **p; (*p)++; - if( ( ret = mbedtls_asn1_get_len( p, end, ¶ms->len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_len(p, end, ¶ms->len)) != 0) { + return ret; + } params->p = *p; *p += params->len; - if( *p != end ) - return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (*p != end) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } - return( 0 ); + return 0; } -int mbedtls_asn1_get_alg_null( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_buf *alg ) +int mbedtls_asn1_get_alg_null(unsigned char **p, + const unsigned char *end, + mbedtls_asn1_buf *alg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf params; - memset( ¶ms, 0, sizeof(mbedtls_asn1_buf) ); + memset(¶ms, 0, sizeof(mbedtls_asn1_buf)); - if( ( ret = mbedtls_asn1_get_alg( p, end, alg, ¶ms ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_alg(p, end, alg, ¶ms)) != 0) { + return ret; + } - if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_DATA ); + if ((params.tag != MBEDTLS_ASN1_NULL && params.tag != 0) || params.len != 0) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } - return( 0 ); + return 0; } -void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur ) +void mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *cur) { - if( cur == NULL ) + if (cur == NULL) { return; + } - mbedtls_free( cur->oid.p ); - mbedtls_free( cur->val.p ); + mbedtls_free(cur->oid.p); + mbedtls_free(cur->val.p); - mbedtls_platform_zeroize( cur, sizeof( mbedtls_asn1_named_data ) ); + mbedtls_platform_zeroize(cur, sizeof(mbedtls_asn1_named_data)); } -void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ) +void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head) { mbedtls_asn1_named_data *cur; - while( ( cur = *head ) != NULL ) - { + while ((cur = *head) != NULL) { *head = cur->next; - mbedtls_asn1_free_named_data( cur ); - mbedtls_free( cur ); + mbedtls_asn1_free_named_data(cur); + mbedtls_free(cur); } } -mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list, - const char *oid, size_t len ) +mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(mbedtls_asn1_named_data *list, + const char *oid, size_t len) { - while( list != NULL ) - { - if( list->oid.len == len && - memcmp( list->oid.p, oid, len ) == 0 ) - { + while (list != NULL) { + if (list->oid.len == len && + memcmp(list->oid.p, oid, len) == 0) { break; } list = list->next; } - return( list ); + return list; } #endif /* MBEDTLS_ASN1_PARSE_C */ diff --git a/library/asn1write.c b/library/asn1write.c index 4b59927cbbc8..0b487dceaabc 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -28,452 +28,454 @@ #include "mbedtls/platform.h" -int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len ) +int mbedtls_asn1_write_len(unsigned char **p, unsigned char *start, size_t len) { - if( len < 0x80 ) - { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (len < 0x80) { + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = (unsigned char) len; - return( 1 ); + return 1; } - if( len <= 0xFF ) - { - if( *p - start < 2 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (len <= 0xFF) { + if (*p - start < 2) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = (unsigned char) len; *--(*p) = 0x81; - return( 2 ); + return 2; } - if( len <= 0xFFFF ) - { - if( *p - start < 3 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (len <= 0xFFFF) { + if (*p - start < 3) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } - *--(*p) = MBEDTLS_BYTE_0( len ); - *--(*p) = MBEDTLS_BYTE_1( len ); + *--(*p) = MBEDTLS_BYTE_0(len); + *--(*p) = MBEDTLS_BYTE_1(len); *--(*p) = 0x82; - return( 3 ); + return 3; } - if( len <= 0xFFFFFF ) - { - if( *p - start < 4 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (len <= 0xFFFFFF) { + if (*p - start < 4) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } - *--(*p) = MBEDTLS_BYTE_0( len ); - *--(*p) = MBEDTLS_BYTE_1( len ); - *--(*p) = MBEDTLS_BYTE_2( len ); + *--(*p) = MBEDTLS_BYTE_0(len); + *--(*p) = MBEDTLS_BYTE_1(len); + *--(*p) = MBEDTLS_BYTE_2(len); *--(*p) = 0x83; - return( 4 ); + return 4; } int len_is_valid = 1; #if SIZE_MAX > 0xFFFFFFFF - len_is_valid = ( len <= 0xFFFFFFFF ); + len_is_valid = (len <= 0xFFFFFFFF); #endif - if( len_is_valid ) - { - if( *p - start < 5 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - - *--(*p) = MBEDTLS_BYTE_0( len ); - *--(*p) = MBEDTLS_BYTE_1( len ); - *--(*p) = MBEDTLS_BYTE_2( len ); - *--(*p) = MBEDTLS_BYTE_3( len ); + if (len_is_valid) { + if (*p - start < 5) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + + *--(*p) = MBEDTLS_BYTE_0(len); + *--(*p) = MBEDTLS_BYTE_1(len); + *--(*p) = MBEDTLS_BYTE_2(len); + *--(*p) = MBEDTLS_BYTE_3(len); *--(*p) = 0x84; - return( 5 ); + return 5; } - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; } -int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag ) +int mbedtls_asn1_write_tag(unsigned char **p, unsigned char *start, unsigned char tag) { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = tag; - return( 1 ); + return 1; } -int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t size ) +int mbedtls_asn1_write_raw_buffer(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t size) { size_t len = 0; - if( *p < start || (size_t)( *p - start ) < size ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p < start || (size_t) (*p - start) < size) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } len = size; (*p) -= len; - memcpy( *p, buf, len ); + memcpy(*p, buf, len); - return( (int) len ); + return (int) len; } #if defined(MBEDTLS_BIGNUM_C) -int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X ) +int mbedtls_asn1_write_mpi(unsigned char **p, unsigned char *start, const mbedtls_mpi *X) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; // Write the MPI // - len = mbedtls_mpi_size( X ); + len = mbedtls_mpi_size(X); /* DER represents 0 with a sign bit (0=nonnegative) and 7 value bits, not * as 0 digits. We need to end up with 020100, not with 0200. */ - if( len == 0 ) + if (len == 0) { len = 1; + } - if( *p < start || (size_t)( *p - start ) < len ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p < start || (size_t) (*p - start) < len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } (*p) -= len; - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, *p, len ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(X, *p, len)); // DER format assumes 2s complement for numbers, so the leftmost bit // should be 0 for positive numbers and 1 for negative numbers. // - if( X->s ==1 && **p & 0x80 ) - { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (X->s == 1 && **p & 0x80) { + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = 0x00; len += 1; } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_INTEGER)); ret = (int) len; cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_BIGNUM_C */ -int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ) +int mbedtls_asn1_write_null(unsigned char **p, unsigned char *start) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; // Write NULL // - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, 0) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_NULL ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, 0)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_NULL)); - return( (int) len ); + return (int) len; } -int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len ) +int mbedtls_asn1_write_oid(unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) oid, oid_len ) ); - MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, + (const unsigned char *) oid, oid_len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OID)); - return( (int) len ); + return (int) len; } -int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len, - size_t par_len ) +int mbedtls_asn1_write_algorithm_identifier(unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len, + size_t par_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - if( par_len == 0 ) - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) ); - else + if (par_len == 0) { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_null(p, start)); + } else { len += par_len; + } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( (int) len ); + return (int) len; } -int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean ) +int mbedtls_asn1_write_bool(unsigned char **p, unsigned char *start, int boolean) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = (boolean) ? 255 : 0; len++; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BOOLEAN ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BOOLEAN)); - return( (int) len ); + return (int) len; } -static int asn1_write_tagged_int( unsigned char **p, unsigned char *start, int val, int tag ) +static int asn1_write_tagged_int(unsigned char **p, unsigned char *start, int val, int tag) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - do - { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + do { + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } len += 1; *--(*p) = val & 0xff; val >>= 8; - } - while( val > 0 ); + } while (val > 0); - if( **p & 0x80 ) - { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (**p & 0x80) { + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = 0x00; len += 1; } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag)); - return( (int) len ); + return (int) len; } -int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ) +int mbedtls_asn1_write_int(unsigned char **p, unsigned char *start, int val) { - return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_INTEGER ) ); + return asn1_write_tagged_int(p, start, val, MBEDTLS_ASN1_INTEGER); } -int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val ) +int mbedtls_asn1_write_enum(unsigned char **p, unsigned char *start, int val) { - return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_ENUMERATED ) ); + return asn1_write_tagged_int(p, start, val, MBEDTLS_ASN1_ENUMERATED); } -int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, int tag, - const char *text, size_t text_len ) +int mbedtls_asn1_write_tagged_string(unsigned char **p, unsigned char *start, int tag, + const char *text, size_t text_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) text, text_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, + (const unsigned char *) text, + text_len)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag)); - return( (int) len ); + return (int) len; } -int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ) +int mbedtls_asn1_write_utf8_string(unsigned char **p, unsigned char *start, + const char *text, size_t text_len) { - return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len) ); + return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len); } -int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ) +int mbedtls_asn1_write_printable_string(unsigned char **p, unsigned char *start, + const char *text, size_t text_len) { - return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text, text_len) ); + return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text, + text_len); } -int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ) +int mbedtls_asn1_write_ia5_string(unsigned char **p, unsigned char *start, + const char *text, size_t text_len) { - return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len) ); + return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len); } -int mbedtls_asn1_write_named_bitstring( unsigned char **p, - unsigned char *start, - const unsigned char *buf, - size_t bits ) +int mbedtls_asn1_write_named_bitstring(unsigned char **p, + unsigned char *start, + const unsigned char *buf, + size_t bits) { size_t unused_bits, byte_len; const unsigned char *cur_byte; unsigned char cur_byte_shifted; unsigned char bit; - byte_len = ( bits + 7 ) / 8; - unused_bits = ( byte_len * 8 ) - bits; + byte_len = (bits + 7) / 8; + unused_bits = (byte_len * 8) - bits; /* * Named bitstrings require that trailing 0s are excluded in the encoding * of the bitstring. Trailing 0s are considered part of the 'unused' bits * when encoding this value in the first content octet */ - if( bits != 0 ) - { + if (bits != 0) { cur_byte = buf + byte_len - 1; cur_byte_shifted = *cur_byte >> unused_bits; - for( ; ; ) - { + for (;;) { bit = cur_byte_shifted & 0x1; cur_byte_shifted >>= 1; - if( bit != 0 ) + if (bit != 0) { break; + } bits--; - if( bits == 0 ) + if (bits == 0) { break; + } - if( bits % 8 == 0 ) + if (bits % 8 == 0) { cur_byte_shifted = *--cur_byte; + } } } - return( mbedtls_asn1_write_bitstring( p, start, buf, bits ) ); + return mbedtls_asn1_write_bitstring(p, start, buf, bits); } -int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t bits ) +int mbedtls_asn1_write_bitstring(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t bits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; size_t unused_bits, byte_len; - byte_len = ( bits + 7 ) / 8; - unused_bits = ( byte_len * 8 ) - bits; + byte_len = (bits + 7) / 8; + unused_bits = (byte_len * 8) - bits; - if( *p < start || (size_t)( *p - start ) < byte_len + 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p < start || (size_t) (*p - start) < byte_len + 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } len = byte_len + 1; /* Write the bitstring. Ensure the unused bits are zeroed */ - if( byte_len > 0 ) - { + if (byte_len > 0) { byte_len--; - *--( *p ) = buf[byte_len] & ~( ( 0x1 << unused_bits ) - 1 ); - ( *p ) -= byte_len; - memcpy( *p, buf, byte_len ); + *--(*p) = buf[byte_len] & ~((0x1 << unused_bits) - 1); + (*p) -= byte_len; + memcpy(*p, buf, byte_len); } /* Write unused bits */ - *--( *p ) = (unsigned char)unused_bits; + *--(*p) = (unsigned char) unused_bits; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BIT_STRING)); - return( (int) len ); + return (int) len; } -int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t size ) +int mbedtls_asn1_write_octet_string(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, buf, size)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OCTET_STRING)); - return( (int) len ); + return (int) len; } /* This is a copy of the ASN.1 parsing function mbedtls_asn1_find_named_data(), * which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */ static mbedtls_asn1_named_data *asn1_find_named_data( - mbedtls_asn1_named_data *list, - const char *oid, size_t len ) + mbedtls_asn1_named_data *list, + const char *oid, size_t len) { - while( list != NULL ) - { - if( list->oid.len == len && - memcmp( list->oid.p, oid, len ) == 0 ) - { + while (list != NULL) { + if (list->oid.len == len && + memcmp(list->oid.p, oid, len) == 0) { break; } list = list->next; } - return( list ); + return list; } mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( - mbedtls_asn1_named_data **head, - const char *oid, size_t oid_len, - const unsigned char *val, - size_t val_len ) + mbedtls_asn1_named_data **head, + const char *oid, size_t oid_len, + const unsigned char *val, + size_t val_len) { mbedtls_asn1_named_data *cur; - if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL ) - { + if ((cur = asn1_find_named_data(*head, oid, oid_len)) == NULL) { // Add new entry if not present yet based on OID // - cur = (mbedtls_asn1_named_data*)mbedtls_calloc( 1, - sizeof(mbedtls_asn1_named_data) ); - if( cur == NULL ) - return( NULL ); + cur = (mbedtls_asn1_named_data *) mbedtls_calloc(1, + sizeof(mbedtls_asn1_named_data)); + if (cur == NULL) { + return NULL; + } cur->oid.len = oid_len; - cur->oid.p = mbedtls_calloc( 1, oid_len ); - if( cur->oid.p == NULL ) - { - mbedtls_free( cur ); - return( NULL ); + cur->oid.p = mbedtls_calloc(1, oid_len); + if (cur->oid.p == NULL) { + mbedtls_free(cur); + return NULL; } - memcpy( cur->oid.p, oid, oid_len ); + memcpy(cur->oid.p, oid, oid_len); cur->val.len = val_len; - if( val_len != 0 ) - { - cur->val.p = mbedtls_calloc( 1, val_len ); - if( cur->val.p == NULL ) - { - mbedtls_free( cur->oid.p ); - mbedtls_free( cur ); - return( NULL ); + if (val_len != 0) { + cur->val.p = mbedtls_calloc(1, val_len); + if (cur->val.p == NULL) { + mbedtls_free(cur->oid.p); + mbedtls_free(cur); + return NULL; } } cur->next = *head; *head = cur; - } - else if( val_len == 0 ) - { - mbedtls_free( cur->val.p ); + } else if (val_len == 0) { + mbedtls_free(cur->val.p); cur->val.p = NULL; - } - else if( cur->val.len != val_len ) - { + } else if (cur->val.len != val_len) { /* * Enlarge existing value buffer if needed * Preserve old data until the allocation succeeded, to leave list in * a consistent state in case allocation fails. */ - void *p = mbedtls_calloc( 1, val_len ); - if( p == NULL ) - return( NULL ); + void *p = mbedtls_calloc(1, val_len); + if (p == NULL) { + return NULL; + } - mbedtls_free( cur->val.p ); + mbedtls_free(cur->val.p); cur->val.p = p; cur->val.len = val_len; } - if( val != NULL && val_len != 0 ) - memcpy( cur->val.p, val, val_len ); + if (val != NULL && val_len != 0) { + memcpy(cur->val.p, val, val_len); + } - return( cur ); + return cur; } #endif /* MBEDTLS_ASN1_WRITE_C */ diff --git a/library/base64.c b/library/base64.c index 9021a041bb11..417061064246 100644 --- a/library/base64.c +++ b/library/base64.c @@ -31,68 +31,65 @@ #include "mbedtls/platform.h" #endif /* MBEDTLS_SELF_TEST */ -#define BASE64_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */ +#define BASE64_SIZE_T_MAX ((size_t) -1) /* SIZE_T_MAX is not standard */ /* * Encode a buffer into base64 format */ -int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, - const unsigned char *src, size_t slen ) +int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen, + const unsigned char *src, size_t slen) { size_t i, n; int C1, C2, C3; unsigned char *p; - if( slen == 0 ) - { + if (slen == 0) { *olen = 0; - return( 0 ); + return 0; } - n = slen / 3 + ( slen % 3 != 0 ); + n = slen / 3 + (slen % 3 != 0); - if( n > ( BASE64_SIZE_T_MAX - 1 ) / 4 ) - { + if (n > (BASE64_SIZE_T_MAX - 1) / 4) { *olen = BASE64_SIZE_T_MAX; - return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL; } n *= 4; - if( ( dlen < n + 1 ) || ( NULL == dst ) ) - { + if ((dlen < n + 1) || (NULL == dst)) { *olen = n + 1; - return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL; } - n = ( slen / 3 ) * 3; + n = (slen / 3) * 3; - for( i = 0, p = dst; i < n; i += 3 ) - { + for (i = 0, p = dst; i < n; i += 3) { C1 = *src++; C2 = *src++; C3 = *src++; - *p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F ); - *p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) - & 0x3F ); - *p++ = mbedtls_ct_base64_enc_char( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) ) - & 0x3F ); - *p++ = mbedtls_ct_base64_enc_char( C3 & 0x3F ); + *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F); + *p++ = mbedtls_ct_base64_enc_char((((C1 & 3) << 4) + (C2 >> 4)) + & 0x3F); + *p++ = mbedtls_ct_base64_enc_char((((C2 & 15) << 2) + (C3 >> 6)) + & 0x3F); + *p++ = mbedtls_ct_base64_enc_char(C3 & 0x3F); } - if( i < slen ) - { + if (i < slen) { C1 = *src++; - C2 = ( ( i + 1 ) < slen ) ? *src++ : 0; + C2 = ((i + 1) < slen) ? *src++ : 0; - *p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F ); - *p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) - & 0x3F ); + *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F); + *p++ = mbedtls_ct_base64_enc_char((((C1 & 3) << 4) + (C2 >> 4)) + & 0x3F); - if( ( i + 1 ) < slen ) - *p++ = mbedtls_ct_base64_enc_char( ( ( C2 & 15 ) << 2 ) & 0x3F ); - else *p++ = '='; + if ((i + 1) < slen) { + *p++ = mbedtls_ct_base64_enc_char(((C2 & 15) << 2) & 0x3F); + } else { + *p++ = '='; + } *p++ = '='; } @@ -100,14 +97,14 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, *olen = p - dst; *p = 0; - return( 0 ); + return 0; } /* * Decode a base64-formatted buffer */ -int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, - const unsigned char *src, size_t slen ) +int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen, + const unsigned char *src, size_t slen) { size_t i; /* index in source */ size_t n; /* number of digits or trailing = in source */ @@ -118,92 +115,97 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, unsigned char *p; /* First pass: check for validity and get output length */ - for( i = n = 0; i < slen; i++ ) - { + for (i = n = 0; i < slen; i++) { /* Skip spaces before checking for EOL */ spaces_present = 0; - while( i < slen && src[i] == ' ' ) - { + while (i < slen && src[i] == ' ') { ++i; spaces_present = 1; } /* Spaces at end of buffer are OK */ - if( i == slen ) + if (i == slen) { break; + } - if( ( slen - i ) >= 2 && - src[i] == '\r' && src[i + 1] == '\n' ) + if ((slen - i) >= 2 && + src[i] == '\r' && src[i + 1] == '\n') { continue; + } - if( src[i] == '\n' ) + if (src[i] == '\n') { continue; + } /* Space inside a line is an error */ - if( spaces_present ) - return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); - - if( src[i] > 127 ) - return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); + if (spaces_present) { + return MBEDTLS_ERR_BASE64_INVALID_CHARACTER; + } - if( src[i] == '=' ) - { - if( ++equals > 2 ) - return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); + if (src[i] > 127) { + return MBEDTLS_ERR_BASE64_INVALID_CHARACTER; } - else - { - if( equals != 0 ) - return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); - if( mbedtls_ct_base64_dec_value( src[i] ) < 0 ) - return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); + + if (src[i] == '=') { + if (++equals > 2) { + return MBEDTLS_ERR_BASE64_INVALID_CHARACTER; + } + } else { + if (equals != 0) { + return MBEDTLS_ERR_BASE64_INVALID_CHARACTER; + } + if (mbedtls_ct_base64_dec_value(src[i]) < 0) { + return MBEDTLS_ERR_BASE64_INVALID_CHARACTER; + } } n++; } - if( n == 0 ) - { + if (n == 0) { *olen = 0; - return( 0 ); + return 0; } /* The following expression is to calculate the following formula without * risk of integer overflow in n: * n = ( ( n * 6 ) + 7 ) >> 3; */ - n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 ); + n = (6 * (n >> 3)) + ((6 * (n & 0x7) + 7) >> 3); n -= equals; - if( dst == NULL || dlen < n ) - { + if (dst == NULL || dlen < n) { *olen = n; - return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL; } equals = 0; - for( x = 0, p = dst; i > 0; i--, src++ ) - { - if( *src == '\r' || *src == '\n' || *src == ' ' ) + for (x = 0, p = dst; i > 0; i--, src++) { + if (*src == '\r' || *src == '\n' || *src == ' ') { continue; + } x = x << 6; - if( *src == '=' ) + if (*src == '=') { ++equals; - else - x |= mbedtls_ct_base64_dec_value( *src ); + } else { + x |= mbedtls_ct_base64_dec_value(*src); + } - if( ++accumulated_digits == 4 ) - { + if (++accumulated_digits == 4) { accumulated_digits = 0; - *p++ = MBEDTLS_BYTE_2( x ); - if( equals <= 1 ) *p++ = MBEDTLS_BYTE_1( x ); - if( equals <= 0 ) *p++ = MBEDTLS_BYTE_0( x ); + *p++ = MBEDTLS_BYTE_2(x); + if (equals <= 1) { + *p++ = MBEDTLS_BYTE_1(x); + } + if (equals <= 0) { + *p++ = MBEDTLS_BYTE_0(x); + } } } *olen = p - dst; - return( 0 ); + return 0; } #if defined(MBEDTLS_SELF_TEST) @@ -227,44 +229,47 @@ static const unsigned char base64_test_enc[] = /* * Checkup routine */ -int mbedtls_base64_self_test( int verbose ) +int mbedtls_base64_self_test(int verbose) { size_t len; const unsigned char *src; unsigned char buffer[128]; - if( verbose != 0 ) - mbedtls_printf( " Base64 encoding test: " ); + if (verbose != 0) { + mbedtls_printf(" Base64 encoding test: "); + } src = base64_test_dec; - if( mbedtls_base64_encode( buffer, sizeof( buffer ), &len, src, 64 ) != 0 || - memcmp( base64_test_enc, buffer, 88 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_base64_encode(buffer, sizeof(buffer), &len, src, 64) != 0 || + memcmp(base64_test_enc, buffer, 88) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( 1 ); + return 1; } - if( verbose != 0 ) - mbedtls_printf( "passed\n Base64 decoding test: " ); + if (verbose != 0) { + mbedtls_printf("passed\n Base64 decoding test: "); + } src = base64_test_enc; - if( mbedtls_base64_decode( buffer, sizeof( buffer ), &len, src, 88 ) != 0 || - memcmp( base64_test_dec, buffer, 64 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_base64_decode(buffer, sizeof(buffer), &len, src, 88) != 0 || + memcmp(base64_test_dec, buffer, 64) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( 1 ); + return 1; } - if( verbose != 0 ) - mbedtls_printf( "passed\n\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/bignum.c b/library/bignum.c index 32038f8eb1b0..5ec0541e84a8 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -48,36 +48,36 @@ #include "mbedtls/platform.h" -#define MPI_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA ) -#define MPI_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define MPI_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA) +#define MPI_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */ #define biL (ciL << 3) /* bits in limb */ #define biH (ciL << 2) /* half limb size */ -#define MPI_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */ +#define MPI_SIZE_T_MAX ((size_t) -1) /* SIZE_T_MAX is not standard */ /* * Convert between bits/chars and number of limbs * Divide first in order to avoid potential overflows */ -#define BITS_TO_LIMBS(i) ( (i) / biL + ( (i) % biL != 0 ) ) -#define CHARS_TO_LIMBS(i) ( (i) / ciL + ( (i) % ciL != 0 ) ) +#define BITS_TO_LIMBS(i) ((i) / biL + ((i) % biL != 0)) +#define CHARS_TO_LIMBS(i) ((i) / ciL + ((i) % ciL != 0)) /* Implementation that should never be optimized out by the compiler */ -static void mbedtls_mpi_zeroize( mbedtls_mpi_uint *v, size_t n ) +static void mbedtls_mpi_zeroize(mbedtls_mpi_uint *v, size_t n) { - mbedtls_platform_zeroize( v, ciL * n ); + mbedtls_platform_zeroize(v, ciL * n); } /* * Initialize one MPI */ -void mbedtls_mpi_init( mbedtls_mpi *X ) +void mbedtls_mpi_init(mbedtls_mpi *X) { - MPI_VALIDATE( X != NULL ); + MPI_VALIDATE(X != NULL); X->s = 1; X->n = 0; @@ -87,15 +87,15 @@ void mbedtls_mpi_init( mbedtls_mpi *X ) /* * Unallocate one MPI */ -void mbedtls_mpi_free( mbedtls_mpi *X ) +void mbedtls_mpi_free(mbedtls_mpi *X) { - if( X == NULL ) + if (X == NULL) { return; + } - if( X->p != NULL ) - { - mbedtls_mpi_zeroize( X->p, X->n ); - mbedtls_free( X->p ); + if (X->p != NULL) { + mbedtls_mpi_zeroize(X->p, X->n); + mbedtls_free(X->p); } X->s = 1; @@ -106,93 +106,93 @@ void mbedtls_mpi_free( mbedtls_mpi *X ) /* * Enlarge to the specified number of limbs */ -int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ) +int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs) { mbedtls_mpi_uint *p; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - if( nblimbs > MBEDTLS_MPI_MAX_LIMBS ) - return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + if (nblimbs > MBEDTLS_MPI_MAX_LIMBS) { + return MBEDTLS_ERR_MPI_ALLOC_FAILED; + } - if( X->n < nblimbs ) - { - if( ( p = (mbedtls_mpi_uint*)mbedtls_calloc( nblimbs, ciL ) ) == NULL ) - return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + if (X->n < nblimbs) { + if ((p = (mbedtls_mpi_uint *) mbedtls_calloc(nblimbs, ciL)) == NULL) { + return MBEDTLS_ERR_MPI_ALLOC_FAILED; + } - if( X->p != NULL ) - { - memcpy( p, X->p, X->n * ciL ); - mbedtls_mpi_zeroize( X->p, X->n ); - mbedtls_free( X->p ); + if (X->p != NULL) { + memcpy(p, X->p, X->n * ciL); + mbedtls_mpi_zeroize(X->p, X->n); + mbedtls_free(X->p); } X->n = nblimbs; X->p = p; } - return( 0 ); + return 0; } /* * Resize down as much as possible, * while keeping at least the specified number of limbs */ -int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ) +int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs) { mbedtls_mpi_uint *p; size_t i; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - if( nblimbs > MBEDTLS_MPI_MAX_LIMBS ) - return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + if (nblimbs > MBEDTLS_MPI_MAX_LIMBS) { + return MBEDTLS_ERR_MPI_ALLOC_FAILED; + } /* Actually resize up if there are currently fewer than nblimbs limbs. */ - if( X->n <= nblimbs ) - return( mbedtls_mpi_grow( X, nblimbs ) ); + if (X->n <= nblimbs) { + return mbedtls_mpi_grow(X, nblimbs); + } /* After this point, then X->n > nblimbs and in particular X->n > 0. */ - for( i = X->n - 1; i > 0; i-- ) - if( X->p[i] != 0 ) + for (i = X->n - 1; i > 0; i--) { + if (X->p[i] != 0) { break; + } + } i++; - if( i < nblimbs ) + if (i < nblimbs) { i = nblimbs; + } - if( ( p = (mbedtls_mpi_uint*)mbedtls_calloc( i, ciL ) ) == NULL ) - return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + if ((p = (mbedtls_mpi_uint *) mbedtls_calloc(i, ciL)) == NULL) { + return MBEDTLS_ERR_MPI_ALLOC_FAILED; + } - if( X->p != NULL ) - { - memcpy( p, X->p, i * ciL ); - mbedtls_mpi_zeroize( X->p, X->n ); - mbedtls_free( X->p ); + if (X->p != NULL) { + memcpy(p, X->p, i * ciL); + mbedtls_mpi_zeroize(X->p, X->n); + mbedtls_free(X->p); } X->n = i; X->p = p; - return( 0 ); + return 0; } /* Resize X to have exactly n limbs and set it to 0. */ -static int mbedtls_mpi_resize_clear( mbedtls_mpi *X, size_t limbs ) +static int mbedtls_mpi_resize_clear(mbedtls_mpi *X, size_t limbs) { - if( limbs == 0 ) - { - mbedtls_mpi_free( X ); - return( 0 ); - } - else if( X->n == limbs ) - { - memset( X->p, 0, limbs * ciL ); + if (limbs == 0) { + mbedtls_mpi_free(X); + return 0; + } else if (X->n == limbs) { + memset(X->p, 0, limbs * ciL); X->s = 1; - return( 0 ); - } - else - { - mbedtls_mpi_free( X ); - return( mbedtls_mpi_grow( X, limbs ) ); + return 0; + } else { + mbedtls_mpi_free(X); + return mbedtls_mpi_grow(X, limbs); } } @@ -205,166 +205,171 @@ static int mbedtls_mpi_resize_clear( mbedtls_mpi *X, size_t limbs ) * but some code in the bignum module relies on this property, for example * in mbedtls_mpi_exp_mod(). */ -int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ) +int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y) { int ret = 0; size_t i; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( Y != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); - if( X == Y ) - return( 0 ); + if (X == Y) { + return 0; + } - if( Y->n == 0 ) - { - if( X->n != 0 ) - { + if (Y->n == 0) { + if (X->n != 0) { X->s = 1; - memset( X->p, 0, X->n * ciL ); + memset(X->p, 0, X->n * ciL); } - return( 0 ); + return 0; } - for( i = Y->n - 1; i > 0; i-- ) - if( Y->p[i] != 0 ) + for (i = Y->n - 1; i > 0; i--) { + if (Y->p[i] != 0) { break; + } + } i++; X->s = Y->s; - if( X->n < i ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i ) ); - } - else - { - memset( X->p + i, 0, ( X->n - i ) * ciL ); + if (X->n < i) { + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, i)); + } else { + memset(X->p + i, 0, (X->n - i) * ciL); } - memcpy( X->p, Y->p, i * ciL ); + memcpy(X->p, Y->p, i * ciL); cleanup: - return( ret ); + return ret; } /* * Swap the contents of X and Y */ -void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ) +void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y) { mbedtls_mpi T; - MPI_VALIDATE( X != NULL ); - MPI_VALIDATE( Y != NULL ); + MPI_VALIDATE(X != NULL); + MPI_VALIDATE(Y != NULL); - memcpy( &T, X, sizeof( mbedtls_mpi ) ); - memcpy( X, Y, sizeof( mbedtls_mpi ) ); - memcpy( Y, &T, sizeof( mbedtls_mpi ) ); + memcpy(&T, X, sizeof(mbedtls_mpi)); + memcpy(X, Y, sizeof(mbedtls_mpi)); + memcpy(Y, &T, sizeof(mbedtls_mpi)); } -static inline mbedtls_mpi_uint mpi_sint_abs( mbedtls_mpi_sint z ) +static inline mbedtls_mpi_uint mpi_sint_abs(mbedtls_mpi_sint z) { - if( z >= 0 ) - return( z ); + if (z >= 0) { + return z; + } /* Take care to handle the most negative value (-2^(biL-1)) correctly. * A naive -z would have undefined behavior. * Write this in a way that makes popular compilers happy (GCC, Clang, * MSVC). */ - return( (mbedtls_mpi_uint) 0 - (mbedtls_mpi_uint) z ); + return (mbedtls_mpi_uint) 0 - (mbedtls_mpi_uint) z; } /* * Set value from integer */ -int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ) +int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, 1 ) ); - memset( X->p, 0, X->n * ciL ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, 1)); + memset(X->p, 0, X->n * ciL); - X->p[0] = mpi_sint_abs( z ); - X->s = ( z < 0 ) ? -1 : 1; + X->p[0] = mpi_sint_abs(z); + X->s = (z < 0) ? -1 : 1; cleanup: - return( ret ); + return ret; } /* * Get a specific bit */ -int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos ) +int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos) { - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - if( X->n * biL <= pos ) - return( 0 ); + if (X->n * biL <= pos) { + return 0; + } - return( ( X->p[pos / biL] >> ( pos % biL ) ) & 0x01 ); + return (X->p[pos / biL] >> (pos % biL)) & 0x01; } /* Get a specific byte, without range checks. */ -#define GET_BYTE( X, i ) \ - ( ( ( X )->p[( i ) / ciL] >> ( ( ( i ) % ciL ) * 8 ) ) & 0xff ) +#define GET_BYTE(X, i) \ + (((X)->p[(i) / ciL] >> (((i) % ciL) * 8)) & 0xff) /* * Set a bit to a specific value of 0 or 1 */ -int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val ) +int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val) { int ret = 0; size_t off = pos / biL; size_t idx = pos % biL; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - if( val != 0 && val != 1 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (val != 0 && val != 1) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - if( X->n * biL <= pos ) - { - if( val == 0 ) - return( 0 ); + if (X->n * biL <= pos) { + if (val == 0) { + return 0; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, off + 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, off + 1)); } - X->p[off] &= ~( (mbedtls_mpi_uint) 0x01 << idx ); + X->p[off] &= ~((mbedtls_mpi_uint) 0x01 << idx); X->p[off] |= (mbedtls_mpi_uint) val << idx; cleanup: - return( ret ); + return ret; } /* * Return the number of less significant zero-bits */ -size_t mbedtls_mpi_lsb( const mbedtls_mpi *X ) +size_t mbedtls_mpi_lsb(const mbedtls_mpi *X) { size_t i, j, count = 0; - MBEDTLS_INTERNAL_VALIDATE_RET( X != NULL, 0 ); + MBEDTLS_INTERNAL_VALIDATE_RET(X != NULL, 0); - for( i = 0; i < X->n; i++ ) - for( j = 0; j < biL; j++, count++ ) - if( ( ( X->p[i] >> j ) & 1 ) != 0 ) - return( count ); + for (i = 0; i < X->n; i++) { + for (j = 0; j < biL; j++, count++) { + if (((X->p[i] >> j) & 1) != 0) { + return count; + } + } + } - return( 0 ); + return 0; } /* * Count leading zero bits in a given integer */ -static size_t mbedtls_clz( const mbedtls_mpi_uint x ) +static size_t mbedtls_clz(const mbedtls_mpi_uint x) { size_t j; mbedtls_mpi_uint mask = (mbedtls_mpi_uint) 1 << (biL - 1); - for( j = 0; j < biL; j++ ) - { - if( x & mask ) break; + for (j = 0; j < biL; j++) { + if (x & mask) { + break; + } mask >>= 1; } @@ -375,231 +380,236 @@ static size_t mbedtls_clz( const mbedtls_mpi_uint x ) /* * Return the number of bits */ -size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X ) +size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X) { size_t i, j; - if( X->n == 0 ) - return( 0 ); + if (X->n == 0) { + return 0; + } - for( i = X->n - 1; i > 0; i-- ) - if( X->p[i] != 0 ) + for (i = X->n - 1; i > 0; i--) { + if (X->p[i] != 0) { break; + } + } - j = biL - mbedtls_clz( X->p[i] ); + j = biL - mbedtls_clz(X->p[i]); - return( ( i * biL ) + j ); + return (i * biL) + j; } /* * Return the total size in bytes */ -size_t mbedtls_mpi_size( const mbedtls_mpi *X ) +size_t mbedtls_mpi_size(const mbedtls_mpi *X) { - return( ( mbedtls_mpi_bitlen( X ) + 7 ) >> 3 ); + return (mbedtls_mpi_bitlen(X) + 7) >> 3; } /* * Convert an ASCII character to digit value */ -static int mpi_get_digit( mbedtls_mpi_uint *d, int radix, char c ) +static int mpi_get_digit(mbedtls_mpi_uint *d, int radix, char c) { *d = 255; - if( c >= 0x30 && c <= 0x39 ) *d = c - 0x30; - if( c >= 0x41 && c <= 0x46 ) *d = c - 0x37; - if( c >= 0x61 && c <= 0x66 ) *d = c - 0x57; + if (c >= 0x30 && c <= 0x39) { + *d = c - 0x30; + } + if (c >= 0x41 && c <= 0x46) { + *d = c - 0x37; + } + if (c >= 0x61 && c <= 0x66) { + *d = c - 0x57; + } - if( *d >= (mbedtls_mpi_uint) radix ) - return( MBEDTLS_ERR_MPI_INVALID_CHARACTER ); + if (*d >= (mbedtls_mpi_uint) radix) { + return MBEDTLS_ERR_MPI_INVALID_CHARACTER; + } - return( 0 ); + return 0; } /* * Import from an ASCII string */ -int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ) +int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j, slen, n; int sign = 1; mbedtls_mpi_uint d; mbedtls_mpi T; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( s != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(s != NULL); - if( radix < 2 || radix > 16 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (radix < 2 || radix > 16) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); - if( s[0] == 0 ) - { - mbedtls_mpi_free( X ); - return( 0 ); + if (s[0] == 0) { + mbedtls_mpi_free(X); + return 0; } - if( s[0] == '-' ) - { + if (s[0] == '-') { ++s; sign = -1; } - slen = strlen( s ); + slen = strlen(s); - if( radix == 16 ) - { - if( slen > MPI_SIZE_T_MAX >> 2 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (radix == 16) { + if (slen > MPI_SIZE_T_MAX >> 2) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - n = BITS_TO_LIMBS( slen << 2 ); + n = BITS_TO_LIMBS(slen << 2); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, n ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, n)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 0)); - for( i = slen, j = 0; i > 0; i--, j++ ) - { - MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i - 1] ) ); - X->p[j / ( 2 * ciL )] |= d << ( ( j % ( 2 * ciL ) ) << 2 ); + for (i = slen, j = 0; i > 0; i--, j++) { + MBEDTLS_MPI_CHK(mpi_get_digit(&d, radix, s[i - 1])); + X->p[j / (2 * ciL)] |= d << ((j % (2 * ciL)) << 2); } - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 0)); - for( i = 0; i < slen; i++ ) - { - MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i] ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T, X, radix ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, &T, d ) ); + for (i = 0; i < slen; i++) { + MBEDTLS_MPI_CHK(mpi_get_digit(&d, radix, s[i])); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&T, X, radix)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(X, &T, d)); } } - if( sign < 0 && mbedtls_mpi_bitlen( X ) != 0 ) + if (sign < 0 && mbedtls_mpi_bitlen(X) != 0) { X->s = -1; + } cleanup: - mbedtls_mpi_free( &T ); + mbedtls_mpi_free(&T); - return( ret ); + return ret; } /* * Helper to write the digits high-order first. */ -static int mpi_write_hlp( mbedtls_mpi *X, int radix, - char **p, const size_t buflen ) +static int mpi_write_hlp(mbedtls_mpi *X, int radix, + char **p, const size_t buflen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi_uint r; size_t length = 0; char *p_end = *p + buflen; - do - { - if( length >= buflen ) - { - return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); + do { + if (length >= buflen) { + return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL; } - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, radix ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_div_int( X, NULL, X, radix ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, radix)); + MBEDTLS_MPI_CHK(mbedtls_mpi_div_int(X, NULL, X, radix)); /* * Write the residue in the current position, as an ASCII character. */ - if( r < 0xA ) - *(--p_end) = (char)( '0' + r ); - else - *(--p_end) = (char)( 'A' + ( r - 0xA ) ); + if (r < 0xA) { + *(--p_end) = (char) ('0' + r); + } else { + *(--p_end) = (char) ('A' + (r - 0xA)); + } length++; - } while( mbedtls_mpi_cmp_int( X, 0 ) != 0 ); + } while (mbedtls_mpi_cmp_int(X, 0) != 0); - memmove( *p, p_end, length ); + memmove(*p, p_end, length); *p += length; cleanup: - return( ret ); + return ret; } /* * Export into an ASCII string */ -int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, - char *buf, size_t buflen, size_t *olen ) +int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix, + char *buf, size_t buflen, size_t *olen) { int ret = 0; size_t n; char *p; mbedtls_mpi T; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( olen != NULL ); - MPI_VALIDATE_RET( buflen == 0 || buf != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(olen != NULL); + MPI_VALIDATE_RET(buflen == 0 || buf != NULL); - if( radix < 2 || radix > 16 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (radix < 2 || radix > 16) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - n = mbedtls_mpi_bitlen( X ); /* Number of bits necessary to present `n`. */ - if( radix >= 4 ) n >>= 1; /* Number of 4-adic digits necessary to present + n = mbedtls_mpi_bitlen(X); /* Number of bits necessary to present `n`. */ + if (radix >= 4) { + n >>= 1; /* Number of 4-adic digits necessary to present * `n`. If radix > 4, this might be a strict * overapproximation of the number of * radix-adic digits needed to present `n`. */ - if( radix >= 16 ) n >>= 1; /* Number of hexadecimal digits necessary to + } + if (radix >= 16) { + n >>= 1; /* Number of hexadecimal digits necessary to * present `n`. */ + } n += 1; /* Terminating null byte */ n += 1; /* Compensate for the divisions above, which round down `n` * in case it's not even. */ n += 1; /* Potential '-'-sign. */ - n += ( n & 1 ); /* Make n even to have enough space for hexadecimal writing, + n += (n & 1); /* Make n even to have enough space for hexadecimal writing, * which always uses an even number of hex-digits. */ - if( buflen < n ) - { + if (buflen < n) { *olen = n; - return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL; } p = buf; - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); - if( X->s == -1 ) - { + if (X->s == -1) { *p++ = '-'; buflen--; } - if( radix == 16 ) - { + if (radix == 16) { int c; size_t i, j, k; - for( i = X->n, k = 0; i > 0; i-- ) - { - for( j = ciL; j > 0; j-- ) - { - c = ( X->p[i - 1] >> ( ( j - 1 ) << 3) ) & 0xFF; + for (i = X->n, k = 0; i > 0; i--) { + for (j = ciL; j > 0; j--) { + c = (X->p[i - 1] >> ((j - 1) << 3)) & 0xFF; - if( c == 0 && k == 0 && ( i + j ) != 2 ) + if (c == 0 && k == 0 && (i + j) != 2) { continue; + } *(p++) = "0123456789ABCDEF" [c / 16]; *(p++) = "0123456789ABCDEF" [c % 16]; k = 1; } } - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T, X ) ); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&T, X)); - if( T.s == -1 ) + if (T.s == -1) { T.s = 1; + } - MBEDTLS_MPI_CHK( mpi_write_hlp( &T, radix, &p, buflen ) ); + MBEDTLS_MPI_CHK(mpi_write_hlp(&T, radix, &p, buflen)); } *p++ = '\0'; @@ -607,16 +617,16 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, cleanup: - mbedtls_mpi_free( &T ); + mbedtls_mpi_free(&T); - return( ret ); + return ret; } #if defined(MBEDTLS_FS_IO) /* * Read X from an opened file */ -int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ) +int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin) { mbedtls_mpi_uint d; size_t slen; @@ -625,37 +635,46 @@ int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ) * Buffer should have space for (short) label and decimal formatted MPI, * newline characters and '\0' */ - char s[ MBEDTLS_MPI_RW_BUFFER_SIZE ]; + char s[MBEDTLS_MPI_RW_BUFFER_SIZE]; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( fin != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(fin != NULL); - if( radix < 2 || radix > 16 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (radix < 2 || radix > 16) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - memset( s, 0, sizeof( s ) ); - if( fgets( s, sizeof( s ) - 1, fin ) == NULL ) - return( MBEDTLS_ERR_MPI_FILE_IO_ERROR ); + memset(s, 0, sizeof(s)); + if (fgets(s, sizeof(s) - 1, fin) == NULL) { + return MBEDTLS_ERR_MPI_FILE_IO_ERROR; + } - slen = strlen( s ); - if( slen == sizeof( s ) - 2 ) - return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); + slen = strlen(s); + if (slen == sizeof(s) - 2) { + return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL; + } - if( slen > 0 && s[slen - 1] == '\n' ) { slen--; s[slen] = '\0'; } - if( slen > 0 && s[slen - 1] == '\r' ) { slen--; s[slen] = '\0'; } + if (slen > 0 && s[slen - 1] == '\n') { + slen--; s[slen] = '\0'; + } + if (slen > 0 && s[slen - 1] == '\r') { + slen--; s[slen] = '\0'; + } p = s + slen; - while( p-- > s ) - if( mpi_get_digit( &d, radix, *p ) != 0 ) + while (p-- > s) { + if (mpi_get_digit(&d, radix, *p) != 0) { break; + } + } - return( mbedtls_mpi_read_string( X, radix, p + 1 ) ); + return mbedtls_mpi_read_string(X, radix, p + 1); } /* * Write X into an opened file (or stdout if fout == NULL) */ -int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE *fout ) +int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X, int radix, FILE *fout) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n, slen, plen; @@ -663,35 +682,38 @@ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE * Buffer should have space for (short) label and decimal formatted MPI, * newline characters and '\0' */ - char s[ MBEDTLS_MPI_RW_BUFFER_SIZE ]; - MPI_VALIDATE_RET( X != NULL ); + char s[MBEDTLS_MPI_RW_BUFFER_SIZE]; + MPI_VALIDATE_RET(X != NULL); - if( radix < 2 || radix > 16 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (radix < 2 || radix > 16) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - memset( s, 0, sizeof( s ) ); + memset(s, 0, sizeof(s)); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_string( X, radix, s, sizeof( s ) - 2, &n ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_string(X, radix, s, sizeof(s) - 2, &n)); - if( p == NULL ) p = ""; + if (p == NULL) { + p = ""; + } - plen = strlen( p ); - slen = strlen( s ); + plen = strlen(p); + slen = strlen(s); s[slen++] = '\r'; s[slen++] = '\n'; - if( fout != NULL ) - { - if( fwrite( p, 1, plen, fout ) != plen || - fwrite( s, 1, slen, fout ) != slen ) - return( MBEDTLS_ERR_MPI_FILE_IO_ERROR ); + if (fout != NULL) { + if (fwrite(p, 1, plen, fout) != plen || + fwrite(s, 1, slen, fout) != slen) { + return MBEDTLS_ERR_MPI_FILE_IO_ERROR; + } + } else { + mbedtls_printf("%s%s", p, s); } - else - mbedtls_printf( "%s%s", p, s ); cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ @@ -699,35 +721,34 @@ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE /* Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint * into the storage form used by mbedtls_mpi. */ -static mbedtls_mpi_uint mpi_uint_bigendian_to_host_c( mbedtls_mpi_uint x ) +static mbedtls_mpi_uint mpi_uint_bigendian_to_host_c(mbedtls_mpi_uint x) { uint8_t i; unsigned char *x_ptr; mbedtls_mpi_uint tmp = 0; - for( i = 0, x_ptr = (unsigned char*) &x; i < ciL; i++, x_ptr++ ) - { + for (i = 0, x_ptr = (unsigned char *) &x; i < ciL; i++, x_ptr++) { tmp <<= CHAR_BIT; tmp |= (mbedtls_mpi_uint) *x_ptr; } - return( tmp ); + return tmp; } -static mbedtls_mpi_uint mpi_uint_bigendian_to_host( mbedtls_mpi_uint x ) +static mbedtls_mpi_uint mpi_uint_bigendian_to_host(mbedtls_mpi_uint x) { #if defined(__BYTE_ORDER__) /* Nothing to do on bigendian systems. */ -#if ( __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ ) - return( x ); +#if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) + return x; #endif /* __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ */ -#if ( __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ ) +#if (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) /* For GCC and Clang, have builtins for byte swapping. */ #if defined(__GNUC__) && defined(__GNUC_PREREQ) -#if __GNUC_PREREQ(4,3) +#if __GNUC_PREREQ(4, 3) #define have_bswap #endif #endif @@ -741,12 +762,11 @@ static mbedtls_mpi_uint mpi_uint_bigendian_to_host( mbedtls_mpi_uint x ) #if defined(have_bswap) /* The compiler is hopefully able to statically evaluate this! */ - switch( sizeof(mbedtls_mpi_uint) ) - { + switch (sizeof(mbedtls_mpi_uint)) { case 4: - return( __builtin_bswap32(x) ); + return __builtin_bswap32(x); case 8: - return( __builtin_bswap64(x) ); + return __builtin_bswap64(x); } #endif #endif /* __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ */ @@ -754,15 +774,16 @@ static mbedtls_mpi_uint mpi_uint_bigendian_to_host( mbedtls_mpi_uint x ) /* Fall back to C-based reordering if we don't know the byte order * or we couldn't use a compiler-specific builtin. */ - return( mpi_uint_bigendian_to_host_c( x ) ); + return mpi_uint_bigendian_to_host_c(x); } -static void mpi_bigendian_to_host( mbedtls_mpi_uint * const p, size_t limbs ) +static void mpi_bigendian_to_host(mbedtls_mpi_uint * const p, size_t limbs) { mbedtls_mpi_uint *cur_limb_left; mbedtls_mpi_uint *cur_limb_right; - if( limbs == 0 ) + if (limbs == 0) { return; + } /* * Traverse limbs and @@ -773,15 +794,14 @@ static void mpi_bigendian_to_host( mbedtls_mpi_uint * const p, size_t limbs ) * than the right index (it's not a problem if limbs is odd and the * indices coincide in the last iteration). */ - for( cur_limb_left = p, cur_limb_right = p + ( limbs - 1 ); + for (cur_limb_left = p, cur_limb_right = p + (limbs - 1); cur_limb_left <= cur_limb_right; - cur_limb_left++, cur_limb_right-- ) - { + cur_limb_left++, cur_limb_right--) { mbedtls_mpi_uint tmp; /* Note that if cur_limb_left == cur_limb_right, * this code effectively swaps the bytes only once. */ - tmp = mpi_uint_bigendian_to_host( *cur_limb_left ); - *cur_limb_left = mpi_uint_bigendian_to_host( *cur_limb_right ); + tmp = mpi_uint_bigendian_to_host(*cur_limb_left); + *cur_limb_left = mpi_uint_bigendian_to_host(*cur_limb_right); *cur_limb_right = tmp; } } @@ -789,18 +809,19 @@ static void mpi_bigendian_to_host( mbedtls_mpi_uint * const p, size_t limbs ) /* * Import X from unsigned binary data, little endian */ -int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, - const unsigned char *buf, size_t buflen ) +int mbedtls_mpi_read_binary_le(mbedtls_mpi *X, + const unsigned char *buf, size_t buflen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; - size_t const limbs = CHARS_TO_LIMBS( buflen ); + size_t const limbs = CHARS_TO_LIMBS(buflen); /* Ensure that target MPI has exactly the necessary number of limbs */ - MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, limbs ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, limbs)); - for( i = 0; i < buflen; i++ ) + for (i = 0; i < buflen; i++) { X->p[i / ciL] |= ((mbedtls_mpi_uint) buf[i]) << ((i % ciL) << 3); + } cleanup: @@ -809,33 +830,32 @@ int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, * upon failure is not necessary because failure only can happen before any * input is copied. */ - return( ret ); + return ret; } /* * Import X from unsigned binary data, big endian */ -int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen ) +int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, size_t buflen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t const limbs = CHARS_TO_LIMBS( buflen ); - size_t const overhead = ( limbs * ciL ) - buflen; + size_t const limbs = CHARS_TO_LIMBS(buflen); + size_t const overhead = (limbs * ciL) - buflen; unsigned char *Xp; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( buflen == 0 || buf != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(buflen == 0 || buf != NULL); /* Ensure that target MPI has exactly the necessary number of limbs */ - MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, limbs ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, limbs)); /* Avoid calling `memcpy` with NULL source or destination argument, * even if buflen is 0. */ - if( buflen != 0 ) - { - Xp = (unsigned char*) X->p; - memcpy( Xp + overhead, buf, buflen ); + if (buflen != 0) { + Xp = (unsigned char *) X->p; + memcpy(Xp + overhead, buf, buflen); - mpi_bigendian_to_host( X->p, limbs ); + mpi_bigendian_to_host(X->p, limbs); } cleanup: @@ -845,66 +865,62 @@ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t bu * upon failure is not necessary because failure only can happen before any * input is copied. */ - return( ret ); + return ret; } /* * Export X into unsigned binary data, little endian */ -int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X, - unsigned char *buf, size_t buflen ) +int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X, + unsigned char *buf, size_t buflen) { size_t stored_bytes = X->n * ciL; size_t bytes_to_copy; size_t i; - if( stored_bytes < buflen ) - { + if (stored_bytes < buflen) { bytes_to_copy = stored_bytes; - } - else - { + } else { bytes_to_copy = buflen; /* The output buffer is smaller than the allocated size of X. * However X may fit if its leading bytes are zero. */ - for( i = bytes_to_copy; i < stored_bytes; i++ ) - { - if( GET_BYTE( X, i ) != 0 ) - return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); + for (i = bytes_to_copy; i < stored_bytes; i++) { + if (GET_BYTE(X, i) != 0) { + return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL; + } } } - for( i = 0; i < bytes_to_copy; i++ ) - buf[i] = GET_BYTE( X, i ); + for (i = 0; i < bytes_to_copy; i++) { + buf[i] = GET_BYTE(X, i); + } - if( stored_bytes < buflen ) - { + if (stored_bytes < buflen) { /* Write trailing 0 bytes */ - memset( buf + stored_bytes, 0, buflen - stored_bytes ); + memset(buf + stored_bytes, 0, buflen - stored_bytes); } - return( 0 ); + return 0; } /* * Export X into unsigned binary data, big endian */ -int mbedtls_mpi_write_binary( const mbedtls_mpi *X, - unsigned char *buf, size_t buflen ) +int mbedtls_mpi_write_binary(const mbedtls_mpi *X, + unsigned char *buf, size_t buflen) { size_t stored_bytes; size_t bytes_to_copy; unsigned char *p; size_t i; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( buflen == 0 || buf != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(buflen == 0 || buf != NULL); stored_bytes = X->n * ciL; - if( stored_bytes < buflen ) - { + if (stored_bytes < buflen) { /* There is enough space in the output buffer. Write initial * null bytes and record the position at which to start * writing the significant bytes. In this case, the execution @@ -912,66 +928,65 @@ int mbedtls_mpi_write_binary( const mbedtls_mpi *X, * number. */ bytes_to_copy = stored_bytes; p = buf + buflen - stored_bytes; - memset( buf, 0, buflen - stored_bytes ); - } - else - { + memset(buf, 0, buflen - stored_bytes); + } else { /* The output buffer is smaller than the allocated size of X. * However X may fit if its leading bytes are zero. */ bytes_to_copy = buflen; p = buf; - for( i = bytes_to_copy; i < stored_bytes; i++ ) - { - if( GET_BYTE( X, i ) != 0 ) - return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); + for (i = bytes_to_copy; i < stored_bytes; i++) { + if (GET_BYTE(X, i) != 0) { + return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL; + } } } - for( i = 0; i < bytes_to_copy; i++ ) - p[bytes_to_copy - i - 1] = GET_BYTE( X, i ); + for (i = 0; i < bytes_to_copy; i++) { + p[bytes_to_copy - i - 1] = GET_BYTE(X, i); + } - return( 0 ); + return 0; } /* * Left-shift: X <<= count */ -int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ) +int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, v0, t1; mbedtls_mpi_uint r0 = 0, r1; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - v0 = count / (biL ); + v0 = count / (biL); t1 = count & (biL - 1); - i = mbedtls_mpi_bitlen( X ) + count; + i = mbedtls_mpi_bitlen(X) + count; - if( X->n * biL < i ) - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, BITS_TO_LIMBS( i ) ) ); + if (X->n * biL < i) { + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, BITS_TO_LIMBS(i))); + } ret = 0; /* * shift by count / limb_size */ - if( v0 > 0 ) - { - for( i = X->n; i > v0; i-- ) + if (v0 > 0) { + for (i = X->n; i > v0; i--) { X->p[i - 1] = X->p[i - v0 - 1]; + } - for( ; i > 0; i-- ) + for (; i > 0; i--) { X->p[i - 1] = 0; + } } /* * shift by count % limb_size */ - if( t1 > 0 ) - { - for( i = v0; i < X->n; i++ ) - { + if (t1 > 0) { + for (i = v0; i < X->n; i++) { r1 = X->p[i] >> (biL - t1); X->p[i] <<= t1; X->p[i] |= r0; @@ -981,43 +996,43 @@ int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ) cleanup: - return( ret ); + return ret; } /* * Right-shift: X >>= count */ -int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ) +int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count) { size_t i, v0, v1; mbedtls_mpi_uint r0 = 0, r1; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); v0 = count / biL; v1 = count & (biL - 1); - if( v0 > X->n || ( v0 == X->n && v1 > 0 ) ) - return mbedtls_mpi_lset( X, 0 ); + if (v0 > X->n || (v0 == X->n && v1 > 0)) { + return mbedtls_mpi_lset(X, 0); + } /* * shift by count / limb_size */ - if( v0 > 0 ) - { - for( i = 0; i < X->n - v0; i++ ) + if (v0 > 0) { + for (i = 0; i < X->n - v0; i++) { X->p[i] = X->p[i + v0]; + } - for( ; i < X->n; i++ ) + for (; i < X->n; i++) { X->p[i] = 0; + } } /* * shift by count % limb_size */ - if( v1 > 0 ) - { - for( i = X->n; i > 0; i-- ) - { + if (v1 > 0) { + for (i = X->n; i > 0; i--) { r1 = X->p[i - 1] << (biL - v1); X->p[i - 1] >>= v1; X->p[i - 1] |= r0; @@ -1025,155 +1040,183 @@ int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ) } } - return( 0 ); + return 0; } /* * Compare unsigned values */ -int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ) +int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y) { size_t i, j; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( Y != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); - for( i = X->n; i > 0; i-- ) - if( X->p[i - 1] != 0 ) + for (i = X->n; i > 0; i--) { + if (X->p[i - 1] != 0) { break; + } + } - for( j = Y->n; j > 0; j-- ) - if( Y->p[j - 1] != 0 ) + for (j = Y->n; j > 0; j--) { + if (Y->p[j - 1] != 0) { break; + } + } - if( i == 0 && j == 0 ) - return( 0 ); + if (i == 0 && j == 0) { + return 0; + } - if( i > j ) return( 1 ); - if( j > i ) return( -1 ); + if (i > j) { + return 1; + } + if (j > i) { + return -1; + } - for( ; i > 0; i-- ) - { - if( X->p[i - 1] > Y->p[i - 1] ) return( 1 ); - if( X->p[i - 1] < Y->p[i - 1] ) return( -1 ); + for (; i > 0; i--) { + if (X->p[i - 1] > Y->p[i - 1]) { + return 1; + } + if (X->p[i - 1] < Y->p[i - 1]) { + return -1; + } } - return( 0 ); + return 0; } /* * Compare signed values */ -int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ) +int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y) { size_t i, j; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( Y != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); - for( i = X->n; i > 0; i-- ) - if( X->p[i - 1] != 0 ) + for (i = X->n; i > 0; i--) { + if (X->p[i - 1] != 0) { break; + } + } - for( j = Y->n; j > 0; j-- ) - if( Y->p[j - 1] != 0 ) + for (j = Y->n; j > 0; j--) { + if (Y->p[j - 1] != 0) { break; + } + } - if( i == 0 && j == 0 ) - return( 0 ); + if (i == 0 && j == 0) { + return 0; + } - if( i > j ) return( X->s ); - if( j > i ) return( -Y->s ); + if (i > j) { + return X->s; + } + if (j > i) { + return -Y->s; + } - if( X->s > 0 && Y->s < 0 ) return( 1 ); - if( Y->s > 0 && X->s < 0 ) return( -1 ); + if (X->s > 0 && Y->s < 0) { + return 1; + } + if (Y->s > 0 && X->s < 0) { + return -1; + } - for( ; i > 0; i-- ) - { - if( X->p[i - 1] > Y->p[i - 1] ) return( X->s ); - if( X->p[i - 1] < Y->p[i - 1] ) return( -X->s ); + for (; i > 0; i--) { + if (X->p[i - 1] > Y->p[i - 1]) { + return X->s; + } + if (X->p[i - 1] < Y->p[i - 1]) { + return -X->s; + } } - return( 0 ); + return 0; } /* * Compare signed values */ -int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ) +int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z) { mbedtls_mpi Y; mbedtls_mpi_uint p[1]; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - *p = mpi_sint_abs( z ); - Y.s = ( z < 0 ) ? -1 : 1; + *p = mpi_sint_abs(z); + Y.s = (z < 0) ? -1 : 1; Y.n = 1; Y.p = p; - return( mbedtls_mpi_cmp_mpi( X, &Y ) ); + return mbedtls_mpi_cmp_mpi(X, &Y); } /* * Unsigned addition: X = |A| + |B| (HAC 14.7) */ -int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j; mbedtls_mpi_uint *o, *p, c, tmp; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); - if( X == B ) - { + if (X == B) { const mbedtls_mpi *T = A; A = X; B = T; } - if( X != A ) - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, A ) ); + if (X != A) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, A)); + } /* * X should always be positive as a result of unsigned additions. */ X->s = 1; - for( j = B->n; j > 0; j-- ) - if( B->p[j - 1] != 0 ) + for (j = B->n; j > 0; j--) { + if (B->p[j - 1] != 0) { break; + } + } /* Exit early to avoid undefined behavior on NULL+0 when X->n == 0 * and B is 0 (of any size). */ - if( j == 0 ) - return( 0 ); + if (j == 0) { + return 0; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, j)); o = B->p; p = X->p; c = 0; /* * tmp is used because it might happen that p == o */ - for( i = 0; i < j; i++, o++, p++ ) - { - tmp= *o; - *p += c; c = ( *p < c ); - *p += tmp; c += ( *p < tmp ); - } - - while( c != 0 ) - { - if( i >= X->n ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + 1 ) ); + for (i = 0; i < j; i++, o++, p++) { + tmp = *o; + *p += c; c = (*p < c); + *p += tmp; c += (*p < tmp); + } + + while (c != 0) { + if (i >= X->n) { + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, i + 1)); p = X->p + i; } - *p += c; c = ( *p < c ); i++; p++; + *p += c; c = (*p < c); i++; p++; } cleanup: - return( ret ); + return ret; } /** @@ -1193,65 +1236,66 @@ int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi * \return 1 if `l < r`. * 0 if `l >= r`. */ -static mbedtls_mpi_uint mpi_sub_hlp( size_t n, - mbedtls_mpi_uint *d, - const mbedtls_mpi_uint *l, - const mbedtls_mpi_uint *r ) +static mbedtls_mpi_uint mpi_sub_hlp(size_t n, + mbedtls_mpi_uint *d, + const mbedtls_mpi_uint *l, + const mbedtls_mpi_uint *r) { size_t i; mbedtls_mpi_uint c = 0, t, z; - for( i = 0; i < n; i++ ) - { - z = ( l[i] < c ); t = l[i] - c; - c = ( t < r[i] ) + z; d[i] = t - r[i]; + for (i = 0; i < n; i++) { + z = (l[i] < c); t = l[i] - c; + c = (t < r[i]) + z; d[i] = t - r[i]; } - return( c ); + return c; } /* * Unsigned subtraction: X = |A| - |B| (HAC 14.9, 14.10) */ -int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; mbedtls_mpi_uint carry; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); - for( n = B->n; n > 0; n-- ) - if( B->p[n - 1] != 0 ) + for (n = B->n; n > 0; n--) { + if (B->p[n - 1] != 0) { break; - if( n > A->n ) - { + } + } + if (n > A->n) { /* B >= (2^ciL)^n > A */ ret = MBEDTLS_ERR_MPI_NEGATIVE_VALUE; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, A->n ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, A->n)); /* Set the high limbs of X to match A. Don't touch the lower limbs * because X might be aliased to B, and we must not overwrite the * significant digits of B. */ - if( A->n > n ) - memcpy( X->p + n, A->p + n, ( A->n - n ) * ciL ); - if( X->n > A->n ) - memset( X->p + A->n, 0, ( X->n - A->n ) * ciL ); - - carry = mpi_sub_hlp( n, X->p, A->p, B->p ); - if( carry != 0 ) - { + if (A->n > n) { + memcpy(X->p + n, A->p + n, (A->n - n) * ciL); + } + if (X->n > A->n) { + memset(X->p + A->n, 0, (X->n - A->n) * ciL); + } + + carry = mpi_sub_hlp(n, X->p, A->p, B->p); + if (carry != 0) { /* Propagate the carry to the first nonzero limb of X. */ - for( ; n < X->n && X->p[n] == 0; n++ ) + for (; n < X->n && X->p[n] == 0; n++) { --X->p[n]; + } /* If we ran out of space for the carry, it means that the result * is negative. */ - if( n == X->n ) - { + if (n == X->n) { ret = MBEDTLS_ERR_MPI_NEGATIVE_VALUE; goto cleanup; } @@ -1262,101 +1306,95 @@ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi X->s = 1; cleanup: - return( ret ); + return ret; } /* Common function for signed addition and subtraction. * Calculate A + B * flip_B where flip_B is 1 or -1. */ -static int add_sub_mpi( mbedtls_mpi *X, - const mbedtls_mpi *A, const mbedtls_mpi *B, - int flip_B ) +static int add_sub_mpi(mbedtls_mpi *X, + const mbedtls_mpi *A, const mbedtls_mpi *B, + int flip_B) { int ret, s; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); s = A->s; - if( A->s * B->s * flip_B < 0 ) - { - int cmp = mbedtls_mpi_cmp_abs( A, B ); - if( cmp >= 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) ); + if (A->s * B->s * flip_B < 0) { + int cmp = mbedtls_mpi_cmp_abs(A, B); + if (cmp >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(X, A, B)); /* If |A| = |B|, the result is 0 and we must set the sign bit * to +1 regardless of which of A or B was negative. Otherwise, * since |A| > |B|, the sign is the sign of A. */ X->s = cmp == 0 ? 1 : s; - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) ); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(X, B, A)); /* Since |A| < |B|, the sign is the opposite of A. */ X->s = -s; } - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( X, A, B ) ); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(X, A, B)); X->s = s; } cleanup: - return( ret ); + return ret; } /* * Signed addition: X = A + B */ -int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B) { - return( add_sub_mpi( X, A, B, 1 ) ); + return add_sub_mpi(X, A, B, 1); } /* * Signed subtraction: X = A - B */ -int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B) { - return( add_sub_mpi( X, A, B, -1 ) ); + return add_sub_mpi(X, A, B, -1); } /* * Signed addition: X = A + b */ -int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ) +int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b) { mbedtls_mpi B; mbedtls_mpi_uint p[1]; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); - p[0] = mpi_sint_abs( b ); - B.s = ( b < 0 ) ? -1 : 1; + p[0] = mpi_sint_abs(b); + B.s = (b < 0) ? -1 : 1; B.n = 1; B.p = p; - return( mbedtls_mpi_add_mpi( X, A, &B ) ); + return mbedtls_mpi_add_mpi(X, A, &B); } /* * Signed subtraction: X = A - b */ -int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ) +int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b) { mbedtls_mpi B; mbedtls_mpi_uint p[1]; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); - p[0] = mpi_sint_abs( b ); - B.s = ( b < 0 ) ? -1 : 1; + p[0] = mpi_sint_abs(b); + B.s = (b < 0) ? -1 : 1; B.n = 1; B.p = p; - return( mbedtls_mpi_sub_mpi( X, A, &B ) ); + return mbedtls_mpi_sub_mpi(X, A, &B); } /** Helper for mbedtls_mpi multiplication. @@ -1381,32 +1419,29 @@ static * Apple LLVM version 4.2 (clang-425.0.24) (based on LLVM 3.2svn) * appears to need this to prevent bad ARM code generation at -O3. */ -__attribute__ ((noinline)) +__attribute__((noinline)) #endif -void mpi_mul_hlp( size_t i, - const mbedtls_mpi_uint *s, - mbedtls_mpi_uint *d, - mbedtls_mpi_uint b ) +void mpi_mul_hlp(size_t i, + const mbedtls_mpi_uint *s, + mbedtls_mpi_uint *d, + mbedtls_mpi_uint b) { mbedtls_mpi_uint c = 0, t = 0; #if defined(MULADDC_HUIT) - for( ; i >= 8; i -= 8 ) - { + for (; i >= 8; i -= 8) { MULADDC_INIT MULADDC_HUIT - MULADDC_STOP + MULADDC_STOP } - for( ; i > 0; i-- ) - { + for (; i > 0; i--) { MULADDC_INIT MULADDC_CORE - MULADDC_STOP + MULADDC_STOP } #else /* MULADDC_HUIT */ - for( ; i >= 16; i -= 16 ) - { + for (; i >= 16; i -= 16) { MULADDC_INIT MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE @@ -1417,106 +1452,115 @@ void mpi_mul_hlp( size_t i, MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE - MULADDC_STOP + MULADDC_STOP } - for( ; i >= 8; i -= 8 ) - { + for (; i >= 8; i -= 8) { MULADDC_INIT MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE - MULADDC_STOP + MULADDC_STOP } - for( ; i > 0; i-- ) - { + for (; i > 0; i--) { MULADDC_INIT MULADDC_CORE - MULADDC_STOP + MULADDC_STOP } #endif /* MULADDC_HUIT */ t++; - while( c != 0 ) - { - *d += c; c = ( *d < c ); d++; + while (c != 0) { + *d += c; c = (*d < c); d++; } } /* * Baseline multiplication: X = A * B (HAC 14.12) */ -int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j; mbedtls_mpi TA, TB; int result_is_zero = 0; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); - mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB ); + mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TB); - if( X == A ) { MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) ); A = &TA; } - if( X == B ) { MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) ); B = &TB; } + if (X == A) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TA, A)); A = &TA; + } + if (X == B) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TB, B)); B = &TB; + } - for( i = A->n; i > 0; i-- ) - if( A->p[i - 1] != 0 ) + for (i = A->n; i > 0; i--) { + if (A->p[i - 1] != 0) { break; - if( i == 0 ) + } + } + if (i == 0) { result_is_zero = 1; + } - for( j = B->n; j > 0; j-- ) - if( B->p[j - 1] != 0 ) + for (j = B->n; j > 0; j--) { + if (B->p[j - 1] != 0) { break; - if( j == 0 ) + } + } + if (j == 0) { result_is_zero = 1; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + j ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, i + j)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 0)); - for( ; j > 0; j-- ) - mpi_mul_hlp( i, A->p, X->p + j - 1, B->p[j - 1] ); + for (; j > 0; j--) { + mpi_mul_hlp(i, A->p, X->p + j - 1, B->p[j - 1]); + } /* If the result is 0, we don't shortcut the operation, which reduces * but does not eliminate side channels leaking the zero-ness. We do * need to take care to set the sign bit properly since the library does * not fully support an MPI object with a value of 0 and s == -1. */ - if( result_is_zero ) + if (result_is_zero) { X->s = 1; - else + } else { X->s = A->s * B->s; + } cleanup: - mbedtls_mpi_free( &TB ); mbedtls_mpi_free( &TA ); + mbedtls_mpi_free(&TB); mbedtls_mpi_free(&TA); - return( ret ); + return ret; } /* * Baseline multiplication: X = A * b */ -int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b ) +int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b) { - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); /* mpi_mul_hlp can't deal with a leading 0. */ size_t n = A->n; - while( n > 0 && A->p[n - 1] == 0 ) + while (n > 0 && A->p[n - 1] == 0) { --n; + } /* The general method below doesn't work if n==0 or b==0. By chance * calculating the result is trivial in those cases. */ - if( b == 0 || n == 0 ) - { - return( mbedtls_mpi_lset( X, 0 ) ); + if (b == 0 || n == 0) { + return mbedtls_mpi_lset(X, 0); } /* Calculate A*b as A + A*(b-1) to take advantage of mpi_mul_hlp */ @@ -1529,26 +1573,28 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint * calls to calloc() in ECP code, presumably because it reuses the * same mpi for a while and this way the mpi is more likely to directly * grow to its final size. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, n + 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, A ) ); - mpi_mul_hlp( n, A->p, X->p, b - 1 ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, n + 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, A)); + mpi_mul_hlp(n, A->p, X->p, b - 1); cleanup: - return( ret ); + return ret; } /* * Unsigned integer divide - double mbedtls_mpi_uint dividend, u1/u0, and * mbedtls_mpi_uint divisor, d */ -static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, - mbedtls_mpi_uint u0, mbedtls_mpi_uint d, mbedtls_mpi_uint *r ) +static mbedtls_mpi_uint mbedtls_int_div_int(mbedtls_mpi_uint u1, + mbedtls_mpi_uint u0, + mbedtls_mpi_uint d, + mbedtls_mpi_uint *r) { #if defined(MBEDTLS_HAVE_UDBL) mbedtls_t_udbl dividend, quotient; #else const mbedtls_mpi_uint radix = (mbedtls_mpi_uint) 1 << biH; - const mbedtls_mpi_uint uint_halfword_mask = ( (mbedtls_mpi_uint) 1 << biH ) - 1; + const mbedtls_mpi_uint uint_halfword_mask = ((mbedtls_mpi_uint) 1 << biH) - 1; mbedtls_mpi_uint d0, d1, q0, q1, rAX, r0, quotient; mbedtls_mpi_uint u0_msw, u0_lsw; size_t s; @@ -1557,22 +1603,25 @@ static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, /* * Check for overflow */ - if( 0 == d || u1 >= d ) - { - if (r != NULL) *r = ~(mbedtls_mpi_uint)0u; + if (0 == d || u1 >= d) { + if (r != NULL) { + *r = ~(mbedtls_mpi_uint) 0u; + } - return ( ~(mbedtls_mpi_uint)0u ); + return ~(mbedtls_mpi_uint) 0u; } #if defined(MBEDTLS_HAVE_UDBL) dividend = (mbedtls_t_udbl) u1 << biL; dividend |= (mbedtls_t_udbl) u0; quotient = dividend / d; - if( quotient > ( (mbedtls_t_udbl) 1 << biL ) - 1 ) - quotient = ( (mbedtls_t_udbl) 1 << biL ) - 1; + if (quotient > ((mbedtls_t_udbl) 1 << biL) - 1) { + quotient = ((mbedtls_t_udbl) 1 << biL) - 1; + } - if( r != NULL ) - *r = (mbedtls_mpi_uint)( dividend - (quotient * d ) ); + if (r != NULL) { + *r = (mbedtls_mpi_uint) (dividend - (quotient * d)); + } return (mbedtls_mpi_uint) quotient; #else @@ -1585,11 +1634,11 @@ static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, /* * Normalize the divisor, d, and dividend, u0, u1 */ - s = mbedtls_clz( d ); + s = mbedtls_clz(d); d = d << s; u1 = u1 << s; - u1 |= ( u0 >> ( biL - s ) ) & ( -(mbedtls_mpi_sint)s >> ( biL - 1 ) ); + u1 |= (u0 >> (biL - s)) & (-(mbedtls_mpi_sint) s >> (biL - 1)); u0 = u0 << s; d1 = d >> biH; @@ -1604,28 +1653,31 @@ static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, q1 = u1 / d1; r0 = u1 - d1 * q1; - while( q1 >= radix || ( q1 * d0 > radix * r0 + u0_msw ) ) - { + while (q1 >= radix || (q1 * d0 > radix * r0 + u0_msw)) { q1 -= 1; r0 += d1; - if ( r0 >= radix ) break; + if (r0 >= radix) { + break; + } } - rAX = ( u1 * radix ) + ( u0_msw - q1 * d ); + rAX = (u1 * radix) + (u0_msw - q1 * d); q0 = rAX / d1; r0 = rAX - q0 * d1; - while( q0 >= radix || ( q0 * d0 > radix * r0 + u0_lsw ) ) - { + while (q0 >= radix || (q0 * d0 > radix * r0 + u0_lsw)) { q0 -= 1; r0 += d1; - if ( r0 >= radix ) break; + if (r0 >= radix) { + break; + } } - if (r != NULL) - *r = ( rAX * radix + u0_lsw - q0 * d ) >> s; + if (r != NULL) { + *r = (rAX * radix + u0_lsw - q0 * d) >> s; + } quotient = q1 * radix + q0; @@ -1636,21 +1688,22 @@ static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, /* * Division by mbedtls_mpi: A = Q * B + R (HAC 14.20) */ -int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, - const mbedtls_mpi *B ) +int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, + const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, n, t, k; mbedtls_mpi X, Y, Z, T1, T2; mbedtls_mpi_uint TP2[3]; - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); - if( mbedtls_mpi_cmp_int( B, 0 ) == 0 ) - return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO ); + if (mbedtls_mpi_cmp_int(B, 0) == 0) { + return MBEDTLS_ERR_MPI_DIVISION_BY_ZERO; + } - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); - mbedtls_mpi_init( &T1 ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); + mbedtls_mpi_init(&T1); /* * Avoid dynamic memory allocations for constant-size T2. * @@ -1659,196 +1712,194 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, * buffer. */ T2.s = 1; - T2.n = sizeof( TP2 ) / sizeof( *TP2 ); + T2.n = sizeof(TP2) / sizeof(*TP2); T2.p = TP2; - if( mbedtls_mpi_cmp_abs( A, B ) < 0 ) - { - if( Q != NULL ) MBEDTLS_MPI_CHK( mbedtls_mpi_lset( Q, 0 ) ); - if( R != NULL ) MBEDTLS_MPI_CHK( mbedtls_mpi_copy( R, A ) ); - return( 0 ); + if (mbedtls_mpi_cmp_abs(A, B) < 0) { + if (Q != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(Q, 0)); + } + if (R != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(R, A)); + } + return 0; } - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &X, A ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Y, B ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&X, A)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&Y, B)); X.s = Y.s = 1; - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &Z, A->n + 2 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Z, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T1, A->n + 2 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&Z, A->n + 2)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&Z, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&T1, A->n + 2)); - k = mbedtls_mpi_bitlen( &Y ) % biL; - if( k < biL - 1 ) - { + k = mbedtls_mpi_bitlen(&Y) % biL; + if (k < biL - 1) { k = biL - 1 - k; - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &X, k ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &Y, k ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&X, k)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&Y, k)); + } else { + k = 0; } - else k = 0; n = X.n - 1; t = Y.n - 1; - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &Y, biL * ( n - t ) ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&Y, biL * (n - t))); - while( mbedtls_mpi_cmp_mpi( &X, &Y ) >= 0 ) - { + while (mbedtls_mpi_cmp_mpi(&X, &Y) >= 0) { Z.p[n - t]++; - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &Y ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&X, &X, &Y)); } - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Y, biL * ( n - t ) ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&Y, biL * (n - t))); - for( i = n; i > t ; i-- ) - { - if( X.p[i] >= Y.p[t] ) - Z.p[i - t - 1] = ~(mbedtls_mpi_uint)0u; - else - { - Z.p[i - t - 1] = mbedtls_int_div_int( X.p[i], X.p[i - 1], - Y.p[t], NULL); + for (i = n; i > t; i--) { + if (X.p[i] >= Y.p[t]) { + Z.p[i - t - 1] = ~(mbedtls_mpi_uint) 0u; + } else { + Z.p[i - t - 1] = mbedtls_int_div_int(X.p[i], X.p[i - 1], + Y.p[t], NULL); } - T2.p[0] = ( i < 2 ) ? 0 : X.p[i - 2]; - T2.p[1] = ( i < 1 ) ? 0 : X.p[i - 1]; + T2.p[0] = (i < 2) ? 0 : X.p[i - 2]; + T2.p[1] = (i < 1) ? 0 : X.p[i - 1]; T2.p[2] = X.p[i]; Z.p[i - t - 1]++; - do - { + do { Z.p[i - t - 1]--; - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &T1, 0 ) ); - T1.p[0] = ( t < 1 ) ? 0 : Y.p[t - 1]; + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&T1, 0)); + T1.p[0] = (t < 1) ? 0 : Y.p[t - 1]; T1.p[1] = Y.p[t]; - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &T1, Z.p[i - t - 1] ) ); - } - while( mbedtls_mpi_cmp_mpi( &T1, &T2 ) > 0 ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&T1, &T1, Z.p[i - t - 1])); + } while (mbedtls_mpi_cmp_mpi(&T1, &T2) > 0); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &Y, Z.p[i - t - 1] ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T1, biL * ( i - t - 1 ) ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &T1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&T1, &Y, Z.p[i - t - 1])); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&T1, biL * (i - t - 1))); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&X, &X, &T1)); - if( mbedtls_mpi_cmp_int( &X, 0 ) < 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T1, &Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T1, biL * ( i - t - 1 ) ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &X, &X, &T1 ) ); + if (mbedtls_mpi_cmp_int(&X, 0) < 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&T1, &Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&T1, biL * (i - t - 1))); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&X, &X, &T1)); Z.p[i - t - 1]--; } } - if( Q != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( Q, &Z ) ); + if (Q != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(Q, &Z)); Q->s = A->s * B->s; } - if( R != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &X, k ) ); + if (R != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&X, k)); X.s = A->s; - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( R, &X ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(R, &X)); - if( mbedtls_mpi_cmp_int( R, 0 ) == 0 ) + if (mbedtls_mpi_cmp_int(R, 0) == 0) { R->s = 1; + } } cleanup: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); - mbedtls_mpi_free( &T1 ); - mbedtls_platform_zeroize( TP2, sizeof( TP2 ) ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); + mbedtls_mpi_free(&T1); + mbedtls_platform_zeroize(TP2, sizeof(TP2)); - return( ret ); + return ret; } /* * Division by int: A = Q * b + R */ -int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, - const mbedtls_mpi *A, - mbedtls_mpi_sint b ) +int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, + const mbedtls_mpi *A, + mbedtls_mpi_sint b) { mbedtls_mpi B; mbedtls_mpi_uint p[1]; - MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET(A != NULL); - p[0] = mpi_sint_abs( b ); - B.s = ( b < 0 ) ? -1 : 1; + p[0] = mpi_sint_abs(b); + B.s = (b < 0) ? -1 : 1; B.n = 1; B.p = p; - return( mbedtls_mpi_div_mpi( Q, R, A, &B ) ); + return mbedtls_mpi_div_mpi(Q, R, A, &B); } /* * Modulo: R = A mod B */ -int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MPI_VALIDATE_RET( R != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(R != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); - if( mbedtls_mpi_cmp_int( B, 0 ) < 0 ) - return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE ); + if (mbedtls_mpi_cmp_int(B, 0) < 0) { + return MBEDTLS_ERR_MPI_NEGATIVE_VALUE; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( NULL, R, A, B ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(NULL, R, A, B)); - while( mbedtls_mpi_cmp_int( R, 0 ) < 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( R, R, B ) ); + while (mbedtls_mpi_cmp_int(R, 0) < 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(R, R, B)); + } - while( mbedtls_mpi_cmp_mpi( R, B ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( R, R, B ) ); + while (mbedtls_mpi_cmp_mpi(R, B) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(R, R, B)); + } cleanup: - return( ret ); + return ret; } /* * Modulo: r = A mod b */ -int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b ) +int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b) { size_t i; mbedtls_mpi_uint x, y, z; - MPI_VALIDATE_RET( r != NULL ); - MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET(r != NULL); + MPI_VALIDATE_RET(A != NULL); - if( b == 0 ) - return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO ); + if (b == 0) { + return MBEDTLS_ERR_MPI_DIVISION_BY_ZERO; + } - if( b < 0 ) - return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE ); + if (b < 0) { + return MBEDTLS_ERR_MPI_NEGATIVE_VALUE; + } /* * handle trivial cases */ - if( b == 1 || A->n == 0 ) - { + if (b == 1 || A->n == 0) { *r = 0; - return( 0 ); + return 0; } - if( b == 2 ) - { + if (b == 2) { *r = A->p[0] & 1; - return( 0 ); + return 0; } /* * general case */ - for( i = A->n, y = 0; i > 0; i-- ) - { + for (i = A->n, y = 0; i > 0; i--) { x = A->p[i - 1]; - y = ( y << biH ) | ( x >> biH ); + y = (y << biH) | (x >> biH); z = y / b; y -= z * b; x <<= biH; - y = ( y << biH ) | ( x >> biH ); + y = (y << biH) | (x >> biH); z = y / b; y -= z * b; } @@ -1857,27 +1908,29 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_ * If A is negative, then the current y represents a negative value. * Flipping it to the positive side. */ - if( A->s < 0 && y != 0 ) + if (A->s < 0 && y != 0) { y = b - y; + } *r = y; - return( 0 ); + return 0; } /* * Fast Montgomery initialization (thanks to Tom St Denis) */ -static void mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N ) +static void mpi_montg_init(mbedtls_mpi_uint *mm, const mbedtls_mpi *N) { mbedtls_mpi_uint x, m0 = N->p[0]; unsigned int i; x = m0; - x += ( ( m0 + 2 ) & 4 ) << 1; + x += ((m0 + 2) & 4) << 1; - for( i = biL; i >= 8; i /= 2 ) - x *= ( 2 - ( m0 * x ) ); + for (i = biL; i >= 8; i /= 2) { + x *= (2 - (m0 * x)); + } *mm = ~x + 1; } @@ -1904,28 +1957,30 @@ static void mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N ) * Note that unlike the usual convention in the library * for `const mbedtls_mpi*`, the content of T can change. */ -static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi *N, mbedtls_mpi_uint mm, - const mbedtls_mpi *T ) +static void mpi_montmul(mbedtls_mpi *A, + const mbedtls_mpi *B, + const mbedtls_mpi *N, + mbedtls_mpi_uint mm, + const mbedtls_mpi *T) { size_t i, n, m; mbedtls_mpi_uint u0, u1, *d; - memset( T->p, 0, T->n * ciL ); + memset(T->p, 0, T->n * ciL); d = T->p; n = N->n; - m = ( B->n < n ) ? B->n : n; + m = (B->n < n) ? B->n : n; - for( i = 0; i < n; i++ ) - { + for (i = 0; i < n; i++) { /* * T = (T + u0*B + u1*N) / 2^biL */ u0 = A->p[i]; - u1 = ( d[0] + u0 * B->p[0] ) * mm; + u1 = (d[0] + u0 * B->p[0]) * mm; - mpi_mul_hlp( m, B->p, d, u0 ); - mpi_mul_hlp( n, N->p, d, u1 ); + mpi_mul_hlp(m, B->p, d, u0); + mpi_mul_hlp(n, N->p, d, u1); *d++ = u0; d[n + 1] = 0; } @@ -1936,19 +1991,19 @@ static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi /* Copy the n least significant limbs of d to A, so that * A = d if d < N (recall that N has n limbs). */ - memcpy( A->p, d, n * ciL ); + memcpy(A->p, d, n * ciL); /* If d >= N then we want to set A to d - N. To prevent timing attacks, * do the calculation without using conditional tests. */ /* Set d to d0 + (2^biL)^n - N where d0 is the current value of d. */ d[n] += 1; - d[n] -= mpi_sub_hlp( n, d, d, N->p ); + d[n] -= mpi_sub_hlp(n, d, d, N->p); /* If d0 < N then d < (2^biL)^n * so d[n] == 0 and we want to keep A as it is. * If d0 >= N then d >= (2^biL)^n, and d <= (2^biL)^n + N < 2 * (2^biL)^n * so d[n] == 1 and we want to set A to the result of the subtraction * which is d - (2^biL)^n, i.e. the n least significant limbs of d. * This exactly corresponds to a conditional assignment. */ - mbedtls_ct_mpi_uint_cond_assign( n, A->p, d, (unsigned char) d[n] ); + mbedtls_ct_mpi_uint_cond_assign(n, A->p, d, (unsigned char) d[n]); } /* @@ -1956,8 +2011,8 @@ static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi * * See mpi_montmul() regarding constraints and guarantees on the parameters. */ -static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, - mbedtls_mpi_uint mm, const mbedtls_mpi *T ) +static void mpi_montred(mbedtls_mpi *A, const mbedtls_mpi *N, + mbedtls_mpi_uint mm, const mbedtls_mpi *T) { mbedtls_mpi_uint z = 1; mbedtls_mpi U; @@ -1965,7 +2020,7 @@ static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, U.n = U.s = (int) z; U.p = &z; - mpi_montmul( A, &U, N, mm, T ); + mpi_montmul(A, &U, N, mm, T); } /** @@ -1983,67 +2038,71 @@ static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, * * \return \c 0 on success, or a negative error code. */ -static int mpi_select( mbedtls_mpi *R, const mbedtls_mpi *T, size_t T_size, size_t idx ) +static int mpi_select(mbedtls_mpi *R, const mbedtls_mpi *T, size_t T_size, size_t idx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - for( size_t i = 0; i < T_size; i++ ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( R, &T[i], - (unsigned char) mbedtls_ct_size_bool_eq( i, idx ) ) ); + for (size_t i = 0; i < T_size; i++) { + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(R, &T[i], + (unsigned char) mbedtls_ct_size_bool_eq(i, + idx))); } cleanup: - return( ret ); + return ret; } /* * Sliding-window exponentiation: X = A^E mod N (HAC 14.85) */ -int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *E, const mbedtls_mpi *N, - mbedtls_mpi *prec_RR ) +int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *E, const mbedtls_mpi *N, + mbedtls_mpi *prec_RR) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t window_bitsize; size_t i, j, nblimbs; size_t bufsize, nbits; mbedtls_mpi_uint ei, mm, state; - mbedtls_mpi RR, T, W[ (size_t) 1 << MBEDTLS_MPI_WINDOW_SIZE ], WW, Apos; + mbedtls_mpi RR, T, W[(size_t) 1 << MBEDTLS_MPI_WINDOW_SIZE], WW, Apos; int neg; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( E != NULL ); - MPI_VALIDATE_RET( N != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(E != NULL); + MPI_VALIDATE_RET(N != NULL); - if( mbedtls_mpi_cmp_int( N, 0 ) <= 0 || ( N->p[0] & 1 ) == 0 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (mbedtls_mpi_cmp_int(N, 0) <= 0 || (N->p[0] & 1) == 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - if( mbedtls_mpi_cmp_int( E, 0 ) < 0 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (mbedtls_mpi_cmp_int(E, 0) < 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - if( mbedtls_mpi_bitlen( E ) > MBEDTLS_MPI_MAX_BITS || - mbedtls_mpi_bitlen( N ) > MBEDTLS_MPI_MAX_BITS ) - return ( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (mbedtls_mpi_bitlen(E) > MBEDTLS_MPI_MAX_BITS || + mbedtls_mpi_bitlen(N) > MBEDTLS_MPI_MAX_BITS) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } /* * Init temps and window size */ - mpi_montg_init( &mm, N ); - mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &T ); - mbedtls_mpi_init( &Apos ); - mbedtls_mpi_init( &WW ); - memset( W, 0, sizeof( W ) ); + mpi_montg_init(&mm, N); + mbedtls_mpi_init(&RR); mbedtls_mpi_init(&T); + mbedtls_mpi_init(&Apos); + mbedtls_mpi_init(&WW); + memset(W, 0, sizeof(W)); - i = mbedtls_mpi_bitlen( E ); + i = mbedtls_mpi_bitlen(E); - window_bitsize = ( i > 671 ) ? 6 : ( i > 239 ) ? 5 : - ( i > 79 ) ? 4 : ( i > 23 ) ? 3 : 1; + window_bitsize = (i > 671) ? 6 : (i > 239) ? 5 : + (i > 79) ? 4 : (i > 23) ? 3 : 1; -#if( MBEDTLS_MPI_WINDOW_SIZE < 6 ) - if( window_bitsize > MBEDTLS_MPI_WINDOW_SIZE ) +#if (MBEDTLS_MPI_WINDOW_SIZE < 6) + if (window_bitsize > MBEDTLS_MPI_WINDOW_SIZE) { window_bitsize = MBEDTLS_MPI_WINDOW_SIZE; + } #endif const size_t w_table_used_size = (size_t) 1 << window_bitsize; @@ -2081,8 +2140,8 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, * calculation from this point on. */ const size_t x_index = 0; - mbedtls_mpi_init( &W[x_index] ); - mbedtls_mpi_copy( &W[x_index], X ); + mbedtls_mpi_init(&W[x_index]); + mbedtls_mpi_copy(&W[x_index], X); j = N->n + 1; /* All W[i] and X must have at least N->n limbs for the mpi_montmul() @@ -2090,17 +2149,16 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, * large enough, and later we'll grow other W[i] to the same length. * They must not be shrunk midway through this function! */ - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[x_index], j ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], j ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T, j * 2 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[x_index], j)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[1], j)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&T, j * 2)); /* * Compensate for negative A (and correct at the end) */ - neg = ( A->s == -1 ); - if( neg ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Apos, A ) ); + neg = (A->s == -1); + if (neg) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&Apos, A)); Apos.s = 1; A = &Apos; } @@ -2108,45 +2166,43 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, /* * If 1st call, pre-compute R^2 mod N */ - if( prec_RR == NULL || prec_RR->p == NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &RR, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &RR, N->n * 2 * biL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &RR, &RR, N ) ); + if (prec_RR == NULL || prec_RR->p == NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&RR, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&RR, N->n * 2 * biL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&RR, &RR, N)); - if( prec_RR != NULL ) - memcpy( prec_RR, &RR, sizeof( mbedtls_mpi ) ); + if (prec_RR != NULL) { + memcpy(prec_RR, &RR, sizeof(mbedtls_mpi)); + } + } else { + memcpy(&RR, prec_RR, sizeof(mbedtls_mpi)); } - else - memcpy( &RR, prec_RR, sizeof( mbedtls_mpi ) ); /* * W[1] = A * R^2 * R^-1 mod N = A * R mod N */ - if( mbedtls_mpi_cmp_mpi( A, N ) >= 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &W[1], A, N ) ); + if (mbedtls_mpi_cmp_mpi(A, N) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&W[1], A, N)); /* This should be a no-op because W[1] is already that large before * mbedtls_mpi_mod_mpi(), but it's necessary to avoid an overflow * in mpi_montmul() below, so let's make sure. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], N->n + 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[1], N->n + 1)); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[1], A)); } - else - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[1], A ) ); /* Note that this is safe because W[1] always has at least N->n limbs * (it grew above and was preserved by mbedtls_mpi_copy()). */ - mpi_montmul( &W[1], &RR, N, mm, &T ); + mpi_montmul(&W[1], &RR, N, mm, &T); /* * W[x_index] = R^2 * R^-1 mod N = R mod N */ - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[x_index], &RR ) ); - mpi_montred( &W[x_index], N, mm, &T ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[x_index], &RR)); + mpi_montred(&W[x_index], N, mm, &T); - if( window_bitsize > 1 ) - { + if (window_bitsize > 1) { /* * W[i] = W[1] ^ i * @@ -2159,21 +2215,21 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, */ j = w_table_used_size / 2; - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[j], N->n + 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[j], &W[1] ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[j], N->n + 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[j], &W[1])); - for( i = 0; i < window_bitsize - 1; i++ ) - mpi_montmul( &W[j], &W[j], N, mm, &T ); + for (i = 0; i < window_bitsize - 1; i++) { + mpi_montmul(&W[j], &W[j], N, mm, &T); + } /* * W[i] = W[i - 1] * W[1] */ - for( i = j + 1; i < w_table_used_size; i++ ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[i], N->n + 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[i], &W[i - 1] ) ); + for (i = j + 1; i < w_table_used_size; i++) { + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[i], N->n + 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[i], &W[i - 1])); - mpi_montmul( &W[i], &W[1], N, mm, &T ); + mpi_montmul(&W[i], &W[1], N, mm, &T); } } @@ -2183,16 +2239,15 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, size_t exponent_bits_in_window = 0; state = 0; - while( 1 ) - { - if( bufsize == 0 ) - { - if( nblimbs == 0 ) + while (1) { + if (bufsize == 0) { + if (nblimbs == 0) { break; + } nblimbs--; - bufsize = sizeof( mbedtls_mpi_uint ) << 3; + bufsize = sizeof(mbedtls_mpi_uint) << 3; } bufsize--; @@ -2202,16 +2257,16 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, /* * skip leading 0s */ - if( ei == 0 && state == 0 ) + if (ei == 0 && state == 0) { continue; + } - if( ei == 0 && state == 1 ) - { + if (ei == 0 && state == 1) { /* * out of window, square W[x_index] */ - MBEDTLS_MPI_CHK( mpi_select( &WW, W, w_table_used_size, x_index ) ); - mpi_montmul( &W[x_index], &WW, N, mm, &T ); + MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, x_index)); + mpi_montmul(&W[x_index], &WW, N, mm, &T); continue; } @@ -2221,26 +2276,24 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, state = 2; nbits++; - exponent_bits_in_window |= ( ei << ( window_bitsize - nbits ) ); + exponent_bits_in_window |= (ei << (window_bitsize - nbits)); - if( nbits == window_bitsize ) - { + if (nbits == window_bitsize) { /* * W[x_index] = W[x_index]^window_bitsize R^-1 mod N */ - for( i = 0; i < window_bitsize; i++ ) - { - MBEDTLS_MPI_CHK( mpi_select( &WW, W, w_table_used_size, - x_index ) ); - mpi_montmul( &W[x_index], &WW, N, mm, &T ); + for (i = 0; i < window_bitsize; i++) { + MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, + x_index)); + mpi_montmul(&W[x_index], &WW, N, mm, &T); } /* * W[x_index] = W[x_index] * W[exponent_bits_in_window] R^-1 mod N */ - MBEDTLS_MPI_CHK( mpi_select( &WW, W, w_table_used_size, - exponent_bits_in_window ) ); - mpi_montmul( &W[x_index], &WW, N, mm, &T ); + MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, + exponent_bits_in_window)); + mpi_montmul(&W[x_index], &WW, N, mm, &T); state--; nbits = 0; @@ -2251,88 +2304,87 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, /* * process the remaining bits */ - for( i = 0; i < nbits; i++ ) - { - MBEDTLS_MPI_CHK( mpi_select( &WW, W, w_table_used_size, x_index ) ); - mpi_montmul( &W[x_index], &WW, N, mm, &T ); + for (i = 0; i < nbits; i++) { + MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, x_index)); + mpi_montmul(&W[x_index], &WW, N, mm, &T); exponent_bits_in_window <<= 1; - if( ( exponent_bits_in_window & ( (size_t) 1 << window_bitsize ) ) != 0 ) - { - MBEDTLS_MPI_CHK( mpi_select( &WW, W, w_table_used_size, 1 ) ); - mpi_montmul( &W[x_index], &WW, N, mm, &T ); + if ((exponent_bits_in_window & ((size_t) 1 << window_bitsize)) != 0) { + MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, 1)); + mpi_montmul(&W[x_index], &WW, N, mm, &T); } } /* * W[x_index] = A^E * R * R^-1 mod N = A^E mod N */ - mpi_montred( &W[x_index], N, mm, &T ); + mpi_montred(&W[x_index], N, mm, &T); - if( neg && E->n != 0 && ( E->p[0] & 1 ) != 0 ) - { + if (neg && E->n != 0 && (E->p[0] & 1) != 0) { W[x_index].s = -1; - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &W[x_index], N, &W[x_index] ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&W[x_index], N, &W[x_index])); } /* * Load the result in the output variable. */ - mbedtls_mpi_copy( X, &W[x_index] ); + mbedtls_mpi_copy(X, &W[x_index]); cleanup: /* The first bit of the sliding window is always 1 and therefore the first * half of the table was unused. */ - for( i = w_table_used_size/2; i < w_table_used_size; i++ ) - mbedtls_mpi_free( &W[i] ); + for (i = w_table_used_size/2; i < w_table_used_size; i++) { + mbedtls_mpi_free(&W[i]); + } - mbedtls_mpi_free( &W[x_index] ); - mbedtls_mpi_free( &W[1] ); - mbedtls_mpi_free( &T ); - mbedtls_mpi_free( &Apos ); - mbedtls_mpi_free( &WW ); + mbedtls_mpi_free(&W[x_index]); + mbedtls_mpi_free(&W[1]); + mbedtls_mpi_free(&T); + mbedtls_mpi_free(&Apos); + mbedtls_mpi_free(&WW); - if( prec_RR == NULL || prec_RR->p == NULL ) - mbedtls_mpi_free( &RR ); + if (prec_RR == NULL || prec_RR->p == NULL) { + mbedtls_mpi_free(&RR); + } - return( ret ); + return ret; } /* * Greatest common divisor: G = gcd(A, B) (HAC 14.54) */ -int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t lz, lzt; mbedtls_mpi TA, TB; - MPI_VALIDATE_RET( G != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(G != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); - mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB ); + mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TB); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TA, A)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TB, B)); - lz = mbedtls_mpi_lsb( &TA ); - lzt = mbedtls_mpi_lsb( &TB ); + lz = mbedtls_mpi_lsb(&TA); + lzt = mbedtls_mpi_lsb(&TB); /* The loop below gives the correct result when A==0 but not when B==0. * So have a special case for B==0. Leverage the fact that we just * calculated the lsb and lsb(B)==0 iff B is odd or 0 to make the test * slightly more efficient than cmp_int(). */ - if( lzt == 0 && mbedtls_mpi_get_bit( &TB, 0 ) == 0 ) - { - ret = mbedtls_mpi_copy( G, A ); + if (lzt == 0 && mbedtls_mpi_get_bit(&TB, 0) == 0) { + ret = mbedtls_mpi_copy(G, A); goto cleanup; } - if( lzt < lz ) + if (lzt < lz) { lz = lzt; + } TA.s = TB.s = 1; @@ -2369,11 +2421,10 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B * TA becomes 0 which ends the loop (TB cannot be 0 if it is right-shifted * since in that case TB is calculated from TB-TA with the condition TB>TA). */ - while( mbedtls_mpi_cmp_int( &TA, 0 ) != 0 ) - { + while (mbedtls_mpi_cmp_int(&TA, 0) != 0) { /* Divisions by 2 preserve the invariant (I). */ - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, mbedtls_mpi_lsb( &TA ) ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, mbedtls_mpi_lsb( &TB ) ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TA, mbedtls_mpi_lsb(&TA))); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TB, mbedtls_mpi_lsb(&TB))); /* Set either TA or TB to |TA-TB|/2. Since TA and TB are both odd, * TA-TB is even so the division by 2 has an integer result. @@ -2382,15 +2433,12 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B * also divides TB, and any odd divisor of both TB and |TA-TB|/2 also * divides TA. */ - if( mbedtls_mpi_cmp_mpi( &TA, &TB ) >= 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TA, &TA, &TB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, 1 ) ); - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TB, &TB, &TA ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, 1 ) ); + if (mbedtls_mpi_cmp_mpi(&TA, &TB) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(&TA, &TA, &TB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TA, 1)); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(&TB, &TB, &TA)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TB, 1)); } /* Note that one of TA or TB is still odd. */ } @@ -2404,14 +2452,14 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B * In this case, lz = 0 and B = TB so gcd(A,B) = B = 2^lz * TB as well. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &TB, lz ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( G, &TB ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&TB, lz)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(G, &TB)); cleanup: - mbedtls_mpi_free( &TA ); mbedtls_mpi_free( &TB ); + mbedtls_mpi_free(&TA); mbedtls_mpi_free(&TB); - return( ret ); + return ret; } /* Fill X with n_bytes random bytes. @@ -2423,22 +2471,23 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B */ static int mpi_fill_random_internal( mbedtls_mpi *X, size_t n_bytes, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - const size_t limbs = CHARS_TO_LIMBS( n_bytes ); - const size_t overhead = ( limbs * ciL ) - n_bytes; + const size_t limbs = CHARS_TO_LIMBS(n_bytes); + const size_t overhead = (limbs * ciL) - n_bytes; - if( X->n < limbs ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (X->n < limbs) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - memset( X->p, 0, overhead ); - memset( (unsigned char *) X->p + limbs * ciL, 0, ( X->n - limbs ) * ciL ); - MBEDTLS_MPI_CHK( f_rng( p_rng, (unsigned char *) X->p + overhead, n_bytes ) ); - mpi_bigendian_to_host( X->p, limbs ); + memset(X->p, 0, overhead); + memset((unsigned char *) X->p + limbs * ciL, 0, (X->n - limbs) * ciL); + MBEDTLS_MPI_CHK(f_rng(p_rng, (unsigned char *) X->p + overhead, n_bytes)); + mpi_bigendian_to_host(X->p, limbs); cleanup: - return( ret ); + return ret; } /* @@ -2448,44 +2497,47 @@ static int mpi_fill_random_internal( * regardless of the platform endianness (useful when f_rng is actually * deterministic, eg for tests). */ -int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t const limbs = CHARS_TO_LIMBS( size ); + size_t const limbs = CHARS_TO_LIMBS(size); - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( f_rng != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(f_rng != NULL); /* Ensure that target MPI has exactly the necessary number of limbs */ - MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, limbs ) ); - if( size == 0 ) - return( 0 ); + MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, limbs)); + if (size == 0) { + return 0; + } - ret = mpi_fill_random_internal( X, size, f_rng, p_rng ); + ret = mpi_fill_random_internal(X, size, f_rng, p_rng); cleanup: - return( ret ); + return ret; } -int mbedtls_mpi_random( mbedtls_mpi *X, - mbedtls_mpi_sint min, - const mbedtls_mpi *N, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_mpi_random(mbedtls_mpi *X, + mbedtls_mpi_sint min, + const mbedtls_mpi *N, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; int count; unsigned lt_lower = 1, lt_upper = 0; - size_t n_bits = mbedtls_mpi_bitlen( N ); - size_t n_bytes = ( n_bits + 7 ) / 8; + size_t n_bits = mbedtls_mpi_bitlen(N); + size_t n_bytes = (n_bits + 7) / 8; mbedtls_mpi lower_bound; - if( min < 0 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - if( mbedtls_mpi_cmp_int( N, min ) <= 0 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (min < 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } + if (mbedtls_mpi_cmp_int(N, min) <= 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } /* * When min == 0, each try has at worst a probability 1/2 of failing @@ -2504,16 +2556,16 @@ int mbedtls_mpi_random( mbedtls_mpi *X, * is small, use a higher repeat count, otherwise the probability of * failure is macroscopic. */ - count = ( n_bytes > 4 ? 30 : 250 ); + count = (n_bytes > 4 ? 30 : 250); - mbedtls_mpi_init( &lower_bound ); + mbedtls_mpi_init(&lower_bound); /* Ensure that target MPI has exactly the same number of limbs * as the upper bound, even if the upper bound has leading zeros. * This is necessary for the mbedtls_mpi_lt_mpi_ct() check. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, N->n ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &lower_bound, N->n ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &lower_bound, min ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, N->n)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&lower_bound, N->n)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&lower_bound, min)); /* * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA) @@ -2523,150 +2575,140 @@ int mbedtls_mpi_random( mbedtls_mpi *X, * - try until result is in the desired range. * This also avoids any bias, which is especially important for ECDSA. */ - do - { - MBEDTLS_MPI_CHK( mpi_fill_random_internal( X, n_bytes, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, 8 * n_bytes - n_bits ) ); + do { + MBEDTLS_MPI_CHK(mpi_fill_random_internal(X, n_bytes, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(X, 8 * n_bytes - n_bits)); - if( --count == 0 ) - { + if (--count == 0) { ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_lt_mpi_ct( X, &lower_bound, <_lower ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lt_mpi_ct( X, N, <_upper ) ); - } - while( lt_lower != 0 || lt_upper == 0 ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lt_mpi_ct(X, &lower_bound, <_lower)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lt_mpi_ct(X, N, <_upper)); + } while (lt_lower != 0 || lt_upper == 0); cleanup: - mbedtls_mpi_free( &lower_bound ); - return( ret ); + mbedtls_mpi_free(&lower_bound); + return ret; } /* * Modular inverse: X = A^-1 mod N (HAC 14.61 / 14.64) */ -int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N ) +int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi G, TA, TU, U1, U2, TB, TV, V1, V2; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( N != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(N != NULL); - if( mbedtls_mpi_cmp_int( N, 1 ) <= 0 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (mbedtls_mpi_cmp_int(N, 1) <= 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TU ); mbedtls_mpi_init( &U1 ); mbedtls_mpi_init( &U2 ); - mbedtls_mpi_init( &G ); mbedtls_mpi_init( &TB ); mbedtls_mpi_init( &TV ); - mbedtls_mpi_init( &V1 ); mbedtls_mpi_init( &V2 ); + mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TU); mbedtls_mpi_init(&U1); mbedtls_mpi_init(&U2); + mbedtls_mpi_init(&G); mbedtls_mpi_init(&TB); mbedtls_mpi_init(&TV); + mbedtls_mpi_init(&V1); mbedtls_mpi_init(&V2); - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, A, N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(&G, A, N)); - if( mbedtls_mpi_cmp_int( &G, 1 ) != 0 ) - { + if (mbedtls_mpi_cmp_int(&G, 1) != 0) { ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &TA, A, N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TU, &TA ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TV, N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&TA, A, N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TU, &TA)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TB, N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TV, N)); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U1, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U2, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V1, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V2, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&U1, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&U2, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&V1, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&V2, 1)); - do - { - while( ( TU.p[0] & 1 ) == 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TU, 1 ) ); + do { + while ((TU.p[0] & 1) == 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TU, 1)); - if( ( U1.p[0] & 1 ) != 0 || ( U2.p[0] & 1 ) != 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &U1, &U1, &TB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &TA ) ); + if ((U1.p[0] & 1) != 0 || (U2.p[0] & 1) != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&U1, &U1, &TB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&U2, &U2, &TA)); } - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &U1, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &U2, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&U1, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&U2, 1)); } - while( ( TV.p[0] & 1 ) == 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TV, 1 ) ); + while ((TV.p[0] & 1) == 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TV, 1)); - if( ( V1.p[0] & 1 ) != 0 || ( V2.p[0] & 1 ) != 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &V1, &V1, &TB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &TA ) ); + if ((V1.p[0] & 1) != 0 || (V2.p[0] & 1) != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&V1, &V1, &TB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&V2, &V2, &TA)); } - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &V1, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &V2, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&V1, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&V2, 1)); } - if( mbedtls_mpi_cmp_mpi( &TU, &TV ) >= 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TU, &TU, &TV ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U1, &U1, &V1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &V2 ) ); - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TV, &TV, &TU ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, &U1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &U2 ) ); + if (mbedtls_mpi_cmp_mpi(&TU, &TV) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&TU, &TU, &TV)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&U1, &U1, &V1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&U2, &U2, &V2)); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&TV, &TV, &TU)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&V1, &V1, &U1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&V2, &V2, &U2)); } - } - while( mbedtls_mpi_cmp_int( &TU, 0 ) != 0 ); + } while (mbedtls_mpi_cmp_int(&TU, 0) != 0); - while( mbedtls_mpi_cmp_int( &V1, 0 ) < 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &V1, &V1, N ) ); + while (mbedtls_mpi_cmp_int(&V1, 0) < 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&V1, &V1, N)); + } - while( mbedtls_mpi_cmp_mpi( &V1, N ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, N ) ); + while (mbedtls_mpi_cmp_mpi(&V1, N) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&V1, &V1, N)); + } - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &V1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, &V1)); cleanup: - mbedtls_mpi_free( &TA ); mbedtls_mpi_free( &TU ); mbedtls_mpi_free( &U1 ); mbedtls_mpi_free( &U2 ); - mbedtls_mpi_free( &G ); mbedtls_mpi_free( &TB ); mbedtls_mpi_free( &TV ); - mbedtls_mpi_free( &V1 ); mbedtls_mpi_free( &V2 ); + mbedtls_mpi_free(&TA); mbedtls_mpi_free(&TU); mbedtls_mpi_free(&U1); mbedtls_mpi_free(&U2); + mbedtls_mpi_free(&G); mbedtls_mpi_free(&TB); mbedtls_mpi_free(&TV); + mbedtls_mpi_free(&V1); mbedtls_mpi_free(&V2); - return( ret ); + return ret; } #if defined(MBEDTLS_GENPRIME) static const int small_prime[] = { - 3, 5, 7, 11, 13, 17, 19, 23, - 29, 31, 37, 41, 43, 47, 53, 59, - 61, 67, 71, 73, 79, 83, 89, 97, - 101, 103, 107, 109, 113, 127, 131, 137, - 139, 149, 151, 157, 163, 167, 173, 179, - 181, 191, 193, 197, 199, 211, 223, 227, - 229, 233, 239, 241, 251, 257, 263, 269, - 271, 277, 281, 283, 293, 307, 311, 313, - 317, 331, 337, 347, 349, 353, 359, 367, - 373, 379, 383, 389, 397, 401, 409, 419, - 421, 431, 433, 439, 443, 449, 457, 461, - 463, 467, 479, 487, 491, 499, 503, 509, - 521, 523, 541, 547, 557, 563, 569, 571, - 577, 587, 593, 599, 601, 607, 613, 617, - 619, 631, 641, 643, 647, 653, 659, 661, - 673, 677, 683, 691, 701, 709, 719, 727, - 733, 739, 743, 751, 757, 761, 769, 773, - 787, 797, 809, 811, 821, 823, 827, 829, - 839, 853, 857, 859, 863, 877, 881, 883, - 887, 907, 911, 919, 929, 937, 941, 947, - 953, 967, 971, 977, 983, 991, 997, -103 + 3, 5, 7, 11, 13, 17, 19, 23, + 29, 31, 37, 41, 43, 47, 53, 59, + 61, 67, 71, 73, 79, 83, 89, 97, + 101, 103, 107, 109, 113, 127, 131, 137, + 139, 149, 151, 157, 163, 167, 173, 179, + 181, 191, 193, 197, 199, 211, 223, 227, + 229, 233, 239, 241, 251, 257, 263, 269, + 271, 277, 281, 283, 293, 307, 311, 313, + 317, 331, 337, 347, 349, 353, 359, 367, + 373, 379, 383, 389, 397, 401, 409, 419, + 421, 431, 433, 439, 443, 449, 457, 461, + 463, 467, 479, 487, 491, 499, 503, 509, + 521, 523, 541, 547, 557, 563, 569, 571, + 577, 587, 593, 599, 601, 607, 613, 617, + 619, 631, 641, 643, 647, 653, 659, 661, + 673, 677, 683, 691, 701, 709, 719, 727, + 733, 739, 743, 751, 757, 761, 769, 773, + 787, 797, 809, 811, 821, 823, 827, 829, + 839, 853, 857, 859, 863, 877, 881, 883, + 887, 907, 911, 919, 929, 937, 941, 947, + 953, 967, 971, 977, 983, 991, 997, -103 }; /* @@ -2678,70 +2720,71 @@ static const int small_prime[] = * MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: certain non-prime * other negative: error */ -static int mpi_check_small_factors( const mbedtls_mpi *X ) +static int mpi_check_small_factors(const mbedtls_mpi *X) { int ret = 0; size_t i; mbedtls_mpi_uint r; - if( ( X->p[0] & 1 ) == 0 ) - return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); + if ((X->p[0] & 1) == 0) { + return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; + } - for( i = 0; small_prime[i] > 0; i++ ) - { - if( mbedtls_mpi_cmp_int( X, small_prime[i] ) <= 0 ) - return( 1 ); + for (i = 0; small_prime[i] > 0; i++) { + if (mbedtls_mpi_cmp_int(X, small_prime[i]) <= 0) { + return 1; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, small_prime[i] ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, small_prime[i])); - if( r == 0 ) - return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); + if (r == 0) { + return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; + } } cleanup: - return( ret ); + return ret; } /* * Miller-Rabin pseudo-primality test (HAC 4.24) */ -static int mpi_miller_rabin( const mbedtls_mpi *X, size_t rounds, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int mpi_miller_rabin(const mbedtls_mpi *X, size_t rounds, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret, count; size_t i, j, k, s; mbedtls_mpi W, R, T, A, RR; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( f_rng != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(f_rng != NULL); - mbedtls_mpi_init( &W ); mbedtls_mpi_init( &R ); - mbedtls_mpi_init( &T ); mbedtls_mpi_init( &A ); - mbedtls_mpi_init( &RR ); + mbedtls_mpi_init(&W); mbedtls_mpi_init(&R); + mbedtls_mpi_init(&T); mbedtls_mpi_init(&A); + mbedtls_mpi_init(&RR); /* * W = |X| - 1 * R = W >> lsb( W ) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &W, X, 1 ) ); - s = mbedtls_mpi_lsb( &W ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R, &W ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &R, s ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&W, X, 1)); + s = mbedtls_mpi_lsb(&W); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R, &W)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&R, s)); - for( i = 0; i < rounds; i++ ) - { + for (i = 0; i < rounds; i++) { /* * pick a random A, 1 < A < |X| - 1 */ count = 0; do { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &A, X->n * ciL, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&A, X->n * ciL, f_rng, p_rng)); - j = mbedtls_mpi_bitlen( &A ); - k = mbedtls_mpi_bitlen( &W ); + j = mbedtls_mpi_bitlen(&A); + k = mbedtls_mpi_bitlen(&W); if (j > k) { - A.p[A.n - 1] &= ( (mbedtls_mpi_uint) 1 << ( k - ( A.n - 1 ) * biL - 1 ) ) - 1; + A.p[A.n - 1] &= ((mbedtls_mpi_uint) 1 << (k - (A.n - 1) * biL - 1)) - 1; } if (count++ > 30) { @@ -2749,29 +2792,30 @@ static int mpi_miller_rabin( const mbedtls_mpi *X, size_t rounds, goto cleanup; } - } while ( mbedtls_mpi_cmp_mpi( &A, &W ) >= 0 || - mbedtls_mpi_cmp_int( &A, 1 ) <= 0 ); + } while (mbedtls_mpi_cmp_mpi(&A, &W) >= 0 || + mbedtls_mpi_cmp_int(&A, 1) <= 0); /* * A = A^R mod |X| */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &A, &A, &R, X, &RR ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&A, &A, &R, X, &RR)); - if( mbedtls_mpi_cmp_mpi( &A, &W ) == 0 || - mbedtls_mpi_cmp_int( &A, 1 ) == 0 ) + if (mbedtls_mpi_cmp_mpi(&A, &W) == 0 || + mbedtls_mpi_cmp_int(&A, 1) == 0) { continue; + } j = 1; - while( j < s && mbedtls_mpi_cmp_mpi( &A, &W ) != 0 ) - { + while (j < s && mbedtls_mpi_cmp_mpi(&A, &W) != 0) { /* * A = A * A mod |X| */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &A, &A ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &A, &T, X ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, &A, &A)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&A, &T, X)); - if( mbedtls_mpi_cmp_int( &A, 1 ) == 0 ) + if (mbedtls_mpi_cmp_int(&A, 1) == 0) { break; + } j++; } @@ -2779,73 +2823,74 @@ static int mpi_miller_rabin( const mbedtls_mpi *X, size_t rounds, /* * not prime if A != |X| - 1 or A == 1 */ - if( mbedtls_mpi_cmp_mpi( &A, &W ) != 0 || - mbedtls_mpi_cmp_int( &A, 1 ) == 0 ) - { + if (mbedtls_mpi_cmp_mpi(&A, &W) != 0 || + mbedtls_mpi_cmp_int(&A, 1) == 0) { ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; break; } } cleanup: - mbedtls_mpi_free( &W ); mbedtls_mpi_free( &R ); - mbedtls_mpi_free( &T ); mbedtls_mpi_free( &A ); - mbedtls_mpi_free( &RR ); + mbedtls_mpi_free(&W); mbedtls_mpi_free(&R); + mbedtls_mpi_free(&T); mbedtls_mpi_free(&A); + mbedtls_mpi_free(&RR); - return( ret ); + return ret; } /* * Pseudo-primality test: small factors, then Miller-Rabin */ -int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi XX; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( f_rng != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(f_rng != NULL); XX.s = 1; XX.n = X->n; XX.p = X->p; - if( mbedtls_mpi_cmp_int( &XX, 0 ) == 0 || - mbedtls_mpi_cmp_int( &XX, 1 ) == 0 ) - return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); + if (mbedtls_mpi_cmp_int(&XX, 0) == 0 || + mbedtls_mpi_cmp_int(&XX, 1) == 0) { + return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; + } - if( mbedtls_mpi_cmp_int( &XX, 2 ) == 0 ) - return( 0 ); + if (mbedtls_mpi_cmp_int(&XX, 2) == 0) { + return 0; + } - if( ( ret = mpi_check_small_factors( &XX ) ) != 0 ) - { - if( ret == 1 ) - return( 0 ); + if ((ret = mpi_check_small_factors(&XX)) != 0) { + if (ret == 1) { + return 0; + } - return( ret ); + return ret; } - return( mpi_miller_rabin( &XX, rounds, f_rng, p_rng ) ); + return mpi_miller_rabin(&XX, rounds, f_rng, p_rng); } #if !defined(MBEDTLS_DEPRECATED_REMOVED) /* * Pseudo-primality test, error probability 2^-80 */ -int mbedtls_mpi_is_prime( const mbedtls_mpi *X, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_mpi_is_prime(const mbedtls_mpi *X, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( f_rng != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(f_rng != NULL); /* * In the past our key generation aimed for an error rate of at most * 2^-80. Since this function is deprecated, aim for the same certainty * here as well. */ - return( mbedtls_mpi_is_prime_ext( X, 40, f_rng, p_rng ) ); + return mbedtls_mpi_is_prime_ext(X, 40, f_rng, p_rng); } #endif @@ -2856,9 +2901,9 @@ int mbedtls_mpi_is_prime( const mbedtls_mpi *X, * be either 1024 bits or 1536 bits long, and flags must contain * MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR. */ -int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { #ifdef MBEDTLS_HAVE_INT64 // ceil(2^63.5) @@ -2873,56 +2918,55 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, mbedtls_mpi_uint r; mbedtls_mpi Y; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( f_rng != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(f_rng != NULL); - if( nbits < 3 || nbits > MBEDTLS_MPI_MAX_BITS ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (nbits < 3 || nbits > MBEDTLS_MPI_MAX_BITS) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - mbedtls_mpi_init( &Y ); + mbedtls_mpi_init(&Y); - n = BITS_TO_LIMBS( nbits ); + n = BITS_TO_LIMBS(nbits); - if( ( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR ) == 0 ) - { + if ((flags & MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR) == 0) { /* * 2^-80 error probability, number of rounds chosen per HAC, table 4.4 */ - rounds = ( ( nbits >= 1300 ) ? 2 : ( nbits >= 850 ) ? 3 : - ( nbits >= 650 ) ? 4 : ( nbits >= 350 ) ? 8 : - ( nbits >= 250 ) ? 12 : ( nbits >= 150 ) ? 18 : 27 ); - } - else - { + rounds = ((nbits >= 1300) ? 2 : (nbits >= 850) ? 3 : + (nbits >= 650) ? 4 : (nbits >= 350) ? 8 : + (nbits >= 250) ? 12 : (nbits >= 150) ? 18 : 27); + } else { /* * 2^-100 error probability, number of rounds computed based on HAC, * fact 4.48 */ - rounds = ( ( nbits >= 1450 ) ? 4 : ( nbits >= 1150 ) ? 5 : - ( nbits >= 1000 ) ? 6 : ( nbits >= 850 ) ? 7 : - ( nbits >= 750 ) ? 8 : ( nbits >= 500 ) ? 13 : - ( nbits >= 250 ) ? 28 : ( nbits >= 150 ) ? 40 : 51 ); + rounds = ((nbits >= 1450) ? 4 : (nbits >= 1150) ? 5 : + (nbits >= 1000) ? 6 : (nbits >= 850) ? 7 : + (nbits >= 750) ? 8 : (nbits >= 500) ? 13 : + (nbits >= 250) ? 28 : (nbits >= 150) ? 40 : 51); } - while( 1 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( X, n * ciL, f_rng, p_rng ) ); + while (1) { + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(X, n * ciL, f_rng, p_rng)); /* make sure generated number is at least (nbits-1)+0.5 bits (FIPS 186-4 §B.3.3 steps 4.4, 5.5) */ - if( X->p[n-1] < CEIL_MAXUINT_DIV_SQRT2 ) continue; + if (X->p[n-1] < CEIL_MAXUINT_DIV_SQRT2) { + continue; + } k = n * biL; - if( k > nbits ) MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, k - nbits ) ); + if (k > nbits) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(X, k - nbits)); + } X->p[0] |= 1; - if( ( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH ) == 0 ) - { - ret = mbedtls_mpi_is_prime_ext( X, rounds, f_rng, p_rng ); + if ((flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH) == 0) { + ret = mbedtls_mpi_is_prime_ext(X, rounds, f_rng, p_rng); - if( ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + if (ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) { goto cleanup; - } - else - { + } + } else { /* * A necessary condition for Y and X = 2Y + 1 to be prime * is X = 2 mod 3 (which is equivalent to Y = 2 mod 3). @@ -2931,49 +2975,51 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, X->p[0] |= 2; - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, 3 ) ); - if( r == 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 8 ) ); - else if( r == 1 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 4 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, 3)); + if (r == 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(X, X, 8)); + } else if (r == 1) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(X, X, 4)); + } /* Set Y = (X-1) / 2, which is X / 2 because X is odd */ - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Y, X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Y, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&Y, X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&Y, 1)); - while( 1 ) - { + while (1) { /* * First, check small factors for X and Y * before doing Miller-Rabin on any of them */ - if( ( ret = mpi_check_small_factors( X ) ) == 0 && - ( ret = mpi_check_small_factors( &Y ) ) == 0 && - ( ret = mpi_miller_rabin( X, rounds, f_rng, p_rng ) ) - == 0 && - ( ret = mpi_miller_rabin( &Y, rounds, f_rng, p_rng ) ) - == 0 ) + if ((ret = mpi_check_small_factors(X)) == 0 && + (ret = mpi_check_small_factors(&Y)) == 0 && + (ret = mpi_miller_rabin(X, rounds, f_rng, p_rng)) + == 0 && + (ret = mpi_miller_rabin(&Y, rounds, f_rng, p_rng)) + == 0) { goto cleanup; + } - if( ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + if (ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) { goto cleanup; + } /* * Next candidates. We want to preserve Y = (X-1) / 2 and * Y = 1 mod 2 and Y = 2 mod 3 (eq X = 3 mod 4 and X = 2 mod 3) * so up Y by 6 and X by 12. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 12 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &Y, &Y, 6 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(X, X, 12)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&Y, &Y, 6)); } } } cleanup: - mbedtls_mpi_free( &Y ); + mbedtls_mpi_free(&Y); - return( ret ); + return ret; } #endif /* MBEDTLS_GENPRIME */ @@ -2992,162 +3038,173 @@ static const int gcd_pairs[GCD_PAIR_COUNT][3] = /* * Checkup routine */ -int mbedtls_mpi_self_test( int verbose ) +int mbedtls_mpi_self_test(int verbose) { int ret, i; mbedtls_mpi A, E, N, X, Y, U, V; - mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &X ); - mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &U ); mbedtls_mpi_init( &V ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &A, 16, - "EFE021C2645FD1DC586E69184AF4A31E" \ - "D5F53E93B5F123FA41680867BA110131" \ - "944FE7952E2517337780CB0DB80E61AA" \ - "E7C8DDC6C5C6AADEB34EB38A2F40D5E6" ) ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &E, 16, - "B2E7EFD37075B9F03FF989C7C5051C20" \ - "34D2A323810251127E7BF8625A4F49A5" \ - "F3E27F4DA8BD59C47D6DAABA4C8127BD" \ - "5B5C25763222FEFCCFC38B832366C29E" ) ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &N, 16, - "0066A198186C18C10B2F5ED9B522752A" \ - "9830B69916E535C8F047518A889A43A5" \ - "94B6BED27A168D31D4A52F88925AA8F5" ) ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &X, &A, &N ) ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16, - "602AB7ECA597A3D6B56FF9829A5E8B85" \ - "9E857EA95A03512E2BAE7391688D264A" \ - "A5663B0341DB9CCFD2C4C5F421FEC814" \ - "8001B72E848A38CAE1C65F78E56ABDEF" \ - "E12D3C039B8A02D6BE593F0BBBDA56F1" \ - "ECF677152EF804370C1A305CAF3B5BF1" \ - "30879B56C61DE584A0F53A2447A51E" ) ); - - if( verbose != 0 ) - mbedtls_printf( " MPI test #1 (mul_mpi): " ); - - if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + mbedtls_mpi_init(&A); mbedtls_mpi_init(&E); mbedtls_mpi_init(&N); mbedtls_mpi_init(&X); + mbedtls_mpi_init(&Y); mbedtls_mpi_init(&U); mbedtls_mpi_init(&V); + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&A, 16, + "EFE021C2645FD1DC586E69184AF4A31E" \ + "D5F53E93B5F123FA41680867BA110131" \ + "944FE7952E2517337780CB0DB80E61AA" \ + "E7C8DDC6C5C6AADEB34EB38A2F40D5E6")); + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&E, 16, + "B2E7EFD37075B9F03FF989C7C5051C20" \ + "34D2A323810251127E7BF8625A4F49A5" \ + "F3E27F4DA8BD59C47D6DAABA4C8127BD" \ + "5B5C25763222FEFCCFC38B832366C29E")); + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&N, 16, + "0066A198186C18C10B2F5ED9B522752A" \ + "9830B69916E535C8F047518A889A43A5" \ + "94B6BED27A168D31D4A52F88925AA8F5")); + + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&X, &A, &N)); + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&U, 16, + "602AB7ECA597A3D6B56FF9829A5E8B85" \ + "9E857EA95A03512E2BAE7391688D264A" \ + "A5663B0341DB9CCFD2C4C5F421FEC814" \ + "8001B72E848A38CAE1C65F78E56ABDEF" \ + "E12D3C039B8A02D6BE593F0BBBDA56F1" \ + "ECF677152EF804370C1A305CAF3B5BF1" \ + "30879B56C61DE584A0F53A2447A51E")); + + if (verbose != 0) { + mbedtls_printf(" MPI test #1 (mul_mpi): "); + } + + if (mbedtls_mpi_cmp_mpi(&X, &U) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &X, &Y, &A, &N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(&X, &Y, &A, &N)); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16, - "256567336059E52CAE22925474705F39A94" ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&U, 16, + "256567336059E52CAE22925474705F39A94")); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &V, 16, - "6613F26162223DF488E9CD48CC132C7A" \ - "0AC93C701B001B092E4E5B9F73BCD27B" \ - "9EE50D0657C77F374E903CDFA4C642" ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&V, 16, + "6613F26162223DF488E9CD48CC132C7A" \ + "0AC93C701B001B092E4E5B9F73BCD27B" \ + "9EE50D0657C77F374E903CDFA4C642")); - if( verbose != 0 ) - mbedtls_printf( " MPI test #2 (div_mpi): " ); + if (verbose != 0) { + mbedtls_printf(" MPI test #2 (div_mpi): "); + } - if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 || - mbedtls_mpi_cmp_mpi( &Y, &V ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_mpi_cmp_mpi(&X, &U) != 0 || + mbedtls_mpi_cmp_mpi(&Y, &V) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &X, &A, &E, &N, NULL ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&X, &A, &E, &N, NULL)); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16, - "36E139AEA55215609D2816998ED020BB" \ - "BD96C37890F65171D948E9BC7CBAA4D9" \ - "325D24D6A3C12710F10A09FA08AB87" ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&U, 16, + "36E139AEA55215609D2816998ED020BB" \ + "BD96C37890F65171D948E9BC7CBAA4D9" \ + "325D24D6A3C12710F10A09FA08AB87")); - if( verbose != 0 ) - mbedtls_printf( " MPI test #3 (exp_mod): " ); + if (verbose != 0) { + mbedtls_printf(" MPI test #3 (exp_mod): "); + } - if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_mpi_cmp_mpi(&X, &U) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &X, &A, &N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&X, &A, &N)); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16, - "003A0AAEDD7E784FC07D8F9EC6E3BFD5" \ - "C3DBA76456363A10869622EAC2DD84EC" \ - "C5B8A74DAC4D09E03B5E0BE779F2DF61" ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&U, 16, + "003A0AAEDD7E784FC07D8F9EC6E3BFD5" \ + "C3DBA76456363A10869622EAC2DD84EC" \ + "C5B8A74DAC4D09E03B5E0BE779F2DF61")); - if( verbose != 0 ) - mbedtls_printf( " MPI test #4 (inv_mod): " ); + if (verbose != 0) { + mbedtls_printf(" MPI test #4 (inv_mod): "); + } - if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_mpi_cmp_mpi(&X, &U) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( " MPI test #5 (simple gcd): " ); + if (verbose != 0) { + mbedtls_printf(" MPI test #5 (simple gcd): "); + } - for( i = 0; i < GCD_PAIR_COUNT; i++ ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &X, gcd_pairs[i][0] ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Y, gcd_pairs[i][1] ) ); + for (i = 0; i < GCD_PAIR_COUNT; i++) { + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&X, gcd_pairs[i][0])); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&Y, gcd_pairs[i][1])); - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &A, &X, &Y ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(&A, &X, &Y)); - if( mbedtls_mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed at %d\n", i ); + if (mbedtls_mpi_cmp_int(&A, gcd_pairs[i][2]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed at %d\n", i); + } ret = 1; goto cleanup; } } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } cleanup: - if( ret != 0 && verbose != 0 ) - mbedtls_printf( "Unexpected error, return code = %08X\n", (unsigned int) ret ); + if (ret != 0 && verbose != 0) { + mbedtls_printf("Unexpected error, return code = %08X\n", (unsigned int) ret); + } - mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N ); mbedtls_mpi_free( &X ); - mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &U ); mbedtls_mpi_free( &V ); + mbedtls_mpi_free(&A); mbedtls_mpi_free(&E); mbedtls_mpi_free(&N); mbedtls_mpi_free(&X); + mbedtls_mpi_free(&Y); mbedtls_mpi_free(&U); mbedtls_mpi_free(&V); - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/blowfish.c b/library/blowfish.c index 621e9f76cd7c..f56bb65bfd1e 100644 --- a/library/blowfish.c +++ b/library/blowfish.c @@ -35,42 +35,42 @@ #if !defined(MBEDTLS_BLOWFISH_ALT) /* Parameter validation macros */ -#define BLOWFISH_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ) -#define BLOWFISH_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define BLOWFISH_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA) +#define BLOWFISH_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = { - 0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L, - 0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L, - 0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL, - 0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L, - 0x9216D5D9L, 0x8979FB1BL + 0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L, + 0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L, + 0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL, + 0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L, + 0x9216D5D9L, 0x8979FB1BL }; /* declarations of data at the end of this file */ static const uint32_t S[4][256]; -static uint32_t F( mbedtls_blowfish_context *ctx, uint32_t x ) +static uint32_t F(mbedtls_blowfish_context *ctx, uint32_t x) { - unsigned short a, b, c, d; - uint32_t y; - - d = MBEDTLS_BYTE_0( x ); - x >>= 8; - c = MBEDTLS_BYTE_0( x ); - x >>= 8; - b = MBEDTLS_BYTE_0( x ); - x >>= 8; - a = MBEDTLS_BYTE_0( x ); - y = ctx->S[0][a] + ctx->S[1][b]; - y = y ^ ctx->S[2][c]; - y = y + ctx->S[3][d]; - - return( y ); + unsigned short a, b, c, d; + uint32_t y; + + d = MBEDTLS_BYTE_0(x); + x >>= 8; + c = MBEDTLS_BYTE_0(x); + x >>= 8; + b = MBEDTLS_BYTE_0(x); + x >>= 8; + a = MBEDTLS_BYTE_0(x); + y = ctx->S[0][a] + ctx->S[1][b]; + y = y ^ ctx->S[2][c]; + y = y + ctx->S[3][d]; + + return y; } -static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) +static void blowfish_enc(mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr) { uint32_t Xl, Xr, temp; short i; @@ -78,10 +78,9 @@ static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t Xl = *xl; Xr = *xr; - for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i ) - { + for (i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i) { Xl = Xl ^ ctx->P[i]; - Xr = F( ctx, Xl ) ^ Xr; + Xr = F(ctx, Xl) ^ Xr; temp = Xl; Xl = Xr; @@ -99,7 +98,7 @@ static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr = Xr; } -static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) +static void blowfish_dec(mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr) { uint32_t Xl, Xr, temp; short i; @@ -107,10 +106,9 @@ static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t Xl = *xl; Xr = *xr; - for( i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i ) - { + for (i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i) { Xl = Xl ^ ctx->P[i]; - Xr = F( ctx, Xl ) ^ Xr; + Xr = F(ctx, Xl) ^ Xr; temp = Xl; Xl = Xr; @@ -128,56 +126,55 @@ static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr = Xr; } -void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ) +void mbedtls_blowfish_init(mbedtls_blowfish_context *ctx) { - BLOWFISH_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_blowfish_context ) ); + BLOWFISH_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_blowfish_context)); } -void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ) +void mbedtls_blowfish_free(mbedtls_blowfish_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_blowfish_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_blowfish_context)); } /* * Blowfish key schedule */ -int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, - const unsigned char *key, - unsigned int keybits ) +int mbedtls_blowfish_setkey(mbedtls_blowfish_context *ctx, + const unsigned char *key, + unsigned int keybits) { unsigned int i, j, k; uint32_t data, datal, datar; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( key != NULL ); + BLOWFISH_VALIDATE_RET(ctx != NULL); + BLOWFISH_VALIDATE_RET(key != NULL); - if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS || + if (keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS || keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS || - keybits % 8 != 0 ) - { - return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); + keybits % 8 != 0) { + return MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA; } keybits >>= 3; - for( i = 0; i < 4; i++ ) - { - for( j = 0; j < 256; j++ ) + for (i = 0; i < 4; i++) { + for (j = 0; j < 256; j++) { ctx->S[i][j] = S[i][j]; + } } j = 0; - for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i ) - { + for (i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i) { data = 0x00000000; - for( k = 0; k < 4; ++k ) - { - data = ( data << 8 ) | key[j++]; - if( j >= keybits ) + for (k = 0; k < 4; ++k) { + data = (data << 8) | key[j++]; + if (j >= keybits) { j = 0; + } } ctx->P[i] = P[i] ^ data; } @@ -185,107 +182,99 @@ int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, datal = 0x00000000; datar = 0x00000000; - for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2 ) - { - blowfish_enc( ctx, &datal, &datar ); + for (i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2) { + blowfish_enc(ctx, &datal, &datar); ctx->P[i] = datal; ctx->P[i + 1] = datar; } - for( i = 0; i < 4; i++ ) - { - for( j = 0; j < 256; j += 2 ) - { - blowfish_enc( ctx, &datal, &datar ); + for (i = 0; i < 4; i++) { + for (j = 0; j < 256; j += 2) { + blowfish_enc(ctx, &datal, &datar); ctx->S[i][j] = datal; ctx->S[i][j + 1] = datar; } } - return( 0 ); + return 0; } /* * Blowfish-ECB block encryption/decryption */ -int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, - int mode, - const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE], - unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] ) +int mbedtls_blowfish_crypt_ecb(mbedtls_blowfish_context *ctx, + int mode, + const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE], + unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE]) { uint32_t X0, X1; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT || - mode == MBEDTLS_BLOWFISH_DECRYPT ); - BLOWFISH_VALIDATE_RET( input != NULL ); - BLOWFISH_VALIDATE_RET( output != NULL ); - - X0 = MBEDTLS_GET_UINT32_BE( input, 0 ); - X1 = MBEDTLS_GET_UINT32_BE( input, 4 ); - - if( mode == MBEDTLS_BLOWFISH_DECRYPT ) - { - blowfish_dec( ctx, &X0, &X1 ); - } - else /* MBEDTLS_BLOWFISH_ENCRYPT */ - { - blowfish_enc( ctx, &X0, &X1 ); + BLOWFISH_VALIDATE_RET(ctx != NULL); + BLOWFISH_VALIDATE_RET(mode == MBEDTLS_BLOWFISH_ENCRYPT || + mode == MBEDTLS_BLOWFISH_DECRYPT); + BLOWFISH_VALIDATE_RET(input != NULL); + BLOWFISH_VALIDATE_RET(output != NULL); + + X0 = MBEDTLS_GET_UINT32_BE(input, 0); + X1 = MBEDTLS_GET_UINT32_BE(input, 4); + + if (mode == MBEDTLS_BLOWFISH_DECRYPT) { + blowfish_dec(ctx, &X0, &X1); + } else { /* MBEDTLS_BLOWFISH_ENCRYPT */ + blowfish_enc(ctx, &X0, &X1); } - MBEDTLS_PUT_UINT32_BE( X0, output, 0 ); - MBEDTLS_PUT_UINT32_BE( X1, output, 4 ); + MBEDTLS_PUT_UINT32_BE(X0, output, 0); + MBEDTLS_PUT_UINT32_BE(X1, output, 4); - return( 0 ); + return 0; } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * Blowfish-CBC buffer encryption/decryption */ -int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, - int mode, - size_t length, - unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) +int mbedtls_blowfish_crypt_cbc(mbedtls_blowfish_context *ctx, + int mode, + size_t length, + unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output) { int i; unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE]; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT || - mode == MBEDTLS_BLOWFISH_DECRYPT ); - BLOWFISH_VALIDATE_RET( iv != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || input != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || output != NULL ); - - if( length % MBEDTLS_BLOWFISH_BLOCKSIZE ) - return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH ); + BLOWFISH_VALIDATE_RET(ctx != NULL); + BLOWFISH_VALIDATE_RET(mode == MBEDTLS_BLOWFISH_ENCRYPT || + mode == MBEDTLS_BLOWFISH_DECRYPT); + BLOWFISH_VALIDATE_RET(iv != NULL); + BLOWFISH_VALIDATE_RET(length == 0 || input != NULL); + BLOWFISH_VALIDATE_RET(length == 0 || output != NULL); + + if (length % MBEDTLS_BLOWFISH_BLOCKSIZE) { + return MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH; + } - if( mode == MBEDTLS_BLOWFISH_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE ); - mbedtls_blowfish_crypt_ecb( ctx, mode, input, output ); + if (mode == MBEDTLS_BLOWFISH_DECRYPT) { + while (length > 0) { + memcpy(temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE); + mbedtls_blowfish_crypt_ecb(ctx, mode, input, output); - for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE;i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE ); + memcpy(iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE); input += MBEDTLS_BLOWFISH_BLOCKSIZE; output += MBEDTLS_BLOWFISH_BLOCKSIZE; length -= MBEDTLS_BLOWFISH_BLOCKSIZE; } - } - else - { - while( length > 0 ) - { - for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + } else { + while (length > 0) { + for (i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - mbedtls_blowfish_crypt_ecb( ctx, mode, output, output ); - memcpy( iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE ); + mbedtls_blowfish_crypt_ecb(ctx, mode, output, output); + memcpy(iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE); input += MBEDTLS_BLOWFISH_BLOCKSIZE; output += MBEDTLS_BLOWFISH_BLOCKSIZE; @@ -293,7 +282,7 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, } } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -301,59 +290,57 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, /* * Blowfish CFB buffer encryption/decryption */ -int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) +int mbedtls_blowfish_crypt_cfb64(mbedtls_blowfish_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output) { int c; size_t n; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT || - mode == MBEDTLS_BLOWFISH_DECRYPT ); - BLOWFISH_VALIDATE_RET( iv != NULL ); - BLOWFISH_VALIDATE_RET( iv_off != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || input != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || output != NULL ); + BLOWFISH_VALIDATE_RET(ctx != NULL); + BLOWFISH_VALIDATE_RET(mode == MBEDTLS_BLOWFISH_ENCRYPT || + mode == MBEDTLS_BLOWFISH_DECRYPT); + BLOWFISH_VALIDATE_RET(iv != NULL); + BLOWFISH_VALIDATE_RET(iv_off != NULL); + BLOWFISH_VALIDATE_RET(length == 0 || input != NULL); + BLOWFISH_VALIDATE_RET(length == 0 || output != NULL); n = *iv_off; - if( n >= 8 ) - return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); + if (n >= 8) { + return MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA; + } - if( mode == MBEDTLS_BLOWFISH_DECRYPT ) - { - while( length-- ) - { - if( n == 0 ) - mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv ); + if (mode == MBEDTLS_BLOWFISH_DECRYPT) { + while (length--) { + if (n == 0) { + mbedtls_blowfish_crypt_ecb(ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv); + } c = *input++; - *output++ = (unsigned char)( c ^ iv[n] ); + *output++ = (unsigned char) (c ^ iv[n]); iv[n] = (unsigned char) c; - n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE; + n = (n + 1) % MBEDTLS_BLOWFISH_BLOCKSIZE; } - } - else - { - while( length-- ) - { - if( n == 0 ) - mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv ); + } else { + while (length--) { + if (n == 0) { + mbedtls_blowfish_crypt_ecb(ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv); + } - iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); + iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++); - n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE; + n = (n + 1) % MBEDTLS_BLOWFISH_BLOCKSIZE; } } *iv_off = n; - return( 0 ); + return 0; } #endif /*MBEDTLS_CIPHER_MODE_CFB */ @@ -361,46 +348,48 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, /* * Blowfish CTR buffer encryption/decryption */ -int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE], - unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) +int mbedtls_blowfish_crypt_ctr(mbedtls_blowfish_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE], + unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output) { int c, i; size_t n; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( nonce_counter != NULL ); - BLOWFISH_VALIDATE_RET( stream_block != NULL ); - BLOWFISH_VALIDATE_RET( nc_off != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || input != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || output != NULL ); + BLOWFISH_VALIDATE_RET(ctx != NULL); + BLOWFISH_VALIDATE_RET(nonce_counter != NULL); + BLOWFISH_VALIDATE_RET(stream_block != NULL); + BLOWFISH_VALIDATE_RET(nc_off != NULL); + BLOWFISH_VALIDATE_RET(length == 0 || input != NULL); + BLOWFISH_VALIDATE_RET(length == 0 || output != NULL); n = *nc_off; - if( n >= 8 ) - return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); + if (n >= 8) { + return MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA; + } - while( length-- ) - { - if( n == 0 ) { - mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter, - stream_block ); + while (length--) { + if (n == 0) { + mbedtls_blowfish_crypt_ecb(ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter, + stream_block); - for( i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i-- ) - if( ++nonce_counter[i - 1] != 0 ) + for (i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i--) { + if (++nonce_counter[i - 1] != 0) { break; + } + } } c = *input++; - *output++ = (unsigned char)( c ^ stream_block[n] ); + *output++ = (unsigned char) (c ^ stream_block[n]); - n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE; + n = (n + 1) % MBEDTLS_BLOWFISH_BLOCKSIZE; } *nc_off = n; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CTR */ diff --git a/library/camellia.c b/library/camellia.c index e90cd7f134ec..ce034d74fb60 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -37,10 +37,10 @@ #if !defined(MBEDTLS_CAMELLIA_ALT) /* Parameter validation macros */ -#define CAMELLIA_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ) -#define CAMELLIA_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define CAMELLIA_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA) +#define CAMELLIA_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) static const unsigned char SIGMA_CHARS[6][8] = { @@ -56,109 +56,109 @@ static const unsigned char SIGMA_CHARS[6][8] = static const unsigned char FSb[256] = { - 112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65, - 35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189, - 134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26, - 166,225, 57,202,213, 71, 93, 61,217, 1, 90,214, 81, 86,108, 77, - 139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153, - 223, 76,203,194, 52,126,118, 5,109,183,169, 49,209, 23, 4,215, - 20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34, - 254, 68,207,178,195,181,122,145, 36, 8,232,168, 96,252,105, 80, - 170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210, - 16,196, 0, 72,163,247,117,219,138, 3,230,218, 9, 63,221,148, - 135, 92,131, 2,205, 74,144, 51,115,103,246,243,157,127,191,226, - 82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46, - 233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89, - 120,152, 6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250, - 114, 7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164, - 64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158 + 112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65, + 35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189, + 134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26, + 166, 225, 57, 202, 213, 71, 93, 61, 217, 1, 90, 214, 81, 86, 108, 77, + 139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153, + 223, 76, 203, 194, 52, 126, 118, 5, 109, 183, 169, 49, 209, 23, 4, 215, + 20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34, + 254, 68, 207, 178, 195, 181, 122, 145, 36, 8, 232, 168, 96, 252, 105, 80, + 170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210, + 16, 196, 0, 72, 163, 247, 117, 219, 138, 3, 230, 218, 9, 63, 221, 148, + 135, 92, 131, 2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226, + 82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46, + 233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89, + 120, 152, 6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250, + 114, 7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164, + 64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158 }; #define SBOX1(n) FSb[(n)] -#define SBOX2(n) (unsigned char)((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff) -#define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff) +#define SBOX2(n) (unsigned char) ((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff) +#define SBOX3(n) (unsigned char) ((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff) #define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff] #else /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ static const unsigned char FSb[256] = { - 112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65, - 35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189, - 134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26, - 166, 225, 57, 202, 213, 71, 93, 61, 217, 1, 90, 214, 81, 86, 108, 77, - 139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153, - 223, 76, 203, 194, 52, 126, 118, 5, 109, 183, 169, 49, 209, 23, 4, 215, - 20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34, - 254, 68, 207, 178, 195, 181, 122, 145, 36, 8, 232, 168, 96, 252, 105, 80, - 170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210, - 16, 196, 0, 72, 163, 247, 117, 219, 138, 3, 230, 218, 9, 63, 221, 148, - 135, 92, 131, 2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226, - 82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46, - 233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89, - 120, 152, 6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250, - 114, 7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164, - 64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158 + 112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65, + 35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189, + 134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26, + 166, 225, 57, 202, 213, 71, 93, 61, 217, 1, 90, 214, 81, 86, 108, 77, + 139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153, + 223, 76, 203, 194, 52, 126, 118, 5, 109, 183, 169, 49, 209, 23, 4, 215, + 20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34, + 254, 68, 207, 178, 195, 181, 122, 145, 36, 8, 232, 168, 96, 252, 105, 80, + 170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210, + 16, 196, 0, 72, 163, 247, 117, 219, 138, 3, 230, 218, 9, 63, 221, 148, + 135, 92, 131, 2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226, + 82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46, + 233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89, + 120, 152, 6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250, + 114, 7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164, + 64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158 }; static const unsigned char FSb2[256] = { - 224, 5, 88, 217, 103, 78, 129, 203, 201, 11, 174, 106, 213, 24, 93, 130, - 70, 223, 214, 39, 138, 50, 75, 66, 219, 28, 158, 156, 58, 202, 37, 123, - 13, 113, 95, 31, 248, 215, 62, 157, 124, 96, 185, 190, 188, 139, 22, 52, - 77, 195, 114, 149, 171, 142, 186, 122, 179, 2, 180, 173, 162, 172, 216, 154, - 23, 26, 53, 204, 247, 153, 97, 90, 232, 36, 86, 64, 225, 99, 9, 51, - 191, 152, 151, 133, 104, 252, 236, 10, 218, 111, 83, 98, 163, 46, 8, 175, - 40, 176, 116, 194, 189, 54, 34, 56, 100, 30, 57, 44, 166, 48, 229, 68, - 253, 136, 159, 101, 135, 107, 244, 35, 72, 16, 209, 81, 192, 249, 210, 160, - 85, 161, 65, 250, 67, 19, 196, 47, 168, 182, 60, 43, 193, 255, 200, 165, - 32, 137, 0, 144, 71, 239, 234, 183, 21, 6, 205, 181, 18, 126, 187, 41, - 15, 184, 7, 4, 155, 148, 33, 102, 230, 206, 237, 231, 59, 254, 127, 197, - 164, 55, 177, 76, 145, 110, 141, 118, 3, 45, 222, 150, 38, 125, 198, 92, - 211, 242, 79, 25, 63, 220, 121, 29, 82, 235, 243, 109, 94, 251, 105, 178, - 240, 49, 12, 212, 207, 140, 226, 117, 169, 74, 87, 132, 17, 69, 27, 245, - 228, 14, 115, 170, 241, 221, 89, 20, 108, 146, 84, 208, 120, 112, 227, 73, - 128, 80, 167, 246, 119, 147, 134, 131, 42, 199, 91, 233, 238, 143, 1, 61 + 224, 5, 88, 217, 103, 78, 129, 203, 201, 11, 174, 106, 213, 24, 93, 130, + 70, 223, 214, 39, 138, 50, 75, 66, 219, 28, 158, 156, 58, 202, 37, 123, + 13, 113, 95, 31, 248, 215, 62, 157, 124, 96, 185, 190, 188, 139, 22, 52, + 77, 195, 114, 149, 171, 142, 186, 122, 179, 2, 180, 173, 162, 172, 216, 154, + 23, 26, 53, 204, 247, 153, 97, 90, 232, 36, 86, 64, 225, 99, 9, 51, + 191, 152, 151, 133, 104, 252, 236, 10, 218, 111, 83, 98, 163, 46, 8, 175, + 40, 176, 116, 194, 189, 54, 34, 56, 100, 30, 57, 44, 166, 48, 229, 68, + 253, 136, 159, 101, 135, 107, 244, 35, 72, 16, 209, 81, 192, 249, 210, 160, + 85, 161, 65, 250, 67, 19, 196, 47, 168, 182, 60, 43, 193, 255, 200, 165, + 32, 137, 0, 144, 71, 239, 234, 183, 21, 6, 205, 181, 18, 126, 187, 41, + 15, 184, 7, 4, 155, 148, 33, 102, 230, 206, 237, 231, 59, 254, 127, 197, + 164, 55, 177, 76, 145, 110, 141, 118, 3, 45, 222, 150, 38, 125, 198, 92, + 211, 242, 79, 25, 63, 220, 121, 29, 82, 235, 243, 109, 94, 251, 105, 178, + 240, 49, 12, 212, 207, 140, 226, 117, 169, 74, 87, 132, 17, 69, 27, 245, + 228, 14, 115, 170, 241, 221, 89, 20, 108, 146, 84, 208, 120, 112, 227, 73, + 128, 80, 167, 246, 119, 147, 134, 131, 42, 199, 91, 233, 238, 143, 1, 61 }; static const unsigned char FSb3[256] = { - 56, 65, 22, 118, 217, 147, 96, 242, 114, 194, 171, 154, 117, 6, 87, 160, - 145, 247, 181, 201, 162, 140, 210, 144, 246, 7, 167, 39, 142, 178, 73, 222, - 67, 92, 215, 199, 62, 245, 143, 103, 31, 24, 110, 175, 47, 226, 133, 13, - 83, 240, 156, 101, 234, 163, 174, 158, 236, 128, 45, 107, 168, 43, 54, 166, - 197, 134, 77, 51, 253, 102, 88, 150, 58, 9, 149, 16, 120, 216, 66, 204, - 239, 38, 229, 97, 26, 63, 59, 130, 182, 219, 212, 152, 232, 139, 2, 235, - 10, 44, 29, 176, 111, 141, 136, 14, 25, 135, 78, 11, 169, 12, 121, 17, - 127, 34, 231, 89, 225, 218, 61, 200, 18, 4, 116, 84, 48, 126, 180, 40, - 85, 104, 80, 190, 208, 196, 49, 203, 42, 173, 15, 202, 112, 255, 50, 105, - 8, 98, 0, 36, 209, 251, 186, 237, 69, 129, 115, 109, 132, 159, 238, 74, - 195, 46, 193, 1, 230, 37, 72, 153, 185, 179, 123, 249, 206, 191, 223, 113, - 41, 205, 108, 19, 100, 155, 99, 157, 192, 75, 183, 165, 137, 95, 177, 23, - 244, 188, 211, 70, 207, 55, 94, 71, 148, 250, 252, 91, 151, 254, 90, 172, - 60, 76, 3, 53, 243, 35, 184, 93, 106, 146, 213, 33, 68, 81, 198, 125, - 57, 131, 220, 170, 124, 119, 86, 5, 27, 164, 21, 52, 30, 28, 248, 82, - 32, 20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227, 64, 79 + 56, 65, 22, 118, 217, 147, 96, 242, 114, 194, 171, 154, 117, 6, 87, 160, + 145, 247, 181, 201, 162, 140, 210, 144, 246, 7, 167, 39, 142, 178, 73, 222, + 67, 92, 215, 199, 62, 245, 143, 103, 31, 24, 110, 175, 47, 226, 133, 13, + 83, 240, 156, 101, 234, 163, 174, 158, 236, 128, 45, 107, 168, 43, 54, 166, + 197, 134, 77, 51, 253, 102, 88, 150, 58, 9, 149, 16, 120, 216, 66, 204, + 239, 38, 229, 97, 26, 63, 59, 130, 182, 219, 212, 152, 232, 139, 2, 235, + 10, 44, 29, 176, 111, 141, 136, 14, 25, 135, 78, 11, 169, 12, 121, 17, + 127, 34, 231, 89, 225, 218, 61, 200, 18, 4, 116, 84, 48, 126, 180, 40, + 85, 104, 80, 190, 208, 196, 49, 203, 42, 173, 15, 202, 112, 255, 50, 105, + 8, 98, 0, 36, 209, 251, 186, 237, 69, 129, 115, 109, 132, 159, 238, 74, + 195, 46, 193, 1, 230, 37, 72, 153, 185, 179, 123, 249, 206, 191, 223, 113, + 41, 205, 108, 19, 100, 155, 99, 157, 192, 75, 183, 165, 137, 95, 177, 23, + 244, 188, 211, 70, 207, 55, 94, 71, 148, 250, 252, 91, 151, 254, 90, 172, + 60, 76, 3, 53, 243, 35, 184, 93, 106, 146, 213, 33, 68, 81, 198, 125, + 57, 131, 220, 170, 124, 119, 86, 5, 27, 164, 21, 52, 30, 28, 248, 82, + 32, 20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227, 64, 79 }; static const unsigned char FSb4[256] = { - 112, 44, 179, 192, 228, 87, 234, 174, 35, 107, 69, 165, 237, 79, 29, 146, - 134, 175, 124, 31, 62, 220, 94, 11, 166, 57, 213, 93, 217, 90, 81, 108, - 139, 154, 251, 176, 116, 43, 240, 132, 223, 203, 52, 118, 109, 169, 209, 4, - 20, 58, 222, 17, 50, 156, 83, 242, 254, 207, 195, 122, 36, 232, 96, 105, - 170, 160, 161, 98, 84, 30, 224, 100, 16, 0, 163, 117, 138, 230, 9, 221, - 135, 131, 205, 144, 115, 246, 157, 191, 82, 216, 200, 198, 129, 111, 19, 99, - 233, 167, 159, 188, 41, 249, 47, 180, 120, 6, 231, 113, 212, 171, 136, 141, - 114, 185, 248, 172, 54, 42, 60, 241, 64, 211, 187, 67, 21, 173, 119, 128, - 130, 236, 39, 229, 133, 53, 12, 65, 239, 147, 25, 33, 14, 78, 101, 189, - 184, 143, 235, 206, 48, 95, 197, 26, 225, 202, 71, 61, 1, 214, 86, 77, - 13, 102, 204, 45, 18, 32, 177, 153, 76, 194, 126, 5, 183, 49, 23, 215, - 88, 97, 27, 28, 15, 22, 24, 34, 68, 178, 181, 145, 8, 168, 252, 80, - 208, 125, 137, 151, 91, 149, 255, 210, 196, 72, 247, 219, 3, 218, 63, 148, - 92, 2, 74, 51, 103, 243, 127, 226, 155, 38, 55, 59, 150, 75, 190, 46, - 121, 140, 110, 142, 245, 182, 253, 89, 152, 106, 70, 186, 37, 66, 162, 250, - 7, 85, 238, 10, 73, 104, 56, 164, 40, 123, 201, 193, 227, 244, 199, 158 + 112, 44, 179, 192, 228, 87, 234, 174, 35, 107, 69, 165, 237, 79, 29, 146, + 134, 175, 124, 31, 62, 220, 94, 11, 166, 57, 213, 93, 217, 90, 81, 108, + 139, 154, 251, 176, 116, 43, 240, 132, 223, 203, 52, 118, 109, 169, 209, 4, + 20, 58, 222, 17, 50, 156, 83, 242, 254, 207, 195, 122, 36, 232, 96, 105, + 170, 160, 161, 98, 84, 30, 224, 100, 16, 0, 163, 117, 138, 230, 9, 221, + 135, 131, 205, 144, 115, 246, 157, 191, 82, 216, 200, 198, 129, 111, 19, 99, + 233, 167, 159, 188, 41, 249, 47, 180, 120, 6, 231, 113, 212, 171, 136, 141, + 114, 185, 248, 172, 54, 42, 60, 241, 64, 211, 187, 67, 21, 173, 119, 128, + 130, 236, 39, 229, 133, 53, 12, 65, 239, 147, 25, 33, 14, 78, 101, 189, + 184, 143, 235, 206, 48, 95, 197, 26, 225, 202, 71, 61, 1, 214, 86, 77, + 13, 102, 204, 45, 18, 32, 177, 153, 76, 194, 126, 5, 183, 49, 23, 215, + 88, 97, 27, 28, 15, 22, 24, 34, 68, 178, 181, 145, 8, 168, 252, 80, + 208, 125, 137, 151, 91, 149, 255, 210, 196, 72, 247, 219, 3, 218, 63, 148, + 92, 2, 74, 51, 103, 243, 127, 226, 155, 38, 55, 59, 150, 75, 190, 46, + 121, 140, 110, 142, 245, 182, 253, 89, 152, 106, 70, 186, 37, 66, 162, 250, + 7, 85, 238, 10, 73, 104, 56, 164, 40, 123, 201, 193, 227, 244, 199, 158 }; #define SBOX1(n) FSb[(n)] @@ -188,23 +188,23 @@ static const signed char indexes[2][4][20] = { { { 0, 1, 2, 3, 8, 9, 10, 11, 38, 39, - 36, 37, 23, 20, 21, 22, 27, -1, -1, 26 }, /* KL -> RK */ + 36, 37, 23, 20, 21, 22, 27, -1, -1, 26 }, /* KL -> RK */ { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }, /* KR -> RK */ { 4, 5, 6, 7, 12, 13, 14, 15, 16, 17, - 18, 19, -1, 24, 25, -1, 31, 28, 29, 30 }, /* KA -> RK */ + 18, 19, -1, 24, 25, -1, 31, 28, 29, 30 }, /* KA -> RK */ { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 } /* KB -> RK */ }, { { 0, 1, 2, 3, 61, 62, 63, 60, -1, -1, - -1, -1, 27, 24, 25, 26, 35, 32, 33, 34 }, /* KL -> RK */ + -1, -1, 27, 24, 25, 26, 35, 32, 33, 34 }, /* KL -> RK */ { -1, -1, -1, -1, 8, 9, 10, 11, 16, 17, 18, 19, -1, -1, -1, -1, 39, 36, 37, 38 }, /* KR -> RK */ { -1, -1, -1, -1, 12, 13, 14, 15, 58, 59, 56, 57, 31, 28, 29, 30, -1, -1, -1, -1 }, /* KA -> RK */ { 4, 5, 6, 7, 65, 66, 67, 64, 20, 21, - 22, 23, -1, -1, -1, -1, 43, 40, 41, 42 } /* KB -> RK */ + 22, 23, -1, -1, -1, -1, 43, 40, 41, 42 } /* KB -> RK */ } }; @@ -228,57 +228,57 @@ static const signed char transposes[2][20] = /* Shift macro for 128 bit strings with rotation smaller than 32 bits (!) */ #define ROTL(DEST, SRC, SHIFT) \ -{ \ - (DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT)); \ - (DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT)); \ - (DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT)); \ - (DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT)); \ -} + { \ + (DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT)); \ + (DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT)); \ + (DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT)); \ + (DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT)); \ + } #define FL(XL, XR, KL, KR) \ -{ \ - (XR) = ((((XL) & (KL)) << 1) | (((XL) & (KL)) >> 31)) ^ (XR); \ - (XL) = ((XR) | (KR)) ^ (XL); \ -} + { \ + (XR) = ((((XL) &(KL)) << 1) | (((XL) &(KL)) >> 31)) ^ (XR); \ + (XL) = ((XR) | (KR)) ^ (XL); \ + } #define FLInv(YL, YR, KL, KR) \ -{ \ - (YL) = ((YR) | (KR)) ^ (YL); \ - (YR) = ((((YL) & (KL)) << 1) | (((YL) & (KL)) >> 31)) ^ (YR); \ -} + { \ + (YL) = ((YR) | (KR)) ^ (YL); \ + (YR) = ((((YL) &(KL)) << 1) | (((YL) &(KL)) >> 31)) ^ (YR); \ + } #define SHIFT_AND_PLACE(INDEX, OFFSET) \ -{ \ - TK[0] = KC[(OFFSET) * 4 + 0]; \ - TK[1] = KC[(OFFSET) * 4 + 1]; \ - TK[2] = KC[(OFFSET) * 4 + 2]; \ - TK[3] = KC[(OFFSET) * 4 + 3]; \ + { \ + TK[0] = KC[(OFFSET) * 4 + 0]; \ + TK[1] = KC[(OFFSET) * 4 + 1]; \ + TK[2] = KC[(OFFSET) * 4 + 2]; \ + TK[3] = KC[(OFFSET) * 4 + 3]; \ \ - for( i = 1; i <= 4; i++ ) \ - if( shifts[(INDEX)][(OFFSET)][i -1] ) \ - ROTL(TK + i * 4, TK, ( 15 * i ) % 32); \ + for (i = 1; i <= 4; i++) \ + if (shifts[(INDEX)][(OFFSET)][i -1]) \ + ROTL(TK + i * 4, TK, (15 * i) % 32); \ \ - for( i = 0; i < 20; i++ ) \ - if( indexes[(INDEX)][(OFFSET)][i] != -1 ) { \ - RK[indexes[(INDEX)][(OFFSET)][i]] = TK[ i ]; \ + for (i = 0; i < 20; i++) \ + if (indexes[(INDEX)][(OFFSET)][i] != -1) { \ + RK[indexes[(INDEX)][(OFFSET)][i]] = TK[i]; \ } \ -} + } -static void camellia_feistel( const uint32_t x[2], const uint32_t k[2], - uint32_t z[2]) +static void camellia_feistel(const uint32_t x[2], const uint32_t k[2], + uint32_t z[2]) { uint32_t I0, I1; I0 = x[0] ^ k[0]; I1 = x[1] ^ k[1]; - I0 = ((uint32_t) SBOX1( MBEDTLS_BYTE_3( I0 )) << 24) | - ((uint32_t) SBOX2( MBEDTLS_BYTE_2( I0 )) << 16) | - ((uint32_t) SBOX3( MBEDTLS_BYTE_1( I0 )) << 8) | - ((uint32_t) SBOX4( MBEDTLS_BYTE_0( I0 )) ); - I1 = ((uint32_t) SBOX2( MBEDTLS_BYTE_3( I1 )) << 24) | - ((uint32_t) SBOX3( MBEDTLS_BYTE_2( I1 )) << 16) | - ((uint32_t) SBOX4( MBEDTLS_BYTE_1( I1 )) << 8) | - ((uint32_t) SBOX1( MBEDTLS_BYTE_0( I1 )) ); + I0 = ((uint32_t) SBOX1(MBEDTLS_BYTE_3(I0)) << 24) | + ((uint32_t) SBOX2(MBEDTLS_BYTE_2(I0)) << 16) | + ((uint32_t) SBOX3(MBEDTLS_BYTE_1(I0)) << 8) | + ((uint32_t) SBOX4(MBEDTLS_BYTE_0(I0))); + I1 = ((uint32_t) SBOX2(MBEDTLS_BYTE_3(I1)) << 24) | + ((uint32_t) SBOX3(MBEDTLS_BYTE_2(I1)) << 16) | + ((uint32_t) SBOX4(MBEDTLS_BYTE_1(I1)) << 8) | + ((uint32_t) SBOX1(MBEDTLS_BYTE_0(I1))); I0 ^= (I1 << 8) | (I1 >> 24); I1 ^= (I0 << 16) | (I0 >> 16); @@ -289,26 +289,27 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2], z[1] ^= I0; } -void mbedtls_camellia_init( mbedtls_camellia_context *ctx ) +void mbedtls_camellia_init(mbedtls_camellia_context *ctx) { - CAMELLIA_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_camellia_context ) ); + CAMELLIA_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_camellia_context)); } -void mbedtls_camellia_free( mbedtls_camellia_context *ctx ) +void mbedtls_camellia_free(mbedtls_camellia_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_camellia_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_camellia_context)); } /* * Camellia key schedule (encryption) */ -int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, - const unsigned char *key, - unsigned int keybits ) +int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, + const unsigned char *key, + unsigned int keybits) { int idx; size_t i; @@ -318,68 +319,73 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, uint32_t KC[16]; uint32_t TK[20]; - CAMELLIA_VALIDATE_RET( ctx != NULL ); - CAMELLIA_VALIDATE_RET( key != NULL ); + CAMELLIA_VALIDATE_RET(ctx != NULL); + CAMELLIA_VALIDATE_RET(key != NULL); RK = ctx->rk; - memset( t, 0, 64 ); - memset( RK, 0, sizeof(ctx->rk) ); + memset(t, 0, 64); + memset(RK, 0, sizeof(ctx->rk)); - switch( keybits ) - { + switch (keybits) { case 128: ctx->nr = 3; idx = 0; break; case 192: case 256: ctx->nr = 4; idx = 1; break; - default : return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ); + default: return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA; } - for( i = 0; i < keybits / 8; ++i ) + for (i = 0; i < keybits / 8; ++i) { t[i] = key[i]; + } - if( keybits == 192 ) { - for( i = 0; i < 8; i++ ) + if (keybits == 192) { + for (i = 0; i < 8; i++) { t[24 + i] = ~t[16 + i]; + } } /* * Prepare SIGMA values */ - for( i = 0; i < 6; i++ ) { - SIGMA[i][0] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 0 ); - SIGMA[i][1] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 4 ); + for (i = 0; i < 6; i++) { + SIGMA[i][0] = MBEDTLS_GET_UINT32_BE(SIGMA_CHARS[i], 0); + SIGMA[i][1] = MBEDTLS_GET_UINT32_BE(SIGMA_CHARS[i], 4); } /* * Key storage in KC * Order: KL, KR, KA, KB */ - memset( KC, 0, sizeof(KC) ); + memset(KC, 0, sizeof(KC)); /* Store KL, KR */ - for( i = 0; i < 8; i++ ) - KC[i] = MBEDTLS_GET_UINT32_BE( t, i * 4 ); + for (i = 0; i < 8; i++) { + KC[i] = MBEDTLS_GET_UINT32_BE(t, i * 4); + } /* Generate KA */ - for( i = 0; i < 4; ++i ) + for (i = 0; i < 4; ++i) { KC[8 + i] = KC[i] ^ KC[4 + i]; + } - camellia_feistel( KC + 8, SIGMA[0], KC + 10 ); - camellia_feistel( KC + 10, SIGMA[1], KC + 8 ); + camellia_feistel(KC + 8, SIGMA[0], KC + 10); + camellia_feistel(KC + 10, SIGMA[1], KC + 8); - for( i = 0; i < 4; ++i ) + for (i = 0; i < 4; ++i) { KC[8 + i] ^= KC[i]; + } - camellia_feistel( KC + 8, SIGMA[2], KC + 10 ); - camellia_feistel( KC + 10, SIGMA[3], KC + 8 ); + camellia_feistel(KC + 8, SIGMA[2], KC + 10); + camellia_feistel(KC + 10, SIGMA[3], KC + 8); - if( keybits > 128 ) { + if (keybits > 128) { /* Generate KB */ - for( i = 0; i < 4; ++i ) + for (i = 0; i < 4; ++i) { KC[12 + i] = KC[4 + i] ^ KC[8 + i]; + } - camellia_feistel( KC + 12, SIGMA[4], KC + 14 ); - camellia_feistel( KC + 14, SIGMA[5], KC + 12 ); + camellia_feistel(KC + 12, SIGMA[4], KC + 14); + camellia_feistel(KC + 14, SIGMA[5], KC + 12); } /* @@ -387,54 +393,55 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, */ /* Manipulating KL */ - SHIFT_AND_PLACE( idx, 0 ); + SHIFT_AND_PLACE(idx, 0); /* Manipulating KR */ - if( keybits > 128 ) { - SHIFT_AND_PLACE( idx, 1 ); + if (keybits > 128) { + SHIFT_AND_PLACE(idx, 1); } /* Manipulating KA */ - SHIFT_AND_PLACE( idx, 2 ); + SHIFT_AND_PLACE(idx, 2); /* Manipulating KB */ - if( keybits > 128 ) { - SHIFT_AND_PLACE( idx, 3 ); + if (keybits > 128) { + SHIFT_AND_PLACE(idx, 3); } /* Do transpositions */ - for( i = 0; i < 20; i++ ) { - if( transposes[idx][i] != -1 ) { + for (i = 0; i < 20; i++) { + if (transposes[idx][i] != -1) { RK[32 + 12 * idx + i] = RK[transposes[idx][i]]; } } - return( 0 ); + return 0; } /* * Camellia key schedule (decryption) */ -int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, - const unsigned char *key, - unsigned int keybits ) +int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx, + const unsigned char *key, + unsigned int keybits) { int idx, ret; size_t i; mbedtls_camellia_context cty; uint32_t *RK; uint32_t *SK; - CAMELLIA_VALIDATE_RET( ctx != NULL ); - CAMELLIA_VALIDATE_RET( key != NULL ); + CAMELLIA_VALIDATE_RET(ctx != NULL); + CAMELLIA_VALIDATE_RET(key != NULL); - mbedtls_camellia_init( &cty ); + mbedtls_camellia_init(&cty); /* Also checks keybits */ - if( ( ret = mbedtls_camellia_setkey_enc( &cty, key, keybits ) ) != 0 ) + if ((ret = mbedtls_camellia_setkey_enc(&cty, key, keybits)) != 0) { goto exit; + } ctx->nr = cty.nr; - idx = ( ctx->nr == 4 ); + idx = (ctx->nr == 4); RK = ctx->rk; SK = cty.rk + 24 * 2 + 8 * idx * 2; @@ -444,8 +451,7 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, *RK++ = *SK++; *RK++ = *SK++; - for( i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4 ) - { + for (i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4) { *RK++ = *SK++; *RK++ = *SK++; } @@ -458,58 +464,58 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, *RK++ = *SK++; exit: - mbedtls_camellia_free( &cty ); + mbedtls_camellia_free(&cty); - return( ret ); + return ret; } /* * Camellia-ECB block encryption/decryption */ -int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ) +int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]) { int NR; uint32_t *RK, X[4]; - CAMELLIA_VALIDATE_RET( ctx != NULL ); - CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT || - mode == MBEDTLS_CAMELLIA_DECRYPT ); - CAMELLIA_VALIDATE_RET( input != NULL ); - CAMELLIA_VALIDATE_RET( output != NULL ); + CAMELLIA_VALIDATE_RET(ctx != NULL); + CAMELLIA_VALIDATE_RET(mode == MBEDTLS_CAMELLIA_ENCRYPT || + mode == MBEDTLS_CAMELLIA_DECRYPT); + CAMELLIA_VALIDATE_RET(input != NULL); + CAMELLIA_VALIDATE_RET(output != NULL); - ( (void) mode ); + ((void) mode); NR = ctx->nr; RK = ctx->rk; - X[0] = MBEDTLS_GET_UINT32_BE( input, 0 ); - X[1] = MBEDTLS_GET_UINT32_BE( input, 4 ); - X[2] = MBEDTLS_GET_UINT32_BE( input, 8 ); - X[3] = MBEDTLS_GET_UINT32_BE( input, 12 ); + X[0] = MBEDTLS_GET_UINT32_BE(input, 0); + X[1] = MBEDTLS_GET_UINT32_BE(input, 4); + X[2] = MBEDTLS_GET_UINT32_BE(input, 8); + X[3] = MBEDTLS_GET_UINT32_BE(input, 12); X[0] ^= *RK++; X[1] ^= *RK++; X[2] ^= *RK++; X[3] ^= *RK++; - while( NR ) { + while (NR) { --NR; - camellia_feistel( X, RK, X + 2 ); + camellia_feistel(X, RK, X + 2); RK += 2; - camellia_feistel( X + 2, RK, X ); + camellia_feistel(X + 2, RK, X); RK += 2; - camellia_feistel( X, RK, X + 2 ); + camellia_feistel(X, RK, X + 2); RK += 2; - camellia_feistel( X + 2, RK, X ); + camellia_feistel(X + 2, RK, X); RK += 2; - camellia_feistel( X, RK, X + 2 ); + camellia_feistel(X, RK, X + 2); RK += 2; - camellia_feistel( X + 2, RK, X ); + camellia_feistel(X + 2, RK, X); RK += 2; - if( NR ) { + if (NR) { FL(X[0], X[1], RK[0], RK[1]); RK += 2; FLInv(X[2], X[3], RK[0], RK[1]); @@ -522,63 +528,61 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, X[0] ^= *RK++; X[1] ^= *RK++; - MBEDTLS_PUT_UINT32_BE( X[2], output, 0 ); - MBEDTLS_PUT_UINT32_BE( X[3], output, 4 ); - MBEDTLS_PUT_UINT32_BE( X[0], output, 8 ); - MBEDTLS_PUT_UINT32_BE( X[1], output, 12 ); + MBEDTLS_PUT_UINT32_BE(X[2], output, 0); + MBEDTLS_PUT_UINT32_BE(X[3], output, 4); + MBEDTLS_PUT_UINT32_BE(X[0], output, 8); + MBEDTLS_PUT_UINT32_BE(X[1], output, 12); - return( 0 ); + return 0; } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * Camellia-CBC buffer encryption/decryption */ -int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_camellia_crypt_cbc(mbedtls_camellia_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int i; unsigned char temp[16]; - CAMELLIA_VALIDATE_RET( ctx != NULL ); - CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT || - mode == MBEDTLS_CAMELLIA_DECRYPT ); - CAMELLIA_VALIDATE_RET( iv != NULL ); - CAMELLIA_VALIDATE_RET( length == 0 || input != NULL ); - CAMELLIA_VALIDATE_RET( length == 0 || output != NULL ); - - if( length % 16 ) - return( MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH ); + CAMELLIA_VALIDATE_RET(ctx != NULL); + CAMELLIA_VALIDATE_RET(mode == MBEDTLS_CAMELLIA_ENCRYPT || + mode == MBEDTLS_CAMELLIA_DECRYPT); + CAMELLIA_VALIDATE_RET(iv != NULL); + CAMELLIA_VALIDATE_RET(length == 0 || input != NULL); + CAMELLIA_VALIDATE_RET(length == 0 || output != NULL); + + if (length % 16) { + return MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH; + } - if( mode == MBEDTLS_CAMELLIA_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, 16 ); - mbedtls_camellia_crypt_ecb( ctx, mode, input, output ); + if (mode == MBEDTLS_CAMELLIA_DECRYPT) { + while (length > 0) { + memcpy(temp, input, 16); + mbedtls_camellia_crypt_ecb(ctx, mode, input, output); - for( i = 0; i < 16; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < 16; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, 16 ); + memcpy(iv, temp, 16); input += 16; output += 16; length -= 16; } - } - else - { - while( length > 0 ) - { - for( i = 0; i < 16; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + } else { + while (length > 0) { + for (i = 0; i < 16; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - mbedtls_camellia_crypt_ecb( ctx, mode, output, output ); - memcpy( iv, output, 16 ); + mbedtls_camellia_crypt_ecb(ctx, mode, output, output); + memcpy(iv, output, 16); input += 16; output += 16; @@ -586,7 +590,7 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, } } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -594,58 +598,56 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, /* * Camellia-CFB128 buffer encryption/decryption */ -int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int c; size_t n; - CAMELLIA_VALIDATE_RET( ctx != NULL ); - CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT || - mode == MBEDTLS_CAMELLIA_DECRYPT ); - CAMELLIA_VALIDATE_RET( iv != NULL ); - CAMELLIA_VALIDATE_RET( iv_off != NULL ); - CAMELLIA_VALIDATE_RET( length == 0 || input != NULL ); - CAMELLIA_VALIDATE_RET( length == 0 || output != NULL ); + CAMELLIA_VALIDATE_RET(ctx != NULL); + CAMELLIA_VALIDATE_RET(mode == MBEDTLS_CAMELLIA_ENCRYPT || + mode == MBEDTLS_CAMELLIA_DECRYPT); + CAMELLIA_VALIDATE_RET(iv != NULL); + CAMELLIA_VALIDATE_RET(iv_off != NULL); + CAMELLIA_VALIDATE_RET(length == 0 || input != NULL); + CAMELLIA_VALIDATE_RET(length == 0 || output != NULL); n = *iv_off; - if( n >= 16 ) - return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ); + if (n >= 16) { + return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA; + } - if( mode == MBEDTLS_CAMELLIA_DECRYPT ) - { - while( length-- ) - { - if( n == 0 ) - mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv ); + if (mode == MBEDTLS_CAMELLIA_DECRYPT) { + while (length--) { + if (n == 0) { + mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv); + } c = *input++; - *output++ = (unsigned char)( c ^ iv[n] ); + *output++ = (unsigned char) (c ^ iv[n]); iv[n] = (unsigned char) c; - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } - } - else - { - while( length-- ) - { - if( n == 0 ) - mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv ); + } else { + while (length--) { + if (n == 0) { + mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv); + } - iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); + iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++); - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } } *iv_off = n; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CFB */ @@ -653,46 +655,48 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, /* * Camellia-CTR buffer encryption/decryption */ -int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_camellia_crypt_ctr(mbedtls_camellia_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output) { int c, i; size_t n; - CAMELLIA_VALIDATE_RET( ctx != NULL ); - CAMELLIA_VALIDATE_RET( nonce_counter != NULL ); - CAMELLIA_VALIDATE_RET( stream_block != NULL ); - CAMELLIA_VALIDATE_RET( nc_off != NULL ); - CAMELLIA_VALIDATE_RET( length == 0 || input != NULL ); - CAMELLIA_VALIDATE_RET( length == 0 || output != NULL ); + CAMELLIA_VALIDATE_RET(ctx != NULL); + CAMELLIA_VALIDATE_RET(nonce_counter != NULL); + CAMELLIA_VALIDATE_RET(stream_block != NULL); + CAMELLIA_VALIDATE_RET(nc_off != NULL); + CAMELLIA_VALIDATE_RET(length == 0 || input != NULL); + CAMELLIA_VALIDATE_RET(length == 0 || output != NULL); n = *nc_off; - if( n >= 16 ) - return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ); + if (n >= 16) { + return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA; + } - while( length-- ) - { - if( n == 0 ) { - mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter, - stream_block ); + while (length--) { + if (n == 0) { + mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter, + stream_block); - for( i = 16; i > 0; i-- ) - if( ++nonce_counter[i - 1] != 0 ) + for (i = 16; i > 0; i--) { + if (++nonce_counter[i - 1] != 0) { break; + } + } } c = *input++; - *output++ = (unsigned char)( c ^ stream_block[n] ); + *output++ = (unsigned char) (c ^ stream_block[n]); - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } *nc_off = n; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* !MBEDTLS_CAMELLIA_ALT */ @@ -772,23 +776,23 @@ static const unsigned char camellia_test_ecb_cipher[3][CAMELLIA_TESTS_ECB][16] = static const unsigned char camellia_test_cbc_key[3][32] = { - { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, - 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C } + { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, + 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C } , - { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, - 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, - 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B } + { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, + 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, + 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B } , - { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, - 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, - 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, - 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 } + { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, + 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, + 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, + 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 } }; static const unsigned char camellia_test_cbc_iv[16] = - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F } +{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F } ; static const unsigned char camellia_test_cbc_plain[CAMELLIA_TESTS_CBC][16] = @@ -891,13 +895,13 @@ static const unsigned char camellia_test_ctr_ct[3][48] = }; static const int camellia_test_ctr_len[3] = - { 16, 32, 36 }; +{ 16, 32, 36 }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ /* * Checkup routine */ -int mbedtls_camellia_self_test( int verbose ) +int mbedtls_camellia_self_test(int verbose) { int i, j, u, v; unsigned char key[32]; @@ -916,163 +920,167 @@ int mbedtls_camellia_self_test( int verbose ) mbedtls_camellia_context ctx; - mbedtls_camellia_init( &ctx ); - memset( key, 0, 32 ); + mbedtls_camellia_init(&ctx); + memset(key, 0, 32); - for( j = 0; j < 6; j++ ) { + for (j = 0; j < 6; j++) { u = j >> 1; - v = j & 1; - - if( verbose != 0 ) - mbedtls_printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64, - (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); - - for( i = 0; i < CAMELLIA_TESTS_ECB; i++ ) { - memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u ); - - if( v == MBEDTLS_CAMELLIA_DECRYPT ) { - mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 ); - memcpy( src, camellia_test_ecb_cipher[u][i], 16 ); - memcpy( dst, camellia_test_ecb_plain[i], 16 ); - } else { /* MBEDTLS_CAMELLIA_ENCRYPT */ - mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 ); - memcpy( src, camellia_test_ecb_plain[i], 16 ); - memcpy( dst, camellia_test_ecb_cipher[u][i], 16 ); + v = j & 1; + + if (verbose != 0) { + mbedtls_printf(" CAMELLIA-ECB-%3d (%s): ", 128 + u * 64, + (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); } - mbedtls_camellia_crypt_ecb( &ctx, v, src, buf ); + for (i = 0; i < CAMELLIA_TESTS_ECB; i++) { + memcpy(key, camellia_test_ecb_key[u][i], 16 + 8 * u); + + if (v == MBEDTLS_CAMELLIA_DECRYPT) { + mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64); + memcpy(src, camellia_test_ecb_cipher[u][i], 16); + memcpy(dst, camellia_test_ecb_plain[i], 16); + } else { /* MBEDTLS_CAMELLIA_ENCRYPT */ + mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64); + memcpy(src, camellia_test_ecb_plain[i], 16); + memcpy(dst, camellia_test_ecb_cipher[u][i], 16); + } - if( memcmp( buf, dst, 16 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - goto exit; + mbedtls_camellia_crypt_ecb(&ctx, v, src, buf); + + if (memcmp(buf, dst, 16) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } + goto exit; + } } - } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * CBC mode */ - for( j = 0; j < 6; j++ ) - { + for (j = 0; j < 6; j++) { u = j >> 1; v = j & 1; - if( verbose != 0 ) - mbedtls_printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64, - ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" CAMELLIA-CBC-%3d (%s): ", 128 + u * 64, + (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); + } - memcpy( src, camellia_test_cbc_iv, 16 ); - memcpy( dst, camellia_test_cbc_iv, 16 ); - memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u ); + memcpy(src, camellia_test_cbc_iv, 16); + memcpy(dst, camellia_test_cbc_iv, 16); + memcpy(key, camellia_test_cbc_key[u], 16 + 8 * u); - if( v == MBEDTLS_CAMELLIA_DECRYPT ) { - mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 ); + if (v == MBEDTLS_CAMELLIA_DECRYPT) { + mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64); } else { - mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 ); + mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64); } - for( i = 0; i < CAMELLIA_TESTS_CBC; i++ ) { + for (i = 0; i < CAMELLIA_TESTS_CBC; i++) { - if( v == MBEDTLS_CAMELLIA_DECRYPT ) { - memcpy( iv , src, 16 ); - memcpy( src, camellia_test_cbc_cipher[u][i], 16 ); - memcpy( dst, camellia_test_cbc_plain[i], 16 ); + if (v == MBEDTLS_CAMELLIA_DECRYPT) { + memcpy(iv, src, 16); + memcpy(src, camellia_test_cbc_cipher[u][i], 16); + memcpy(dst, camellia_test_cbc_plain[i], 16); } else { /* MBEDTLS_CAMELLIA_ENCRYPT */ - memcpy( iv , dst, 16 ); - memcpy( src, camellia_test_cbc_plain[i], 16 ); - memcpy( dst, camellia_test_cbc_cipher[u][i], 16 ); + memcpy(iv, dst, 16); + memcpy(src, camellia_test_cbc_plain[i], 16); + memcpy(dst, camellia_test_cbc_cipher[u][i], 16); } - mbedtls_camellia_crypt_cbc( &ctx, v, 16, iv, src, buf ); + mbedtls_camellia_crypt_cbc(&ctx, v, 16, iv, src, buf); - if( memcmp( buf, dst, 16 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (memcmp(buf, dst, 16) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto exit; } } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } #endif /* MBEDTLS_CIPHER_MODE_CBC */ - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #if defined(MBEDTLS_CIPHER_MODE_CTR) /* * CTR mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; v = i & 1; - if( verbose != 0 ) - mbedtls_printf( " CAMELLIA-CTR-128 (%s): ", - ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" CAMELLIA-CTR-128 (%s): ", + (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); + } - memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 ); - memcpy( key, camellia_test_ctr_key[u], 16 ); + memcpy(nonce_counter, camellia_test_ctr_nonce_counter[u], 16); + memcpy(key, camellia_test_ctr_key[u], 16); offset = 0; - mbedtls_camellia_setkey_enc( &ctx, key, 128 ); + mbedtls_camellia_setkey_enc(&ctx, key, 128); - if( v == MBEDTLS_CAMELLIA_DECRYPT ) - { + if (v == MBEDTLS_CAMELLIA_DECRYPT) { len = camellia_test_ctr_len[u]; - memcpy( buf, camellia_test_ctr_ct[u], len ); + memcpy(buf, camellia_test_ctr_ct[u], len); - mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, - buf, buf ); + mbedtls_camellia_crypt_ctr(&ctx, len, &offset, nonce_counter, stream_block, + buf, buf); - if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (memcmp(buf, camellia_test_ctr_pt[u], len) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto exit; } - } - else - { + } else { len = camellia_test_ctr_len[u]; - memcpy( buf, camellia_test_ctr_pt[u], len ); + memcpy(buf, camellia_test_ctr_pt[u], len); - mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, - buf, buf ); + mbedtls_camellia_crypt_ctr(&ctx, len, &offset, nonce_counter, stream_block, + buf, buf); - if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (memcmp(buf, camellia_test_ctr_ct[u], len) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto exit; } } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #endif /* MBEDTLS_CIPHER_MODE_CTR */ ret = 0; exit: - mbedtls_camellia_free( &ctx ); - return( ret ); + mbedtls_camellia_free(&ctx); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/ccm.c b/library/ccm.c index e0d43334f989..82c308aa8e01 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -40,10 +40,10 @@ #if !defined(MBEDTLS_CCM_ALT) -#define CCM_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CCM_BAD_INPUT ) -#define CCM_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define CCM_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CCM_BAD_INPUT) +#define CCM_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #define CCM_ENCRYPT 0 #define CCM_DECRYPT 1 @@ -51,54 +51,57 @@ /* * Initialize context */ -void mbedtls_ccm_init( mbedtls_ccm_context *ctx ) +void mbedtls_ccm_init(mbedtls_ccm_context *ctx) { - CCM_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_ccm_context ) ); + CCM_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_ccm_context)); } -int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, - mbedtls_cipher_id_t cipher, - const unsigned char *key, - unsigned int keybits ) +int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( key != NULL ); + CCM_VALIDATE_RET(ctx != NULL); + CCM_VALIDATE_RET(key != NULL); - cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, - MBEDTLS_MODE_ECB ); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + cipher_info = mbedtls_cipher_info_from_values(cipher, keybits, + MBEDTLS_MODE_ECB); + if (cipher_info == NULL) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } - if( cipher_info->block_size != 16 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if (cipher_info->block_size != 16) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } - mbedtls_cipher_free( &ctx->cipher_ctx ); + mbedtls_cipher_free(&ctx->cipher_ctx); - if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) { + return ret; + } - if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits, - MBEDTLS_ENCRYPT ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits, + MBEDTLS_ENCRYPT)) != 0) { + return ret; } - return( 0 ); + return 0; } /* * Free context */ -void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) +void mbedtls_ccm_free(mbedtls_ccm_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; - mbedtls_cipher_free( &ctx->cipher_ctx ); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ccm_context ) ); + } + mbedtls_cipher_free(&ctx->cipher_ctx); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ccm_context)); } /* @@ -111,38 +114,38 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) * (Always using b as the source helps the compiler optimise a bit better.) */ #define UPDATE_CBC_MAC \ - for( i = 0; i < 16; i++ ) \ - y[i] ^= b[i]; \ + for (i = 0; i < 16; i++) \ + y[i] ^= b[i]; \ \ - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \ - return( ret ); + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, y, 16, y, &olen)) != 0) \ + return ret; /* * Encrypt or decrypt a partial block with CTR * Warning: using b for temporary storage! src and dst must not be b! * This avoids allocating one more 16 bytes buffer while allowing src == dst. */ -#define CTR_CRYPT( dst, src, len ) \ +#define CTR_CRYPT(dst, src, len) \ do \ { \ - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr, \ - 16, b, &olen ) ) != 0 ) \ + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctr, \ + 16, b, &olen)) != 0) \ { \ - return( ret ); \ + return ret; \ } \ - \ - for( i = 0; i < (len); i++ ) \ - (dst)[i] = (src)[i] ^ b[i]; \ - } while( 0 ) + \ + for (i = 0; i < (len); i++) \ + (dst)[i] = (src)[i] ^ b[i]; \ + } while (0) /* * Authenticated encryption or decryption */ -static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - unsigned char *tag, size_t tag_len ) +static int ccm_auth_crypt(mbedtls_ccm_context *ctx, int mode, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; @@ -161,15 +164,18 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, * * Also, loosen the requirements to enable support for CCM* (IEEE 802.15.4). */ - if( tag_len == 2 || tag_len > 16 || tag_len % 2 != 0 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if (tag_len == 2 || tag_len > 16 || tag_len % 2 != 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } /* Also implies q is within bounds */ - if( iv_len < 7 || iv_len > 13 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if (iv_len < 7 || iv_len > 13) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } - if( add_len >= 0xFF00 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if (add_len >= 0xFF00) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } q = 16 - 1 - (unsigned char) iv_len; @@ -186,49 +192,49 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, * 2 .. 0 q - 1 */ b[0] = 0; - b[0] |= ( add_len > 0 ) << 6; - b[0] |= ( ( tag_len - 2 ) / 2 ) << 3; + b[0] |= (add_len > 0) << 6; + b[0] |= ((tag_len - 2) / 2) << 3; b[0] |= q - 1; - memcpy( b + 1, iv, iv_len ); + memcpy(b + 1, iv, iv_len); - for( i = 0, len_left = length; i < q; i++, len_left >>= 8 ) - b[15-i] = MBEDTLS_BYTE_0( len_left ); + for (i = 0, len_left = length; i < q; i++, len_left >>= 8) { + b[15-i] = MBEDTLS_BYTE_0(len_left); + } - if( len_left > 0 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if (len_left > 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } /* Start CBC-MAC with first block */ - memset( y, 0, 16 ); + memset(y, 0, 16); UPDATE_CBC_MAC; /* * If there is additional data, update CBC-MAC with * add_len, add, 0 (padding to a block boundary) */ - if( add_len > 0 ) - { + if (add_len > 0) { size_t use_len; len_left = add_len; src = add; - memset( b, 0, 16 ); - MBEDTLS_PUT_UINT16_BE( add_len, b, 0 ); + memset(b, 0, 16); + MBEDTLS_PUT_UINT16_BE(add_len, b, 0); use_len = len_left < 16 - 2 ? len_left : 16 - 2; - memcpy( b + 2, src, use_len ); + memcpy(b + 2, src, use_len); len_left -= use_len; src += use_len; UPDATE_CBC_MAC; - while( len_left > 0 ) - { + while (len_left > 0) { use_len = len_left > 16 ? 16 : len_left; - memset( b, 0, 16 ); - memcpy( b, src, use_len ); + memset(b, 0, 16); + memcpy(b, src, use_len); UPDATE_CBC_MAC; len_left -= use_len; @@ -247,8 +253,8 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, * 2 .. 0 q - 1 */ ctr[0] = q - 1; - memcpy( ctr + 1, iv, iv_len ); - memset( ctr + 1 + iv_len, 0, q ); + memcpy(ctr + 1, iv, iv_len); + memset(ctr + 1 + iv_len, 0, q); ctr[15] = 1; /* @@ -261,23 +267,20 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, src = input; dst = output; - while( len_left > 0 ) - { + while (len_left > 0) { size_t use_len = len_left > 16 ? 16 : len_left; - if( mode == CCM_ENCRYPT ) - { - memset( b, 0, 16 ); - memcpy( b, src, use_len ); + if (mode == CCM_ENCRYPT) { + memset(b, 0, 16); + memcpy(b, src, use_len); UPDATE_CBC_MAC; } - CTR_CRYPT( dst, src, use_len ); + CTR_CRYPT(dst, src, use_len); - if( mode == CCM_DECRYPT ) - { - memset( b, 0, 16 ); - memcpy( b, dst, use_len ); + if (mode == CCM_DECRYPT) { + memset(b, 0, 16); + memcpy(b, dst, use_len); UPDATE_CBC_MAC; } @@ -289,120 +292,124 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, * Increment counter. * No need to check for overflow thanks to the length check above. */ - for( i = 0; i < q; i++ ) - if( ++ctr[15-i] != 0 ) + for (i = 0; i < q; i++) { + if (++ctr[15-i] != 0) { break; + } + } } /* * Authentication: reset counter and crypt/mask internal tag */ - for( i = 0; i < q; i++ ) + for (i = 0; i < q; i++) { ctr[15-i] = 0; + } - CTR_CRYPT( y, y, 16 ); - memcpy( tag, y, tag_len ); + CTR_CRYPT(y, y, 16); + memcpy(tag, y, tag_len); - return( 0 ); + return 0; } /* * Authenticated encryption */ -int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - unsigned char *tag, size_t tag_len ) +int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len) { - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( add_len == 0 || add != NULL ); - CCM_VALIDATE_RET( length == 0 || input != NULL ); - CCM_VALIDATE_RET( length == 0 || output != NULL ); - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); - return( ccm_auth_crypt( ctx, CCM_ENCRYPT, length, iv, iv_len, - add, add_len, input, output, tag, tag_len ) ); + CCM_VALIDATE_RET(ctx != NULL); + CCM_VALIDATE_RET(iv != NULL); + CCM_VALIDATE_RET(add_len == 0 || add != NULL); + CCM_VALIDATE_RET(length == 0 || input != NULL); + CCM_VALIDATE_RET(length == 0 || output != NULL); + CCM_VALIDATE_RET(tag_len == 0 || tag != NULL); + return ccm_auth_crypt(ctx, CCM_ENCRYPT, length, iv, iv_len, + add, add_len, input, output, tag, tag_len); } -int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - unsigned char *tag, size_t tag_len ) +int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len) { - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( add_len == 0 || add != NULL ); - CCM_VALIDATE_RET( length == 0 || input != NULL ); - CCM_VALIDATE_RET( length == 0 || output != NULL ); - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); - if( tag_len == 0 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); - - return( mbedtls_ccm_star_encrypt_and_tag( ctx, length, iv, iv_len, add, - add_len, input, output, tag, tag_len ) ); + CCM_VALIDATE_RET(ctx != NULL); + CCM_VALIDATE_RET(iv != NULL); + CCM_VALIDATE_RET(add_len == 0 || add != NULL); + CCM_VALIDATE_RET(length == 0 || input != NULL); + CCM_VALIDATE_RET(length == 0 || output != NULL); + CCM_VALIDATE_RET(tag_len == 0 || tag != NULL); + if (tag_len == 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } + + return mbedtls_ccm_star_encrypt_and_tag(ctx, length, iv, iv_len, add, + add_len, input, output, tag, tag_len); } /* * Authenticated decryption */ -int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - const unsigned char *tag, size_t tag_len ) +int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; unsigned char i; int diff; - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( add_len == 0 || add != NULL ); - CCM_VALIDATE_RET( length == 0 || input != NULL ); - CCM_VALIDATE_RET( length == 0 || output != NULL ); - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - if( ( ret = ccm_auth_crypt( ctx, CCM_DECRYPT, length, - iv, iv_len, add, add_len, - input, output, check_tag, tag_len ) ) != 0 ) - { - return( ret ); + CCM_VALIDATE_RET(ctx != NULL); + CCM_VALIDATE_RET(iv != NULL); + CCM_VALIDATE_RET(add_len == 0 || add != NULL); + CCM_VALIDATE_RET(length == 0 || input != NULL); + CCM_VALIDATE_RET(length == 0 || output != NULL); + CCM_VALIDATE_RET(tag_len == 0 || tag != NULL); + + if ((ret = ccm_auth_crypt(ctx, CCM_DECRYPT, length, + iv, iv_len, add, add_len, + input, output, check_tag, tag_len)) != 0) { + return ret; } /* Check tag in "constant-time" */ - for( diff = 0, i = 0; i < tag_len; i++ ) + for (diff = 0, i = 0; i < tag_len; i++) { diff |= tag[i] ^ check_tag[i]; + } - if( diff != 0 ) - { - mbedtls_platform_zeroize( output, length ); - return( MBEDTLS_ERR_CCM_AUTH_FAILED ); + if (diff != 0) { + mbedtls_platform_zeroize(output, length); + return MBEDTLS_ERR_CCM_AUTH_FAILED; } - return( 0 ); + return 0; } -int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - const unsigned char *tag, size_t tag_len ) +int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len) { - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( add_len == 0 || add != NULL ); - CCM_VALIDATE_RET( length == 0 || input != NULL ); - CCM_VALIDATE_RET( length == 0 || output != NULL ); - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - if( tag_len == 0 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); - - return( mbedtls_ccm_star_auth_decrypt( ctx, length, iv, iv_len, add, - add_len, input, output, tag, tag_len ) ); + CCM_VALIDATE_RET(ctx != NULL); + CCM_VALIDATE_RET(iv != NULL); + CCM_VALIDATE_RET(add_len == 0 || add != NULL); + CCM_VALIDATE_RET(length == 0 || input != NULL); + CCM_VALIDATE_RET(length == 0 || output != NULL); + CCM_VALIDATE_RET(tag_len == 0 || tag != NULL); + + if (tag_len == 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } + + return mbedtls_ccm_star_auth_decrypt(ctx, length, iv, iv_len, add, + add_len, input, output, tag, tag_len); } #endif /* !MBEDTLS_CCM_ALT */ @@ -439,7 +446,7 @@ static const unsigned char msg_test_data[CCM_SELFTEST_PT_MAX_LEN] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, }; -static const size_t iv_len_test_data [NB_TESTS] = { 7, 8, 12 }; +static const size_t iv_len_test_data[NB_TESTS] = { 7, 8, 12 }; static const size_t add_len_test_data[NB_TESTS] = { 8, 16, 20 }; static const size_t msg_len_test_data[NB_TESTS] = { 4, 16, 24 }; static const size_t tag_len_test_data[NB_TESTS] = { 4, 6, 8 }; @@ -455,7 +462,7 @@ static const unsigned char res_test_data[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = { 0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 } }; -int mbedtls_ccm_self_test( int verbose ) +int mbedtls_ccm_self_test(int verbose) { mbedtls_ccm_context ctx; /* @@ -468,70 +475,72 @@ int mbedtls_ccm_self_test( int verbose ) size_t i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key_test_data, - 8 * sizeof key_test_data ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( " CCM: setup failed" ); + if (mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key_test_data, + 8 * sizeof key_test_data) != 0) { + if (verbose != 0) { + mbedtls_printf(" CCM: setup failed"); + } - return( 1 ); + return 1; } - for( i = 0; i < NB_TESTS; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 ); - - memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); - memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN ); - memcpy( plaintext, msg_test_data, msg_len_test_data[i] ); - - ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len_test_data[i], - iv_test_data, iv_len_test_data[i], - ad_test_data, add_len_test_data[i], - plaintext, ciphertext, - ciphertext + msg_len_test_data[i], - tag_len_test_data[i] ); - - if( ret != 0 || - memcmp( ciphertext, res_test_data[i], - msg_len_test_data[i] + tag_len_test_data[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - - return( 1 ); + for (i = 0; i < NB_TESTS; i++) { + if (verbose != 0) { + mbedtls_printf(" CCM-AES #%u: ", (unsigned int) i + 1); + } + + memset(plaintext, 0, CCM_SELFTEST_PT_MAX_LEN); + memset(ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN); + memcpy(plaintext, msg_test_data, msg_len_test_data[i]); + + ret = mbedtls_ccm_encrypt_and_tag(&ctx, msg_len_test_data[i], + iv_test_data, iv_len_test_data[i], + ad_test_data, add_len_test_data[i], + plaintext, ciphertext, + ciphertext + msg_len_test_data[i], + tag_len_test_data[i]); + + if (ret != 0 || + memcmp(ciphertext, res_test_data[i], + msg_len_test_data[i] + tag_len_test_data[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } + + return 1; } - memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); - - ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len_test_data[i], - iv_test_data, iv_len_test_data[i], - ad_test_data, add_len_test_data[i], - ciphertext, plaintext, - ciphertext + msg_len_test_data[i], - tag_len_test_data[i] ); - - if( ret != 0 || - memcmp( plaintext, msg_test_data, msg_len_test_data[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - - return( 1 ); + memset(plaintext, 0, CCM_SELFTEST_PT_MAX_LEN); + + ret = mbedtls_ccm_auth_decrypt(&ctx, msg_len_test_data[i], + iv_test_data, iv_len_test_data[i], + ad_test_data, add_len_test_data[i], + ciphertext, plaintext, + ciphertext + msg_len_test_data[i], + tag_len_test_data[i]); + + if (ret != 0 || + memcmp(plaintext, msg_test_data, msg_len_test_data[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } + + return 1; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ diff --git a/library/certs.c b/library/certs.c index a5695e3c8e88..af1f98cb0296 100644 --- a/library/certs.c +++ b/library/certs.c @@ -57,50 +57,50 @@ /* This is generated from tests/data_files/test-ca2.crt.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CA_CRT_EC_DER tests/data_files/test-ca2.crt.der */ #define TEST_CA_CRT_EC_DER { \ - 0x30, 0x82, 0x02, 0x04, 0x30, 0x82, 0x01, 0x88, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, \ - 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, \ - 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \ - 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \ - 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \ - 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \ - 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, \ - 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x17, \ - 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, \ - 0x30, 0x5a, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \ - 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \ - 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \ - 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \ - 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, \ - 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, \ - 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, \ - 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, \ - 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, \ - 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, \ - 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, \ - 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, \ - 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, \ - 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, \ - 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0c, \ - 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, \ - 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, \ - 0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, \ - 0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x1f, 0x06, 0x03, 0x55, \ - 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, \ - 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, \ - 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ - 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, \ - 0x30, 0x51, 0xca, 0xae, 0x30, 0x0f, 0xa4, 0x70, 0x74, 0x04, 0xdd, 0x5a, \ - 0x2c, 0x7f, 0x13, 0xc1, 0xc2, 0x77, 0xbe, 0x1d, 0x00, 0xc5, 0xe2, 0x99, \ - 0x8f, 0x7d, 0x26, 0x45, 0xd3, 0x8a, 0x06, 0x68, 0x3f, 0x8c, 0xb4, 0xb7, \ - 0xad, 0x4d, 0xe0, 0xf1, 0x54, 0x01, 0x1e, 0x99, 0xfc, 0xb0, 0xe4, 0xd3, \ - 0x07, 0x02, 0x31, 0x00, 0xdc, 0x4f, 0x3b, 0x90, 0x1e, 0xae, 0x29, 0x99, \ - 0x84, 0x28, 0xcc, 0x7b, 0x47, 0x78, 0x09, 0x31, 0xdf, 0xd6, 0x01, 0x59, \ - 0x30, 0x5e, 0xf4, 0xf8, 0x8a, 0x84, 0x3f, 0xea, 0x39, 0x54, 0x7b, 0x08, \ - 0xa7, 0x60, 0xaa, 0xbd, 0xf9, 0x5b, 0xd1, 0x51, 0x96, 0x14, 0x2e, 0x65, \ - 0xf5, 0xae, 0x1c, 0x42 \ + 0x30, 0x82, 0x02, 0x04, 0x30, 0x82, 0x01, 0x88, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, \ + 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, \ + 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \ + 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \ + 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \ + 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \ + 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, \ + 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x17, \ + 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, \ + 0x30, 0x5a, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \ + 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \ + 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \ + 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \ + 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, \ + 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, \ + 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, \ + 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, \ + 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, \ + 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, \ + 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, \ + 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, \ + 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, \ + 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, \ + 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0c, \ + 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, \ + 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, \ + 0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, \ + 0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x1f, 0x06, 0x03, 0x55, \ + 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, \ + 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, \ + 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ + 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, \ + 0x30, 0x51, 0xca, 0xae, 0x30, 0x0f, 0xa4, 0x70, 0x74, 0x04, 0xdd, 0x5a, \ + 0x2c, 0x7f, 0x13, 0xc1, 0xc2, 0x77, 0xbe, 0x1d, 0x00, 0xc5, 0xe2, 0x99, \ + 0x8f, 0x7d, 0x26, 0x45, 0xd3, 0x8a, 0x06, 0x68, 0x3f, 0x8c, 0xb4, 0xb7, \ + 0xad, 0x4d, 0xe0, 0xf1, 0x54, 0x01, 0x1e, 0x99, 0xfc, 0xb0, 0xe4, 0xd3, \ + 0x07, 0x02, 0x31, 0x00, 0xdc, 0x4f, 0x3b, 0x90, 0x1e, 0xae, 0x29, 0x99, \ + 0x84, 0x28, 0xcc, 0x7b, 0x47, 0x78, 0x09, 0x31, 0xdf, 0xd6, 0x01, 0x59, \ + 0x30, 0x5e, 0xf4, 0xf8, 0x8a, 0x84, 0x3f, 0xea, 0x39, 0x54, 0x7b, 0x08, \ + 0xa7, 0x60, 0xaa, 0xbd, 0xf9, 0x5b, 0xd1, 0x51, 0x96, 0x14, 0x2e, 0x65, \ + 0xf5, 0xae, 0x1c, 0x42 \ } /* END FILE */ @@ -123,20 +123,20 @@ /* This is generated from tests/data_files/test-ca2.key.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CA_KEY_EC_DER tests/data_files/test-ca2.key.der */ #define TEST_CA_KEY_EC_DER { \ - 0x30, 0x81, 0xa4, 0x02, 0x01, 0x01, 0x04, 0x30, 0x83, 0xd9, 0x15, 0x0e, \ - 0xa0, 0x71, 0xf0, 0x57, 0x10, 0x33, 0xa3, 0x38, 0xb8, 0x86, 0xc1, 0xa6, \ - 0x11, 0x5d, 0x6d, 0xb4, 0x03, 0xe1, 0x29, 0x76, 0x45, 0xd7, 0x87, 0x6f, \ - 0x23, 0xab, 0x44, 0x20, 0xea, 0x64, 0x7b, 0x85, 0xb1, 0x76, 0xe7, 0x85, \ - 0x95, 0xaa, 0x74, 0xd6, 0xd1, 0xa4, 0x5e, 0xea, 0xa0, 0x07, 0x06, 0x05, \ - 0x2b, 0x81, 0x04, 0x00, 0x22, 0xa1, 0x64, 0x03, 0x62, 0x00, 0x04, 0xc3, \ - 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, \ - 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, \ - 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, \ - 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, \ - 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, \ - 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, \ - 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, \ - 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e \ + 0x30, 0x81, 0xa4, 0x02, 0x01, 0x01, 0x04, 0x30, 0x83, 0xd9, 0x15, 0x0e, \ + 0xa0, 0x71, 0xf0, 0x57, 0x10, 0x33, 0xa3, 0x38, 0xb8, 0x86, 0xc1, 0xa6, \ + 0x11, 0x5d, 0x6d, 0xb4, 0x03, 0xe1, 0x29, 0x76, 0x45, 0xd7, 0x87, 0x6f, \ + 0x23, 0xab, 0x44, 0x20, 0xea, 0x64, 0x7b, 0x85, 0xb1, 0x76, 0xe7, 0x85, \ + 0x95, 0xaa, 0x74, 0xd6, 0xd1, 0xa4, 0x5e, 0xea, 0xa0, 0x07, 0x06, 0x05, \ + 0x2b, 0x81, 0x04, 0x00, 0x22, 0xa1, 0x64, 0x03, 0x62, 0x00, 0x04, 0xc3, \ + 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, \ + 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, \ + 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, \ + 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, \ + 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, \ + 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, \ + 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, \ + 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e \ } /* END FILE */ @@ -169,76 +169,76 @@ * using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA256_DER tests/data_files/test-ca-sha256.crt.der */ #define TEST_CA_CRT_RSA_SHA256_DER { \ - 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \ - 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \ - 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \ - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \ - 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \ - 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \ - 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \ - 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \ - 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \ - 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \ - 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \ - 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \ - 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \ - 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \ - 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \ - 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \ - 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \ - 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \ - 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \ - 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \ - 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \ - 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \ - 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \ - 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \ - 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \ - 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \ - 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \ - 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \ - 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \ - 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \ - 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \ - 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \ - 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \ - 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \ - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, \ - 0x03, 0x82, 0x01, 0x01, 0x00, 0x38, 0xa8, 0x54, 0x82, 0xb6, 0x1d, 0xaa, \ - 0xdb, 0x6b, 0x89, 0x21, 0xd1, 0x38, 0x28, 0x61, 0xc9, 0xb0, 0x98, 0xd5, \ - 0x11, 0xfc, 0x36, 0xff, 0x19, 0xfe, 0x32, 0x44, 0xef, 0x08, 0xc7, 0xf1, \ - 0x56, 0xbb, 0xe6, 0x46, 0xfa, 0x82, 0xb6, 0x31, 0x38, 0xb4, 0xa0, 0xe5, \ - 0xa0, 0xae, 0x0c, 0xc4, 0x53, 0x9e, 0x93, 0x4e, 0xe8, 0x0d, 0x9c, 0x2f, \ - 0xb4, 0x04, 0xfd, 0x8a, 0x39, 0xf5, 0x84, 0x77, 0xed, 0x4c, 0xd4, 0xbb, \ - 0x44, 0x7f, 0x73, 0x77, 0xf7, 0xf1, 0x36, 0x97, 0xdc, 0x1e, 0x73, 0x19, \ - 0x5d, 0x50, 0xb8, 0xc3, 0x80, 0xcd, 0x03, 0x57, 0xd2, 0x00, 0xdb, 0x56, \ - 0xe6, 0xc6, 0x35, 0x24, 0x1e, 0x49, 0x7b, 0xd8, 0xd2, 0x72, 0xbb, 0x0b, \ - 0x49, 0x2f, 0xa6, 0x02, 0x3c, 0xaf, 0xd0, 0xec, 0x37, 0x1d, 0xbd, 0x81, \ - 0x8b, 0x1f, 0x30, 0xbb, 0xbc, 0x4d, 0x36, 0xb5, 0x79, 0x7c, 0x87, 0xfb, \ - 0x51, 0xb9, 0xbe, 0xc2, 0xde, 0x92, 0xa8, 0x40, 0x71, 0xbb, 0x72, 0x9b, \ - 0xf8, 0x47, 0xce, 0x6c, 0x04, 0xf8, 0x86, 0xe7, 0xf7, 0x73, 0x3c, 0xe7, \ - 0x84, 0x7d, 0xc2, 0xd7, 0xb7, 0x9d, 0xe8, 0xd4, 0x9b, 0x5f, 0x0a, 0x17, \ - 0x7d, 0xbc, 0xbb, 0xb2, 0xd5, 0x94, 0x0d, 0xe4, 0x49, 0xbf, 0x4f, 0x11, \ - 0x68, 0x53, 0xb2, 0x91, 0xff, 0xc0, 0x69, 0xee, 0xdb, 0x63, 0x93, 0xcb, \ - 0xc9, 0x35, 0x6b, 0x90, 0x09, 0xe2, 0x90, 0xc9, 0xed, 0x27, 0xd6, 0x08, \ - 0xfa, 0x13, 0x4d, 0x62, 0xdd, 0xe2, 0x9e, 0xaa, 0xb5, 0xd4, 0x0e, 0x5c, \ - 0x37, 0x4f, 0xab, 0x55, 0x3b, 0x2d, 0xf1, 0x42, 0x82, 0xc7, 0x34, 0x38, \ - 0x1a, 0x9b, 0xeb, 0xa1, 0x2c, 0x0f, 0x29, 0x31, 0x64, 0x6c, 0xcc, 0x38, \ - 0xfd, 0xa9, 0xd3, 0xd5, 0xd5, 0x71, 0xaf, 0xf0, 0x6d, 0xc0, 0x97, 0xe2, \ - 0x11, 0x2a, 0x0a, 0xdf, 0xfe, 0x02, 0x79, 0x74, 0x75 \ + 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \ + 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \ + 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \ + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \ + 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \ + 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \ + 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \ + 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \ + 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \ + 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \ + 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \ + 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \ + 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \ + 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \ + 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \ + 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \ + 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \ + 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \ + 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \ + 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \ + 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \ + 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \ + 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \ + 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \ + 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \ + 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \ + 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \ + 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \ + 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \ + 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \ + 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \ + 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \ + 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \ + 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \ + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, \ + 0x03, 0x82, 0x01, 0x01, 0x00, 0x38, 0xa8, 0x54, 0x82, 0xb6, 0x1d, 0xaa, \ + 0xdb, 0x6b, 0x89, 0x21, 0xd1, 0x38, 0x28, 0x61, 0xc9, 0xb0, 0x98, 0xd5, \ + 0x11, 0xfc, 0x36, 0xff, 0x19, 0xfe, 0x32, 0x44, 0xef, 0x08, 0xc7, 0xf1, \ + 0x56, 0xbb, 0xe6, 0x46, 0xfa, 0x82, 0xb6, 0x31, 0x38, 0xb4, 0xa0, 0xe5, \ + 0xa0, 0xae, 0x0c, 0xc4, 0x53, 0x9e, 0x93, 0x4e, 0xe8, 0x0d, 0x9c, 0x2f, \ + 0xb4, 0x04, 0xfd, 0x8a, 0x39, 0xf5, 0x84, 0x77, 0xed, 0x4c, 0xd4, 0xbb, \ + 0x44, 0x7f, 0x73, 0x77, 0xf7, 0xf1, 0x36, 0x97, 0xdc, 0x1e, 0x73, 0x19, \ + 0x5d, 0x50, 0xb8, 0xc3, 0x80, 0xcd, 0x03, 0x57, 0xd2, 0x00, 0xdb, 0x56, \ + 0xe6, 0xc6, 0x35, 0x24, 0x1e, 0x49, 0x7b, 0xd8, 0xd2, 0x72, 0xbb, 0x0b, \ + 0x49, 0x2f, 0xa6, 0x02, 0x3c, 0xaf, 0xd0, 0xec, 0x37, 0x1d, 0xbd, 0x81, \ + 0x8b, 0x1f, 0x30, 0xbb, 0xbc, 0x4d, 0x36, 0xb5, 0x79, 0x7c, 0x87, 0xfb, \ + 0x51, 0xb9, 0xbe, 0xc2, 0xde, 0x92, 0xa8, 0x40, 0x71, 0xbb, 0x72, 0x9b, \ + 0xf8, 0x47, 0xce, 0x6c, 0x04, 0xf8, 0x86, 0xe7, 0xf7, 0x73, 0x3c, 0xe7, \ + 0x84, 0x7d, 0xc2, 0xd7, 0xb7, 0x9d, 0xe8, 0xd4, 0x9b, 0x5f, 0x0a, 0x17, \ + 0x7d, 0xbc, 0xbb, 0xb2, 0xd5, 0x94, 0x0d, 0xe4, 0x49, 0xbf, 0x4f, 0x11, \ + 0x68, 0x53, 0xb2, 0x91, 0xff, 0xc0, 0x69, 0xee, 0xdb, 0x63, 0x93, 0xcb, \ + 0xc9, 0x35, 0x6b, 0x90, 0x09, 0xe2, 0x90, 0xc9, 0xed, 0x27, 0xd6, 0x08, \ + 0xfa, 0x13, 0x4d, 0x62, 0xdd, 0xe2, 0x9e, 0xaa, 0xb5, 0xd4, 0x0e, 0x5c, \ + 0x37, 0x4f, 0xab, 0x55, 0x3b, 0x2d, 0xf1, 0x42, 0x82, 0xc7, 0x34, 0x38, \ + 0x1a, 0x9b, 0xeb, 0xa1, 0x2c, 0x0f, 0x29, 0x31, 0x64, 0x6c, 0xcc, 0x38, \ + 0xfd, 0xa9, 0xd3, 0xd5, 0xd5, 0x71, 0xaf, 0xf0, 0x6d, 0xc0, 0x97, 0xe2, \ + 0x11, 0x2a, 0x0a, 0xdf, 0xfe, 0x02, 0x79, 0x74, 0x75 \ } /* END FILE */ @@ -270,76 +270,76 @@ /* This is taken from tests/data_files/test-ca-sha1.crt.der. */ /* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA1_DER tests/data_files/test-ca-sha1.crt.der */ #define TEST_CA_CRT_RSA_SHA1_DER { \ - 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \ - 0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \ - 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \ - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \ - 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \ - 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \ - 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \ - 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \ - 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \ - 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \ - 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \ - 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \ - 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \ - 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \ - 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \ - 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \ - 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \ - 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \ - 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \ - 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \ - 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \ - 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \ - 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \ - 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \ - 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \ - 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \ - 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \ - 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \ - 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \ - 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \ - 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \ - 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \ - 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \ - 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \ - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, \ - 0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x13, 0x73, 0x84, 0x3d, 0xf1, 0x1d, \ - 0xfd, 0xb7, 0x09, 0x5b, 0x96, 0x5d, 0x53, 0x7f, 0xd5, 0x80, 0xf3, 0x52, \ - 0xe2, 0xd3, 0x33, 0x87, 0xc8, 0x27, 0x24, 0xff, 0xd5, 0xd8, 0x57, 0x2f, \ - 0x16, 0xd1, 0xb2, 0x94, 0xca, 0x50, 0xab, 0xa6, 0x27, 0x10, 0x16, 0x08, \ - 0xc8, 0x11, 0xc0, 0x2f, 0x80, 0xd1, 0xbe, 0x53, 0x18, 0xe6, 0xb9, 0xd7, \ - 0x18, 0x1a, 0x77, 0x38, 0x34, 0x7c, 0x32, 0x9a, 0x87, 0x0b, 0xa0, 0x2a, \ - 0xb9, 0x14, 0xc2, 0x2f, 0x38, 0xd2, 0xe7, 0xb8, 0x98, 0x7d, 0xff, 0xff, \ - 0xe1, 0x01, 0x50, 0xa9, 0x6f, 0x67, 0xf7, 0x6c, 0xdc, 0xb6, 0xca, 0x6f, \ - 0x73, 0x39, 0x1a, 0x3c, 0xa8, 0x23, 0xaa, 0x8d, 0x4d, 0xa3, 0x75, 0x2a, \ - 0xd1, 0x76, 0xb3, 0xd7, 0x4a, 0xdc, 0xc7, 0x24, 0xd4, 0x3e, 0xb7, 0xf9, \ - 0xc0, 0xd5, 0x51, 0x67, 0x65, 0x74, 0x2a, 0xf9, 0x65, 0xbc, 0x00, 0x15, \ - 0x4b, 0x36, 0xc8, 0xe2, 0x6a, 0x5d, 0x51, 0x7c, 0xed, 0x8e, 0x14, 0x93, \ - 0x4b, 0x90, 0x36, 0x05, 0xe5, 0x90, 0x00, 0x03, 0xab, 0xd3, 0x3a, 0xb5, \ - 0x17, 0xb4, 0xd2, 0x45, 0x52, 0x69, 0x26, 0xce, 0xe3, 0x98, 0x1d, 0x9a, \ - 0x8b, 0xf8, 0xa0, 0x92, 0x1d, 0x48, 0x02, 0x37, 0x2e, 0xc1, 0x5e, 0x95, \ - 0xc2, 0x53, 0xfe, 0xb1, 0xbc, 0x34, 0x82, 0x34, 0x34, 0x36, 0x91, 0x8c, \ - 0x88, 0x7a, 0x67, 0x97, 0x34, 0x40, 0x8b, 0xfb, 0x48, 0x6e, 0xd3, 0xaf, \ - 0x30, 0x81, 0x8e, 0x05, 0x4d, 0x93, 0x21, 0xf6, 0xb1, 0xff, 0x98, 0xea, \ - 0xd5, 0xa8, 0x14, 0xc7, 0x96, 0x8f, 0x99, 0x3e, 0x53, 0x58, 0x08, 0x89, \ - 0x3c, 0xe3, 0x8f, 0xea, 0x5e, 0x71, 0x5e, 0x70, 0xf0, 0xc5, 0xe6, 0x12, \ - 0x35, 0x6a, 0xa2, 0x5f, 0xd1, 0xb2, 0xba, 0xc0, 0x59, 0x8d, 0xec, 0xda, \ - 0x09, 0xa1, 0xda, 0x6e, 0x30, 0xcb, 0x53, 0x4a, 0x90 \ + 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \ + 0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \ + 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \ + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \ + 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \ + 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \ + 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \ + 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \ + 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \ + 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \ + 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \ + 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \ + 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \ + 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \ + 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \ + 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \ + 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \ + 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \ + 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \ + 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \ + 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \ + 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \ + 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \ + 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \ + 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \ + 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \ + 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \ + 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \ + 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \ + 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \ + 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \ + 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \ + 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \ + 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \ + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, \ + 0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x13, 0x73, 0x84, 0x3d, 0xf1, 0x1d, \ + 0xfd, 0xb7, 0x09, 0x5b, 0x96, 0x5d, 0x53, 0x7f, 0xd5, 0x80, 0xf3, 0x52, \ + 0xe2, 0xd3, 0x33, 0x87, 0xc8, 0x27, 0x24, 0xff, 0xd5, 0xd8, 0x57, 0x2f, \ + 0x16, 0xd1, 0xb2, 0x94, 0xca, 0x50, 0xab, 0xa6, 0x27, 0x10, 0x16, 0x08, \ + 0xc8, 0x11, 0xc0, 0x2f, 0x80, 0xd1, 0xbe, 0x53, 0x18, 0xe6, 0xb9, 0xd7, \ + 0x18, 0x1a, 0x77, 0x38, 0x34, 0x7c, 0x32, 0x9a, 0x87, 0x0b, 0xa0, 0x2a, \ + 0xb9, 0x14, 0xc2, 0x2f, 0x38, 0xd2, 0xe7, 0xb8, 0x98, 0x7d, 0xff, 0xff, \ + 0xe1, 0x01, 0x50, 0xa9, 0x6f, 0x67, 0xf7, 0x6c, 0xdc, 0xb6, 0xca, 0x6f, \ + 0x73, 0x39, 0x1a, 0x3c, 0xa8, 0x23, 0xaa, 0x8d, 0x4d, 0xa3, 0x75, 0x2a, \ + 0xd1, 0x76, 0xb3, 0xd7, 0x4a, 0xdc, 0xc7, 0x24, 0xd4, 0x3e, 0xb7, 0xf9, \ + 0xc0, 0xd5, 0x51, 0x67, 0x65, 0x74, 0x2a, 0xf9, 0x65, 0xbc, 0x00, 0x15, \ + 0x4b, 0x36, 0xc8, 0xe2, 0x6a, 0x5d, 0x51, 0x7c, 0xed, 0x8e, 0x14, 0x93, \ + 0x4b, 0x90, 0x36, 0x05, 0xe5, 0x90, 0x00, 0x03, 0xab, 0xd3, 0x3a, 0xb5, \ + 0x17, 0xb4, 0xd2, 0x45, 0x52, 0x69, 0x26, 0xce, 0xe3, 0x98, 0x1d, 0x9a, \ + 0x8b, 0xf8, 0xa0, 0x92, 0x1d, 0x48, 0x02, 0x37, 0x2e, 0xc1, 0x5e, 0x95, \ + 0xc2, 0x53, 0xfe, 0xb1, 0xbc, 0x34, 0x82, 0x34, 0x34, 0x36, 0x91, 0x8c, \ + 0x88, 0x7a, 0x67, 0x97, 0x34, 0x40, 0x8b, 0xfb, 0x48, 0x6e, 0xd3, 0xaf, \ + 0x30, 0x81, 0x8e, 0x05, 0x4d, 0x93, 0x21, 0xf6, 0xb1, 0xff, 0x98, 0xea, \ + 0xd5, 0xa8, 0x14, 0xc7, 0x96, 0x8f, 0x99, 0x3e, 0x53, 0x58, 0x08, 0x89, \ + 0x3c, 0xe3, 0x8f, 0xea, 0x5e, 0x71, 0x5e, 0x70, 0xf0, 0xc5, 0xe6, 0x12, \ + 0x35, 0x6a, 0xa2, 0x5f, 0xd1, 0xb2, 0xba, 0xc0, 0x59, 0x8d, 0xec, 0xda, \ + 0x09, 0xa1, 0xda, 0x6e, 0x30, 0xcb, 0x53, 0x4a, 0x90 \ } /* END FILE */ @@ -383,106 +383,106 @@ /* This was generated from test-ca.key.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CA_KEY_RSA_DER tests/data_files/test-ca.key.der */ #define TEST_CA_KEY_RSA_DER { \ - 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ - 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, 0x86, 0xde, \ - 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, 0x99, 0xd4, \ - 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, 0x9b, 0xc5, \ - 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, 0xc0, 0x8d, \ - 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, 0x93, 0xe8, \ - 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, 0xe7, 0x40, \ - 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, 0xf9, 0x3e, \ - 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, 0x29, 0x00, \ - 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, 0xbd, 0x83, \ - 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, 0x60, 0xc3, \ - 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, 0x32, 0xbe, \ - 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, 0xfb, 0xf5, \ - 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, 0xee, 0xe2, \ - 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, 0x47, 0xb1, \ - 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, 0xf1, 0x79, \ - 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, 0x6f, 0x27, \ - 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, 0xa1, 0x30, \ - 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, 0x28, 0xd1, \ - 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, 0x09, 0xea, \ - 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, 0xc9, 0xab, \ - 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, 0x9e, 0x99, \ - 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ - 0x00, 0x3f, 0xf7, 0x07, 0xd3, 0x34, 0x6f, 0xdb, 0xc9, 0x37, 0xb7, 0x84, \ - 0xdc, 0x37, 0x45, 0xe1, 0x63, 0xad, 0xb8, 0xb6, 0x75, 0xb1, 0xc7, 0x35, \ - 0xb4, 0x77, 0x2a, 0x5b, 0x77, 0xf9, 0x7e, 0xe0, 0xc1, 0xa3, 0xd1, 0xb7, \ - 0xcb, 0xa9, 0x5a, 0xc1, 0x87, 0xda, 0x5a, 0xfa, 0x17, 0xe4, 0xd5, 0x38, \ - 0x03, 0xde, 0x68, 0x98, 0x81, 0xec, 0xb5, 0xf2, 0x2a, 0x8d, 0xe9, 0x2c, \ - 0xf3, 0xa6, 0xe5, 0x32, 0x17, 0x7f, 0x33, 0x81, 0xe8, 0x38, 0x72, 0xd5, \ - 0x9c, 0xfa, 0x4e, 0xfb, 0x26, 0xf5, 0x15, 0x0b, 0xaf, 0x84, 0x66, 0xab, \ - 0x02, 0xe0, 0x18, 0xd5, 0x91, 0x7c, 0xd6, 0x8f, 0xc9, 0x4b, 0x76, 0x08, \ - 0x2b, 0x1d, 0x81, 0x68, 0x30, 0xe1, 0xfa, 0x70, 0x6c, 0x13, 0x4e, 0x10, \ - 0x03, 0x35, 0x3e, 0xc5, 0xca, 0x58, 0x20, 0x8a, 0x21, 0x18, 0x38, 0xa0, \ - 0x0f, 0xed, 0xc4, 0xbb, 0x45, 0x6f, 0xf5, 0x84, 0x5b, 0xb0, 0xcf, 0x4e, \ - 0x9d, 0x58, 0x13, 0x6b, 0x35, 0x35, 0x69, 0xa1, 0xd2, 0xc4, 0xf2, 0xc1, \ - 0x48, 0x04, 0x20, 0x51, 0xb9, 0x6b, 0xa4, 0x5d, 0xa5, 0x4b, 0x84, 0x88, \ - 0x43, 0x48, 0x99, 0x2c, 0xbb, 0xa4, 0x97, 0xd6, 0xd6, 0x18, 0xf6, 0xec, \ - 0x5c, 0xd1, 0x31, 0x49, 0xc9, 0xf2, 0x8f, 0x0b, 0x4d, 0xef, 0x09, 0x02, \ - 0xfe, 0x7d, 0xfd, 0xbb, 0xaf, 0x2b, 0x83, 0x94, 0x22, 0xc4, 0xa7, 0x3e, \ - 0x66, 0xf5, 0xe0, 0x57, 0xdc, 0xf2, 0xed, 0x2c, 0x3e, 0x81, 0x74, 0x76, \ - 0x1e, 0x96, 0x6f, 0x74, 0x1e, 0x32, 0x0e, 0x14, 0x31, 0xd0, 0x74, 0xf0, \ - 0xf4, 0x07, 0xbd, 0xc3, 0xd1, 0x22, 0xc2, 0xa8, 0x95, 0x92, 0x06, 0x7f, \ - 0x43, 0x02, 0x91, 0xbc, 0xdd, 0x23, 0x01, 0x89, 0x94, 0x20, 0x44, 0x64, \ - 0xf5, 0x1d, 0x67, 0xd2, 0x8f, 0xe8, 0x69, 0xa5, 0x29, 0x25, 0xe6, 0x50, \ - 0x9c, 0xe3, 0xe9, 0xcb, 0x75, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x29, 0x3e, \ - 0xaa, 0x6b, 0xd5, 0x59, 0x1e, 0x9c, 0xe6, 0x47, 0xd5, 0xb6, 0xd7, 0xe3, \ - 0xf1, 0x8e, 0x9e, 0xe9, 0x83, 0x5f, 0x10, 0x9f, 0x63, 0xec, 0x04, 0x44, \ - 0xcc, 0x3f, 0xf8, 0xd9, 0x3a, 0x17, 0xe0, 0x4f, 0xfe, 0xd8, 0x4d, 0xcd, \ - 0x46, 0x54, 0x74, 0xbf, 0x0a, 0xc4, 0x67, 0x9c, 0xa7, 0xd8, 0x89, 0x65, \ - 0x4c, 0xfd, 0x58, 0x2a, 0x47, 0x0f, 0xf4, 0x37, 0xb6, 0x55, 0xb0, 0x1d, \ - 0xed, 0xa7, 0x39, 0xfc, 0x4f, 0xa3, 0xc4, 0x75, 0x3a, 0xa3, 0x98, 0xa7, \ - 0x45, 0xf5, 0x66, 0xcb, 0x7c, 0x65, 0xfb, 0x80, 0x23, 0xe6, 0xff, 0xfd, \ - 0x99, 0x1f, 0x8e, 0x6b, 0xff, 0x5e, 0x93, 0x66, 0xdf, 0x6c, 0x6f, 0xc3, \ - 0xf6, 0x38, 0x2e, 0xff, 0x69, 0xb5, 0xac, 0xae, 0xbb, 0xc6, 0x71, 0x16, \ - 0x6b, 0xd0, 0xf8, 0x22, 0xd9, 0xf8, 0xa2, 0x72, 0x20, 0xd2, 0xe2, 0x3a, \ - 0x70, 0x4b, 0xde, 0xab, 0x2f, 0x02, 0x81, 0x81, 0x00, 0xda, 0x51, 0x9b, \ - 0xb8, 0xb2, 0x2a, 0x14, 0x75, 0x58, 0x40, 0x8d, 0x27, 0x70, 0xfa, 0x31, \ - 0x48, 0xb0, 0x20, 0x21, 0x34, 0xfa, 0x4c, 0x57, 0xa8, 0x11, 0x88, 0xf3, \ - 0xa7, 0xae, 0x21, 0xe9, 0xb6, 0x2b, 0xd1, 0xcd, 0xa7, 0xf8, 0xd8, 0x0c, \ - 0x8a, 0x76, 0x22, 0x35, 0x44, 0xce, 0x3f, 0x25, 0x29, 0x83, 0x7d, 0x79, \ - 0xa7, 0x31, 0xd6, 0xec, 0xb2, 0xbf, 0xda, 0x34, 0xb6, 0xf6, 0xb2, 0x3b, \ - 0xf3, 0x78, 0x5a, 0x04, 0x83, 0x33, 0x3e, 0xa2, 0xe2, 0x81, 0x82, 0x13, \ - 0xd4, 0x35, 0x17, 0x63, 0x9b, 0x9e, 0xc4, 0x8d, 0x91, 0x4c, 0x03, 0x77, \ - 0xc7, 0x71, 0x5b, 0xee, 0x83, 0x6d, 0xd5, 0x78, 0x88, 0xf6, 0x2c, 0x79, \ - 0xc2, 0x4a, 0xb4, 0x79, 0x90, 0x70, 0xbf, 0xdf, 0x34, 0x56, 0x96, 0x71, \ - 0xe3, 0x0e, 0x68, 0x91, 0xbc, 0xea, 0xcb, 0x33, 0xc0, 0xbe, 0x45, 0xd7, \ - 0xfc, 0x30, 0xfd, 0x01, 0x3b, 0x02, 0x81, 0x81, 0x00, 0xd2, 0x9f, 0x2a, \ - 0xb7, 0x38, 0x19, 0xc7, 0x17, 0x95, 0x73, 0x78, 0xae, 0xf5, 0xcb, 0x75, \ - 0x83, 0x7f, 0x19, 0x4b, 0xcb, 0x86, 0xfb, 0x4a, 0x15, 0x9a, 0xb6, 0x17, \ - 0x04, 0x49, 0x07, 0x8d, 0xf6, 0x66, 0x4a, 0x06, 0xf6, 0x05, 0xa7, 0xdf, \ - 0x66, 0x82, 0x3c, 0xff, 0xb6, 0x1d, 0x57, 0x89, 0x33, 0x5f, 0x9c, 0x05, \ - 0x75, 0x7f, 0xf3, 0x5d, 0xdc, 0x34, 0x65, 0x72, 0x85, 0x22, 0xa4, 0x14, \ - 0x1b, 0x41, 0xc3, 0xe4, 0xd0, 0x9e, 0x69, 0xd5, 0xeb, 0x38, 0x74, 0x70, \ - 0x43, 0xdc, 0xd9, 0x50, 0xe4, 0x97, 0x6d, 0x73, 0xd6, 0xfb, 0xc8, 0xa7, \ - 0xfa, 0xb4, 0xc2, 0xc4, 0x9d, 0x5d, 0x0c, 0xd5, 0x9f, 0x79, 0xb3, 0x54, \ - 0xc2, 0xb7, 0x6c, 0x3d, 0x7d, 0xcb, 0x2d, 0xf8, 0xc4, 0xf3, 0x78, 0x5a, \ - 0x33, 0x2a, 0xb8, 0x0c, 0x6d, 0x06, 0xfa, 0xf2, 0x62, 0xd3, 0x42, 0xd0, \ - 0xbd, 0xc8, 0x4a, 0xa5, 0x0d, 0x02, 0x81, 0x81, 0x00, 0xd4, 0xa9, 0x90, \ - 0x15, 0xde, 0xbf, 0x2c, 0xc4, 0x8d, 0x9d, 0xfb, 0xa1, 0xc2, 0xe4, 0x83, \ - 0xe3, 0x79, 0x65, 0x22, 0xd3, 0xb7, 0x49, 0x6c, 0x4d, 0x94, 0x1f, 0x22, \ - 0xb1, 0x60, 0xe7, 0x3a, 0x00, 0xb1, 0x38, 0xa2, 0xab, 0x0f, 0xb4, 0x6c, \ - 0xaa, 0xe7, 0x9e, 0x34, 0xe3, 0x7c, 0x40, 0x78, 0x53, 0xb2, 0xf9, 0x23, \ - 0xea, 0xa0, 0x9a, 0xea, 0x60, 0xc8, 0x8f, 0xa6, 0xaf, 0xdf, 0x29, 0x09, \ - 0x4b, 0x06, 0x1e, 0x31, 0xad, 0x17, 0xda, 0xd8, 0xd1, 0xe9, 0x33, 0xab, \ - 0x5b, 0x18, 0x08, 0x5b, 0x87, 0xf8, 0xa5, 0x1f, 0xfd, 0xbb, 0xdc, 0xd8, \ - 0xed, 0x97, 0x57, 0xe4, 0xc3, 0x73, 0xd6, 0xf0, 0x9e, 0x01, 0xa6, 0x9b, \ - 0x48, 0x8e, 0x7a, 0xb4, 0xbb, 0xe5, 0x88, 0x91, 0xc5, 0x2a, 0xdf, 0x4b, \ - 0xba, 0xd0, 0x8b, 0x3e, 0x03, 0x97, 0x77, 0x2f, 0x47, 0x7e, 0x51, 0x0c, \ - 0xae, 0x65, 0x8d, 0xde, 0x87, 0x02, 0x81, 0x80, 0x20, 0x24, 0x0f, 0xd2, \ - 0xaf, 0xc2, 0x28, 0x3b, 0x97, 0x20, 0xb2, 0x92, 0x49, 0xeb, 0x09, 0x68, \ - 0x40, 0xb2, 0xbe, 0xd1, 0xc3, 0x83, 0x94, 0x34, 0x38, 0xd6, 0xc9, 0xec, \ - 0x34, 0x09, 0xf9, 0x41, 0x6d, 0x5c, 0x42, 0x94, 0xf7, 0x04, 0xfc, 0x32, \ - 0x39, 0x69, 0xbc, 0x1c, 0xfb, 0x3e, 0x61, 0x98, 0xc0, 0x80, 0xd8, 0x36, \ - 0x47, 0xc3, 0x6d, 0xc2, 0x2e, 0xe7, 0x81, 0x2a, 0x17, 0x34, 0x64, 0x30, \ - 0x4e, 0x96, 0xbb, 0x26, 0x16, 0xb9, 0x41, 0x36, 0xfe, 0x8a, 0xd6, 0x53, \ - 0x7c, 0xaa, 0xec, 0x39, 0x42, 0x50, 0xef, 0xe3, 0xb3, 0x01, 0x28, 0x32, \ - 0xca, 0x6d, 0xf5, 0x9a, 0x1e, 0x9f, 0x37, 0xbe, 0xfe, 0x38, 0x20, 0x22, \ - 0x91, 0x8c, 0xcd, 0x95, 0x02, 0xf2, 0x4d, 0x6f, 0x1a, 0xb4, 0x43, 0xf0, \ - 0x19, 0xdf, 0x65, 0xc0, 0x92, 0xe7, 0x9d, 0x2f, 0x09, 0xe7, 0xec, 0x69, \ - 0xa8, 0xc2, 0x8f, 0x0d \ + 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ + 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, 0x86, 0xde, \ + 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, 0x99, 0xd4, \ + 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, 0x9b, 0xc5, \ + 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, 0xc0, 0x8d, \ + 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, 0x93, 0xe8, \ + 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, 0xe7, 0x40, \ + 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, 0xf9, 0x3e, \ + 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, 0x29, 0x00, \ + 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, 0xbd, 0x83, \ + 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, 0x60, 0xc3, \ + 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, 0x32, 0xbe, \ + 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, 0xfb, 0xf5, \ + 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, 0xee, 0xe2, \ + 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, 0x47, 0xb1, \ + 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, 0xf1, 0x79, \ + 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, 0x6f, 0x27, \ + 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, 0xa1, 0x30, \ + 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, 0x28, 0xd1, \ + 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, 0x09, 0xea, \ + 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, 0xc9, 0xab, \ + 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, 0x9e, 0x99, \ + 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ + 0x00, 0x3f, 0xf7, 0x07, 0xd3, 0x34, 0x6f, 0xdb, 0xc9, 0x37, 0xb7, 0x84, \ + 0xdc, 0x37, 0x45, 0xe1, 0x63, 0xad, 0xb8, 0xb6, 0x75, 0xb1, 0xc7, 0x35, \ + 0xb4, 0x77, 0x2a, 0x5b, 0x77, 0xf9, 0x7e, 0xe0, 0xc1, 0xa3, 0xd1, 0xb7, \ + 0xcb, 0xa9, 0x5a, 0xc1, 0x87, 0xda, 0x5a, 0xfa, 0x17, 0xe4, 0xd5, 0x38, \ + 0x03, 0xde, 0x68, 0x98, 0x81, 0xec, 0xb5, 0xf2, 0x2a, 0x8d, 0xe9, 0x2c, \ + 0xf3, 0xa6, 0xe5, 0x32, 0x17, 0x7f, 0x33, 0x81, 0xe8, 0x38, 0x72, 0xd5, \ + 0x9c, 0xfa, 0x4e, 0xfb, 0x26, 0xf5, 0x15, 0x0b, 0xaf, 0x84, 0x66, 0xab, \ + 0x02, 0xe0, 0x18, 0xd5, 0x91, 0x7c, 0xd6, 0x8f, 0xc9, 0x4b, 0x76, 0x08, \ + 0x2b, 0x1d, 0x81, 0x68, 0x30, 0xe1, 0xfa, 0x70, 0x6c, 0x13, 0x4e, 0x10, \ + 0x03, 0x35, 0x3e, 0xc5, 0xca, 0x58, 0x20, 0x8a, 0x21, 0x18, 0x38, 0xa0, \ + 0x0f, 0xed, 0xc4, 0xbb, 0x45, 0x6f, 0xf5, 0x84, 0x5b, 0xb0, 0xcf, 0x4e, \ + 0x9d, 0x58, 0x13, 0x6b, 0x35, 0x35, 0x69, 0xa1, 0xd2, 0xc4, 0xf2, 0xc1, \ + 0x48, 0x04, 0x20, 0x51, 0xb9, 0x6b, 0xa4, 0x5d, 0xa5, 0x4b, 0x84, 0x88, \ + 0x43, 0x48, 0x99, 0x2c, 0xbb, 0xa4, 0x97, 0xd6, 0xd6, 0x18, 0xf6, 0xec, \ + 0x5c, 0xd1, 0x31, 0x49, 0xc9, 0xf2, 0x8f, 0x0b, 0x4d, 0xef, 0x09, 0x02, \ + 0xfe, 0x7d, 0xfd, 0xbb, 0xaf, 0x2b, 0x83, 0x94, 0x22, 0xc4, 0xa7, 0x3e, \ + 0x66, 0xf5, 0xe0, 0x57, 0xdc, 0xf2, 0xed, 0x2c, 0x3e, 0x81, 0x74, 0x76, \ + 0x1e, 0x96, 0x6f, 0x74, 0x1e, 0x32, 0x0e, 0x14, 0x31, 0xd0, 0x74, 0xf0, \ + 0xf4, 0x07, 0xbd, 0xc3, 0xd1, 0x22, 0xc2, 0xa8, 0x95, 0x92, 0x06, 0x7f, \ + 0x43, 0x02, 0x91, 0xbc, 0xdd, 0x23, 0x01, 0x89, 0x94, 0x20, 0x44, 0x64, \ + 0xf5, 0x1d, 0x67, 0xd2, 0x8f, 0xe8, 0x69, 0xa5, 0x29, 0x25, 0xe6, 0x50, \ + 0x9c, 0xe3, 0xe9, 0xcb, 0x75, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x29, 0x3e, \ + 0xaa, 0x6b, 0xd5, 0x59, 0x1e, 0x9c, 0xe6, 0x47, 0xd5, 0xb6, 0xd7, 0xe3, \ + 0xf1, 0x8e, 0x9e, 0xe9, 0x83, 0x5f, 0x10, 0x9f, 0x63, 0xec, 0x04, 0x44, \ + 0xcc, 0x3f, 0xf8, 0xd9, 0x3a, 0x17, 0xe0, 0x4f, 0xfe, 0xd8, 0x4d, 0xcd, \ + 0x46, 0x54, 0x74, 0xbf, 0x0a, 0xc4, 0x67, 0x9c, 0xa7, 0xd8, 0x89, 0x65, \ + 0x4c, 0xfd, 0x58, 0x2a, 0x47, 0x0f, 0xf4, 0x37, 0xb6, 0x55, 0xb0, 0x1d, \ + 0xed, 0xa7, 0x39, 0xfc, 0x4f, 0xa3, 0xc4, 0x75, 0x3a, 0xa3, 0x98, 0xa7, \ + 0x45, 0xf5, 0x66, 0xcb, 0x7c, 0x65, 0xfb, 0x80, 0x23, 0xe6, 0xff, 0xfd, \ + 0x99, 0x1f, 0x8e, 0x6b, 0xff, 0x5e, 0x93, 0x66, 0xdf, 0x6c, 0x6f, 0xc3, \ + 0xf6, 0x38, 0x2e, 0xff, 0x69, 0xb5, 0xac, 0xae, 0xbb, 0xc6, 0x71, 0x16, \ + 0x6b, 0xd0, 0xf8, 0x22, 0xd9, 0xf8, 0xa2, 0x72, 0x20, 0xd2, 0xe2, 0x3a, \ + 0x70, 0x4b, 0xde, 0xab, 0x2f, 0x02, 0x81, 0x81, 0x00, 0xda, 0x51, 0x9b, \ + 0xb8, 0xb2, 0x2a, 0x14, 0x75, 0x58, 0x40, 0x8d, 0x27, 0x70, 0xfa, 0x31, \ + 0x48, 0xb0, 0x20, 0x21, 0x34, 0xfa, 0x4c, 0x57, 0xa8, 0x11, 0x88, 0xf3, \ + 0xa7, 0xae, 0x21, 0xe9, 0xb6, 0x2b, 0xd1, 0xcd, 0xa7, 0xf8, 0xd8, 0x0c, \ + 0x8a, 0x76, 0x22, 0x35, 0x44, 0xce, 0x3f, 0x25, 0x29, 0x83, 0x7d, 0x79, \ + 0xa7, 0x31, 0xd6, 0xec, 0xb2, 0xbf, 0xda, 0x34, 0xb6, 0xf6, 0xb2, 0x3b, \ + 0xf3, 0x78, 0x5a, 0x04, 0x83, 0x33, 0x3e, 0xa2, 0xe2, 0x81, 0x82, 0x13, \ + 0xd4, 0x35, 0x17, 0x63, 0x9b, 0x9e, 0xc4, 0x8d, 0x91, 0x4c, 0x03, 0x77, \ + 0xc7, 0x71, 0x5b, 0xee, 0x83, 0x6d, 0xd5, 0x78, 0x88, 0xf6, 0x2c, 0x79, \ + 0xc2, 0x4a, 0xb4, 0x79, 0x90, 0x70, 0xbf, 0xdf, 0x34, 0x56, 0x96, 0x71, \ + 0xe3, 0x0e, 0x68, 0x91, 0xbc, 0xea, 0xcb, 0x33, 0xc0, 0xbe, 0x45, 0xd7, \ + 0xfc, 0x30, 0xfd, 0x01, 0x3b, 0x02, 0x81, 0x81, 0x00, 0xd2, 0x9f, 0x2a, \ + 0xb7, 0x38, 0x19, 0xc7, 0x17, 0x95, 0x73, 0x78, 0xae, 0xf5, 0xcb, 0x75, \ + 0x83, 0x7f, 0x19, 0x4b, 0xcb, 0x86, 0xfb, 0x4a, 0x15, 0x9a, 0xb6, 0x17, \ + 0x04, 0x49, 0x07, 0x8d, 0xf6, 0x66, 0x4a, 0x06, 0xf6, 0x05, 0xa7, 0xdf, \ + 0x66, 0x82, 0x3c, 0xff, 0xb6, 0x1d, 0x57, 0x89, 0x33, 0x5f, 0x9c, 0x05, \ + 0x75, 0x7f, 0xf3, 0x5d, 0xdc, 0x34, 0x65, 0x72, 0x85, 0x22, 0xa4, 0x14, \ + 0x1b, 0x41, 0xc3, 0xe4, 0xd0, 0x9e, 0x69, 0xd5, 0xeb, 0x38, 0x74, 0x70, \ + 0x43, 0xdc, 0xd9, 0x50, 0xe4, 0x97, 0x6d, 0x73, 0xd6, 0xfb, 0xc8, 0xa7, \ + 0xfa, 0xb4, 0xc2, 0xc4, 0x9d, 0x5d, 0x0c, 0xd5, 0x9f, 0x79, 0xb3, 0x54, \ + 0xc2, 0xb7, 0x6c, 0x3d, 0x7d, 0xcb, 0x2d, 0xf8, 0xc4, 0xf3, 0x78, 0x5a, \ + 0x33, 0x2a, 0xb8, 0x0c, 0x6d, 0x06, 0xfa, 0xf2, 0x62, 0xd3, 0x42, 0xd0, \ + 0xbd, 0xc8, 0x4a, 0xa5, 0x0d, 0x02, 0x81, 0x81, 0x00, 0xd4, 0xa9, 0x90, \ + 0x15, 0xde, 0xbf, 0x2c, 0xc4, 0x8d, 0x9d, 0xfb, 0xa1, 0xc2, 0xe4, 0x83, \ + 0xe3, 0x79, 0x65, 0x22, 0xd3, 0xb7, 0x49, 0x6c, 0x4d, 0x94, 0x1f, 0x22, \ + 0xb1, 0x60, 0xe7, 0x3a, 0x00, 0xb1, 0x38, 0xa2, 0xab, 0x0f, 0xb4, 0x6c, \ + 0xaa, 0xe7, 0x9e, 0x34, 0xe3, 0x7c, 0x40, 0x78, 0x53, 0xb2, 0xf9, 0x23, \ + 0xea, 0xa0, 0x9a, 0xea, 0x60, 0xc8, 0x8f, 0xa6, 0xaf, 0xdf, 0x29, 0x09, \ + 0x4b, 0x06, 0x1e, 0x31, 0xad, 0x17, 0xda, 0xd8, 0xd1, 0xe9, 0x33, 0xab, \ + 0x5b, 0x18, 0x08, 0x5b, 0x87, 0xf8, 0xa5, 0x1f, 0xfd, 0xbb, 0xdc, 0xd8, \ + 0xed, 0x97, 0x57, 0xe4, 0xc3, 0x73, 0xd6, 0xf0, 0x9e, 0x01, 0xa6, 0x9b, \ + 0x48, 0x8e, 0x7a, 0xb4, 0xbb, 0xe5, 0x88, 0x91, 0xc5, 0x2a, 0xdf, 0x4b, \ + 0xba, 0xd0, 0x8b, 0x3e, 0x03, 0x97, 0x77, 0x2f, 0x47, 0x7e, 0x51, 0x0c, \ + 0xae, 0x65, 0x8d, 0xde, 0x87, 0x02, 0x81, 0x80, 0x20, 0x24, 0x0f, 0xd2, \ + 0xaf, 0xc2, 0x28, 0x3b, 0x97, 0x20, 0xb2, 0x92, 0x49, 0xeb, 0x09, 0x68, \ + 0x40, 0xb2, 0xbe, 0xd1, 0xc3, 0x83, 0x94, 0x34, 0x38, 0xd6, 0xc9, 0xec, \ + 0x34, 0x09, 0xf9, 0x41, 0x6d, 0x5c, 0x42, 0x94, 0xf7, 0x04, 0xfc, 0x32, \ + 0x39, 0x69, 0xbc, 0x1c, 0xfb, 0x3e, 0x61, 0x98, 0xc0, 0x80, 0xd8, 0x36, \ + 0x47, 0xc3, 0x6d, 0xc2, 0x2e, 0xe7, 0x81, 0x2a, 0x17, 0x34, 0x64, 0x30, \ + 0x4e, 0x96, 0xbb, 0x26, 0x16, 0xb9, 0x41, 0x36, 0xfe, 0x8a, 0xd6, 0x53, \ + 0x7c, 0xaa, 0xec, 0x39, 0x42, 0x50, 0xef, 0xe3, 0xb3, 0x01, 0x28, 0x32, \ + 0xca, 0x6d, 0xf5, 0x9a, 0x1e, 0x9f, 0x37, 0xbe, 0xfe, 0x38, 0x20, 0x22, \ + 0x91, 0x8c, 0xcd, 0x95, 0x02, 0xf2, 0x4d, 0x6f, 0x1a, 0xb4, 0x43, 0xf0, \ + 0x19, 0xdf, 0x65, 0xc0, 0x92, 0xe7, 0x9d, 0x2f, 0x09, 0xe7, 0xec, 0x69, \ + 0xa8, 0xc2, 0x8f, 0x0d \ } /* END FILE */ @@ -521,52 +521,52 @@ /* This is generated from tests/data_files/server5.crt.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_SRV_CRT_EC_DER tests/data_files/server5.crt.der */ #define TEST_SRV_CRT_EC_DER { \ - 0x30, 0x82, 0x02, 0x1f, 0x30, 0x82, 0x01, 0xa5, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ - 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \ - 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \ - 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x33, 0x30, 0x39, 0x32, 0x34, 0x31, 0x35, 0x35, 0x32, 0x30, 0x34, \ - 0x5a, 0x17, 0x0d, 0x32, 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x35, \ - 0x32, 0x30, 0x34, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \ - 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \ - 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \ - 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \ - 0x04, 0x37, 0xcc, 0x56, 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, \ - 0x59, 0x2d, 0xff, 0x20, 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, \ - 0xad, 0x14, 0xb5, 0xf7, 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, \ - 0xd8, 0x23, 0x11, 0xff, 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, \ - 0x8a, 0x88, 0xc2, 0x6b, 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, \ - 0x01, 0xc8, 0xb4, 0xed, 0xff, 0xa3, 0x81, 0x9d, 0x30, 0x81, 0x9a, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, \ - 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x50, 0x61, 0xa5, \ - 0x8f, 0xd4, 0x07, 0xd9, 0xd7, 0x82, 0x01, 0x0c, 0xe5, 0x65, 0x7f, 0x8c, \ - 0x63, 0x46, 0xa7, 0x13, 0xbe, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, \ - 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, \ - 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \ - 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ - 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ - 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ - 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \ - 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \ - 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \ - 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00, \ - 0x30, 0x65, 0x02, 0x31, 0x00, 0x9a, 0x2c, 0x5c, 0xd7, 0xa6, 0xdb, 0xa2, \ - 0xe5, 0x64, 0x0d, 0xf0, 0xb9, 0x4e, 0xdd, 0xd7, 0x61, 0xd6, 0x13, 0x31, \ - 0xc7, 0xab, 0x73, 0x80, 0xbb, 0xd3, 0xd3, 0x73, 0x13, 0x54, 0xad, 0x92, \ - 0x0b, 0x5d, 0xab, 0xd0, 0xbc, 0xf7, 0xae, 0x2f, 0xe6, 0xa1, 0x21, 0x29, \ - 0x35, 0x95, 0xaa, 0x3e, 0x39, 0x02, 0x30, 0x21, 0x36, 0x7f, 0x9d, 0xc6, \ - 0x5d, 0xc6, 0x0b, 0xab, 0x27, 0xf2, 0x25, 0x1d, 0x3b, 0xf1, 0xcf, 0xf1, \ - 0x35, 0x25, 0x14, 0xe7, 0xe5, 0xf1, 0x97, 0xb5, 0x59, 0xe3, 0x5e, 0x15, \ - 0x7c, 0x66, 0xb9, 0x90, 0x7b, 0xc7, 0x01, 0x10, 0x4f, 0x73, 0xc6, 0x00, \ - 0x21, 0x52, 0x2a, 0x0e, 0xf1, 0xc7, 0xd5 \ + 0x30, 0x82, 0x02, 0x1f, 0x30, 0x82, 0x01, 0xa5, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ + 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \ + 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \ + 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x33, 0x30, 0x39, 0x32, 0x34, 0x31, 0x35, 0x35, 0x32, 0x30, 0x34, \ + 0x5a, 0x17, 0x0d, 0x32, 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x35, \ + 0x32, 0x30, 0x34, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \ + 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \ + 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \ + 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \ + 0x04, 0x37, 0xcc, 0x56, 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, \ + 0x59, 0x2d, 0xff, 0x20, 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, \ + 0xad, 0x14, 0xb5, 0xf7, 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, \ + 0xd8, 0x23, 0x11, 0xff, 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, \ + 0x8a, 0x88, 0xc2, 0x6b, 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, \ + 0x01, 0xc8, 0xb4, 0xed, 0xff, 0xa3, 0x81, 0x9d, 0x30, 0x81, 0x9a, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, \ + 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x50, 0x61, 0xa5, \ + 0x8f, 0xd4, 0x07, 0xd9, 0xd7, 0x82, 0x01, 0x0c, 0xe5, 0x65, 0x7f, 0x8c, \ + 0x63, 0x46, 0xa7, 0x13, 0xbe, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, \ + 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, \ + 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \ + 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ + 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ + 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ + 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \ + 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \ + 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00, \ + 0x30, 0x65, 0x02, 0x31, 0x00, 0x9a, 0x2c, 0x5c, 0xd7, 0xa6, 0xdb, 0xa2, \ + 0xe5, 0x64, 0x0d, 0xf0, 0xb9, 0x4e, 0xdd, 0xd7, 0x61, 0xd6, 0x13, 0x31, \ + 0xc7, 0xab, 0x73, 0x80, 0xbb, 0xd3, 0xd3, 0x73, 0x13, 0x54, 0xad, 0x92, \ + 0x0b, 0x5d, 0xab, 0xd0, 0xbc, 0xf7, 0xae, 0x2f, 0xe6, 0xa1, 0x21, 0x29, \ + 0x35, 0x95, 0xaa, 0x3e, 0x39, 0x02, 0x30, 0x21, 0x36, 0x7f, 0x9d, 0xc6, \ + 0x5d, 0xc6, 0x0b, 0xab, 0x27, 0xf2, 0x25, 0x1d, 0x3b, 0xf1, 0xcf, 0xf1, \ + 0x35, 0x25, 0x14, 0xe7, 0xe5, 0xf1, 0x97, 0xb5, 0x59, 0xe3, 0x5e, 0x15, \ + 0x7c, 0x66, 0xb9, 0x90, 0x7b, 0xc7, 0x01, 0x10, 0x4f, 0x73, 0xc6, 0x00, \ + 0x21, 0x52, 0x2a, 0x0e, 0xf1, 0xc7, 0xd5 \ } /* END FILE */ @@ -583,17 +583,17 @@ /* This is generated from tests/data_files/server5.key.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_SRV_KEY_EC_DER tests/data_files/server5.key.der */ #define TEST_SRV_KEY_EC_DER { \ - 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf1, 0x2a, 0x13, 0x20, 0x76, \ - 0x02, 0x70, 0xa8, 0x3c, 0xbf, 0xfd, 0x53, 0xf6, 0x03, 0x1e, 0xf7, 0x6a, \ - 0x5d, 0x86, 0xc8, 0xa2, 0x04, 0xf2, 0xc3, 0x0c, 0xa9, 0xeb, 0xf5, 0x1f, \ - 0x0f, 0x0e, 0xa7, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ - 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x37, 0xcc, 0x56, \ - 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, 0x59, 0x2d, 0xff, 0x20, \ - 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, 0xad, 0x14, 0xb5, 0xf7, \ - 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, 0xd8, 0x23, 0x11, 0xff, \ - 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, 0x8a, 0x88, 0xc2, 0x6b, \ - 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, 0x01, 0xc8, 0xb4, 0xed, \ - 0xff \ + 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf1, 0x2a, 0x13, 0x20, 0x76, \ + 0x02, 0x70, 0xa8, 0x3c, 0xbf, 0xfd, 0x53, 0xf6, 0x03, 0x1e, 0xf7, 0x6a, \ + 0x5d, 0x86, 0xc8, 0xa2, 0x04, 0xf2, 0xc3, 0x0c, 0xa9, 0xeb, 0xf5, 0x1f, \ + 0x0f, 0x0e, 0xa7, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ + 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x37, 0xcc, 0x56, \ + 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, 0x59, 0x2d, 0xff, 0x20, \ + 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, 0xad, 0x14, 0xb5, 0xf7, \ + 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, 0xd8, 0x23, 0x11, 0xff, \ + 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, 0x8a, 0x88, 0xc2, 0x6b, \ + 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, 0x01, 0xc8, 0xb4, 0xed, \ + 0xff \ } /* END FILE */ @@ -625,175 +625,175 @@ /* This is taken from tests/data_files/server2-sha256.crt.der. */ /* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA256_DER tests/data_files/server2-sha256.crt.der */ #define TEST_SRV_CRT_RSA_SHA256_DER { \ - 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ - 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \ - 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \ - 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \ - 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \ - 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \ - 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \ - 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \ - 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \ - 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \ - 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \ - 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \ - 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \ - 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \ - 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \ - 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \ - 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \ - 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \ - 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \ - 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \ - 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \ - 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \ - 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \ - 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \ - 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \ - 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \ - 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \ - 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \ - 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \ - 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \ - 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \ - 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \ - 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, \ - 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x2e, 0x3a, 0xe4, 0x52, 0x61, \ - 0x3e, 0xa7, 0xa5, 0xef, 0x32, 0x67, 0x80, 0x72, 0x07, 0x26, 0xba, 0xa3, \ - 0xff, 0x05, 0x40, 0xc4, 0x60, 0x05, 0x39, 0x31, 0x77, 0xf7, 0xa5, 0xca, \ - 0x01, 0x31, 0x80, 0xa7, 0xe1, 0xd1, 0x0a, 0xa2, 0x7c, 0xd5, 0x1c, 0xba, \ - 0xd0, 0x23, 0x4a, 0xd6, 0x30, 0xf3, 0x93, 0xc7, 0x6f, 0xe8, 0xce, 0x94, \ - 0x1e, 0x84, 0xbb, 0x44, 0x81, 0x62, 0x33, 0xff, 0x6b, 0x5d, 0x00, 0x9b, \ - 0x25, 0xf8, 0x8f, 0x0f, 0x9c, 0x4c, 0x4d, 0xe8, 0xd9, 0xa7, 0x99, 0xf9, \ - 0x51, 0x81, 0xc0, 0x9b, 0x1b, 0x31, 0x0d, 0xa6, 0xb3, 0x7c, 0x0e, 0x45, \ - 0xb8, 0x18, 0x64, 0x7e, 0x89, 0x0a, 0x2b, 0xa8, 0xc3, 0xe0, 0x4a, 0xbd, \ - 0xd4, 0x2f, 0x78, 0xc4, 0x62, 0x9b, 0xe9, 0x7e, 0x3f, 0x56, 0x46, 0x8f, \ - 0x17, 0xb7, 0x2a, 0xa0, 0x10, 0x70, 0xfd, 0xb1, 0xf1, 0x6b, 0x05, 0xdc, \ - 0xd1, 0x41, 0x0f, 0x8e, 0xa6, 0xb2, 0x88, 0x1a, 0x42, 0x61, 0x4f, 0xeb, \ - 0x26, 0x85, 0x59, 0x80, 0xba, 0x85, 0x54, 0xfe, 0xcf, 0xc7, 0x7b, 0x2f, \ - 0x6b, 0x59, 0xce, 0xac, 0xdc, 0x7c, 0xac, 0xf3, 0xc8, 0xd6, 0x12, 0x7e, \ - 0x64, 0xe8, 0x3c, 0x99, 0xa8, 0x8f, 0x4f, 0x11, 0xd9, 0x9c, 0x15, 0x4b, \ - 0x6a, 0x44, 0x92, 0x2d, 0x0c, 0xbf, 0xb1, 0x67, 0x96, 0xc9, 0xac, 0xce, \ - 0xd5, 0x19, 0xeb, 0x6f, 0x18, 0xeb, 0x6e, 0x04, 0x2d, 0x60, 0xac, 0xf4, \ - 0x7b, 0x79, 0xf0, 0x1a, 0x9b, 0xb5, 0xc3, 0x5d, 0xef, 0x7d, 0xc9, 0x05, \ - 0x99, 0x44, 0x81, 0x84, 0x75, 0xc7, 0xec, 0x00, 0x12, 0xfc, 0x7a, 0x4a, \ - 0x0b, 0x82, 0x07, 0xec, 0x6d, 0x86, 0x02, 0x4d, 0xfe, 0x9f, 0xc8, 0x92, \ - 0x48, 0xde, 0xf5, 0xb1, 0x9c, 0xe9, 0xc6, 0x89, 0xd0, 0xc1, 0x56, 0xe8, \ - 0xa4, 0xc6, 0x6a, 0x2e, 0x66, 0xc1, 0x9b, 0xfe, 0xd6, 0x3c, 0xb7 \ + 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ + 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \ + 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \ + 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \ + 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \ + 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \ + 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \ + 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \ + 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \ + 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \ + 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \ + 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \ + 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \ + 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \ + 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \ + 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \ + 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \ + 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \ + 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \ + 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \ + 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \ + 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \ + 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \ + 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \ + 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \ + 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \ + 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \ + 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \ + 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \ + 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \ + 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \ + 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \ + 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, \ + 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x2e, 0x3a, 0xe4, 0x52, 0x61, \ + 0x3e, 0xa7, 0xa5, 0xef, 0x32, 0x67, 0x80, 0x72, 0x07, 0x26, 0xba, 0xa3, \ + 0xff, 0x05, 0x40, 0xc4, 0x60, 0x05, 0x39, 0x31, 0x77, 0xf7, 0xa5, 0xca, \ + 0x01, 0x31, 0x80, 0xa7, 0xe1, 0xd1, 0x0a, 0xa2, 0x7c, 0xd5, 0x1c, 0xba, \ + 0xd0, 0x23, 0x4a, 0xd6, 0x30, 0xf3, 0x93, 0xc7, 0x6f, 0xe8, 0xce, 0x94, \ + 0x1e, 0x84, 0xbb, 0x44, 0x81, 0x62, 0x33, 0xff, 0x6b, 0x5d, 0x00, 0x9b, \ + 0x25, 0xf8, 0x8f, 0x0f, 0x9c, 0x4c, 0x4d, 0xe8, 0xd9, 0xa7, 0x99, 0xf9, \ + 0x51, 0x81, 0xc0, 0x9b, 0x1b, 0x31, 0x0d, 0xa6, 0xb3, 0x7c, 0x0e, 0x45, \ + 0xb8, 0x18, 0x64, 0x7e, 0x89, 0x0a, 0x2b, 0xa8, 0xc3, 0xe0, 0x4a, 0xbd, \ + 0xd4, 0x2f, 0x78, 0xc4, 0x62, 0x9b, 0xe9, 0x7e, 0x3f, 0x56, 0x46, 0x8f, \ + 0x17, 0xb7, 0x2a, 0xa0, 0x10, 0x70, 0xfd, 0xb1, 0xf1, 0x6b, 0x05, 0xdc, \ + 0xd1, 0x41, 0x0f, 0x8e, 0xa6, 0xb2, 0x88, 0x1a, 0x42, 0x61, 0x4f, 0xeb, \ + 0x26, 0x85, 0x59, 0x80, 0xba, 0x85, 0x54, 0xfe, 0xcf, 0xc7, 0x7b, 0x2f, \ + 0x6b, 0x59, 0xce, 0xac, 0xdc, 0x7c, 0xac, 0xf3, 0xc8, 0xd6, 0x12, 0x7e, \ + 0x64, 0xe8, 0x3c, 0x99, 0xa8, 0x8f, 0x4f, 0x11, 0xd9, 0x9c, 0x15, 0x4b, \ + 0x6a, 0x44, 0x92, 0x2d, 0x0c, 0xbf, 0xb1, 0x67, 0x96, 0xc9, 0xac, 0xce, \ + 0xd5, 0x19, 0xeb, 0x6f, 0x18, 0xeb, 0x6e, 0x04, 0x2d, 0x60, 0xac, 0xf4, \ + 0x7b, 0x79, 0xf0, 0x1a, 0x9b, 0xb5, 0xc3, 0x5d, 0xef, 0x7d, 0xc9, 0x05, \ + 0x99, 0x44, 0x81, 0x84, 0x75, 0xc7, 0xec, 0x00, 0x12, 0xfc, 0x7a, 0x4a, \ + 0x0b, 0x82, 0x07, 0xec, 0x6d, 0x86, 0x02, 0x4d, 0xfe, 0x9f, 0xc8, 0x92, \ + 0x48, 0xde, 0xf5, 0xb1, 0x9c, 0xe9, 0xc6, 0x89, 0xd0, 0xc1, 0x56, 0xe8, \ + 0xa4, 0xc6, 0x6a, 0x2e, 0x66, 0xc1, 0x9b, 0xfe, 0xd6, 0x3c, 0xb7 \ } /* END FILE */ /* This is taken from tests/data_files/server2.crt. */ /* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA1_PEM tests/data_files/server2.crt */ #define TEST_SRV_CRT_RSA_SHA1_PEM \ -"-----BEGIN CERTIFICATE-----\r\n" \ -"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ -"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ -"MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ -"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \ -"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \ -"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \ -"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \ -"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \ -"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \ -"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \ -"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \ -"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJklg3Q4\r\n" \ -"cB7v7BzsxM/vLyKccO6op0/gZzM4ghuLq2Y32kl0sM6kSNUUmduuq3u/+GmUZN2A\r\n" \ -"O/7c+Hw7hDFEIvZk98aBGjCLqn3DmgHIv8ToQ67nellQxx2Uj309PdgjNi/r9HOc\r\n" \ -"KNAYPbBcg6MJGWWj2TI6vNaceios/DhOYx5V0j5nfqSJ/pnU0g9Ign2LAhgYpGJE\r\n" \ -"iEM9wW7hEMkwmk0h/sqZsrJsGH5YsF/VThSq/JVO1e2mZH2vruyZKJVBq+8tDNYp\r\n" \ -"HkK6tSyVYQhzIt3StMJWKMl/o5k2AYz6tSC164+1oG+ML3LWg8XrGKa91H4UOKap\r\n" \ -"Awgk0+4m0T25cNs=\r\n" \ -"-----END CERTIFICATE-----\r\n" + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ + "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ + "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ + "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \ + "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \ + "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \ + "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \ + "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \ + "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \ + "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \ + "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \ + "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJklg3Q4\r\n" \ + "cB7v7BzsxM/vLyKccO6op0/gZzM4ghuLq2Y32kl0sM6kSNUUmduuq3u/+GmUZN2A\r\n" \ + "O/7c+Hw7hDFEIvZk98aBGjCLqn3DmgHIv8ToQ67nellQxx2Uj309PdgjNi/r9HOc\r\n" \ + "KNAYPbBcg6MJGWWj2TI6vNaceios/DhOYx5V0j5nfqSJ/pnU0g9Ign2LAhgYpGJE\r\n" \ + "iEM9wW7hEMkwmk0h/sqZsrJsGH5YsF/VThSq/JVO1e2mZH2vruyZKJVBq+8tDNYp\r\n" \ + "HkK6tSyVYQhzIt3StMJWKMl/o5k2AYz6tSC164+1oG+ML3LWg8XrGKa91H4UOKap\r\n" \ + "Awgk0+4m0T25cNs=\r\n" \ + "-----END CERTIFICATE-----\r\n" /* END FILE */ /* This is taken from tests/data_files/server2.crt.der. */ /* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA1_DER tests/data_files/server2.crt.der */ #define TEST_SRV_CRT_RSA_SHA1_DER { \ - 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ - 0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \ - 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \ - 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \ - 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \ - 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \ - 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \ - 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \ - 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \ - 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \ - 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \ - 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \ - 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \ - 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \ - 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \ - 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \ - 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \ - 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \ - 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \ - 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \ - 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \ - 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \ - 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \ - 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \ - 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \ - 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \ - 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \ - 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \ - 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \ - 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \ - 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \ - 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \ - 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, \ - 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x73, 0x0b, 0x4a, 0xc5, \ - 0xcb, 0xa0, 0xde, 0xf1, 0x63, 0x1c, 0x76, 0x04, 0x2b, 0x13, 0x0d, 0xc0, \ - 0x84, 0x11, 0xc5, 0x8f, 0x3a, 0xa7, 0xc5, 0x9c, 0x35, 0x7a, 0x77, 0xb8, \ - 0x20, 0x14, 0x82, 0xee, 0x54, 0xf0, 0xf2, 0xb0, 0x52, 0xcb, 0x78, 0xce, \ - 0x59, 0x07, 0x4f, 0x51, 0x69, 0xfe, 0xd3, 0x2f, 0xe9, 0x09, 0xe7, 0x85, \ - 0x92, 0xd8, 0xba, 0xb1, 0xeb, 0xc5, 0x76, 0x5d, 0x61, 0x2d, 0xe9, 0x86, \ - 0xb5, 0xde, 0x2a, 0xf9, 0x3f, 0x53, 0x28, 0x42, 0x86, 0x83, 0x73, 0x43, \ - 0xe0, 0x04, 0x5f, 0x07, 0x90, 0x14, 0x65, 0x9f, 0x6e, 0x10, 0x7a, 0xbc, \ - 0x58, 0x19, 0x22, 0xc2, 0xeb, 0x39, 0x72, 0x51, 0x92, 0xd7, 0xb4, 0x1d, \ - 0x75, 0x2f, 0xd3, 0x3a, 0x2b, 0x01, 0xe7, 0xdb, 0x50, 0xae, 0xe2, 0xf1, \ - 0xd4, 0x4d, 0x5b, 0x3c, 0xbb, 0x41, 0x2b, 0x2a, 0xa4, 0xe2, 0x4a, 0x02, \ - 0xe5, 0x60, 0x14, 0x2c, 0x9c, 0x1f, 0xa6, 0xcc, 0x06, 0x4b, 0x25, 0x89, \ - 0x4e, 0x96, 0x30, 0x22, 0x9c, 0x5c, 0x58, 0x4d, 0xc3, 0xda, 0xd0, 0x6e, \ - 0x50, 0x1e, 0x8c, 0x65, 0xf5, 0xd9, 0x17, 0x35, 0xa6, 0x58, 0x43, 0xb2, \ - 0x29, 0xb7, 0xa8, 0x5e, 0x35, 0xde, 0xf0, 0x60, 0x42, 0x1a, 0x01, 0xcb, \ - 0xcb, 0x0b, 0xd8, 0x0e, 0xc1, 0x90, 0xdf, 0xa1, 0xd2, 0x1a, 0xd1, 0x2c, \ - 0x02, 0xf4, 0x76, 0x41, 0xa4, 0xcb, 0x4b, 0x15, 0x98, 0x71, 0xf9, 0x35, \ - 0x7d, 0xb0, 0xe7, 0xe2, 0x34, 0x96, 0x91, 0xbe, 0x32, 0x67, 0x2d, 0x6b, \ - 0xd3, 0x55, 0x04, 0x8a, 0x01, 0x50, 0xb4, 0xe3, 0x62, 0x78, 0x6c, 0x11, \ - 0x15, 0xa5, 0x2a, 0x11, 0xc1, 0x49, 0x1c, 0x9b, 0xc4, 0x10, 0x65, 0x60, \ - 0x87, 0xd9, 0x1e, 0x69, 0x59, 0x4e, 0x8f, 0x6b, 0xeb, 0xc1, 0xfe, 0x6b, \ - 0xe2, 0x63, 0x78, 0x95, 0x6e, 0xe0, 0x2d, 0xd7, 0xa7, 0x37, 0xa8 \ + 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ + 0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \ + 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \ + 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \ + 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \ + 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \ + 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \ + 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \ + 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \ + 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \ + 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \ + 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \ + 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \ + 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \ + 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \ + 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \ + 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \ + 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \ + 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \ + 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \ + 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \ + 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \ + 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \ + 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \ + 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \ + 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \ + 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \ + 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \ + 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \ + 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \ + 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \ + 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \ + 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, \ + 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x73, 0x0b, 0x4a, 0xc5, \ + 0xcb, 0xa0, 0xde, 0xf1, 0x63, 0x1c, 0x76, 0x04, 0x2b, 0x13, 0x0d, 0xc0, \ + 0x84, 0x11, 0xc5, 0x8f, 0x3a, 0xa7, 0xc5, 0x9c, 0x35, 0x7a, 0x77, 0xb8, \ + 0x20, 0x14, 0x82, 0xee, 0x54, 0xf0, 0xf2, 0xb0, 0x52, 0xcb, 0x78, 0xce, \ + 0x59, 0x07, 0x4f, 0x51, 0x69, 0xfe, 0xd3, 0x2f, 0xe9, 0x09, 0xe7, 0x85, \ + 0x92, 0xd8, 0xba, 0xb1, 0xeb, 0xc5, 0x76, 0x5d, 0x61, 0x2d, 0xe9, 0x86, \ + 0xb5, 0xde, 0x2a, 0xf9, 0x3f, 0x53, 0x28, 0x42, 0x86, 0x83, 0x73, 0x43, \ + 0xe0, 0x04, 0x5f, 0x07, 0x90, 0x14, 0x65, 0x9f, 0x6e, 0x10, 0x7a, 0xbc, \ + 0x58, 0x19, 0x22, 0xc2, 0xeb, 0x39, 0x72, 0x51, 0x92, 0xd7, 0xb4, 0x1d, \ + 0x75, 0x2f, 0xd3, 0x3a, 0x2b, 0x01, 0xe7, 0xdb, 0x50, 0xae, 0xe2, 0xf1, \ + 0xd4, 0x4d, 0x5b, 0x3c, 0xbb, 0x41, 0x2b, 0x2a, 0xa4, 0xe2, 0x4a, 0x02, \ + 0xe5, 0x60, 0x14, 0x2c, 0x9c, 0x1f, 0xa6, 0xcc, 0x06, 0x4b, 0x25, 0x89, \ + 0x4e, 0x96, 0x30, 0x22, 0x9c, 0x5c, 0x58, 0x4d, 0xc3, 0xda, 0xd0, 0x6e, \ + 0x50, 0x1e, 0x8c, 0x65, 0xf5, 0xd9, 0x17, 0x35, 0xa6, 0x58, 0x43, 0xb2, \ + 0x29, 0xb7, 0xa8, 0x5e, 0x35, 0xde, 0xf0, 0x60, 0x42, 0x1a, 0x01, 0xcb, \ + 0xcb, 0x0b, 0xd8, 0x0e, 0xc1, 0x90, 0xdf, 0xa1, 0xd2, 0x1a, 0xd1, 0x2c, \ + 0x02, 0xf4, 0x76, 0x41, 0xa4, 0xcb, 0x4b, 0x15, 0x98, 0x71, 0xf9, 0x35, \ + 0x7d, 0xb0, 0xe7, 0xe2, 0x34, 0x96, 0x91, 0xbe, 0x32, 0x67, 0x2d, 0x6b, \ + 0xd3, 0x55, 0x04, 0x8a, 0x01, 0x50, 0xb4, 0xe3, 0x62, 0x78, 0x6c, 0x11, \ + 0x15, 0xa5, 0x2a, 0x11, 0xc1, 0x49, 0x1c, 0x9b, 0xc4, 0x10, 0x65, 0x60, \ + 0x87, 0xd9, 0x1e, 0x69, 0x59, 0x4e, 0x8f, 0x6b, 0xeb, 0xc1, 0xfe, 0x6b, \ + 0xe2, 0x63, 0x78, 0x95, 0x6e, 0xe0, 0x2d, 0xd7, 0xa7, 0x37, 0xa8 \ } /* END FILE */ @@ -832,106 +832,106 @@ /* This was generated from tests/data_files/server2.key.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_SRV_KEY_RSA_DER tests/data_files/server2.key.der */ #define TEST_SRV_KEY_RSA_DER { \ - 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ - 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, \ - 0xb8, 0x99, 0xac, 0x0e, 0x78, 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, \ - 0x16, 0xd0, 0x5a, 0xe4, 0xcd, 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, \ - 0x96, 0xa7, 0x52, 0xb4, 0x90, 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, \ - 0xfc, 0xb6, 0x34, 0xac, 0x24, 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, \ - 0xb0, 0x28, 0x7d, 0xa1, 0xda, 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, \ - 0xfe, 0xc1, 0x04, 0x52, 0xb3, 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, \ - 0xd8, 0x90, 0xc1, 0x61, 0xb4, 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, \ - 0xab, 0x74, 0x5e, 0x07, 0x7d, 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, \ - 0xd9, 0x0d, 0x1c, 0x2d, 0x49, 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, \ - 0x0b, 0x8a, 0x4f, 0x69, 0x0c, 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, \ - 0x66, 0x7d, 0xae, 0x54, 0x2b, 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, \ - 0xc3, 0xcd, 0x40, 0x49, 0x08, 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, \ - 0x46, 0xbf, 0xd0, 0xb8, 0xaa, 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, \ - 0x1e, 0x44, 0x18, 0x0f, 0x0f, 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, \ - 0x18, 0xc6, 0x62, 0x2f, 0xc7, 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, \ - 0x27, 0x89, 0x29, 0x01, 0xc5, 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, \ - 0x4a, 0x0e, 0xef, 0xd6, 0xde, 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, \ - 0x7a, 0xc4, 0x02, 0x3c, 0x9a, 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, \ - 0xcb, 0x73, 0x4b, 0x52, 0x96, 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, \ - 0x39, 0x5a, 0xd3, 0x0f, 0xb0, 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, \ - 0x12, 0x01, 0x30, 0x97, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ - 0x01, 0x00, 0x97, 0x47, 0x44, 0xbc, 0x10, 0x81, 0xc5, 0x18, 0xe4, 0x59, \ - 0xfb, 0xe0, 0x2d, 0x3a, 0x0e, 0x9e, 0x10, 0xdc, 0x43, 0xfb, 0x15, 0x6c, \ - 0xd1, 0xfd, 0x48, 0x78, 0x6c, 0xf9, 0xed, 0x38, 0xe8, 0xdd, 0x09, 0xd7, \ - 0x5f, 0xb5, 0x41, 0x64, 0xd7, 0x63, 0xfa, 0x9d, 0x44, 0x0a, 0xf8, 0x42, \ - 0x13, 0xf1, 0xbb, 0x5e, 0x79, 0x20, 0x53, 0x98, 0x4b, 0x65, 0x7f, 0x86, \ - 0x67, 0x48, 0xe4, 0xcf, 0xfb, 0x6a, 0x24, 0xe2, 0x34, 0xbd, 0x14, 0x9d, \ - 0x2c, 0x16, 0xe2, 0xa4, 0x79, 0xd6, 0xa2, 0xec, 0x81, 0x43, 0x87, 0xbf, \ - 0x03, 0x5c, 0x88, 0x25, 0xd9, 0x41, 0xb6, 0xa5, 0xf1, 0x27, 0x52, 0x84, \ - 0xfe, 0x2b, 0x6e, 0x1d, 0x16, 0xcd, 0x73, 0x88, 0xf8, 0x90, 0xbf, 0x19, \ - 0xfe, 0xbe, 0xa9, 0xbf, 0x09, 0xd3, 0x23, 0x43, 0xd2, 0xc7, 0x61, 0x2a, \ - 0xb3, 0x4e, 0x3c, 0x61, 0xd4, 0xbd, 0xd8, 0xb4, 0xfa, 0xa8, 0x0b, 0xf8, \ - 0x7e, 0x56, 0xcd, 0x0f, 0x13, 0x27, 0xda, 0xe6, 0x3b, 0xb3, 0x8c, 0x9c, \ - 0x4b, 0x84, 0x3c, 0xc3, 0x52, 0x57, 0x9c, 0x27, 0x9a, 0x02, 0x76, 0x26, \ - 0x59, 0x82, 0x39, 0xc3, 0x13, 0xbe, 0x6e, 0xf4, 0x44, 0x2d, 0x1d, 0x8c, \ - 0x73, 0x3e, 0x43, 0x99, 0x59, 0xcb, 0xf2, 0x34, 0x72, 0x9a, 0x5e, 0xa5, \ - 0xeb, 0x9f, 0x36, 0x6d, 0x2b, 0xf9, 0xa2, 0xe7, 0xd1, 0x78, 0x52, 0x1b, \ - 0xc8, 0xf6, 0x5b, 0x41, 0x69, 0x57, 0x81, 0x89, 0xe9, 0xbb, 0xa1, 0xde, \ - 0x19, 0x37, 0x3b, 0x13, 0x5c, 0xca, 0x61, 0x01, 0x86, 0xff, 0xdf, 0x83, \ - 0x41, 0x49, 0x7f, 0xd6, 0xf4, 0x2e, 0x08, 0xfa, 0x90, 0xc2, 0x7c, 0xb4, \ - 0xb5, 0x0a, 0x17, 0xdb, 0x0e, 0x6d, 0x75, 0x8a, 0x5d, 0x31, 0xd5, 0x66, \ - 0xfb, 0x39, 0x0b, 0xb5, 0xb6, 0xa3, 0xcd, 0xd4, 0xef, 0x88, 0x92, 0x5a, \ - 0x4d, 0x6c, 0xcb, 0xea, 0x5b, 0x79, 0x02, 0x81, 0x81, 0x00, 0xdf, 0x3a, \ - 0xf9, 0x25, 0x5e, 0x24, 0x37, 0x26, 0x40, 0x97, 0x2f, 0xe0, 0x4a, 0xba, \ - 0x52, 0x1b, 0x51, 0xaf, 0x84, 0x06, 0x32, 0x24, 0x0c, 0xcf, 0x44, 0xa8, \ - 0x77, 0xa7, 0xad, 0xb5, 0x8c, 0x58, 0xcc, 0xc8, 0x31, 0xb7, 0x0d, 0xbc, \ - 0x08, 0x8a, 0xe0, 0xa6, 0x8c, 0xc2, 0x73, 0xe5, 0x1a, 0x64, 0x92, 0xe8, \ - 0xed, 0x4c, 0x6f, 0x0b, 0xa6, 0xa7, 0xf3, 0x9a, 0xf5, 0x6f, 0x69, 0xca, \ - 0x3c, 0x22, 0xd0, 0x15, 0xa8, 0x20, 0x27, 0x41, 0xf8, 0x43, 0x42, 0x7f, \ - 0xb1, 0x93, 0xa1, 0x04, 0x85, 0xda, 0xa0, 0x1c, 0xd6, 0xc6, 0xf7, 0x8a, \ - 0x9e, 0xea, 0x5c, 0x78, 0xa7, 0x55, 0xc4, 0x6b, 0x05, 0x8b, 0xc0, 0x83, \ - 0xcb, 0xce, 0x83, 0x05, 0xf8, 0xb2, 0x16, 0x2b, 0xdf, 0x06, 0x3f, 0xb8, \ - 0xec, 0x16, 0xda, 0x43, 0x33, 0xc1, 0x8f, 0xb0, 0xb8, 0xac, 0xae, 0xd4, \ - 0x94, 0xb8, 0xda, 0x6f, 0x6a, 0xc3, 0x02, 0x81, 0x81, 0x00, 0xdd, 0xae, \ - 0x00, 0xcd, 0xa0, 0x72, 0x1a, 0x05, 0x8a, 0xee, 0x2f, 0xd4, 0x71, 0x4b, \ - 0xf0, 0x3e, 0xe5, 0xc1, 0xe1, 0x29, 0x8b, 0xa6, 0x67, 0x30, 0x98, 0xe7, \ - 0x12, 0xef, 0xdd, 0x12, 0x01, 0x90, 0x24, 0x58, 0xf0, 0x76, 0x92, 0xe7, \ - 0x3d, 0xbb, 0x23, 0xe1, 0xce, 0xf9, 0xa1, 0xd4, 0x38, 0x1b, 0x3f, 0x20, \ - 0xb3, 0x0f, 0x65, 0x6a, 0x8f, 0x55, 0x57, 0x36, 0xee, 0xb2, 0x84, 0x44, \ - 0xfc, 0x91, 0x88, 0xe1, 0xa4, 0xdd, 0x3b, 0x4a, 0x40, 0x4d, 0x7c, 0x86, \ - 0xed, 0xe1, 0xb5, 0x42, 0xef, 0xb9, 0x61, 0xcd, 0x58, 0x19, 0x77, 0x02, \ - 0xae, 0x58, 0x80, 0xdb, 0x13, 0x3d, 0xc7, 0x1f, 0x9d, 0xed, 0xff, 0xac, \ - 0x98, 0xfc, 0xcd, 0xf9, 0x62, 0x04, 0x83, 0x91, 0x89, 0x0d, 0x86, 0x43, \ - 0x8c, 0x0c, 0xc7, 0x1b, 0x90, 0x4d, 0xbe, 0x2f, 0xc5, 0x7c, 0xcd, 0x42, \ - 0xf5, 0xd3, 0xad, 0x8e, 0xfd, 0x9d, 0x02, 0x81, 0x80, 0x17, 0x4b, 0x79, \ - 0x2a, 0x6c, 0x1b, 0x8d, 0x61, 0xc1, 0x85, 0xc5, 0x6a, 0x3b, 0x82, 0x1c, \ - 0x05, 0x5b, 0xcd, 0xdc, 0x12, 0x25, 0x73, 0x5b, 0x9e, 0xd9, 0x84, 0x57, \ - 0x10, 0x39, 0x71, 0x63, 0x96, 0xf4, 0xaf, 0xc3, 0x78, 0x5d, 0xc7, 0x8c, \ - 0x80, 0xa9, 0x96, 0xd7, 0xc3, 0x87, 0x02, 0x96, 0x71, 0x7e, 0x5f, 0x2e, \ - 0x3c, 0x36, 0xae, 0x59, 0x92, 0xd7, 0x3a, 0x09, 0x78, 0xb9, 0xea, 0x6f, \ - 0xc2, 0x16, 0x42, 0xdc, 0x4b, 0x96, 0xad, 0x2c, 0xb2, 0x20, 0x23, 0x61, \ - 0x2d, 0x8d, 0xb5, 0x02, 0x1e, 0xe1, 0x6c, 0x81, 0x01, 0x3c, 0x5d, 0xcb, \ - 0xdd, 0x9b, 0x0e, 0xc0, 0x2f, 0x94, 0x12, 0xb2, 0xfe, 0x75, 0x75, 0x8b, \ - 0x74, 0x1e, 0x7a, 0x26, 0x0c, 0xb7, 0x81, 0x96, 0x81, 0x79, 0x6e, 0xdb, \ - 0xbc, 0x3a, 0xc4, 0x9e, 0x87, 0x09, 0x6e, 0xa0, 0xa6, 0xec, 0x8b, 0xa4, \ - 0x85, 0x71, 0xce, 0x04, 0xaf, 0x02, 0x81, 0x81, 0x00, 0xc2, 0xa7, 0x47, \ - 0x07, 0x48, 0x6a, 0xc8, 0xd4, 0xb3, 0x20, 0xe1, 0x98, 0xee, 0xff, 0x5a, \ - 0x6f, 0x30, 0x7a, 0xa5, 0x47, 0x40, 0xdc, 0x16, 0x62, 0x42, 0xf1, 0x2c, \ - 0xdc, 0xb8, 0xc7, 0x55, 0xde, 0x07, 0x3c, 0x9d, 0xb1, 0xd0, 0xdf, 0x02, \ - 0x82, 0xb0, 0x48, 0x58, 0xe1, 0x34, 0xab, 0xcf, 0xb4, 0x85, 0x23, 0x26, \ - 0x78, 0x4f, 0x7a, 0x59, 0x6f, 0xfb, 0x8c, 0x3d, 0xdf, 0x3d, 0x6c, 0x02, \ - 0x47, 0x9c, 0xe5, 0x5e, 0x49, 0xf1, 0x05, 0x0b, 0x1f, 0xbf, 0x48, 0x0f, \ - 0xdc, 0x10, 0xb9, 0x3d, 0x1d, 0x10, 0x77, 0x2a, 0x73, 0xf9, 0xdf, 0xbd, \ - 0xcd, 0xf3, 0x1f, 0xeb, 0x6e, 0x64, 0xca, 0x2b, 0x78, 0x4f, 0xf8, 0x73, \ - 0xc2, 0x10, 0xef, 0x79, 0x95, 0x33, 0x1e, 0x79, 0x35, 0x09, 0xff, 0x88, \ - 0x1b, 0xb4, 0x3e, 0x4c, 0xe1, 0x27, 0x2e, 0x75, 0x80, 0x58, 0x11, 0x03, \ - 0x21, 0x23, 0x96, 0x9a, 0xb5, 0x02, 0x81, 0x80, 0x05, 0x12, 0x64, 0x71, \ - 0x83, 0x00, 0x1c, 0xfe, 0xef, 0x83, 0xea, 0xdd, 0x2c, 0xc8, 0x2c, 0x00, \ - 0x62, 0x1e, 0x8f, 0x3a, 0xdb, 0x1c, 0xab, 0xd6, 0x34, 0x8b, 0xd1, 0xb2, \ - 0x5a, 0x4f, 0x3d, 0x37, 0x38, 0x02, 0xe0, 0xd7, 0x70, 0xc1, 0xb0, 0x47, \ - 0xe0, 0x08, 0x1a, 0x84, 0xec, 0x48, 0xc5, 0x7c, 0x76, 0x83, 0x12, 0x67, \ - 0xab, 0x7c, 0x9f, 0x90, 0x97, 0xc8, 0x8f, 0x07, 0xf4, 0xb3, 0x60, 0xf2, \ - 0x3f, 0x49, 0x18, 0xdb, 0x2e, 0x94, 0x6b, 0x53, 0x9e, 0xa2, 0x63, 0xde, \ - 0x63, 0xd9, 0xab, 0x21, 0x2e, 0x2d, 0x0a, 0xe0, 0xd0, 0xe8, 0xba, 0xc4, \ - 0x4c, 0x1e, 0xa5, 0xf5, 0x51, 0xa8, 0xc4, 0x92, 0xf8, 0x7f, 0x21, 0xe7, \ - 0x65, 0xbf, 0x0b, 0xe6, 0x01, 0xaf, 0x9c, 0x1d, 0x5b, 0x6c, 0x3f, 0x1c, \ - 0x2f, 0xa6, 0x0f, 0x68, 0x38, 0x8e, 0x85, 0xc4, 0x6c, 0x78, 0x2f, 0x6f, \ - 0x06, 0x21, 0x2e, 0x56 \ + 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ + 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, \ + 0xb8, 0x99, 0xac, 0x0e, 0x78, 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, \ + 0x16, 0xd0, 0x5a, 0xe4, 0xcd, 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, \ + 0x96, 0xa7, 0x52, 0xb4, 0x90, 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, \ + 0xfc, 0xb6, 0x34, 0xac, 0x24, 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, \ + 0xb0, 0x28, 0x7d, 0xa1, 0xda, 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, \ + 0xfe, 0xc1, 0x04, 0x52, 0xb3, 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, \ + 0xd8, 0x90, 0xc1, 0x61, 0xb4, 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, \ + 0xab, 0x74, 0x5e, 0x07, 0x7d, 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, \ + 0xd9, 0x0d, 0x1c, 0x2d, 0x49, 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, \ + 0x0b, 0x8a, 0x4f, 0x69, 0x0c, 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, \ + 0x66, 0x7d, 0xae, 0x54, 0x2b, 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, \ + 0xc3, 0xcd, 0x40, 0x49, 0x08, 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, \ + 0x46, 0xbf, 0xd0, 0xb8, 0xaa, 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, \ + 0x1e, 0x44, 0x18, 0x0f, 0x0f, 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, \ + 0x18, 0xc6, 0x62, 0x2f, 0xc7, 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, \ + 0x27, 0x89, 0x29, 0x01, 0xc5, 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, \ + 0x4a, 0x0e, 0xef, 0xd6, 0xde, 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, \ + 0x7a, 0xc4, 0x02, 0x3c, 0x9a, 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, \ + 0xcb, 0x73, 0x4b, 0x52, 0x96, 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, \ + 0x39, 0x5a, 0xd3, 0x0f, 0xb0, 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, \ + 0x12, 0x01, 0x30, 0x97, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ + 0x01, 0x00, 0x97, 0x47, 0x44, 0xbc, 0x10, 0x81, 0xc5, 0x18, 0xe4, 0x59, \ + 0xfb, 0xe0, 0x2d, 0x3a, 0x0e, 0x9e, 0x10, 0xdc, 0x43, 0xfb, 0x15, 0x6c, \ + 0xd1, 0xfd, 0x48, 0x78, 0x6c, 0xf9, 0xed, 0x38, 0xe8, 0xdd, 0x09, 0xd7, \ + 0x5f, 0xb5, 0x41, 0x64, 0xd7, 0x63, 0xfa, 0x9d, 0x44, 0x0a, 0xf8, 0x42, \ + 0x13, 0xf1, 0xbb, 0x5e, 0x79, 0x20, 0x53, 0x98, 0x4b, 0x65, 0x7f, 0x86, \ + 0x67, 0x48, 0xe4, 0xcf, 0xfb, 0x6a, 0x24, 0xe2, 0x34, 0xbd, 0x14, 0x9d, \ + 0x2c, 0x16, 0xe2, 0xa4, 0x79, 0xd6, 0xa2, 0xec, 0x81, 0x43, 0x87, 0xbf, \ + 0x03, 0x5c, 0x88, 0x25, 0xd9, 0x41, 0xb6, 0xa5, 0xf1, 0x27, 0x52, 0x84, \ + 0xfe, 0x2b, 0x6e, 0x1d, 0x16, 0xcd, 0x73, 0x88, 0xf8, 0x90, 0xbf, 0x19, \ + 0xfe, 0xbe, 0xa9, 0xbf, 0x09, 0xd3, 0x23, 0x43, 0xd2, 0xc7, 0x61, 0x2a, \ + 0xb3, 0x4e, 0x3c, 0x61, 0xd4, 0xbd, 0xd8, 0xb4, 0xfa, 0xa8, 0x0b, 0xf8, \ + 0x7e, 0x56, 0xcd, 0x0f, 0x13, 0x27, 0xda, 0xe6, 0x3b, 0xb3, 0x8c, 0x9c, \ + 0x4b, 0x84, 0x3c, 0xc3, 0x52, 0x57, 0x9c, 0x27, 0x9a, 0x02, 0x76, 0x26, \ + 0x59, 0x82, 0x39, 0xc3, 0x13, 0xbe, 0x6e, 0xf4, 0x44, 0x2d, 0x1d, 0x8c, \ + 0x73, 0x3e, 0x43, 0x99, 0x59, 0xcb, 0xf2, 0x34, 0x72, 0x9a, 0x5e, 0xa5, \ + 0xeb, 0x9f, 0x36, 0x6d, 0x2b, 0xf9, 0xa2, 0xe7, 0xd1, 0x78, 0x52, 0x1b, \ + 0xc8, 0xf6, 0x5b, 0x41, 0x69, 0x57, 0x81, 0x89, 0xe9, 0xbb, 0xa1, 0xde, \ + 0x19, 0x37, 0x3b, 0x13, 0x5c, 0xca, 0x61, 0x01, 0x86, 0xff, 0xdf, 0x83, \ + 0x41, 0x49, 0x7f, 0xd6, 0xf4, 0x2e, 0x08, 0xfa, 0x90, 0xc2, 0x7c, 0xb4, \ + 0xb5, 0x0a, 0x17, 0xdb, 0x0e, 0x6d, 0x75, 0x8a, 0x5d, 0x31, 0xd5, 0x66, \ + 0xfb, 0x39, 0x0b, 0xb5, 0xb6, 0xa3, 0xcd, 0xd4, 0xef, 0x88, 0x92, 0x5a, \ + 0x4d, 0x6c, 0xcb, 0xea, 0x5b, 0x79, 0x02, 0x81, 0x81, 0x00, 0xdf, 0x3a, \ + 0xf9, 0x25, 0x5e, 0x24, 0x37, 0x26, 0x40, 0x97, 0x2f, 0xe0, 0x4a, 0xba, \ + 0x52, 0x1b, 0x51, 0xaf, 0x84, 0x06, 0x32, 0x24, 0x0c, 0xcf, 0x44, 0xa8, \ + 0x77, 0xa7, 0xad, 0xb5, 0x8c, 0x58, 0xcc, 0xc8, 0x31, 0xb7, 0x0d, 0xbc, \ + 0x08, 0x8a, 0xe0, 0xa6, 0x8c, 0xc2, 0x73, 0xe5, 0x1a, 0x64, 0x92, 0xe8, \ + 0xed, 0x4c, 0x6f, 0x0b, 0xa6, 0xa7, 0xf3, 0x9a, 0xf5, 0x6f, 0x69, 0xca, \ + 0x3c, 0x22, 0xd0, 0x15, 0xa8, 0x20, 0x27, 0x41, 0xf8, 0x43, 0x42, 0x7f, \ + 0xb1, 0x93, 0xa1, 0x04, 0x85, 0xda, 0xa0, 0x1c, 0xd6, 0xc6, 0xf7, 0x8a, \ + 0x9e, 0xea, 0x5c, 0x78, 0xa7, 0x55, 0xc4, 0x6b, 0x05, 0x8b, 0xc0, 0x83, \ + 0xcb, 0xce, 0x83, 0x05, 0xf8, 0xb2, 0x16, 0x2b, 0xdf, 0x06, 0x3f, 0xb8, \ + 0xec, 0x16, 0xda, 0x43, 0x33, 0xc1, 0x8f, 0xb0, 0xb8, 0xac, 0xae, 0xd4, \ + 0x94, 0xb8, 0xda, 0x6f, 0x6a, 0xc3, 0x02, 0x81, 0x81, 0x00, 0xdd, 0xae, \ + 0x00, 0xcd, 0xa0, 0x72, 0x1a, 0x05, 0x8a, 0xee, 0x2f, 0xd4, 0x71, 0x4b, \ + 0xf0, 0x3e, 0xe5, 0xc1, 0xe1, 0x29, 0x8b, 0xa6, 0x67, 0x30, 0x98, 0xe7, \ + 0x12, 0xef, 0xdd, 0x12, 0x01, 0x90, 0x24, 0x58, 0xf0, 0x76, 0x92, 0xe7, \ + 0x3d, 0xbb, 0x23, 0xe1, 0xce, 0xf9, 0xa1, 0xd4, 0x38, 0x1b, 0x3f, 0x20, \ + 0xb3, 0x0f, 0x65, 0x6a, 0x8f, 0x55, 0x57, 0x36, 0xee, 0xb2, 0x84, 0x44, \ + 0xfc, 0x91, 0x88, 0xe1, 0xa4, 0xdd, 0x3b, 0x4a, 0x40, 0x4d, 0x7c, 0x86, \ + 0xed, 0xe1, 0xb5, 0x42, 0xef, 0xb9, 0x61, 0xcd, 0x58, 0x19, 0x77, 0x02, \ + 0xae, 0x58, 0x80, 0xdb, 0x13, 0x3d, 0xc7, 0x1f, 0x9d, 0xed, 0xff, 0xac, \ + 0x98, 0xfc, 0xcd, 0xf9, 0x62, 0x04, 0x83, 0x91, 0x89, 0x0d, 0x86, 0x43, \ + 0x8c, 0x0c, 0xc7, 0x1b, 0x90, 0x4d, 0xbe, 0x2f, 0xc5, 0x7c, 0xcd, 0x42, \ + 0xf5, 0xd3, 0xad, 0x8e, 0xfd, 0x9d, 0x02, 0x81, 0x80, 0x17, 0x4b, 0x79, \ + 0x2a, 0x6c, 0x1b, 0x8d, 0x61, 0xc1, 0x85, 0xc5, 0x6a, 0x3b, 0x82, 0x1c, \ + 0x05, 0x5b, 0xcd, 0xdc, 0x12, 0x25, 0x73, 0x5b, 0x9e, 0xd9, 0x84, 0x57, \ + 0x10, 0x39, 0x71, 0x63, 0x96, 0xf4, 0xaf, 0xc3, 0x78, 0x5d, 0xc7, 0x8c, \ + 0x80, 0xa9, 0x96, 0xd7, 0xc3, 0x87, 0x02, 0x96, 0x71, 0x7e, 0x5f, 0x2e, \ + 0x3c, 0x36, 0xae, 0x59, 0x92, 0xd7, 0x3a, 0x09, 0x78, 0xb9, 0xea, 0x6f, \ + 0xc2, 0x16, 0x42, 0xdc, 0x4b, 0x96, 0xad, 0x2c, 0xb2, 0x20, 0x23, 0x61, \ + 0x2d, 0x8d, 0xb5, 0x02, 0x1e, 0xe1, 0x6c, 0x81, 0x01, 0x3c, 0x5d, 0xcb, \ + 0xdd, 0x9b, 0x0e, 0xc0, 0x2f, 0x94, 0x12, 0xb2, 0xfe, 0x75, 0x75, 0x8b, \ + 0x74, 0x1e, 0x7a, 0x26, 0x0c, 0xb7, 0x81, 0x96, 0x81, 0x79, 0x6e, 0xdb, \ + 0xbc, 0x3a, 0xc4, 0x9e, 0x87, 0x09, 0x6e, 0xa0, 0xa6, 0xec, 0x8b, 0xa4, \ + 0x85, 0x71, 0xce, 0x04, 0xaf, 0x02, 0x81, 0x81, 0x00, 0xc2, 0xa7, 0x47, \ + 0x07, 0x48, 0x6a, 0xc8, 0xd4, 0xb3, 0x20, 0xe1, 0x98, 0xee, 0xff, 0x5a, \ + 0x6f, 0x30, 0x7a, 0xa5, 0x47, 0x40, 0xdc, 0x16, 0x62, 0x42, 0xf1, 0x2c, \ + 0xdc, 0xb8, 0xc7, 0x55, 0xde, 0x07, 0x3c, 0x9d, 0xb1, 0xd0, 0xdf, 0x02, \ + 0x82, 0xb0, 0x48, 0x58, 0xe1, 0x34, 0xab, 0xcf, 0xb4, 0x85, 0x23, 0x26, \ + 0x78, 0x4f, 0x7a, 0x59, 0x6f, 0xfb, 0x8c, 0x3d, 0xdf, 0x3d, 0x6c, 0x02, \ + 0x47, 0x9c, 0xe5, 0x5e, 0x49, 0xf1, 0x05, 0x0b, 0x1f, 0xbf, 0x48, 0x0f, \ + 0xdc, 0x10, 0xb9, 0x3d, 0x1d, 0x10, 0x77, 0x2a, 0x73, 0xf9, 0xdf, 0xbd, \ + 0xcd, 0xf3, 0x1f, 0xeb, 0x6e, 0x64, 0xca, 0x2b, 0x78, 0x4f, 0xf8, 0x73, \ + 0xc2, 0x10, 0xef, 0x79, 0x95, 0x33, 0x1e, 0x79, 0x35, 0x09, 0xff, 0x88, \ + 0x1b, 0xb4, 0x3e, 0x4c, 0xe1, 0x27, 0x2e, 0x75, 0x80, 0x58, 0x11, 0x03, \ + 0x21, 0x23, 0x96, 0x9a, 0xb5, 0x02, 0x81, 0x80, 0x05, 0x12, 0x64, 0x71, \ + 0x83, 0x00, 0x1c, 0xfe, 0xef, 0x83, 0xea, 0xdd, 0x2c, 0xc8, 0x2c, 0x00, \ + 0x62, 0x1e, 0x8f, 0x3a, 0xdb, 0x1c, 0xab, 0xd6, 0x34, 0x8b, 0xd1, 0xb2, \ + 0x5a, 0x4f, 0x3d, 0x37, 0x38, 0x02, 0xe0, 0xd7, 0x70, 0xc1, 0xb0, 0x47, \ + 0xe0, 0x08, 0x1a, 0x84, 0xec, 0x48, 0xc5, 0x7c, 0x76, 0x83, 0x12, 0x67, \ + 0xab, 0x7c, 0x9f, 0x90, 0x97, 0xc8, 0x8f, 0x07, 0xf4, 0xb3, 0x60, 0xf2, \ + 0x3f, 0x49, 0x18, 0xdb, 0x2e, 0x94, 0x6b, 0x53, 0x9e, 0xa2, 0x63, 0xde, \ + 0x63, 0xd9, 0xab, 0x21, 0x2e, 0x2d, 0x0a, 0xe0, 0xd0, 0xe8, 0xba, 0xc4, \ + 0x4c, 0x1e, 0xa5, 0xf5, 0x51, 0xa8, 0xc4, 0x92, 0xf8, 0x7f, 0x21, 0xe7, \ + 0x65, 0xbf, 0x0b, 0xe6, 0x01, 0xaf, 0x9c, 0x1d, 0x5b, 0x6c, 0x3f, 0x1c, \ + 0x2f, 0xa6, 0x0f, 0x68, 0x38, 0x8e, 0x85, 0xc4, 0x6c, 0x78, 0x2f, 0x6f, \ + 0x06, 0x21, 0x2e, 0x56 \ } /* END FILE */ @@ -969,47 +969,47 @@ /* This is generated from tests/data_files/cli2.crt.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CLI_CRT_EC_DER tests/data_files/cli2.crt.der */ #define TEST_CLI_CRT_EC_DER { \ - 0x30, 0x82, 0x01, 0xdf, 0x30, 0x82, 0x01, 0x63, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x0d, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ - 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ - 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ - 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ - 0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \ - 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, \ - 0x17, 0x0d, 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, \ - 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, \ - 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x30, 0x41, 0x31, 0x0b, 0x30, 0x09, \ - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ - 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ - 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, \ - 0x03, 0x0c, 0x16, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \ - 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20, \ - 0x32, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ - 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, \ - 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, 0xb1, 0x73, 0xdf, 0xd3, 0xac, \ - 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, 0xee, 0xe6, 0x53, 0xac, 0xce, \ - 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, 0xe3, 0x63, 0x25, 0x0b, 0xdf, \ - 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, 0xc0, 0xd5, 0x18, 0x14, 0x70, \ - 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, \ - 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, 0xc7, 0xa3, 0x4d, 0x30, 0x4b, \ - 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, \ - 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x7a, 0x00, \ - 0x5f, 0x86, 0x64, 0xfc, 0xe0, 0x5d, 0xe5, 0x11, 0x10, 0x3b, 0xb2, 0xe6, \ - 0x3b, 0xc4, 0x26, 0x3f, 0xcf, 0xe2, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, \ - 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, \ - 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, \ - 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ - 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x31, \ - 0x00, 0xca, 0xa6, 0x7b, 0x80, 0xca, 0x32, 0x57, 0x54, 0x96, 0x99, 0x43, \ - 0x11, 0x3f, 0x50, 0xe8, 0x4a, 0x6d, 0xad, 0xee, 0xee, 0x51, 0x62, 0xa1, \ - 0xb0, 0xb3, 0x85, 0xfb, 0x33, 0xe4, 0x28, 0x39, 0x5f, 0xce, 0x92, 0x24, \ - 0x25, 0x81, 0x05, 0x81, 0xc9, 0x68, 0x0c, 0x71, 0x98, 0xc3, 0xcd, 0x2e, \ - 0x22, 0x02, 0x30, 0x35, 0xfb, 0x72, 0x3d, 0x7b, 0x1a, 0x6d, 0x3a, 0x8c, \ - 0x33, 0xb8, 0x84, 0x1e, 0x05, 0x69, 0x5f, 0xf1, 0x91, 0xa3, 0x32, 0xa4, \ - 0x95, 0x8f, 0x72, 0x40, 0x8f, 0xf9, 0x7a, 0x80, 0x3a, 0x80, 0x65, 0xbb, \ - 0x63, 0xe8, 0xa6, 0xb8, 0x64, 0x7f, 0xa1, 0xaa, 0x39, 0xc9, 0x23, 0x9b, \ - 0x6b, 0xd5, 0x64 \ + 0x30, 0x82, 0x01, 0xdf, 0x30, 0x82, 0x01, 0x63, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x0d, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ + 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ + 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ + 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ + 0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, \ + 0x17, 0x0d, 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, \ + 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, \ + 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x30, 0x41, 0x31, 0x0b, 0x30, 0x09, \ + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ + 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ + 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, \ + 0x03, 0x0c, 0x16, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20, \ + 0x32, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ + 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, \ + 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, 0xb1, 0x73, 0xdf, 0xd3, 0xac, \ + 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, 0xee, 0xe6, 0x53, 0xac, 0xce, \ + 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, 0xe3, 0x63, 0x25, 0x0b, 0xdf, \ + 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, 0xc0, 0xd5, 0x18, 0x14, 0x70, \ + 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, \ + 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, 0xc7, 0xa3, 0x4d, 0x30, 0x4b, \ + 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, \ + 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x7a, 0x00, \ + 0x5f, 0x86, 0x64, 0xfc, 0xe0, 0x5d, 0xe5, 0x11, 0x10, 0x3b, 0xb2, 0xe6, \ + 0x3b, 0xc4, 0x26, 0x3f, 0xcf, 0xe2, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, \ + 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, \ + 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, \ + 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ + 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x31, \ + 0x00, 0xca, 0xa6, 0x7b, 0x80, 0xca, 0x32, 0x57, 0x54, 0x96, 0x99, 0x43, \ + 0x11, 0x3f, 0x50, 0xe8, 0x4a, 0x6d, 0xad, 0xee, 0xee, 0x51, 0x62, 0xa1, \ + 0xb0, 0xb3, 0x85, 0xfb, 0x33, 0xe4, 0x28, 0x39, 0x5f, 0xce, 0x92, 0x24, \ + 0x25, 0x81, 0x05, 0x81, 0xc9, 0x68, 0x0c, 0x71, 0x98, 0xc3, 0xcd, 0x2e, \ + 0x22, 0x02, 0x30, 0x35, 0xfb, 0x72, 0x3d, 0x7b, 0x1a, 0x6d, 0x3a, 0x8c, \ + 0x33, 0xb8, 0x84, 0x1e, 0x05, 0x69, 0x5f, 0xf1, 0x91, 0xa3, 0x32, 0xa4, \ + 0x95, 0x8f, 0x72, 0x40, 0x8f, 0xf9, 0x7a, 0x80, 0x3a, 0x80, 0x65, 0xbb, \ + 0x63, 0xe8, 0xa6, 0xb8, 0x64, 0x7f, 0xa1, 0xaa, 0x39, 0xc9, 0x23, 0x9b, \ + 0x6b, 0xd5, 0x64 \ } /* END FILE */ @@ -1026,17 +1026,17 @@ /* This is generated from tests/data_files/cli2.key.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CLI_KEY_EC_DER tests/data_files/cli2.key.der */ #define TEST_CLI_KEY_EC_DER { \ - 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf6, 0xf7, 0x86, 0x64, 0xf1, \ - 0x67, 0x7f, 0xe6, 0x64, 0x8d, 0xef, 0xca, 0x4e, 0xe9, 0xdd, 0x4d, 0xf0, \ - 0x05, 0xff, 0x96, 0x22, 0x8a, 0x7a, 0x84, 0x38, 0x64, 0x17, 0x32, 0x61, \ - 0x98, 0xb7, 0x2a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ - 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, \ - 0xb1, 0x73, 0xdf, 0xd3, 0xac, 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, \ - 0xee, 0xe6, 0x53, 0xac, 0xce, 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, \ - 0xe3, 0x63, 0x25, 0x0b, 0xdf, 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, \ - 0xc0, 0xd5, 0x18, 0x14, 0x70, 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, \ - 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, \ - 0xc7 \ + 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf6, 0xf7, 0x86, 0x64, 0xf1, \ + 0x67, 0x7f, 0xe6, 0x64, 0x8d, 0xef, 0xca, 0x4e, 0xe9, 0xdd, 0x4d, 0xf0, \ + 0x05, 0xff, 0x96, 0x22, 0x8a, 0x7a, 0x84, 0x38, 0x64, 0x17, 0x32, 0x61, \ + 0x98, 0xb7, 0x2a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ + 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, \ + 0xb1, 0x73, 0xdf, 0xd3, 0xac, 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, \ + 0xee, 0xe6, 0x53, 0xac, 0xce, 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, \ + 0xe3, 0x63, 0x25, 0x0b, 0xdf, 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, \ + 0xc0, 0xd5, 0x18, 0x14, 0x70, 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, \ + 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, \ + 0xc7 \ } /* END FILE */ @@ -1069,76 +1069,76 @@ using `xxd -i.` */ /* BEGIN FILE binary macro TEST_CLI_CRT_RSA_DER tests/data_files/cli-rsa-sha256.crt.der */ #define TEST_CLI_CRT_RSA_DER { \ - 0x30, 0x82, 0x03, 0x3f, 0x30, 0x82, 0x02, 0x27, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ - 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x36, 0x5a, 0x30, 0x3c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x11, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x43, 0x6c, \ - 0x69, 0x65, 0x6e, 0x74, 0x20, 0x32, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, \ - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, \ - 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, \ - 0x01, 0x01, 0x00, 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, \ - 0x45, 0xd9, 0x14, 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, \ - 0x33, 0xad, 0x0d, 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, \ - 0xcc, 0x66, 0x85, 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, \ - 0x9e, 0x0a, 0x6e, 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, \ - 0x93, 0x86, 0x49, 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, \ - 0xd4, 0x2f, 0x77, 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, \ - 0x48, 0x70, 0xf5, 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, \ - 0xe6, 0x43, 0xea, 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, \ - 0x57, 0x4e, 0xa9, 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, \ - 0x32, 0x30, 0xd5, 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, \ - 0x5f, 0xf9, 0x3d, 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, \ - 0xfb, 0xe5, 0x0c, 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, \ - 0x7f, 0xca, 0xad, 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, \ - 0xe0, 0x9b, 0xf8, 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, \ - 0x04, 0x66, 0xc7, 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, \ - 0x06, 0x67, 0xf4, 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, \ - 0x3c, 0x8b, 0x35, 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, \ - 0xfc, 0x36, 0x6b, 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, \ - 0x00, 0xcf, 0xaf, 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, \ - 0xe7, 0x50, 0x71, 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, \ - 0xe4, 0xc4, 0xfd, 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, \ - 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, \ - 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, \ - 0x04, 0x14, 0x71, 0xa1, 0x00, 0x73, 0x72, 0x40, 0x2f, 0x54, 0x76, 0x5e, \ - 0x33, 0xfc, 0x52, 0x8f, 0xbc, 0xf1, 0xdd, 0x6b, 0x46, 0x21, 0x30, 0x1f, \ - 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xb4, \ - 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, 0xa6, 0x95, \ - 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a, \ - 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, \ - 0x01, 0x01, 0x00, 0x5e, 0x27, 0x6f, 0xd5, 0xde, 0x29, 0x2e, 0x50, 0x62, \ - 0x29, 0x61, 0x03, 0xf7, 0x9a, 0xcc, 0xc9, 0xc0, 0x5d, 0x80, 0x37, 0x20, \ - 0xc8, 0xda, 0x89, 0xc5, 0xa9, 0x05, 0x91, 0x17, 0xd1, 0xc8, 0x0d, 0xb2, \ - 0xd6, 0x69, 0x72, 0x4e, 0x7e, 0xee, 0x05, 0x74, 0x64, 0x34, 0xb6, 0x39, \ - 0x64, 0x5c, 0xca, 0xf3, 0x61, 0x82, 0x8e, 0x4d, 0x90, 0xd8, 0xe0, 0xf8, \ - 0x45, 0x94, 0x82, 0x3c, 0x02, 0x49, 0xa8, 0xba, 0x47, 0x1d, 0x4d, 0xf8, \ - 0xb7, 0xbd, 0x5c, 0x89, 0xf7, 0xef, 0xcb, 0x62, 0x8a, 0xf3, 0x56, 0x2f, \ - 0xaf, 0x17, 0x33, 0x46, 0x13, 0x00, 0x13, 0xae, 0x22, 0xfa, 0xa9, 0xda, \ - 0xc8, 0xfd, 0xd3, 0x77, 0x65, 0xee, 0x58, 0x94, 0x74, 0xe4, 0xf5, 0x4f, \ - 0xa1, 0x27, 0xa6, 0xb0, 0xd1, 0x0b, 0xb3, 0xd8, 0x16, 0xb6, 0xd7, 0x67, \ - 0x63, 0x2d, 0xdc, 0x7b, 0xe1, 0x18, 0xd9, 0x8d, 0x27, 0xed, 0x1b, 0x22, \ - 0xef, 0xdf, 0x36, 0x11, 0xe2, 0xc8, 0x00, 0x0e, 0xc7, 0xe9, 0xc6, 0xb8, \ - 0xd8, 0x4b, 0x3f, 0x35, 0x41, 0xff, 0xfc, 0x96, 0x49, 0x4f, 0x7d, 0x8e, \ - 0x3f, 0x47, 0x68, 0x33, 0x17, 0x83, 0x44, 0x0f, 0xaf, 0xa6, 0x59, 0x0a, \ - 0xa9, 0x32, 0xcb, 0x59, 0xfe, 0xdd, 0x5f, 0x6e, 0x8b, 0x22, 0xb8, 0x81, \ - 0x90, 0x16, 0x91, 0x0a, 0x04, 0x79, 0x62, 0xff, 0x4b, 0x04, 0xf1, 0x5c, \ - 0x34, 0xeb, 0x69, 0xce, 0xef, 0xcb, 0x6e, 0xb6, 0x3b, 0x40, 0x55, 0xca, \ - 0x24, 0xc2, 0x3e, 0x25, 0x70, 0xee, 0x74, 0x2b, 0x0e, 0x9f, 0xc2, 0x82, \ - 0x9a, 0x20, 0x38, 0x77, 0xa1, 0x26, 0x8a, 0xca, 0x9f, 0x87, 0x75, 0x77, \ - 0xe3, 0xce, 0x65, 0xec, 0x71, 0x10, 0x35, 0xcb, 0xcb, 0x4f, 0x19, 0x43, \ - 0xeb, 0x30, 0xd0, 0xca, 0x2d, 0x3f, 0xca, 0x46, 0x14, 0x61, 0x99, 0x30, \ - 0x41, 0x32, 0xb5, 0x37, 0x63, 0x6f, 0x97 \ + 0x30, 0x82, 0x03, 0x3f, 0x30, 0x82, 0x02, 0x27, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ + 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x36, 0x5a, 0x30, 0x3c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x11, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x43, 0x6c, \ + 0x69, 0x65, 0x6e, 0x74, 0x20, 0x32, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, \ + 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, \ + 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, \ + 0x01, 0x01, 0x00, 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, \ + 0x45, 0xd9, 0x14, 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, \ + 0x33, 0xad, 0x0d, 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, \ + 0xcc, 0x66, 0x85, 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, \ + 0x9e, 0x0a, 0x6e, 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, \ + 0x93, 0x86, 0x49, 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, \ + 0xd4, 0x2f, 0x77, 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, \ + 0x48, 0x70, 0xf5, 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, \ + 0xe6, 0x43, 0xea, 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, \ + 0x57, 0x4e, 0xa9, 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, \ + 0x32, 0x30, 0xd5, 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, \ + 0x5f, 0xf9, 0x3d, 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, \ + 0xfb, 0xe5, 0x0c, 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, \ + 0x7f, 0xca, 0xad, 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, \ + 0xe0, 0x9b, 0xf8, 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, \ + 0x04, 0x66, 0xc7, 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, \ + 0x06, 0x67, 0xf4, 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, \ + 0x3c, 0x8b, 0x35, 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, \ + 0xfc, 0x36, 0x6b, 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, \ + 0x00, 0xcf, 0xaf, 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, \ + 0xe7, 0x50, 0x71, 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, \ + 0xe4, 0xc4, 0xfd, 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, \ + 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, \ + 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, \ + 0x04, 0x14, 0x71, 0xa1, 0x00, 0x73, 0x72, 0x40, 0x2f, 0x54, 0x76, 0x5e, \ + 0x33, 0xfc, 0x52, 0x8f, 0xbc, 0xf1, 0xdd, 0x6b, 0x46, 0x21, 0x30, 0x1f, \ + 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xb4, \ + 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, 0xa6, 0x95, \ + 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a, \ + 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, \ + 0x01, 0x01, 0x00, 0x5e, 0x27, 0x6f, 0xd5, 0xde, 0x29, 0x2e, 0x50, 0x62, \ + 0x29, 0x61, 0x03, 0xf7, 0x9a, 0xcc, 0xc9, 0xc0, 0x5d, 0x80, 0x37, 0x20, \ + 0xc8, 0xda, 0x89, 0xc5, 0xa9, 0x05, 0x91, 0x17, 0xd1, 0xc8, 0x0d, 0xb2, \ + 0xd6, 0x69, 0x72, 0x4e, 0x7e, 0xee, 0x05, 0x74, 0x64, 0x34, 0xb6, 0x39, \ + 0x64, 0x5c, 0xca, 0xf3, 0x61, 0x82, 0x8e, 0x4d, 0x90, 0xd8, 0xe0, 0xf8, \ + 0x45, 0x94, 0x82, 0x3c, 0x02, 0x49, 0xa8, 0xba, 0x47, 0x1d, 0x4d, 0xf8, \ + 0xb7, 0xbd, 0x5c, 0x89, 0xf7, 0xef, 0xcb, 0x62, 0x8a, 0xf3, 0x56, 0x2f, \ + 0xaf, 0x17, 0x33, 0x46, 0x13, 0x00, 0x13, 0xae, 0x22, 0xfa, 0xa9, 0xda, \ + 0xc8, 0xfd, 0xd3, 0x77, 0x65, 0xee, 0x58, 0x94, 0x74, 0xe4, 0xf5, 0x4f, \ + 0xa1, 0x27, 0xa6, 0xb0, 0xd1, 0x0b, 0xb3, 0xd8, 0x16, 0xb6, 0xd7, 0x67, \ + 0x63, 0x2d, 0xdc, 0x7b, 0xe1, 0x18, 0xd9, 0x8d, 0x27, 0xed, 0x1b, 0x22, \ + 0xef, 0xdf, 0x36, 0x11, 0xe2, 0xc8, 0x00, 0x0e, 0xc7, 0xe9, 0xc6, 0xb8, \ + 0xd8, 0x4b, 0x3f, 0x35, 0x41, 0xff, 0xfc, 0x96, 0x49, 0x4f, 0x7d, 0x8e, \ + 0x3f, 0x47, 0x68, 0x33, 0x17, 0x83, 0x44, 0x0f, 0xaf, 0xa6, 0x59, 0x0a, \ + 0xa9, 0x32, 0xcb, 0x59, 0xfe, 0xdd, 0x5f, 0x6e, 0x8b, 0x22, 0xb8, 0x81, \ + 0x90, 0x16, 0x91, 0x0a, 0x04, 0x79, 0x62, 0xff, 0x4b, 0x04, 0xf1, 0x5c, \ + 0x34, 0xeb, 0x69, 0xce, 0xef, 0xcb, 0x6e, 0xb6, 0x3b, 0x40, 0x55, 0xca, \ + 0x24, 0xc2, 0x3e, 0x25, 0x70, 0xee, 0x74, 0x2b, 0x0e, 0x9f, 0xc2, 0x82, \ + 0x9a, 0x20, 0x38, 0x77, 0xa1, 0x26, 0x8a, 0xca, 0x9f, 0x87, 0x75, 0x77, \ + 0xe3, 0xce, 0x65, 0xec, 0x71, 0x10, 0x35, 0xcb, 0xcb, 0x4f, 0x19, 0x43, \ + 0xeb, 0x30, 0xd0, 0xca, 0x2d, 0x3f, 0xca, 0x46, 0x14, 0x61, 0x99, 0x30, \ + 0x41, 0x32, 0xb5, 0x37, 0x63, 0x6f, 0x97 \ } /* END FILE */ @@ -1176,106 +1176,106 @@ /* This was generated from tests/data_files/cli-rsa.key.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CLI_KEY_RSA_DER tests/data_files/cli-rsa.key.der */ #define TEST_CLI_KEY_RSA_DER { \ - 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ - 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, 0x45, 0xd9, 0x14, \ - 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, 0x33, 0xad, 0x0d, \ - 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, 0xcc, 0x66, 0x85, \ - 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, 0x9e, 0x0a, 0x6e, \ - 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, 0x93, 0x86, 0x49, \ - 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, 0xd4, 0x2f, 0x77, \ - 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, 0x48, 0x70, 0xf5, \ - 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, 0xe6, 0x43, 0xea, \ - 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, 0x57, 0x4e, 0xa9, \ - 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, 0x32, 0x30, 0xd5, \ - 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, 0x5f, 0xf9, 0x3d, \ - 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, 0xfb, 0xe5, 0x0c, \ - 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, 0x7f, 0xca, 0xad, \ - 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, 0xe0, 0x9b, 0xf8, \ - 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, 0x04, 0x66, 0xc7, \ - 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, 0x06, 0x67, 0xf4, \ - 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, 0x3c, 0x8b, 0x35, \ - 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, 0xfc, 0x36, 0x6b, \ - 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, 0x00, 0xcf, 0xaf, \ - 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, 0xe7, 0x50, 0x71, \ - 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, 0xe4, 0xc4, 0xfd, \ - 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ - 0x00, 0x67, 0x4d, 0xb5, 0xf6, 0x03, 0x89, 0xaa, 0x7a, 0x6f, 0x3b, 0x2d, \ - 0xca, 0x10, 0xa2, 0x23, 0xc9, 0xbd, 0x4e, 0xda, 0xe1, 0x67, 0x0e, 0x0c, \ - 0x8a, 0xc6, 0x84, 0x68, 0xdf, 0xe5, 0x97, 0x75, 0xd2, 0x8d, 0xa3, 0x86, \ - 0xd9, 0xdb, 0xd5, 0xeb, 0x13, 0x19, 0x08, 0xc5, 0x7e, 0xe5, 0x37, 0x97, \ - 0x0c, 0x73, 0x80, 0x66, 0x76, 0x35, 0xf1, 0x88, 0xb5, 0xf2, 0xfc, 0xf3, \ - 0xe1, 0x4b, 0x76, 0x4e, 0x73, 0x45, 0xce, 0x2c, 0xc2, 0x10, 0x26, 0x0d, \ - 0x68, 0x0d, 0x9f, 0x49, 0x3d, 0xd6, 0x80, 0x89, 0xe7, 0xc5, 0x49, 0x15, \ - 0xdd, 0x85, 0xc0, 0xc8, 0xfe, 0x82, 0x37, 0x12, 0x5a, 0x0a, 0x6b, 0xf6, \ - 0x68, 0x0d, 0x32, 0x16, 0xbd, 0xa4, 0x15, 0x54, 0x9e, 0x68, 0xa1, 0xad, \ - 0xca, 0x6b, 0xe5, 0x8c, 0xda, 0x76, 0x35, 0x59, 0x2f, 0x9b, 0xb4, 0xe1, \ - 0xf1, 0xf0, 0x50, 0x04, 0xee, 0xc8, 0xec, 0x05, 0xe1, 0xcf, 0x8d, 0xe4, \ - 0xd2, 0x64, 0x7b, 0x5e, 0x63, 0xe0, 0x7b, 0x07, 0xbc, 0x02, 0x96, 0x4e, \ - 0x1b, 0x78, 0x6c, 0xb6, 0x43, 0x9a, 0x32, 0xf6, 0xd6, 0x02, 0xf5, 0x80, \ - 0xcc, 0x26, 0x6e, 0xa5, 0xd0, 0xe3, 0x65, 0x88, 0xce, 0x26, 0xa9, 0x40, \ - 0xe1, 0xe1, 0x00, 0xe0, 0x7f, 0x3f, 0xc3, 0xb1, 0x7c, 0xde, 0xbe, 0x42, \ - 0xba, 0x07, 0x81, 0x13, 0xc2, 0xe0, 0x11, 0x11, 0x23, 0x2c, 0xf8, 0xb2, \ - 0x7a, 0x3a, 0xd4, 0xe4, 0x7d, 0x5f, 0xb9, 0xb1, 0x18, 0xfa, 0x1d, 0x1d, \ - 0x97, 0x91, 0xd9, 0x04, 0x9e, 0xbc, 0xc9, 0xb4, 0xd7, 0x7d, 0x0e, 0x54, \ - 0xf6, 0x8f, 0xd0, 0x28, 0x0d, 0xdd, 0x77, 0x4b, 0x68, 0x04, 0x48, 0x61, \ - 0x75, 0x15, 0x03, 0x1b, 0x35, 0xad, 0x8e, 0xfc, 0x24, 0x11, 0x07, 0xea, \ - 0x17, 0x5a, 0xde, 0x19, 0x68, 0xff, 0xb6, 0x87, 0x7f, 0x80, 0x2a, 0x5f, \ - 0x0c, 0x58, 0xba, 0x5f, 0x41, 0x02, 0x81, 0x81, 0x00, 0xe3, 0x03, 0xaf, \ - 0xfe, 0x98, 0xd2, 0x0b, 0x7b, 0x72, 0xe9, 0x3b, 0x8e, 0xbc, 0xa5, 0xf6, \ - 0xac, 0xe5, 0x22, 0x06, 0xb2, 0xd7, 0x5e, 0xfd, 0x89, 0x4b, 0x16, 0x67, \ - 0x32, 0x83, 0x22, 0x58, 0x8e, 0x62, 0xa4, 0xb4, 0x2d, 0xf9, 0x16, 0x13, \ - 0x54, 0xf6, 0x9f, 0x2f, 0xf9, 0xbb, 0x0e, 0x7e, 0x8c, 0x6f, 0x08, 0xda, \ - 0xc8, 0xe9, 0x1c, 0x66, 0x10, 0x70, 0x93, 0x90, 0x8d, 0xcf, 0x90, 0x3a, \ - 0x43, 0x89, 0x49, 0xeb, 0x83, 0x2a, 0xfe, 0x5a, 0x87, 0xce, 0x74, 0x42, \ - 0x41, 0x0d, 0x8c, 0x73, 0x51, 0xbc, 0x7b, 0x20, 0xc5, 0xfd, 0xf6, 0x0b, \ - 0x65, 0xed, 0xa9, 0x2e, 0xfc, 0x0f, 0xf5, 0x50, 0xf9, 0x8d, 0x37, 0x36, \ - 0x9a, 0x20, 0xdf, 0xc3, 0xe3, 0x27, 0xbc, 0x98, 0x72, 0xc1, 0x14, 0x4b, \ - 0x71, 0xe9, 0x83, 0x14, 0xff, 0x24, 0xe2, 0x14, 0x15, 0xb6, 0x6f, 0x0f, \ - 0x32, 0x9d, 0xd9, 0x98, 0xd1, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x0c, 0xfb, \ - 0xc3, 0x33, 0x9b, 0x47, 0x88, 0x27, 0xf2, 0x26, 0xde, 0xeb, 0x5e, 0xee, \ - 0x40, 0xf6, 0x63, 0x5b, 0x35, 0x23, 0xf5, 0xd5, 0x07, 0x61, 0xdf, 0xa2, \ - 0x9f, 0x58, 0x30, 0x04, 0x22, 0x2b, 0xb4, 0xd9, 0xda, 0x46, 0x7f, 0x48, \ - 0xf5, 0x4f, 0xd0, 0xea, 0xd7, 0xa0, 0x45, 0x8a, 0x62, 0x8b, 0x8c, 0xac, \ - 0x73, 0x5e, 0xfa, 0x36, 0x65, 0x3e, 0xba, 0x6c, 0xba, 0x5e, 0x6b, 0x92, \ - 0x29, 0x5e, 0x6a, 0x0f, 0xd6, 0xd2, 0xa5, 0x95, 0x86, 0xda, 0x72, 0xc5, \ - 0x9e, 0xc9, 0x6b, 0x37, 0x5e, 0x4b, 0x9b, 0x77, 0xe1, 0x67, 0x1a, 0x1e, \ - 0x30, 0xd8, 0x41, 0x68, 0x40, 0xd3, 0x9c, 0xb4, 0xf6, 0xeb, 0x2a, 0x22, \ - 0xdf, 0x78, 0x29, 0xd2, 0x64, 0x92, 0x5b, 0x2f, 0x78, 0x64, 0x4a, 0xa2, \ - 0xa6, 0x6b, 0x3e, 0x50, 0xb1, 0x7a, 0xb1, 0x8d, 0x59, 0xb4, 0x55, 0xba, \ - 0xb6, 0x91, 0x85, 0xa3, 0x2f, 0x02, 0x81, 0x80, 0x10, 0x1e, 0x19, 0xe7, \ - 0xbc, 0x97, 0xe5, 0x22, 0xcd, 0xa4, 0xcb, 0x8a, 0xb5, 0xd0, 0x1e, 0xb4, \ - 0x65, 0xcc, 0x45, 0xa7, 0x7a, 0xed, 0x0e, 0x99, 0x29, 0xd0, 0x9c, 0x61, \ - 0x14, 0xb8, 0x62, 0x8b, 0x31, 0x6b, 0xba, 0x33, 0x2d, 0x65, 0x28, 0xd8, \ - 0x36, 0x6e, 0x54, 0xec, 0xa9, 0x20, 0x3d, 0x51, 0xe1, 0x2c, 0x42, 0xc4, \ - 0x52, 0xf0, 0xa6, 0x3a, 0x72, 0x93, 0xb7, 0x86, 0xa9, 0xfe, 0xf6, 0x74, \ - 0x07, 0x12, 0x4d, 0x7b, 0x51, 0x99, 0x1f, 0x7a, 0x56, 0xe9, 0x20, 0x2f, \ - 0x18, 0x34, 0x29, 0x97, 0xdb, 0x06, 0xee, 0xeb, 0xbf, 0xbd, 0x31, 0x4f, \ - 0xfa, 0x50, 0xb1, 0xba, 0x49, 0xb3, 0xc4, 0x1d, 0x03, 0xae, 0xb0, 0xdc, \ - 0xbe, 0x8a, 0xc4, 0x90, 0xa3, 0x28, 0x9b, 0xb6, 0x42, 0x09, 0x1b, 0xd6, \ - 0x29, 0x9b, 0x19, 0xe9, 0x87, 0x87, 0xd9, 0x9f, 0x35, 0x05, 0xab, 0x91, \ - 0x8f, 0x6d, 0x7c, 0x91, 0x02, 0x81, 0x81, 0x00, 0x94, 0x57, 0xf0, 0xe0, \ - 0x28, 0xfd, 0xbd, 0xf3, 0x9c, 0x43, 0x4d, 0x3e, 0xfd, 0x37, 0x4f, 0x23, \ - 0x52, 0x8d, 0xe1, 0x4c, 0xfe, 0x4c, 0x55, 0x80, 0x82, 0xba, 0x3f, 0xfe, \ - 0x51, 0xe1, 0x30, 0xd5, 0x3b, 0xd9, 0x73, 0x1d, 0xcb, 0x25, 0xbc, 0xbb, \ - 0x3f, 0xa5, 0xda, 0x77, 0xa6, 0xb5, 0xfc, 0x1a, 0xaf, 0x79, 0xa1, 0xb2, \ - 0x14, 0xa2, 0x1f, 0x10, 0x52, 0x1a, 0x05, 0x40, 0x48, 0xb6, 0x4f, 0x34, \ - 0xd6, 0xc0, 0xc3, 0xa4, 0x36, 0x98, 0x73, 0x88, 0x0b, 0xd3, 0x45, 0xdc, \ - 0xee, 0x51, 0x6e, 0x04, 0x73, 0x99, 0x93, 0x12, 0x58, 0x96, 0xcb, 0x39, \ - 0x42, 0xb1, 0xa9, 0xb8, 0xe1, 0x25, 0xf5, 0x9c, 0x14, 0xb7, 0x92, 0x2b, \ - 0x14, 0xb0, 0x5d, 0x61, 0xa2, 0xaa, 0x34, 0x7c, 0xcd, 0x54, 0x2d, 0x69, \ - 0x08, 0xf7, 0xdb, 0xfc, 0x9c, 0x87, 0xe8, 0x3a, 0xf6, 0x1d, 0x4c, 0x6a, \ - 0x83, 0x15, 0x30, 0x01, 0x02, 0x81, 0x81, 0x00, 0x9c, 0x53, 0xa1, 0xb6, \ - 0x2f, 0xc0, 0x06, 0xf5, 0xdf, 0x5c, 0xd1, 0x4a, 0x4e, 0xc8, 0xbd, 0x6d, \ - 0x32, 0xf1, 0x5e, 0xe5, 0x3b, 0x70, 0xd0, 0xa8, 0xe5, 0x41, 0x57, 0x6c, \ - 0x87, 0x53, 0x0f, 0xeb, 0x28, 0xa0, 0x62, 0x8f, 0x43, 0x62, 0xec, 0x2e, \ - 0x6c, 0x71, 0x55, 0x5b, 0x6a, 0xf4, 0x74, 0x14, 0xea, 0x7a, 0x03, 0xf6, \ - 0xfc, 0xa4, 0xce, 0xc4, 0xac, 0xda, 0x1d, 0xf0, 0xb5, 0xa9, 0xfd, 0x11, \ - 0x18, 0x3b, 0x14, 0xa0, 0x90, 0x8d, 0x26, 0xb7, 0x75, 0x73, 0x0a, 0x02, \ - 0x2c, 0x6f, 0x0f, 0xd8, 0x41, 0x78, 0xc3, 0x73, 0x81, 0xac, 0xaa, 0xaf, \ - 0xf2, 0xee, 0x32, 0xb5, 0x8d, 0x05, 0xf9, 0x59, 0x5a, 0x9e, 0x3e, 0x65, \ - 0x9b, 0x74, 0xda, 0xa0, 0x74, 0x95, 0x17, 0x5f, 0x8d, 0x58, 0xfc, 0x8e, \ - 0x4e, 0x2c, 0x1e, 0xbc, 0x81, 0x02, 0x18, 0xac, 0x12, 0xc6, 0xf9, 0x64, \ - 0x8b, 0x87, 0xc3, 0x00 \ + 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ + 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, 0x45, 0xd9, 0x14, \ + 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, 0x33, 0xad, 0x0d, \ + 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, 0xcc, 0x66, 0x85, \ + 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, 0x9e, 0x0a, 0x6e, \ + 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, 0x93, 0x86, 0x49, \ + 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, 0xd4, 0x2f, 0x77, \ + 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, 0x48, 0x70, 0xf5, \ + 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, 0xe6, 0x43, 0xea, \ + 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, 0x57, 0x4e, 0xa9, \ + 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, 0x32, 0x30, 0xd5, \ + 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, 0x5f, 0xf9, 0x3d, \ + 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, 0xfb, 0xe5, 0x0c, \ + 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, 0x7f, 0xca, 0xad, \ + 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, 0xe0, 0x9b, 0xf8, \ + 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, 0x04, 0x66, 0xc7, \ + 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, 0x06, 0x67, 0xf4, \ + 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, 0x3c, 0x8b, 0x35, \ + 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, 0xfc, 0x36, 0x6b, \ + 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, 0x00, 0xcf, 0xaf, \ + 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, 0xe7, 0x50, 0x71, \ + 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, 0xe4, 0xc4, 0xfd, \ + 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ + 0x00, 0x67, 0x4d, 0xb5, 0xf6, 0x03, 0x89, 0xaa, 0x7a, 0x6f, 0x3b, 0x2d, \ + 0xca, 0x10, 0xa2, 0x23, 0xc9, 0xbd, 0x4e, 0xda, 0xe1, 0x67, 0x0e, 0x0c, \ + 0x8a, 0xc6, 0x84, 0x68, 0xdf, 0xe5, 0x97, 0x75, 0xd2, 0x8d, 0xa3, 0x86, \ + 0xd9, 0xdb, 0xd5, 0xeb, 0x13, 0x19, 0x08, 0xc5, 0x7e, 0xe5, 0x37, 0x97, \ + 0x0c, 0x73, 0x80, 0x66, 0x76, 0x35, 0xf1, 0x88, 0xb5, 0xf2, 0xfc, 0xf3, \ + 0xe1, 0x4b, 0x76, 0x4e, 0x73, 0x45, 0xce, 0x2c, 0xc2, 0x10, 0x26, 0x0d, \ + 0x68, 0x0d, 0x9f, 0x49, 0x3d, 0xd6, 0x80, 0x89, 0xe7, 0xc5, 0x49, 0x15, \ + 0xdd, 0x85, 0xc0, 0xc8, 0xfe, 0x82, 0x37, 0x12, 0x5a, 0x0a, 0x6b, 0xf6, \ + 0x68, 0x0d, 0x32, 0x16, 0xbd, 0xa4, 0x15, 0x54, 0x9e, 0x68, 0xa1, 0xad, \ + 0xca, 0x6b, 0xe5, 0x8c, 0xda, 0x76, 0x35, 0x59, 0x2f, 0x9b, 0xb4, 0xe1, \ + 0xf1, 0xf0, 0x50, 0x04, 0xee, 0xc8, 0xec, 0x05, 0xe1, 0xcf, 0x8d, 0xe4, \ + 0xd2, 0x64, 0x7b, 0x5e, 0x63, 0xe0, 0x7b, 0x07, 0xbc, 0x02, 0x96, 0x4e, \ + 0x1b, 0x78, 0x6c, 0xb6, 0x43, 0x9a, 0x32, 0xf6, 0xd6, 0x02, 0xf5, 0x80, \ + 0xcc, 0x26, 0x6e, 0xa5, 0xd0, 0xe3, 0x65, 0x88, 0xce, 0x26, 0xa9, 0x40, \ + 0xe1, 0xe1, 0x00, 0xe0, 0x7f, 0x3f, 0xc3, 0xb1, 0x7c, 0xde, 0xbe, 0x42, \ + 0xba, 0x07, 0x81, 0x13, 0xc2, 0xe0, 0x11, 0x11, 0x23, 0x2c, 0xf8, 0xb2, \ + 0x7a, 0x3a, 0xd4, 0xe4, 0x7d, 0x5f, 0xb9, 0xb1, 0x18, 0xfa, 0x1d, 0x1d, \ + 0x97, 0x91, 0xd9, 0x04, 0x9e, 0xbc, 0xc9, 0xb4, 0xd7, 0x7d, 0x0e, 0x54, \ + 0xf6, 0x8f, 0xd0, 0x28, 0x0d, 0xdd, 0x77, 0x4b, 0x68, 0x04, 0x48, 0x61, \ + 0x75, 0x15, 0x03, 0x1b, 0x35, 0xad, 0x8e, 0xfc, 0x24, 0x11, 0x07, 0xea, \ + 0x17, 0x5a, 0xde, 0x19, 0x68, 0xff, 0xb6, 0x87, 0x7f, 0x80, 0x2a, 0x5f, \ + 0x0c, 0x58, 0xba, 0x5f, 0x41, 0x02, 0x81, 0x81, 0x00, 0xe3, 0x03, 0xaf, \ + 0xfe, 0x98, 0xd2, 0x0b, 0x7b, 0x72, 0xe9, 0x3b, 0x8e, 0xbc, 0xa5, 0xf6, \ + 0xac, 0xe5, 0x22, 0x06, 0xb2, 0xd7, 0x5e, 0xfd, 0x89, 0x4b, 0x16, 0x67, \ + 0x32, 0x83, 0x22, 0x58, 0x8e, 0x62, 0xa4, 0xb4, 0x2d, 0xf9, 0x16, 0x13, \ + 0x54, 0xf6, 0x9f, 0x2f, 0xf9, 0xbb, 0x0e, 0x7e, 0x8c, 0x6f, 0x08, 0xda, \ + 0xc8, 0xe9, 0x1c, 0x66, 0x10, 0x70, 0x93, 0x90, 0x8d, 0xcf, 0x90, 0x3a, \ + 0x43, 0x89, 0x49, 0xeb, 0x83, 0x2a, 0xfe, 0x5a, 0x87, 0xce, 0x74, 0x42, \ + 0x41, 0x0d, 0x8c, 0x73, 0x51, 0xbc, 0x7b, 0x20, 0xc5, 0xfd, 0xf6, 0x0b, \ + 0x65, 0xed, 0xa9, 0x2e, 0xfc, 0x0f, 0xf5, 0x50, 0xf9, 0x8d, 0x37, 0x36, \ + 0x9a, 0x20, 0xdf, 0xc3, 0xe3, 0x27, 0xbc, 0x98, 0x72, 0xc1, 0x14, 0x4b, \ + 0x71, 0xe9, 0x83, 0x14, 0xff, 0x24, 0xe2, 0x14, 0x15, 0xb6, 0x6f, 0x0f, \ + 0x32, 0x9d, 0xd9, 0x98, 0xd1, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x0c, 0xfb, \ + 0xc3, 0x33, 0x9b, 0x47, 0x88, 0x27, 0xf2, 0x26, 0xde, 0xeb, 0x5e, 0xee, \ + 0x40, 0xf6, 0x63, 0x5b, 0x35, 0x23, 0xf5, 0xd5, 0x07, 0x61, 0xdf, 0xa2, \ + 0x9f, 0x58, 0x30, 0x04, 0x22, 0x2b, 0xb4, 0xd9, 0xda, 0x46, 0x7f, 0x48, \ + 0xf5, 0x4f, 0xd0, 0xea, 0xd7, 0xa0, 0x45, 0x8a, 0x62, 0x8b, 0x8c, 0xac, \ + 0x73, 0x5e, 0xfa, 0x36, 0x65, 0x3e, 0xba, 0x6c, 0xba, 0x5e, 0x6b, 0x92, \ + 0x29, 0x5e, 0x6a, 0x0f, 0xd6, 0xd2, 0xa5, 0x95, 0x86, 0xda, 0x72, 0xc5, \ + 0x9e, 0xc9, 0x6b, 0x37, 0x5e, 0x4b, 0x9b, 0x77, 0xe1, 0x67, 0x1a, 0x1e, \ + 0x30, 0xd8, 0x41, 0x68, 0x40, 0xd3, 0x9c, 0xb4, 0xf6, 0xeb, 0x2a, 0x22, \ + 0xdf, 0x78, 0x29, 0xd2, 0x64, 0x92, 0x5b, 0x2f, 0x78, 0x64, 0x4a, 0xa2, \ + 0xa6, 0x6b, 0x3e, 0x50, 0xb1, 0x7a, 0xb1, 0x8d, 0x59, 0xb4, 0x55, 0xba, \ + 0xb6, 0x91, 0x85, 0xa3, 0x2f, 0x02, 0x81, 0x80, 0x10, 0x1e, 0x19, 0xe7, \ + 0xbc, 0x97, 0xe5, 0x22, 0xcd, 0xa4, 0xcb, 0x8a, 0xb5, 0xd0, 0x1e, 0xb4, \ + 0x65, 0xcc, 0x45, 0xa7, 0x7a, 0xed, 0x0e, 0x99, 0x29, 0xd0, 0x9c, 0x61, \ + 0x14, 0xb8, 0x62, 0x8b, 0x31, 0x6b, 0xba, 0x33, 0x2d, 0x65, 0x28, 0xd8, \ + 0x36, 0x6e, 0x54, 0xec, 0xa9, 0x20, 0x3d, 0x51, 0xe1, 0x2c, 0x42, 0xc4, \ + 0x52, 0xf0, 0xa6, 0x3a, 0x72, 0x93, 0xb7, 0x86, 0xa9, 0xfe, 0xf6, 0x74, \ + 0x07, 0x12, 0x4d, 0x7b, 0x51, 0x99, 0x1f, 0x7a, 0x56, 0xe9, 0x20, 0x2f, \ + 0x18, 0x34, 0x29, 0x97, 0xdb, 0x06, 0xee, 0xeb, 0xbf, 0xbd, 0x31, 0x4f, \ + 0xfa, 0x50, 0xb1, 0xba, 0x49, 0xb3, 0xc4, 0x1d, 0x03, 0xae, 0xb0, 0xdc, \ + 0xbe, 0x8a, 0xc4, 0x90, 0xa3, 0x28, 0x9b, 0xb6, 0x42, 0x09, 0x1b, 0xd6, \ + 0x29, 0x9b, 0x19, 0xe9, 0x87, 0x87, 0xd9, 0x9f, 0x35, 0x05, 0xab, 0x91, \ + 0x8f, 0x6d, 0x7c, 0x91, 0x02, 0x81, 0x81, 0x00, 0x94, 0x57, 0xf0, 0xe0, \ + 0x28, 0xfd, 0xbd, 0xf3, 0x9c, 0x43, 0x4d, 0x3e, 0xfd, 0x37, 0x4f, 0x23, \ + 0x52, 0x8d, 0xe1, 0x4c, 0xfe, 0x4c, 0x55, 0x80, 0x82, 0xba, 0x3f, 0xfe, \ + 0x51, 0xe1, 0x30, 0xd5, 0x3b, 0xd9, 0x73, 0x1d, 0xcb, 0x25, 0xbc, 0xbb, \ + 0x3f, 0xa5, 0xda, 0x77, 0xa6, 0xb5, 0xfc, 0x1a, 0xaf, 0x79, 0xa1, 0xb2, \ + 0x14, 0xa2, 0x1f, 0x10, 0x52, 0x1a, 0x05, 0x40, 0x48, 0xb6, 0x4f, 0x34, \ + 0xd6, 0xc0, 0xc3, 0xa4, 0x36, 0x98, 0x73, 0x88, 0x0b, 0xd3, 0x45, 0xdc, \ + 0xee, 0x51, 0x6e, 0x04, 0x73, 0x99, 0x93, 0x12, 0x58, 0x96, 0xcb, 0x39, \ + 0x42, 0xb1, 0xa9, 0xb8, 0xe1, 0x25, 0xf5, 0x9c, 0x14, 0xb7, 0x92, 0x2b, \ + 0x14, 0xb0, 0x5d, 0x61, 0xa2, 0xaa, 0x34, 0x7c, 0xcd, 0x54, 0x2d, 0x69, \ + 0x08, 0xf7, 0xdb, 0xfc, 0x9c, 0x87, 0xe8, 0x3a, 0xf6, 0x1d, 0x4c, 0x6a, \ + 0x83, 0x15, 0x30, 0x01, 0x02, 0x81, 0x81, 0x00, 0x9c, 0x53, 0xa1, 0xb6, \ + 0x2f, 0xc0, 0x06, 0xf5, 0xdf, 0x5c, 0xd1, 0x4a, 0x4e, 0xc8, 0xbd, 0x6d, \ + 0x32, 0xf1, 0x5e, 0xe5, 0x3b, 0x70, 0xd0, 0xa8, 0xe5, 0x41, 0x57, 0x6c, \ + 0x87, 0x53, 0x0f, 0xeb, 0x28, 0xa0, 0x62, 0x8f, 0x43, 0x62, 0xec, 0x2e, \ + 0x6c, 0x71, 0x55, 0x5b, 0x6a, 0xf4, 0x74, 0x14, 0xea, 0x7a, 0x03, 0xf6, \ + 0xfc, 0xa4, 0xce, 0xc4, 0xac, 0xda, 0x1d, 0xf0, 0xb5, 0xa9, 0xfd, 0x11, \ + 0x18, 0x3b, 0x14, 0xa0, 0x90, 0x8d, 0x26, 0xb7, 0x75, 0x73, 0x0a, 0x02, \ + 0x2c, 0x6f, 0x0f, 0xd8, 0x41, 0x78, 0xc3, 0x73, 0x81, 0xac, 0xaa, 0xaf, \ + 0xf2, 0xee, 0x32, 0xb5, 0x8d, 0x05, 0xf9, 0x59, 0x5a, 0x9e, 0x3e, 0x65, \ + 0x9b, 0x74, 0xda, 0xa0, 0x74, 0x95, 0x17, 0x5f, 0x8d, 0x58, 0xfc, 0x8e, \ + 0x4e, 0x2c, 0x1e, 0xbc, 0x81, 0x02, 0x18, 0xac, 0x12, 0xc6, 0xf9, 0x64, \ + 0x8b, 0x87, 0xc3, 0x00 \ } /* END FILE */ @@ -1306,32 +1306,32 @@ const unsigned char mbedtls_test_ca_crt_rsa_sha256_der[] = TEST_CA_CRT_RSA_SHA256_DER; const size_t mbedtls_test_ca_crt_ec_pem_len = - sizeof( mbedtls_test_ca_crt_ec_pem ); + sizeof(mbedtls_test_ca_crt_ec_pem); const size_t mbedtls_test_ca_key_ec_pem_len = - sizeof( mbedtls_test_ca_key_ec_pem ); + sizeof(mbedtls_test_ca_key_ec_pem); const size_t mbedtls_test_ca_pwd_ec_pem_len = - sizeof( mbedtls_test_ca_pwd_ec_pem ) - 1; + sizeof(mbedtls_test_ca_pwd_ec_pem) - 1; const size_t mbedtls_test_ca_key_rsa_pem_len = - sizeof( mbedtls_test_ca_key_rsa_pem ); + sizeof(mbedtls_test_ca_key_rsa_pem); const size_t mbedtls_test_ca_pwd_rsa_pem_len = - sizeof( mbedtls_test_ca_pwd_rsa_pem ) - 1; + sizeof(mbedtls_test_ca_pwd_rsa_pem) - 1; const size_t mbedtls_test_ca_crt_rsa_sha1_pem_len = - sizeof( mbedtls_test_ca_crt_rsa_sha1_pem ); + sizeof(mbedtls_test_ca_crt_rsa_sha1_pem); const size_t mbedtls_test_ca_crt_rsa_sha256_pem_len = - sizeof( mbedtls_test_ca_crt_rsa_sha256_pem ); + sizeof(mbedtls_test_ca_crt_rsa_sha256_pem); const size_t mbedtls_test_ca_crt_ec_der_len = - sizeof( mbedtls_test_ca_crt_ec_der ); + sizeof(mbedtls_test_ca_crt_ec_der); const size_t mbedtls_test_ca_key_ec_der_len = - sizeof( mbedtls_test_ca_key_ec_der ); + sizeof(mbedtls_test_ca_key_ec_der); const size_t mbedtls_test_ca_pwd_ec_der_len = 0; const size_t mbedtls_test_ca_key_rsa_der_len = - sizeof( mbedtls_test_ca_key_rsa_der ); + sizeof(mbedtls_test_ca_key_rsa_der); const size_t mbedtls_test_ca_pwd_rsa_der_len = 0; const size_t mbedtls_test_ca_crt_rsa_sha1_der_len = - sizeof( mbedtls_test_ca_crt_rsa_sha1_der ); + sizeof(mbedtls_test_ca_crt_rsa_sha1_der); const size_t mbedtls_test_ca_crt_rsa_sha256_der_len = - sizeof( mbedtls_test_ca_crt_rsa_sha256_der ); + sizeof(mbedtls_test_ca_crt_rsa_sha256_der); /* * Server @@ -1354,32 +1354,32 @@ const unsigned char mbedtls_test_srv_crt_rsa_sha256_der[] = TEST_SRV_CRT_RSA_SHA256_DER; const size_t mbedtls_test_srv_crt_ec_pem_len = - sizeof( mbedtls_test_srv_crt_ec_pem ); + sizeof(mbedtls_test_srv_crt_ec_pem); const size_t mbedtls_test_srv_key_ec_pem_len = - sizeof( mbedtls_test_srv_key_ec_pem ); + sizeof(mbedtls_test_srv_key_ec_pem); const size_t mbedtls_test_srv_pwd_ec_pem_len = - sizeof( mbedtls_test_srv_pwd_ec_pem ) - 1; + sizeof(mbedtls_test_srv_pwd_ec_pem) - 1; const size_t mbedtls_test_srv_key_rsa_pem_len = - sizeof( mbedtls_test_srv_key_rsa_pem ); + sizeof(mbedtls_test_srv_key_rsa_pem); const size_t mbedtls_test_srv_pwd_rsa_pem_len = - sizeof( mbedtls_test_srv_pwd_rsa_pem ) - 1; + sizeof(mbedtls_test_srv_pwd_rsa_pem) - 1; const size_t mbedtls_test_srv_crt_rsa_sha1_pem_len = - sizeof( mbedtls_test_srv_crt_rsa_sha1_pem ); + sizeof(mbedtls_test_srv_crt_rsa_sha1_pem); const size_t mbedtls_test_srv_crt_rsa_sha256_pem_len = - sizeof( mbedtls_test_srv_crt_rsa_sha256_pem ); + sizeof(mbedtls_test_srv_crt_rsa_sha256_pem); const size_t mbedtls_test_srv_crt_ec_der_len = - sizeof( mbedtls_test_srv_crt_ec_der ); + sizeof(mbedtls_test_srv_crt_ec_der); const size_t mbedtls_test_srv_key_ec_der_len = - sizeof( mbedtls_test_srv_key_ec_der ); + sizeof(mbedtls_test_srv_key_ec_der); const size_t mbedtls_test_srv_pwd_ec_der_len = 0; const size_t mbedtls_test_srv_key_rsa_der_len = - sizeof( mbedtls_test_srv_key_rsa_der ); + sizeof(mbedtls_test_srv_key_rsa_der); const size_t mbedtls_test_srv_pwd_rsa_der_len = 0; const size_t mbedtls_test_srv_crt_rsa_sha1_der_len = - sizeof( mbedtls_test_srv_crt_rsa_sha1_der ); + sizeof(mbedtls_test_srv_crt_rsa_sha1_der); const size_t mbedtls_test_srv_crt_rsa_sha256_der_len = - sizeof( mbedtls_test_srv_crt_rsa_sha256_der ); + sizeof(mbedtls_test_srv_crt_rsa_sha256_der); /* * Client @@ -1398,26 +1398,26 @@ const unsigned char mbedtls_test_cli_key_rsa_der[] = TEST_CLI_KEY_RSA_DER; const unsigned char mbedtls_test_cli_crt_rsa_der[] = TEST_CLI_CRT_RSA_DER; const size_t mbedtls_test_cli_crt_ec_pem_len = - sizeof( mbedtls_test_cli_crt_ec_pem ); + sizeof(mbedtls_test_cli_crt_ec_pem); const size_t mbedtls_test_cli_key_ec_pem_len = - sizeof( mbedtls_test_cli_key_ec_pem ); + sizeof(mbedtls_test_cli_key_ec_pem); const size_t mbedtls_test_cli_pwd_ec_pem_len = - sizeof( mbedtls_test_cli_pwd_ec_pem ) - 1; + sizeof(mbedtls_test_cli_pwd_ec_pem) - 1; const size_t mbedtls_test_cli_key_rsa_pem_len = - sizeof( mbedtls_test_cli_key_rsa_pem ); + sizeof(mbedtls_test_cli_key_rsa_pem); const size_t mbedtls_test_cli_pwd_rsa_pem_len = - sizeof( mbedtls_test_cli_pwd_rsa_pem ) - 1; + sizeof(mbedtls_test_cli_pwd_rsa_pem) - 1; const size_t mbedtls_test_cli_crt_rsa_pem_len = - sizeof( mbedtls_test_cli_crt_rsa_pem ); + sizeof(mbedtls_test_cli_crt_rsa_pem); const size_t mbedtls_test_cli_crt_ec_der_len = - sizeof( mbedtls_test_cli_crt_ec_der ); + sizeof(mbedtls_test_cli_crt_ec_der); const size_t mbedtls_test_cli_key_ec_der_len = - sizeof( mbedtls_test_cli_key_ec_der ); + sizeof(mbedtls_test_cli_key_ec_der); const size_t mbedtls_test_cli_key_rsa_der_len = - sizeof( mbedtls_test_cli_key_rsa_der ); + sizeof(mbedtls_test_cli_key_rsa_der); const size_t mbedtls_test_cli_crt_rsa_der_len = - sizeof( mbedtls_test_cli_crt_rsa_der ); + sizeof(mbedtls_test_cli_crt_rsa_der); /* * @@ -1519,47 +1519,47 @@ const char mbedtls_test_cli_pwd_ec[] = TEST_CLI_PWD_EC; const char mbedtls_test_cli_crt_ec[] = TEST_CLI_CRT_EC; const size_t mbedtls_test_ca_key_rsa_len = - sizeof( mbedtls_test_ca_key_rsa ); + sizeof(mbedtls_test_ca_key_rsa); const size_t mbedtls_test_ca_pwd_rsa_len = - sizeof( mbedtls_test_ca_pwd_rsa ) - 1; + sizeof(mbedtls_test_ca_pwd_rsa) - 1; const size_t mbedtls_test_ca_crt_rsa_sha256_len = - sizeof( mbedtls_test_ca_crt_rsa_sha256 ); + sizeof(mbedtls_test_ca_crt_rsa_sha256); const size_t mbedtls_test_ca_crt_rsa_sha1_len = - sizeof( mbedtls_test_ca_crt_rsa_sha1 ); + sizeof(mbedtls_test_ca_crt_rsa_sha1); const size_t mbedtls_test_ca_key_ec_len = - sizeof( mbedtls_test_ca_key_ec ); + sizeof(mbedtls_test_ca_key_ec); const size_t mbedtls_test_ca_pwd_ec_len = - sizeof( mbedtls_test_ca_pwd_ec ) - 1; + sizeof(mbedtls_test_ca_pwd_ec) - 1; const size_t mbedtls_test_ca_crt_ec_len = - sizeof( mbedtls_test_ca_crt_ec ); + sizeof(mbedtls_test_ca_crt_ec); const size_t mbedtls_test_srv_key_rsa_len = - sizeof( mbedtls_test_srv_key_rsa ); + sizeof(mbedtls_test_srv_key_rsa); const size_t mbedtls_test_srv_pwd_rsa_len = - sizeof( mbedtls_test_srv_pwd_rsa ) -1; + sizeof(mbedtls_test_srv_pwd_rsa) -1; const size_t mbedtls_test_srv_crt_rsa_sha256_len = - sizeof( mbedtls_test_srv_crt_rsa_sha256 ); + sizeof(mbedtls_test_srv_crt_rsa_sha256); const size_t mbedtls_test_srv_crt_rsa_sha1_len = - sizeof( mbedtls_test_srv_crt_rsa_sha1 ); + sizeof(mbedtls_test_srv_crt_rsa_sha1); const size_t mbedtls_test_srv_key_ec_len = - sizeof( mbedtls_test_srv_key_ec ); + sizeof(mbedtls_test_srv_key_ec); const size_t mbedtls_test_srv_pwd_ec_len = - sizeof( mbedtls_test_srv_pwd_ec ) - 1; + sizeof(mbedtls_test_srv_pwd_ec) - 1; const size_t mbedtls_test_srv_crt_ec_len = - sizeof( mbedtls_test_srv_crt_ec ); + sizeof(mbedtls_test_srv_crt_ec); const size_t mbedtls_test_cli_key_rsa_len = - sizeof( mbedtls_test_cli_key_rsa ); + sizeof(mbedtls_test_cli_key_rsa); const size_t mbedtls_test_cli_pwd_rsa_len = - sizeof( mbedtls_test_cli_pwd_rsa ) - 1; + sizeof(mbedtls_test_cli_pwd_rsa) - 1; const size_t mbedtls_test_cli_crt_rsa_len = - sizeof( mbedtls_test_cli_crt_rsa ); + sizeof(mbedtls_test_cli_crt_rsa); const size_t mbedtls_test_cli_key_ec_len = - sizeof( mbedtls_test_cli_key_ec ); + sizeof(mbedtls_test_cli_key_ec); const size_t mbedtls_test_cli_pwd_ec_len = - sizeof( mbedtls_test_cli_pwd_ec ) - 1; + sizeof(mbedtls_test_cli_pwd_ec) - 1; const size_t mbedtls_test_cli_crt_ec_len = - sizeof( mbedtls_test_cli_crt_ec ); + sizeof(mbedtls_test_cli_crt_ec); /* * Dispatch between SHA-1 and SHA-256 @@ -1577,9 +1577,9 @@ const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA; const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA; const size_t mbedtls_test_ca_crt_rsa_len = - sizeof( mbedtls_test_ca_crt_rsa ); + sizeof(mbedtls_test_ca_crt_rsa); const size_t mbedtls_test_srv_crt_rsa_len = - sizeof( mbedtls_test_srv_crt_rsa ); + sizeof(mbedtls_test_srv_crt_rsa); /* * Dispatch between RSA and EC @@ -1642,25 +1642,25 @@ const char *mbedtls_test_cli_pwd = test_cli_pwd; const char *mbedtls_test_cli_crt = test_cli_crt; const size_t mbedtls_test_ca_key_len = - sizeof( test_ca_key ); + sizeof(test_ca_key); const size_t mbedtls_test_ca_pwd_len = - sizeof( test_ca_pwd ) - 1; + sizeof(test_ca_pwd) - 1; const size_t mbedtls_test_ca_crt_len = - sizeof( test_ca_crt ); + sizeof(test_ca_crt); const size_t mbedtls_test_srv_key_len = - sizeof( test_srv_key ); + sizeof(test_srv_key); const size_t mbedtls_test_srv_pwd_len = - sizeof( test_srv_pwd ) - 1; + sizeof(test_srv_pwd) - 1; const size_t mbedtls_test_srv_crt_len = - sizeof( test_srv_crt ); + sizeof(test_srv_crt); const size_t mbedtls_test_cli_key_len = - sizeof( test_cli_key ); + sizeof(test_cli_key); const size_t mbedtls_test_cli_pwd_len = - sizeof( test_cli_pwd ) - 1; + sizeof(test_cli_pwd) - 1; const size_t mbedtls_test_cli_crt_len = - sizeof( test_cli_crt ); + sizeof(test_cli_crt); /* * @@ -1669,7 +1669,7 @@ const size_t mbedtls_test_cli_crt_len = */ /* List of CAs in PEM or DER, depending on config */ -const char * mbedtls_test_cas[] = { +const char *mbedtls_test_cas[] = { #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA1_C) mbedtls_test_ca_crt_rsa_sha1, #endif @@ -1683,19 +1683,19 @@ const char * mbedtls_test_cas[] = { }; const size_t mbedtls_test_cas_len[] = { #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA1_C) - sizeof( mbedtls_test_ca_crt_rsa_sha1 ), + sizeof(mbedtls_test_ca_crt_rsa_sha1), #endif #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) - sizeof( mbedtls_test_ca_crt_rsa_sha256 ), + sizeof(mbedtls_test_ca_crt_rsa_sha256), #endif #if defined(MBEDTLS_ECDSA_C) - sizeof( mbedtls_test_ca_crt_ec ), + sizeof(mbedtls_test_ca_crt_ec), #endif 0 }; /* List of all available CA certificates in DER format */ -const unsigned char * mbedtls_test_cas_der[] = { +const unsigned char *mbedtls_test_cas_der[] = { #if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_SHA256_C) mbedtls_test_ca_crt_rsa_sha256_der, @@ -1713,14 +1713,14 @@ const unsigned char * mbedtls_test_cas_der[] = { const size_t mbedtls_test_cas_der_len[] = { #if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_SHA256_C) - sizeof( mbedtls_test_ca_crt_rsa_sha256_der ), + sizeof(mbedtls_test_ca_crt_rsa_sha256_der), #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA1_C) - sizeof( mbedtls_test_ca_crt_rsa_sha1_der ), + sizeof(mbedtls_test_ca_crt_rsa_sha1_der), #endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECDSA_C) - sizeof( mbedtls_test_ca_crt_ec_der ), + sizeof(mbedtls_test_ca_crt_ec_der), #endif /* MBEDTLS_ECDSA_C */ 0 }; @@ -1740,7 +1740,7 @@ const char mbedtls_test_cas_pem[] = TEST_CA_CRT_EC_PEM #endif /* MBEDTLS_ECDSA_C */ ""; -const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem ); +const size_t mbedtls_test_cas_pem_len = sizeof(mbedtls_test_cas_pem); #endif /* MBEDTLS_PEM_PARSE_C */ #endif /* MBEDTLS_CERTS_C */ diff --git a/library/chacha20.c b/library/chacha20.c index bd0701482c09..53f1d3916cee 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -37,17 +37,17 @@ #if !defined(MBEDTLS_CHACHA20_ALT) /* Parameter validation macros */ -#define CHACHA20_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ) -#define CHACHA20_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define CHACHA20_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA) +#define CHACHA20_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) -#define ROTL32( value, amount ) \ - ( (uint32_t) ( (value) << (amount) ) | ( (value) >> ( 32 - (amount) ) ) ) +#define ROTL32(value, amount) \ + ((uint32_t) ((value) << (amount)) | ((value) >> (32 - (amount)))) -#define CHACHA20_CTR_INDEX ( 12U ) +#define CHACHA20_CTR_INDEX (12U) -#define CHACHA20_BLOCK_SIZE_BYTES ( 4U * 16U ) +#define CHACHA20_BLOCK_SIZE_BYTES (4U * 16U) /** * \brief ChaCha20 quarter round operation. @@ -64,31 +64,31 @@ * \param c The index of 'c' in the state. * \param d The index of 'd' in the state. */ -static inline void chacha20_quarter_round( uint32_t state[16], - size_t a, - size_t b, - size_t c, - size_t d ) +static inline void chacha20_quarter_round(uint32_t state[16], + size_t a, + size_t b, + size_t c, + size_t d) { /* a += b; d ^= a; d <<<= 16; */ state[a] += state[b]; state[d] ^= state[a]; - state[d] = ROTL32( state[d], 16 ); + state[d] = ROTL32(state[d], 16); /* c += d; b ^= c; b <<<= 12 */ state[c] += state[d]; state[b] ^= state[c]; - state[b] = ROTL32( state[b], 12 ); + state[b] = ROTL32(state[b], 12); /* a += b; d ^= a; d <<<= 8; */ state[a] += state[b]; state[d] ^= state[a]; - state[d] = ROTL32( state[d], 8 ); + state[d] = ROTL32(state[d], 8); /* c += d; b ^= c; b <<<= 7; */ state[c] += state[d]; state[b] ^= state[c]; - state[b] = ROTL32( state[b], 7 ); + state[b] = ROTL32(state[b], 7); } /** @@ -99,17 +99,17 @@ static inline void chacha20_quarter_round( uint32_t state[16], * * \param state The ChaCha20 state to update. */ -static void chacha20_inner_block( uint32_t state[16] ) +static void chacha20_inner_block(uint32_t state[16]) { - chacha20_quarter_round( state, 0, 4, 8, 12 ); - chacha20_quarter_round( state, 1, 5, 9, 13 ); - chacha20_quarter_round( state, 2, 6, 10, 14 ); - chacha20_quarter_round( state, 3, 7, 11, 15 ); - - chacha20_quarter_round( state, 0, 5, 10, 15 ); - chacha20_quarter_round( state, 1, 6, 11, 12 ); - chacha20_quarter_round( state, 2, 7, 8, 13 ); - chacha20_quarter_round( state, 3, 4, 9, 14 ); + chacha20_quarter_round(state, 0, 4, 8, 12); + chacha20_quarter_round(state, 1, 5, 9, 13); + chacha20_quarter_round(state, 2, 6, 10, 14); + chacha20_quarter_round(state, 3, 7, 11, 15); + + chacha20_quarter_round(state, 0, 5, 10, 15); + chacha20_quarter_round(state, 1, 6, 11, 12); + chacha20_quarter_round(state, 2, 7, 8, 13); + chacha20_quarter_round(state, 3, 4, 9, 14); } /** @@ -118,29 +118,30 @@ static void chacha20_inner_block( uint32_t state[16] ) * \param initial_state The initial ChaCha20 state (key, nonce, counter). * \param keystream Generated keystream bytes are written to this buffer. */ -static void chacha20_block( const uint32_t initial_state[16], - unsigned char keystream[64] ) +static void chacha20_block(const uint32_t initial_state[16], + unsigned char keystream[64]) { uint32_t working_state[16]; size_t i; - memcpy( working_state, - initial_state, - CHACHA20_BLOCK_SIZE_BYTES ); - - for( i = 0U; i < 10U; i++ ) - chacha20_inner_block( working_state ); - - working_state[ 0] += initial_state[ 0]; - working_state[ 1] += initial_state[ 1]; - working_state[ 2] += initial_state[ 2]; - working_state[ 3] += initial_state[ 3]; - working_state[ 4] += initial_state[ 4]; - working_state[ 5] += initial_state[ 5]; - working_state[ 6] += initial_state[ 6]; - working_state[ 7] += initial_state[ 7]; - working_state[ 8] += initial_state[ 8]; - working_state[ 9] += initial_state[ 9]; + memcpy(working_state, + initial_state, + CHACHA20_BLOCK_SIZE_BYTES); + + for (i = 0U; i < 10U; i++) { + chacha20_inner_block(working_state); + } + + working_state[0] += initial_state[0]; + working_state[1] += initial_state[1]; + working_state[2] += initial_state[2]; + working_state[3] += initial_state[3]; + working_state[4] += initial_state[4]; + working_state[5] += initial_state[5]; + working_state[6] += initial_state[6]; + working_state[7] += initial_state[7]; + working_state[8] += initial_state[8]; + working_state[9] += initial_state[9]; working_state[10] += initial_state[10]; working_state[11] += initial_state[11]; working_state[12] += initial_state[12]; @@ -148,40 +149,38 @@ static void chacha20_block( const uint32_t initial_state[16], working_state[14] += initial_state[14]; working_state[15] += initial_state[15]; - for( i = 0U; i < 16; i++ ) - { + for (i = 0U; i < 16; i++) { size_t offset = i * 4U; MBEDTLS_PUT_UINT32_LE(working_state[i], keystream, offset); } - mbedtls_platform_zeroize( working_state, sizeof( working_state ) ); + mbedtls_platform_zeroize(working_state, sizeof(working_state)); } -void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx ) +void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx) { - CHACHA20_VALIDATE( ctx != NULL ); + CHACHA20_VALIDATE(ctx != NULL); - mbedtls_platform_zeroize( ctx->state, sizeof( ctx->state ) ); - mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); + mbedtls_platform_zeroize(ctx->state, sizeof(ctx->state)); + mbedtls_platform_zeroize(ctx->keystream8, sizeof(ctx->keystream8)); /* Initially, there's no keystream bytes available */ ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES; } -void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ) +void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx) { - if( ctx != NULL ) - { - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_chacha20_context ) ); + if (ctx != NULL) { + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_chacha20_context)); } } -int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, - const unsigned char key[32] ) +int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx, + const unsigned char key[32]) { - CHACHA20_VALIDATE_RET( ctx != NULL ); - CHACHA20_VALIDATE_RET( key != NULL ); + CHACHA20_VALIDATE_RET(ctx != NULL); + CHACHA20_VALIDATE_RET(key != NULL); /* ChaCha20 constants - the string "expand 32-byte k" */ ctx->state[0] = 0x61707865; @@ -190,58 +189,57 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, ctx->state[3] = 0x6b206574; /* Set key */ - ctx->state[4] = MBEDTLS_GET_UINT32_LE( key, 0 ); - ctx->state[5] = MBEDTLS_GET_UINT32_LE( key, 4 ); - ctx->state[6] = MBEDTLS_GET_UINT32_LE( key, 8 ); - ctx->state[7] = MBEDTLS_GET_UINT32_LE( key, 12 ); - ctx->state[8] = MBEDTLS_GET_UINT32_LE( key, 16 ); - ctx->state[9] = MBEDTLS_GET_UINT32_LE( key, 20 ); - ctx->state[10] = MBEDTLS_GET_UINT32_LE( key, 24 ); - ctx->state[11] = MBEDTLS_GET_UINT32_LE( key, 28 ); - - return( 0 ); + ctx->state[4] = MBEDTLS_GET_UINT32_LE(key, 0); + ctx->state[5] = MBEDTLS_GET_UINT32_LE(key, 4); + ctx->state[6] = MBEDTLS_GET_UINT32_LE(key, 8); + ctx->state[7] = MBEDTLS_GET_UINT32_LE(key, 12); + ctx->state[8] = MBEDTLS_GET_UINT32_LE(key, 16); + ctx->state[9] = MBEDTLS_GET_UINT32_LE(key, 20); + ctx->state[10] = MBEDTLS_GET_UINT32_LE(key, 24); + ctx->state[11] = MBEDTLS_GET_UINT32_LE(key, 28); + + return 0; } -int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, - const unsigned char nonce[12], - uint32_t counter ) +int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx, + const unsigned char nonce[12], + uint32_t counter) { - CHACHA20_VALIDATE_RET( ctx != NULL ); - CHACHA20_VALIDATE_RET( nonce != NULL ); + CHACHA20_VALIDATE_RET(ctx != NULL); + CHACHA20_VALIDATE_RET(nonce != NULL); /* Counter */ ctx->state[12] = counter; /* Nonce */ - ctx->state[13] = MBEDTLS_GET_UINT32_LE( nonce, 0 ); - ctx->state[14] = MBEDTLS_GET_UINT32_LE( nonce, 4 ); - ctx->state[15] = MBEDTLS_GET_UINT32_LE( nonce, 8 ); + ctx->state[13] = MBEDTLS_GET_UINT32_LE(nonce, 0); + ctx->state[14] = MBEDTLS_GET_UINT32_LE(nonce, 4); + ctx->state[15] = MBEDTLS_GET_UINT32_LE(nonce, 8); - mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); + mbedtls_platform_zeroize(ctx->keystream8, sizeof(ctx->keystream8)); /* Initially, there's no keystream bytes available */ ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES; - return( 0 ); + return 0; } -int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, - size_t size, - const unsigned char *input, - unsigned char *output ) +int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx, + size_t size, + const unsigned char *input, + unsigned char *output) { size_t offset = 0U; size_t i; - CHACHA20_VALIDATE_RET( ctx != NULL ); - CHACHA20_VALIDATE_RET( size == 0 || input != NULL ); - CHACHA20_VALIDATE_RET( size == 0 || output != NULL ); + CHACHA20_VALIDATE_RET(ctx != NULL); + CHACHA20_VALIDATE_RET(size == 0 || input != NULL); + CHACHA20_VALIDATE_RET(size == 0 || output != NULL); /* Use leftover keystream bytes, if available */ - while( size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES ) - { + while (size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES) { output[offset] = input[offset] - ^ ctx->keystream8[ctx->keystream_bytes_used]; + ^ ctx->keystream8[ctx->keystream_bytes_used]; ctx->keystream_bytes_used++; offset++; @@ -249,15 +247,13 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, } /* Process full blocks */ - while( size >= CHACHA20_BLOCK_SIZE_BYTES ) - { + while (size >= CHACHA20_BLOCK_SIZE_BYTES) { /* Generate new keystream block and increment counter */ - chacha20_block( ctx->state, ctx->keystream8 ); + chacha20_block(ctx->state, ctx->keystream8); ctx->state[CHACHA20_CTR_INDEX]++; - for( i = 0U; i < 64U; i += 8U ) - { - output[offset + i ] = input[offset + i ] ^ ctx->keystream8[i ]; + for (i = 0U; i < 64U; i += 8U) { + output[offset + i] = input[offset + i] ^ ctx->keystream8[i]; output[offset + i+1] = input[offset + i+1] ^ ctx->keystream8[i+1]; output[offset + i+2] = input[offset + i+2] ^ ctx->keystream8[i+2]; output[offset + i+3] = input[offset + i+3] ^ ctx->keystream8[i+3]; @@ -272,14 +268,12 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, } /* Last (partial) block */ - if( size > 0U ) - { + if (size > 0U) { /* Generate new keystream block and increment counter */ - chacha20_block( ctx->state, ctx->keystream8 ); + chacha20_block(ctx->state, ctx->keystream8); ctx->state[CHACHA20_CTR_INDEX]++; - for( i = 0U; i < size; i++) - { + for (i = 0U; i < size; i++) { output[offset + i] = input[offset + i] ^ ctx->keystream8[i]; } @@ -287,39 +281,41 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, } - return( 0 ); + return 0; } -int mbedtls_chacha20_crypt( const unsigned char key[32], - const unsigned char nonce[12], - uint32_t counter, - size_t data_len, - const unsigned char* input, - unsigned char* output ) +int mbedtls_chacha20_crypt(const unsigned char key[32], + const unsigned char nonce[12], + uint32_t counter, + size_t data_len, + const unsigned char *input, + unsigned char *output) { mbedtls_chacha20_context ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - CHACHA20_VALIDATE_RET( key != NULL ); - CHACHA20_VALIDATE_RET( nonce != NULL ); - CHACHA20_VALIDATE_RET( data_len == 0 || input != NULL ); - CHACHA20_VALIDATE_RET( data_len == 0 || output != NULL ); + CHACHA20_VALIDATE_RET(key != NULL); + CHACHA20_VALIDATE_RET(nonce != NULL); + CHACHA20_VALIDATE_RET(data_len == 0 || input != NULL); + CHACHA20_VALIDATE_RET(data_len == 0 || output != NULL); - mbedtls_chacha20_init( &ctx ); + mbedtls_chacha20_init(&ctx); - ret = mbedtls_chacha20_setkey( &ctx, key ); - if( ret != 0 ) + ret = mbedtls_chacha20_setkey(&ctx, key); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_chacha20_starts( &ctx, nonce, counter ); - if( ret != 0 ) + ret = mbedtls_chacha20_starts(&ctx, nonce, counter); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_chacha20_update( &ctx, data_len, input, output ); + ret = mbedtls_chacha20_update(&ctx, data_len, input, output); cleanup: - mbedtls_chacha20_free( &ctx ); - return( ret ); + mbedtls_chacha20_free(&ctx); + return ret; } #endif /* !MBEDTLS_CHACHA20_ALT */ @@ -495,50 +491,52 @@ static const size_t test_lengths[2] = /* Make sure no other definition is already present. */ #undef ASSERT -#define ASSERT( cond, args ) \ +#define ASSERT(cond, args) \ do \ { \ - if( ! ( cond ) ) \ + if (!(cond)) \ { \ - if( verbose != 0 ) \ - mbedtls_printf args; \ + if (verbose != 0) \ + mbedtls_printf args; \ \ - return( -1 ); \ + return -1; \ } \ } \ - while( 0 ) + while (0) -int mbedtls_chacha20_self_test( int verbose ) +int mbedtls_chacha20_self_test(int verbose) { unsigned char output[381]; unsigned i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - for( i = 0U; i < 2U; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " ChaCha20 test %u ", i ); + for (i = 0U; i < 2U; i++) { + if (verbose != 0) { + mbedtls_printf(" ChaCha20 test %u ", i); + } - ret = mbedtls_chacha20_crypt( test_keys[i], - test_nonces[i], - test_counters[i], - test_lengths[i], - test_input[i], - output ); + ret = mbedtls_chacha20_crypt(test_keys[i], + test_nonces[i], + test_counters[i], + test_lengths[i], + test_input[i], + output); - ASSERT( 0 == ret, ( "error code: %i\n", ret ) ); + ASSERT(0 == ret, ("error code: %i\n", ret)); - ASSERT( 0 == memcmp( output, test_output[i], test_lengths[i] ), - ( "failed (output)\n" ) ); + ASSERT(0 == memcmp(output, test_output[i], test_lengths[i]), + ("failed (output)\n")); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/chachapoly.c b/library/chachapoly.c index 4adf846857e8..ceb429287b72 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -33,34 +33,35 @@ #if !defined(MBEDTLS_CHACHAPOLY_ALT) /* Parameter validation macros */ -#define CHACHAPOLY_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ) -#define CHACHAPOLY_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define CHACHAPOLY_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA) +#define CHACHAPOLY_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) -#define CHACHAPOLY_STATE_INIT ( 0 ) -#define CHACHAPOLY_STATE_AAD ( 1 ) -#define CHACHAPOLY_STATE_CIPHERTEXT ( 2 ) /* Encrypting or decrypting */ -#define CHACHAPOLY_STATE_FINISHED ( 3 ) +#define CHACHAPOLY_STATE_INIT (0) +#define CHACHAPOLY_STATE_AAD (1) +#define CHACHAPOLY_STATE_CIPHERTEXT (2) /* Encrypting or decrypting */ +#define CHACHAPOLY_STATE_FINISHED (3) /** * \brief Adds nul bytes to pad the AAD for Poly1305. * * \param ctx The ChaCha20-Poly1305 context. */ -static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx ) +static int chachapoly_pad_aad(mbedtls_chachapoly_context *ctx) { - uint32_t partial_block_len = (uint32_t) ( ctx->aad_len % 16U ); + uint32_t partial_block_len = (uint32_t) (ctx->aad_len % 16U); unsigned char zeroes[15]; - if( partial_block_len == 0U ) - return( 0 ); + if (partial_block_len == 0U) { + return 0; + } - memset( zeroes, 0, sizeof( zeroes ) ); + memset(zeroes, 0, sizeof(zeroes)); - return( mbedtls_poly1305_update( &ctx->poly1305_ctx, - zeroes, - 16U - partial_block_len ) ); + return mbedtls_poly1305_update(&ctx->poly1305_ctx, + zeroes, + 16U - partial_block_len); } /** @@ -68,86 +69,89 @@ static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx ) * * \param ctx The ChaCha20-Poly1305 context. */ -static int chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx ) +static int chachapoly_pad_ciphertext(mbedtls_chachapoly_context *ctx) { - uint32_t partial_block_len = (uint32_t) ( ctx->ciphertext_len % 16U ); + uint32_t partial_block_len = (uint32_t) (ctx->ciphertext_len % 16U); unsigned char zeroes[15]; - if( partial_block_len == 0U ) - return( 0 ); + if (partial_block_len == 0U) { + return 0; + } - memset( zeroes, 0, sizeof( zeroes ) ); - return( mbedtls_poly1305_update( &ctx->poly1305_ctx, - zeroes, - 16U - partial_block_len ) ); + memset(zeroes, 0, sizeof(zeroes)); + return mbedtls_poly1305_update(&ctx->poly1305_ctx, + zeroes, + 16U - partial_block_len); } -void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ) +void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx) { - CHACHAPOLY_VALIDATE( ctx != NULL ); + CHACHAPOLY_VALIDATE(ctx != NULL); - mbedtls_chacha20_init( &ctx->chacha20_ctx ); - mbedtls_poly1305_init( &ctx->poly1305_ctx ); + mbedtls_chacha20_init(&ctx->chacha20_ctx); + mbedtls_poly1305_init(&ctx->poly1305_ctx); ctx->aad_len = 0U; ctx->ciphertext_len = 0U; ctx->state = CHACHAPOLY_STATE_INIT; ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; } -void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ) +void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_chacha20_free( &ctx->chacha20_ctx ); - mbedtls_poly1305_free( &ctx->poly1305_ctx ); + mbedtls_chacha20_free(&ctx->chacha20_ctx); + mbedtls_poly1305_free(&ctx->poly1305_ctx); ctx->aad_len = 0U; ctx->ciphertext_len = 0U; ctx->state = CHACHAPOLY_STATE_INIT; ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; } -int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, - const unsigned char key[32] ) +int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx, + const unsigned char key[32]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( key != NULL ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(key != NULL); - ret = mbedtls_chacha20_setkey( &ctx->chacha20_ctx, key ); + ret = mbedtls_chacha20_setkey(&ctx->chacha20_ctx, key); - return( ret ); + return ret; } -int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, - const unsigned char nonce[12], - mbedtls_chachapoly_mode_t mode ) +int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx, + const unsigned char nonce[12], + mbedtls_chachapoly_mode_t mode) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char poly1305_key[64]; - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( nonce != NULL ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(nonce != NULL); /* Set counter = 0, will be update to 1 when generating Poly1305 key */ - ret = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 0U ); - if( ret != 0 ) + ret = mbedtls_chacha20_starts(&ctx->chacha20_ctx, nonce, 0U); + if (ret != 0) { goto cleanup; + } /* Generate the Poly1305 key by getting the ChaCha20 keystream output with * counter = 0. This is the same as encrypting a buffer of zeroes. * Only the first 256-bits (32 bytes) of the key is used for Poly1305. * The other 256 bits are discarded. */ - memset( poly1305_key, 0, sizeof( poly1305_key ) ); - ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, sizeof( poly1305_key ), - poly1305_key, poly1305_key ); - if( ret != 0 ) + memset(poly1305_key, 0, sizeof(poly1305_key)); + ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, sizeof(poly1305_key), + poly1305_key, poly1305_key); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_poly1305_starts( &ctx->poly1305_ctx, poly1305_key ); + ret = mbedtls_poly1305_starts(&ctx->poly1305_ctx, poly1305_key); - if( ret == 0 ) - { + if (ret == 0) { ctx->aad_len = 0U; ctx->ciphertext_len = 0U; ctx->state = CHACHAPOLY_STATE_AAD; @@ -155,100 +159,99 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, } cleanup: - mbedtls_platform_zeroize( poly1305_key, 64U ); - return( ret ); + mbedtls_platform_zeroize(poly1305_key, 64U); + return ret; } -int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, - const unsigned char *aad, - size_t aad_len ) +int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx, + const unsigned char *aad, + size_t aad_len) { - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(aad_len == 0 || aad != NULL); - if( ctx->state != CHACHAPOLY_STATE_AAD ) - return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + if (ctx->state != CHACHAPOLY_STATE_AAD) { + return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE; + } ctx->aad_len += aad_len; - return( mbedtls_poly1305_update( &ctx->poly1305_ctx, aad, aad_len ) ); + return mbedtls_poly1305_update(&ctx->poly1305_ctx, aad, aad_len); } -int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, - size_t len, - const unsigned char *input, - unsigned char *output ) +int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx, + size_t len, + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( len == 0 || input != NULL ); - CHACHAPOLY_VALIDATE_RET( len == 0 || output != NULL ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(len == 0 || input != NULL); + CHACHAPOLY_VALIDATE_RET(len == 0 || output != NULL); - if( ( ctx->state != CHACHAPOLY_STATE_AAD ) && - ( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) ) - { - return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + if ((ctx->state != CHACHAPOLY_STATE_AAD) && + (ctx->state != CHACHAPOLY_STATE_CIPHERTEXT)) { + return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE; } - if( ctx->state == CHACHAPOLY_STATE_AAD ) - { + if (ctx->state == CHACHAPOLY_STATE_AAD) { ctx->state = CHACHAPOLY_STATE_CIPHERTEXT; - ret = chachapoly_pad_aad( ctx ); - if( ret != 0 ) - return( ret ); + ret = chachapoly_pad_aad(ctx); + if (ret != 0) { + return ret; + } } ctx->ciphertext_len += len; - if( ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT ) - { - ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output ); - if( ret != 0 ) - return( ret ); - - ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, output, len ); - if( ret != 0 ) - return( ret ); - } - else /* DECRYPT */ - { - ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, input, len ); - if( ret != 0 ) - return( ret ); - - ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output ); - if( ret != 0 ) - return( ret ); + if (ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT) { + ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, len, input, output); + if (ret != 0) { + return ret; + } + + ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, output, len); + if (ret != 0) { + return ret; + } + } else { /* DECRYPT */ + ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, input, len); + if (ret != 0) { + return ret; + } + + ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, len, input, output); + if (ret != 0) { + return ret; + } } - return( 0 ); + return 0; } -int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, - unsigned char mac[16] ) +int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx, + unsigned char mac[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char len_block[16]; - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( mac != NULL ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(mac != NULL); - if( ctx->state == CHACHAPOLY_STATE_INIT ) - { - return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + if (ctx->state == CHACHAPOLY_STATE_INIT) { + return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE; } - if( ctx->state == CHACHAPOLY_STATE_AAD ) - { - ret = chachapoly_pad_aad( ctx ); - if( ret != 0 ) - return( ret ); - } - else if( ctx->state == CHACHAPOLY_STATE_CIPHERTEXT ) - { - ret = chachapoly_pad_ciphertext( ctx ); - if( ret != 0 ) - return( ret ); + if (ctx->state == CHACHAPOLY_STATE_AAD) { + ret = chachapoly_pad_aad(ctx); + if (ret != 0) { + return ret; + } + } else if (ctx->state == CHACHAPOLY_STATE_CIPHERTEXT) { + ret = chachapoly_pad_ciphertext(ctx); + if (ret != 0) { + return ret; + } } ctx->state = CHACHAPOLY_STATE_FINISHED; @@ -259,104 +262,107 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, MBEDTLS_PUT_UINT64_LE(ctx->aad_len, len_block, 0); MBEDTLS_PUT_UINT64_LE(ctx->ciphertext_len, len_block, 8); - ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, len_block, 16U); + if (ret != 0) { + return ret; + } - ret = mbedtls_poly1305_finish( &ctx->poly1305_ctx, mac ); + ret = mbedtls_poly1305_finish(&ctx->poly1305_ctx, mac); - return( ret ); + return ret; } -static int chachapoly_crypt_and_tag( mbedtls_chachapoly_context *ctx, - mbedtls_chachapoly_mode_t mode, - size_t length, - const unsigned char nonce[12], - const unsigned char *aad, - size_t aad_len, - const unsigned char *input, - unsigned char *output, - unsigned char tag[16] ) +static int chachapoly_crypt_and_tag(mbedtls_chachapoly_context *ctx, + mbedtls_chachapoly_mode_t mode, + size_t length, + const unsigned char nonce[12], + const unsigned char *aad, + size_t aad_len, + const unsigned char *input, + unsigned char *output, + unsigned char tag[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ret = mbedtls_chachapoly_starts( ctx, nonce, mode ); - if( ret != 0 ) + ret = mbedtls_chachapoly_starts(ctx, nonce, mode); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_chachapoly_update_aad( ctx, aad, aad_len ); - if( ret != 0 ) + ret = mbedtls_chachapoly_update_aad(ctx, aad, aad_len); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_chachapoly_update( ctx, length, input, output ); - if( ret != 0 ) + ret = mbedtls_chachapoly_update(ctx, length, input, output); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_chachapoly_finish( ctx, tag ); + ret = mbedtls_chachapoly_finish(ctx, tag); cleanup: - return( ret ); + return ret; } -int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, - size_t length, - const unsigned char nonce[12], - const unsigned char *aad, - size_t aad_len, - const unsigned char *input, - unsigned char *output, - unsigned char tag[16] ) +int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx, + size_t length, + const unsigned char nonce[12], + const unsigned char *aad, + size_t aad_len, + const unsigned char *input, + unsigned char *output, + unsigned char tag[16]) { - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( nonce != NULL ); - CHACHAPOLY_VALIDATE_RET( tag != NULL ); - CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL ); - CHACHAPOLY_VALIDATE_RET( length == 0 || input != NULL ); - CHACHAPOLY_VALIDATE_RET( length == 0 || output != NULL ); - - return( chachapoly_crypt_and_tag( ctx, MBEDTLS_CHACHAPOLY_ENCRYPT, - length, nonce, aad, aad_len, - input, output, tag ) ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(nonce != NULL); + CHACHAPOLY_VALIDATE_RET(tag != NULL); + CHACHAPOLY_VALIDATE_RET(aad_len == 0 || aad != NULL); + CHACHAPOLY_VALIDATE_RET(length == 0 || input != NULL); + CHACHAPOLY_VALIDATE_RET(length == 0 || output != NULL); + + return chachapoly_crypt_and_tag(ctx, MBEDTLS_CHACHAPOLY_ENCRYPT, + length, nonce, aad, aad_len, + input, output, tag); } -int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, - size_t length, - const unsigned char nonce[12], - const unsigned char *aad, - size_t aad_len, - const unsigned char tag[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx, + size_t length, + const unsigned char nonce[12], + const unsigned char *aad, + size_t aad_len, + const unsigned char tag[16], + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; size_t i; int diff; - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( nonce != NULL ); - CHACHAPOLY_VALIDATE_RET( tag != NULL ); - CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL ); - CHACHAPOLY_VALIDATE_RET( length == 0 || input != NULL ); - CHACHAPOLY_VALIDATE_RET( length == 0 || output != NULL ); - - if( ( ret = chachapoly_crypt_and_tag( ctx, - MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce, - aad, aad_len, input, output, check_tag ) ) != 0 ) - { - return( ret ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(nonce != NULL); + CHACHAPOLY_VALIDATE_RET(tag != NULL); + CHACHAPOLY_VALIDATE_RET(aad_len == 0 || aad != NULL); + CHACHAPOLY_VALIDATE_RET(length == 0 || input != NULL); + CHACHAPOLY_VALIDATE_RET(length == 0 || output != NULL); + + if ((ret = chachapoly_crypt_and_tag(ctx, + MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce, + aad, aad_len, input, output, check_tag)) != 0) { + return ret; } /* Check tag in "constant-time" */ - for( diff = 0, i = 0; i < sizeof( check_tag ); i++ ) + for (diff = 0, i = 0; i < sizeof(check_tag); i++) { diff |= tag[i] ^ check_tag[i]; + } - if( diff != 0 ) - { - mbedtls_platform_zeroize( output, length ); - return( MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED ); + if (diff != 0) { + mbedtls_platform_zeroize(output, length); + return MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED; } - return( 0 ); + return 0; } #endif /* MBEDTLS_CHACHAPOLY_ALT */ @@ -452,20 +458,20 @@ static const unsigned char test_mac[1][16] = /* Make sure no other definition is already present. */ #undef ASSERT -#define ASSERT( cond, args ) \ +#define ASSERT(cond, args) \ do \ { \ - if( ! ( cond ) ) \ + if (!(cond)) \ { \ - if( verbose != 0 ) \ - mbedtls_printf args; \ + if (verbose != 0) \ + mbedtls_printf args; \ \ - return( -1 ); \ + return -1; \ } \ } \ - while( 0 ) + while (0) -int mbedtls_chachapoly_self_test( int verbose ) +int mbedtls_chachapoly_self_test(int verbose) { mbedtls_chachapoly_context ctx; unsigned i; @@ -473,43 +479,45 @@ int mbedtls_chachapoly_self_test( int verbose ) unsigned char output[200]; unsigned char mac[16]; - for( i = 0U; i < 1U; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " ChaCha20-Poly1305 test %u ", i ); + for (i = 0U; i < 1U; i++) { + if (verbose != 0) { + mbedtls_printf(" ChaCha20-Poly1305 test %u ", i); + } - mbedtls_chachapoly_init( &ctx ); + mbedtls_chachapoly_init(&ctx); - ret = mbedtls_chachapoly_setkey( &ctx, test_key[i] ); - ASSERT( 0 == ret, ( "setkey() error code: %i\n", ret ) ); + ret = mbedtls_chachapoly_setkey(&ctx, test_key[i]); + ASSERT(0 == ret, ("setkey() error code: %i\n", ret)); - ret = mbedtls_chachapoly_encrypt_and_tag( &ctx, - test_input_len[i], - test_nonce[i], - test_aad[i], - test_aad_len[i], - test_input[i], - output, - mac ); + ret = mbedtls_chachapoly_encrypt_and_tag(&ctx, + test_input_len[i], + test_nonce[i], + test_aad[i], + test_aad_len[i], + test_input[i], + output, + mac); - ASSERT( 0 == ret, ( "crypt_and_tag() error code: %i\n", ret ) ); + ASSERT(0 == ret, ("crypt_and_tag() error code: %i\n", ret)); - ASSERT( 0 == memcmp( output, test_output[i], test_input_len[i] ), - ( "failure (wrong output)\n" ) ); + ASSERT(0 == memcmp(output, test_output[i], test_input_len[i]), + ("failure (wrong output)\n")); - ASSERT( 0 == memcmp( mac, test_mac[i], 16U ), - ( "failure (wrong MAC)\n" ) ); + ASSERT(0 == memcmp(mac, test_mac[i], 16U), + ("failure (wrong MAC)\n")); - mbedtls_chachapoly_free( &ctx ); + mbedtls_chachapoly_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/check_crypto_config.h b/library/check_crypto_config.h index d7ad16a6170f..b72de80d0a98 100644 --- a/library/check_crypto_config.h +++ b/library/check_crypto_config.h @@ -29,57 +29,57 @@ #define MBEDTLS_CHECK_CRYPTO_CONFIG_H #if defined(PSA_WANT_ALG_CCM) && \ - !( defined(PSA_WANT_KEY_TYPE_AES) || \ - defined(PSA_WANT_KEY_TYPE_CAMELLIA) ) + !(defined(PSA_WANT_KEY_TYPE_AES) || \ + defined(PSA_WANT_KEY_TYPE_CAMELLIA)) #error "PSA_WANT_ALG_CCM defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_CMAC) && \ - !( defined(PSA_WANT_KEY_TYPE_AES) || \ - defined(PSA_WANT_KEY_TYPE_CAMELLIA) || \ - defined(PSA_WANT_KEY_TYPE_DES) ) + !(defined(PSA_WANT_KEY_TYPE_AES) || \ + defined(PSA_WANT_KEY_TYPE_CAMELLIA) || \ + defined(PSA_WANT_KEY_TYPE_DES)) #error "PSA_WANT_ALG_CMAC defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \ - !( defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) ) + !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)) #error "PSA_WANT_ALG_DETERMINISTIC_ECDSA defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_ECDSA) && \ - !( defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) ) + !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)) #error "PSA_WANT_ALG_ECDSA defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_GCM) && \ - !( defined(PSA_WANT_KEY_TYPE_AES) || \ - defined(PSA_WANT_KEY_TYPE_CAMELLIA) ) + !(defined(PSA_WANT_KEY_TYPE_AES) || \ + defined(PSA_WANT_KEY_TYPE_CAMELLIA)) #error "PSA_WANT_ALG_GCM defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) && \ - !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) ) + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_PKCS1V15_CRYPT defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) && \ - !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) ) + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_PKCS1V15_SIGN defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_OAEP) && \ - !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) ) + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_OAEP defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_PSS) && \ - !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) ) + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites" #endif diff --git a/library/cipher.c b/library/cipher.c index 67e327458754..36f87c300506 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -65,137 +65,144 @@ #include "mbedtls/platform.h" -#define CIPHER_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ) -#define CIPHER_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define CIPHER_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA) +#define CIPHER_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) static int supported_init = 0; -const int *mbedtls_cipher_list( void ) +const int *mbedtls_cipher_list(void) { const mbedtls_cipher_definition_t *def; int *type; - if( ! supported_init ) - { + if (!supported_init) { def = mbedtls_cipher_definitions; type = mbedtls_cipher_supported; - while( def->type != 0 ) + while (def->type != 0) { *type++ = (*def++).type; + } *type = 0; supported_init = 1; } - return( mbedtls_cipher_supported ); + return mbedtls_cipher_supported; } const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( - const mbedtls_cipher_type_t cipher_type ) + const mbedtls_cipher_type_t cipher_type) { const mbedtls_cipher_definition_t *def; - for( def = mbedtls_cipher_definitions; def->info != NULL; def++ ) - if( def->type == cipher_type ) - return( def->info ); + for (def = mbedtls_cipher_definitions; def->info != NULL; def++) { + if (def->type == cipher_type) { + return def->info; + } + } - return( NULL ); + return NULL; } const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( - const char *cipher_name ) + const char *cipher_name) { const mbedtls_cipher_definition_t *def; - if( NULL == cipher_name ) - return( NULL ); + if (NULL == cipher_name) { + return NULL; + } - for( def = mbedtls_cipher_definitions; def->info != NULL; def++ ) - if( ! strcmp( def->info->name, cipher_name ) ) - return( def->info ); + for (def = mbedtls_cipher_definitions; def->info != NULL; def++) { + if (!strcmp(def->info->name, cipher_name)) { + return def->info; + } + } - return( NULL ); + return NULL; } const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id, int key_bitlen, - const mbedtls_cipher_mode_t mode ) + const mbedtls_cipher_mode_t mode) { const mbedtls_cipher_definition_t *def; - for( def = mbedtls_cipher_definitions; def->info != NULL; def++ ) - if( def->info->base->cipher == cipher_id && + for (def = mbedtls_cipher_definitions; def->info != NULL; def++) { + if (def->info->base->cipher == cipher_id && def->info->key_bitlen == (unsigned) key_bitlen && - def->info->mode == mode ) - return( def->info ); + def->info->mode == mode) { + return def->info; + } + } - return( NULL ); + return NULL; } -void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ) +void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx) { - CIPHER_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); + CIPHER_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_cipher_context_t)); } -void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ) +void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { - if( ctx->cipher_ctx != NULL ) - { + if (ctx->psa_enabled == 1) { + if (ctx->cipher_ctx != NULL) { mbedtls_cipher_context_psa * const cipher_psa = (mbedtls_cipher_context_psa *) ctx->cipher_ctx; - if( cipher_psa->slot_state == MBEDTLS_CIPHER_PSA_KEY_OWNED ) - { + if (cipher_psa->slot_state == MBEDTLS_CIPHER_PSA_KEY_OWNED) { /* xxx_free() doesn't allow to return failures. */ - (void) psa_destroy_key( cipher_psa->slot ); + (void) psa_destroy_key(cipher_psa->slot); } - mbedtls_platform_zeroize( cipher_psa, sizeof( *cipher_psa ) ); - mbedtls_free( cipher_psa ); + mbedtls_platform_zeroize(cipher_psa, sizeof(*cipher_psa)); + mbedtls_free(cipher_psa); } - mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_cipher_context_t)); return; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_CMAC_C) - if( ctx->cmac_ctx ) - { - mbedtls_platform_zeroize( ctx->cmac_ctx, - sizeof( mbedtls_cmac_context_t ) ); - mbedtls_free( ctx->cmac_ctx ); + if (ctx->cmac_ctx) { + mbedtls_platform_zeroize(ctx->cmac_ctx, + sizeof(mbedtls_cmac_context_t)); + mbedtls_free(ctx->cmac_ctx); } #endif - if( ctx->cipher_ctx ) - ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx ); + if (ctx->cipher_ctx) { + ctx->cipher_info->base->ctx_free_func(ctx->cipher_ctx); + } - mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_cipher_context_t)); } -int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, - const mbedtls_cipher_info_t *cipher_info ) +int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info) { - CIPHER_VALIDATE_RET( ctx != NULL ); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + if (cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); + memset(ctx, 0, sizeof(mbedtls_cipher_context_t)); - if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) ) - return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); + if (NULL == (ctx->cipher_ctx = cipher_info->base->ctx_alloc_func())) { + return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; + } ctx->cipher_info = cipher_info; @@ -204,106 +211,112 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, * Ignore possible errors caused by a cipher mode that doesn't use padding */ #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) - (void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_PKCS7 ); + (void) mbedtls_cipher_set_padding_mode(ctx, MBEDTLS_PADDING_PKCS7); #else - (void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_NONE ); + (void) mbedtls_cipher_set_padding_mode(ctx, MBEDTLS_PADDING_NONE); #endif #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ - return( 0 ); + return 0; } #if defined(MBEDTLS_USE_PSA_CRYPTO) -int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, - const mbedtls_cipher_info_t *cipher_info, - size_t taglen ) +int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info, + size_t taglen) { psa_algorithm_t alg; mbedtls_cipher_context_psa *cipher_psa; - if( NULL == cipher_info || NULL == ctx ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == cipher_info || NULL == ctx) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } /* Check that the underlying cipher mode and cipher type are * supported by the underlying PSA Crypto implementation. */ - alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode, taglen ); - if( alg == 0 ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - if( mbedtls_psa_translate_cipher_type( cipher_info->type ) == 0 ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + alg = mbedtls_psa_translate_cipher_mode(cipher_info->mode, taglen); + if (alg == 0) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } + if (mbedtls_psa_translate_cipher_type(cipher_info->type) == 0) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } - memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); + memset(ctx, 0, sizeof(mbedtls_cipher_context_t)); - cipher_psa = mbedtls_calloc( 1, sizeof(mbedtls_cipher_context_psa ) ); - if( cipher_psa == NULL ) - return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); + cipher_psa = mbedtls_calloc(1, sizeof(mbedtls_cipher_context_psa)); + if (cipher_psa == NULL) { + return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; + } cipher_psa->alg = alg; ctx->cipher_ctx = cipher_psa; ctx->cipher_info = cipher_info; ctx->psa_enabled = 1; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ -int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, - const unsigned char *key, - int key_bitlen, - const mbedtls_operation_t operation ) +int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, + const unsigned char *key, + int key_bitlen, + const mbedtls_operation_t operation) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( key != NULL ); - CIPHER_VALIDATE_RET( operation == MBEDTLS_ENCRYPT || - operation == MBEDTLS_DECRYPT ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(key != NULL); + CIPHER_VALIDATE_RET(operation == MBEDTLS_ENCRYPT || + operation == MBEDTLS_DECRYPT); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { mbedtls_cipher_context_psa * const cipher_psa = (mbedtls_cipher_context_psa *) ctx->cipher_ctx; - size_t const key_bytelen = ( (size_t) key_bitlen + 7 ) / 8; + size_t const key_bytelen = ((size_t) key_bitlen + 7) / 8; psa_status_t status; psa_key_type_t key_type; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; /* PSA Crypto API only accepts byte-aligned keys. */ - if( key_bitlen % 8 != 0 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (key_bitlen % 8 != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } /* Don't allow keys to be set multiple times. */ - if( cipher_psa->slot_state != MBEDTLS_CIPHER_PSA_KEY_UNSET ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (cipher_psa->slot_state != MBEDTLS_CIPHER_PSA_KEY_UNSET) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } key_type = mbedtls_psa_translate_cipher_type( - ctx->cipher_info->type ); - if( key_type == 0 ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - psa_set_key_type( &attributes, key_type ); + ctx->cipher_info->type); + if (key_type == 0) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } + psa_set_key_type(&attributes, key_type); /* Mbed TLS' cipher layer doesn't enforce the mode of operation * (encrypt vs. decrypt): it is possible to setup a key for encryption * and use it for AEAD decryption. Until tests relying on this * are changed, allow any usage in PSA. */ - psa_set_key_usage_flags( &attributes, - /* mbedtls_psa_translate_cipher_operation( operation ); */ - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, cipher_psa->alg ); - - status = psa_import_key( &attributes, key, key_bytelen, - &cipher_psa->slot ); - switch( status ) - { + psa_set_key_usage_flags(&attributes, + /* mbedtls_psa_translate_cipher_operation( operation ); */ + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, cipher_psa->alg); + + status = psa_import_key(&attributes, key, key_bytelen, + &cipher_psa->slot); + switch (status) { case PSA_SUCCESS: break; case PSA_ERROR_INSUFFICIENT_MEMORY: - return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); + return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; case PSA_ERROR_NOT_SUPPORTED: - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; default: - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; } /* Indicate that we own the key slot and need to * destroy it in mbedtls_cipher_free(). */ @@ -311,14 +324,13 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, ctx->key_bitlen = key_bitlen; ctx->operation = operation; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 && - (int) ctx->cipher_info->key_bitlen != key_bitlen ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN) == 0 && + (int) ctx->cipher_info->key_bitlen != key_bitlen) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } ctx->key_bitlen = key_bitlen; @@ -327,268 +339,258 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, /* * For OFB, CFB and CTR mode always use the encryption key schedule */ - if( MBEDTLS_ENCRYPT == operation || + if (MBEDTLS_ENCRYPT == operation || MBEDTLS_MODE_CFB == ctx->cipher_info->mode || MBEDTLS_MODE_OFB == ctx->cipher_info->mode || - MBEDTLS_MODE_CTR == ctx->cipher_info->mode ) - { - return( ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key, - ctx->key_bitlen ) ); + MBEDTLS_MODE_CTR == ctx->cipher_info->mode) { + return ctx->cipher_info->base->setkey_enc_func(ctx->cipher_ctx, key, + ctx->key_bitlen); } - if( MBEDTLS_DECRYPT == operation ) - return( ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key, - ctx->key_bitlen ) ); + if (MBEDTLS_DECRYPT == operation) { + return ctx->cipher_info->base->setkey_dec_func(ctx->cipher_ctx, key, + ctx->key_bitlen); + } - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } -int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, - size_t iv_len ) +int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, + size_t iv_len) { size_t actual_iv_size; - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* avoid buffer overflow in ctx->iv */ - if( iv_len > MBEDTLS_MAX_IV_LENGTH ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + if (iv_len > MBEDTLS_MAX_IV_LENGTH) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } - if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN ) != 0 ) + if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN) != 0) { actual_iv_size = iv_len; - else - { + } else { actual_iv_size = ctx->cipher_info->iv_size; /* avoid reading past the end of input buffer */ - if( actual_iv_size > iv_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (actual_iv_size > iv_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } } #if defined(MBEDTLS_CHACHA20_C) - if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20 ) - { + if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20) { /* Even though the actual_iv_size is overwritten with a correct value * of 12 from the cipher info, return an error to indicate that * the input iv_len is wrong. */ - if( iv_len != 12 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - if ( 0 != mbedtls_chacha20_starts( (mbedtls_chacha20_context*)ctx->cipher_ctx, - iv, - 0U ) ) /* Initial counter value */ - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (iv_len != 12) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } + + if (0 != mbedtls_chacha20_starts((mbedtls_chacha20_context *) ctx->cipher_ctx, + iv, + 0U)) { /* Initial counter value */ + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } } #if defined(MBEDTLS_CHACHAPOLY_C) - if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 && - iv_len != 12 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 && + iv_len != 12) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #endif #endif - if ( actual_iv_size != 0 ) - { - memcpy( ctx->iv, iv, actual_iv_size ); + if (actual_iv_size != 0) { + memcpy(ctx->iv, iv, actual_iv_size); ctx->iv_size = actual_iv_size; } - return( 0 ); + return 0; } -int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ) +int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx) { - CIPHER_VALIDATE_RET( ctx != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* We don't support resetting PSA-based * cipher contexts, yet. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ ctx->unprocessed_len = 0; - return( 0 ); + return 0; } #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) -int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, - const unsigned char *ad, size_t ad_len ) +int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, + const unsigned char *ad, size_t ad_len) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_GCM_C) - if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) - { - return( mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation, - ctx->iv, ctx->iv_size, ad, ad_len ) ); + if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + return mbedtls_gcm_starts((mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation, + ctx->iv, ctx->iv_size, ad, ad_len); } #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) - { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { int result; mbedtls_chachapoly_mode_t mode; - mode = ( ctx->operation == MBEDTLS_ENCRYPT ) + mode = (ctx->operation == MBEDTLS_ENCRYPT) ? MBEDTLS_CHACHAPOLY_ENCRYPT : MBEDTLS_CHACHAPOLY_DECRYPT; - result = mbedtls_chachapoly_starts( (mbedtls_chachapoly_context*) ctx->cipher_ctx, - ctx->iv, - mode ); - if ( result != 0 ) - return( result ); + result = mbedtls_chachapoly_starts((mbedtls_chachapoly_context *) ctx->cipher_ctx, + ctx->iv, + mode); + if (result != 0) { + return result; + } - return( mbedtls_chachapoly_update_aad( (mbedtls_chachapoly_context*) ctx->cipher_ctx, - ad, ad_len ) ); + return mbedtls_chachapoly_update_aad((mbedtls_chachapoly_context *) ctx->cipher_ctx, + ad, ad_len); } #endif - return( 0 ); + return 0; } #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ -int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input, - size_t ilen, unsigned char *output, size_t *olen ) +int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *input, + size_t ilen, unsigned char *output, size_t *olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t block_size; - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || input != NULL); + CIPHER_VALIDATE_RET(output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ *olen = 0; - block_size = mbedtls_cipher_get_block_size( ctx ); - if ( 0 == block_size ) - { - return( MBEDTLS_ERR_CIPHER_INVALID_CONTEXT ); + block_size = mbedtls_cipher_get_block_size(ctx); + if (0 == block_size) { + return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT; } - if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB ) - { - if( ilen != block_size ) - return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + if (ctx->cipher_info->mode == MBEDTLS_MODE_ECB) { + if (ilen != block_size) { + return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; + } *olen = ilen; - if( 0 != ( ret = ctx->cipher_info->base->ecb_func( ctx->cipher_ctx, - ctx->operation, input, output ) ) ) - { - return( ret ); + if (0 != (ret = ctx->cipher_info->base->ecb_func(ctx->cipher_ctx, + ctx->operation, input, output))) { + return ret; } - return( 0 ); + return 0; } #if defined(MBEDTLS_GCM_C) - if( ctx->cipher_info->mode == MBEDTLS_MODE_GCM ) - { + if (ctx->cipher_info->mode == MBEDTLS_MODE_GCM) { *olen = ilen; - return( mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input, - output ) ); + return mbedtls_gcm_update((mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input, + output); } #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 ) - { + if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) { *olen = ilen; - return( mbedtls_chachapoly_update( (mbedtls_chachapoly_context*) ctx->cipher_ctx, - ilen, input, output ) ); + return mbedtls_chachapoly_update((mbedtls_chachapoly_context *) ctx->cipher_ctx, + ilen, input, output); } #endif - if( input == output && - ( ctx->unprocessed_len != 0 || ilen % block_size ) ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (input == output && + (ctx->unprocessed_len != 0 || ilen % block_size)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } #if defined(MBEDTLS_CIPHER_MODE_CBC) - if( ctx->cipher_info->mode == MBEDTLS_MODE_CBC ) - { + if (ctx->cipher_info->mode == MBEDTLS_MODE_CBC) { size_t copy_len = 0; /* * If there is not enough data for a full block, cache it. */ - if( ( ctx->operation == MBEDTLS_DECRYPT && NULL != ctx->add_padding && - ilen <= block_size - ctx->unprocessed_len ) || - ( ctx->operation == MBEDTLS_DECRYPT && NULL == ctx->add_padding && - ilen < block_size - ctx->unprocessed_len ) || - ( ctx->operation == MBEDTLS_ENCRYPT && - ilen < block_size - ctx->unprocessed_len ) ) - { - memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input, - ilen ); + if ((ctx->operation == MBEDTLS_DECRYPT && NULL != ctx->add_padding && + ilen <= block_size - ctx->unprocessed_len) || + (ctx->operation == MBEDTLS_DECRYPT && NULL == ctx->add_padding && + ilen < block_size - ctx->unprocessed_len) || + (ctx->operation == MBEDTLS_ENCRYPT && + ilen < block_size - ctx->unprocessed_len)) { + memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), input, + ilen); ctx->unprocessed_len += ilen; - return( 0 ); + return 0; } /* * Process cached data first */ - if( 0 != ctx->unprocessed_len ) - { + if (0 != ctx->unprocessed_len) { copy_len = block_size - ctx->unprocessed_len; - memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input, - copy_len ); + memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), input, + copy_len); - if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, - ctx->operation, block_size, ctx->iv, - ctx->unprocessed_data, output ) ) ) - { - return( ret ); + if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx, + ctx->operation, block_size, ctx->iv, + ctx->unprocessed_data, output))) { + return ret; } *olen += block_size; @@ -602,22 +604,20 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i /* * Cache final, incomplete block */ - if( 0 != ilen ) - { + if (0 != ilen) { /* Encryption: only cache partial blocks * Decryption w/ padding: always keep at least one whole block * Decryption w/o padding: only cache partial blocks */ copy_len = ilen % block_size; - if( copy_len == 0 && + if (copy_len == 0 && ctx->operation == MBEDTLS_DECRYPT && - NULL != ctx->add_padding) - { + NULL != ctx->add_padding) { copy_len = block_size; } - memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ), - copy_len ); + memcpy(ctx->unprocessed_data, &(input[ilen - copy_len]), + copy_len); ctx->unprocessed_len += copy_len; ilen -= copy_len; @@ -626,105 +626,96 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i /* * Process remaining full blocks */ - if( ilen ) - { - if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, - ctx->operation, ilen, ctx->iv, input, output ) ) ) - { - return( ret ); + if (ilen) { + if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx, + ctx->operation, ilen, ctx->iv, input, + output))) { + return ret; } *olen += ilen; } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - if( ctx->cipher_info->mode == MBEDTLS_MODE_CFB ) - { - if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx, - ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv, - input, output ) ) ) - { - return( ret ); + if (ctx->cipher_info->mode == MBEDTLS_MODE_CFB) { + if (0 != (ret = ctx->cipher_info->base->cfb_func(ctx->cipher_ctx, + ctx->operation, ilen, + &ctx->unprocessed_len, ctx->iv, + input, output))) { + return ret; } *olen = ilen; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) - if( ctx->cipher_info->mode == MBEDTLS_MODE_OFB ) - { - if( 0 != ( ret = ctx->cipher_info->base->ofb_func( ctx->cipher_ctx, - ilen, &ctx->unprocessed_len, ctx->iv, input, output ) ) ) - { - return( ret ); + if (ctx->cipher_info->mode == MBEDTLS_MODE_OFB) { + if (0 != (ret = ctx->cipher_info->base->ofb_func(ctx->cipher_ctx, + ilen, &ctx->unprocessed_len, ctx->iv, + input, output))) { + return ret; } *olen = ilen; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - if( ctx->cipher_info->mode == MBEDTLS_MODE_CTR ) - { - if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx, - ilen, &ctx->unprocessed_len, ctx->iv, - ctx->unprocessed_data, input, output ) ) ) - { - return( ret ); + if (ctx->cipher_info->mode == MBEDTLS_MODE_CTR) { + if (0 != (ret = ctx->cipher_info->base->ctr_func(ctx->cipher_ctx, + ilen, &ctx->unprocessed_len, ctx->iv, + ctx->unprocessed_data, input, output))) { + return ret; } *olen = ilen; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) - if( ctx->cipher_info->mode == MBEDTLS_MODE_XTS ) - { - if( ctx->unprocessed_len > 0 ) { + if (ctx->cipher_info->mode == MBEDTLS_MODE_XTS) { + if (ctx->unprocessed_len > 0) { /* We can only process an entire data unit at a time. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } - ret = ctx->cipher_info->base->xts_func( ctx->cipher_ctx, - ctx->operation, ilen, ctx->iv, input, output ); - if( ret != 0 ) - { - return( ret ); + ret = ctx->cipher_info->base->xts_func(ctx->cipher_ctx, + ctx->operation, ilen, ctx->iv, input, output); + if (ret != 0) { + return ret; } *olen = ilen; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_XTS */ #if defined(MBEDTLS_CIPHER_MODE_STREAM) - if( ctx->cipher_info->mode == MBEDTLS_MODE_STREAM ) - { - if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx, - ilen, input, output ) ) ) - { - return( ret ); + if (ctx->cipher_info->mode == MBEDTLS_MODE_STREAM) { + if (0 != (ret = ctx->cipher_info->base->stream_func(ctx->cipher_ctx, + ilen, input, output))) { + return ret; } *olen = ilen; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_STREAM */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) @@ -732,24 +723,26 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i /* * PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len */ -static void add_pkcs_padding( unsigned char *output, size_t output_len, - size_t data_len ) +static void add_pkcs_padding(unsigned char *output, size_t output_len, + size_t data_len) { size_t padding_len = output_len - data_len; unsigned char i; - for( i = 0; i < padding_len; i++ ) + for (i = 0; i < padding_len; i++) { output[data_len + i] = (unsigned char) padding_len; + } } -static int get_pkcs_padding( unsigned char *input, size_t input_len, - size_t *data_len ) +static int get_pkcs_padding(unsigned char *input, size_t input_len, + size_t *data_len) { size_t i, pad_idx; unsigned char padding_len, bad = 0; - if( NULL == input || NULL == data_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == input || NULL == data_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } padding_len = input[input_len - 1]; *data_len = input_len - padding_len; @@ -761,10 +754,11 @@ static int get_pkcs_padding( unsigned char *input, size_t input_len, /* The number of bytes checked must be independent of padding_len, * so pick input_len, which is usually 8 or 16 (one block) */ pad_idx = input_len - padding_len; - for( i = 0; i < input_len; i++ ) - bad |= ( input[i] ^ padding_len ) * ( i >= pad_idx ); + for (i = 0; i < input_len; i++) { + bad |= (input[i] ^ padding_len) * (i >= pad_idx); + } - return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); + return MBEDTLS_ERR_CIPHER_INVALID_PADDING * (bad != 0); } #endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ @@ -772,37 +766,38 @@ static int get_pkcs_padding( unsigned char *input, size_t input_len, /* * One and zeros padding: fill with 80 00 ... 00 */ -static void add_one_and_zeros_padding( unsigned char *output, - size_t output_len, size_t data_len ) +static void add_one_and_zeros_padding(unsigned char *output, + size_t output_len, size_t data_len) { size_t padding_len = output_len - data_len; unsigned char i = 0; output[data_len] = 0x80; - for( i = 1; i < padding_len; i++ ) + for (i = 1; i < padding_len; i++) { output[data_len + i] = 0x00; + } } -static int get_one_and_zeros_padding( unsigned char *input, size_t input_len, - size_t *data_len ) +static int get_one_and_zeros_padding(unsigned char *input, size_t input_len, + size_t *data_len) { size_t i; unsigned char done = 0, prev_done, bad; - if( NULL == input || NULL == data_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == input || NULL == data_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } bad = 0x80; *data_len = 0; - for( i = input_len; i > 0; i-- ) - { + for (i = input_len; i > 0; i--) { prev_done = done; - done |= ( input[i - 1] != 0 ); - *data_len |= ( i - 1 ) * ( done != prev_done ); - bad ^= input[i - 1] * ( done != prev_done ); + done |= (input[i - 1] != 0); + *data_len |= (i - 1) * (done != prev_done); + bad ^= input[i - 1] * (done != prev_done); } - return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); + return MBEDTLS_ERR_CIPHER_INVALID_PADDING * (bad != 0); } #endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ @@ -811,25 +806,27 @@ static int get_one_and_zeros_padding( unsigned char *input, size_t input_len, /* * Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length */ -static void add_zeros_and_len_padding( unsigned char *output, - size_t output_len, size_t data_len ) +static void add_zeros_and_len_padding(unsigned char *output, + size_t output_len, size_t data_len) { size_t padding_len = output_len - data_len; unsigned char i = 0; - for( i = 1; i < padding_len; i++ ) + for (i = 1; i < padding_len; i++) { output[data_len + i - 1] = 0x00; + } output[output_len - 1] = (unsigned char) padding_len; } -static int get_zeros_and_len_padding( unsigned char *input, size_t input_len, - size_t *data_len ) +static int get_zeros_and_len_padding(unsigned char *input, size_t input_len, + size_t *data_len) { size_t i, pad_idx; unsigned char padding_len, bad = 0; - if( NULL == input || NULL == data_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == input || NULL == data_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } padding_len = input[input_len - 1]; *data_len = input_len - padding_len; @@ -840,10 +837,11 @@ static int get_zeros_and_len_padding( unsigned char *input, size_t input_len, /* The number of bytes checked must be independent of padding_len */ pad_idx = input_len - padding_len; - for( i = 0; i < input_len - 1; i++ ) - bad |= input[i] * ( i >= pad_idx ); + for (i = 0; i < input_len - 1; i++) { + bad |= input[i] * (i >= pad_idx); + } - return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); + return MBEDTLS_ERR_CIPHER_INVALID_PADDING * (bad != 0); } #endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ @@ -851,33 +849,34 @@ static int get_zeros_and_len_padding( unsigned char *input, size_t input_len, /* * Zero padding: fill with 00 ... 00 */ -static void add_zeros_padding( unsigned char *output, - size_t output_len, size_t data_len ) +static void add_zeros_padding(unsigned char *output, + size_t output_len, size_t data_len) { size_t i; - for( i = data_len; i < output_len; i++ ) + for (i = data_len; i < output_len; i++) { output[i] = 0x00; + } } -static int get_zeros_padding( unsigned char *input, size_t input_len, - size_t *data_len ) +static int get_zeros_padding(unsigned char *input, size_t input_len, + size_t *data_len) { size_t i; unsigned char done = 0, prev_done; - if( NULL == input || NULL == data_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == input || NULL == data_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } *data_len = 0; - for( i = input_len; i > 0; i-- ) - { + for (i = input_len; i > 0; i--) { prev_done = done; - done |= ( input[i-1] != 0 ); - *data_len |= i * ( done != prev_done ); + done |= (input[i-1] != 0); + *data_len |= i * (done != prev_done); } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ @@ -887,247 +886,244 @@ static int get_zeros_padding( unsigned char *input, size_t input_len, * There is no add_padding function (check for NULL in mbedtls_cipher_finish) * but a trivial get_padding function */ -static int get_no_padding( unsigned char *input, size_t input_len, - size_t *data_len ) +static int get_no_padding(unsigned char *input, size_t input_len, + size_t *data_len) { - if( NULL == input || NULL == data_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == input || NULL == data_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } *data_len = input_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ -int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, - unsigned char *output, size_t *olen ) +int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, + unsigned char *output, size_t *olen) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ *olen = 0; - if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode || + if (MBEDTLS_MODE_CFB == ctx->cipher_info->mode || MBEDTLS_MODE_OFB == ctx->cipher_info->mode || MBEDTLS_MODE_CTR == ctx->cipher_info->mode || MBEDTLS_MODE_GCM == ctx->cipher_info->mode || MBEDTLS_MODE_XTS == ctx->cipher_info->mode || - MBEDTLS_MODE_STREAM == ctx->cipher_info->mode ) - { - return( 0 ); + MBEDTLS_MODE_STREAM == ctx->cipher_info->mode) { + return 0; } - if ( ( MBEDTLS_CIPHER_CHACHA20 == ctx->cipher_info->type ) || - ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) ) - { - return( 0 ); + if ((MBEDTLS_CIPHER_CHACHA20 == ctx->cipher_info->type) || + (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type)) { + return 0; } - if( MBEDTLS_MODE_ECB == ctx->cipher_info->mode ) - { - if( ctx->unprocessed_len != 0 ) - return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + if (MBEDTLS_MODE_ECB == ctx->cipher_info->mode) { + if (ctx->unprocessed_len != 0) { + return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; + } - return( 0 ); + return 0; } #if defined(MBEDTLS_CIPHER_MODE_CBC) - if( MBEDTLS_MODE_CBC == ctx->cipher_info->mode ) - { + if (MBEDTLS_MODE_CBC == ctx->cipher_info->mode) { int ret = 0; - if( MBEDTLS_ENCRYPT == ctx->operation ) - { + if (MBEDTLS_ENCRYPT == ctx->operation) { /* check for 'no padding' mode */ - if( NULL == ctx->add_padding ) - { - if( 0 != ctx->unprocessed_len ) - return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + if (NULL == ctx->add_padding) { + if (0 != ctx->unprocessed_len) { + return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; + } - return( 0 ); + return 0; } - ctx->add_padding( ctx->unprocessed_data, mbedtls_cipher_get_iv_size( ctx ), - ctx->unprocessed_len ); - } - else if( mbedtls_cipher_get_block_size( ctx ) != ctx->unprocessed_len ) - { + ctx->add_padding(ctx->unprocessed_data, mbedtls_cipher_get_iv_size(ctx), + ctx->unprocessed_len); + } else if (mbedtls_cipher_get_block_size(ctx) != ctx->unprocessed_len) { /* * For decrypt operations, expect a full block, * or an empty block if no padding */ - if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len ) - return( 0 ); + if (NULL == ctx->add_padding && 0 == ctx->unprocessed_len) { + return 0; + } - return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; } /* cipher block */ - if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, - ctx->operation, mbedtls_cipher_get_block_size( ctx ), ctx->iv, - ctx->unprocessed_data, output ) ) ) - { - return( ret ); + if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx, + ctx->operation, + mbedtls_cipher_get_block_size(ctx), + ctx->iv, + ctx->unprocessed_data, output))) { + return ret; } /* Set output size for decryption */ - if( MBEDTLS_DECRYPT == ctx->operation ) - return( ctx->get_padding( output, mbedtls_cipher_get_block_size( ctx ), - olen ) ); + if (MBEDTLS_DECRYPT == ctx->operation) { + return ctx->get_padding(output, mbedtls_cipher_get_block_size(ctx), + olen); + } /* Set output size for encryption */ - *olen = mbedtls_cipher_get_block_size( ctx ); - return( 0 ); + *olen = mbedtls_cipher_get_block_size(ctx); + return 0; } #else ((void) output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) -int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, - mbedtls_cipher_padding_t mode ) +int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, + mbedtls_cipher_padding_t mode) { - CIPHER_VALIDATE_RET( ctx != NULL ); + CIPHER_VALIDATE_RET(ctx != NULL); - if( NULL == ctx->cipher_info || MBEDTLS_MODE_CBC != ctx->cipher_info->mode ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == ctx->cipher_info || MBEDTLS_MODE_CBC != ctx->cipher_info->mode) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto knows about CBC padding * schemes, we currently don't make them * accessible through the cipher layer. */ - if( mode != MBEDTLS_PADDING_NONE ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + if (mode != MBEDTLS_PADDING_NONE) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - switch( mode ) - { + switch (mode) { #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) - case MBEDTLS_PADDING_PKCS7: - ctx->add_padding = add_pkcs_padding; - ctx->get_padding = get_pkcs_padding; - break; + case MBEDTLS_PADDING_PKCS7: + ctx->add_padding = add_pkcs_padding; + ctx->get_padding = get_pkcs_padding; + break; #endif #if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) - case MBEDTLS_PADDING_ONE_AND_ZEROS: - ctx->add_padding = add_one_and_zeros_padding; - ctx->get_padding = get_one_and_zeros_padding; - break; + case MBEDTLS_PADDING_ONE_AND_ZEROS: + ctx->add_padding = add_one_and_zeros_padding; + ctx->get_padding = get_one_and_zeros_padding; + break; #endif #if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) - case MBEDTLS_PADDING_ZEROS_AND_LEN: - ctx->add_padding = add_zeros_and_len_padding; - ctx->get_padding = get_zeros_and_len_padding; - break; + case MBEDTLS_PADDING_ZEROS_AND_LEN: + ctx->add_padding = add_zeros_and_len_padding; + ctx->get_padding = get_zeros_and_len_padding; + break; #endif #if defined(MBEDTLS_CIPHER_PADDING_ZEROS) - case MBEDTLS_PADDING_ZEROS: - ctx->add_padding = add_zeros_padding; - ctx->get_padding = get_zeros_padding; - break; + case MBEDTLS_PADDING_ZEROS: + ctx->add_padding = add_zeros_padding; + ctx->get_padding = get_zeros_padding; + break; #endif - case MBEDTLS_PADDING_NONE: - ctx->add_padding = NULL; - ctx->get_padding = get_no_padding; - break; + case MBEDTLS_PADDING_NONE: + ctx->add_padding = NULL; + ctx->get_padding = get_no_padding; + break; - default: - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + default: + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) -int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, - unsigned char *tag, size_t tag_len ) +int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, + unsigned char *tag, size_t tag_len) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(tag_len == 0 || tag != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - if( MBEDTLS_ENCRYPT != ctx->operation ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (MBEDTLS_ENCRYPT != ctx->operation) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_GCM_C) - if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) - return( mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, - tag, tag_len ) ); + if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + return mbedtls_gcm_finish((mbedtls_gcm_context *) ctx->cipher_ctx, + tag, tag_len); + } #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) - { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { /* Don't allow truncated MAC for Poly1305 */ - if ( tag_len != 16U ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (tag_len != 16U) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - return( mbedtls_chachapoly_finish( - (mbedtls_chachapoly_context*) ctx->cipher_ctx, tag ) ); + return mbedtls_chachapoly_finish( + (mbedtls_chachapoly_context *) ctx->cipher_ctx, tag); } #endif - return( 0 ); + return 0; } -int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, - const unsigned char *tag, size_t tag_len ) +int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, + const unsigned char *tag, size_t tag_len) { unsigned char check_tag[16]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(tag_len == 0 || tag != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - if( MBEDTLS_DECRYPT != ctx->operation ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (MBEDTLS_DECRYPT != ctx->operation) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -1138,21 +1134,19 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, ret = 0; #if defined(MBEDTLS_GCM_C) - if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) - { - if( tag_len > sizeof( check_tag ) ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - if( 0 != ( ret = mbedtls_gcm_finish( - (mbedtls_gcm_context *) ctx->cipher_ctx, - check_tag, tag_len ) ) ) - { - return( ret ); + if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (tag_len > sizeof(check_tag)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } + + if (0 != (ret = mbedtls_gcm_finish( + (mbedtls_gcm_context *) ctx->cipher_ctx, + check_tag, tag_len))) { + return ret; } /* Check the tag in "constant-time" */ - if( mbedtls_ct_memcmp( tag, check_tag, tag_len ) != 0 ) - { + if (mbedtls_ct_memcmp(tag, check_tag, tag_len) != 0) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; goto exit; } @@ -1160,22 +1154,20 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CHACHAPOLY_C) - if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) - { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { /* Don't allow truncated MAC for Poly1305 */ - if ( tag_len != sizeof( check_tag ) ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (tag_len != sizeof(check_tag)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } ret = mbedtls_chachapoly_finish( - (mbedtls_chachapoly_context*) ctx->cipher_ctx, check_tag ); - if ( ret != 0 ) - { - return( ret ); + (mbedtls_chachapoly_context *) ctx->cipher_ctx, check_tag); + if (ret != 0) { + return ret; } /* Check the tag in "constant-time" */ - if( mbedtls_ct_memcmp( tag, check_tag, tag_len ) != 0 ) - { + if (mbedtls_ct_memcmp(tag, check_tag, tag_len) != 0) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; goto exit; } @@ -1183,31 +1175,30 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, #endif /* MBEDTLS_CHACHAPOLY_C */ exit: - mbedtls_platform_zeroize( check_tag, tag_len ); - return( ret ); + mbedtls_platform_zeroize(check_tag, tag_len); + return ret; } #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ /* * Packet-oriented wrapper for non-AEAD modes */ -int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen ) +int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t finish_olen; - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || input != NULL); + CIPHER_VALIDATE_RET(output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* As in the non-PSA case, we don't check that * a key has been set. If not, the key slot will * still be in its default state of 0, which is @@ -1220,69 +1211,73 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT; size_t part_len; - if( ctx->operation == MBEDTLS_DECRYPT ) - { - status = psa_cipher_decrypt_setup( &cipher_op, - cipher_psa->slot, - cipher_psa->alg ); - } - else if( ctx->operation == MBEDTLS_ENCRYPT ) - { - status = psa_cipher_encrypt_setup( &cipher_op, - cipher_psa->slot, - cipher_psa->alg ); + if (ctx->operation == MBEDTLS_DECRYPT) { + status = psa_cipher_decrypt_setup(&cipher_op, + cipher_psa->slot, + cipher_psa->alg); + } else if (ctx->operation == MBEDTLS_ENCRYPT) { + status = psa_cipher_encrypt_setup(&cipher_op, + cipher_psa->slot, + cipher_psa->alg); + } else { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - else - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); /* In the following, we can immediately return on an error, * because the PSA Crypto API guarantees that cipher operations * are terminated by unsuccessful calls to psa_cipher_update(), * and by any call to psa_cipher_finish(). */ - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); - - if( ctx->cipher_info->mode != MBEDTLS_MODE_ECB ) - { - status = psa_cipher_set_iv( &cipher_op, iv, iv_len ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; } - status = psa_cipher_update( &cipher_op, - input, ilen, - output, ilen, olen ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + if (ctx->cipher_info->mode != MBEDTLS_MODE_ECB) { + status = psa_cipher_set_iv(&cipher_op, iv, iv_len); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; + } + } - status = psa_cipher_finish( &cipher_op, - output + *olen, ilen - *olen, - &part_len ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + status = psa_cipher_update(&cipher_op, + input, ilen, + output, ilen, olen); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; + } + + status = psa_cipher_finish(&cipher_op, + output + *olen, ilen - *olen, + &part_len); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; + } *olen += part_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_set_iv(ctx, iv, iv_len)) != 0) { + return ret; + } - if( ( ret = mbedtls_cipher_reset( ctx ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_reset(ctx)) != 0) { + return ret; + } - if( ( ret = mbedtls_cipher_update( ctx, input, ilen, - output, olen ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_update(ctx, input, ilen, + output, olen)) != 0) { + return ret; + } - if( ( ret = mbedtls_cipher_finish( ctx, output + *olen, - &finish_olen ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_finish(ctx, output + *olen, + &finish_olen)) != 0) { + return ret; + } *olen += finish_olen; - return( 0 ); + return 0; } #if defined(MBEDTLS_CIPHER_MODE_AEAD) @@ -1290,16 +1285,15 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, * Packet-oriented encryption for AEAD modes: internal function shared by * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext(). */ -static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - unsigned char *tag, size_t tag_len ) +static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + unsigned char *tag, size_t tag_len) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* As in the non-PSA case, we don't check that * a key has been set. If not, the key slot will * still be in its default state of 0, which is @@ -1312,74 +1306,71 @@ static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx, /* PSA Crypto API always writes the authentication tag * at the end of the encrypted message. */ - if( output == NULL || tag != output + ilen ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + if (output == NULL || tag != output + ilen) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } - status = psa_aead_encrypt( cipher_psa->slot, - cipher_psa->alg, - iv, iv_len, - ad, ad_len, - input, ilen, - output, ilen + tag_len, olen ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + status = psa_aead_encrypt(cipher_psa->slot, + cipher_psa->alg, + iv, iv_len, + ad, ad_len, + input, ilen, + output, ilen + tag_len, olen); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; + } *olen -= tag_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_GCM_C) - if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) - { + if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { *olen = ilen; - return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, - ilen, iv, iv_len, ad, ad_len, - input, output, tag_len, tag ) ); + return mbedtls_gcm_crypt_and_tag(ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, + ilen, iv, iv_len, ad, ad_len, + input, output, tag_len, tag); } #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) - if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode ) - { + if (MBEDTLS_MODE_CCM == ctx->cipher_info->mode) { *olen = ilen; - return( mbedtls_ccm_encrypt_and_tag( ctx->cipher_ctx, ilen, - iv, iv_len, ad, ad_len, input, output, - tag, tag_len ) ); + return mbedtls_ccm_encrypt_and_tag(ctx->cipher_ctx, ilen, + iv, iv_len, ad, ad_len, input, output, + tag, tag_len); } #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_CHACHAPOLY_C) - if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) - { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { /* ChachaPoly has fixed length nonce and MAC (tag) */ - if ( ( iv_len != ctx->cipher_info->iv_size ) || - ( tag_len != 16U ) ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if ((iv_len != ctx->cipher_info->iv_size) || + (tag_len != 16U)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } *olen = ilen; - return( mbedtls_chachapoly_encrypt_and_tag( ctx->cipher_ctx, - ilen, iv, ad, ad_len, input, output, tag ) ); + return mbedtls_chachapoly_encrypt_and_tag(ctx->cipher_ctx, + ilen, iv, ad, ad_len, input, output, tag); } #endif /* MBEDTLS_CHACHAPOLY_C */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } /* * Packet-oriented encryption for AEAD modes: internal function shared by * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext(). */ -static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - const unsigned char *tag, size_t tag_len ) +static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + const unsigned char *tag, size_t tag_len) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* As in the non-PSA case, we don't check that * a key has been set. If not, the key slot will * still be in its default state of 0, which is @@ -1392,127 +1383,128 @@ static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx, /* PSA Crypto API always writes the authentication tag * at the end of the encrypted message. */ - if( input == NULL || tag != input + ilen ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - - status = psa_aead_decrypt( cipher_psa->slot, - cipher_psa->alg, - iv, iv_len, - ad, ad_len, - input, ilen + tag_len, - output, ilen, olen ); - if( status == PSA_ERROR_INVALID_SIGNATURE ) - return( MBEDTLS_ERR_CIPHER_AUTH_FAILED ); - else if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); - - return( 0 ); + if (input == NULL || tag != input + ilen) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } + + status = psa_aead_decrypt(cipher_psa->slot, + cipher_psa->alg, + iv, iv_len, + ad, ad_len, + input, ilen + tag_len, + output, ilen, olen); + if (status == PSA_ERROR_INVALID_SIGNATURE) { + return MBEDTLS_ERR_CIPHER_AUTH_FAILED; + } else if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; + } + + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_GCM_C) - if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) - { + if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; *olen = ilen; - ret = mbedtls_gcm_auth_decrypt( ctx->cipher_ctx, ilen, - iv, iv_len, ad, ad_len, - tag, tag_len, input, output ); + ret = mbedtls_gcm_auth_decrypt(ctx->cipher_ctx, ilen, + iv, iv_len, ad, ad_len, + tag, tag_len, input, output); - if( ret == MBEDTLS_ERR_GCM_AUTH_FAILED ) + if (ret == MBEDTLS_ERR_GCM_AUTH_FAILED) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; + } - return( ret ); + return ret; } #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) - if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode ) - { + if (MBEDTLS_MODE_CCM == ctx->cipher_info->mode) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; *olen = ilen; - ret = mbedtls_ccm_auth_decrypt( ctx->cipher_ctx, ilen, - iv, iv_len, ad, ad_len, - input, output, tag, tag_len ); + ret = mbedtls_ccm_auth_decrypt(ctx->cipher_ctx, ilen, + iv, iv_len, ad, ad_len, + input, output, tag, tag_len); - if( ret == MBEDTLS_ERR_CCM_AUTH_FAILED ) + if (ret == MBEDTLS_ERR_CCM_AUTH_FAILED) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; + } - return( ret ); + return ret; } #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_CHACHAPOLY_C) - if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) - { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* ChachaPoly has fixed length nonce and MAC (tag) */ - if ( ( iv_len != ctx->cipher_info->iv_size ) || - ( tag_len != 16U ) ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if ((iv_len != ctx->cipher_info->iv_size) || + (tag_len != 16U)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } *olen = ilen; - ret = mbedtls_chachapoly_auth_decrypt( ctx->cipher_ctx, ilen, - iv, ad, ad_len, tag, input, output ); + ret = mbedtls_chachapoly_auth_decrypt(ctx->cipher_ctx, ilen, + iv, ad, ad_len, tag, input, output); - if( ret == MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED ) + if (ret == MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; + } - return( ret ); + return ret; } #endif /* MBEDTLS_CHACHAPOLY_C */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) /* * Packet-oriented encryption for AEAD modes: public legacy function. */ -int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - unsigned char *tag, size_t tag_len ) +int mbedtls_cipher_auth_encrypt(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + unsigned char *tag, size_t tag_len) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); - CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - return( mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len, - input, ilen, output, olen, - tag, tag_len ) ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL); + CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || input != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); + CIPHER_VALIDATE_RET(tag_len == 0 || tag != NULL); + + return mbedtls_cipher_aead_encrypt(ctx, iv, iv_len, ad, ad_len, + input, ilen, output, olen, + tag, tag_len); } /* * Packet-oriented decryption for AEAD modes: public legacy function. */ -int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - const unsigned char *tag, size_t tag_len ) +int mbedtls_cipher_auth_decrypt(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + const unsigned char *tag, size_t tag_len) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); - CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len, - input, ilen, output, olen, - tag, tag_len ) ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL); + CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || input != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); + CIPHER_VALIDATE_RET(tag_len == 0 || tag != NULL); + + return mbedtls_cipher_aead_decrypt(ctx, iv, iv_len, ad, ad_len, + input, ilen, output, olen, + tag, tag_len); } #endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_CIPHER_MODE_AEAD */ @@ -1521,110 +1513,112 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, /* * Packet-oriented encryption for AEAD/NIST_KW: public function. */ -int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t output_len, - size_t *olen, size_t tag_len ) +int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t output_len, + size_t *olen, size_t tag_len) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL); + CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || input != NULL); + CIPHER_VALIDATE_RET(output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); #if defined(MBEDTLS_NIST_KW_C) - if( + if ( #if defined(MBEDTLS_USE_PSA_CRYPTO) ctx->psa_enabled == 0 && #endif - ( MBEDTLS_MODE_KW == ctx->cipher_info->mode || - MBEDTLS_MODE_KWP == ctx->cipher_info->mode ) ) - { - mbedtls_nist_kw_mode_t mode = ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ) ? - MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; + (MBEDTLS_MODE_KW == ctx->cipher_info->mode || + MBEDTLS_MODE_KWP == ctx->cipher_info->mode)) { + mbedtls_nist_kw_mode_t mode = (MBEDTLS_MODE_KW == ctx->cipher_info->mode) ? + MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; /* There is no iv, tag or ad associated with KW and KWP, * so these length should be 0 as documented. */ - if( iv_len != 0 || tag_len != 0 || ad_len != 0 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (iv_len != 0 || tag_len != 0 || ad_len != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } (void) iv; (void) ad; - return( mbedtls_nist_kw_wrap( ctx->cipher_ctx, mode, input, ilen, - output, olen, output_len ) ); + return mbedtls_nist_kw_wrap(ctx->cipher_ctx, mode, input, ilen, + output, olen, output_len); } #endif /* MBEDTLS_NIST_KW_C */ #if defined(MBEDTLS_CIPHER_MODE_AEAD) /* AEAD case: check length before passing on to shared function */ - if( output_len < ilen + tag_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (output_len < ilen + tag_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - int ret = mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len, - input, ilen, output, olen, - output + ilen, tag_len ); + int ret = mbedtls_cipher_aead_encrypt(ctx, iv, iv_len, ad, ad_len, + input, ilen, output, olen, + output + ilen, tag_len); *olen += tag_len; - return( ret ); + return ret; #else - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_CIPHER_MODE_AEAD */ } /* * Packet-oriented decryption for AEAD/NIST_KW: public function. */ -int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t output_len, - size_t *olen, size_t tag_len ) +int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t output_len, + size_t *olen, size_t tag_len) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( output_len == 0 || output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL); + CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || input != NULL); + CIPHER_VALIDATE_RET(output_len == 0 || output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); #if defined(MBEDTLS_NIST_KW_C) - if( + if ( #if defined(MBEDTLS_USE_PSA_CRYPTO) ctx->psa_enabled == 0 && #endif - ( MBEDTLS_MODE_KW == ctx->cipher_info->mode || - MBEDTLS_MODE_KWP == ctx->cipher_info->mode ) ) - { - mbedtls_nist_kw_mode_t mode = ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ) ? - MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; + (MBEDTLS_MODE_KW == ctx->cipher_info->mode || + MBEDTLS_MODE_KWP == ctx->cipher_info->mode)) { + mbedtls_nist_kw_mode_t mode = (MBEDTLS_MODE_KW == ctx->cipher_info->mode) ? + MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; /* There is no iv, tag or ad associated with KW and KWP, * so these length should be 0 as documented. */ - if( iv_len != 0 || tag_len != 0 || ad_len != 0 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (iv_len != 0 || tag_len != 0 || ad_len != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } (void) iv; (void) ad; - return( mbedtls_nist_kw_unwrap( ctx->cipher_ctx, mode, input, ilen, - output, olen, output_len ) ); + return mbedtls_nist_kw_unwrap(ctx->cipher_ctx, mode, input, ilen, + output, olen, output_len); } #endif /* MBEDTLS_NIST_KW_C */ #if defined(MBEDTLS_CIPHER_MODE_AEAD) /* AEAD case: check length before passing on to shared function */ - if( ilen < tag_len || output_len < ilen - tag_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (ilen < tag_len || output_len < ilen - tag_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len, - input, ilen - tag_len, output, olen, - input + ilen - tag_len, tag_len ) ); + return mbedtls_cipher_aead_decrypt(ctx, iv, iv_len, ad, ad_len, + input, ilen - tag_len, output, olen, + input + ilen - tag_len, tag_len); #else - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_CIPHER_MODE_AEAD */ } #endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index c76bdcc0f80d..737cf9776b95 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -80,100 +80,101 @@ #if defined(MBEDTLS_GCM_C) /* shared by all GCM ciphers */ -static void *gcm_ctx_alloc( void ) +static void *gcm_ctx_alloc(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_gcm_context ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_gcm_context)); - if( ctx != NULL ) - mbedtls_gcm_init( (mbedtls_gcm_context *) ctx ); + if (ctx != NULL) { + mbedtls_gcm_init((mbedtls_gcm_context *) ctx); + } - return( ctx ); + return ctx; } -static void gcm_ctx_free( void *ctx ) +static void gcm_ctx_free(void *ctx) { - mbedtls_gcm_free( ctx ); - mbedtls_free( ctx ); + mbedtls_gcm_free(ctx); + mbedtls_free(ctx); } #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) /* shared by all CCM ciphers */ -static void *ccm_ctx_alloc( void ) +static void *ccm_ctx_alloc(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ccm_context ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ccm_context)); - if( ctx != NULL ) - mbedtls_ccm_init( (mbedtls_ccm_context *) ctx ); + if (ctx != NULL) { + mbedtls_ccm_init((mbedtls_ccm_context *) ctx); + } - return( ctx ); + return ctx; } -static void ccm_ctx_free( void *ctx ) +static void ccm_ctx_free(void *ctx) { - mbedtls_ccm_free( ctx ); - mbedtls_free( ctx ); + mbedtls_ccm_free(ctx); + mbedtls_free(ctx); } #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_AES_C) -static int aes_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) +static int aes_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation, + const unsigned char *input, unsigned char *output) { - return mbedtls_aes_crypt_ecb( (mbedtls_aes_context *) ctx, operation, input, output ); + return mbedtls_aes_crypt_ecb((mbedtls_aes_context *) ctx, operation, input, output); } #if defined(MBEDTLS_CIPHER_MODE_CBC) -static int aes_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, - unsigned char *iv, const unsigned char *input, unsigned char *output ) +static int aes_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t length, + unsigned char *iv, const unsigned char *input, unsigned char *output) { - return mbedtls_aes_crypt_cbc( (mbedtls_aes_context *) ctx, operation, length, iv, input, - output ); + return mbedtls_aes_crypt_cbc((mbedtls_aes_context *) ctx, operation, length, iv, input, + output); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) -static int aes_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) +static int aes_crypt_cfb128_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, size_t *iv_off, unsigned char *iv, + const unsigned char *input, unsigned char *output) { - return mbedtls_aes_crypt_cfb128( (mbedtls_aes_context *) ctx, operation, length, iv_off, iv, - input, output ); + return mbedtls_aes_crypt_cfb128((mbedtls_aes_context *) ctx, operation, length, iv_off, iv, + input, output); } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) -static int aes_crypt_ofb_wrap( void *ctx, size_t length, size_t *iv_off, - unsigned char *iv, const unsigned char *input, unsigned char *output ) +static int aes_crypt_ofb_wrap(void *ctx, size_t length, size_t *iv_off, + unsigned char *iv, const unsigned char *input, unsigned char *output) { - return mbedtls_aes_crypt_ofb( (mbedtls_aes_context *) ctx, length, iv_off, - iv, input, output ); + return mbedtls_aes_crypt_ofb((mbedtls_aes_context *) ctx, length, iv_off, + iv, input, output); } #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) -static int aes_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) +static int aes_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off, + unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output) { - return mbedtls_aes_crypt_ctr( (mbedtls_aes_context *) ctx, length, nc_off, nonce_counter, - stream_block, input, output ); + return mbedtls_aes_crypt_ctr((mbedtls_aes_context *) ctx, length, nc_off, nonce_counter, + stream_block, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) -static int aes_crypt_xts_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, - const unsigned char data_unit[16], - const unsigned char *input, - unsigned char *output ) +static int aes_crypt_xts_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, + const unsigned char data_unit[16], + const unsigned char *input, + unsigned char *output) { mbedtls_aes_xts_context *xts_ctx = ctx; int mode; - switch( operation ) - { + switch (operation) { case MBEDTLS_ENCRYPT: mode = MBEDTLS_AES_ENCRYPT; break; @@ -184,39 +185,40 @@ static int aes_crypt_xts_wrap( void *ctx, mbedtls_operation_t operation, return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - return mbedtls_aes_crypt_xts( xts_ctx, mode, length, - data_unit, input, output ); + return mbedtls_aes_crypt_xts(xts_ctx, mode, length, + data_unit, input, output); } #endif /* MBEDTLS_CIPHER_MODE_XTS */ -static int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int aes_setkey_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_aes_setkey_dec( (mbedtls_aes_context *) ctx, key, key_bitlen ); + return mbedtls_aes_setkey_dec((mbedtls_aes_context *) ctx, key, key_bitlen); } -static int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int aes_setkey_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_aes_setkey_enc( (mbedtls_aes_context *) ctx, key, key_bitlen ); + return mbedtls_aes_setkey_enc((mbedtls_aes_context *) ctx, key, key_bitlen); } -static void * aes_ctx_alloc( void ) +static void *aes_ctx_alloc(void) { - mbedtls_aes_context *aes = mbedtls_calloc( 1, sizeof( mbedtls_aes_context ) ); + mbedtls_aes_context *aes = mbedtls_calloc(1, sizeof(mbedtls_aes_context)); - if( aes == NULL ) - return( NULL ); + if (aes == NULL) { + return NULL; + } - mbedtls_aes_init( aes ); + mbedtls_aes_init(aes); - return( aes ); + return aes; } -static void aes_ctx_free( void *ctx ) +static void aes_ctx_free(void *ctx) { - mbedtls_aes_free( (mbedtls_aes_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_aes_free((mbedtls_aes_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t aes_info = { @@ -420,39 +422,41 @@ static const mbedtls_cipher_info_t aes_256_ctr_info = { #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) -static int xts_aes_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int xts_aes_setkey_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { mbedtls_aes_xts_context *xts_ctx = ctx; - return( mbedtls_aes_xts_setkey_enc( xts_ctx, key, key_bitlen ) ); + return mbedtls_aes_xts_setkey_enc(xts_ctx, key, key_bitlen); } -static int xts_aes_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int xts_aes_setkey_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { mbedtls_aes_xts_context *xts_ctx = ctx; - return( mbedtls_aes_xts_setkey_dec( xts_ctx, key, key_bitlen ) ); + return mbedtls_aes_xts_setkey_dec(xts_ctx, key, key_bitlen); } -static void *xts_aes_ctx_alloc( void ) +static void *xts_aes_ctx_alloc(void) { - mbedtls_aes_xts_context *xts_ctx = mbedtls_calloc( 1, sizeof( *xts_ctx ) ); + mbedtls_aes_xts_context *xts_ctx = mbedtls_calloc(1, sizeof(*xts_ctx)); - if( xts_ctx != NULL ) - mbedtls_aes_xts_init( xts_ctx ); + if (xts_ctx != NULL) { + mbedtls_aes_xts_init(xts_ctx); + } - return( xts_ctx ); + return xts_ctx; } -static void xts_aes_ctx_free( void *ctx ) +static void xts_aes_ctx_free(void *ctx) { mbedtls_aes_xts_context *xts_ctx = ctx; - if( xts_ctx == NULL ) + if (xts_ctx == NULL) { return; + } - mbedtls_aes_xts_free( xts_ctx ); - mbedtls_free( xts_ctx ); + mbedtls_aes_xts_free(xts_ctx); + mbedtls_free(xts_ctx); } static const mbedtls_cipher_base_t xts_aes_info = { @@ -506,11 +510,11 @@ static const mbedtls_cipher_info_t aes_256_xts_info = { #endif /* MBEDTLS_CIPHER_MODE_XTS */ #if defined(MBEDTLS_GCM_C) -static int gcm_aes_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES, - key, key_bitlen ); + return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES, + key, key_bitlen); } static const mbedtls_cipher_base_t gcm_aes_info = { @@ -575,11 +579,11 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) -static int ccm_aes_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES, - key, key_bitlen ); + return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES, + key, key_bitlen); } static const mbedtls_cipher_base_t ccm_aes_info = { @@ -647,72 +651,73 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { #if defined(MBEDTLS_CAMELLIA_C) -static int camellia_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) +static int camellia_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation, + const unsigned char *input, unsigned char *output) { - return mbedtls_camellia_crypt_ecb( (mbedtls_camellia_context *) ctx, operation, input, - output ); + return mbedtls_camellia_crypt_ecb((mbedtls_camellia_context *) ctx, operation, input, + output); } #if defined(MBEDTLS_CIPHER_MODE_CBC) -static int camellia_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, unsigned char *iv, - const unsigned char *input, unsigned char *output ) +static int camellia_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, unsigned char *iv, + const unsigned char *input, unsigned char *output) { - return mbedtls_camellia_crypt_cbc( (mbedtls_camellia_context *) ctx, operation, length, iv, - input, output ); + return mbedtls_camellia_crypt_cbc((mbedtls_camellia_context *) ctx, operation, length, iv, + input, output); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) -static int camellia_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) +static int camellia_crypt_cfb128_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, size_t *iv_off, unsigned char *iv, + const unsigned char *input, unsigned char *output) { - return mbedtls_camellia_crypt_cfb128( (mbedtls_camellia_context *) ctx, operation, length, - iv_off, iv, input, output ); + return mbedtls_camellia_crypt_cfb128((mbedtls_camellia_context *) ctx, operation, length, + iv_off, iv, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) -static int camellia_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) +static int camellia_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off, + unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output) { - return mbedtls_camellia_crypt_ctr( (mbedtls_camellia_context *) ctx, length, nc_off, - nonce_counter, stream_block, input, output ); + return mbedtls_camellia_crypt_ctr((mbedtls_camellia_context *) ctx, length, nc_off, + nonce_counter, stream_block, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CTR */ -static int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int camellia_setkey_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_camellia_setkey_dec( (mbedtls_camellia_context *) ctx, key, key_bitlen ); + return mbedtls_camellia_setkey_dec((mbedtls_camellia_context *) ctx, key, key_bitlen); } -static int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int camellia_setkey_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_camellia_setkey_enc( (mbedtls_camellia_context *) ctx, key, key_bitlen ); + return mbedtls_camellia_setkey_enc((mbedtls_camellia_context *) ctx, key, key_bitlen); } -static void * camellia_ctx_alloc( void ) +static void *camellia_ctx_alloc(void) { mbedtls_camellia_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_camellia_context ) ); + ctx = mbedtls_calloc(1, sizeof(mbedtls_camellia_context)); - if( ctx == NULL ) - return( NULL ); + if (ctx == NULL) { + return NULL; + } - mbedtls_camellia_init( ctx ); + mbedtls_camellia_init(ctx); - return( ctx ); + return ctx; } -static void camellia_ctx_free( void *ctx ) +static void camellia_ctx_free(void *ctx) { - mbedtls_camellia_free( (mbedtls_camellia_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_camellia_free((mbedtls_camellia_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t camellia_info = { @@ -881,11 +886,11 @@ static const mbedtls_cipher_info_t camellia_256_ctr_info = { #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_GCM_C) -static int gcm_camellia_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int gcm_camellia_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, - key, key_bitlen ); + return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, + key, key_bitlen); } static const mbedtls_cipher_base_t gcm_camellia_info = { @@ -950,11 +955,11 @@ static const mbedtls_cipher_info_t camellia_256_gcm_info = { #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) -static int ccm_camellia_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int ccm_camellia_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, - key, key_bitlen ); + return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, + key, key_bitlen); } static const mbedtls_cipher_base_t ccm_camellia_info = { @@ -1022,73 +1027,74 @@ static const mbedtls_cipher_info_t camellia_256_ccm_info = { #if defined(MBEDTLS_ARIA_C) -static int aria_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) +static int aria_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation, + const unsigned char *input, unsigned char *output) { (void) operation; - return mbedtls_aria_crypt_ecb( (mbedtls_aria_context *) ctx, input, - output ); + return mbedtls_aria_crypt_ecb((mbedtls_aria_context *) ctx, input, + output); } #if defined(MBEDTLS_CIPHER_MODE_CBC) -static int aria_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, unsigned char *iv, - const unsigned char *input, unsigned char *output ) +static int aria_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, unsigned char *iv, + const unsigned char *input, unsigned char *output) { - return mbedtls_aria_crypt_cbc( (mbedtls_aria_context *) ctx, operation, length, iv, - input, output ); + return mbedtls_aria_crypt_cbc((mbedtls_aria_context *) ctx, operation, length, iv, + input, output); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) -static int aria_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) +static int aria_crypt_cfb128_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, size_t *iv_off, unsigned char *iv, + const unsigned char *input, unsigned char *output) { - return mbedtls_aria_crypt_cfb128( (mbedtls_aria_context *) ctx, operation, length, - iv_off, iv, input, output ); + return mbedtls_aria_crypt_cfb128((mbedtls_aria_context *) ctx, operation, length, + iv_off, iv, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) -static int aria_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) +static int aria_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off, + unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output) { - return mbedtls_aria_crypt_ctr( (mbedtls_aria_context *) ctx, length, nc_off, - nonce_counter, stream_block, input, output ); + return mbedtls_aria_crypt_ctr((mbedtls_aria_context *) ctx, length, nc_off, + nonce_counter, stream_block, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CTR */ -static int aria_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int aria_setkey_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_aria_setkey_dec( (mbedtls_aria_context *) ctx, key, key_bitlen ); + return mbedtls_aria_setkey_dec((mbedtls_aria_context *) ctx, key, key_bitlen); } -static int aria_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int aria_setkey_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_aria_setkey_enc( (mbedtls_aria_context *) ctx, key, key_bitlen ); + return mbedtls_aria_setkey_enc((mbedtls_aria_context *) ctx, key, key_bitlen); } -static void * aria_ctx_alloc( void ) +static void *aria_ctx_alloc(void) { mbedtls_aria_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_aria_context ) ); + ctx = mbedtls_calloc(1, sizeof(mbedtls_aria_context)); - if( ctx == NULL ) - return( NULL ); + if (ctx == NULL) { + return NULL; + } - mbedtls_aria_init( ctx ); + mbedtls_aria_init(ctx); - return( ctx ); + return ctx; } -static void aria_ctx_free( void *ctx ) +static void aria_ctx_free(void *ctx) { - mbedtls_aria_free( (mbedtls_aria_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_aria_free((mbedtls_aria_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t aria_info = { @@ -1257,11 +1263,11 @@ static const mbedtls_cipher_info_t aria_256_ctr_info = { #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_GCM_C) -static int gcm_aria_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int gcm_aria_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA, - key, key_bitlen ); + return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA, + key, key_bitlen); } static const mbedtls_cipher_base_t gcm_aria_info = { @@ -1326,11 +1332,11 @@ static const mbedtls_cipher_info_t aria_256_gcm_info = { #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) -static int ccm_aria_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int ccm_aria_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA, - key, key_bitlen ); + return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA, + key, key_bitlen); } static const mbedtls_cipher_base_t ccm_aria_info = { @@ -1398,121 +1404,123 @@ static const mbedtls_cipher_info_t aria_256_ccm_info = { #if defined(MBEDTLS_DES_C) -static int des_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) +static int des_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation, + const unsigned char *input, unsigned char *output) { ((void) operation); - return mbedtls_des_crypt_ecb( (mbedtls_des_context *) ctx, input, output ); + return mbedtls_des_crypt_ecb((mbedtls_des_context *) ctx, input, output); } -static int des3_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) +static int des3_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation, + const unsigned char *input, unsigned char *output) { ((void) operation); - return mbedtls_des3_crypt_ecb( (mbedtls_des3_context *) ctx, input, output ); + return mbedtls_des3_crypt_ecb((mbedtls_des3_context *) ctx, input, output); } #if defined(MBEDTLS_CIPHER_MODE_CBC) -static int des_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, - unsigned char *iv, const unsigned char *input, unsigned char *output ) +static int des_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t length, + unsigned char *iv, const unsigned char *input, unsigned char *output) { - return mbedtls_des_crypt_cbc( (mbedtls_des_context *) ctx, operation, length, iv, input, - output ); + return mbedtls_des_crypt_cbc((mbedtls_des_context *) ctx, operation, length, iv, input, + output); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CBC) -static int des3_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, - unsigned char *iv, const unsigned char *input, unsigned char *output ) +static int des3_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t length, + unsigned char *iv, const unsigned char *input, unsigned char *output) { - return mbedtls_des3_crypt_cbc( (mbedtls_des3_context *) ctx, operation, length, iv, input, - output ); + return mbedtls_des3_crypt_cbc((mbedtls_des3_context *) ctx, operation, length, iv, input, + output); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ -static int des_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int des_setkey_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) key_bitlen); - return mbedtls_des_setkey_dec( (mbedtls_des_context *) ctx, key ); + return mbedtls_des_setkey_dec((mbedtls_des_context *) ctx, key); } -static int des_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int des_setkey_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) key_bitlen); - return mbedtls_des_setkey_enc( (mbedtls_des_context *) ctx, key ); + return mbedtls_des_setkey_enc((mbedtls_des_context *) ctx, key); } -static int des3_set2key_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int des3_set2key_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) key_bitlen); - return mbedtls_des3_set2key_dec( (mbedtls_des3_context *) ctx, key ); + return mbedtls_des3_set2key_dec((mbedtls_des3_context *) ctx, key); } -static int des3_set2key_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int des3_set2key_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) key_bitlen); - return mbedtls_des3_set2key_enc( (mbedtls_des3_context *) ctx, key ); + return mbedtls_des3_set2key_enc((mbedtls_des3_context *) ctx, key); } -static int des3_set3key_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int des3_set3key_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) key_bitlen); - return mbedtls_des3_set3key_dec( (mbedtls_des3_context *) ctx, key ); + return mbedtls_des3_set3key_dec((mbedtls_des3_context *) ctx, key); } -static int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int des3_set3key_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) key_bitlen); - return mbedtls_des3_set3key_enc( (mbedtls_des3_context *) ctx, key ); + return mbedtls_des3_set3key_enc((mbedtls_des3_context *) ctx, key); } -static void * des_ctx_alloc( void ) +static void *des_ctx_alloc(void) { - mbedtls_des_context *des = mbedtls_calloc( 1, sizeof( mbedtls_des_context ) ); + mbedtls_des_context *des = mbedtls_calloc(1, sizeof(mbedtls_des_context)); - if( des == NULL ) - return( NULL ); + if (des == NULL) { + return NULL; + } - mbedtls_des_init( des ); + mbedtls_des_init(des); - return( des ); + return des; } -static void des_ctx_free( void *ctx ) +static void des_ctx_free(void *ctx) { - mbedtls_des_free( (mbedtls_des_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_des_free((mbedtls_des_context *) ctx); + mbedtls_free(ctx); } -static void * des3_ctx_alloc( void ) +static void *des3_ctx_alloc(void) { mbedtls_des3_context *des3; - des3 = mbedtls_calloc( 1, sizeof( mbedtls_des3_context ) ); + des3 = mbedtls_calloc(1, sizeof(mbedtls_des3_context)); - if( des3 == NULL ) - return( NULL ); + if (des3 == NULL) { + return NULL; + } - mbedtls_des3_init( des3 ); + mbedtls_des3_init(des3); - return( des3 ); + return des3; } -static void des3_ctx_free( void *ctx ) +static void des3_ctx_free(void *ctx) { - mbedtls_des3_free( (mbedtls_des3_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_des3_free((mbedtls_des3_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t des_info = { @@ -1670,66 +1678,67 @@ static const mbedtls_cipher_info_t des_ede3_cbc_info = { #if defined(MBEDTLS_BLOWFISH_C) -static int blowfish_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) +static int blowfish_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation, + const unsigned char *input, unsigned char *output) { - return mbedtls_blowfish_crypt_ecb( (mbedtls_blowfish_context *) ctx, operation, input, - output ); + return mbedtls_blowfish_crypt_ecb((mbedtls_blowfish_context *) ctx, operation, input, + output); } #if defined(MBEDTLS_CIPHER_MODE_CBC) -static int blowfish_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, unsigned char *iv, const unsigned char *input, - unsigned char *output ) +static int blowfish_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, unsigned char *iv, const unsigned char *input, + unsigned char *output) { - return mbedtls_blowfish_crypt_cbc( (mbedtls_blowfish_context *) ctx, operation, length, iv, - input, output ); + return mbedtls_blowfish_crypt_cbc((mbedtls_blowfish_context *) ctx, operation, length, iv, + input, output); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) -static int blowfish_crypt_cfb64_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) +static int blowfish_crypt_cfb64_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, size_t *iv_off, unsigned char *iv, + const unsigned char *input, unsigned char *output) { - return mbedtls_blowfish_crypt_cfb64( (mbedtls_blowfish_context *) ctx, operation, length, - iv_off, iv, input, output ); + return mbedtls_blowfish_crypt_cfb64((mbedtls_blowfish_context *) ctx, operation, length, + iv_off, iv, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) -static int blowfish_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) +static int blowfish_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off, + unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output) { - return mbedtls_blowfish_crypt_ctr( (mbedtls_blowfish_context *) ctx, length, nc_off, - nonce_counter, stream_block, input, output ); + return mbedtls_blowfish_crypt_ctr((mbedtls_blowfish_context *) ctx, length, nc_off, + nonce_counter, stream_block, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CTR */ -static int blowfish_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int blowfish_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_blowfish_setkey( (mbedtls_blowfish_context *) ctx, key, key_bitlen ); + return mbedtls_blowfish_setkey((mbedtls_blowfish_context *) ctx, key, key_bitlen); } -static void * blowfish_ctx_alloc( void ) +static void *blowfish_ctx_alloc(void) { mbedtls_blowfish_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_blowfish_context ) ); + ctx = mbedtls_calloc(1, sizeof(mbedtls_blowfish_context)); - if( ctx == NULL ) - return( NULL ); + if (ctx == NULL) { + return NULL; + } - mbedtls_blowfish_init( ctx ); + mbedtls_blowfish_init(ctx); - return( ctx ); + return ctx; } -static void blowfish_ctx_free( void *ctx ) +static void blowfish_ctx_free(void *ctx) { - mbedtls_blowfish_free( (mbedtls_blowfish_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_blowfish_free((mbedtls_blowfish_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t blowfish_info = { @@ -1811,41 +1820,43 @@ static const mbedtls_cipher_info_t blowfish_ctr_info = { #endif /* MBEDTLS_BLOWFISH_C */ #if defined(MBEDTLS_ARC4_C) -static int arc4_crypt_stream_wrap( void *ctx, size_t length, - const unsigned char *input, - unsigned char *output ) +static int arc4_crypt_stream_wrap(void *ctx, size_t length, + const unsigned char *input, + unsigned char *output) { - return( mbedtls_arc4_crypt( (mbedtls_arc4_context *) ctx, length, input, output ) ); + return mbedtls_arc4_crypt((mbedtls_arc4_context *) ctx, length, input, output); } -static int arc4_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int arc4_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { /* we get key_bitlen in bits, arc4 expects it in bytes */ - if( key_bitlen % 8 != 0 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (key_bitlen % 8 != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - mbedtls_arc4_setup( (mbedtls_arc4_context *) ctx, key, key_bitlen / 8 ); - return( 0 ); + mbedtls_arc4_setup((mbedtls_arc4_context *) ctx, key, key_bitlen / 8); + return 0; } -static void * arc4_ctx_alloc( void ) +static void *arc4_ctx_alloc(void) { mbedtls_arc4_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_arc4_context ) ); + ctx = mbedtls_calloc(1, sizeof(mbedtls_arc4_context)); - if( ctx == NULL ) - return( NULL ); + if (ctx == NULL) { + return NULL; + } - mbedtls_arc4_init( ctx ); + mbedtls_arc4_init(ctx); - return( ctx ); + return ctx; } -static void arc4_ctx_free( void *ctx ) +static void arc4_ctx_free(void *ctx) { - mbedtls_arc4_free( (mbedtls_arc4_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_arc4_free((mbedtls_arc4_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t arc4_base_info = { @@ -1889,48 +1900,52 @@ static const mbedtls_cipher_info_t arc4_128_info = { #if defined(MBEDTLS_CHACHA20_C) -static int chacha20_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int chacha20_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - if( key_bitlen != 256U ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (key_bitlen != 256U) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - if ( 0 != mbedtls_chacha20_setkey( (mbedtls_chacha20_context*)ctx, key ) ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (0 != mbedtls_chacha20_setkey((mbedtls_chacha20_context *) ctx, key)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - return( 0 ); + return 0; } -static int chacha20_stream_wrap( void *ctx, size_t length, - const unsigned char *input, - unsigned char *output ) +static int chacha20_stream_wrap(void *ctx, size_t length, + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ret = mbedtls_chacha20_update( ctx, length, input, output ); - if( ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + ret = mbedtls_chacha20_update(ctx, length, input, output); + if (ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - return( ret ); + return ret; } -static void * chacha20_ctx_alloc( void ) +static void *chacha20_ctx_alloc(void) { mbedtls_chacha20_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_chacha20_context ) ); + ctx = mbedtls_calloc(1, sizeof(mbedtls_chacha20_context)); - if( ctx == NULL ) - return( NULL ); + if (ctx == NULL) { + return NULL; + } - mbedtls_chacha20_init( ctx ); + mbedtls_chacha20_init(ctx); - return( ctx ); + return ctx; } -static void chacha20_ctx_free( void *ctx ) +static void chacha20_ctx_free(void *ctx) { - mbedtls_chacha20_free( (mbedtls_chacha20_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_chacha20_free((mbedtls_chacha20_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t chacha20_base_info = { @@ -1973,36 +1988,39 @@ static const mbedtls_cipher_info_t chacha20_info = { #if defined(MBEDTLS_CHACHAPOLY_C) -static int chachapoly_setkey_wrap( void *ctx, - const unsigned char *key, - unsigned int key_bitlen ) +static int chachapoly_setkey_wrap(void *ctx, + const unsigned char *key, + unsigned int key_bitlen) { - if( key_bitlen != 256U ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (key_bitlen != 256U) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - if ( 0 != mbedtls_chachapoly_setkey( (mbedtls_chachapoly_context*)ctx, key ) ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (0 != mbedtls_chachapoly_setkey((mbedtls_chachapoly_context *) ctx, key)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - return( 0 ); + return 0; } -static void * chachapoly_ctx_alloc( void ) +static void *chachapoly_ctx_alloc(void) { mbedtls_chachapoly_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_chachapoly_context ) ); + ctx = mbedtls_calloc(1, sizeof(mbedtls_chachapoly_context)); - if( ctx == NULL ) - return( NULL ); + if (ctx == NULL) { + return NULL; + } - mbedtls_chachapoly_init( ctx ); + mbedtls_chachapoly_init(ctx); - return( ctx ); + return ctx; } -static void chachapoly_ctx_free( void *ctx ) +static void chachapoly_ctx_free(void *ctx) { - mbedtls_chachapoly_free( (mbedtls_chachapoly_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_chachapoly_free((mbedtls_chachapoly_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t chachapoly_base_info = { @@ -2044,31 +2062,31 @@ static const mbedtls_cipher_info_t chachapoly_info = { #endif /* MBEDTLS_CHACHAPOLY_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) -static int null_crypt_stream( void *ctx, size_t length, - const unsigned char *input, - unsigned char *output ) +static int null_crypt_stream(void *ctx, size_t length, + const unsigned char *input, + unsigned char *output) { ((void) ctx); - memmove( output, input, length ); - return( 0 ); + memmove(output, input, length); + return 0; } -static int null_setkey( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int null_setkey(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) ctx); ((void) key); ((void) key_bitlen); - return( 0 ); + return 0; } -static void * null_ctx_alloc( void ) +static void *null_ctx_alloc(void) { - return( (void *) 1 ); + return (void *) 1; } -static void null_ctx_free( void *ctx ) +static void null_ctx_free(void *ctx) { ((void) ctx); } @@ -2113,34 +2131,35 @@ static const mbedtls_cipher_info_t null_cipher_info = { #endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */ #if defined(MBEDTLS_NIST_KW_C) -static void *kw_ctx_alloc( void ) +static void *kw_ctx_alloc(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_nist_kw_context ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_nist_kw_context)); - if( ctx != NULL ) - mbedtls_nist_kw_init( (mbedtls_nist_kw_context *) ctx ); + if (ctx != NULL) { + mbedtls_nist_kw_init((mbedtls_nist_kw_context *) ctx); + } - return( ctx ); + return ctx; } -static void kw_ctx_free( void *ctx ) +static void kw_ctx_free(void *ctx) { - mbedtls_nist_kw_free( ctx ); - mbedtls_free( ctx ); + mbedtls_nist_kw_free(ctx); + mbedtls_free(ctx); } -static int kw_aes_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int kw_aes_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_nist_kw_setkey( (mbedtls_nist_kw_context *) ctx, - MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 1 ); + return mbedtls_nist_kw_setkey((mbedtls_nist_kw_context *) ctx, + MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 1); } -static int kw_aes_setkey_unwrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int kw_aes_setkey_unwrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_nist_kw_setkey( (mbedtls_nist_kw_context *) ctx, - MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 0 ); + return mbedtls_nist_kw_setkey((mbedtls_nist_kw_context *) ctx, + MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 0); } static const mbedtls_cipher_base_t kw_aes_info = { @@ -2393,8 +2412,8 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { MBEDTLS_CIPHER_NONE, NULL } }; -#define NUM_CIPHERS ( sizeof(mbedtls_cipher_definitions) / \ - sizeof(mbedtls_cipher_definitions[0]) ) +#define NUM_CIPHERS (sizeof(mbedtls_cipher_definitions) / \ + sizeof(mbedtls_cipher_definitions[0])) int mbedtls_cipher_supported[NUM_CIPHERS]; #endif /* MBEDTLS_CIPHER_C */ diff --git a/library/cmac.c b/library/cmac.c index 3cc49d10cc22..0c07de6f2fcf 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -63,9 +63,9 @@ * Input and output MUST NOT point to the same buffer * Block size must be 8 bytes or 16 bytes - the block sizes for DES and AES. */ -static int cmac_multiply_by_u( unsigned char *output, - const unsigned char *input, - size_t blocksize ) +static int cmac_multiply_by_u(unsigned char *output, + const unsigned char *input, + size_t blocksize) { const unsigned char R_128 = 0x87; const unsigned char R_64 = 0x1B; @@ -73,21 +73,15 @@ static int cmac_multiply_by_u( unsigned char *output, unsigned char overflow = 0x00; int i; - if( blocksize == MBEDTLS_AES_BLOCK_SIZE ) - { + if (blocksize == MBEDTLS_AES_BLOCK_SIZE) { R_n = R_128; - } - else if( blocksize == MBEDTLS_DES3_BLOCK_SIZE ) - { + } else if (blocksize == MBEDTLS_DES3_BLOCK_SIZE) { R_n = R_64; - } - else - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + } else { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - for( i = (int)blocksize - 1; i >= 0; i-- ) - { + for (i = (int) blocksize - 1; i >= 0; i--) { output[i] = input[i] << 1 | overflow; overflow = input[i] >> 7; } @@ -101,14 +95,14 @@ static int cmac_multiply_by_u( unsigned char *output, #pragma warning( push ) #pragma warning( disable : 4146 ) #endif - mask = - ( input[0] >> 7 ); + mask = -(input[0] >> 7); #if defined(_MSC_VER) #pragma warning( pop ) #endif - output[ blocksize - 1 ] ^= R_n & mask; + output[blocksize - 1] ^= R_n & mask; - return( 0 ); + return 0; } /* @@ -116,46 +110,50 @@ static int cmac_multiply_by_u( unsigned char *output, * * - as specified by RFC 4493, section 2.3 Subkey Generation Algorithm */ -static int cmac_generate_subkeys( mbedtls_cipher_context_t *ctx, - unsigned char* K1, unsigned char* K2 ) +static int cmac_generate_subkeys(mbedtls_cipher_context_t *ctx, + unsigned char *K1, unsigned char *K2) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char L[MBEDTLS_CIPHER_BLKSIZE_MAX]; size_t olen, block_size; - mbedtls_platform_zeroize( L, sizeof( L ) ); + mbedtls_platform_zeroize(L, sizeof(L)); block_size = ctx->cipher_info->block_size; /* Calculate Ek(0) */ - if( ( ret = mbedtls_cipher_update( ctx, L, block_size, L, &olen ) ) != 0 ) + if ((ret = mbedtls_cipher_update(ctx, L, block_size, L, &olen)) != 0) { goto exit; + } /* * Generate K1 and K2 */ - if( ( ret = cmac_multiply_by_u( K1, L , block_size ) ) != 0 ) + if ((ret = cmac_multiply_by_u(K1, L, block_size)) != 0) { goto exit; + } - if( ( ret = cmac_multiply_by_u( K2, K1 , block_size ) ) != 0 ) + if ((ret = cmac_multiply_by_u(K2, K1, block_size)) != 0) { goto exit; + } exit: - mbedtls_platform_zeroize( L, sizeof( L ) ); + mbedtls_platform_zeroize(L, sizeof(L)); - return( ret ); + return ret; } #endif /* !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST) */ #if !defined(MBEDTLS_CMAC_ALT) -static void cmac_xor_block( unsigned char *output, const unsigned char *input1, - const unsigned char *input2, - const size_t block_size ) +static void cmac_xor_block(unsigned char *output, const unsigned char *input1, + const unsigned char *input2, + const size_t block_size) { size_t idx; - for( idx = 0; idx < block_size; idx++ ) - output[ idx ] = input1[ idx ] ^ input2[ idx ]; + for (idx = 0; idx < block_size; idx++) { + output[idx] = input1[idx] ^ input2[idx]; + } } /* @@ -164,75 +162,78 @@ static void cmac_xor_block( unsigned char *output, const unsigned char *input1, * We can't use the padding option from the cipher layer, as it only works for * CBC and we use ECB mode, and anyway we need to XOR K1 or K2 in addition. */ -static void cmac_pad( unsigned char padded_block[MBEDTLS_CIPHER_BLKSIZE_MAX], - size_t padded_block_len, - const unsigned char *last_block, - size_t last_block_len ) +static void cmac_pad(unsigned char padded_block[MBEDTLS_CIPHER_BLKSIZE_MAX], + size_t padded_block_len, + const unsigned char *last_block, + size_t last_block_len) { size_t j; - for( j = 0; j < padded_block_len; j++ ) - { - if( j < last_block_len ) + for (j = 0; j < padded_block_len; j++) { + if (j < last_block_len) { padded_block[j] = last_block[j]; - else if( j == last_block_len ) + } else if (j == last_block_len) { padded_block[j] = 0x80; - else + } else { padded_block[j] = 0x00; + } } } -int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, - const unsigned char *key, size_t keybits ) +int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx, + const unsigned char *key, size_t keybits) { mbedtls_cipher_type_t type; mbedtls_cmac_context_t *cmac_ctx; int retval; - if( ctx == NULL || ctx->cipher_info == NULL || key == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->cipher_info == NULL || key == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - if( ( retval = mbedtls_cipher_setkey( ctx, key, (int)keybits, - MBEDTLS_ENCRYPT ) ) != 0 ) - return( retval ); + if ((retval = mbedtls_cipher_setkey(ctx, key, (int) keybits, + MBEDTLS_ENCRYPT)) != 0) { + return retval; + } type = ctx->cipher_info->type; - switch( type ) - { + switch (type) { case MBEDTLS_CIPHER_AES_128_ECB: case MBEDTLS_CIPHER_AES_192_ECB: case MBEDTLS_CIPHER_AES_256_ECB: case MBEDTLS_CIPHER_DES_EDE3_ECB: break; default: - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } /* Allocated and initialise in the cipher context memory for the CMAC * context */ - cmac_ctx = mbedtls_calloc( 1, sizeof( mbedtls_cmac_context_t ) ); - if( cmac_ctx == NULL ) - return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); + cmac_ctx = mbedtls_calloc(1, sizeof(mbedtls_cmac_context_t)); + if (cmac_ctx == NULL) { + return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; + } ctx->cmac_ctx = cmac_ctx; - mbedtls_platform_zeroize( cmac_ctx->state, sizeof( cmac_ctx->state ) ); + mbedtls_platform_zeroize(cmac_ctx->state, sizeof(cmac_ctx->state)); return 0; } -int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, - const unsigned char *input, size_t ilen ) +int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx, + const unsigned char *input, size_t ilen) { - mbedtls_cmac_context_t* cmac_ctx; + mbedtls_cmac_context_t *cmac_ctx; unsigned char *state; int ret = 0; size_t n, j, olen, block_size; - if( ctx == NULL || ctx->cipher_info == NULL || input == NULL || - ctx->cmac_ctx == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->cipher_info == NULL || input == NULL || + ctx->cmac_ctx == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } cmac_ctx = ctx->cmac_ctx; block_size = ctx->cipher_info->block_size; @@ -240,19 +241,17 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, /* Is there data still to process from the last call, that's greater in * size than a block? */ - if( cmac_ctx->unprocessed_len > 0 && - ilen > block_size - cmac_ctx->unprocessed_len ) - { - memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len], - input, - block_size - cmac_ctx->unprocessed_len ); + if (cmac_ctx->unprocessed_len > 0 && + ilen > block_size - cmac_ctx->unprocessed_len) { + memcpy(&cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len], + input, + block_size - cmac_ctx->unprocessed_len); - cmac_xor_block( state, cmac_ctx->unprocessed_block, state, block_size ); + cmac_xor_block(state, cmac_ctx->unprocessed_block, state, block_size); - if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state, - &olen ) ) != 0 ) - { - goto exit; + if ((ret = mbedtls_cipher_update(ctx, state, block_size, state, + &olen)) != 0) { + goto exit; } input += block_size - cmac_ctx->unprocessed_len; @@ -261,39 +260,38 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, } /* n is the number of blocks including any final partial block */ - n = ( ilen + block_size - 1 ) / block_size; + n = (ilen + block_size - 1) / block_size; /* Iterate across the input data in block sized chunks, excluding any * final partial or complete block */ - for( j = 1; j < n; j++ ) - { - cmac_xor_block( state, input, state, block_size ); + for (j = 1; j < n; j++) { + cmac_xor_block(state, input, state, block_size); - if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state, - &olen ) ) != 0 ) - goto exit; + if ((ret = mbedtls_cipher_update(ctx, state, block_size, state, + &olen)) != 0) { + goto exit; + } ilen -= block_size; input += block_size; } /* If there is data left over that wasn't aligned to a block */ - if( ilen > 0 ) - { - memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len], - input, - ilen ); + if (ilen > 0) { + memcpy(&cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len], + input, + ilen); cmac_ctx->unprocessed_len += ilen; } exit: - return( ret ); + return ret; } -int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, - unsigned char *output ) +int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx, + unsigned char *output) { - mbedtls_cmac_context_t* cmac_ctx; + mbedtls_cmac_context_t *cmac_ctx; unsigned char *state, *last_block; unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX]; unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX]; @@ -301,153 +299,153 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen, block_size; - if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL || - output == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL || + output == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } cmac_ctx = ctx->cmac_ctx; block_size = ctx->cipher_info->block_size; state = cmac_ctx->state; - mbedtls_platform_zeroize( K1, sizeof( K1 ) ); - mbedtls_platform_zeroize( K2, sizeof( K2 ) ); - cmac_generate_subkeys( ctx, K1, K2 ); + mbedtls_platform_zeroize(K1, sizeof(K1)); + mbedtls_platform_zeroize(K2, sizeof(K2)); + cmac_generate_subkeys(ctx, K1, K2); last_block = cmac_ctx->unprocessed_block; /* Calculate last block */ - if( cmac_ctx->unprocessed_len < block_size ) - { - cmac_pad( M_last, block_size, last_block, cmac_ctx->unprocessed_len ); - cmac_xor_block( M_last, M_last, K2, block_size ); - } - else - { + if (cmac_ctx->unprocessed_len < block_size) { + cmac_pad(M_last, block_size, last_block, cmac_ctx->unprocessed_len); + cmac_xor_block(M_last, M_last, K2, block_size); + } else { /* Last block is complete block */ - cmac_xor_block( M_last, last_block, K1, block_size ); + cmac_xor_block(M_last, last_block, K1, block_size); } - cmac_xor_block( state, M_last, state, block_size ); - if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state, - &olen ) ) != 0 ) - { + cmac_xor_block(state, M_last, state, block_size); + if ((ret = mbedtls_cipher_update(ctx, state, block_size, state, + &olen)) != 0) { goto exit; } - memcpy( output, state, block_size ); + memcpy(output, state, block_size); exit: /* Wipe the generated keys on the stack, and any other transients to avoid * side channel leakage */ - mbedtls_platform_zeroize( K1, sizeof( K1 ) ); - mbedtls_platform_zeroize( K2, sizeof( K2 ) ); + mbedtls_platform_zeroize(K1, sizeof(K1)); + mbedtls_platform_zeroize(K2, sizeof(K2)); cmac_ctx->unprocessed_len = 0; - mbedtls_platform_zeroize( cmac_ctx->unprocessed_block, - sizeof( cmac_ctx->unprocessed_block ) ); + mbedtls_platform_zeroize(cmac_ctx->unprocessed_block, + sizeof(cmac_ctx->unprocessed_block)); - mbedtls_platform_zeroize( state, MBEDTLS_CIPHER_BLKSIZE_MAX ); - return( ret ); + mbedtls_platform_zeroize(state, MBEDTLS_CIPHER_BLKSIZE_MAX); + return ret; } -int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ) +int mbedtls_cipher_cmac_reset(mbedtls_cipher_context_t *ctx) { - mbedtls_cmac_context_t* cmac_ctx; + mbedtls_cmac_context_t *cmac_ctx; - if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } cmac_ctx = ctx->cmac_ctx; /* Reset the internal state */ cmac_ctx->unprocessed_len = 0; - mbedtls_platform_zeroize( cmac_ctx->unprocessed_block, - sizeof( cmac_ctx->unprocessed_block ) ); - mbedtls_platform_zeroize( cmac_ctx->state, - sizeof( cmac_ctx->state ) ); + mbedtls_platform_zeroize(cmac_ctx->unprocessed_block, + sizeof(cmac_ctx->unprocessed_block)); + mbedtls_platform_zeroize(cmac_ctx->state, + sizeof(cmac_ctx->state)); - return( 0 ); + return 0; } -int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, - const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ) +int mbedtls_cipher_cmac(const mbedtls_cipher_info_t *cipher_info, + const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output) { mbedtls_cipher_context_t ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( cipher_info == NULL || key == NULL || input == NULL || output == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (cipher_info == NULL || key == NULL || input == NULL || output == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 ) + if ((ret = mbedtls_cipher_setup(&ctx, cipher_info)) != 0) { goto exit; + } - ret = mbedtls_cipher_cmac_starts( &ctx, key, keylen ); - if( ret != 0 ) + ret = mbedtls_cipher_cmac_starts(&ctx, key, keylen); + if (ret != 0) { goto exit; + } - ret = mbedtls_cipher_cmac_update( &ctx, input, ilen ); - if( ret != 0 ) + ret = mbedtls_cipher_cmac_update(&ctx, input, ilen); + if (ret != 0) { goto exit; + } - ret = mbedtls_cipher_cmac_finish( &ctx, output ); + ret = mbedtls_cipher_cmac_finish(&ctx, output); exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); - return( ret ); + return ret; } #if defined(MBEDTLS_AES_C) /* * Implementation of AES-CMAC-PRF-128 defined in RFC 4615 */ -int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length, - const unsigned char *input, size_t in_len, - unsigned char output[16] ) +int mbedtls_aes_cmac_prf_128(const unsigned char *key, size_t key_length, + const unsigned char *input, size_t in_len, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE]; unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE]; - if( key == NULL || input == NULL || output == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (key == NULL || input == NULL || output == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB ); - if( cipher_info == NULL ) - { + cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB); + if (cipher_info == NULL) { /* Failing at this point must be due to a build issue */ ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; goto exit; } - if( key_length == MBEDTLS_AES_BLOCK_SIZE ) - { + if (key_length == MBEDTLS_AES_BLOCK_SIZE) { /* Use key as is */ - memcpy( int_key, key, MBEDTLS_AES_BLOCK_SIZE ); - } - else - { - memset( zero_key, 0, MBEDTLS_AES_BLOCK_SIZE ); + memcpy(int_key, key, MBEDTLS_AES_BLOCK_SIZE); + } else { + memset(zero_key, 0, MBEDTLS_AES_BLOCK_SIZE); - ret = mbedtls_cipher_cmac( cipher_info, zero_key, 128, key, - key_length, int_key ); - if( ret != 0 ) + ret = mbedtls_cipher_cmac(cipher_info, zero_key, 128, key, + key_length, int_key); + if (ret != 0) { goto exit; + } } - ret = mbedtls_cipher_cmac( cipher_info, int_key, 128, input, in_len, - output ); + ret = mbedtls_cipher_cmac(cipher_info, int_key, 128, input, in_len, + output); exit: - mbedtls_platform_zeroize( int_key, sizeof( int_key ) ); + mbedtls_platform_zeroize(int_key, sizeof(int_key)); - return( ret ); + return ret; } #endif /* MBEDTLS_AES_C */ @@ -508,7 +506,8 @@ static const unsigned char aes_128_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = { 0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b } }; -static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = { +static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = +{ { /* Example #1 */ 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28, @@ -549,7 +548,8 @@ static const unsigned char aes_192_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = { 0x7d, 0xcc, 0x87, 0x3b, 0xa9, 0xb5, 0x45, 0x2c } }; -static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = { +static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = +{ { /* Example #1 */ 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5, @@ -591,7 +591,8 @@ static const unsigned char aes_256_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = { 0x5d, 0x35, 0x33, 0x01, 0x0c, 0x42, 0xa0, 0xd9 } }; -static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = { +static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = +{ { /* Example #1 */ 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e, @@ -643,7 +644,8 @@ static const unsigned char des3_2key_subkeys[2][8] = { 0x1b, 0xa5, 0x96, 0xf4, 0x7b, 0x11, 0x11, 0xb2 } }; -static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = { +static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] + = { { /* Sample #1 */ 0x79, 0xce, 0x52, 0xa7, 0xf7, 0x86, 0xa9, 0x60 @@ -660,7 +662,7 @@ static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBED /* Sample #4 */ 0x9c, 0xd3, 0x35, 0x80, 0xf9, 0xb6, 0x4d, 0xfb } -}; + }; /* CMAC-TDES (Generation) - 3 Key Test Data */ static const unsigned char des3_3key_key[24] = { @@ -681,7 +683,8 @@ static const unsigned char des3_3key_subkeys[2][8] = { 0x3a, 0xe9, 0xce, 0x72, 0x66, 0x2f, 0x2d, 0x9b } }; -static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = { +static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] + = { { /* Sample #1 */ 0x7d, 0xb0, 0xd3, 0x7d, 0xf9, 0x36, 0xc5, 0x50 @@ -698,7 +701,7 @@ static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBED /* Sample #4 */ 0x99, 0x42, 0x9b, 0xd0, 0xbF, 0x79, 0x04, 0xe5 } -}; + }; #endif /* MBEDTLS_DES_C */ @@ -741,14 +744,14 @@ static const unsigned char PRFT[NB_PRF_TESTS][16] = { }; #endif /* MBEDTLS_AES_C */ -static int cmac_test_subkeys( int verbose, - const char* testname, - const unsigned char* key, - int keybits, - const unsigned char* subkeys, - mbedtls_cipher_type_t cipher_type, - int block_size, - int num_tests ) +static int cmac_test_subkeys(int verbose, + const char *testname, + const unsigned char *key, + int keybits, + const unsigned char *subkeys, + mbedtls_cipher_type_t cipher_type, + int block_size, + int num_tests) { int i, ret = 0; mbedtls_cipher_context_t ctx; @@ -756,330 +759,321 @@ static int cmac_test_subkeys( int verbose, unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX]; unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX]; - cipher_info = mbedtls_cipher_info_from_type( cipher_type ); - if( cipher_info == NULL ) - { + cipher_info = mbedtls_cipher_info_from_type(cipher_type); + if (cipher_info == NULL) { /* Failing at this point must be due to a build issue */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } - for( i = 0; i < num_tests; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " %s CMAC subkey #%d: ", testname, i + 1 ); + for (i = 0; i < num_tests; i++) { + if (verbose != 0) { + mbedtls_printf(" %s CMAC subkey #%d: ", testname, i + 1); + } - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "test execution failed\n" ); + if ((ret = mbedtls_cipher_setup(&ctx, cipher_info)) != 0) { + if (verbose != 0) { + mbedtls_printf("test execution failed\n"); + } goto cleanup; } - if( ( ret = mbedtls_cipher_setkey( &ctx, key, keybits, - MBEDTLS_ENCRYPT ) ) != 0 ) - { + if ((ret = mbedtls_cipher_setkey(&ctx, key, keybits, + MBEDTLS_ENCRYPT)) != 0) { /* When CMAC is implemented by an alternative implementation, or * the underlying primitive itself is implemented alternatively, * AES-192 may be unavailable. This should not cause the selftest * function to fail. */ - if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED || - ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) && - cipher_type == MBEDTLS_CIPHER_AES_192_ECB ) { - if( verbose != 0 ) - mbedtls_printf( "skipped\n" ); + if ((ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED || + ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) && + cipher_type == MBEDTLS_CIPHER_AES_192_ECB) { + if (verbose != 0) { + mbedtls_printf("skipped\n"); + } goto next_test; } - if( verbose != 0 ) - mbedtls_printf( "test execution failed\n" ); + if (verbose != 0) { + mbedtls_printf("test execution failed\n"); + } goto cleanup; } - ret = cmac_generate_subkeys( &ctx, K1, K2 ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + ret = cmac_generate_subkeys(&ctx, K1, K2); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto cleanup; } - if( ( ret = memcmp( K1, subkeys, block_size ) ) != 0 || - ( ret = memcmp( K2, &subkeys[block_size], block_size ) ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if ((ret = memcmp(K1, subkeys, block_size)) != 0 || + (ret = memcmp(K2, &subkeys[block_size], block_size)) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } next_test: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } ret = 0; goto exit; cleanup: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); exit: - return( ret ); + return ret; } -static int cmac_test_wth_cipher( int verbose, - const char* testname, - const unsigned char* key, - int keybits, - const unsigned char* messages, - const unsigned int message_lengths[4], - const unsigned char* expected_result, - mbedtls_cipher_type_t cipher_type, - int block_size, - int num_tests ) +static int cmac_test_wth_cipher(int verbose, + const char *testname, + const unsigned char *key, + int keybits, + const unsigned char *messages, + const unsigned int message_lengths[4], + const unsigned char *expected_result, + mbedtls_cipher_type_t cipher_type, + int block_size, + int num_tests) { const mbedtls_cipher_info_t *cipher_info; int i, ret = 0; unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX]; - cipher_info = mbedtls_cipher_info_from_type( cipher_type ); - if( cipher_info == NULL ) - { + cipher_info = mbedtls_cipher_info_from_type(cipher_type); + if (cipher_info == NULL) { /* Failing at this point must be due to a build issue */ ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; goto exit; } - for( i = 0; i < num_tests; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " %s CMAC #%d: ", testname, i + 1 ); + for (i = 0; i < num_tests; i++) { + if (verbose != 0) { + mbedtls_printf(" %s CMAC #%d: ", testname, i + 1); + } - if( ( ret = mbedtls_cipher_cmac( cipher_info, key, keybits, messages, - message_lengths[i], output ) ) != 0 ) - { + if ((ret = mbedtls_cipher_cmac(cipher_info, key, keybits, messages, + message_lengths[i], output)) != 0) { /* When CMAC is implemented by an alternative implementation, or * the underlying primitive itself is implemented alternatively, * AES-192 and/or 3DES may be unavailable. This should not cause * the selftest function to fail. */ - if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED || - ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) && - ( cipher_type == MBEDTLS_CIPHER_AES_192_ECB || - cipher_type == MBEDTLS_CIPHER_DES_EDE3_ECB ) ) { - if( verbose != 0 ) - mbedtls_printf( "skipped\n" ); + if ((ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED || + ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) && + (cipher_type == MBEDTLS_CIPHER_AES_192_ECB || + cipher_type == MBEDTLS_CIPHER_DES_EDE3_ECB)) { + if (verbose != 0) { + mbedtls_printf("skipped\n"); + } continue; } - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto exit; } - if( ( ret = memcmp( output, &expected_result[i * block_size], block_size ) ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if ((ret = memcmp(output, &expected_result[i * block_size], block_size)) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } ret = 0; exit: - return( ret ); + return ret; } #if defined(MBEDTLS_AES_C) -static int test_aes128_cmac_prf( int verbose ) +static int test_aes128_cmac_prf(int verbose) { int i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output[MBEDTLS_AES_BLOCK_SIZE]; - for( i = 0; i < NB_PRF_TESTS; i++ ) - { - mbedtls_printf( " AES CMAC 128 PRF #%d: ", i ); - ret = mbedtls_aes_cmac_prf_128( PRFK, PRFKlen[i], PRFM, 20, output ); - if( ret != 0 || - memcmp( output, PRFT[i], MBEDTLS_AES_BLOCK_SIZE ) != 0 ) - { + for (i = 0; i < NB_PRF_TESTS; i++) { + mbedtls_printf(" AES CMAC 128 PRF #%d: ", i); + ret = mbedtls_aes_cmac_prf_128(PRFK, PRFKlen[i], PRFM, 20, output); + if (ret != 0 || + memcmp(output, PRFT[i], MBEDTLS_AES_BLOCK_SIZE) != 0) { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( ret ); - } - else if( verbose != 0 ) - { - mbedtls_printf( "passed\n" ); + return ret; + } else if (verbose != 0) { + mbedtls_printf("passed\n"); } } - return( ret ); + return ret; } #endif /* MBEDTLS_AES_C */ -int mbedtls_cmac_self_test( int verbose ) +int mbedtls_cmac_self_test(int verbose) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_AES_C) /* AES-128 */ - if( ( ret = cmac_test_subkeys( verbose, - "AES 128", - aes_128_key, - 128, - (const unsigned char*)aes_128_subkeys, - MBEDTLS_CIPHER_AES_128_ECB, - MBEDTLS_AES_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_subkeys(verbose, + "AES 128", + aes_128_key, + 128, + (const unsigned char *) aes_128_subkeys, + MBEDTLS_CIPHER_AES_128_ECB, + MBEDTLS_AES_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } - if( ( ret = cmac_test_wth_cipher( verbose, - "AES 128", - aes_128_key, - 128, - test_message, - aes_message_lengths, - (const unsigned char*)aes_128_expected_result, - MBEDTLS_CIPHER_AES_128_ECB, - MBEDTLS_AES_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_wth_cipher(verbose, + "AES 128", + aes_128_key, + 128, + test_message, + aes_message_lengths, + (const unsigned char *) aes_128_expected_result, + MBEDTLS_CIPHER_AES_128_ECB, + MBEDTLS_AES_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } /* AES-192 */ - if( ( ret = cmac_test_subkeys( verbose, - "AES 192", - aes_192_key, - 192, - (const unsigned char*)aes_192_subkeys, - MBEDTLS_CIPHER_AES_192_ECB, - MBEDTLS_AES_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_subkeys(verbose, + "AES 192", + aes_192_key, + 192, + (const unsigned char *) aes_192_subkeys, + MBEDTLS_CIPHER_AES_192_ECB, + MBEDTLS_AES_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } - if( ( ret = cmac_test_wth_cipher( verbose, - "AES 192", - aes_192_key, - 192, - test_message, - aes_message_lengths, - (const unsigned char*)aes_192_expected_result, - MBEDTLS_CIPHER_AES_192_ECB, - MBEDTLS_AES_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_wth_cipher(verbose, + "AES 192", + aes_192_key, + 192, + test_message, + aes_message_lengths, + (const unsigned char *) aes_192_expected_result, + MBEDTLS_CIPHER_AES_192_ECB, + MBEDTLS_AES_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } /* AES-256 */ - if( ( ret = cmac_test_subkeys( verbose, - "AES 256", - aes_256_key, - 256, - (const unsigned char*)aes_256_subkeys, - MBEDTLS_CIPHER_AES_256_ECB, - MBEDTLS_AES_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_subkeys(verbose, + "AES 256", + aes_256_key, + 256, + (const unsigned char *) aes_256_subkeys, + MBEDTLS_CIPHER_AES_256_ECB, + MBEDTLS_AES_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } - if( ( ret = cmac_test_wth_cipher ( verbose, - "AES 256", - aes_256_key, - 256, - test_message, - aes_message_lengths, - (const unsigned char*)aes_256_expected_result, - MBEDTLS_CIPHER_AES_256_ECB, - MBEDTLS_AES_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_wth_cipher(verbose, + "AES 256", + aes_256_key, + 256, + test_message, + aes_message_lengths, + (const unsigned char *) aes_256_expected_result, + MBEDTLS_CIPHER_AES_256_ECB, + MBEDTLS_AES_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_DES_C) /* 3DES 2 key */ - if( ( ret = cmac_test_subkeys( verbose, - "3DES 2 key", - des3_2key_key, - 192, - (const unsigned char*)des3_2key_subkeys, - MBEDTLS_CIPHER_DES_EDE3_ECB, - MBEDTLS_DES3_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_subkeys(verbose, + "3DES 2 key", + des3_2key_key, + 192, + (const unsigned char *) des3_2key_subkeys, + MBEDTLS_CIPHER_DES_EDE3_ECB, + MBEDTLS_DES3_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } - if( ( ret = cmac_test_wth_cipher( verbose, - "3DES 2 key", - des3_2key_key, - 192, - test_message, - des3_message_lengths, - (const unsigned char*)des3_2key_expected_result, - MBEDTLS_CIPHER_DES_EDE3_ECB, - MBEDTLS_DES3_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_wth_cipher(verbose, + "3DES 2 key", + des3_2key_key, + 192, + test_message, + des3_message_lengths, + (const unsigned char *) des3_2key_expected_result, + MBEDTLS_CIPHER_DES_EDE3_ECB, + MBEDTLS_DES3_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } /* 3DES 3 key */ - if( ( ret = cmac_test_subkeys( verbose, - "3DES 3 key", - des3_3key_key, - 192, - (const unsigned char*)des3_3key_subkeys, - MBEDTLS_CIPHER_DES_EDE3_ECB, - MBEDTLS_DES3_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_subkeys(verbose, + "3DES 3 key", + des3_3key_key, + 192, + (const unsigned char *) des3_3key_subkeys, + MBEDTLS_CIPHER_DES_EDE3_ECB, + MBEDTLS_DES3_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } - if( ( ret = cmac_test_wth_cipher( verbose, - "3DES 3 key", - des3_3key_key, - 192, - test_message, - des3_message_lengths, - (const unsigned char*)des3_3key_expected_result, - MBEDTLS_CIPHER_DES_EDE3_ECB, - MBEDTLS_DES3_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_wth_cipher(verbose, + "3DES 3 key", + des3_3key_key, + 192, + test_message, + des3_message_lengths, + (const unsigned char *) des3_3key_expected_result, + MBEDTLS_CIPHER_DES_EDE3_ECB, + MBEDTLS_DES3_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } #endif /* MBEDTLS_DES_C */ #if defined(MBEDTLS_AES_C) - if( ( ret = test_aes128_cmac_prf( verbose ) ) != 0 ) - return( ret ); + if ((ret = test_aes128_cmac_prf(verbose)) != 0) { + return ret; + } #endif /* MBEDTLS_AES_C */ - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/common.h b/library/common.h index 1663d50226ff..2786c97d40e9 100644 --- a/library/common.h +++ b/library/common.h @@ -33,7 +33,7 @@ #include /* Define `inline` on some non-C99-compliant compilers. */ -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -75,9 +75,9 @@ * buffer is at least \p n + 1. */ static inline unsigned char *mbedtls_buffer_offset( - unsigned char *p, size_t n ) + unsigned char *p, size_t n) { - return( p == NULL ? NULL : p + n ); + return p == NULL ? NULL : p + n; } /** Return an offset into a read-only buffer. @@ -92,9 +92,9 @@ static inline unsigned char *mbedtls_buffer_offset( * buffer is at least \p n + 1. */ static inline const unsigned char *mbedtls_buffer_offset_const( - const unsigned char *p, size_t n ) + const unsigned char *p, size_t n) { - return( p == NULL ? NULL : p + n ); + return p == NULL ? NULL : p + n; } /** Byte Reading Macros @@ -102,14 +102,14 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th * byte from x, where byte 0 is the least significant byte. */ -#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) -#define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) -#define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) -#define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) -#define MBEDTLS_BYTE_4( x ) ( (uint8_t) ( ( ( x ) >> 32 ) & 0xff ) ) -#define MBEDTLS_BYTE_5( x ) ( (uint8_t) ( ( ( x ) >> 40 ) & 0xff ) ) -#define MBEDTLS_BYTE_6( x ) ( (uint8_t) ( ( ( x ) >> 48 ) & 0xff ) ) -#define MBEDTLS_BYTE_7( x ) ( (uint8_t) ( ( ( x ) >> 56 ) & 0xff ) ) +#define MBEDTLS_BYTE_0(x) ((uint8_t) ((x) & 0xff)) +#define MBEDTLS_BYTE_1(x) ((uint8_t) (((x) >> 8) & 0xff)) +#define MBEDTLS_BYTE_2(x) ((uint8_t) (((x) >> 16) & 0xff)) +#define MBEDTLS_BYTE_3(x) ((uint8_t) (((x) >> 24) & 0xff)) +#define MBEDTLS_BYTE_4(x) ((uint8_t) (((x) >> 32) & 0xff)) +#define MBEDTLS_BYTE_5(x) ((uint8_t) (((x) >> 40) & 0xff)) +#define MBEDTLS_BYTE_6(x) ((uint8_t) (((x) >> 48) & 0xff)) +#define MBEDTLS_BYTE_7(x) ((uint8_t) (((x) >> 56) & 0xff)) /** * Get the unsigned 32 bits integer corresponding to four bytes in @@ -121,12 +121,12 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * integer from. */ #ifndef MBEDTLS_GET_UINT32_BE -#define MBEDTLS_GET_UINT32_BE( data , offset ) \ +#define MBEDTLS_GET_UINT32_BE(data, offset) \ ( \ - ( (uint32_t) ( data )[( offset ) ] << 24 ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 3] ) \ + ((uint32_t) (data)[(offset)] << 24) \ + | ((uint32_t) (data)[(offset) + 1] << 16) \ + | ((uint32_t) (data)[(offset) + 2] << 8) \ + | ((uint32_t) (data)[(offset) + 3]) \ ) #endif @@ -140,13 +140,13 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_BE -#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_3( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 3] = MBEDTLS_BYTE_0( n ); \ -} +#define MBEDTLS_PUT_UINT32_BE(n, data, offset) \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_3(n); \ + (data)[(offset) + 1] = MBEDTLS_BYTE_2(n); \ + (data)[(offset) + 2] = MBEDTLS_BYTE_1(n); \ + (data)[(offset) + 3] = MBEDTLS_BYTE_0(n); \ + } #endif /** @@ -159,12 +159,12 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * integer from. */ #ifndef MBEDTLS_GET_UINT32_LE -#define MBEDTLS_GET_UINT32_LE( data, offset ) \ +#define MBEDTLS_GET_UINT32_LE(data, offset) \ ( \ - ( (uint32_t) ( data )[( offset ) ] ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \ + ((uint32_t) (data)[(offset)]) \ + | ((uint32_t) (data)[(offset) + 1] << 8) \ + | ((uint32_t) (data)[(offset) + 2] << 16) \ + | ((uint32_t) (data)[(offset) + 3] << 24) \ ) #endif @@ -178,13 +178,13 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_LE -#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \ -} +#define MBEDTLS_PUT_UINT32_LE(n, data, offset) \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_0(n); \ + (data)[(offset) + 1] = MBEDTLS_BYTE_1(n); \ + (data)[(offset) + 2] = MBEDTLS_BYTE_2(n); \ + (data)[(offset) + 3] = MBEDTLS_BYTE_3(n); \ + } #endif /** @@ -197,10 +197,10 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE -#define MBEDTLS_GET_UINT16_LE( data, offset ) \ +#define MBEDTLS_GET_UINT16_LE(data, offset) \ ( \ - ( (uint16_t) ( data )[( offset ) ] ) \ - | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \ + ((uint16_t) (data)[(offset)]) \ + | ((uint16_t) (data)[(offset) + 1] << 8) \ ) #endif @@ -214,11 +214,11 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_LE -#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ -} +#define MBEDTLS_PUT_UINT16_LE(n, data, offset) \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_0(n); \ + (data)[(offset) + 1] = MBEDTLS_BYTE_1(n); \ + } #endif /** @@ -231,10 +231,10 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * integer from. */ #ifndef MBEDTLS_GET_UINT16_BE -#define MBEDTLS_GET_UINT16_BE( data, offset ) \ +#define MBEDTLS_GET_UINT16_BE(data, offset) \ ( \ - ( (uint16_t) ( data )[( offset ) ] << 8 ) \ - | ( (uint16_t) ( data )[( offset ) + 1] ) \ + ((uint16_t) (data)[(offset)] << 8) \ + | ((uint16_t) (data)[(offset) + 1]) \ ) #endif @@ -248,11 +248,11 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_BE -#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_0( n ); \ -} +#define MBEDTLS_PUT_UINT16_BE(n, data, offset) \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_1(n); \ + (data)[(offset) + 1] = MBEDTLS_BYTE_0(n); \ + } #endif /** @@ -265,16 +265,16 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * integer from. */ #ifndef MBEDTLS_GET_UINT64_BE -#define MBEDTLS_GET_UINT64_BE( data, offset ) \ +#define MBEDTLS_GET_UINT64_BE(data, offset) \ ( \ - ( (uint64_t) ( data )[( offset ) ] << 56 ) \ - | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \ - | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \ - | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \ - | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \ - | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \ - | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \ - | ( (uint64_t) ( data )[( offset ) + 7] ) \ + ((uint64_t) (data)[(offset)] << 56) \ + | ((uint64_t) (data)[(offset) + 1] << 48) \ + | ((uint64_t) (data)[(offset) + 2] << 40) \ + | ((uint64_t) (data)[(offset) + 3] << 32) \ + | ((uint64_t) (data)[(offset) + 4] << 24) \ + | ((uint64_t) (data)[(offset) + 5] << 16) \ + | ((uint64_t) (data)[(offset) + 6] << 8) \ + | ((uint64_t) (data)[(offset) + 7]) \ ) #endif @@ -288,17 +288,17 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * byte of the 64 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT64_BE -#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_7( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_6( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_5( n ); \ - ( data )[( offset ) + 3] = MBEDTLS_BYTE_4( n ); \ - ( data )[( offset ) + 4] = MBEDTLS_BYTE_3( n ); \ - ( data )[( offset ) + 5] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 6] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 7] = MBEDTLS_BYTE_0( n ); \ -} +#define MBEDTLS_PUT_UINT64_BE(n, data, offset) \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_7(n); \ + (data)[(offset) + 1] = MBEDTLS_BYTE_6(n); \ + (data)[(offset) + 2] = MBEDTLS_BYTE_5(n); \ + (data)[(offset) + 3] = MBEDTLS_BYTE_4(n); \ + (data)[(offset) + 4] = MBEDTLS_BYTE_3(n); \ + (data)[(offset) + 5] = MBEDTLS_BYTE_2(n); \ + (data)[(offset) + 6] = MBEDTLS_BYTE_1(n); \ + (data)[(offset) + 7] = MBEDTLS_BYTE_0(n); \ + } #endif /** @@ -311,16 +311,16 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * integer from. */ #ifndef MBEDTLS_GET_UINT64_LE -#define MBEDTLS_GET_UINT64_LE( data, offset ) \ +#define MBEDTLS_GET_UINT64_LE(data, offset) \ ( \ - ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \ - | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \ - | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \ - | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \ - | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \ - | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \ - | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint64_t) ( data )[( offset ) ] ) \ + ((uint64_t) (data)[(offset) + 7] << 56) \ + | ((uint64_t) (data)[(offset) + 6] << 48) \ + | ((uint64_t) (data)[(offset) + 5] << 40) \ + | ((uint64_t) (data)[(offset) + 4] << 32) \ + | ((uint64_t) (data)[(offset) + 3] << 24) \ + | ((uint64_t) (data)[(offset) + 2] << 16) \ + | ((uint64_t) (data)[(offset) + 1] << 8) \ + | ((uint64_t) (data)[(offset)]) \ ) #endif @@ -334,17 +334,17 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * byte of the 64 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT64_LE -#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \ - ( data )[( offset ) + 4] = MBEDTLS_BYTE_4( n ); \ - ( data )[( offset ) + 5] = MBEDTLS_BYTE_5( n ); \ - ( data )[( offset ) + 6] = MBEDTLS_BYTE_6( n ); \ - ( data )[( offset ) + 7] = MBEDTLS_BYTE_7( n ); \ -} +#define MBEDTLS_PUT_UINT64_LE(n, data, offset) \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_0(n); \ + (data)[(offset) + 1] = MBEDTLS_BYTE_1(n); \ + (data)[(offset) + 2] = MBEDTLS_BYTE_2(n); \ + (data)[(offset) + 3] = MBEDTLS_BYTE_3(n); \ + (data)[(offset) + 4] = MBEDTLS_BYTE_4(n); \ + (data)[(offset) + 5] = MBEDTLS_BYTE_5(n); \ + (data)[(offset) + 6] = MBEDTLS_BYTE_6(n); \ + (data)[(offset) + 7] = MBEDTLS_BYTE_7(n); \ + } #endif #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/constant_time.c b/library/constant_time.c index 2401b0434ad9..527930129b9c 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -17,7 +17,7 @@ * limitations under the License. */ - /* +/* * The following functions are implemented without using comparison operators, as those * might be translated to branches by some compilers on some platforms. */ @@ -46,17 +46,16 @@ #include -int mbedtls_ct_memcmp( const void *a, - const void *b, - size_t n ) +int mbedtls_ct_memcmp(const void *a, + const void *b, + size_t n) { size_t i; volatile const unsigned char *A = (volatile const unsigned char *) a; volatile const unsigned char *B = (volatile const unsigned char *) b; volatile unsigned char diff = 0; - for( i = 0; i < n; i++ ) - { + for (i = 0; i < n; i++) { /* Read volatile data in order before computing diff. * This avoids IAR compiler warning: * 'the order of volatile accesses is undefined ..' */ @@ -64,10 +63,10 @@ int mbedtls_ct_memcmp( const void *a, diff |= x ^ y; } - return( (int)diff ); + return (int) diff; } -unsigned mbedtls_ct_uint_mask( unsigned value ) +unsigned mbedtls_ct_uint_mask(unsigned value) { /* MSVC has a warning about unary minus on unsigned, but this is * well-defined and precisely what we want to do here */ @@ -75,7 +74,7 @@ unsigned mbedtls_ct_uint_mask( unsigned value ) #pragma warning( push ) #pragma warning( disable : 4146 ) #endif - return( - ( ( value | - value ) >> ( sizeof( value ) * 8 - 1 ) ) ); + return -((value | -value) >> (sizeof(value) * 8 - 1)); #if defined(_MSC_VER) #pragma warning( pop ) #endif @@ -83,7 +82,7 @@ unsigned mbedtls_ct_uint_mask( unsigned value ) #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) -size_t mbedtls_ct_size_mask( size_t value ) +size_t mbedtls_ct_size_mask(size_t value) { /* MSVC has a warning about unary minus on unsigned integer types, * but this is well-defined and precisely what we want to do here. */ @@ -91,7 +90,7 @@ size_t mbedtls_ct_size_mask( size_t value ) #pragma warning( push ) #pragma warning( disable : 4146 ) #endif - return( - ( ( value | - value ) >> ( sizeof( value ) * 8 - 1 ) ) ); + return -((value | -value) >> (sizeof(value) * 8 - 1)); #if defined(_MSC_VER) #pragma warning( pop ) #endif @@ -101,7 +100,7 @@ size_t mbedtls_ct_size_mask( size_t value ) #if defined(MBEDTLS_BIGNUM_C) -mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value ) +mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask(mbedtls_mpi_uint value) { /* MSVC has a warning about unary minus on unsigned, but this is * well-defined and precisely what we want to do here */ @@ -109,7 +108,7 @@ mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value ) #pragma warning( push ) #pragma warning( disable : 4146 ) #endif - return( - ( ( value | - value ) >> ( sizeof( value ) * 8 - 1 ) ) ); + return -((value | -value) >> (sizeof(value) * 8 - 1)); #if defined(_MSC_VER) #pragma warning( pop ) #endif @@ -131,25 +130,25 @@ mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value ) * * \return All-bits-one if \p x is less than \p y, otherwise zero. */ -static size_t mbedtls_ct_size_mask_lt( size_t x, - size_t y ) +static size_t mbedtls_ct_size_mask_lt(size_t x, + size_t y) { /* This has the most significant bit set if and only if x < y */ const size_t sub = x - y; /* sub1 = (x < y) ? 1 : 0 */ - const size_t sub1 = sub >> ( sizeof( sub ) * 8 - 1 ); + const size_t sub1 = sub >> (sizeof(sub) * 8 - 1); /* mask = (x < y) ? 0xff... : 0x00... */ - const size_t mask = mbedtls_ct_size_mask( sub1 ); + const size_t mask = mbedtls_ct_size_mask(sub1); - return( mask ); + return mask; } -size_t mbedtls_ct_size_mask_ge( size_t x, - size_t y ) +size_t mbedtls_ct_size_mask_ge(size_t x, + size_t y) { - return( ~mbedtls_ct_size_mask_lt( x, y ) ); + return ~mbedtls_ct_size_mask_lt(x, y); } #endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ @@ -161,21 +160,21 @@ size_t mbedtls_ct_size_mask_ge( size_t x, * Constant flow with respect to c. */ MBEDTLS_STATIC_TESTABLE -unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low, - unsigned char high, - unsigned char c ) +unsigned char mbedtls_ct_uchar_mask_of_range(unsigned char low, + unsigned char high, + unsigned char c) { /* low_mask is: 0 if low <= c, 0x...ff if low > c */ - unsigned low_mask = ( (unsigned) c - low ) >> 8; + unsigned low_mask = ((unsigned) c - low) >> 8; /* high_mask is: 0 if c <= high, 0x...ff if c > high */ - unsigned high_mask = ( (unsigned) high - c ) >> 8; - return( ~( low_mask | high_mask ) & 0xff ); + unsigned high_mask = ((unsigned) high - c) >> 8; + return ~(low_mask | high_mask) & 0xff; } #endif /* MBEDTLS_BASE64_C */ -unsigned mbedtls_ct_size_bool_eq( size_t x, - size_t y ) +unsigned mbedtls_ct_size_bool_eq(size_t x, + size_t y) { /* diff = 0 if x == y, non-zero otherwise */ const size_t diff = x ^ y; @@ -188,16 +187,16 @@ unsigned mbedtls_ct_size_bool_eq( size_t x, #endif /* diff_msb's most significant bit is equal to x != y */ - const size_t diff_msb = ( diff | (size_t) -diff ); + const size_t diff_msb = (diff | (size_t) -diff); #if defined(_MSC_VER) #pragma warning( pop ) #endif /* diff1 = (x != y) ? 1 : 0 */ - const unsigned diff1 = diff_msb >> ( sizeof( diff_msb ) * 8 - 1 ); + const unsigned diff1 = diff_msb >> (sizeof(diff_msb) * 8 - 1); - return( 1 ^ diff1 ); + return 1 ^ diff1; } #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) @@ -213,19 +212,19 @@ unsigned mbedtls_ct_size_bool_eq( size_t x, * * \return 1 if \p x greater than \p y, otherwise 0. */ -static unsigned mbedtls_ct_size_gt( size_t x, - size_t y ) +static unsigned mbedtls_ct_size_gt(size_t x, + size_t y) { /* Return the sign bit (1 for negative) of (y - x). */ - return( ( y - x ) >> ( sizeof( size_t ) * 8 - 1 ) ); + return (y - x) >> (sizeof(size_t) * 8 - 1); } #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ #if defined(MBEDTLS_BIGNUM_C) -unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x, - const mbedtls_mpi_uint y ) +unsigned mbedtls_ct_mpi_uint_lt(const mbedtls_mpi_uint x, + const mbedtls_mpi_uint y) { mbedtls_mpi_uint ret; mbedtls_mpi_uint cond; @@ -233,12 +232,12 @@ unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x, /* * Check if the most significant bits (MSB) of the operands are different. */ - cond = ( x ^ y ); + cond = (x ^ y); /* * If the MSB are the same then the difference x-y will be negative (and * have its MSB set to 1 during conversion to unsigned) if and only if x> ( sizeof( mbedtls_mpi_uint ) * 8 - 1 ); + ret = ret >> (sizeof(mbedtls_mpi_uint) * 8 - 1); return (unsigned) ret; } #endif /* MBEDTLS_BIGNUM_C */ -unsigned mbedtls_ct_uint_if( unsigned condition, - unsigned if1, - unsigned if0 ) +unsigned mbedtls_ct_uint_if(unsigned condition, + unsigned if1, + unsigned if0) { - unsigned mask = mbedtls_ct_uint_mask( condition ); - return( ( mask & if1 ) | (~mask & if0 ) ); + unsigned mask = mbedtls_ct_uint_mask(condition); + return (mask & if1) | (~mask & if0); } #if defined(MBEDTLS_BIGNUM_C) @@ -278,9 +277,9 @@ unsigned mbedtls_ct_uint_if( unsigned condition, * * \return \c if1 if \p condition is nonzero, otherwise \c if0. * */ -static int mbedtls_ct_cond_select_sign( unsigned char condition, - int if1, - int if0 ) +static int mbedtls_ct_cond_select_sign(unsigned char condition, + int if1, + int if0) { /* In order to avoid questions about what we can reasonably assume about * the representations of signed integers, move everything to unsigned @@ -292,16 +291,16 @@ static int mbedtls_ct_cond_select_sign( unsigned char condition, const unsigned mask = condition << 1; /* select uif1 or uif0 */ - unsigned ur = ( uif0 & ~mask ) | ( uif1 & mask ); + unsigned ur = (uif0 & ~mask) | (uif1 & mask); /* ur is now 0 or 2, convert back to -1 or +1 */ - return( (int) ur - 1 ); + return (int) ur - 1; } -void mbedtls_ct_mpi_uint_cond_assign( size_t n, - mbedtls_mpi_uint *dest, - const mbedtls_mpi_uint *src, - unsigned char condition ) +void mbedtls_ct_mpi_uint_cond_assign(size_t n, + mbedtls_mpi_uint *dest, + const mbedtls_mpi_uint *src, + unsigned char condition) { size_t i; @@ -319,43 +318,44 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n, #pragma warning( pop ) #endif - for( i = 0; i < n; i++ ) - dest[i] = ( src[i] & mask ) | ( dest[i] & ~mask ); + for (i = 0; i < n; i++) { + dest[i] = (src[i] & mask) | (dest[i] & ~mask); + } } #endif /* MBEDTLS_BIGNUM_C */ #if defined(MBEDTLS_BASE64_C) -unsigned char mbedtls_ct_base64_enc_char( unsigned char value ) +unsigned char mbedtls_ct_base64_enc_char(unsigned char value) { unsigned char digit = 0; /* For each range of values, if value is in that range, mask digit with * the corresponding value. Since value can only be in a single range, * only at most one masking will change digit. */ - digit |= mbedtls_ct_uchar_mask_of_range( 0, 25, value ) & ( 'A' + value ); - digit |= mbedtls_ct_uchar_mask_of_range( 26, 51, value ) & ( 'a' + value - 26 ); - digit |= mbedtls_ct_uchar_mask_of_range( 52, 61, value ) & ( '0' + value - 52 ); - digit |= mbedtls_ct_uchar_mask_of_range( 62, 62, value ) & '+'; - digit |= mbedtls_ct_uchar_mask_of_range( 63, 63, value ) & '/'; - return( digit ); + digit |= mbedtls_ct_uchar_mask_of_range(0, 25, value) & ('A' + value); + digit |= mbedtls_ct_uchar_mask_of_range(26, 51, value) & ('a' + value - 26); + digit |= mbedtls_ct_uchar_mask_of_range(52, 61, value) & ('0' + value - 52); + digit |= mbedtls_ct_uchar_mask_of_range(62, 62, value) & '+'; + digit |= mbedtls_ct_uchar_mask_of_range(63, 63, value) & '/'; + return digit; } -signed char mbedtls_ct_base64_dec_value( unsigned char c ) +signed char mbedtls_ct_base64_dec_value(unsigned char c) { unsigned char val = 0; /* For each range of digits, if c is in that range, mask val with * the corresponding value. Since c can only be in a single range, * only at most one masking will change val. Set val to one plus * the desired value so that it stays 0 if c is in none of the ranges. */ - val |= mbedtls_ct_uchar_mask_of_range( 'A', 'Z', c ) & ( c - 'A' + 0 + 1 ); - val |= mbedtls_ct_uchar_mask_of_range( 'a', 'z', c ) & ( c - 'a' + 26 + 1 ); - val |= mbedtls_ct_uchar_mask_of_range( '0', '9', c ) & ( c - '0' + 52 + 1 ); - val |= mbedtls_ct_uchar_mask_of_range( '+', '+', c ) & ( c - '+' + 62 + 1 ); - val |= mbedtls_ct_uchar_mask_of_range( '/', '/', c ) & ( c - '/' + 63 + 1 ); + val |= mbedtls_ct_uchar_mask_of_range('A', 'Z', c) & (c - 'A' + 0 + 1); + val |= mbedtls_ct_uchar_mask_of_range('a', 'z', c) & (c - 'a' + 26 + 1); + val |= mbedtls_ct_uchar_mask_of_range('0', '9', c) & (c - '0' + 52 + 1); + val |= mbedtls_ct_uchar_mask_of_range('+', '+', c) & (c - '+' + 62 + 1); + val |= mbedtls_ct_uchar_mask_of_range('/', '/', c) & (c - '/' + 63 + 1); /* At this point, val is 0 if c is an invalid digit and v+1 if c is * a digit with the value v. */ - return( val - 1 ); + return val - 1; } #endif /* MBEDTLS_BASE64_C */ @@ -378,72 +378,71 @@ signed char mbedtls_ct_base64_dec_value( unsigned char c ) * \param total Total size of the buffer. * \param offset Offset from which to copy \p total - \p offset bytes. */ -static void mbedtls_ct_mem_move_to_left( void *start, - size_t total, - size_t offset ) +static void mbedtls_ct_mem_move_to_left(void *start, + size_t total, + size_t offset) { volatile unsigned char *buf = start; size_t i, n; - if( total == 0 ) + if (total == 0) { return; - for( i = 0; i < total; i++ ) - { - unsigned no_op = mbedtls_ct_size_gt( total - offset, i ); + } + for (i = 0; i < total; i++) { + unsigned no_op = mbedtls_ct_size_gt(total - offset, i); /* The first `total - offset` passes are a no-op. The last * `offset` passes shift the data one byte to the left and * zero out the last byte. */ - for( n = 0; n < total - 1; n++ ) - { + for (n = 0; n < total - 1; n++) { unsigned char current = buf[n]; unsigned char next = buf[n+1]; - buf[n] = mbedtls_ct_uint_if( no_op, current, next ); + buf[n] = mbedtls_ct_uint_if(no_op, current, next); } - buf[total-1] = mbedtls_ct_uint_if( no_op, buf[total-1], 0 ); + buf[total-1] = mbedtls_ct_uint_if(no_op, buf[total-1], 0); } } #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) -void mbedtls_ct_memcpy_if_eq( unsigned char *dest, - const unsigned char *src, - size_t len, - size_t c1, - size_t c2 ) +void mbedtls_ct_memcpy_if_eq(unsigned char *dest, + const unsigned char *src, + size_t len, + size_t c1, + size_t c2) { /* mask = c1 == c2 ? 0xff : 0x00 */ - const size_t equal = mbedtls_ct_size_bool_eq( c1, c2 ); - const unsigned char mask = (unsigned char) mbedtls_ct_size_mask( equal ); + const size_t equal = mbedtls_ct_size_bool_eq(c1, c2); + const unsigned char mask = (unsigned char) mbedtls_ct_size_mask(equal); /* dest[i] = c1 == c2 ? src[i] : dest[i] */ - for( size_t i = 0; i < len; i++ ) - dest[i] = ( src[i] & mask ) | ( dest[i] & ~mask ); + for (size_t i = 0; i < len; i++) { + dest[i] = (src[i] & mask) | (dest[i] & ~mask); + } } -void mbedtls_ct_memcpy_offset( unsigned char *dest, - const unsigned char *src, - size_t offset, - size_t offset_min, - size_t offset_max, - size_t len ) +void mbedtls_ct_memcpy_offset(unsigned char *dest, + const unsigned char *src, + size_t offset, + size_t offset_min, + size_t offset_max, + size_t len) { size_t offsetval; - for( offsetval = offset_min; offsetval <= offset_max; offsetval++ ) - { - mbedtls_ct_memcpy_if_eq( dest, src + offsetval, len, - offsetval, offset ); + for (offsetval = offset_min; offsetval <= offset_max; offsetval++) { + mbedtls_ct_memcpy_if_eq(dest, src + offsetval, len, + offsetval, offset); } } -int mbedtls_ct_hmac( mbedtls_md_context_t *ctx, - const unsigned char *add_data, - size_t add_data_len, - const unsigned char *data, - size_t data_len_secret, - size_t min_data_len, - size_t max_data_len, - unsigned char *output ) +int mbedtls_ct_hmac(mbedtls_md_context_t *ctx, + const unsigned char *add_data, + size_t add_data_len, + const unsigned char *data, + size_t data_len_secret, + size_t min_data_len, + size_t max_data_len, + unsigned char *output) { /* * This function breaks the HMAC abstraction and uses the md_clone() @@ -459,79 +458,79 @@ int mbedtls_ct_hmac( mbedtls_md_context_t *ctx, * * Then we only need to compute HASH(okey + inner_hash) and we're done. */ - const mbedtls_md_type_t md_alg = mbedtls_md_get_type( ctx->md_info ); + const mbedtls_md_type_t md_alg = mbedtls_md_get_type(ctx->md_info); /* TLS 1.0-1.2 only support SHA-384, SHA-256, SHA-1, MD-5, * all of which have the same block size except SHA-384. */ const size_t block_size = md_alg == MBEDTLS_MD_SHA384 ? 128 : 64; const unsigned char * const ikey = ctx->hmac_ctx; const unsigned char * const okey = ikey + block_size; - const size_t hash_size = mbedtls_md_get_size( ctx->md_info ); + const size_t hash_size = mbedtls_md_get_size(ctx->md_info); unsigned char aux_out[MBEDTLS_MD_MAX_SIZE]; mbedtls_md_context_t aux; size_t offset; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_md_init( &aux ); + mbedtls_md_init(&aux); -#define MD_CHK( func_call ) \ +#define MD_CHK(func_call) \ do { \ ret = (func_call); \ - if( ret != 0 ) \ - goto cleanup; \ - } while( 0 ) + if (ret != 0) \ + goto cleanup; \ + } while (0) - MD_CHK( mbedtls_md_setup( &aux, ctx->md_info, 0 ) ); + MD_CHK(mbedtls_md_setup(&aux, ctx->md_info, 0)); /* After hmac_start() of hmac_reset(), ikey has already been hashed, * so we can start directly with the message */ - MD_CHK( mbedtls_md_update( ctx, add_data, add_data_len ) ); - MD_CHK( mbedtls_md_update( ctx, data, min_data_len ) ); + MD_CHK(mbedtls_md_update(ctx, add_data, add_data_len)); + MD_CHK(mbedtls_md_update(ctx, data, min_data_len)); /* Fill the hash buffer in advance with something that is * not a valid hash (barring an attack on the hash and * deliberately-crafted input), in case the caller doesn't * check the return status properly. */ - memset( output, '!', hash_size ); + memset(output, '!', hash_size); /* For each possible length, compute the hash up to that point */ - for( offset = min_data_len; offset <= max_data_len; offset++ ) - { - MD_CHK( mbedtls_md_clone( &aux, ctx ) ); - MD_CHK( mbedtls_md_finish( &aux, aux_out ) ); + for (offset = min_data_len; offset <= max_data_len; offset++) { + MD_CHK(mbedtls_md_clone(&aux, ctx)); + MD_CHK(mbedtls_md_finish(&aux, aux_out)); /* Keep only the correct inner_hash in the output buffer */ - mbedtls_ct_memcpy_if_eq( output, aux_out, hash_size, - offset, data_len_secret ); + mbedtls_ct_memcpy_if_eq(output, aux_out, hash_size, + offset, data_len_secret); - if( offset < max_data_len ) - MD_CHK( mbedtls_md_update( ctx, data + offset, 1 ) ); + if (offset < max_data_len) { + MD_CHK(mbedtls_md_update(ctx, data + offset, 1)); + } } /* The context needs to finish() before it starts() again */ - MD_CHK( mbedtls_md_finish( ctx, aux_out ) ); + MD_CHK(mbedtls_md_finish(ctx, aux_out)); /* Now compute HASH(okey + inner_hash) */ - MD_CHK( mbedtls_md_starts( ctx ) ); - MD_CHK( mbedtls_md_update( ctx, okey, block_size ) ); - MD_CHK( mbedtls_md_update( ctx, output, hash_size ) ); - MD_CHK( mbedtls_md_finish( ctx, output ) ); + MD_CHK(mbedtls_md_starts(ctx)); + MD_CHK(mbedtls_md_update(ctx, okey, block_size)); + MD_CHK(mbedtls_md_update(ctx, output, hash_size)); + MD_CHK(mbedtls_md_finish(ctx, output)); /* Done, get ready for next time */ - MD_CHK( mbedtls_md_hmac_reset( ctx ) ); + MD_CHK(mbedtls_md_hmac_reset(ctx)); #undef MD_CHK cleanup: - mbedtls_md_free( &aux ); - return( ret ); + mbedtls_md_free(&aux); + return ret; } #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #if defined(MBEDTLS_BIGNUM_C) -#define MPI_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA ) +#define MPI_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA) /* * Conditionally assign X = Y, without leaking information @@ -545,30 +544,31 @@ int mbedtls_ct_hmac( mbedtls_md_context_t *ctx, */ __declspec(noinline) #endif -int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, - const mbedtls_mpi *Y, - unsigned char assign ) +int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, + const mbedtls_mpi *Y, + unsigned char assign) { int ret = 0; size_t i; mbedtls_mpi_uint limb_mask; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( Y != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */ - limb_mask = mbedtls_ct_mpi_uint_mask( assign );; + limb_mask = mbedtls_ct_mpi_uint_mask(assign);; - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n)); - X->s = mbedtls_ct_cond_select_sign( assign, Y->s, X->s ); + X->s = mbedtls_ct_cond_select_sign(assign, Y->s, X->s); - mbedtls_ct_mpi_uint_cond_assign( Y->n, X->p, Y->p, assign ); + mbedtls_ct_mpi_uint_cond_assign(Y->n, X->p, Y->p, assign); - for( i = Y->n; i < X->n; i++ ) + for (i = Y->n; i < X->n; i++) { X->p[i] &= ~limb_mask; + } cleanup: - return( ret ); + return ret; } /* @@ -577,73 +577,74 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, * Here it is not ok to simply swap the pointers, which would lead to * different memory access patterns when X and Y are used afterwards. */ -int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, - mbedtls_mpi *Y, - unsigned char swap ) +int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, + mbedtls_mpi *Y, + unsigned char swap) { int ret, s; size_t i; mbedtls_mpi_uint limb_mask; mbedtls_mpi_uint tmp; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( Y != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); - if( X == Y ) - return( 0 ); + if (X == Y) { + return 0; + } /* all-bits 1 if swap is 1, all-bits 0 if swap is 0 */ - limb_mask = mbedtls_ct_mpi_uint_mask( swap ); + limb_mask = mbedtls_ct_mpi_uint_mask(swap); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( Y, X->n ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Y, X->n)); s = X->s; - X->s = mbedtls_ct_cond_select_sign( swap, Y->s, X->s ); - Y->s = mbedtls_ct_cond_select_sign( swap, s, Y->s ); + X->s = mbedtls_ct_cond_select_sign(swap, Y->s, X->s); + Y->s = mbedtls_ct_cond_select_sign(swap, s, Y->s); - for( i = 0; i < X->n; i++ ) - { + for (i = 0; i < X->n; i++) { tmp = X->p[i]; - X->p[i] = ( X->p[i] & ~limb_mask ) | ( Y->p[i] & limb_mask ); - Y->p[i] = ( Y->p[i] & ~limb_mask ) | ( tmp & limb_mask ); + X->p[i] = (X->p[i] & ~limb_mask) | (Y->p[i] & limb_mask); + Y->p[i] = (Y->p[i] & ~limb_mask) | (tmp & limb_mask); } cleanup: - return( ret ); + return ret; } /* * Compare signed values in constant time */ -int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, - const mbedtls_mpi *Y, - unsigned *ret ) +int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, + const mbedtls_mpi *Y, + unsigned *ret) { size_t i; /* The value of any of these variables is either 0 or 1 at all times. */ unsigned cond, done, X_is_negative, Y_is_negative; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( Y != NULL ); - MPI_VALIDATE_RET( ret != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); + MPI_VALIDATE_RET(ret != NULL); - if( X->n != Y->n ) + if (X->n != Y->n) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } /* * Set sign_N to 1 if N >= 0, 0 if N < 0. * We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0. */ - X_is_negative = ( X->s & 2 ) >> 1; - Y_is_negative = ( Y->s & 2 ) >> 1; + X_is_negative = (X->s & 2) >> 1; + Y_is_negative = (Y->s & 2) >> 1; /* * If the signs are different, then the positive operand is the bigger. * That is if X is negative (X_is_negative == 1), then X < Y is true and it * is false if X is positive (X_is_negative == 0). */ - cond = ( X_is_negative ^ Y_is_negative ); + cond = (X_is_negative ^ Y_is_negative); *ret = cond & X_is_negative; /* @@ -652,8 +653,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, */ done = cond; - for( i = X->n; i > 0; i-- ) - { + for (i = X->n; i > 0; i--) { /* * If Y->p[i - 1] < X->p[i - 1] then X < Y is true if and only if both * X and Y are negative. @@ -661,8 +661,8 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, * Again even if we can make a decision, we just mark the result and * the fact that we are done and continue looping. */ - cond = mbedtls_ct_mpi_uint_lt( Y->p[i - 1], X->p[i - 1] ); - *ret |= cond & ( 1 - done ) & X_is_negative; + cond = mbedtls_ct_mpi_uint_lt(Y->p[i - 1], X->p[i - 1]); + *ret |= cond & (1 - done) & X_is_negative; done |= cond; /* @@ -672,24 +672,24 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, * Again even if we can make a decision, we just mark the result and * the fact that we are done and continue looping. */ - cond = mbedtls_ct_mpi_uint_lt( X->p[i - 1], Y->p[i - 1] ); - *ret |= cond & ( 1 - done ) & ( 1 - X_is_negative ); + cond = mbedtls_ct_mpi_uint_lt(X->p[i - 1], Y->p[i - 1]); + *ret |= cond & (1 - done) & (1 - X_is_negative); done |= cond; } - return( 0 ); + return 0; } #endif /* MBEDTLS_BIGNUM_C */ #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) -int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, - unsigned char *input, - size_t ilen, - unsigned char *output, - size_t output_max_len, - size_t *olen ) +int mbedtls_ct_rsaes_pkcs1_v15_unpadding(int mode, + unsigned char *input, + size_t ilen, + unsigned char *output, + size_t output_max_len, + size_t *olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, plaintext_max_size; @@ -710,29 +710,25 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, size_t plaintext_size = 0; unsigned output_too_large; - plaintext_max_size = ( output_max_len > ilen - 11 ) ? ilen - 11 + plaintext_max_size = (output_max_len > ilen - 11) ? ilen - 11 : output_max_len; /* Check and get padding length in constant time and constant * memory trace. The first byte must be 0. */ bad |= input[0]; - if( mode == MBEDTLS_RSA_PRIVATE ) - { + if (mode == MBEDTLS_RSA_PRIVATE) { /* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00 * where PS must be at least 8 nonzero bytes. */ bad |= input[1] ^ MBEDTLS_RSA_CRYPT; /* Read the whole buffer. Set pad_done to nonzero if we find * the 0x00 byte and remember the padding length in pad_count. */ - for( i = 2; i < ilen; i++ ) - { - pad_done |= ((input[i] | (unsigned char)-input[i]) >> 7) ^ 1; - pad_count += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1; + for (i = 2; i < ilen; i++) { + pad_done |= ((input[i] | (unsigned char) -input[i]) >> 7) ^ 1; + pad_count += ((pad_done | (unsigned char) -pad_done) >> 7) ^ 1; } - } - else - { + } else { /* Decode EMSA-PKCS1-v1_5 padding: 0x00 || 0x01 || PS || 0x00 * where PS must be at least 8 bytes with the value 0xFF. */ bad |= input[1] ^ MBEDTLS_RSA_SIGN; @@ -740,19 +736,18 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, /* Read the whole buffer. Set pad_done to nonzero if we find * the 0x00 byte and remember the padding length in pad_count. * If there's a non-0xff byte in the padding, the padding is bad. */ - for( i = 2; i < ilen; i++ ) - { - pad_done |= mbedtls_ct_uint_if( input[i], 0, 1 ); - pad_count += mbedtls_ct_uint_if( pad_done, 0, 1 ); - bad |= mbedtls_ct_uint_if( pad_done, 0, input[i] ^ 0xFF ); + for (i = 2; i < ilen; i++) { + pad_done |= mbedtls_ct_uint_if(input[i], 0, 1); + pad_count += mbedtls_ct_uint_if(pad_done, 0, 1); + bad |= mbedtls_ct_uint_if(pad_done, 0, input[i] ^ 0xFF); } } /* If pad_done is still zero, there's no data, only unfinished padding. */ - bad |= mbedtls_ct_uint_if( pad_done, 0, 1 ); + bad |= mbedtls_ct_uint_if(pad_done, 0, 1); /* There must be at least 8 bytes of padding. */ - bad |= mbedtls_ct_size_gt( 8, pad_count ); + bad |= mbedtls_ct_size_gt(8, pad_count); /* If the padding is valid, set plaintext_size to the number of * remaining bytes after stripping the padding. If the padding @@ -762,24 +757,24 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, * validity through timing. RSA keys are small enough that all the * size_t values involved fit in unsigned int. */ plaintext_size = mbedtls_ct_uint_if( - bad, (unsigned) plaintext_max_size, - (unsigned) ( ilen - pad_count - 3 ) ); + bad, (unsigned) plaintext_max_size, + (unsigned) (ilen - pad_count - 3)); /* Set output_too_large to 0 if the plaintext fits in the output * buffer and to 1 otherwise. */ - output_too_large = mbedtls_ct_size_gt( plaintext_size, - plaintext_max_size ); + output_too_large = mbedtls_ct_size_gt(plaintext_size, + plaintext_max_size); /* Set ret without branches to avoid timing attacks. Return: * - INVALID_PADDING if the padding is bad (bad != 0). * - OUTPUT_TOO_LARGE if the padding is good but the decrypted * plaintext does not fit in the output buffer. * - 0 if the padding is correct. */ - ret = - (int) mbedtls_ct_uint_if( - bad, - MBEDTLS_ERR_RSA_INVALID_PADDING, - mbedtls_ct_uint_if( output_too_large, - - MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE, - 0 ) ); + ret = -(int) mbedtls_ct_uint_if( + bad, -MBEDTLS_ERR_RSA_INVALID_PADDING, + mbedtls_ct_uint_if(output_too_large, + -MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE, + 0)); /* If the padding is bad or the plaintext is too large, zero the * data that we're about to copy to the output buffer. @@ -787,17 +782,18 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, * from the same buffer whether the padding is good or not to * avoid leaking the padding validity through overall timing or * through memory or cache access patterns. */ - bad = mbedtls_ct_uint_mask( bad | output_too_large ); - for( i = 11; i < ilen; i++ ) + bad = mbedtls_ct_uint_mask(bad | output_too_large); + for (i = 11; i < ilen; i++) { input[i] &= ~bad; + } /* If the plaintext is too large, truncate it to the buffer size. * Copy anyway to avoid revealing the length through timing, because * revealing the length is as bad as revealing the padding validity * for a Bleichenbacher attack. */ - plaintext_size = mbedtls_ct_uint_if( output_too_large, - (unsigned) plaintext_max_size, - (unsigned) plaintext_size ); + plaintext_size = mbedtls_ct_uint_if(output_too_large, + (unsigned) plaintext_max_size, + (unsigned) plaintext_size); /* Move the plaintext to the leftmost position where it can start in * the working buffer, i.e. make it start plaintext_max_size from @@ -805,9 +801,9 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, * does not depend on the plaintext size. After this move, the * starting location of the plaintext is no longer sensitive * information. */ - mbedtls_ct_mem_move_to_left( input + ilen - plaintext_max_size, - plaintext_max_size, - plaintext_max_size - plaintext_size ); + mbedtls_ct_mem_move_to_left(input + ilen - plaintext_max_size, + plaintext_max_size, + plaintext_max_size - plaintext_size); /* Finally copy the decrypted plaintext plus trailing zeros into the output * buffer. If output_max_len is 0, then output may be an invalid pointer @@ -816,8 +812,9 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, * user-provided output buffer), which is independent from plaintext * length, validity of padding, success of the decryption, and other * secrets. */ - if( output_max_len != 0 ) - memcpy( output, input + ilen - plaintext_max_size, plaintext_max_size ); + if (output_max_len != 0) { + memcpy(output, input + ilen - plaintext_max_size, plaintext_max_size); + } /* Report the amount of data we copied to the output buffer. In case * of errors (bad padding or output too large), the value of *olen @@ -825,7 +822,7 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, * to the good case limits the risks of leaking the padding validity. */ *olen = plaintext_size; - return( ret ); + return ret; } #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index ff2d0ff92ced..402cf148b8be 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -43,7 +43,7 @@ * * \return Zero if \p value is zero, otherwise all-bits-one. */ -unsigned mbedtls_ct_uint_mask( unsigned value ); +unsigned mbedtls_ct_uint_mask(unsigned value); #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) @@ -58,7 +58,7 @@ unsigned mbedtls_ct_uint_mask( unsigned value ); * * \return Zero if \p value is zero, otherwise all-bits-one. */ -size_t mbedtls_ct_size_mask( size_t value ); +size_t mbedtls_ct_size_mask(size_t value); #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ @@ -75,7 +75,7 @@ size_t mbedtls_ct_size_mask( size_t value ); * * \return Zero if \p value is zero, otherwise all-bits-one. */ -mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value ); +mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask(mbedtls_mpi_uint value); #endif /* MBEDTLS_BIGNUM_C */ @@ -94,8 +94,8 @@ mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value ); * \return All-bits-one if \p x is greater or equal than \p y, * otherwise zero. */ -size_t mbedtls_ct_size_mask_ge( size_t x, - size_t y ); +size_t mbedtls_ct_size_mask_ge(size_t x, + size_t y); #endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ @@ -110,8 +110,8 @@ size_t mbedtls_ct_size_mask_ge( size_t x, * * \return 1 if \p x equals to \p y, otherwise 0. */ -unsigned mbedtls_ct_size_bool_eq( size_t x, - size_t y ); +unsigned mbedtls_ct_size_bool_eq(size_t x, + size_t y); #if defined(MBEDTLS_BIGNUM_C) @@ -125,8 +125,8 @@ unsigned mbedtls_ct_size_bool_eq( size_t x, * * \return 1 if \p x is less than \p y, otherwise 0. */ -unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x, - const mbedtls_mpi_uint y ); +unsigned mbedtls_ct_mpi_uint_lt(const mbedtls_mpi_uint x, + const mbedtls_mpi_uint y); #endif /* MBEDTLS_BIGNUM_C */ @@ -141,9 +141,9 @@ unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x, * * \return \c if1 if \p condition is nonzero, otherwise \c if0. */ -unsigned mbedtls_ct_uint_if( unsigned condition, - unsigned if1, - unsigned if0 ); +unsigned mbedtls_ct_uint_if(unsigned condition, + unsigned if1, + unsigned if0); #if defined(MBEDTLS_BIGNUM_C) @@ -159,10 +159,10 @@ unsigned mbedtls_ct_uint_if( unsigned condition, * initialized MPI. * \param condition Condition to test, must be 0 or 1. */ -void mbedtls_ct_mpi_uint_cond_assign( size_t n, - mbedtls_mpi_uint *dest, - const mbedtls_mpi_uint *src, - unsigned char condition ); +void mbedtls_ct_mpi_uint_cond_assign(size_t n, + mbedtls_mpi_uint *dest, + const mbedtls_mpi_uint *src, + unsigned char condition); #endif /* MBEDTLS_BIGNUM_C */ @@ -177,7 +177,7 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n, * * \return A base64 digit converted from \p value. */ -unsigned char mbedtls_ct_base64_enc_char( unsigned char value ); +unsigned char mbedtls_ct_base64_enc_char(unsigned char value); /** Given a Base64 digit, return its value. * @@ -191,7 +191,7 @@ unsigned char mbedtls_ct_base64_enc_char( unsigned char value ); * * \return The value of the base64 digit \p c. */ -signed char mbedtls_ct_base64_dec_value( unsigned char c ); +signed char mbedtls_ct_base64_dec_value(unsigned char c); #endif /* MBEDTLS_BASE64_C */ @@ -208,10 +208,10 @@ signed char mbedtls_ct_base64_dec_value( unsigned char c ); * \param c1 The first value to analyze in the condition. * \param c2 The second value to analyze in the condition. */ -void mbedtls_ct_memcpy_if_eq( unsigned char *dest, - const unsigned char *src, - size_t len, - size_t c1, size_t c2 ); +void mbedtls_ct_memcpy_if_eq(unsigned char *dest, + const unsigned char *src, + size_t len, + size_t c1, size_t c2); /** Copy data from a secret position with constant flow. * @@ -239,12 +239,12 @@ void mbedtls_ct_memcpy_if_eq( unsigned char *dest, * \param offset_max The maximal value of \p offset. * \param len The number of bytes to copy. */ -void mbedtls_ct_memcpy_offset( unsigned char *dest, - const unsigned char *src, - size_t offset, - size_t offset_min, - size_t offset_max, - size_t len ); +void mbedtls_ct_memcpy_offset(unsigned char *dest, + const unsigned char *src, + size_t offset, + size_t offset_min, + size_t offset_max, + size_t len); /** Compute the HMAC of variable-length data with constant flow. * @@ -282,14 +282,14 @@ void mbedtls_ct_memcpy_offset( unsigned char *dest, * \retval #MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED * The hardware accelerator failed. */ -int mbedtls_ct_hmac( mbedtls_md_context_t *ctx, - const unsigned char *add_data, - size_t add_data_len, - const unsigned char *data, - size_t data_len_secret, - size_t min_data_len, - size_t max_data_len, - unsigned char *output ); +int mbedtls_ct_hmac(mbedtls_md_context_t *ctx, + const unsigned char *add_data, + size_t add_data_len, + const unsigned char *data, + size_t data_len_secret, + size_t min_data_len, + size_t max_data_len, + unsigned char *output); #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ @@ -323,12 +323,12 @@ int mbedtls_ct_hmac( mbedtls_md_context_t *ctx, * \return #MBEDTLS_ERR_RSA_INVALID_PADDING * The input doesn't contain properly formatted padding. */ -int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, - unsigned char *input, - size_t ilen, - unsigned char *output, - size_t output_max_len, - size_t *olen ); +int mbedtls_ct_rsaes_pkcs1_v15_unpadding(int mode, + unsigned char *input, + size_t ilen, + unsigned char *output, + size_t output_max_len, + size_t *olen); #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ diff --git a/library/constant_time_invasive.h b/library/constant_time_invasive.h index 4620ca137999..c176b28ffdce 100644 --- a/library/constant_time_invasive.h +++ b/library/constant_time_invasive.h @@ -42,9 +42,9 @@ * * \return All-bits-one if \p low <= \p c <= \p high, otherwise zero. */ -unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low, - unsigned char high, - unsigned char c ); +unsigned char mbedtls_ct_uchar_mask_of_range(unsigned char low, + unsigned char high, + unsigned char c); #endif /* MBEDTLS_TEST_HOOKS */ diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index ed31576a7b8d..652c5cbc2806 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -41,9 +41,9 @@ /* * CTR_DRBG context initialization */ -void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) +void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_ctr_drbg_context ) ); + memset(ctx, 0, sizeof(mbedtls_ctr_drbg_context)); /* Indicate that the entropy nonce length is not set explicitly. * See mbedtls_ctr_drbg_set_nonce_len(). */ ctx->reseed_counter = -1; @@ -55,50 +55,55 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) * This function resets CTR_DRBG context to the state immediately * after initial call of mbedtls_ctr_drbg_init(). */ -void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ) +void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } #if defined(MBEDTLS_THREADING_C) /* The mutex is initialized iff f_entropy is set. */ - if( ctx->f_entropy != NULL ) - mbedtls_mutex_free( &ctx->mutex ); + if (ctx->f_entropy != NULL) { + mbedtls_mutex_free(&ctx->mutex); + } #endif - mbedtls_aes_free( &ctx->aes_ctx ); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) ); + mbedtls_aes_free(&ctx->aes_ctx); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ctr_drbg_context)); ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL; ctx->reseed_counter = -1; } -void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, - int resistance ) +void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx, + int resistance) { ctx->prediction_resistance = resistance; } -void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, - size_t len ) +void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx, + size_t len) { ctx->entropy_len = len; } -int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx, - size_t len ) +int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx, + size_t len) { /* If mbedtls_ctr_drbg_seed() has already been called, it's * too late. Return the error code that's closest to making sense. */ - if( ctx->f_entropy != NULL ) - return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); + if (ctx->f_entropy != NULL) { + return MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED; + } - if( len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if (len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } #if SIZE_MAX > INT_MAX /* This shouldn't be an issue because * MBEDTLS_CTR_DRBG_MAX_SEED_INPUT < INT_MAX in any sensible * configuration, but make sure anyway. */ - if( len > INT_MAX ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if (len > INT_MAX) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } #endif /* For backward compatibility with Mbed TLS <= 2.19, store the @@ -106,17 +111,17 @@ int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx, * used until after the initial seeding. */ /* Due to the capping of len above, the value fits in an int. */ ctx->reseed_counter = (int) len; - return( 0 ); + return 0; } -void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, - int interval ) +void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx, + int interval) { ctx->reseed_interval = interval; } -static int block_cipher_df( unsigned char *output, - const unsigned char *data, size_t data_len ) +static int block_cipher_df(unsigned char *output, + const unsigned char *data, size_t data_len) { unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16]; @@ -130,12 +135,13 @@ static int block_cipher_df( unsigned char *output, int i, j; size_t buf_len, use_len; - if( data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if (data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } - memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + - MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 ); - mbedtls_aes_init( &aes_ctx ); + memset(buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16); + mbedtls_aes_init(&aes_ctx); /* * Construct IV (16 bytes) and S in buffer @@ -145,48 +151,46 @@ static int block_cipher_df( unsigned char *output, * (Total is padded to a multiple of 16-bytes with zeroes) */ p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; - MBEDTLS_PUT_UINT32_BE( data_len, p, 0); + MBEDTLS_PUT_UINT32_BE(data_len, p, 0); p += 4 + 3; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; - memcpy( p, data, data_len ); + memcpy(p, data, data_len); p[data_len] = 0x80; buf_len = MBEDTLS_CTR_DRBG_BLOCKSIZE + 8 + data_len + 1; - for( i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++ ) + for (i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++) { key[i] = i; + } - if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, key, - MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 ) - { + if ((ret = mbedtls_aes_setkey_enc(&aes_ctx, key, + MBEDTLS_CTR_DRBG_KEYBITS)) != 0) { goto exit; } /* * Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data */ - for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) - { + for (j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE) { p = buf; - memset( chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE ); + memset(chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE); use_len = buf_len; - while( use_len > 0 ) - { - for( i = 0; i < MBEDTLS_CTR_DRBG_BLOCKSIZE; i++ ) + while (use_len > 0) { + for (i = 0; i < MBEDTLS_CTR_DRBG_BLOCKSIZE; i++) { chain[i] ^= p[i]; + } p += MBEDTLS_CTR_DRBG_BLOCKSIZE; - use_len -= ( use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? + use_len -= (use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE) ? MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len; - if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, - chain, chain ) ) != 0 ) - { + if ((ret = mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT, + chain, chain)) != 0) { goto exit; } } - memcpy( tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE ); + memcpy(tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE); /* * Update IV @@ -197,42 +201,38 @@ static int block_cipher_df( unsigned char *output, /* * Do final encryption with reduced data */ - if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, tmp, - MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 ) - { + if ((ret = mbedtls_aes_setkey_enc(&aes_ctx, tmp, + MBEDTLS_CTR_DRBG_KEYBITS)) != 0) { goto exit; } iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE; p = output; - for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) - { - if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, - iv, iv ) ) != 0 ) - { + for (j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE) { + if ((ret = mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT, + iv, iv)) != 0) { goto exit; } - memcpy( p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE ); + memcpy(p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE); p += MBEDTLS_CTR_DRBG_BLOCKSIZE; } exit: - mbedtls_aes_free( &aes_ctx ); + mbedtls_aes_free(&aes_ctx); /* - * tidy up the stack - */ - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - mbedtls_platform_zeroize( key, sizeof( key ) ); - mbedtls_platform_zeroize( chain, sizeof( chain ) ); - if( 0 != ret ) - { + * tidy up the stack + */ + mbedtls_platform_zeroize(buf, sizeof(buf)); + mbedtls_platform_zeroize(tmp, sizeof(tmp)); + mbedtls_platform_zeroize(key, sizeof(key)); + mbedtls_platform_zeroize(chain, sizeof(chain)); + if (0 != ret) { /* - * wipe partial seed from memory - */ - mbedtls_platform_zeroize( output, MBEDTLS_CTR_DRBG_SEEDLEN ); + * wipe partial seed from memory + */ + mbedtls_platform_zeroize(output, MBEDTLS_CTR_DRBG_SEEDLEN); } - return( ret ); + return ret; } /* CTR_DRBG_Update (SP 800-90A §10.2.1.2) @@ -243,54 +243,54 @@ static int block_cipher_df( unsigned char *output, * ctx->aes_ctx = Key * ctx->counter = V */ -static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx, - const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] ) +static int ctr_drbg_update_internal(mbedtls_ctr_drbg_context *ctx, + const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN]) { unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN]; unsigned char *p = tmp; int i, j; int ret = 0; - memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN ); + memset(tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN); - for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) - { + for (j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE) { /* * Increase counter */ - for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- ) - if( ++ctx->counter[i - 1] != 0 ) + for (i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i--) { + if (++ctx->counter[i - 1] != 0) { break; + } + } /* * Crypt counter block */ - if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, - ctx->counter, p ) ) != 0 ) - { + if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, + ctx->counter, p)) != 0) { goto exit; } p += MBEDTLS_CTR_DRBG_BLOCKSIZE; } - for( i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++ ) + for (i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++) { tmp[i] ^= data[i]; + } /* * Update key and counter */ - if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, - MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 ) - { + if ((ret = mbedtls_aes_setkey_enc(&ctx->aes_ctx, tmp, + MBEDTLS_CTR_DRBG_KEYBITS)) != 0) { goto exit; } - memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, - MBEDTLS_CTR_DRBG_BLOCKSIZE ); + memcpy(ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, + MBEDTLS_CTR_DRBG_BLOCKSIZE); exit: - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - return( ret ); + mbedtls_platform_zeroize(tmp, sizeof(tmp)); + return ret; } /* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) @@ -305,36 +305,40 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx, * and with outputs * ctx = initial_working_state */ -int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ) +int mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t add_len) { unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( add_len == 0 ) - return( 0 ); + if (add_len == 0) { + return 0; + } - if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 ) + if ((ret = block_cipher_df(add_input, additional, add_len)) != 0) { goto exit; - if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 ) + } + if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) { goto exit; + } exit: - mbedtls_platform_zeroize( add_input, sizeof( add_input ) ); - return( ret ); + mbedtls_platform_zeroize(add_input, sizeof(add_input)); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ) +void mbedtls_ctr_drbg_update(mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t add_len) { /* MAX_INPUT would be more logical here, but we have to match * block_cipher_df()'s limits since we can't propagate errors */ - if( add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) + if (add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) { add_len = MBEDTLS_CTR_DRBG_MAX_SEED_INPUT; - (void) mbedtls_ctr_drbg_update_ret( ctx, additional, add_len ); + } + (void) mbedtls_ctr_drbg_update_ret(ctx, additional, add_len); } #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -351,66 +355,67 @@ void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, * and with output * ctx contains new_working_state */ -static int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t len, - size_t nonce_len ) +static int mbedtls_ctr_drbg_reseed_internal(mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t len, + size_t nonce_len) { unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT]; size_t seedlen = 0; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - if( nonce_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - if( len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len - nonce_len ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if (ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } + if (nonce_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } + if (len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len - nonce_len) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } - memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ); + memset(seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT); /* Gather entropy_len bytes of entropy to seed state. */ - if( 0 != ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) ) - { - return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); + if (0 != ctx->f_entropy(ctx->p_entropy, seed, ctx->entropy_len)) { + return MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED; } seedlen += ctx->entropy_len; /* Gather entropy for a nonce if requested. */ - if( nonce_len != 0 ) - { - if( 0 != ctx->f_entropy( ctx->p_entropy, seed + seedlen, nonce_len ) ) - { - return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); + if (nonce_len != 0) { + if (0 != ctx->f_entropy(ctx->p_entropy, seed + seedlen, nonce_len)) { + return MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED; } seedlen += nonce_len; } /* Add additional data if provided. */ - if( additional != NULL && len != 0 ) - { - memcpy( seed + seedlen, additional, len ); + if (additional != NULL && len != 0) { + memcpy(seed + seedlen, additional, len); seedlen += len; } /* Reduce to 384 bits. */ - if( ( ret = block_cipher_df( seed, seed, seedlen ) ) != 0 ) + if ((ret = block_cipher_df(seed, seed, seedlen)) != 0) { goto exit; + } /* Update state. */ - if( ( ret = ctr_drbg_update_internal( ctx, seed ) ) != 0 ) + if ((ret = ctr_drbg_update_internal(ctx, seed)) != 0) { goto exit; + } ctx->reseed_counter = 1; exit: - mbedtls_platform_zeroize( seed, sizeof( seed ) ); - return( ret ); + mbedtls_platform_zeroize(seed, sizeof(seed)); + return ret; } -int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, size_t len ) +int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, size_t len) { - return( mbedtls_ctr_drbg_reseed_internal( ctx, additional, len, 0 ) ); + return mbedtls_ctr_drbg_reseed_internal(ctx, additional, len, 0); } /* Return a "good" nonce length for CTR_DRBG. The chosen nonce length @@ -418,12 +423,13 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, * size and entropy length. If there is enough entropy in the initial * call to the entropy function to serve as both the entropy input and * the nonce, don't make a second call to get a nonce. */ -static size_t good_nonce_len( size_t entropy_len ) +static size_t good_nonce_len(size_t entropy_len) { - if( entropy_len >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 ) - return( 0 ); - else - return( ( entropy_len + 1 ) / 2 ); + if (entropy_len >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2) { + return 0; + } else { + return (entropy_len + 1) / 2; + } } /* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) @@ -437,52 +443,51 @@ static size_t good_nonce_len( size_t entropy_len ) * and with outputs * ctx = initial_working_state */ -int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len ) +int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; size_t nonce_len; - memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE ); + memset(key, 0, MBEDTLS_CTR_DRBG_KEYSIZE); /* The mutex is initialized iff f_entropy is set. */ #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif - mbedtls_aes_init( &ctx->aes_ctx ); + mbedtls_aes_init(&ctx->aes_ctx); ctx->f_entropy = f_entropy; ctx->p_entropy = p_entropy; - if( ctx->entropy_len == 0 ) + if (ctx->entropy_len == 0) { ctx->entropy_len = MBEDTLS_CTR_DRBG_ENTROPY_LEN; + } /* ctx->reseed_counter contains the desired amount of entropy to * grab for a nonce (see mbedtls_ctr_drbg_set_nonce_len()). * If it's -1, indicating that the entropy nonce length was not set * explicitly, use a sufficiently large nonce for security. */ - nonce_len = ( ctx->reseed_counter >= 0 ? - (size_t) ctx->reseed_counter : - good_nonce_len( ctx->entropy_len ) ); + nonce_len = (ctx->reseed_counter >= 0 ? + (size_t) ctx->reseed_counter : + good_nonce_len(ctx->entropy_len)); /* Initialize with an empty key. */ - if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, - MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_aes_setkey_enc(&ctx->aes_ctx, key, + MBEDTLS_CTR_DRBG_KEYBITS)) != 0) { + return ret; } /* Do the initial seeding. */ - if( ( ret = mbedtls_ctr_drbg_reseed_internal( ctx, custom, len, - nonce_len ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_ctr_drbg_reseed_internal(ctx, custom, len, + nonce_len)) != 0) { + return ret; } - return( 0 ); + return 0; } /* CTR_DRBG_Generate with derivation function (SP 800-90A §10.2.1.5.2) @@ -504,9 +509,9 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, * returned_bits = output[:output_len] * ctx contains new_working_state */ -int mbedtls_ctr_drbg_random_with_add( void *p_rng, - unsigned char *output, size_t output_len, - const unsigned char *additional, size_t add_len ) +int mbedtls_ctr_drbg_random_with_add(void *p_rng, + unsigned char *output, size_t output_len, + const unsigned char *additional, size_t add_len) { int ret = 0; mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng; @@ -516,159 +521,163 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, int i; size_t use_len; - if( output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST ) - return( MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG ); + if (output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST) { + return MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG; + } - if( add_len > MBEDTLS_CTR_DRBG_MAX_INPUT ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if (add_len > MBEDTLS_CTR_DRBG_MAX_INPUT) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } - memset( add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN ); + memset(add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN); - if( ctx->reseed_counter > ctx->reseed_interval || - ctx->prediction_resistance ) - { - if( ( ret = mbedtls_ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 ) - { - return( ret ); + if (ctx->reseed_counter > ctx->reseed_interval || + ctx->prediction_resistance) { + if ((ret = mbedtls_ctr_drbg_reseed(ctx, additional, add_len)) != 0) { + return ret; } add_len = 0; } - if( add_len > 0 ) - { - if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 ) + if (add_len > 0) { + if ((ret = block_cipher_df(add_input, additional, add_len)) != 0) { goto exit; - if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 ) + } + if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) { goto exit; + } } - while( output_len > 0 ) - { + while (output_len > 0) { /* * Increase counter */ - for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- ) - if( ++ctx->counter[i - 1] != 0 ) + for (i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i--) { + if (++ctx->counter[i - 1] != 0) { break; + } + } /* * Crypt counter block */ - if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, - ctx->counter, tmp ) ) != 0 ) - { + if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, + ctx->counter, tmp)) != 0) { goto exit; } - use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) + use_len = (output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE) ? MBEDTLS_CTR_DRBG_BLOCKSIZE : output_len; /* * Copy random block to destination */ - memcpy( p, tmp, use_len ); + memcpy(p, tmp, use_len); p += use_len; output_len -= use_len; } - if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 ) + if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) { goto exit; + } ctx->reseed_counter++; exit: - mbedtls_platform_zeroize( add_input, sizeof( add_input ) ); - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - return( ret ); + mbedtls_platform_zeroize(add_input, sizeof(add_input)); + mbedtls_platform_zeroize(tmp, sizeof(tmp)); + return ret; } -int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, - size_t output_len ) +int mbedtls_ctr_drbg_random(void *p_rng, unsigned char *output, + size_t output_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - ret = mbedtls_ctr_drbg_random_with_add( ctx, output, output_len, NULL, 0 ); + ret = mbedtls_ctr_drbg_random_with_add(ctx, output, output_len, NULL, 0); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } #if defined(MBEDTLS_FS_IO) -int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, - const char *path ) +int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, + const char *path) { int ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; FILE *f; - unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ]; + unsigned char buf[MBEDTLS_CTR_DRBG_MAX_INPUT]; - if( ( f = fopen( path, "wb" ) ) == NULL ) - return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR ); + if ((f = fopen(path, "wb")) == NULL) { + return MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; + } - if( ( ret = mbedtls_ctr_drbg_random( ctx, buf, - MBEDTLS_CTR_DRBG_MAX_INPUT ) ) != 0 ) + if ((ret = mbedtls_ctr_drbg_random(ctx, buf, + MBEDTLS_CTR_DRBG_MAX_INPUT)) != 0) { goto exit; + } - if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != - MBEDTLS_CTR_DRBG_MAX_INPUT ) - { + if (fwrite(buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f) != + MBEDTLS_CTR_DRBG_MAX_INPUT) { ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; - } - else - { + } else { ret = 0; } exit: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); - fclose( f ); - return( ret ); + fclose(f); + return ret; } -int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, - const char *path ) +int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, + const char *path) { int ret = 0; FILE *f = NULL; size_t n; - unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ]; + unsigned char buf[MBEDTLS_CTR_DRBG_MAX_INPUT]; unsigned char c; - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR ); + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; + } - n = fread( buf, 1, sizeof( buf ), f ); - if( fread( &c, 1, 1, f ) != 0 ) - { + n = fread(buf, 1, sizeof(buf), f); + if (fread(&c, 1, 1, f) != 0) { ret = MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; goto exit; } - if( n == 0 || ferror( f ) ) - { + if (n == 0 || ferror(f)) { ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; goto exit; } - fclose( f ); + fclose(f); f = NULL; - ret = mbedtls_ctr_drbg_update_ret( ctx, buf, n ); + ret = mbedtls_ctr_drbg_update_ret(ctx, buf, n); exit: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - if( f != NULL ) - fclose( f ); - if( ret != 0 ) - return( ret ); - return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); + if (f != NULL) { + fclose(f); + } + if (ret != 0) { + return ret; + } + return mbedtls_ctr_drbg_write_seed_file(ctx, path); } #endif /* MBEDTLS_FS_IO */ @@ -699,192 +708,197 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, #if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) static const unsigned char entropy_source_pr[] = - { 0x04, 0xd9, 0x49, 0xa6, 0xdc, 0xe8, 0x6e, 0xbb, - 0xf1, 0x08, 0x77, 0x2b, 0x9e, 0x08, 0xca, 0x92, - 0x65, 0x16, 0xda, 0x99, 0xa2, 0x59, 0xf3, 0xe8, - 0x38, 0x7e, 0x3f, 0x6b, 0x51, 0x70, 0x7b, 0x20, - 0xec, 0x53, 0xd0, 0x66, 0xc3, 0x0f, 0xe3, 0xb0, - 0xe0, 0x86, 0xa6, 0xaa, 0x5f, 0x72, 0x2f, 0xad, - 0xf7, 0xef, 0x06, 0xb8, 0xd6, 0x9c, 0x9d, 0xe8 }; +{ 0x04, 0xd9, 0x49, 0xa6, 0xdc, 0xe8, 0x6e, 0xbb, + 0xf1, 0x08, 0x77, 0x2b, 0x9e, 0x08, 0xca, 0x92, + 0x65, 0x16, 0xda, 0x99, 0xa2, 0x59, 0xf3, 0xe8, + 0x38, 0x7e, 0x3f, 0x6b, 0x51, 0x70, 0x7b, 0x20, + 0xec, 0x53, 0xd0, 0x66, 0xc3, 0x0f, 0xe3, 0xb0, + 0xe0, 0x86, 0xa6, 0xaa, 0x5f, 0x72, 0x2f, 0xad, + 0xf7, 0xef, 0x06, 0xb8, 0xd6, 0x9c, 0x9d, 0xe8 }; static const unsigned char entropy_source_nopr[] = - { 0x07, 0x0d, 0x59, 0x63, 0x98, 0x73, 0xa5, 0x45, - 0x27, 0x38, 0x22, 0x7b, 0x76, 0x85, 0xd1, 0xa9, - 0x74, 0x18, 0x1f, 0x3c, 0x22, 0xf6, 0x49, 0x20, - 0x4a, 0x47, 0xc2, 0xf3, 0x85, 0x16, 0xb4, 0x6f, - 0x00, 0x2e, 0x71, 0xda, 0xed, 0x16, 0x9b, 0x5c }; +{ 0x07, 0x0d, 0x59, 0x63, 0x98, 0x73, 0xa5, 0x45, + 0x27, 0x38, 0x22, 0x7b, 0x76, 0x85, 0xd1, 0xa9, + 0x74, 0x18, 0x1f, 0x3c, 0x22, 0xf6, 0x49, 0x20, + 0x4a, 0x47, 0xc2, 0xf3, 0x85, 0x16, 0xb4, 0x6f, + 0x00, 0x2e, 0x71, 0xda, 0xed, 0x16, 0x9b, 0x5c }; static const unsigned char pers_pr[] = - { 0xbf, 0xa4, 0x9a, 0x8f, 0x7b, 0xd8, 0xb1, 0x7a, - 0x9d, 0xfa, 0x45, 0xed, 0x21, 0x52, 0xb3, 0xad }; +{ 0xbf, 0xa4, 0x9a, 0x8f, 0x7b, 0xd8, 0xb1, 0x7a, + 0x9d, 0xfa, 0x45, 0xed, 0x21, 0x52, 0xb3, 0xad }; static const unsigned char pers_nopr[] = - { 0x4e, 0x61, 0x79, 0xd4, 0xc2, 0x72, 0xa1, 0x4c, - 0xf1, 0x3d, 0xf6, 0x5e, 0xa3, 0xa6, 0xe5, 0x0f }; +{ 0x4e, 0x61, 0x79, 0xd4, 0xc2, 0x72, 0xa1, 0x4c, + 0xf1, 0x3d, 0xf6, 0x5e, 0xa3, 0xa6, 0xe5, 0x0f }; static const unsigned char result_pr[] = - { 0xc9, 0x0a, 0xaf, 0x85, 0x89, 0x71, 0x44, 0x66, - 0x4f, 0x25, 0x0b, 0x2b, 0xde, 0xd8, 0xfa, 0xff, - 0x52, 0x5a, 0x1b, 0x32, 0x5e, 0x41, 0x7a, 0x10, - 0x1f, 0xef, 0x1e, 0x62, 0x23, 0xe9, 0x20, 0x30, - 0xc9, 0x0d, 0xad, 0x69, 0xb4, 0x9c, 0x5b, 0xf4, - 0x87, 0x42, 0xd5, 0xae, 0x5e, 0x5e, 0x43, 0xcc, - 0xd9, 0xfd, 0x0b, 0x93, 0x4a, 0xe3, 0xd4, 0x06, - 0x37, 0x36, 0x0f, 0x3f, 0x72, 0x82, 0x0c, 0xcf }; +{ 0xc9, 0x0a, 0xaf, 0x85, 0x89, 0x71, 0x44, 0x66, + 0x4f, 0x25, 0x0b, 0x2b, 0xde, 0xd8, 0xfa, 0xff, + 0x52, 0x5a, 0x1b, 0x32, 0x5e, 0x41, 0x7a, 0x10, + 0x1f, 0xef, 0x1e, 0x62, 0x23, 0xe9, 0x20, 0x30, + 0xc9, 0x0d, 0xad, 0x69, 0xb4, 0x9c, 0x5b, 0xf4, + 0x87, 0x42, 0xd5, 0xae, 0x5e, 0x5e, 0x43, 0xcc, + 0xd9, 0xfd, 0x0b, 0x93, 0x4a, 0xe3, 0xd4, 0x06, + 0x37, 0x36, 0x0f, 0x3f, 0x72, 0x82, 0x0c, 0xcf }; static const unsigned char result_nopr[] = - { 0x31, 0xc9, 0x91, 0x09, 0xf8, 0xc5, 0x10, 0x13, - 0x3c, 0xd3, 0x96, 0xf9, 0xbc, 0x2c, 0x12, 0xc0, - 0x7c, 0xc1, 0x61, 0x5f, 0xa3, 0x09, 0x99, 0xaf, - 0xd7, 0xf2, 0x36, 0xfd, 0x40, 0x1a, 0x8b, 0xf2, - 0x33, 0x38, 0xee, 0x1d, 0x03, 0x5f, 0x83, 0xb7, - 0xa2, 0x53, 0xdc, 0xee, 0x18, 0xfc, 0xa7, 0xf2, - 0xee, 0x96, 0xc6, 0xc2, 0xcd, 0x0c, 0xff, 0x02, - 0x76, 0x70, 0x69, 0xaa, 0x69, 0xd1, 0x3b, 0xe8 }; +{ 0x31, 0xc9, 0x91, 0x09, 0xf8, 0xc5, 0x10, 0x13, + 0x3c, 0xd3, 0x96, 0xf9, 0xbc, 0x2c, 0x12, 0xc0, + 0x7c, 0xc1, 0x61, 0x5f, 0xa3, 0x09, 0x99, 0xaf, + 0xd7, 0xf2, 0x36, 0xfd, 0x40, 0x1a, 0x8b, 0xf2, + 0x33, 0x38, 0xee, 0x1d, 0x03, 0x5f, 0x83, 0xb7, + 0xa2, 0x53, 0xdc, 0xee, 0x18, 0xfc, 0xa7, 0xf2, + 0xee, 0x96, 0xc6, 0xc2, 0xcd, 0x0c, 0xff, 0x02, + 0x76, 0x70, 0x69, 0xaa, 0x69, 0xd1, 0x3b, 0xe8 }; #else /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ static const unsigned char entropy_source_pr[] = - { 0xca, 0x58, 0xfd, 0xf2, 0xb9, 0x77, 0xcb, 0x49, - 0xd4, 0xe0, 0x5b, 0xe2, 0x39, 0x50, 0xd9, 0x8a, - 0x6a, 0xb3, 0xc5, 0x2f, 0xdf, 0x74, 0xd5, 0x85, - 0x8f, 0xd1, 0xba, 0x64, 0x54, 0x7b, 0xdb, 0x1e, - 0xc5, 0xea, 0x24, 0xc0, 0xfa, 0x0c, 0x90, 0x15, - 0x09, 0x20, 0x92, 0x42, 0x32, 0x36, 0x45, 0x45, - 0x7d, 0x20, 0x76, 0x6b, 0xcf, 0xa2, 0x15, 0xc8, - 0x2f, 0x9f, 0xbc, 0x88, 0x3f, 0x80, 0xd1, 0x2c, - 0xb7, 0x16, 0xd1, 0x80, 0x9e, 0xe1, 0xc9, 0xb3, - 0x88, 0x1b, 0x21, 0x45, 0xef, 0xa1, 0x7f, 0xce, - 0xc8, 0x92, 0x35, 0x55, 0x2a, 0xd9, 0x1d, 0x8e, - 0x12, 0x38, 0xac, 0x01, 0x4e, 0x38, 0x18, 0x76, - 0x9c, 0xf2, 0xb6, 0xd4, 0x13, 0xb6, 0x2c, 0x77, - 0xc0, 0xe7, 0xe6, 0x0c, 0x47, 0x44, 0x95, 0xbe }; +{ 0xca, 0x58, 0xfd, 0xf2, 0xb9, 0x77, 0xcb, 0x49, + 0xd4, 0xe0, 0x5b, 0xe2, 0x39, 0x50, 0xd9, 0x8a, + 0x6a, 0xb3, 0xc5, 0x2f, 0xdf, 0x74, 0xd5, 0x85, + 0x8f, 0xd1, 0xba, 0x64, 0x54, 0x7b, 0xdb, 0x1e, + 0xc5, 0xea, 0x24, 0xc0, 0xfa, 0x0c, 0x90, 0x15, + 0x09, 0x20, 0x92, 0x42, 0x32, 0x36, 0x45, 0x45, + 0x7d, 0x20, 0x76, 0x6b, 0xcf, 0xa2, 0x15, 0xc8, + 0x2f, 0x9f, 0xbc, 0x88, 0x3f, 0x80, 0xd1, 0x2c, + 0xb7, 0x16, 0xd1, 0x80, 0x9e, 0xe1, 0xc9, 0xb3, + 0x88, 0x1b, 0x21, 0x45, 0xef, 0xa1, 0x7f, 0xce, + 0xc8, 0x92, 0x35, 0x55, 0x2a, 0xd9, 0x1d, 0x8e, + 0x12, 0x38, 0xac, 0x01, 0x4e, 0x38, 0x18, 0x76, + 0x9c, 0xf2, 0xb6, 0xd4, 0x13, 0xb6, 0x2c, 0x77, + 0xc0, 0xe7, 0xe6, 0x0c, 0x47, 0x44, 0x95, 0xbe }; static const unsigned char entropy_source_nopr[] = - { 0x4c, 0xfb, 0x21, 0x86, 0x73, 0x34, 0x6d, 0x9d, - 0x50, 0xc9, 0x22, 0xe4, 0x9b, 0x0d, 0xfc, 0xd0, - 0x90, 0xad, 0xf0, 0x4f, 0x5c, 0x3b, 0xa4, 0x73, - 0x27, 0xdf, 0xcd, 0x6f, 0xa6, 0x3a, 0x78, 0x5c, - 0x01, 0x69, 0x62, 0xa7, 0xfd, 0x27, 0x87, 0xa2, - 0x4b, 0xf6, 0xbe, 0x47, 0xef, 0x37, 0x83, 0xf1, - 0xb7, 0xec, 0x46, 0x07, 0x23, 0x63, 0x83, 0x4a, - 0x1b, 0x01, 0x33, 0xf2, 0xc2, 0x38, 0x91, 0xdb, - 0x4f, 0x11, 0xa6, 0x86, 0x51, 0xf2, 0x3e, 0x3a, - 0x8b, 0x1f, 0xdc, 0x03, 0xb1, 0x92, 0xc7, 0xe7 }; +{ 0x4c, 0xfb, 0x21, 0x86, 0x73, 0x34, 0x6d, 0x9d, + 0x50, 0xc9, 0x22, 0xe4, 0x9b, 0x0d, 0xfc, 0xd0, + 0x90, 0xad, 0xf0, 0x4f, 0x5c, 0x3b, 0xa4, 0x73, + 0x27, 0xdf, 0xcd, 0x6f, 0xa6, 0x3a, 0x78, 0x5c, + 0x01, 0x69, 0x62, 0xa7, 0xfd, 0x27, 0x87, 0xa2, + 0x4b, 0xf6, 0xbe, 0x47, 0xef, 0x37, 0x83, 0xf1, + 0xb7, 0xec, 0x46, 0x07, 0x23, 0x63, 0x83, 0x4a, + 0x1b, 0x01, 0x33, 0xf2, 0xc2, 0x38, 0x91, 0xdb, + 0x4f, 0x11, 0xa6, 0x86, 0x51, 0xf2, 0x3e, 0x3a, + 0x8b, 0x1f, 0xdc, 0x03, 0xb1, 0x92, 0xc7, 0xe7 }; static const unsigned char pers_pr[] = - { 0x5a, 0x70, 0x95, 0xe9, 0x81, 0x40, 0x52, 0x33, - 0x91, 0x53, 0x7e, 0x75, 0xd6, 0x19, 0x9d, 0x1e, - 0xad, 0x0d, 0xc6, 0xa7, 0xde, 0x6c, 0x1f, 0xe0, - 0xea, 0x18, 0x33, 0xa8, 0x7e, 0x06, 0x20, 0xe9 }; +{ 0x5a, 0x70, 0x95, 0xe9, 0x81, 0x40, 0x52, 0x33, + 0x91, 0x53, 0x7e, 0x75, 0xd6, 0x19, 0x9d, 0x1e, + 0xad, 0x0d, 0xc6, 0xa7, 0xde, 0x6c, 0x1f, 0xe0, + 0xea, 0x18, 0x33, 0xa8, 0x7e, 0x06, 0x20, 0xe9 }; static const unsigned char pers_nopr[] = - { 0x88, 0xee, 0xb8, 0xe0, 0xe8, 0x3b, 0xf3, 0x29, - 0x4b, 0xda, 0xcd, 0x60, 0x99, 0xeb, 0xe4, 0xbf, - 0x55, 0xec, 0xd9, 0x11, 0x3f, 0x71, 0xe5, 0xeb, - 0xcb, 0x45, 0x75, 0xf3, 0xd6, 0xa6, 0x8a, 0x6b }; +{ 0x88, 0xee, 0xb8, 0xe0, 0xe8, 0x3b, 0xf3, 0x29, + 0x4b, 0xda, 0xcd, 0x60, 0x99, 0xeb, 0xe4, 0xbf, + 0x55, 0xec, 0xd9, 0x11, 0x3f, 0x71, 0xe5, 0xeb, + 0xcb, 0x45, 0x75, 0xf3, 0xd6, 0xa6, 0x8a, 0x6b }; static const unsigned char result_pr[] = - { 0xce, 0x2f, 0xdb, 0xb6, 0xd9, 0xb7, 0x39, 0x85, - 0x04, 0xc5, 0xc0, 0x42, 0xc2, 0x31, 0xc6, 0x1d, - 0x9b, 0x5a, 0x59, 0xf8, 0x7e, 0x0d, 0xcc, 0x62, - 0x7b, 0x65, 0x11, 0x55, 0x10, 0xeb, 0x9e, 0x3d, - 0xa4, 0xfb, 0x1c, 0x6a, 0x18, 0xc0, 0x74, 0xdb, - 0xdd, 0xe7, 0x02, 0x23, 0x63, 0x21, 0xd0, 0x39, - 0xf9, 0xa7, 0xc4, 0x52, 0x84, 0x3b, 0x49, 0x40, - 0x72, 0x2b, 0xb0, 0x6c, 0x9c, 0xdb, 0xc3, 0x43 }; +{ 0xce, 0x2f, 0xdb, 0xb6, 0xd9, 0xb7, 0x39, 0x85, + 0x04, 0xc5, 0xc0, 0x42, 0xc2, 0x31, 0xc6, 0x1d, + 0x9b, 0x5a, 0x59, 0xf8, 0x7e, 0x0d, 0xcc, 0x62, + 0x7b, 0x65, 0x11, 0x55, 0x10, 0xeb, 0x9e, 0x3d, + 0xa4, 0xfb, 0x1c, 0x6a, 0x18, 0xc0, 0x74, 0xdb, + 0xdd, 0xe7, 0x02, 0x23, 0x63, 0x21, 0xd0, 0x39, + 0xf9, 0xa7, 0xc4, 0x52, 0x84, 0x3b, 0x49, 0x40, + 0x72, 0x2b, 0xb0, 0x6c, 0x9c, 0xdb, 0xc3, 0x43 }; static const unsigned char result_nopr[] = - { 0xa5, 0x51, 0x80, 0xa1, 0x90, 0xbe, 0xf3, 0xad, - 0xaf, 0x28, 0xf6, 0xb7, 0x95, 0xe9, 0xf1, 0xf3, - 0xd6, 0xdf, 0xa1, 0xb2, 0x7d, 0xd0, 0x46, 0x7b, - 0x0c, 0x75, 0xf5, 0xfa, 0x93, 0x1e, 0x97, 0x14, - 0x75, 0xb2, 0x7c, 0xae, 0x03, 0xa2, 0x96, 0x54, - 0xe2, 0xf4, 0x09, 0x66, 0xea, 0x33, 0x64, 0x30, - 0x40, 0xd1, 0x40, 0x0f, 0xe6, 0x77, 0x87, 0x3a, - 0xf8, 0x09, 0x7c, 0x1f, 0xe9, 0xf0, 0x02, 0x98 }; +{ 0xa5, 0x51, 0x80, 0xa1, 0x90, 0xbe, 0xf3, 0xad, + 0xaf, 0x28, 0xf6, 0xb7, 0x95, 0xe9, 0xf1, 0xf3, + 0xd6, 0xdf, 0xa1, 0xb2, 0x7d, 0xd0, 0x46, 0x7b, + 0x0c, 0x75, 0xf5, 0xfa, 0x93, 0x1e, 0x97, 0x14, + 0x75, 0xb2, 0x7c, 0xae, 0x03, 0xa2, 0x96, 0x54, + 0xe2, 0xf4, 0x09, 0x66, 0xea, 0x33, 0x64, 0x30, + 0x40, 0xd1, 0x40, 0x0f, 0xe6, 0x77, 0x87, 0x3a, + 0xf8, 0x09, 0x7c, 0x1f, 0xe9, 0xf0, 0x02, 0x98 }; #endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ static size_t test_offset; -static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf, - size_t len ) +static int ctr_drbg_self_test_entropy(void *data, unsigned char *buf, + size_t len) { const unsigned char *p = data; - memcpy( buf, p + test_offset, len ); + memcpy(buf, p + test_offset, len); test_offset += len; - return( 0 ); + return 0; } -#define CHK( c ) if( (c) != 0 ) \ - { \ - if( verbose != 0 ) \ - mbedtls_printf( "failed\n" ); \ - return( 1 ); \ - } +#define CHK(c) if ((c) != 0) \ + { \ + if (verbose != 0) \ + mbedtls_printf("failed\n"); \ + return 1; \ + } #define SELF_TEST_OUTPUT_DISCARD_LENGTH 64 /* * Checkup routine */ -int mbedtls_ctr_drbg_self_test( int verbose ) +int mbedtls_ctr_drbg_self_test(int verbose) { mbedtls_ctr_drbg_context ctx; - unsigned char buf[ sizeof( result_pr ) ]; + unsigned char buf[sizeof(result_pr)]; - mbedtls_ctr_drbg_init( &ctx ); + mbedtls_ctr_drbg_init(&ctx); /* * Based on a NIST CTR_DRBG test vector (PR = True) */ - if( verbose != 0 ) - mbedtls_printf( " CTR_DRBG (PR = TRUE) : " ); + if (verbose != 0) { + mbedtls_printf(" CTR_DRBG (PR = TRUE) : "); + } test_offset = 0; - mbedtls_ctr_drbg_set_entropy_len( &ctx, MBEDTLS_CTR_DRBG_KEYSIZE ); - mbedtls_ctr_drbg_set_nonce_len( &ctx, MBEDTLS_CTR_DRBG_KEYSIZE / 2 ); - CHK( mbedtls_ctr_drbg_seed( &ctx, - ctr_drbg_self_test_entropy, - (void *) entropy_source_pr, - pers_pr, MBEDTLS_CTR_DRBG_KEYSIZE ) ); - mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON ); - CHK( mbedtls_ctr_drbg_random( &ctx, buf, SELF_TEST_OUTPUT_DISCARD_LENGTH ) ); - CHK( mbedtls_ctr_drbg_random( &ctx, buf, sizeof( result_pr ) ) ); - CHK( memcmp( buf, result_pr, sizeof( result_pr ) ) ); - - mbedtls_ctr_drbg_free( &ctx ); - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + mbedtls_ctr_drbg_set_entropy_len(&ctx, MBEDTLS_CTR_DRBG_KEYSIZE); + mbedtls_ctr_drbg_set_nonce_len(&ctx, MBEDTLS_CTR_DRBG_KEYSIZE / 2); + CHK(mbedtls_ctr_drbg_seed(&ctx, + ctr_drbg_self_test_entropy, + (void *) entropy_source_pr, + pers_pr, MBEDTLS_CTR_DRBG_KEYSIZE)); + mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_ON); + CHK(mbedtls_ctr_drbg_random(&ctx, buf, SELF_TEST_OUTPUT_DISCARD_LENGTH)); + CHK(mbedtls_ctr_drbg_random(&ctx, buf, sizeof(result_pr))); + CHK(memcmp(buf, result_pr, sizeof(result_pr))); + + mbedtls_ctr_drbg_free(&ctx); + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } /* * Based on a NIST CTR_DRBG test vector (PR = FALSE) */ - if( verbose != 0 ) - mbedtls_printf( " CTR_DRBG (PR = FALSE): " ); + if (verbose != 0) { + mbedtls_printf(" CTR_DRBG (PR = FALSE): "); + } - mbedtls_ctr_drbg_init( &ctx ); + mbedtls_ctr_drbg_init(&ctx); test_offset = 0; - mbedtls_ctr_drbg_set_entropy_len( &ctx, MBEDTLS_CTR_DRBG_KEYSIZE); - mbedtls_ctr_drbg_set_nonce_len( &ctx, MBEDTLS_CTR_DRBG_KEYSIZE / 2 ); - CHK( mbedtls_ctr_drbg_seed( &ctx, - ctr_drbg_self_test_entropy, - (void *) entropy_source_nopr, - pers_nopr, MBEDTLS_CTR_DRBG_KEYSIZE ) ); - CHK( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) ); - CHK( mbedtls_ctr_drbg_random( &ctx, buf, SELF_TEST_OUTPUT_DISCARD_LENGTH ) ); - CHK( mbedtls_ctr_drbg_random( &ctx, buf, sizeof( result_nopr ) ) ); - CHK( memcmp( buf, result_nopr, sizeof( result_nopr ) ) ); - - mbedtls_ctr_drbg_free( &ctx ); - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - - if( verbose != 0 ) - mbedtls_printf( "\n" ); - - return( 0 ); + mbedtls_ctr_drbg_set_entropy_len(&ctx, MBEDTLS_CTR_DRBG_KEYSIZE); + mbedtls_ctr_drbg_set_nonce_len(&ctx, MBEDTLS_CTR_DRBG_KEYSIZE / 2); + CHK(mbedtls_ctr_drbg_seed(&ctx, + ctr_drbg_self_test_entropy, + (void *) entropy_source_nopr, + pers_nopr, MBEDTLS_CTR_DRBG_KEYSIZE)); + CHK(mbedtls_ctr_drbg_reseed(&ctx, NULL, 0)); + CHK(mbedtls_ctr_drbg_random(&ctx, buf, SELF_TEST_OUTPUT_DISCARD_LENGTH)); + CHK(mbedtls_ctr_drbg_random(&ctx, buf, sizeof(result_nopr))); + CHK(memcmp(buf, result_nopr, sizeof(result_nopr))); + + mbedtls_ctr_drbg_free(&ctx); + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } + + if (verbose != 0) { + mbedtls_printf("\n"); + } + + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/debug.c b/library/debug.c index 353b4bf07bf6..ab8b3524d4cf 100644 --- a/library/debug.c +++ b/library/debug.c @@ -34,7 +34,7 @@ static int debug_threshold = 0; -void mbedtls_debug_set_threshold( int threshold ) +void mbedtls_debug_set_threshold(int threshold) { debug_threshold = threshold; } @@ -42,9 +42,9 @@ void mbedtls_debug_set_threshold( int threshold ) /* * All calls to f_dbg must be made via this function */ -static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *str ) +static inline void debug_send_line(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *str) { /* * If in a threaded environment, we need a thread identifier. @@ -53,54 +53,51 @@ static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level, */ #if defined(MBEDTLS_THREADING_C) char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */ - mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", (void*)ssl, str ); - ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, idstr ); + mbedtls_snprintf(idstr, sizeof(idstr), "%p: %s", (void *) ssl, str); + ssl->conf->f_dbg(ssl->conf->p_dbg, level, file, line, idstr); #else - ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); + ssl->conf->f_dbg(ssl->conf->p_dbg, level, file, line, str); #endif } MBEDTLS_PRINTF_ATTRIBUTE(5, 6) -void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *format, ... ) +void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *format, ...) { va_list argp; char str[DEBUG_BUF_SIZE]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( NULL == ssl || + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || - level > debug_threshold ) - { + level > debug_threshold) { return; } - va_start( argp, format ); - ret = mbedtls_vsnprintf( str, DEBUG_BUF_SIZE, format, argp ); - va_end( argp ); + va_start(argp, format); + ret = mbedtls_vsnprintf(str, DEBUG_BUF_SIZE, format, argp); + va_end(argp); - if( ret >= 0 && ret < DEBUG_BUF_SIZE - 1 ) - { + if (ret >= 0 && ret < DEBUG_BUF_SIZE - 1) { str[ret] = '\n'; str[ret + 1] = '\0'; } - debug_send_line( ssl, level, file, line, str ); + debug_send_line(ssl, level, file, line, str); } -void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, int ret ) +void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, int ret) { char str[DEBUG_BUF_SIZE]; - if( NULL == ssl || + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || - level > debug_threshold ) - { + level > debug_threshold) { return; } @@ -109,246 +106,232 @@ void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, * the logs would be quickly flooded with WANT_READ, so ignore that. * Don't ignore WANT_WRITE however, since is is usually rare. */ - if( ret == MBEDTLS_ERR_SSL_WANT_READ ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ) { return; + } - mbedtls_snprintf( str, sizeof( str ), "%s() returned %d (-0x%04x)\n", - text, ret, (unsigned int) -ret ); + mbedtls_snprintf(str, sizeof(str), "%s() returned %d (-0x%04x)\n", + text, ret, (unsigned int) -ret); - debug_send_line( ssl, level, file, line, str ); + debug_send_line(ssl, level, file, line, str); } -void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, const char *text, - const unsigned char *buf, size_t len ) +void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text, + const unsigned char *buf, size_t len) { char str[DEBUG_BUF_SIZE]; char txt[17]; size_t i, idx = 0; - if( NULL == ssl || + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || - level > debug_threshold ) - { + level > debug_threshold) { return; } - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n", - text, (unsigned int) len ); + mbedtls_snprintf(str + idx, sizeof(str) - idx, "dumping '%s' (%u bytes)\n", + text, (unsigned int) len); - debug_send_line( ssl, level, file, line, str ); + debug_send_line(ssl, level, file, line, str); idx = 0; - memset( txt, 0, sizeof( txt ) ); - for( i = 0; i < len; i++ ) - { - if( i >= 4096 ) + memset(txt, 0, sizeof(txt)); + for (i = 0; i < len; i++) { + if (i >= 4096) { break; + } - if( i % 16 == 0 ) - { - if( i > 0 ) - { - mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt ); - debug_send_line( ssl, level, file, line, str ); + if (i % 16 == 0) { + if (i > 0) { + mbedtls_snprintf(str + idx, sizeof(str) - idx, " %s\n", txt); + debug_send_line(ssl, level, file, line, str); idx = 0; - memset( txt, 0, sizeof( txt ) ); + memset(txt, 0, sizeof(txt)); } - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "%04x: ", - (unsigned int) i ); + idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, "%04x: ", + (unsigned int) i); } - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", - (unsigned int) buf[i] ); - txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ; + idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, " %02x", + (unsigned int) buf[i]); + txt[i % 16] = (buf[i] > 31 && buf[i] < 127) ? buf[i] : '.'; } - if( len > 0 ) - { - for( /* i = i */; i % 16 != 0; i++ ) - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " " ); + if (len > 0) { + for (/* i = i */; i % 16 != 0; i++) { + idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, " "); + } - mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt ); - debug_send_line( ssl, level, file, line, str ); + mbedtls_snprintf(str + idx, sizeof(str) - idx, " %s\n", txt); + debug_send_line(ssl, level, file, line, str); } } #if defined(MBEDTLS_ECP_C) -void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_ecp_point *X ) +void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_ecp_point *X) { char str[DEBUG_BUF_SIZE]; - if( NULL == ssl || + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || - level > debug_threshold ) - { + level > debug_threshold) { return; } - mbedtls_snprintf( str, sizeof( str ), "%s(X)", text ); - mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X ); + mbedtls_snprintf(str, sizeof(str), "%s(X)", text); + mbedtls_debug_print_mpi(ssl, level, file, line, str, &X->X); - mbedtls_snprintf( str, sizeof( str ), "%s(Y)", text ); - mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->Y ); + mbedtls_snprintf(str, sizeof(str), "%s(Y)", text); + mbedtls_debug_print_mpi(ssl, level, file, line, str, &X->Y); } #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_BIGNUM_C) -void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_mpi *X ) +void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_mpi *X) { char str[DEBUG_BUF_SIZE]; size_t bitlen; size_t idx = 0; - if( NULL == ssl || + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || NULL == X || - level > debug_threshold ) - { + level > debug_threshold) { return; } - bitlen = mbedtls_mpi_bitlen( X ); + bitlen = mbedtls_mpi_bitlen(X); - mbedtls_snprintf( str, sizeof( str ), "value of '%s' (%u bits) is:\n", - text, (unsigned) bitlen ); - debug_send_line( ssl, level, file, line, str ); + mbedtls_snprintf(str, sizeof(str), "value of '%s' (%u bits) is:\n", + text, (unsigned) bitlen); + debug_send_line(ssl, level, file, line, str); - if( bitlen == 0 ) - { + if (bitlen == 0) { str[0] = ' '; str[1] = '0'; str[2] = '0'; idx = 3; - } - else - { + } else { int n; - for( n = (int) ( ( bitlen - 1 ) / 8 ); n >= 0; n-- ) - { - size_t limb_offset = n / sizeof( mbedtls_mpi_uint ); - size_t offset_in_limb = n % sizeof( mbedtls_mpi_uint ); + for (n = (int) ((bitlen - 1) / 8); n >= 0; n--) { + size_t limb_offset = n / sizeof(mbedtls_mpi_uint); + size_t offset_in_limb = n % sizeof(mbedtls_mpi_uint); unsigned char octet = - ( X->p[limb_offset] >> ( offset_in_limb * 8 ) ) & 0xff; - mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", octet ); + (X->p[limb_offset] >> (offset_in_limb * 8)) & 0xff; + mbedtls_snprintf(str + idx, sizeof(str) - idx, " %02x", octet); idx += 3; /* Wrap lines after 16 octets that each take 3 columns */ - if( idx >= 3 * 16 ) - { - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); - debug_send_line( ssl, level, file, line, str ); + if (idx >= 3 * 16) { + mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n"); + debug_send_line(ssl, level, file, line, str); idx = 0; } } } - if( idx != 0 ) - { - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); - debug_send_line( ssl, level, file, line, str ); + if (idx != 0) { + mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n"); + debug_send_line(ssl, level, file, line, str); } } #endif /* MBEDTLS_BIGNUM_C */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -static void debug_print_pk( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_pk_context *pk ) +static void debug_print_pk(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_pk_context *pk) { size_t i; mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS]; char name[16]; - memset( items, 0, sizeof( items ) ); + memset(items, 0, sizeof(items)); - if( mbedtls_pk_debug( pk, items ) != 0 ) - { - debug_send_line( ssl, level, file, line, - "invalid PK context\n" ); + if (mbedtls_pk_debug(pk, items) != 0) { + debug_send_line(ssl, level, file, line, + "invalid PK context\n"); return; } - for( i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++ ) - { - if( items[i].type == MBEDTLS_PK_DEBUG_NONE ) + for (i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++) { + if (items[i].type == MBEDTLS_PK_DEBUG_NONE) { return; + } - mbedtls_snprintf( name, sizeof( name ), "%s%s", text, items[i].name ); - name[sizeof( name ) - 1] = '\0'; + mbedtls_snprintf(name, sizeof(name), "%s%s", text, items[i].name); + name[sizeof(name) - 1] = '\0'; - if( items[i].type == MBEDTLS_PK_DEBUG_MPI ) - mbedtls_debug_print_mpi( ssl, level, file, line, name, items[i].value ); - else + if (items[i].type == MBEDTLS_PK_DEBUG_MPI) { + mbedtls_debug_print_mpi(ssl, level, file, line, name, items[i].value); + } else #if defined(MBEDTLS_ECP_C) - if( items[i].type == MBEDTLS_PK_DEBUG_ECP ) - mbedtls_debug_print_ecp( ssl, level, file, line, name, items[i].value ); - else + if (items[i].type == MBEDTLS_PK_DEBUG_ECP) { + mbedtls_debug_print_ecp(ssl, level, file, line, name, items[i].value); + } else #endif - debug_send_line( ssl, level, file, line, - "should not happen\n" ); + { debug_send_line(ssl, level, file, line, + "should not happen\n"); } } } -static void debug_print_line_by_line( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, const char *text ) +static void debug_print_line_by_line(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text) { char str[DEBUG_BUF_SIZE]; const char *start, *cur; start = text; - for( cur = text; *cur != '\0'; cur++ ) - { - if( *cur == '\n' ) - { + for (cur = text; *cur != '\0'; cur++) { + if (*cur == '\n') { size_t len = cur - start + 1; - if( len > DEBUG_BUF_SIZE - 1 ) + if (len > DEBUG_BUF_SIZE - 1) { len = DEBUG_BUF_SIZE - 1; + } - memcpy( str, start, len ); + memcpy(str, start, len); str[len] = '\0'; - debug_send_line( ssl, level, file, line, str ); + debug_send_line(ssl, level, file, line, str); start = cur + 1; } } } -void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_x509_crt *crt ) +void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_x509_crt *crt) { char str[DEBUG_BUF_SIZE]; int i = 0; - if( NULL == ssl || + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || NULL == crt || - level > debug_threshold ) - { + level > debug_threshold) { return; } - while( crt != NULL ) - { + while (crt != NULL) { char buf[1024]; - mbedtls_snprintf( str, sizeof( str ), "%s #%d:\n", text, ++i ); - debug_send_line( ssl, level, file, line, str ); + mbedtls_snprintf(str, sizeof(str), "%s #%d:\n", text, ++i); + debug_send_line(ssl, level, file, line, str); - mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); - debug_print_line_by_line( ssl, level, file, line, buf ); + mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt); + debug_print_line_by_line(ssl, level, file, line, buf); - debug_print_pk( ssl, level, file, line, "crt->", &crt->pk ); + debug_print_pk(ssl, level, file, line, "crt->", &crt->pk); crt = crt->next; } @@ -356,50 +339,48 @@ void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_ECDH_C) -static void mbedtls_debug_printf_ecdh_internal( const mbedtls_ssl_context *ssl, - int level, const char *file, - int line, - const mbedtls_ecdh_context *ecdh, - mbedtls_debug_ecdh_attr attr ) +static void mbedtls_debug_printf_ecdh_internal(const mbedtls_ssl_context *ssl, + int level, const char *file, + int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr) { #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - const mbedtls_ecdh_context* ctx = ecdh; + const mbedtls_ecdh_context *ctx = ecdh; #else - const mbedtls_ecdh_context_mbed* ctx = &ecdh->ctx.mbed_ecdh; + const mbedtls_ecdh_context_mbed *ctx = &ecdh->ctx.mbed_ecdh; #endif - switch( attr ) - { + switch (attr) { case MBEDTLS_DEBUG_ECDH_Q: - mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Q", - &ctx->Q ); + mbedtls_debug_print_ecp(ssl, level, file, line, "ECDH: Q", + &ctx->Q); break; case MBEDTLS_DEBUG_ECDH_QP: - mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Qp", - &ctx->Qp ); + mbedtls_debug_print_ecp(ssl, level, file, line, "ECDH: Qp", + &ctx->Qp); break; case MBEDTLS_DEBUG_ECDH_Z: - mbedtls_debug_print_mpi( ssl, level, file, line, "ECDH: z", - &ctx->z ); + mbedtls_debug_print_mpi(ssl, level, file, line, "ECDH: z", + &ctx->z); break; default: break; } } -void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const mbedtls_ecdh_context *ecdh, - mbedtls_debug_ecdh_attr attr ) +void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr) { #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, attr ); + mbedtls_debug_printf_ecdh_internal(ssl, level, file, line, ecdh, attr); #else - switch( ecdh->var ) - { + switch (ecdh->var) { default: - mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, - attr ); + mbedtls_debug_printf_ecdh_internal(ssl, level, file, line, ecdh, + attr); } #endif } diff --git a/library/des.c b/library/des.c index 65f5681cf1c2..8cf346f81be4 100644 --- a/library/des.c +++ b/library/des.c @@ -222,7 +222,7 @@ static const uint32_t RHs[16] = /* * Initial Permutation macro */ -#define DES_IP(X,Y) \ +#define DES_IP(X, Y) \ do \ { \ T = (((X) >> 4) ^ (Y)) & 0x0F0F0F0F; (Y) ^= T; (X) ^= (T << 4); \ @@ -232,12 +232,12 @@ static const uint32_t RHs[16] = (Y) = (((Y) << 1) | ((Y) >> 31)) & 0xFFFFFFFF; \ T = ((X) ^ (Y)) & 0xAAAAAAAA; (Y) ^= T; (X) ^= T; \ (X) = (((X) << 1) | ((X) >> 31)) & 0xFFFFFFFF; \ - } while( 0 ) + } while (0) /* * Final Permutation macro */ -#define DES_FP(X,Y) \ +#define DES_FP(X, Y) \ do \ { \ (X) = (((X) << 31) | ((X) >> 1)) & 0xFFFFFFFF; \ @@ -247,90 +247,103 @@ static const uint32_t RHs[16] = T = (((Y) >> 2) ^ (X)) & 0x33333333; (X) ^= T; (Y) ^= (T << 2); \ T = (((X) >> 16) ^ (Y)) & 0x0000FFFF; (Y) ^= T; (X) ^= (T << 16); \ T = (((X) >> 4) ^ (Y)) & 0x0F0F0F0F; (Y) ^= T; (X) ^= (T << 4); \ - } while( 0 ) + } while (0) /* * DES round macro */ -#define DES_ROUND(X,Y) \ +#define DES_ROUND(X, Y) \ do \ { \ T = *SK++ ^ (X); \ - (Y) ^= SB8[ (T ) & 0x3F ] ^ \ - SB6[ (T >> 8) & 0x3F ] ^ \ - SB4[ (T >> 16) & 0x3F ] ^ \ - SB2[ (T >> 24) & 0x3F ]; \ + (Y) ^= SB8[(T) & 0x3F] ^ \ + SB6[(T >> 8) & 0x3F] ^ \ + SB4[(T >> 16) & 0x3F] ^ \ + SB2[(T >> 24) & 0x3F]; \ \ T = *SK++ ^ (((X) << 28) | ((X) >> 4)); \ - (Y) ^= SB7[ (T ) & 0x3F ] ^ \ - SB5[ (T >> 8) & 0x3F ] ^ \ - SB3[ (T >> 16) & 0x3F ] ^ \ - SB1[ (T >> 24) & 0x3F ]; \ - } while( 0 ) + (Y) ^= SB7[(T) & 0x3F] ^ \ + SB5[(T >> 8) & 0x3F] ^ \ + SB3[(T >> 16) & 0x3F] ^ \ + SB1[(T >> 24) & 0x3F]; \ + } while (0) -#define SWAP(a,b) \ +#define SWAP(a, b) \ do \ { \ uint32_t t = (a); (a) = (b); (b) = t; t = 0; \ - } while( 0 ) + } while (0) -void mbedtls_des_init( mbedtls_des_context *ctx ) +void mbedtls_des_init(mbedtls_des_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_des_context ) ); + memset(ctx, 0, sizeof(mbedtls_des_context)); } -void mbedtls_des_free( mbedtls_des_context *ctx ) +void mbedtls_des_free(mbedtls_des_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_des_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_des_context)); } -void mbedtls_des3_init( mbedtls_des3_context *ctx ) +void mbedtls_des3_init(mbedtls_des3_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_des3_context ) ); + memset(ctx, 0, sizeof(mbedtls_des3_context)); } -void mbedtls_des3_free( mbedtls_des3_context *ctx ) +void mbedtls_des3_free(mbedtls_des3_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_des3_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_des3_context)); } static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8, - 11, 13, 14, 16, 19, 21, 22, 25, 26, 28, 31, 32, 35, 37, 38, 41, 42, 44, - 47, 49, 50, 52, 55, 56, 59, 61, 62, 64, 67, 69, 70, 73, 74, 76, 79, 81, - 82, 84, 87, 88, 91, 93, 94, 97, 98, 100, 103, 104, 107, 109, 110, 112, - 115, 117, 118, 121, 122, 124, 127, 128, 131, 133, 134, 137, 138, 140, - 143, 145, 146, 148, 151, 152, 155, 157, 158, 161, 162, 164, 167, 168, - 171, 173, 174, 176, 179, 181, 182, 185, 186, 188, 191, 193, 194, 196, - 199, 200, 203, 205, 206, 208, 211, 213, 214, 217, 218, 220, 223, 224, - 227, 229, 230, 233, 234, 236, 239, 241, 242, 244, 247, 248, 251, 253, - 254 }; - -void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] ) + 11, 13, 14, 16, 19, 21, 22, 25, 26, 28, 31, 32, + 35, 37, 38, 41, 42, 44, + 47, 49, 50, 52, 55, 56, 59, 61, 62, 64, 67, 69, + 70, 73, 74, 76, 79, 81, + 82, 84, 87, 88, 91, 93, 94, 97, 98, 100, 103, + 104, 107, 109, 110, 112, + 115, 117, 118, 121, 122, 124, 127, 128, 131, + 133, 134, 137, 138, 140, + 143, 145, 146, 148, 151, 152, 155, 157, 158, + 161, 162, 164, 167, 168, + 171, 173, 174, 176, 179, 181, 182, 185, 186, + 188, 191, 193, 194, 196, + 199, 200, 203, 205, 206, 208, 211, 213, 214, + 217, 218, 220, 223, 224, + 227, 229, 230, 233, 234, 236, 239, 241, 242, + 244, 247, 248, 251, 253, + 254 }; + +void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; - for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ ) + for (i = 0; i < MBEDTLS_DES_KEY_SIZE; i++) { key[i] = odd_parity_table[key[i] / 2]; + } } /* * Check the given key's parity, returns 1 on failure, 0 on SUCCESS */ -int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) +int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; - for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ ) - if( key[i] != odd_parity_table[key[i] / 2] ) - return( 1 ); + for (i = 0; i < MBEDTLS_DES_KEY_SIZE; i++) { + if (key[i] != odd_parity_table[key[i] / 2]) { + return 1; + } + } - return( 0 ); + return 0; } /* @@ -377,41 +390,43 @@ static const unsigned char weak_key_table[WEAK_KEY_COUNT][MBEDTLS_DES_KEY_SIZE] { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 } }; -int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) +int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; - for( i = 0; i < WEAK_KEY_COUNT; i++ ) - if( memcmp( weak_key_table[i], key, MBEDTLS_DES_KEY_SIZE) == 0 ) - return( 1 ); + for (i = 0; i < WEAK_KEY_COUNT; i++) { + if (memcmp(weak_key_table[i], key, MBEDTLS_DES_KEY_SIZE) == 0) { + return 1; + } + } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DES_SETKEY_ALT) -void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) +void mbedtls_des_setkey(uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; uint32_t X, Y, T; - X = MBEDTLS_GET_UINT32_BE( key, 0 ); - Y = MBEDTLS_GET_UINT32_BE( key, 4 ); + X = MBEDTLS_GET_UINT32_BE(key, 0); + Y = MBEDTLS_GET_UINT32_BE(key, 4); /* * Permuted Choice 1 */ T = ((Y >> 4) ^ X) & 0x0F0F0F0F; X ^= T; Y ^= (T << 4); - T = ((Y ) ^ X) & 0x10101010; X ^= T; Y ^= (T ); + T = ((Y) ^ X) & 0x10101010; X ^= T; Y ^= (T); - X = (LHs[ (X ) & 0xF] << 3) | (LHs[ (X >> 8) & 0xF ] << 2) - | (LHs[ (X >> 16) & 0xF] << 1) | (LHs[ (X >> 24) & 0xF ] ) - | (LHs[ (X >> 5) & 0xF] << 7) | (LHs[ (X >> 13) & 0xF ] << 6) - | (LHs[ (X >> 21) & 0xF] << 5) | (LHs[ (X >> 29) & 0xF ] << 4); + X = (LHs[(X) & 0xF] << 3) | (LHs[(X >> 8) & 0xF] << 2) + | (LHs[(X >> 16) & 0xF] << 1) | (LHs[(X >> 24) & 0xF]) + | (LHs[(X >> 5) & 0xF] << 7) | (LHs[(X >> 13) & 0xF] << 6) + | (LHs[(X >> 21) & 0xF] << 5) | (LHs[(X >> 29) & 0xF] << 4); - Y = (RHs[ (Y >> 1) & 0xF] << 3) | (RHs[ (Y >> 9) & 0xF ] << 2) - | (RHs[ (Y >> 17) & 0xF] << 1) | (RHs[ (Y >> 25) & 0xF ] ) - | (RHs[ (Y >> 4) & 0xF] << 7) | (RHs[ (Y >> 12) & 0xF ] << 6) - | (RHs[ (Y >> 20) & 0xF] << 5) | (RHs[ (Y >> 28) & 0xF ] << 4); + Y = (RHs[(Y >> 1) & 0xF] << 3) | (RHs[(Y >> 9) & 0xF] << 2) + | (RHs[(Y >> 17) & 0xF] << 1) | (RHs[(Y >> 25) & 0xF]) + | (RHs[(Y >> 4) & 0xF] << 7) | (RHs[(Y >> 12) & 0xF] << 6) + | (RHs[(Y >> 20) & 0xF] << 5) | (RHs[(Y >> 28) & 0xF] << 4); X &= 0x0FFFFFFF; Y &= 0x0FFFFFFF; @@ -419,15 +434,11 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE /* * calculate subkeys */ - for( i = 0; i < 16; i++ ) - { - if( i < 2 || i == 8 || i == 15 ) - { + for (i = 0; i < 16; i++) { + if (i < 2 || i == 8 || i == 15) { X = ((X << 1) | (X >> 27)) & 0x0FFFFFFF; Y = ((Y << 1) | (Y >> 27)) & 0x0FFFFFFF; - } - else - { + } else { X = ((X << 2) | (X >> 26)) & 0x0FFFFFFF; Y = ((Y << 2) | (Y >> 26)) & 0x0FFFFFFF; } @@ -439,7 +450,7 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE | ((X << 2) & 0x00020000) | ((X >> 10) & 0x00010000) | ((Y >> 13) & 0x00002000) | ((Y >> 4) & 0x00001000) | ((Y << 6) & 0x00000800) | ((Y >> 1) & 0x00000400) - | ((Y >> 14) & 0x00000200) | ((Y ) & 0x00000100) + | ((Y >> 14) & 0x00000200) | ((Y) & 0x00000100) | ((Y >> 5) & 0x00000020) | ((Y >> 10) & 0x00000010) | ((Y >> 3) & 0x00000008) | ((Y >> 18) & 0x00000004) | ((Y >> 26) & 0x00000002) | ((Y >> 24) & 0x00000001); @@ -452,7 +463,7 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE | ((X << 15) & 0x00020000) | ((X >> 4) & 0x00010000) | ((Y >> 2) & 0x00002000) | ((Y << 8) & 0x00001000) | ((Y >> 14) & 0x00000808) | ((Y >> 9) & 0x00000400) - | ((Y ) & 0x00000200) | ((Y << 7) & 0x00000100) + | ((Y) & 0x00000200) | ((Y << 7) & 0x00000100) | ((Y >> 7) & 0x00000020) | ((Y >> 3) & 0x00000011) | ((Y << 2) & 0x00000004) | ((Y >> 21) & 0x00000002); } @@ -462,52 +473,50 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE /* * DES key schedule (56-bit, encryption) */ -int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) +int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { - mbedtls_des_setkey( ctx->sk, key ); + mbedtls_des_setkey(ctx->sk, key); - return( 0 ); + return 0; } /* * DES key schedule (56-bit, decryption) */ -int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) +int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; - mbedtls_des_setkey( ctx->sk, key ); + mbedtls_des_setkey(ctx->sk, key); - for( i = 0; i < 16; i += 2 ) - { - SWAP( ctx->sk[i ], ctx->sk[30 - i] ); - SWAP( ctx->sk[i + 1], ctx->sk[31 - i] ); + for (i = 0; i < 16; i += 2) { + SWAP(ctx->sk[i], ctx->sk[30 - i]); + SWAP(ctx->sk[i + 1], ctx->sk[31 - i]); } - return( 0 ); + return 0; } -static void des3_set2key( uint32_t esk[96], - uint32_t dsk[96], - const unsigned char key[MBEDTLS_DES_KEY_SIZE*2] ) +static void des3_set2key(uint32_t esk[96], + uint32_t dsk[96], + const unsigned char key[MBEDTLS_DES_KEY_SIZE*2]) { int i; - mbedtls_des_setkey( esk, key ); - mbedtls_des_setkey( dsk + 32, key + 8 ); + mbedtls_des_setkey(esk, key); + mbedtls_des_setkey(dsk + 32, key + 8); - for( i = 0; i < 32; i += 2 ) - { - dsk[i ] = esk[30 - i]; + for (i = 0; i < 32; i += 2) { + dsk[i] = esk[30 - i]; dsk[i + 1] = esk[31 - i]; esk[i + 32] = dsk[62 - i]; esk[i + 33] = dsk[63 - i]; - esk[i + 64] = esk[i ]; + esk[i + 64] = esk[i]; esk[i + 65] = esk[i + 1]; - dsk[i + 64] = dsk[i ]; + dsk[i + 64] = dsk[i]; dsk[i + 65] = dsk[i + 1]; } } @@ -515,44 +524,43 @@ static void des3_set2key( uint32_t esk[96], /* * Triple-DES key schedule (112-bit, encryption) */ -int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ) +int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]) { uint32_t sk[96]; - des3_set2key( ctx->sk, sk, key ); - mbedtls_platform_zeroize( sk, sizeof( sk ) ); + des3_set2key(ctx->sk, sk, key); + mbedtls_platform_zeroize(sk, sizeof(sk)); - return( 0 ); + return 0; } /* * Triple-DES key schedule (112-bit, decryption) */ -int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ) +int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]) { uint32_t sk[96]; - des3_set2key( sk, ctx->sk, key ); - mbedtls_platform_zeroize( sk, sizeof( sk ) ); + des3_set2key(sk, ctx->sk, key); + mbedtls_platform_zeroize(sk, sizeof(sk)); - return( 0 ); + return 0; } -static void des3_set3key( uint32_t esk[96], - uint32_t dsk[96], - const unsigned char key[24] ) +static void des3_set3key(uint32_t esk[96], + uint32_t dsk[96], + const unsigned char key[24]) { int i; - mbedtls_des_setkey( esk, key ); - mbedtls_des_setkey( dsk + 32, key + 8 ); - mbedtls_des_setkey( esk + 64, key + 16 ); + mbedtls_des_setkey(esk, key); + mbedtls_des_setkey(dsk + 32, key + 8); + mbedtls_des_setkey(esk + 64, key + 16); - for( i = 0; i < 32; i += 2 ) - { - dsk[i ] = esk[94 - i]; + for (i = 0; i < 32; i += 2) { + dsk[i] = esk[94 - i]; dsk[i + 1] = esk[95 - i]; esk[i + 32] = dsk[62 - i]; @@ -566,61 +574,60 @@ static void des3_set3key( uint32_t esk[96], /* * Triple-DES key schedule (168-bit, encryption) */ -int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ) +int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]) { uint32_t sk[96]; - des3_set3key( ctx->sk, sk, key ); - mbedtls_platform_zeroize( sk, sizeof( sk ) ); + des3_set3key(ctx->sk, sk, key); + mbedtls_platform_zeroize(sk, sizeof(sk)); - return( 0 ); + return 0; } /* * Triple-DES key schedule (168-bit, decryption) */ -int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ) +int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]) { uint32_t sk[96]; - des3_set3key( sk, ctx->sk, key ); - mbedtls_platform_zeroize( sk, sizeof( sk ) ); + des3_set3key(sk, ctx->sk, key); + mbedtls_platform_zeroize(sk, sizeof(sk)); - return( 0 ); + return 0; } /* * DES-ECB block encryption/decryption */ #if !defined(MBEDTLS_DES_CRYPT_ECB_ALT) -int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, - const unsigned char input[8], - unsigned char output[8] ) +int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx, + const unsigned char input[8], + unsigned char output[8]) { int i; uint32_t X, Y, T, *SK; SK = ctx->sk; - X = MBEDTLS_GET_UINT32_BE( input, 0 ); - Y = MBEDTLS_GET_UINT32_BE( input, 4 ); + X = MBEDTLS_GET_UINT32_BE(input, 0); + Y = MBEDTLS_GET_UINT32_BE(input, 4); - DES_IP( X, Y ); + DES_IP(X, Y); - for( i = 0; i < 8; i++ ) - { - DES_ROUND( Y, X ); - DES_ROUND( X, Y ); + for (i = 0; i < 8; i++) { + DES_ROUND(Y, X); + DES_ROUND(X, Y); } - DES_FP( Y, X ); + DES_FP(Y, X); - MBEDTLS_PUT_UINT32_BE( Y, output, 0 ); - MBEDTLS_PUT_UINT32_BE( X, output, 4 ); + MBEDTLS_PUT_UINT32_BE(Y, output, 0); + MBEDTLS_PUT_UINT32_BE(X, output, 4); - return( 0 ); + return 0; } #endif /* !MBEDTLS_DES_CRYPT_ECB_ALT */ @@ -628,50 +635,50 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, /* * DES-CBC buffer encryption/decryption */ -int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output ) +int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output) { int i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char temp[8]; - if( length % 8 ) - return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH ); + if (length % 8) { + return MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH; + } - if( mode == MBEDTLS_DES_ENCRYPT ) - { - while( length > 0 ) - { - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + if (mode == MBEDTLS_DES_ENCRYPT) { + while (length > 0) { + for (i = 0; i < 8; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - ret = mbedtls_des_crypt_ecb( ctx, output, output ); - if( ret != 0 ) + ret = mbedtls_des_crypt_ecb(ctx, output, output); + if (ret != 0) { goto exit; - memcpy( iv, output, 8 ); + } + memcpy(iv, output, 8); input += 8; output += 8; length -= 8; } - } - else /* MBEDTLS_DES_DECRYPT */ - { - while( length > 0 ) - { - memcpy( temp, input, 8 ); - ret = mbedtls_des_crypt_ecb( ctx, input, output ); - if( ret != 0 ) + } else { /* MBEDTLS_DES_DECRYPT */ + while (length > 0) { + memcpy(temp, input, 8); + ret = mbedtls_des_crypt_ecb(ctx, input, output); + if (ret != 0) { goto exit; + } - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < 8; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, 8 ); + memcpy(iv, temp, 8); input += 8; output += 8; @@ -681,7 +688,7 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, ret = 0; exit: - return( ret ); + return ret; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -689,44 +696,41 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, * 3DES-ECB block encryption/decryption */ #if !defined(MBEDTLS_DES3_CRYPT_ECB_ALT) -int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, - const unsigned char input[8], - unsigned char output[8] ) +int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx, + const unsigned char input[8], + unsigned char output[8]) { int i; uint32_t X, Y, T, *SK; SK = ctx->sk; - X = MBEDTLS_GET_UINT32_BE( input, 0 ); - Y = MBEDTLS_GET_UINT32_BE( input, 4 ); + X = MBEDTLS_GET_UINT32_BE(input, 0); + Y = MBEDTLS_GET_UINT32_BE(input, 4); - DES_IP( X, Y ); + DES_IP(X, Y); - for( i = 0; i < 8; i++ ) - { - DES_ROUND( Y, X ); - DES_ROUND( X, Y ); + for (i = 0; i < 8; i++) { + DES_ROUND(Y, X); + DES_ROUND(X, Y); } - for( i = 0; i < 8; i++ ) - { - DES_ROUND( X, Y ); - DES_ROUND( Y, X ); + for (i = 0; i < 8; i++) { + DES_ROUND(X, Y); + DES_ROUND(Y, X); } - for( i = 0; i < 8; i++ ) - { - DES_ROUND( Y, X ); - DES_ROUND( X, Y ); + for (i = 0; i < 8; i++) { + DES_ROUND(Y, X); + DES_ROUND(X, Y); } - DES_FP( Y, X ); + DES_FP(Y, X); - MBEDTLS_PUT_UINT32_BE( Y, output, 0 ); - MBEDTLS_PUT_UINT32_BE( X, output, 4 ); + MBEDTLS_PUT_UINT32_BE(Y, output, 0); + MBEDTLS_PUT_UINT32_BE(X, output, 4); - return( 0 ); + return 0; } #endif /* !MBEDTLS_DES3_CRYPT_ECB_ALT */ @@ -734,50 +738,50 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, /* * 3DES-CBC buffer encryption/decryption */ -int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output ) +int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output) { int i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char temp[8]; - if( length % 8 ) - return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH ); + if (length % 8) { + return MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH; + } - if( mode == MBEDTLS_DES_ENCRYPT ) - { - while( length > 0 ) - { - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + if (mode == MBEDTLS_DES_ENCRYPT) { + while (length > 0) { + for (i = 0; i < 8; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - ret = mbedtls_des3_crypt_ecb( ctx, output, output ); - if( ret != 0 ) + ret = mbedtls_des3_crypt_ecb(ctx, output, output); + if (ret != 0) { goto exit; - memcpy( iv, output, 8 ); + } + memcpy(iv, output, 8); input += 8; output += 8; length -= 8; } - } - else /* MBEDTLS_DES_DECRYPT */ - { - while( length > 0 ) - { - memcpy( temp, input, 8 ); - ret = mbedtls_des3_crypt_ecb( ctx, input, output ); - if( ret != 0 ) + } else { /* MBEDTLS_DES_DECRYPT */ + while (length > 0) { + memcpy(temp, input, 8); + ret = mbedtls_des3_crypt_ecb(ctx, input, output); + if (ret != 0) { goto exit; + } - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < 8; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, 8 ); + memcpy(iv, temp, 8); input += 8; output += 8; @@ -787,7 +791,7 @@ int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx, ret = 0; exit: - return( ret ); + return ret; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -849,7 +853,7 @@ static const unsigned char des3_test_cbc_enc[3][8] = /* * Checkup routine */ -int mbedtls_des_self_test( int verbose ) +int mbedtls_des_self_test(int verbose) { int i, j, u, v, ret = 0; mbedtls_des_context ctx; @@ -860,194 +864,199 @@ int mbedtls_des_self_test( int verbose ) unsigned char iv[8]; #endif - mbedtls_des_init( &ctx ); - mbedtls_des3_init( &ctx3 ); + mbedtls_des_init(&ctx); + mbedtls_des3_init(&ctx3); /* * ECB mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; v = i & 1; - if( verbose != 0 ) - mbedtls_printf( " DES%c-ECB-%3d (%s): ", - ( u == 0 ) ? ' ' : '3', 56 + u * 56, - ( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" DES%c-ECB-%3d (%s): ", + (u == 0) ? ' ' : '3', 56 + u * 56, + (v == MBEDTLS_DES_DECRYPT) ? "dec" : "enc"); + } - memcpy( buf, des3_test_buf, 8 ); + memcpy(buf, des3_test_buf, 8); - switch( i ) - { - case 0: - ret = mbedtls_des_setkey_dec( &ctx, des3_test_keys ); - break; + switch (i) { + case 0: + ret = mbedtls_des_setkey_dec(&ctx, des3_test_keys); + break; - case 1: - ret = mbedtls_des_setkey_enc( &ctx, des3_test_keys ); - break; + case 1: + ret = mbedtls_des_setkey_enc(&ctx, des3_test_keys); + break; - case 2: - ret = mbedtls_des3_set2key_dec( &ctx3, des3_test_keys ); - break; + case 2: + ret = mbedtls_des3_set2key_dec(&ctx3, des3_test_keys); + break; - case 3: - ret = mbedtls_des3_set2key_enc( &ctx3, des3_test_keys ); - break; + case 3: + ret = mbedtls_des3_set2key_enc(&ctx3, des3_test_keys); + break; - case 4: - ret = mbedtls_des3_set3key_dec( &ctx3, des3_test_keys ); - break; + case 4: + ret = mbedtls_des3_set3key_dec(&ctx3, des3_test_keys); + break; - case 5: - ret = mbedtls_des3_set3key_enc( &ctx3, des3_test_keys ); - break; + case 5: + ret = mbedtls_des3_set3key_enc(&ctx3, des3_test_keys); + break; - default: - return( 1 ); + default: + return 1; } - if( ret != 0 ) + if (ret != 0) { goto exit; + } - for( j = 0; j < 100; j++ ) - { - if( u == 0 ) - ret = mbedtls_des_crypt_ecb( &ctx, buf, buf ); - else - ret = mbedtls_des3_crypt_ecb( &ctx3, buf, buf ); - if( ret != 0 ) + for (j = 0; j < 100; j++) { + if (u == 0) { + ret = mbedtls_des_crypt_ecb(&ctx, buf, buf); + } else { + ret = mbedtls_des3_crypt_ecb(&ctx3, buf, buf); + } + if (ret != 0) { goto exit; + } } - if( ( v == MBEDTLS_DES_DECRYPT && - memcmp( buf, des3_test_ecb_dec[u], 8 ) != 0 ) || - ( v != MBEDTLS_DES_DECRYPT && - memcmp( buf, des3_test_ecb_enc[u], 8 ) != 0 ) ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if ((v == MBEDTLS_DES_DECRYPT && + memcmp(buf, des3_test_ecb_dec[u], 8) != 0) || + (v != MBEDTLS_DES_DECRYPT && + memcmp(buf, des3_test_ecb_enc[u], 8) != 0)) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * CBC mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; v = i & 1; - if( verbose != 0 ) - mbedtls_printf( " DES%c-CBC-%3d (%s): ", - ( u == 0 ) ? ' ' : '3', 56 + u * 56, - ( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" DES%c-CBC-%3d (%s): ", + (u == 0) ? ' ' : '3', 56 + u * 56, + (v == MBEDTLS_DES_DECRYPT) ? "dec" : "enc"); + } - memcpy( iv, des3_test_iv, 8 ); - memcpy( prv, des3_test_iv, 8 ); - memcpy( buf, des3_test_buf, 8 ); + memcpy(iv, des3_test_iv, 8); + memcpy(prv, des3_test_iv, 8); + memcpy(buf, des3_test_buf, 8); - switch( i ) - { - case 0: - ret = mbedtls_des_setkey_dec( &ctx, des3_test_keys ); - break; + switch (i) { + case 0: + ret = mbedtls_des_setkey_dec(&ctx, des3_test_keys); + break; - case 1: - ret = mbedtls_des_setkey_enc( &ctx, des3_test_keys ); - break; + case 1: + ret = mbedtls_des_setkey_enc(&ctx, des3_test_keys); + break; - case 2: - ret = mbedtls_des3_set2key_dec( &ctx3, des3_test_keys ); - break; + case 2: + ret = mbedtls_des3_set2key_dec(&ctx3, des3_test_keys); + break; - case 3: - ret = mbedtls_des3_set2key_enc( &ctx3, des3_test_keys ); - break; + case 3: + ret = mbedtls_des3_set2key_enc(&ctx3, des3_test_keys); + break; - case 4: - ret = mbedtls_des3_set3key_dec( &ctx3, des3_test_keys ); - break; + case 4: + ret = mbedtls_des3_set3key_dec(&ctx3, des3_test_keys); + break; - case 5: - ret = mbedtls_des3_set3key_enc( &ctx3, des3_test_keys ); - break; + case 5: + ret = mbedtls_des3_set3key_enc(&ctx3, des3_test_keys); + break; - default: - return( 1 ); + default: + return 1; } - if( ret != 0 ) + if (ret != 0) { goto exit; + } - if( v == MBEDTLS_DES_DECRYPT ) - { - for( j = 0; j < 100; j++ ) - { - if( u == 0 ) - ret = mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); - else - ret = mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); - if( ret != 0 ) + if (v == MBEDTLS_DES_DECRYPT) { + for (j = 0; j < 100; j++) { + if (u == 0) { + ret = mbedtls_des_crypt_cbc(&ctx, v, 8, iv, buf, buf); + } else { + ret = mbedtls_des3_crypt_cbc(&ctx3, v, 8, iv, buf, buf); + } + if (ret != 0) { goto exit; + } } - } - else - { - for( j = 0; j < 100; j++ ) - { + } else { + for (j = 0; j < 100; j++) { unsigned char tmp[8]; - if( u == 0 ) - ret = mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); - else - ret = mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); - if( ret != 0 ) + if (u == 0) { + ret = mbedtls_des_crypt_cbc(&ctx, v, 8, iv, buf, buf); + } else { + ret = mbedtls_des3_crypt_cbc(&ctx3, v, 8, iv, buf, buf); + } + if (ret != 0) { goto exit; + } - memcpy( tmp, prv, 8 ); - memcpy( prv, buf, 8 ); - memcpy( buf, tmp, 8 ); + memcpy(tmp, prv, 8); + memcpy(prv, buf, 8); + memcpy(buf, tmp, 8); } - memcpy( buf, prv, 8 ); + memcpy(buf, prv, 8); } - if( ( v == MBEDTLS_DES_DECRYPT && - memcmp( buf, des3_test_cbc_dec[u], 8 ) != 0 ) || - ( v != MBEDTLS_DES_DECRYPT && - memcmp( buf, des3_test_cbc_enc[u], 8 ) != 0 ) ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if ((v == MBEDTLS_DES_DECRYPT && + memcmp(buf, des3_test_cbc_dec[u], 8) != 0) || + (v != MBEDTLS_DES_DECRYPT && + memcmp(buf, des3_test_cbc_enc[u], 8) != 0)) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } #endif /* MBEDTLS_CIPHER_MODE_CBC */ - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } exit: - mbedtls_des_free( &ctx ); - mbedtls_des3_free( &ctx3 ); + mbedtls_des_free(&ctx); + mbedtls_des3_free(&ctx3); - if( ret != 0 ) + if (ret != 0) { ret = 1; - return( ret ); + } + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/dhm.c b/library/dhm.c index 4d2e33e689e8..c6f955ee4268 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -47,35 +47,38 @@ #if !defined(MBEDTLS_DHM_ALT) -#define DHM_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_DHM_BAD_INPUT_DATA ) -#define DHM_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define DHM_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_DHM_BAD_INPUT_DATA) +#define DHM_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) /* * helper to validate the mbedtls_mpi size and import it */ -static int dhm_read_bignum( mbedtls_mpi *X, - unsigned char **p, - const unsigned char *end ) +static int dhm_read_bignum(mbedtls_mpi *X, + unsigned char **p, + const unsigned char *end) { int ret, n; - if( end - *p < 2 ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + if (end - *p < 2) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } - n = ( (*p)[0] << 8 ) | (*p)[1]; + n = ((*p)[0] << 8) | (*p)[1]; (*p) += 2; - if( (int)( end - *p ) < n ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + if ((int) (end - *p) < n) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } - if( ( ret = mbedtls_mpi_read_binary( X, *p, n ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED, ret ) ); + if ((ret = mbedtls_mpi_read_binary(X, *p, n)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED, ret); + } (*p) += n; - return( 0 ); + return 0; } /* @@ -90,232 +93,242 @@ static int dhm_read_bignum( mbedtls_mpi *X, * http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643 */ -static int dhm_check_range( const mbedtls_mpi *param, const mbedtls_mpi *P ) +static int dhm_check_range(const mbedtls_mpi *param, const mbedtls_mpi *P) { mbedtls_mpi U; int ret = 0; - mbedtls_mpi_init( &U ); + mbedtls_mpi_init(&U); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &U, P, 2 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&U, P, 2)); - if( mbedtls_mpi_cmp_int( param, 2 ) < 0 || - mbedtls_mpi_cmp_mpi( param, &U ) > 0 ) - { + if (mbedtls_mpi_cmp_int(param, 2) < 0 || + mbedtls_mpi_cmp_mpi(param, &U) > 0) { ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA; } cleanup: - mbedtls_mpi_free( &U ); - return( ret ); + mbedtls_mpi_free(&U); + return ret; } -void mbedtls_dhm_init( mbedtls_dhm_context *ctx ) +void mbedtls_dhm_init(mbedtls_dhm_context *ctx) { - DHM_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_dhm_context ) ); + DHM_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_dhm_context)); } /* * Parse the ServerKeyExchange parameters */ -int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, - unsigned char **p, - const unsigned char *end ) +int mbedtls_dhm_read_params(mbedtls_dhm_context *ctx, + unsigned char **p, + const unsigned char *end) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( p != NULL && *p != NULL ); - DHM_VALIDATE_RET( end != NULL ); - - if( ( ret = dhm_read_bignum( &ctx->P, p, end ) ) != 0 || - ( ret = dhm_read_bignum( &ctx->G, p, end ) ) != 0 || - ( ret = dhm_read_bignum( &ctx->GY, p, end ) ) != 0 ) - return( ret ); + DHM_VALIDATE_RET(ctx != NULL); + DHM_VALIDATE_RET(p != NULL && *p != NULL); + DHM_VALIDATE_RET(end != NULL); + + if ((ret = dhm_read_bignum(&ctx->P, p, end)) != 0 || + (ret = dhm_read_bignum(&ctx->G, p, end)) != 0 || + (ret = dhm_read_bignum(&ctx->GY, p, end)) != 0) { + return ret; + } - if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) - return( ret ); + if ((ret = dhm_check_range(&ctx->GY, &ctx->P)) != 0) { + return ret; + } - ctx->len = mbedtls_mpi_size( &ctx->P ); + ctx->len = mbedtls_mpi_size(&ctx->P); - return( 0 ); + return 0; } /* * Pick a random R in the range [2, M-2] for blinding or key generation. */ -static int dhm_random_below( mbedtls_mpi *R, const mbedtls_mpi *M, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int dhm_random_below(mbedtls_mpi *R, const mbedtls_mpi *M, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret; - MBEDTLS_MPI_CHK( mbedtls_mpi_random( R, 3, M, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( R, R, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_random(R, 3, M, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(R, R, 1)); cleanup: - return( ret ); + return ret; } -static int dhm_make_common( mbedtls_dhm_context *ctx, int x_size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int dhm_make_common(mbedtls_dhm_context *ctx, int x_size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = 0; - if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); - if( x_size < 0 ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); - - if( (unsigned) x_size < mbedtls_mpi_size( &ctx->P ) ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) ); + if (mbedtls_mpi_cmp_int(&ctx->P, 0) == 0) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } + if (x_size < 0) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; } - else - { + + if ((unsigned) x_size < mbedtls_mpi_size(&ctx->P)) { + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&ctx->X, x_size, f_rng, p_rng)); + } else { /* Generate X as large as possible ( <= P - 2 ) */ - ret = dhm_random_below( &ctx->X, &ctx->P, f_rng, p_rng ); - if( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) - return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED ); - if( ret != 0 ) - return( ret ); + ret = dhm_random_below(&ctx->X, &ctx->P, f_rng, p_rng); + if (ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) { + return MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED; + } + if (ret != 0) { + return ret; + } } /* * Calculate GX = G^X mod P */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X, - &ctx->P , &ctx->RP ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->GX, &ctx->G, &ctx->X, + &ctx->P, &ctx->RP)); - if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 ) - return( ret ); + if ((ret = dhm_check_range(&ctx->GX, &ctx->P)) != 0) { + return ret; + } cleanup: - return( ret ); + return ret; } /* * Setup and write the ServerKeyExchange parameters */ -int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, - unsigned char *output, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size, + unsigned char *output, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret; size_t n1, n2, n3; unsigned char *p; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( output != NULL ); - DHM_VALIDATE_RET( olen != NULL ); - DHM_VALIDATE_RET( f_rng != NULL ); + DHM_VALIDATE_RET(ctx != NULL); + DHM_VALIDATE_RET(output != NULL); + DHM_VALIDATE_RET(olen != NULL); + DHM_VALIDATE_RET(f_rng != NULL); - ret = dhm_make_common( ctx, x_size, f_rng, p_rng ); - if( ret != 0 ) + ret = dhm_make_common(ctx, x_size, f_rng, p_rng); + if (ret != 0) { goto cleanup; + } /* * Export P, G, GX. RFC 5246 §4.4 states that "leading zero octets are * not required". We omit leading zeros for compactness. */ -#define DHM_MPI_EXPORT( X, n ) \ +#define DHM_MPI_EXPORT(X, n) \ do { \ - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( ( X ), \ - p + 2, \ - ( n ) ) ); \ - *p++ = MBEDTLS_BYTE_1( n ); \ - *p++ = MBEDTLS_BYTE_0( n ); \ - p += ( n ); \ - } while( 0 ) - - n1 = mbedtls_mpi_size( &ctx->P ); - n2 = mbedtls_mpi_size( &ctx->G ); - n3 = mbedtls_mpi_size( &ctx->GX ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary((X), \ + p + 2, \ + (n))); \ + *p++ = MBEDTLS_BYTE_1(n); \ + *p++ = MBEDTLS_BYTE_0(n); \ + p += (n); \ + } while (0) + + n1 = mbedtls_mpi_size(&ctx->P); + n2 = mbedtls_mpi_size(&ctx->G); + n3 = mbedtls_mpi_size(&ctx->GX); p = output; - DHM_MPI_EXPORT( &ctx->P , n1 ); - DHM_MPI_EXPORT( &ctx->G , n2 ); - DHM_MPI_EXPORT( &ctx->GX, n3 ); + DHM_MPI_EXPORT(&ctx->P, n1); + DHM_MPI_EXPORT(&ctx->G, n2); + DHM_MPI_EXPORT(&ctx->GX, n3); *olen = p - output; ctx->len = n1; cleanup: - if( ret != 0 && ret > -128 ) - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED, ret ); - return( ret ); + if (ret != 0 && ret > -128) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED, ret); + } + return ret; } /* * Set prime modulus and generator */ -int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, - const mbedtls_mpi *P, - const mbedtls_mpi *G ) +int mbedtls_dhm_set_group(mbedtls_dhm_context *ctx, + const mbedtls_mpi *P, + const mbedtls_mpi *G) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( P != NULL ); - DHM_VALIDATE_RET( G != NULL ); + DHM_VALIDATE_RET(ctx != NULL); + DHM_VALIDATE_RET(P != NULL); + DHM_VALIDATE_RET(G != NULL); - if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 || - ( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_SET_GROUP_FAILED, ret ) ); + if ((ret = mbedtls_mpi_copy(&ctx->P, P)) != 0 || + (ret = mbedtls_mpi_copy(&ctx->G, G)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_SET_GROUP_FAILED, ret); } - ctx->len = mbedtls_mpi_size( &ctx->P ); - return( 0 ); + ctx->len = mbedtls_mpi_size(&ctx->P); + return 0; } /* * Import the peer's public value G^Y */ -int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, - const unsigned char *input, size_t ilen ) +int mbedtls_dhm_read_public(mbedtls_dhm_context *ctx, + const unsigned char *input, size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( input != NULL ); + DHM_VALIDATE_RET(ctx != NULL); + DHM_VALIDATE_RET(input != NULL); - if( ilen < 1 || ilen > ctx->len ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + if (ilen < 1 || ilen > ctx->len) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } - if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED, ret ) ); + if ((ret = mbedtls_mpi_read_binary(&ctx->GY, input, ilen)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED, ret); + } - return( 0 ); + return 0; } /* * Create own private value X and export G^X */ -int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, - unsigned char *output, size_t olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_dhm_make_public(mbedtls_dhm_context *ctx, int x_size, + unsigned char *output, size_t olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( output != NULL ); - DHM_VALIDATE_RET( f_rng != NULL ); + DHM_VALIDATE_RET(ctx != NULL); + DHM_VALIDATE_RET(output != NULL); + DHM_VALIDATE_RET(f_rng != NULL); - if( olen < 1 || olen > ctx->len ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + if (olen < 1 || olen > ctx->len) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } - ret = dhm_make_common( ctx, x_size, f_rng, p_rng ); - if( ret == MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED ) - return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED ); - if( ret != 0 ) + ret = dhm_make_common(ctx, x_size, f_rng, p_rng); + if (ret == MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED) { + return MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED; + } + if (ret != 0) { goto cleanup; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->GX, output, olen ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->GX, output, olen)); cleanup: - if( ret != 0 && ret > -128 ) - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED, ret ); - return( ret ); + if (ret != 0 && ret > -128) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED, ret); + } + return ret; } @@ -325,40 +338,38 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, * DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer * Berlin Heidelberg, 1996. p. 104-113. */ -static int dhm_update_blinding( mbedtls_dhm_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int dhm_update_blinding(mbedtls_dhm_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret; mbedtls_mpi R; - mbedtls_mpi_init( &R ); + mbedtls_mpi_init(&R); /* * Don't use any blinding the first time a particular X is used, * but remember it to use blinding next time. */ - if( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &ctx->pX, &ctx->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vi, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vf, 1 ) ); + if (mbedtls_mpi_cmp_mpi(&ctx->X, &ctx->pX) != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&ctx->pX, &ctx->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&ctx->Vi, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&ctx->Vf, 1)); - return( 0 ); + return 0; } /* * Ok, we need blinding. Can we re-use existing values? * If yes, just update them by squaring them. */ - if( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) != 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) ); + if (mbedtls_mpi_cmp_int(&ctx->Vi, 1) != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vi, &ctx->Vi, &ctx->Vi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vi, &ctx->Vi, &ctx->P)); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vf, &ctx->Vf, &ctx->Vf)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vf, &ctx->Vf, &ctx->P)); - return( 0 ); + return 0; } /* @@ -366,111 +377,113 @@ static int dhm_update_blinding( mbedtls_dhm_context *ctx, */ /* Vi = random( 2, P-2 ) */ - MBEDTLS_MPI_CHK( dhm_random_below( &ctx->Vi, &ctx->P, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(dhm_random_below(&ctx->Vi, &ctx->P, f_rng, p_rng)); /* Vf = Vi^-X mod P * First compute Vi^-1 = R * (R Vi)^-1, (avoiding leaks from inv_mod), * then elevate to the Xth power. */ - MBEDTLS_MPI_CHK( dhm_random_below( &R, &ctx->P, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vi, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->Vf, &ctx->Vf, &ctx->P ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) ); + MBEDTLS_MPI_CHK(dhm_random_below(&R, &ctx->P, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vf, &ctx->Vi, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vf, &ctx->Vf, &ctx->P)); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&ctx->Vf, &ctx->Vf, &ctx->P)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vf, &ctx->Vf, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vf, &ctx->Vf, &ctx->P)); - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP)); cleanup: - mbedtls_mpi_free( &R ); + mbedtls_mpi_free(&R); - return( ret ); + return ret; } /* * Derive and export the shared secret (G^Y)^X mod P */ -int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, - unsigned char *output, size_t output_size, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx, + unsigned char *output, size_t output_size, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi GYb; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( output != NULL ); - DHM_VALIDATE_RET( olen != NULL ); + DHM_VALIDATE_RET(ctx != NULL); + DHM_VALIDATE_RET(output != NULL); + DHM_VALIDATE_RET(olen != NULL); - if( output_size < ctx->len ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + if (output_size < ctx->len) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } - if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) - return( ret ); + if ((ret = dhm_check_range(&ctx->GY, &ctx->P)) != 0) { + return ret; + } - mbedtls_mpi_init( &GYb ); + mbedtls_mpi_init(&GYb); /* Blind peer's value */ - if( f_rng != NULL ) - { - MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) ); + if (f_rng != NULL) { + MBEDTLS_MPI_CHK(dhm_update_blinding(ctx, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&GYb, &ctx->GY, &ctx->Vi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&GYb, &GYb, &ctx->P)); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&GYb, &ctx->GY)); } - else - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &GYb, &ctx->GY ) ); /* Do modular exponentiation */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->K, &GYb, &ctx->X, - &ctx->P, &ctx->RP ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->K, &GYb, &ctx->X, + &ctx->P, &ctx->RP)); /* Unblind secret value */ - if( f_rng != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) ); + if (f_rng != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->K, &ctx->K, &ctx->Vf)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->K, &ctx->K, &ctx->P)); } /* Output the secret without any leading zero byte. This is mandatory * for TLS per RFC 5246 §8.1.2. */ - *olen = mbedtls_mpi_size( &ctx->K ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->K, output, *olen ) ); + *olen = mbedtls_mpi_size(&ctx->K); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->K, output, *olen)); cleanup: - mbedtls_mpi_free( &GYb ); + mbedtls_mpi_free(&GYb); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED, ret ) ); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED, ret); + } - return( 0 ); + return 0; } /* * Free the components of a DHM key */ -void mbedtls_dhm_free( mbedtls_dhm_context *ctx ) +void mbedtls_dhm_free(mbedtls_dhm_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_mpi_free( &ctx->pX ); - mbedtls_mpi_free( &ctx->Vf ); - mbedtls_mpi_free( &ctx->Vi ); - mbedtls_mpi_free( &ctx->RP ); - mbedtls_mpi_free( &ctx->K ); - mbedtls_mpi_free( &ctx->GY ); - mbedtls_mpi_free( &ctx->GX ); - mbedtls_mpi_free( &ctx->X ); - mbedtls_mpi_free( &ctx->G ); - mbedtls_mpi_free( &ctx->P ); - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_dhm_context ) ); + mbedtls_mpi_free(&ctx->pX); + mbedtls_mpi_free(&ctx->Vf); + mbedtls_mpi_free(&ctx->Vi); + mbedtls_mpi_free(&ctx->RP); + mbedtls_mpi_free(&ctx->K); + mbedtls_mpi_free(&ctx->GY); + mbedtls_mpi_free(&ctx->GX); + mbedtls_mpi_free(&ctx->X); + mbedtls_mpi_free(&ctx->G); + mbedtls_mpi_free(&ctx->P); + + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_dhm_context)); } #if defined(MBEDTLS_ASN1_PARSE_C) /* * Parse DHM parameters */ -int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, - size_t dhminlen ) +int mbedtls_dhm_parse_dhm(mbedtls_dhm_context *dhm, const unsigned char *dhmin, + size_t dhminlen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -479,32 +492,32 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, mbedtls_pem_context pem; #endif /* MBEDTLS_PEM_PARSE_C */ - DHM_VALIDATE_RET( dhm != NULL ); - DHM_VALIDATE_RET( dhmin != NULL ); + DHM_VALIDATE_RET(dhm != NULL); + DHM_VALIDATE_RET(dhmin != NULL); #if defined(MBEDTLS_PEM_PARSE_C) - mbedtls_pem_init( &pem ); + mbedtls_pem_init(&pem); /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( dhminlen == 0 || dhmin[dhminlen - 1] != '\0' ) + if (dhminlen == 0 || dhmin[dhminlen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN DH PARAMETERS-----", - "-----END DH PARAMETERS-----", - dhmin, NULL, 0, &dhminlen ); - - if( ret == 0 ) - { + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN DH PARAMETERS-----", + "-----END DH PARAMETERS-----", + dhmin, NULL, 0, &dhminlen); + } + + if (ret == 0) { /* * Was PEM encoded */ dhminlen = pem.buflen; - } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { goto exit; + } - p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin; + p = (ret == 0) ? pem.buf : (unsigned char *) dhmin; #else p = (unsigned char *) dhmin; #endif /* MBEDTLS_PEM_PARSE_C */ @@ -517,55 +530,51 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, * privateValueLength INTEGER OPTIONAL * } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_INVALID_FORMAT, ret); goto exit; } end = p + len; - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->P ) ) != 0 || - ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->G ) ) != 0 ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret ); + if ((ret = mbedtls_asn1_get_mpi(&p, end, &dhm->P)) != 0 || + (ret = mbedtls_asn1_get_mpi(&p, end, &dhm->G)) != 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_INVALID_FORMAT, ret); goto exit; } - if( p != end ) - { + if (p != end) { /* This might be the optional privateValueLength. * If so, we can cleanly discard it */ mbedtls_mpi rec; - mbedtls_mpi_init( &rec ); - ret = mbedtls_asn1_get_mpi( &p, end, &rec ); - mbedtls_mpi_free( &rec ); - if ( ret != 0 ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret ); + mbedtls_mpi_init(&rec); + ret = mbedtls_asn1_get_mpi(&p, end, &rec); + mbedtls_mpi_free(&rec); + if (ret != 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_INVALID_FORMAT, ret); goto exit; } - if ( p != end ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (p != end) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); goto exit; } } ret = 0; - dhm->len = mbedtls_mpi_size( &dhm->P ); + dhm->len = mbedtls_mpi_size(&dhm->P); exit: #if defined(MBEDTLS_PEM_PARSE_C) - mbedtls_pem_free( &pem ); + mbedtls_pem_free(&pem); #endif - if( ret != 0 ) - mbedtls_dhm_free( dhm ); + if (ret != 0) { + mbedtls_dhm_free(dhm); + } - return( ret ); + return ret; } #if defined(MBEDTLS_FS_IO) @@ -576,71 +585,71 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, * A terminating null byte is always appended. It is included in the announced * length only if the data looks like it is PEM encoded. */ -static int load_file( const char *path, unsigned char **buf, size_t *n ) +static int load_file(const char *path, unsigned char **buf, size_t *n) { FILE *f; long size; - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_DHM_FILE_IO_ERROR ); + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_DHM_FILE_IO_ERROR; + } - fseek( f, 0, SEEK_END ); - if( ( size = ftell( f ) ) == -1 ) - { - fclose( f ); - return( MBEDTLS_ERR_DHM_FILE_IO_ERROR ); + fseek(f, 0, SEEK_END); + if ((size = ftell(f)) == -1) { + fclose(f); + return MBEDTLS_ERR_DHM_FILE_IO_ERROR; } - fseek( f, 0, SEEK_SET ); + fseek(f, 0, SEEK_SET); *n = (size_t) size; - if( *n + 1 == 0 || - ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL ) - { - fclose( f ); - return( MBEDTLS_ERR_DHM_ALLOC_FAILED ); + if (*n + 1 == 0 || + (*buf = mbedtls_calloc(1, *n + 1)) == NULL) { + fclose(f); + return MBEDTLS_ERR_DHM_ALLOC_FAILED; } - if( fread( *buf, 1, *n, f ) != *n ) - { - fclose( f ); + if (fread(*buf, 1, *n, f) != *n) { + fclose(f); - mbedtls_platform_zeroize( *buf, *n + 1 ); - mbedtls_free( *buf ); + mbedtls_platform_zeroize(*buf, *n + 1); + mbedtls_free(*buf); - return( MBEDTLS_ERR_DHM_FILE_IO_ERROR ); + return MBEDTLS_ERR_DHM_FILE_IO_ERROR; } - fclose( f ); + fclose(f); (*buf)[*n] = '\0'; - if( strstr( (const char *) *buf, "-----BEGIN " ) != NULL ) + if (strstr((const char *) *buf, "-----BEGIN ") != NULL) { ++*n; + } - return( 0 ); + return 0; } /* * Load and parse DHM parameters */ -int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ) +int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - DHM_VALIDATE_RET( dhm != NULL ); - DHM_VALIDATE_RET( path != NULL ); + DHM_VALIDATE_RET(dhm != NULL); + DHM_VALIDATE_RET(path != NULL); - if( ( ret = load_file( path, &buf, &n ) ) != 0 ) - return( ret ); + if ((ret = load_file(path, &buf, &n)) != 0) { + return ret; + } - ret = mbedtls_dhm_parse_dhm( dhm, buf, n ); + ret = mbedtls_dhm_parse_dhm(dhm, buf, n); - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); + mbedtls_platform_zeroize(buf, n); + mbedtls_free(buf); - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_ASN1_PARSE_C */ @@ -650,60 +659,63 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ) #if defined(MBEDTLS_PEM_PARSE_C) static const char mbedtls_test_dhm_params[] = -"-----BEGIN DH PARAMETERS-----\r\n" -"MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n" -"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n" -"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n" -"-----END DH PARAMETERS-----\r\n"; + "-----BEGIN DH PARAMETERS-----\r\n" + "MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n" + "1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n" + "9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n" + "-----END DH PARAMETERS-----\r\n"; #else /* MBEDTLS_PEM_PARSE_C */ static const char mbedtls_test_dhm_params[] = { - 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e, 0x35, 0xf4, 0x30, 0x44, - 0x3a, 0x09, 0x90, 0x4f, 0x3a, 0x39, 0xa9, 0x79, 0x79, 0x7d, 0x07, 0x0d, - 0xf5, 0x33, 0x78, 0xe7, 0x9c, 0x24, 0x38, 0xbe, 0xf4, 0xe7, 0x61, 0xf3, - 0xc7, 0x14, 0x55, 0x33, 0x28, 0x58, 0x9b, 0x04, 0x1c, 0x80, 0x9b, 0xe1, - 0xd6, 0xc6, 0xb5, 0xf1, 0xfc, 0x9f, 0x47, 0xd3, 0xa2, 0x54, 0x43, 0x18, - 0x82, 0x53, 0xa9, 0x92, 0xa5, 0x68, 0x18, 0xb3, 0x7b, 0xa9, 0xde, 0x5a, - 0x40, 0xd3, 0x62, 0xe5, 0x6e, 0xff, 0x0b, 0xe5, 0x41, 0x74, 0x74, 0xc1, - 0x25, 0xc1, 0x99, 0x27, 0x2c, 0x8f, 0xe4, 0x1d, 0xea, 0x73, 0x3d, 0xf6, - 0xf6, 0x62, 0xc9, 0x2a, 0xe7, 0x65, 0x56, 0xe7, 0x55, 0xd1, 0x0c, 0x64, - 0xe6, 0xa5, 0x09, 0x68, 0xf6, 0x7f, 0xc6, 0xea, 0x73, 0xd0, 0xdc, 0xa8, - 0x56, 0x9b, 0xe2, 0xba, 0x20, 0x4e, 0x23, 0x58, 0x0d, 0x8b, 0xca, 0x2f, - 0x49, 0x75, 0xb3, 0x02, 0x01, 0x02 }; + 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e, 0x35, 0xf4, 0x30, 0x44, + 0x3a, 0x09, 0x90, 0x4f, 0x3a, 0x39, 0xa9, 0x79, 0x79, 0x7d, 0x07, 0x0d, + 0xf5, 0x33, 0x78, 0xe7, 0x9c, 0x24, 0x38, 0xbe, 0xf4, 0xe7, 0x61, 0xf3, + 0xc7, 0x14, 0x55, 0x33, 0x28, 0x58, 0x9b, 0x04, 0x1c, 0x80, 0x9b, 0xe1, + 0xd6, 0xc6, 0xb5, 0xf1, 0xfc, 0x9f, 0x47, 0xd3, 0xa2, 0x54, 0x43, 0x18, + 0x82, 0x53, 0xa9, 0x92, 0xa5, 0x68, 0x18, 0xb3, 0x7b, 0xa9, 0xde, 0x5a, + 0x40, 0xd3, 0x62, 0xe5, 0x6e, 0xff, 0x0b, 0xe5, 0x41, 0x74, 0x74, 0xc1, + 0x25, 0xc1, 0x99, 0x27, 0x2c, 0x8f, 0xe4, 0x1d, 0xea, 0x73, 0x3d, 0xf6, + 0xf6, 0x62, 0xc9, 0x2a, 0xe7, 0x65, 0x56, 0xe7, 0x55, 0xd1, 0x0c, 0x64, + 0xe6, 0xa5, 0x09, 0x68, 0xf6, 0x7f, 0xc6, 0xea, 0x73, 0xd0, 0xdc, 0xa8, + 0x56, 0x9b, 0xe2, 0xba, 0x20, 0x4e, 0x23, 0x58, 0x0d, 0x8b, 0xca, 0x2f, + 0x49, 0x75, 0xb3, 0x02, 0x01, 0x02 +}; #endif /* MBEDTLS_PEM_PARSE_C */ -static const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_params ); +static const size_t mbedtls_test_dhm_params_len = sizeof(mbedtls_test_dhm_params); /* * Checkup routine */ -int mbedtls_dhm_self_test( int verbose ) +int mbedtls_dhm_self_test(int verbose) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_dhm_context dhm; - mbedtls_dhm_init( &dhm ); + mbedtls_dhm_init(&dhm); - if( verbose != 0 ) - mbedtls_printf( " DHM parameter load: " ); + if (verbose != 0) { + mbedtls_printf(" DHM parameter load: "); + } - if( ( ret = mbedtls_dhm_parse_dhm( &dhm, - (const unsigned char *) mbedtls_test_dhm_params, - mbedtls_test_dhm_params_len ) ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if ((ret = mbedtls_dhm_parse_dhm(&dhm, + (const unsigned char *) mbedtls_test_dhm_params, + mbedtls_test_dhm_params_len)) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n\n"); + } exit: - mbedtls_dhm_free( &dhm ); + mbedtls_dhm_free(&dhm); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/ecdh.c b/library/ecdh.c index 724c938a71f8..2007e1670cf8 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -35,30 +35,30 @@ #include /* Parameter validation macros based on platform_util.h */ -#define ECDH_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) -#define ECDH_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define ECDH_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) +#define ECDH_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed; #endif static mbedtls_ecp_group_id mbedtls_ecdh_grp_id( - const mbedtls_ecdh_context *ctx ) + const mbedtls_ecdh_context *ctx) { #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ctx->grp.id ); + return ctx->grp.id; #else - return( ctx->grp_id ); + return ctx->grp_id; #endif } -int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ) +int mbedtls_ecdh_can_do(mbedtls_ecp_group_id gid) { /* At this time, all groups support ECDH. */ (void) gid; - return( 1 ); + return 1; } #if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) @@ -69,41 +69,42 @@ int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ) * the output parameter 'd' across continuation calls. This would not be * acceptable for a public function but is OK here as we control call sites. */ -static int ecdh_gen_public_restartable( mbedtls_ecp_group *grp, - mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int ecdh_gen_public_restartable(mbedtls_ecp_group *grp, + mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int restarting = 0; #if defined(MBEDTLS_ECP_RESTARTABLE) - restarting = ( rs_ctx != NULL && rs_ctx->rsm != NULL ); + restarting = (rs_ctx != NULL && rs_ctx->rsm != NULL); #endif /* If multiplication is in progress, we already generated a privkey */ - if( !restarting ) - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) ); + if (!restarting) { + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, d, f_rng, p_rng)); + } - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, Q, d, &grp->G, - f_rng, p_rng, rs_ctx ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, Q, d, &grp->G, + f_rng, p_rng, rs_ctx)); cleanup: - return( ret ); + return ret; } /* * Generate public key */ -int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdh_gen_public(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - ECDH_VALIDATE_RET( grp != NULL ); - ECDH_VALIDATE_RET( d != NULL ); - ECDH_VALIDATE_RET( Q != NULL ); - ECDH_VALIDATE_RET( f_rng != NULL ); - return( ecdh_gen_public_restartable( grp, d, Q, f_rng, p_rng, NULL ) ); + ECDH_VALIDATE_RET(grp != NULL); + ECDH_VALIDATE_RET(d != NULL); + ECDH_VALIDATE_RET(Q != NULL); + ECDH_VALIDATE_RET(f_rng != NULL); + return ecdh_gen_public_restartable(grp, d, Q, f_rng, p_rng, NULL); } #endif /* !MBEDTLS_ECDH_GEN_PUBLIC_ALT */ @@ -111,79 +112,78 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp /* * Compute shared secret (SEC1 3.3.1) */ -static int ecdh_compute_shared_restartable( mbedtls_ecp_group *grp, - mbedtls_mpi *z, - const mbedtls_ecp_point *Q, const mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int ecdh_compute_shared_restartable(mbedtls_ecp_group *grp, + mbedtls_mpi *z, + const mbedtls_ecp_point *Q, const mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point P; - mbedtls_ecp_point_init( &P ); + mbedtls_ecp_point_init(&P); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &P, d, Q, - f_rng, p_rng, rs_ctx ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, &P, d, Q, + f_rng, p_rng, rs_ctx)); - if( mbedtls_ecp_is_zero( &P ) ) - { + if (mbedtls_ecp_is_zero(&P)) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( z, &P.X ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(z, &P.X)); cleanup: - mbedtls_ecp_point_free( &P ); + mbedtls_ecp_point_free(&P); - return( ret ); + return ret; } /* * Compute shared secret (SEC1 3.3.1) */ -int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, - const mbedtls_ecp_point *Q, const mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdh_compute_shared(mbedtls_ecp_group *grp, mbedtls_mpi *z, + const mbedtls_ecp_point *Q, const mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - ECDH_VALIDATE_RET( grp != NULL ); - ECDH_VALIDATE_RET( Q != NULL ); - ECDH_VALIDATE_RET( d != NULL ); - ECDH_VALIDATE_RET( z != NULL ); - return( ecdh_compute_shared_restartable( grp, z, Q, d, - f_rng, p_rng, NULL ) ); + ECDH_VALIDATE_RET(grp != NULL); + ECDH_VALIDATE_RET(Q != NULL); + ECDH_VALIDATE_RET(d != NULL); + ECDH_VALIDATE_RET(z != NULL); + return ecdh_compute_shared_restartable(grp, z, Q, d, + f_rng, p_rng, NULL); } #endif /* !MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ -static void ecdh_init_internal( mbedtls_ecdh_context_mbed *ctx ) +static void ecdh_init_internal(mbedtls_ecdh_context_mbed *ctx) { - mbedtls_ecp_group_init( &ctx->grp ); - mbedtls_mpi_init( &ctx->d ); - mbedtls_ecp_point_init( &ctx->Q ); - mbedtls_ecp_point_init( &ctx->Qp ); - mbedtls_mpi_init( &ctx->z ); + mbedtls_ecp_group_init(&ctx->grp); + mbedtls_mpi_init(&ctx->d); + mbedtls_ecp_point_init(&ctx->Q); + mbedtls_ecp_point_init(&ctx->Qp); + mbedtls_mpi_init(&ctx->z); #if defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_ecp_restart_init( &ctx->rs ); + mbedtls_ecp_restart_init(&ctx->rs); #endif } /* * Initialize context */ -void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) +void mbedtls_ecdh_init(mbedtls_ecdh_context *ctx) { - ECDH_VALIDATE( ctx != NULL ); + ECDH_VALIDATE(ctx != NULL); #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - ecdh_init_internal( ctx ); - mbedtls_ecp_point_init( &ctx->Vi ); - mbedtls_ecp_point_init( &ctx->Vf ); - mbedtls_mpi_init( &ctx->_d ); + ecdh_init_internal(ctx); + mbedtls_ecp_point_init(&ctx->Vi); + mbedtls_ecp_point_init(&ctx->Vf); + mbedtls_mpi_init(&ctx->_d); #else - memset( ctx, 0, sizeof( mbedtls_ecdh_context ) ); + memset(ctx, 0, sizeof(mbedtls_ecdh_context)); ctx->var = MBEDTLS_ECDH_VARIANT_NONE; #endif @@ -193,59 +193,57 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) #endif } -static int ecdh_setup_internal( mbedtls_ecdh_context_mbed *ctx, - mbedtls_ecp_group_id grp_id ) +static int ecdh_setup_internal(mbedtls_ecdh_context_mbed *ctx, + mbedtls_ecp_group_id grp_id) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ret = mbedtls_ecp_group_load( &ctx->grp, grp_id ); - if( ret != 0 ) - { - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + ret = mbedtls_ecp_group_load(&ctx->grp, grp_id); + if (ret != 0) { + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; } - return( 0 ); + return 0; } /* * Setup context */ -int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id ) +int mbedtls_ecdh_setup(mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id) { - ECDH_VALIDATE_RET( ctx != NULL ); + ECDH_VALIDATE_RET(ctx != NULL); #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_setup_internal( ctx, grp_id ) ); + return ecdh_setup_internal(ctx, grp_id); #else - switch( grp_id ) - { + switch (grp_id) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECP_DP_CURVE25519: ctx->point_format = MBEDTLS_ECP_PF_COMPRESSED; ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST; ctx->grp_id = grp_id; - return( mbedtls_everest_setup( &ctx->ctx.everest_ecdh, grp_id ) ); + return mbedtls_everest_setup(&ctx->ctx.everest_ecdh, grp_id); #endif default: ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0; ctx->grp_id = grp_id; - ecdh_init_internal( &ctx->ctx.mbed_ecdh ); - return( ecdh_setup_internal( &ctx->ctx.mbed_ecdh, grp_id ) ); + ecdh_init_internal(&ctx->ctx.mbed_ecdh); + return ecdh_setup_internal(&ctx->ctx.mbed_ecdh, grp_id); } #endif } -static void ecdh_free_internal( mbedtls_ecdh_context_mbed *ctx ) +static void ecdh_free_internal(mbedtls_ecdh_context_mbed *ctx) { - mbedtls_ecp_group_free( &ctx->grp ); - mbedtls_mpi_free( &ctx->d ); - mbedtls_ecp_point_free( &ctx->Q ); - mbedtls_ecp_point_free( &ctx->Qp ); - mbedtls_mpi_free( &ctx->z ); + mbedtls_ecp_group_free(&ctx->grp); + mbedtls_mpi_free(&ctx->d); + mbedtls_ecp_point_free(&ctx->Q); + mbedtls_ecp_point_free(&ctx->Qp); + mbedtls_mpi_free(&ctx->z); #if defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_ecp_restart_free( &ctx->rs ); + mbedtls_ecp_restart_free(&ctx->rs); #endif } @@ -253,9 +251,9 @@ static void ecdh_free_internal( mbedtls_ecdh_context_mbed *ctx ) /* * Enable restartable operations for context */ -void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx ) +void mbedtls_ecdh_enable_restart(mbedtls_ecdh_context *ctx) { - ECDH_VALIDATE( ctx != NULL ); + ECDH_VALIDATE(ctx != NULL); ctx->restart_enabled = 1; } @@ -264,26 +262,26 @@ void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx ) /* * Free context */ -void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ) +void mbedtls_ecdh_free(mbedtls_ecdh_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - mbedtls_ecp_point_free( &ctx->Vi ); - mbedtls_ecp_point_free( &ctx->Vf ); - mbedtls_mpi_free( &ctx->_d ); - ecdh_free_internal( ctx ); + mbedtls_ecp_point_free(&ctx->Vi); + mbedtls_ecp_point_free(&ctx->Vf); + mbedtls_mpi_free(&ctx->_d); + ecdh_free_internal(ctx); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - mbedtls_everest_free( &ctx->ctx.everest_ecdh ); + mbedtls_everest_free(&ctx->ctx.everest_ecdh); break; #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - ecdh_free_internal( &ctx->ctx.mbed_ecdh ); + ecdh_free_internal(&ctx->ctx.mbed_ecdh); break; default: break; @@ -295,14 +293,14 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ) #endif } -static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx, - size_t *olen, int point_format, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, - unsigned char *, - size_t), - void *p_rng, - int restart_enabled ) +static int ecdh_make_params_internal(mbedtls_ecdh_context_mbed *ctx, + size_t *olen, int point_format, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng, + int restart_enabled) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t grp_len, pt_len; @@ -310,40 +308,46 @@ static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx, mbedtls_ecp_restart_ctx *rs_ctx = NULL; #endif - if( ctx->grp.pbits == 0 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (ctx->grp.pbits == 0) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( restart_enabled ) + if (restart_enabled) { rs_ctx = &ctx->rs; + } #else (void) restart_enabled; #endif #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q, - f_rng, p_rng, rs_ctx ) ) != 0 ) - return( ret ); + if ((ret = ecdh_gen_public_restartable(&ctx->grp, &ctx->d, &ctx->Q, + f_rng, p_rng, rs_ctx)) != 0) { + return ret; + } #else - if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, - f_rng, p_rng ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecdh_gen_public(&ctx->grp, &ctx->d, &ctx->Q, + f_rng, p_rng)) != 0) { + return ret; + } #endif /* MBEDTLS_ECP_RESTARTABLE */ - if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, - blen ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_tls_write_group(&ctx->grp, &grp_len, buf, + blen)) != 0) { + return ret; + } buf += grp_len; blen -= grp_len; - if( ( ret = mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, point_format, - &pt_len, buf, blen ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_tls_write_point(&ctx->grp, &ctx->Q, point_format, + &pt_len, buf, blen)) != 0) { + return ret; + } *olen = grp_len + pt_len; - return( 0 ); + return 0; } /* @@ -353,16 +357,16 @@ static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx, * ECPoint public; * } ServerECDHParams; */ -int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdh_make_params(mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int restart_enabled = 0; - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( olen != NULL ); - ECDH_VALIDATE_RET( buf != NULL ); - ECDH_VALIDATE_RET( f_rng != NULL ); + ECDH_VALIDATE_RET(ctx != NULL); + ECDH_VALIDATE_RET(olen != NULL); + ECDH_VALIDATE_RET(buf != NULL); + ECDH_VALIDATE_RET(f_rng != NULL); #if defined(MBEDTLS_ECP_RESTARTABLE) restart_enabled = ctx->restart_enabled; @@ -371,33 +375,32 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, #endif #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_make_params_internal( ctx, olen, ctx->point_format, buf, blen, - f_rng, p_rng, restart_enabled ) ); + return ecdh_make_params_internal(ctx, olen, ctx->point_format, buf, blen, + f_rng, p_rng, restart_enabled); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_make_params( &ctx->ctx.everest_ecdh, olen, - buf, blen, f_rng, p_rng ) ); + return mbedtls_everest_make_params(&ctx->ctx.everest_ecdh, olen, + buf, blen, f_rng, p_rng); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_make_params_internal( &ctx->ctx.mbed_ecdh, olen, - ctx->point_format, buf, blen, - f_rng, p_rng, - restart_enabled ) ); + return ecdh_make_params_internal(&ctx->ctx.mbed_ecdh, olen, + ctx->point_format, buf, blen, + f_rng, p_rng, + restart_enabled); default: return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #endif } -static int ecdh_read_params_internal( mbedtls_ecdh_context_mbed *ctx, - const unsigned char **buf, - const unsigned char *end ) +static int ecdh_read_params_internal(mbedtls_ecdh_context_mbed *ctx, + const unsigned char **buf, + const unsigned char *end) { - return( mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, - end - *buf ) ); + return mbedtls_ecp_tls_read_point(&ctx->grp, &ctx->Qp, buf, + end - *buf); } /* @@ -407,323 +410,330 @@ static int ecdh_read_params_internal( mbedtls_ecdh_context_mbed *ctx, * ECPoint public; * } ServerECDHParams; */ -int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, - const unsigned char **buf, - const unsigned char *end ) +int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx, + const unsigned char **buf, + const unsigned char *end) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( buf != NULL ); - ECDH_VALIDATE_RET( *buf != NULL ); - ECDH_VALIDATE_RET( end != NULL ); - - if( ( ret = mbedtls_ecp_tls_read_group_id( &grp_id, buf, end - *buf ) ) - != 0 ) - return( ret ); + ECDH_VALIDATE_RET(ctx != NULL); + ECDH_VALIDATE_RET(buf != NULL); + ECDH_VALIDATE_RET(*buf != NULL); + ECDH_VALIDATE_RET(end != NULL); + + if ((ret = mbedtls_ecp_tls_read_group_id(&grp_id, buf, end - *buf)) + != 0) { + return ret; + } - if( ( ret = mbedtls_ecdh_setup( ctx, grp_id ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecdh_setup(ctx, grp_id)) != 0) { + return ret; + } #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_read_params_internal( ctx, buf, end ) ); + return ecdh_read_params_internal(ctx, buf, end); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_read_params( &ctx->ctx.everest_ecdh, - buf, end) ); + return mbedtls_everest_read_params(&ctx->ctx.everest_ecdh, + buf, end); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_read_params_internal( &ctx->ctx.mbed_ecdh, - buf, end ) ); + return ecdh_read_params_internal(&ctx->ctx.mbed_ecdh, + buf, end); default: return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #endif } -static int ecdh_get_params_internal( mbedtls_ecdh_context_mbed *ctx, - const mbedtls_ecp_keypair *key, - mbedtls_ecdh_side side ) +static int ecdh_get_params_internal(mbedtls_ecdh_context_mbed *ctx, + const mbedtls_ecp_keypair *key, + mbedtls_ecdh_side side) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* If it's not our key, just import the public part as Qp */ - if( side == MBEDTLS_ECDH_THEIRS ) - return( mbedtls_ecp_copy( &ctx->Qp, &key->Q ) ); + if (side == MBEDTLS_ECDH_THEIRS) { + return mbedtls_ecp_copy(&ctx->Qp, &key->Q); + } /* Our key: import public (as Q) and private parts */ - if( side != MBEDTLS_ECDH_OURS ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (side != MBEDTLS_ECDH_OURS) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - if( ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 || - ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_copy(&ctx->Q, &key->Q)) != 0 || + (ret = mbedtls_mpi_copy(&ctx->d, &key->d)) != 0) { + return ret; + } - return( 0 ); + return 0; } /* * Get parameters from a keypair */ -int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, - const mbedtls_ecp_keypair *key, - mbedtls_ecdh_side side ) +int mbedtls_ecdh_get_params(mbedtls_ecdh_context *ctx, + const mbedtls_ecp_keypair *key, + mbedtls_ecdh_side side) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( key != NULL ); - ECDH_VALIDATE_RET( side == MBEDTLS_ECDH_OURS || - side == MBEDTLS_ECDH_THEIRS ); + ECDH_VALIDATE_RET(ctx != NULL); + ECDH_VALIDATE_RET(key != NULL); + ECDH_VALIDATE_RET(side == MBEDTLS_ECDH_OURS || + side == MBEDTLS_ECDH_THEIRS); - if( mbedtls_ecdh_grp_id( ctx ) == MBEDTLS_ECP_DP_NONE ) - { + if (mbedtls_ecdh_grp_id(ctx) == MBEDTLS_ECP_DP_NONE) { /* This is the first call to get_params(). Set up the context * for use with the group. */ - if( ( ret = mbedtls_ecdh_setup( ctx, key->grp.id ) ) != 0 ) - return( ret ); - } - else - { + if ((ret = mbedtls_ecdh_setup(ctx, key->grp.id)) != 0) { + return ret; + } + } else { /* This is not the first call to get_params(). Check that the * current key's group is the same as the context's, which was set * from the first key's group. */ - if( mbedtls_ecdh_grp_id( ctx ) != key->grp.id ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (mbedtls_ecdh_grp_id(ctx) != key->grp.id) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } } #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_get_params_internal( ctx, key, side ) ); + return ecdh_get_params_internal(ctx, key, side); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: { mbedtls_everest_ecdh_side s = side == MBEDTLS_ECDH_OURS ? - MBEDTLS_EVEREST_ECDH_OURS : - MBEDTLS_EVEREST_ECDH_THEIRS; - return( mbedtls_everest_get_params( &ctx->ctx.everest_ecdh, - key, s) ); + MBEDTLS_EVEREST_ECDH_OURS : + MBEDTLS_EVEREST_ECDH_THEIRS; + return mbedtls_everest_get_params(&ctx->ctx.everest_ecdh, + key, s); } #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_get_params_internal( &ctx->ctx.mbed_ecdh, - key, side ) ); + return ecdh_get_params_internal(&ctx->ctx.mbed_ecdh, + key, side); default: return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #endif } -static int ecdh_make_public_internal( mbedtls_ecdh_context_mbed *ctx, - size_t *olen, int point_format, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, - unsigned char *, - size_t), - void *p_rng, - int restart_enabled ) +static int ecdh_make_public_internal(mbedtls_ecdh_context_mbed *ctx, + size_t *olen, int point_format, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng, + int restart_enabled) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_ECP_RESTARTABLE) mbedtls_ecp_restart_ctx *rs_ctx = NULL; #endif - if( ctx->grp.pbits == 0 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (ctx->grp.pbits == 0) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( restart_enabled ) + if (restart_enabled) { rs_ctx = &ctx->rs; + } #else (void) restart_enabled; #endif #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q, - f_rng, p_rng, rs_ctx ) ) != 0 ) - return( ret ); + if ((ret = ecdh_gen_public_restartable(&ctx->grp, &ctx->d, &ctx->Q, + f_rng, p_rng, rs_ctx)) != 0) { + return ret; + } #else - if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, - f_rng, p_rng ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecdh_gen_public(&ctx->grp, &ctx->d, &ctx->Q, + f_rng, p_rng)) != 0) { + return ret; + } #endif /* MBEDTLS_ECP_RESTARTABLE */ - return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, point_format, olen, - buf, blen ); + return mbedtls_ecp_tls_write_point(&ctx->grp, &ctx->Q, point_format, olen, + buf, blen); } /* * Setup and export the client public value */ -int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdh_make_public(mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int restart_enabled = 0; - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( olen != NULL ); - ECDH_VALIDATE_RET( buf != NULL ); - ECDH_VALIDATE_RET( f_rng != NULL ); + ECDH_VALIDATE_RET(ctx != NULL); + ECDH_VALIDATE_RET(olen != NULL); + ECDH_VALIDATE_RET(buf != NULL); + ECDH_VALIDATE_RET(f_rng != NULL); #if defined(MBEDTLS_ECP_RESTARTABLE) restart_enabled = ctx->restart_enabled; #endif #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_make_public_internal( ctx, olen, ctx->point_format, buf, blen, - f_rng, p_rng, restart_enabled ) ); + return ecdh_make_public_internal(ctx, olen, ctx->point_format, buf, blen, + f_rng, p_rng, restart_enabled); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_make_public( &ctx->ctx.everest_ecdh, olen, - buf, blen, f_rng, p_rng ) ); + return mbedtls_everest_make_public(&ctx->ctx.everest_ecdh, olen, + buf, blen, f_rng, p_rng); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_make_public_internal( &ctx->ctx.mbed_ecdh, olen, - ctx->point_format, buf, blen, - f_rng, p_rng, - restart_enabled ) ); + return ecdh_make_public_internal(&ctx->ctx.mbed_ecdh, olen, + ctx->point_format, buf, blen, + f_rng, p_rng, + restart_enabled); default: return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #endif } -static int ecdh_read_public_internal( mbedtls_ecdh_context_mbed *ctx, - const unsigned char *buf, size_t blen ) +static int ecdh_read_public_internal(mbedtls_ecdh_context_mbed *ctx, + const unsigned char *buf, size_t blen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; - if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, - blen ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_tls_read_point(&ctx->grp, &ctx->Qp, &p, + blen)) != 0) { + return ret; + } - if( (size_t)( p - buf ) != blen ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if ((size_t) (p - buf) != blen) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - return( 0 ); + return 0; } /* * Parse and import the client's public value */ -int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, - const unsigned char *buf, size_t blen ) +int mbedtls_ecdh_read_public(mbedtls_ecdh_context *ctx, + const unsigned char *buf, size_t blen) { - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( buf != NULL ); + ECDH_VALIDATE_RET(ctx != NULL); + ECDH_VALIDATE_RET(buf != NULL); #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_read_public_internal( ctx, buf, blen ) ); + return ecdh_read_public_internal(ctx, buf, blen); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_read_public( &ctx->ctx.everest_ecdh, - buf, blen ) ); + return mbedtls_everest_read_public(&ctx->ctx.everest_ecdh, + buf, blen); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_read_public_internal( &ctx->ctx.mbed_ecdh, - buf, blen ) ); + return ecdh_read_public_internal(&ctx->ctx.mbed_ecdh, + buf, blen); default: return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #endif } -static int ecdh_calc_secret_internal( mbedtls_ecdh_context_mbed *ctx, - size_t *olen, unsigned char *buf, - size_t blen, - int (*f_rng)(void *, - unsigned char *, - size_t), - void *p_rng, - int restart_enabled ) +static int ecdh_calc_secret_internal(mbedtls_ecdh_context_mbed *ctx, + size_t *olen, unsigned char *buf, + size_t blen, + int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng, + int restart_enabled) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_ECP_RESTARTABLE) mbedtls_ecp_restart_ctx *rs_ctx = NULL; #endif - if( ctx == NULL || ctx->grp.pbits == 0 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->grp.pbits == 0) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( restart_enabled ) + if (restart_enabled) { rs_ctx = &ctx->rs; + } #else (void) restart_enabled; #endif #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ( ret = ecdh_compute_shared_restartable( &ctx->grp, &ctx->z, &ctx->Qp, - &ctx->d, f_rng, p_rng, - rs_ctx ) ) != 0 ) - { - return( ret ); + if ((ret = ecdh_compute_shared_restartable(&ctx->grp, &ctx->z, &ctx->Qp, + &ctx->d, f_rng, p_rng, + rs_ctx)) != 0) { + return ret; } #else - if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, - &ctx->d, f_rng, p_rng ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_ecdh_compute_shared(&ctx->grp, &ctx->z, &ctx->Qp, + &ctx->d, f_rng, p_rng)) != 0) { + return ret; } #endif /* MBEDTLS_ECP_RESTARTABLE */ - if( mbedtls_mpi_size( &ctx->z ) > blen ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (mbedtls_mpi_size(&ctx->z) > blen) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - *olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 ); + *olen = ctx->grp.pbits / 8 + ((ctx->grp.pbits % 8) != 0); - if( mbedtls_ecp_get_type( &ctx->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - return mbedtls_mpi_write_binary_le( &ctx->z, buf, *olen ); + if (mbedtls_ecp_get_type(&ctx->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + return mbedtls_mpi_write_binary_le(&ctx->z, buf, *olen); + } - return mbedtls_mpi_write_binary( &ctx->z, buf, *olen ); + return mbedtls_mpi_write_binary(&ctx->z, buf, *olen); } /* * Derive and export the shared secret */ -int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdh_calc_secret(mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int restart_enabled = 0; - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( olen != NULL ); - ECDH_VALIDATE_RET( buf != NULL ); + ECDH_VALIDATE_RET(ctx != NULL); + ECDH_VALIDATE_RET(olen != NULL); + ECDH_VALIDATE_RET(buf != NULL); #if defined(MBEDTLS_ECP_RESTARTABLE) restart_enabled = ctx->restart_enabled; #endif #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_calc_secret_internal( ctx, olen, buf, blen, f_rng, p_rng, - restart_enabled ) ); + return ecdh_calc_secret_internal(ctx, olen, buf, blen, f_rng, p_rng, + restart_enabled); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_calc_secret( &ctx->ctx.everest_ecdh, olen, - buf, blen, f_rng, p_rng ) ); + return mbedtls_everest_calc_secret(&ctx->ctx.everest_ecdh, olen, + buf, blen, f_rng, p_rng); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_calc_secret_internal( &ctx->ctx.mbed_ecdh, olen, buf, - blen, f_rng, p_rng, - restart_enabled ) ); + return ecdh_calc_secret_internal(&ctx->ctx.mbed_ecdh, olen, buf, + blen, f_rng, p_rng, + restart_enabled); default: - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #endif } diff --git a/library/ecdsa.c b/library/ecdsa.c index 4bae6a93fd2b..42a65dcb59db 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -42,18 +42,17 @@ #include "mbedtls/error.h" /* Parameter validation macros based on platform_util.h */ -#define ECDSA_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) -#define ECDSA_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define ECDSA_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) +#define ECDSA_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #if defined(MBEDTLS_ECP_RESTARTABLE) /* * Sub-context for ecdsa_verify() */ -struct mbedtls_ecdsa_restart_ver -{ +struct mbedtls_ecdsa_restart_ver { mbedtls_mpi u1, u2; /* intermediate values */ enum { /* what to do next? */ ecdsa_ver_init = 0, /* getting started */ @@ -64,32 +63,32 @@ struct mbedtls_ecdsa_restart_ver /* * Init verify restart sub-context */ -static void ecdsa_restart_ver_init( mbedtls_ecdsa_restart_ver_ctx *ctx ) +static void ecdsa_restart_ver_init(mbedtls_ecdsa_restart_ver_ctx *ctx) { - mbedtls_mpi_init( &ctx->u1 ); - mbedtls_mpi_init( &ctx->u2 ); + mbedtls_mpi_init(&ctx->u1); + mbedtls_mpi_init(&ctx->u2); ctx->state = ecdsa_ver_init; } /* * Free the components of a verify restart sub-context */ -static void ecdsa_restart_ver_free( mbedtls_ecdsa_restart_ver_ctx *ctx ) +static void ecdsa_restart_ver_free(mbedtls_ecdsa_restart_ver_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_mpi_free( &ctx->u1 ); - mbedtls_mpi_free( &ctx->u2 ); + mbedtls_mpi_free(&ctx->u1); + mbedtls_mpi_free(&ctx->u2); - ecdsa_restart_ver_init( ctx ); + ecdsa_restart_ver_init(ctx); } /* * Sub-context for ecdsa_sign() */ -struct mbedtls_ecdsa_restart_sig -{ +struct mbedtls_ecdsa_restart_sig { int sign_tries; int key_tries; mbedtls_mpi k; /* per-signature random */ @@ -104,33 +103,33 @@ struct mbedtls_ecdsa_restart_sig /* * Init verify sign sub-context */ -static void ecdsa_restart_sig_init( mbedtls_ecdsa_restart_sig_ctx *ctx ) +static void ecdsa_restart_sig_init(mbedtls_ecdsa_restart_sig_ctx *ctx) { ctx->sign_tries = 0; ctx->key_tries = 0; - mbedtls_mpi_init( &ctx->k ); - mbedtls_mpi_init( &ctx->r ); + mbedtls_mpi_init(&ctx->k); + mbedtls_mpi_init(&ctx->r); ctx->state = ecdsa_sig_init; } /* * Free the components of a sign restart sub-context */ -static void ecdsa_restart_sig_free( mbedtls_ecdsa_restart_sig_ctx *ctx ) +static void ecdsa_restart_sig_free(mbedtls_ecdsa_restart_sig_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_mpi_free( &ctx->k ); - mbedtls_mpi_free( &ctx->r ); + mbedtls_mpi_free(&ctx->k); + mbedtls_mpi_free(&ctx->r); } #if defined(MBEDTLS_ECDSA_DETERMINISTIC) /* * Sub-context for ecdsa_sign_det() */ -struct mbedtls_ecdsa_restart_det -{ +struct mbedtls_ecdsa_restart_det { mbedtls_hmac_drbg_context rng_ctx; /* DRBG state */ enum { /* what to do next? */ ecdsa_det_init = 0, /* getting started */ @@ -141,73 +140,74 @@ struct mbedtls_ecdsa_restart_det /* * Init verify sign_det sub-context */ -static void ecdsa_restart_det_init( mbedtls_ecdsa_restart_det_ctx *ctx ) +static void ecdsa_restart_det_init(mbedtls_ecdsa_restart_det_ctx *ctx) { - mbedtls_hmac_drbg_init( &ctx->rng_ctx ); + mbedtls_hmac_drbg_init(&ctx->rng_ctx); ctx->state = ecdsa_det_init; } /* * Free the components of a sign_det restart sub-context */ -static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx ) +static void ecdsa_restart_det_free(mbedtls_ecdsa_restart_det_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_hmac_drbg_free( &ctx->rng_ctx ); + mbedtls_hmac_drbg_free(&ctx->rng_ctx); - ecdsa_restart_det_init( ctx ); + ecdsa_restart_det_init(ctx); } #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ -#define ECDSA_RS_ECP ( rs_ctx == NULL ? NULL : &rs_ctx->ecp ) +#define ECDSA_RS_ECP (rs_ctx == NULL ? NULL : &rs_ctx->ecp) /* Utility macro for checking and updating ops budget */ -#define ECDSA_BUDGET( ops ) \ - MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, ECDSA_RS_ECP, ops ) ); +#define ECDSA_BUDGET(ops) \ + MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, ECDSA_RS_ECP, ops)); /* Call this when entering a function that needs its own sub-context */ -#define ECDSA_RS_ENTER( SUB ) do { \ - /* reset ops count for this call if top-level */ \ - if( rs_ctx != NULL && rs_ctx->ecp.depth++ == 0 ) \ +#define ECDSA_RS_ENTER(SUB) do { \ + /* reset ops count for this call if top-level */ \ + if (rs_ctx != NULL && rs_ctx->ecp.depth++ == 0) \ rs_ctx->ecp.ops_done = 0; \ \ - /* set up our own sub-context if needed */ \ - if( mbedtls_ecp_restart_is_enabled() && \ - rs_ctx != NULL && rs_ctx->SUB == NULL ) \ - { \ - rs_ctx->SUB = mbedtls_calloc( 1, sizeof( *rs_ctx->SUB ) ); \ - if( rs_ctx->SUB == NULL ) \ - return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); \ - \ - ecdsa_restart_## SUB ##_init( rs_ctx->SUB ); \ - } \ -} while( 0 ) + /* set up our own sub-context if needed */ \ + if (mbedtls_ecp_restart_is_enabled() && \ + rs_ctx != NULL && rs_ctx->SUB == NULL) \ + { \ + rs_ctx->SUB = mbedtls_calloc(1, sizeof(*rs_ctx->SUB)); \ + if (rs_ctx->SUB == NULL) \ + return MBEDTLS_ERR_ECP_ALLOC_FAILED; \ + \ + ecdsa_restart_## SUB ##_init(rs_ctx->SUB); \ + } \ +} while (0) /* Call this when leaving a function that needs its own sub-context */ -#define ECDSA_RS_LEAVE( SUB ) do { \ - /* clear our sub-context when not in progress (done or error) */ \ - if( rs_ctx != NULL && rs_ctx->SUB != NULL && \ - ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) \ - { \ - ecdsa_restart_## SUB ##_free( rs_ctx->SUB ); \ - mbedtls_free( rs_ctx->SUB ); \ - rs_ctx->SUB = NULL; \ - } \ +#define ECDSA_RS_LEAVE(SUB) do { \ + /* clear our sub-context when not in progress (done or error) */ \ + if (rs_ctx != NULL && rs_ctx->SUB != NULL && \ + ret != MBEDTLS_ERR_ECP_IN_PROGRESS) \ + { \ + ecdsa_restart_## SUB ##_free(rs_ctx->SUB); \ + mbedtls_free(rs_ctx->SUB); \ + rs_ctx->SUB = NULL; \ + } \ \ - if( rs_ctx != NULL ) \ + if (rs_ctx != NULL) \ rs_ctx->ecp.depth--; \ -} while( 0 ) +} while (0) #else /* MBEDTLS_ECP_RESTARTABLE */ #define ECDSA_RS_ECP NULL -#define ECDSA_BUDGET( ops ) /* no-op; for compatibility */ +#define ECDSA_BUDGET(ops) /* no-op; for compatibility */ -#define ECDSA_RS_ENTER( SUB ) (void) rs_ctx -#define ECDSA_RS_LEAVE( SUB ) (void) rs_ctx +#define ECDSA_RS_ENTER(SUB) (void) rs_ctx +#define ECDSA_RS_LEAVE(SUB) (void) rs_ctx #endif /* MBEDTLS_ECP_RESTARTABLE */ @@ -218,23 +218,25 @@ static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx ) * Derive a suitable integer for group grp from a buffer of length len * SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3 */ -static int derive_mpi( const mbedtls_ecp_group *grp, mbedtls_mpi *x, - const unsigned char *buf, size_t blen ) +static int derive_mpi(const mbedtls_ecp_group *grp, mbedtls_mpi *x, + const unsigned char *buf, size_t blen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t n_size = ( grp->nbits + 7 ) / 8; + size_t n_size = (grp->nbits + 7) / 8; size_t use_size = blen > n_size ? n_size : blen; - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( x, buf, use_size ) ); - if( use_size * 8 > grp->nbits ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( x, use_size * 8 - grp->nbits ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(x, buf, use_size)); + if (use_size * 8 > grp->nbits) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(x, use_size * 8 - grp->nbits)); + } /* While at it, reduce modulo N */ - if( mbedtls_mpi_cmp_mpi( x, &grp->N ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( x, x, &grp->N ) ); + if (mbedtls_mpi_cmp_mpi(x, &grp->N) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(x, x, &grp->N)); + } cleanup: - return( ret ); + return ret; } #endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT || !ECDSA_VERIFY_ALT */ @@ -243,13 +245,13 @@ static int derive_mpi( const mbedtls_ecp_group *grp, mbedtls_mpi *x, * Compute ECDSA signature of a hashed message (SEC1 4.1.3) * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message) */ -static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, - mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int (*f_rng_blind)(void *, unsigned char *, size_t), - void *p_rng_blind, - mbedtls_ecdsa_restart_ctx *rs_ctx ) +static int ecdsa_sign_restartable(mbedtls_ecp_group *grp, + mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret, key_tries, sign_tries; int *p_sign_tries = &sign_tries, *p_key_tries = &key_tries; @@ -258,21 +260,22 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, mbedtls_mpi *pk = &k, *pr = r; /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ - if( ! mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (!mbedtls_ecdsa_can_do(grp->id) || grp->N.p == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* Make sure d is in range 1..n-1 */ - if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (mbedtls_mpi_cmp_int(d, 1) < 0 || mbedtls_mpi_cmp_mpi(d, &grp->N) >= 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } - mbedtls_ecp_point_init( &R ); - mbedtls_mpi_init( &k ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &t ); + mbedtls_ecp_point_init(&R); + mbedtls_mpi_init(&k); mbedtls_mpi_init(&e); mbedtls_mpi_init(&t); - ECDSA_RS_ENTER( sig ); + ECDSA_RS_ENTER(sig); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->sig != NULL ) - { + if (rs_ctx != NULL && rs_ctx->sig != NULL) { /* redirect to our context */ p_sign_tries = &rs_ctx->sig->sign_tries; p_key_tries = &rs_ctx->sig->key_tries; @@ -280,18 +283,18 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, pr = &rs_ctx->sig->r; /* jump to current step */ - if( rs_ctx->sig->state == ecdsa_sig_mul ) + if (rs_ctx->sig->state == ecdsa_sig_mul) { goto mul; - if( rs_ctx->sig->state == ecdsa_sig_modn ) + } + if (rs_ctx->sig->state == ecdsa_sig_modn) { goto modn; + } } #endif /* MBEDTLS_ECP_RESTARTABLE */ *p_sign_tries = 0; - do - { - if( (*p_sign_tries)++ > 10 ) - { + do { + if ((*p_sign_tries)++ > 10) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } @@ -301,33 +304,32 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, * and set r = xR mod n */ *p_key_tries = 0; - do - { - if( (*p_key_tries)++ > 10 ) - { + do { + if ((*p_key_tries)++ > 10) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, pk, f_rng, p_rng)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->sig != NULL ) + if (rs_ctx != NULL && rs_ctx->sig != NULL) { rs_ctx->sig->state = ecdsa_sig_mul; + } mul: #endif - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &R, pk, &grp->G, - f_rng_blind, - p_rng_blind, - ECDSA_RS_ECP ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pr, &R.X, &grp->N ) ); - } - while( mbedtls_mpi_cmp_int( pr, 0 ) == 0 ); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, &R, pk, &grp->G, + f_rng_blind, + p_rng_blind, + ECDSA_RS_ECP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pr, &R.X, &grp->N)); + } while (mbedtls_mpi_cmp_int(pr, 0) == 0); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->sig != NULL ) + if (rs_ctx != NULL && rs_ctx->sig != NULL) { rs_ctx->sig->state = ecdsa_sig_modn; + } modn: #endif @@ -335,79 +337,78 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, * Accounting for everything up to the end of the loop * (step 6, but checking now avoids saving e and t) */ - ECDSA_BUDGET( MBEDTLS_ECP_OPS_INV + 4 ); + ECDSA_BUDGET(MBEDTLS_ECP_OPS_INV + 4); /* * Step 5: derive MPI from hashed message */ - MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) ); + MBEDTLS_MPI_CHK(derive_mpi(grp, &e, buf, blen)); /* * Generate a random value to blind inv_mod in next step, * avoiding a potential timing leak. */ - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, &t, f_rng_blind, - p_rng_blind ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, &t, f_rng_blind, + p_rng_blind)); /* * Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, pr, d ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &e, &e, s ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &e, &e, &t ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pk, pk, &t ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pk, pk, &grp->N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, pk, &grp->N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) ); - } - while( mbedtls_mpi_cmp_int( s, 0 ) == 0 ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(s, pr, d)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&e, &e, s)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&e, &e, &t)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pk, pk, &t)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pk, pk, &grp->N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(s, pk, &grp->N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(s, s, &e)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(s, s, &grp->N)); + } while (mbedtls_mpi_cmp_int(s, 0) == 0); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->sig != NULL ) - mbedtls_mpi_copy( r, pr ); + if (rs_ctx != NULL && rs_ctx->sig != NULL) { + mbedtls_mpi_copy(r, pr); + } #endif cleanup: - mbedtls_ecp_point_free( &R ); - mbedtls_mpi_free( &k ); mbedtls_mpi_free( &e ); mbedtls_mpi_free( &t ); + mbedtls_ecp_point_free(&R); + mbedtls_mpi_free(&k); mbedtls_mpi_free(&e); mbedtls_mpi_free(&t); - ECDSA_RS_LEAVE( sig ); + ECDSA_RS_LEAVE(sig); - return( ret ); + return ret; } -int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ) +int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid) { - switch( gid ) - { + switch (gid) { #ifdef MBEDTLS_ECP_DP_CURVE25519_ENABLED case MBEDTLS_ECP_DP_CURVE25519: return 0; #endif #ifdef MBEDTLS_ECP_DP_CURVE448_ENABLED case MBEDTLS_ECP_DP_CURVE448: return 0; #endif - default: return 1; + default: return 1; } } /* * Compute ECDSA signature of a hashed message */ -int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - ECDSA_VALIDATE_RET( grp != NULL ); - ECDSA_VALIDATE_RET( r != NULL ); - ECDSA_VALIDATE_RET( s != NULL ); - ECDSA_VALIDATE_RET( d != NULL ); - ECDSA_VALIDATE_RET( f_rng != NULL ); - ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); + ECDSA_VALIDATE_RET(grp != NULL); + ECDSA_VALIDATE_RET(r != NULL); + ECDSA_VALIDATE_RET(s != NULL); + ECDSA_VALIDATE_RET(d != NULL); + ECDSA_VALIDATE_RET(f_rng != NULL); + ECDSA_VALIDATE_RET(buf != NULL || blen == 0); /* Use the same RNG for both blinding and ephemeral key generation */ - return( ecdsa_sign_restartable( grp, r, s, d, buf, blen, - f_rng, p_rng, f_rng, p_rng, NULL ) ); + return ecdsa_sign_restartable(grp, r, s, d, buf, blen, + f_rng, p_rng, f_rng, p_rng, NULL); } #endif /* !MBEDTLS_ECDSA_SIGN_ALT */ @@ -415,66 +416,67 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, /* * Deterministic signature wrapper */ -static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, - mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg, - int (*f_rng_blind)(void *, unsigned char *, size_t), - void *p_rng_blind, - mbedtls_ecdsa_restart_ctx *rs_ctx ) +static int ecdsa_sign_det_restartable(mbedtls_ecp_group *grp, + mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context rng_ctx; mbedtls_hmac_drbg_context *p_rng = &rng_ctx; unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES]; - size_t grp_len = ( grp->nbits + 7 ) / 8; + size_t grp_len = (grp->nbits + 7) / 8; const mbedtls_md_info_t *md_info; mbedtls_mpi h; - if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if ((md_info = mbedtls_md_info_from_type(md_alg)) == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - mbedtls_mpi_init( &h ); - mbedtls_hmac_drbg_init( &rng_ctx ); + mbedtls_mpi_init(&h); + mbedtls_hmac_drbg_init(&rng_ctx); - ECDSA_RS_ENTER( det ); + ECDSA_RS_ENTER(det); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->det != NULL ) - { + if (rs_ctx != NULL && rs_ctx->det != NULL) { /* redirect to our context */ p_rng = &rs_ctx->det->rng_ctx; /* jump to current step */ - if( rs_ctx->det->state == ecdsa_det_sign ) + if (rs_ctx->det->state == ecdsa_det_sign) { goto sign; + } } #endif /* MBEDTLS_ECP_RESTARTABLE */ /* Use private key and message hash (reduced) to initialize HMAC_DRBG */ - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, data, grp_len ) ); - MBEDTLS_MPI_CHK( derive_mpi( grp, &h, buf, blen ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, data + grp_len, grp_len ) ); - mbedtls_hmac_drbg_seed_buf( p_rng, md_info, data, 2 * grp_len ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(d, data, grp_len)); + MBEDTLS_MPI_CHK(derive_mpi(grp, &h, buf, blen)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&h, data + grp_len, grp_len)); + mbedtls_hmac_drbg_seed_buf(p_rng, md_info, data, 2 * grp_len); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->det != NULL ) + if (rs_ctx != NULL && rs_ctx->det != NULL) { rs_ctx->det->state = ecdsa_det_sign; + } sign: #endif #if defined(MBEDTLS_ECDSA_SIGN_ALT) (void) f_rng_blind; (void) p_rng_blind; - ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng ); + ret = mbedtls_ecdsa_sign(grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng); #else - if( f_rng_blind != NULL ) - ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng, - f_rng_blind, p_rng_blind, rs_ctx ); - else - { + if (f_rng_blind != NULL) { + ret = ecdsa_sign_restartable(grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng, + f_rng_blind, p_rng_blind, rs_ctx); + } else { mbedtls_hmac_drbg_context *p_rng_blind_det; #if !defined(MBEDTLS_ECP_RESTARTABLE) @@ -484,19 +486,18 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, * reusing the bits of the ephemeral key for blinding and eliminate the * risk that they leak this way. */ - const char* blind_label = "BLINDING CONTEXT"; + const char *blind_label = "BLINDING CONTEXT"; mbedtls_hmac_drbg_context rng_ctx_blind; - mbedtls_hmac_drbg_init( &rng_ctx_blind ); + mbedtls_hmac_drbg_init(&rng_ctx_blind); p_rng_blind_det = &rng_ctx_blind; - mbedtls_hmac_drbg_seed_buf( p_rng_blind_det, md_info, - data, 2 * grp_len ); - ret = mbedtls_hmac_drbg_update_ret( p_rng_blind_det, - (const unsigned char*) blind_label, - strlen( blind_label ) ); - if( ret != 0 ) - { - mbedtls_hmac_drbg_free( &rng_ctx_blind ); + mbedtls_hmac_drbg_seed_buf(p_rng_blind_det, md_info, + data, 2 * grp_len); + ret = mbedtls_hmac_drbg_update_ret(p_rng_blind_det, + (const unsigned char *) blind_label, + strlen(blind_label)); + if (ret != 0) { + mbedtls_hmac_drbg_free(&rng_ctx_blind); goto cleanup; } #else @@ -523,24 +524,24 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, * won't be a valid value for f_rng_blind anymore. Therefore it should * be checked by the caller and this branch and check can be removed. */ - ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng, - mbedtls_hmac_drbg_random, p_rng_blind_det, - rs_ctx ); + ret = ecdsa_sign_restartable(grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng, + mbedtls_hmac_drbg_random, p_rng_blind_det, + rs_ctx); #if !defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_hmac_drbg_free( &rng_ctx_blind ); + mbedtls_hmac_drbg_free(&rng_ctx_blind); #endif } #endif /* MBEDTLS_ECDSA_SIGN_ALT */ cleanup: - mbedtls_hmac_drbg_free( &rng_ctx ); - mbedtls_mpi_free( &h ); + mbedtls_hmac_drbg_free(&rng_ctx); + mbedtls_mpi_free(&h); - ECDSA_RS_LEAVE( det ); + ECDSA_RS_LEAVE(det); - return( ret ); + return ret; } /* @@ -548,39 +549,39 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg ) +int mbedtls_ecdsa_sign_det(mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg) { - ECDSA_VALIDATE_RET( grp != NULL ); - ECDSA_VALIDATE_RET( r != NULL ); - ECDSA_VALIDATE_RET( s != NULL ); - ECDSA_VALIDATE_RET( d != NULL ); - ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); - - return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg, - NULL, NULL, NULL ) ); + ECDSA_VALIDATE_RET(grp != NULL); + ECDSA_VALIDATE_RET(r != NULL); + ECDSA_VALIDATE_RET(s != NULL); + ECDSA_VALIDATE_RET(d != NULL); + ECDSA_VALIDATE_RET(buf != NULL || blen == 0); + + return ecdsa_sign_det_restartable(grp, r, s, d, buf, blen, md_alg, + NULL, NULL, NULL); } #endif /* MBEDTLS_DEPRECATED_REMOVED */ -int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg, - int (*f_rng_blind)(void *, unsigned char *, - size_t), - void *p_rng_blind ) +int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, + size_t), + void *p_rng_blind) { - ECDSA_VALIDATE_RET( grp != NULL ); - ECDSA_VALIDATE_RET( r != NULL ); - ECDSA_VALIDATE_RET( s != NULL ); - ECDSA_VALIDATE_RET( d != NULL ); - ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); - ECDSA_VALIDATE_RET( f_rng_blind != NULL ); - - return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg, - f_rng_blind, p_rng_blind, NULL ) ); + ECDSA_VALIDATE_RET(grp != NULL); + ECDSA_VALIDATE_RET(r != NULL); + ECDSA_VALIDATE_RET(s != NULL); + ECDSA_VALIDATE_RET(d != NULL); + ECDSA_VALIDATE_RET(buf != NULL || blen == 0); + ECDSA_VALIDATE_RET(f_rng_blind != NULL); + + return ecdsa_sign_det_restartable(grp, r, s, d, buf, blen, md_alg, + f_rng_blind, p_rng_blind, NULL); } #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ @@ -589,46 +590,46 @@ int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, * Verify ECDSA signature of hashed message (SEC1 4.1.4) * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message) */ -static int ecdsa_verify_restartable( mbedtls_ecp_group *grp, - const unsigned char *buf, size_t blen, - const mbedtls_ecp_point *Q, - const mbedtls_mpi *r, const mbedtls_mpi *s, - mbedtls_ecdsa_restart_ctx *rs_ctx ) +static int ecdsa_verify_restartable(mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, + const mbedtls_mpi *r, const mbedtls_mpi *s, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi e, s_inv, u1, u2; mbedtls_ecp_point R; mbedtls_mpi *pu1 = &u1, *pu2 = &u2; - mbedtls_ecp_point_init( &R ); - mbedtls_mpi_init( &e ); mbedtls_mpi_init( &s_inv ); - mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 ); + mbedtls_ecp_point_init(&R); + mbedtls_mpi_init(&e); mbedtls_mpi_init(&s_inv); + mbedtls_mpi_init(&u1); mbedtls_mpi_init(&u2); /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ - if( ! mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (!mbedtls_ecdsa_can_do(grp->id) || grp->N.p == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - ECDSA_RS_ENTER( ver ); + ECDSA_RS_ENTER(ver); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ver != NULL ) - { + if (rs_ctx != NULL && rs_ctx->ver != NULL) { /* redirect to our context */ pu1 = &rs_ctx->ver->u1; pu2 = &rs_ctx->ver->u2; /* jump to current step */ - if( rs_ctx->ver->state == ecdsa_ver_muladd ) + if (rs_ctx->ver->state == ecdsa_ver_muladd) { goto muladd; + } } #endif /* MBEDTLS_ECP_RESTARTABLE */ /* * Step 1: make sure r and s are in range 1..n-1 */ - if( mbedtls_mpi_cmp_int( r, 1 ) < 0 || mbedtls_mpi_cmp_mpi( r, &grp->N ) >= 0 || - mbedtls_mpi_cmp_int( s, 1 ) < 0 || mbedtls_mpi_cmp_mpi( s, &grp->N ) >= 0 ) - { + if (mbedtls_mpi_cmp_int(r, 1) < 0 || mbedtls_mpi_cmp_mpi(r, &grp->N) >= 0 || + mbedtls_mpi_cmp_int(s, 1) < 0 || mbedtls_mpi_cmp_mpi(s, &grp->N) >= 0) { ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } @@ -636,35 +637,35 @@ static int ecdsa_verify_restartable( mbedtls_ecp_group *grp, /* * Step 3: derive MPI from hashed message */ - MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) ); + MBEDTLS_MPI_CHK(derive_mpi(grp, &e, buf, blen)); /* * Step 4: u1 = e / s mod n, u2 = r / s mod n */ - ECDSA_BUDGET( MBEDTLS_ECP_OPS_CHK + MBEDTLS_ECP_OPS_INV + 2 ); + ECDSA_BUDGET(MBEDTLS_ECP_OPS_CHK + MBEDTLS_ECP_OPS_INV + 2); - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &s_inv, s, &grp->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&s_inv, s, &grp->N)); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pu1, &e, &s_inv ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pu1, pu1, &grp->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pu1, &e, &s_inv)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pu1, pu1, &grp->N)); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pu2, r, &s_inv ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pu2, pu2, &grp->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pu2, r, &s_inv)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pu2, pu2, &grp->N)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ver != NULL ) + if (rs_ctx != NULL && rs_ctx->ver != NULL) { rs_ctx->ver->state = ecdsa_ver_muladd; + } muladd: #endif /* * Step 5: R = u1 G + u2 Q */ - MBEDTLS_MPI_CHK( mbedtls_ecp_muladd_restartable( grp, - &R, pu1, &grp->G, pu2, Q, ECDSA_RS_ECP ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_muladd_restartable(grp, + &R, pu1, &grp->G, pu2, Q, ECDSA_RS_ECP)); - if( mbedtls_ecp_is_zero( &R ) ) - { + if (mbedtls_ecp_is_zero(&R)) { ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } @@ -673,302 +674,303 @@ static int ecdsa_verify_restartable( mbedtls_ecp_group *grp, * Step 6: convert xR to an integer (no-op) * Step 7: reduce xR mod n (gives v) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &R.X, &R.X, &grp->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&R.X, &R.X, &grp->N)); /* * Step 8: check if v (that is, R.X) is equal to r */ - if( mbedtls_mpi_cmp_mpi( &R.X, r ) != 0 ) - { + if (mbedtls_mpi_cmp_mpi(&R.X, r) != 0) { ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } cleanup: - mbedtls_ecp_point_free( &R ); - mbedtls_mpi_free( &e ); mbedtls_mpi_free( &s_inv ); - mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 ); + mbedtls_ecp_point_free(&R); + mbedtls_mpi_free(&e); mbedtls_mpi_free(&s_inv); + mbedtls_mpi_free(&u1); mbedtls_mpi_free(&u2); - ECDSA_RS_LEAVE( ver ); + ECDSA_RS_LEAVE(ver); - return( ret ); + return ret; } /* * Verify ECDSA signature of hashed message */ -int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, - const unsigned char *buf, size_t blen, - const mbedtls_ecp_point *Q, - const mbedtls_mpi *r, - const mbedtls_mpi *s) +int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, + const mbedtls_mpi *r, + const mbedtls_mpi *s) { - ECDSA_VALIDATE_RET( grp != NULL ); - ECDSA_VALIDATE_RET( Q != NULL ); - ECDSA_VALIDATE_RET( r != NULL ); - ECDSA_VALIDATE_RET( s != NULL ); - ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); + ECDSA_VALIDATE_RET(grp != NULL); + ECDSA_VALIDATE_RET(Q != NULL); + ECDSA_VALIDATE_RET(r != NULL); + ECDSA_VALIDATE_RET(s != NULL); + ECDSA_VALIDATE_RET(buf != NULL || blen == 0); - return( ecdsa_verify_restartable( grp, buf, blen, Q, r, s, NULL ) ); + return ecdsa_verify_restartable(grp, buf, blen, Q, r, s, NULL); } #endif /* !MBEDTLS_ECDSA_VERIFY_ALT */ /* * Convert a signature (given by context) to ASN.1 */ -static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, - unsigned char *sig, size_t *slen ) +static int ecdsa_signature_to_asn1(const mbedtls_mpi *r, const mbedtls_mpi *s, + unsigned char *sig, size_t *slen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char buf[MBEDTLS_ECDSA_MAX_LEN] = {0}; - unsigned char *p = buf + sizeof( buf ); + unsigned char buf[MBEDTLS_ECDSA_MAX_LEN] = { 0 }; + unsigned char *p = buf + sizeof(buf); size_t len = 0; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, s ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, r ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&p, buf, s)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&p, buf, r)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - memcpy( sig, p, len ); + memcpy(sig, p, len); *slen = len; - return( 0 ); + return 0; } /* * Compute and write signature */ -int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecdsa_restart_ctx *rs_ctx ) +int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi r, s; - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); - ECDSA_VALIDATE_RET( slen != NULL ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(hash != NULL); + ECDSA_VALIDATE_RET(sig != NULL); + ECDSA_VALIDATE_RET(slen != NULL); - mbedtls_mpi_init( &r ); - mbedtls_mpi_init( &s ); + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) - MBEDTLS_MPI_CHK( ecdsa_sign_det_restartable( &ctx->grp, &r, &s, &ctx->d, - hash, hlen, md_alg, f_rng, - p_rng, rs_ctx ) ); + MBEDTLS_MPI_CHK(ecdsa_sign_det_restartable(&ctx->grp, &r, &s, &ctx->d, + hash, hlen, md_alg, f_rng, + p_rng, rs_ctx)); #else (void) md_alg; #if defined(MBEDTLS_ECDSA_SIGN_ALT) (void) rs_ctx; - MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d, - hash, hlen, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(&ctx->grp, &r, &s, &ctx->d, + hash, hlen, f_rng, p_rng)); #else /* Use the same RNG for both blinding and ephemeral key generation */ - MBEDTLS_MPI_CHK( ecdsa_sign_restartable( &ctx->grp, &r, &s, &ctx->d, - hash, hlen, f_rng, p_rng, f_rng, - p_rng, rs_ctx ) ); + MBEDTLS_MPI_CHK(ecdsa_sign_restartable(&ctx->grp, &r, &s, &ctx->d, + hash, hlen, f_rng, p_rng, f_rng, + p_rng, rs_ctx)); #endif /* MBEDTLS_ECDSA_SIGN_ALT */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) ); + MBEDTLS_MPI_CHK(ecdsa_signature_to_asn1(&r, &s, sig, slen)); cleanup: - mbedtls_mpi_free( &r ); - mbedtls_mpi_free( &s ); + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); - return( ret ); + return ret; } /* * Compute and write signature */ -int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); - ECDSA_VALIDATE_RET( slen != NULL ); - return( mbedtls_ecdsa_write_signature_restartable( - ctx, md_alg, hash, hlen, sig, slen, f_rng, p_rng, NULL ) ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(hash != NULL); + ECDSA_VALIDATE_RET(sig != NULL); + ECDSA_VALIDATE_RET(slen != NULL); + return mbedtls_ecdsa_write_signature_restartable( + ctx, md_alg, hash, hlen, sig, slen, f_rng, p_rng, NULL); } #if !defined(MBEDTLS_DEPRECATED_REMOVED) && \ defined(MBEDTLS_ECDSA_DETERMINISTIC) -int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - mbedtls_md_type_t md_alg ) +int mbedtls_ecdsa_write_signature_det(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + mbedtls_md_type_t md_alg) { - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); - ECDSA_VALIDATE_RET( slen != NULL ); - return( mbedtls_ecdsa_write_signature( ctx, md_alg, hash, hlen, sig, slen, - NULL, NULL ) ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(hash != NULL); + ECDSA_VALIDATE_RET(sig != NULL); + ECDSA_VALIDATE_RET(slen != NULL); + return mbedtls_ecdsa_write_signature(ctx, md_alg, hash, hlen, sig, slen, + NULL, NULL); } #endif /* * Read and check signature */ -int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - const unsigned char *sig, size_t slen ) +int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + const unsigned char *sig, size_t slen) { - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); - return( mbedtls_ecdsa_read_signature_restartable( - ctx, hash, hlen, sig, slen, NULL ) ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(hash != NULL); + ECDSA_VALIDATE_RET(sig != NULL); + return mbedtls_ecdsa_read_signature_restartable( + ctx, hash, hlen, sig, slen, NULL); } /* * Restartable read and check signature */ -int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - const unsigned char *sig, size_t slen, - mbedtls_ecdsa_restart_ctx *rs_ctx ) +int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + const unsigned char *sig, size_t slen, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = (unsigned char *) sig; const unsigned char *end = sig + slen; size_t len; mbedtls_mpi r, s; - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(hash != NULL); + ECDSA_VALIDATE_RET(sig != NULL); - mbedtls_mpi_init( &r ); - mbedtls_mpi_init( &s ); + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } - if( p + len != end ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (p + len != end) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); goto cleanup; } - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &r ) ) != 0 || - ( ret = mbedtls_asn1_get_mpi( &p, end, &s ) ) != 0 ) - { + if ((ret = mbedtls_asn1_get_mpi(&p, end, &r)) != 0 || + (ret = mbedtls_asn1_get_mpi(&p, end, &s)) != 0) { ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } #if defined(MBEDTLS_ECDSA_VERIFY_ALT) (void) rs_ctx; - if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen, - &ctx->Q, &r, &s ) ) != 0 ) + if ((ret = mbedtls_ecdsa_verify(&ctx->grp, hash, hlen, + &ctx->Q, &r, &s)) != 0) { goto cleanup; + } #else - if( ( ret = ecdsa_verify_restartable( &ctx->grp, hash, hlen, - &ctx->Q, &r, &s, rs_ctx ) ) != 0 ) + if ((ret = ecdsa_verify_restartable(&ctx->grp, hash, hlen, + &ctx->Q, &r, &s, rs_ctx)) != 0) { goto cleanup; + } #endif /* MBEDTLS_ECDSA_VERIFY_ALT */ /* At this point we know that the buffer starts with a valid signature. * Return 0 if the buffer just contains the signature, and a specific * error code if the valid signature is followed by more data. */ - if( p != end ) + if (p != end) { ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH; + } cleanup: - mbedtls_mpi_free( &r ); - mbedtls_mpi_free( &s ); + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); - return( ret ); + return ret; } #if !defined(MBEDTLS_ECDSA_GENKEY_ALT) /* * Generate key pair */ -int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret = 0; - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( f_rng != NULL ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(f_rng != NULL); - ret = mbedtls_ecp_group_load( &ctx->grp, gid ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_ecp_group_load(&ctx->grp, gid); + if (ret != 0) { + return ret; + } - return( mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, - &ctx->Q, f_rng, p_rng ) ); + return mbedtls_ecp_gen_keypair(&ctx->grp, &ctx->d, + &ctx->Q, f_rng, p_rng); } #endif /* !MBEDTLS_ECDSA_GENKEY_ALT */ /* * Set context from an mbedtls_ecp_keypair */ -int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key ) +int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( key != NULL ); - - if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 || - ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 || - ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 ) - { - mbedtls_ecdsa_free( ctx ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(key != NULL); + + if ((ret = mbedtls_ecp_group_copy(&ctx->grp, &key->grp)) != 0 || + (ret = mbedtls_mpi_copy(&ctx->d, &key->d)) != 0 || + (ret = mbedtls_ecp_copy(&ctx->Q, &key->Q)) != 0) { + mbedtls_ecdsa_free(ctx); } - return( ret ); + return ret; } /* * Initialize context */ -void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ) +void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx) { - ECDSA_VALIDATE( ctx != NULL ); + ECDSA_VALIDATE(ctx != NULL); - mbedtls_ecp_keypair_init( ctx ); + mbedtls_ecp_keypair_init(ctx); } /* * Free context */ -void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx ) +void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_ecp_keypair_free( ctx ); + mbedtls_ecp_keypair_free(ctx); } #if defined(MBEDTLS_ECP_RESTARTABLE) /* * Initialize a restart context */ -void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx ) +void mbedtls_ecdsa_restart_init(mbedtls_ecdsa_restart_ctx *ctx) { - ECDSA_VALIDATE( ctx != NULL ); + ECDSA_VALIDATE(ctx != NULL); - mbedtls_ecp_restart_init( &ctx->ecp ); + mbedtls_ecp_restart_init(&ctx->ecp); ctx->ver = NULL; ctx->sig = NULL; @@ -980,24 +982,25 @@ void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx ) /* * Free the components of a restart context */ -void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx ) +void mbedtls_ecdsa_restart_free(mbedtls_ecdsa_restart_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_ecp_restart_free( &ctx->ecp ); + mbedtls_ecp_restart_free(&ctx->ecp); - ecdsa_restart_ver_free( ctx->ver ); - mbedtls_free( ctx->ver ); + ecdsa_restart_ver_free(ctx->ver); + mbedtls_free(ctx->ver); ctx->ver = NULL; - ecdsa_restart_sig_free( ctx->sig ); - mbedtls_free( ctx->sig ); + ecdsa_restart_sig_free(ctx->sig); + mbedtls_free(ctx->sig); ctx->sig = NULL; #if defined(MBEDTLS_ECDSA_DETERMINISTIC) - ecdsa_restart_det_free( ctx->det ); - mbedtls_free( ctx->det ); + ecdsa_restart_det_free(ctx->det); + mbedtls_free(ctx->det); ctx->det = NULL; #endif } diff --git a/library/ecjpake.c b/library/ecjpake.c index fe0b9d93e950..3728d1a580cb 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -35,10 +35,10 @@ #if !defined(MBEDTLS_ECJPAKE_ALT) /* Parameter validation macros based on platform_util.h */ -#define ECJPAKE_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) -#define ECJPAKE_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define ECJPAKE_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) +#define ECJPAKE_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) /* * Convert a mbedtls_ecjpake_role to identifier string @@ -48,206 +48,212 @@ static const char * const ecjpake_id[] = { "server" }; -#define ID_MINE ( ecjpake_id[ ctx->role ] ) -#define ID_PEER ( ecjpake_id[ 1 - ctx->role ] ) +#define ID_MINE (ecjpake_id[ctx->role]) +#define ID_PEER (ecjpake_id[1 - ctx->role]) /* * Initialize context */ -void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ) +void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx) { - ECJPAKE_VALIDATE( ctx != NULL ); + ECJPAKE_VALIDATE(ctx != NULL); ctx->md_info = NULL; - mbedtls_ecp_group_init( &ctx->grp ); + mbedtls_ecp_group_init(&ctx->grp); ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; - mbedtls_ecp_point_init( &ctx->Xm1 ); - mbedtls_ecp_point_init( &ctx->Xm2 ); - mbedtls_ecp_point_init( &ctx->Xp1 ); - mbedtls_ecp_point_init( &ctx->Xp2 ); - mbedtls_ecp_point_init( &ctx->Xp ); + mbedtls_ecp_point_init(&ctx->Xm1); + mbedtls_ecp_point_init(&ctx->Xm2); + mbedtls_ecp_point_init(&ctx->Xp1); + mbedtls_ecp_point_init(&ctx->Xp2); + mbedtls_ecp_point_init(&ctx->Xp); - mbedtls_mpi_init( &ctx->xm1 ); - mbedtls_mpi_init( &ctx->xm2 ); - mbedtls_mpi_init( &ctx->s ); + mbedtls_mpi_init(&ctx->xm1); + mbedtls_mpi_init(&ctx->xm2); + mbedtls_mpi_init(&ctx->s); } /* * Free context */ -void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ) +void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } ctx->md_info = NULL; - mbedtls_ecp_group_free( &ctx->grp ); + mbedtls_ecp_group_free(&ctx->grp); - mbedtls_ecp_point_free( &ctx->Xm1 ); - mbedtls_ecp_point_free( &ctx->Xm2 ); - mbedtls_ecp_point_free( &ctx->Xp1 ); - mbedtls_ecp_point_free( &ctx->Xp2 ); - mbedtls_ecp_point_free( &ctx->Xp ); + mbedtls_ecp_point_free(&ctx->Xm1); + mbedtls_ecp_point_free(&ctx->Xm2); + mbedtls_ecp_point_free(&ctx->Xp1); + mbedtls_ecp_point_free(&ctx->Xp2); + mbedtls_ecp_point_free(&ctx->Xp); - mbedtls_mpi_free( &ctx->xm1 ); - mbedtls_mpi_free( &ctx->xm2 ); - mbedtls_mpi_free( &ctx->s ); + mbedtls_mpi_free(&ctx->xm1); + mbedtls_mpi_free(&ctx->xm2); + mbedtls_mpi_free(&ctx->s); } /* * Setup context */ -int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, - mbedtls_ecjpake_role role, - mbedtls_md_type_t hash, - mbedtls_ecp_group_id curve, - const unsigned char *secret, - size_t len ) +int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx, + mbedtls_ecjpake_role role, + mbedtls_md_type_t hash, + mbedtls_ecp_group_id curve, + const unsigned char *secret, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECJPAKE_VALIDATE_RET( ctx != NULL ); - ECJPAKE_VALIDATE_RET( role == MBEDTLS_ECJPAKE_CLIENT || - role == MBEDTLS_ECJPAKE_SERVER ); - ECJPAKE_VALIDATE_RET( secret != NULL || len == 0 ); + ECJPAKE_VALIDATE_RET(ctx != NULL); + ECJPAKE_VALIDATE_RET(role == MBEDTLS_ECJPAKE_CLIENT || + role == MBEDTLS_ECJPAKE_SERVER); + ECJPAKE_VALIDATE_RET(secret != NULL || len == 0); ctx->role = role; - if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == NULL ) - return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE ); + if ((ctx->md_info = mbedtls_md_info_from_type(hash)) == NULL) { + return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; + } - MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, curve ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&ctx->grp, curve)); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->s, secret, len ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->s, secret, len)); cleanup: - if( ret != 0 ) - mbedtls_ecjpake_free( ctx ); + if (ret != 0) { + mbedtls_ecjpake_free(ctx); + } - return( ret ); + return ret; } /* * Check if context is ready for use */ -int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ) +int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx) { - ECJPAKE_VALIDATE_RET( ctx != NULL ); + ECJPAKE_VALIDATE_RET(ctx != NULL); - if( ctx->md_info == NULL || + if (ctx->md_info == NULL || ctx->grp.id == MBEDTLS_ECP_DP_NONE || - ctx->s.p == NULL ) - { - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + ctx->s.p == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } - return( 0 ); + return 0; } /* * Write a point plus its length to a buffer */ -static int ecjpake_write_len_point( unsigned char **p, - const unsigned char *end, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *P ) +static int ecjpake_write_len_point(unsigned char **p, + const unsigned char *end, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *P) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; /* Need at least 4 for length plus 1 for point */ - if( end < *p || end - *p < 5 ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (end < *p || end - *p < 5) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - ret = mbedtls_ecp_point_write_binary( grp, P, pf, - &len, *p + 4, end - ( *p + 4 ) ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_ecp_point_write_binary(grp, P, pf, + &len, *p + 4, end - (*p + 4)); + if (ret != 0) { + return ret; + } - MBEDTLS_PUT_UINT32_BE( len, *p, 0 ); + MBEDTLS_PUT_UINT32_BE(len, *p, 0); *p += 4 + len; - return( 0 ); + return 0; } /* * Size of the temporary buffer for ecjpake_hash: * 3 EC points plus their length, plus ID and its length (4 + 6 bytes) */ -#define ECJPAKE_HASH_BUF_LEN ( 3 * ( 4 + MBEDTLS_ECP_MAX_PT_LEN ) + 4 + 6 ) +#define ECJPAKE_HASH_BUF_LEN (3 * (4 + MBEDTLS_ECP_MAX_PT_LEN) + 4 + 6) /* * Compute hash for ZKP (7.4.2.2.2.1) */ -static int ecjpake_hash( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - const mbedtls_ecp_point *V, - const mbedtls_ecp_point *X, - const char *id, - mbedtls_mpi *h ) +static int ecjpake_hash(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + const mbedtls_ecp_point *V, + const mbedtls_ecp_point *X, + const char *id, + mbedtls_mpi *h) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[ECJPAKE_HASH_BUF_LEN]; unsigned char *p = buf; - const unsigned char *end = buf + sizeof( buf ); - const size_t id_len = strlen( id ); + const unsigned char *end = buf + sizeof(buf); + const size_t id_len = strlen(id); unsigned char hash[MBEDTLS_MD_MAX_SIZE]; /* Write things to temporary buffer */ - MBEDTLS_MPI_CHK( ecjpake_write_len_point( &p, end, grp, pf, G ) ); - MBEDTLS_MPI_CHK( ecjpake_write_len_point( &p, end, grp, pf, V ) ); - MBEDTLS_MPI_CHK( ecjpake_write_len_point( &p, end, grp, pf, X ) ); + MBEDTLS_MPI_CHK(ecjpake_write_len_point(&p, end, grp, pf, G)); + MBEDTLS_MPI_CHK(ecjpake_write_len_point(&p, end, grp, pf, V)); + MBEDTLS_MPI_CHK(ecjpake_write_len_point(&p, end, grp, pf, X)); - if( end - p < 4 ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (end - p < 4) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - MBEDTLS_PUT_UINT32_BE( id_len, p, 0 ); + MBEDTLS_PUT_UINT32_BE(id_len, p, 0); p += 4; - if( end < p || (size_t)( end - p ) < id_len ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (end < p || (size_t) (end - p) < id_len) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - memcpy( p, id, id_len ); + memcpy(p, id, id_len); p += id_len; /* Compute hash */ - MBEDTLS_MPI_CHK( mbedtls_md( md_info, buf, p - buf, hash ) ); + MBEDTLS_MPI_CHK(mbedtls_md(md_info, buf, p - buf, hash)); /* Turn it into an integer mod n */ - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( h, hash, - mbedtls_md_get_size( md_info ) ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( h, h, &grp->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(h, hash, + mbedtls_md_get_size(md_info))); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(h, h, &grp->N)); cleanup: - return( ret ); + return ret; } /* * Parse a ECShnorrZKP (7.4.2.2.2) and verify it (7.4.2.3.3) */ -static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - const mbedtls_ecp_point *X, - const char *id, - const unsigned char **p, - const unsigned char *end ) +static int ecjpake_zkp_read(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + const mbedtls_ecp_point *X, + const char *id, + const unsigned char **p, + const unsigned char *end) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point V, VV; mbedtls_mpi r, h; size_t r_len; - mbedtls_ecp_point_init( &V ); - mbedtls_ecp_point_init( &VV ); - mbedtls_mpi_init( &r ); - mbedtls_mpi_init( &h ); + mbedtls_ecp_point_init(&V); + mbedtls_ecp_point_init(&VV); + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&h); /* * struct { @@ -255,64 +261,62 @@ static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info, * opaque r<1..2^8-1>; * } ECSchnorrZKP; */ - if( end < *p ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (end < *p) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_read_point( grp, &V, p, end - *p ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, &V, p, end - *p)); - if( end < *p || (size_t)( end - *p ) < 1 ) - { + if (end < *p || (size_t) (end - *p) < 1) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } r_len = *(*p)++; - if( end < *p || (size_t)( end - *p ) < r_len || r_len == 0 ) - { + if (end < *p || (size_t) (end - *p) < r_len || r_len == 0) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r, *p, r_len ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&r, *p, r_len)); *p += r_len; /* * Verification */ - MBEDTLS_MPI_CHK( ecjpake_hash( md_info, grp, pf, G, &V, X, id, &h ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( (mbedtls_ecp_group *) grp, - &VV, &h, X, &r, G ) ); + MBEDTLS_MPI_CHK(ecjpake_hash(md_info, grp, pf, G, &V, X, id, &h)); + MBEDTLS_MPI_CHK(mbedtls_ecp_muladd((mbedtls_ecp_group *) grp, + &VV, &h, X, &r, G)); - if( mbedtls_ecp_point_cmp( &VV, &V ) != 0 ) - { + if (mbedtls_ecp_point_cmp(&VV, &V) != 0) { ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } cleanup: - mbedtls_ecp_point_free( &V ); - mbedtls_ecp_point_free( &VV ); - mbedtls_mpi_free( &r ); - mbedtls_mpi_free( &h ); + mbedtls_ecp_point_free(&V); + mbedtls_ecp_point_free(&VV); + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&h); - return( ret ); + return ret; } /* * Generate ZKP (7.4.2.3.2) and write it as ECSchnorrZKP (7.4.2.2.2) */ -static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - const mbedtls_mpi *x, - const mbedtls_ecp_point *X, - const char *id, - unsigned char **p, - const unsigned char *end, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int ecjpake_zkp_write(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + const mbedtls_mpi *x, + const mbedtls_ecp_point *X, + const char *id, + unsigned char **p, + const unsigned char *end, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point V; @@ -320,62 +324,63 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, mbedtls_mpi h; /* later recycled to hold r */ size_t len; - if( end < *p ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (end < *p) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - mbedtls_ecp_point_init( &V ); - mbedtls_mpi_init( &v ); - mbedtls_mpi_init( &h ); + mbedtls_ecp_point_init(&V); + mbedtls_mpi_init(&v); + mbedtls_mpi_init(&h); /* Compute signature */ - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair_base( (mbedtls_ecp_group *) grp, - G, &v, &V, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( ecjpake_hash( md_info, grp, pf, G, &V, X, id, &h ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &h, &h, x ) ); /* x*h */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &h, &v, &h ) ); /* v - x*h */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &h, &h, &grp->N ) ); /* r */ + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_keypair_base((mbedtls_ecp_group *) grp, + G, &v, &V, f_rng, p_rng)); + MBEDTLS_MPI_CHK(ecjpake_hash(md_info, grp, pf, G, &V, X, id, &h)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&h, &h, x)); /* x*h */ + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&h, &v, &h)); /* v - x*h */ + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&h, &h, &grp->N)); /* r */ /* Write it out */ - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_point( grp, &V, - pf, &len, *p, end - *p ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(grp, &V, + pf, &len, *p, end - *p)); *p += len; - len = mbedtls_mpi_size( &h ); /* actually r */ - if( end < *p || (size_t)( end - *p ) < 1 + len || len > 255 ) - { + len = mbedtls_mpi_size(&h); /* actually r */ + if (end < *p || (size_t) (end - *p) < 1 + len || len > 255) { ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; goto cleanup; } - *(*p)++ = MBEDTLS_BYTE_0( len ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */ + *(*p)++ = MBEDTLS_BYTE_0(len); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&h, *p, len)); /* r */ *p += len; cleanup: - mbedtls_ecp_point_free( &V ); - mbedtls_mpi_free( &v ); - mbedtls_mpi_free( &h ); + mbedtls_ecp_point_free(&V); + mbedtls_mpi_free(&v); + mbedtls_mpi_free(&h); - return( ret ); + return ret; } /* * Parse a ECJPAKEKeyKP (7.4.2.2.1) and check proof * Output: verified public key X */ -static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - mbedtls_ecp_point *X, - const char *id, - const unsigned char **p, - const unsigned char *end ) +static int ecjpake_kkp_read(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + mbedtls_ecp_point *X, + const char *id, + const unsigned char **p, + const unsigned char *end) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( end < *p ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (end < *p) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* * struct { @@ -383,69 +388,69 @@ static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info, * ECSchnorrZKP zkp; * } ECJPAKEKeyKP; */ - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_read_point( grp, X, p, end - *p ) ); - if( mbedtls_ecp_is_zero( X ) ) - { + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, X, p, end - *p)); + if (mbedtls_ecp_is_zero(X)) { ret = MBEDTLS_ERR_ECP_INVALID_KEY; goto cleanup; } - MBEDTLS_MPI_CHK( ecjpake_zkp_read( md_info, grp, pf, G, X, id, p, end ) ); + MBEDTLS_MPI_CHK(ecjpake_zkp_read(md_info, grp, pf, G, X, id, p, end)); cleanup: - return( ret ); + return ret; } /* * Generate an ECJPAKEKeyKP * Output: the serialized structure, plus private/public key pair */ -static int ecjpake_kkp_write( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - mbedtls_mpi *x, - mbedtls_ecp_point *X, - const char *id, - unsigned char **p, - const unsigned char *end, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int ecjpake_kkp_write(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + mbedtls_mpi *x, + mbedtls_ecp_point *X, + const char *id, + unsigned char **p, + const unsigned char *end, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( end < *p ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (end < *p) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } /* Generate key (7.4.2.3.1) and write it out */ - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair_base( (mbedtls_ecp_group *) grp, G, x, X, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_point( grp, X, - pf, &len, *p, end - *p ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_keypair_base((mbedtls_ecp_group *) grp, G, x, X, + f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(grp, X, + pf, &len, *p, end - *p)); *p += len; /* Generate and write proof */ - MBEDTLS_MPI_CHK( ecjpake_zkp_write( md_info, grp, pf, G, x, X, id, - p, end, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(ecjpake_zkp_write(md_info, grp, pf, G, x, X, id, + p, end, f_rng, p_rng)); cleanup: - return( ret ); + return ret; } /* * Read a ECJPAKEKeyKPPairList (7.4.2.3) and check proofs * Outputs: verified peer public keys Xa, Xb */ -static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - mbedtls_ecp_point *Xa, - mbedtls_ecp_point *Xb, - const char *id, - const unsigned char *buf, - size_t len ) +static int ecjpake_kkpp_read(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + mbedtls_ecp_point *Xa, + mbedtls_ecp_point *Xb, + const char *id, + const unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; @@ -456,114 +461,115 @@ static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info, * ECJPAKEKeyKP ecjpake_key_kp_pair_list[2]; * } ECJPAKEKeyKPPairList; */ - MBEDTLS_MPI_CHK( ecjpake_kkp_read( md_info, grp, pf, G, Xa, id, &p, end ) ); - MBEDTLS_MPI_CHK( ecjpake_kkp_read( md_info, grp, pf, G, Xb, id, &p, end ) ); + MBEDTLS_MPI_CHK(ecjpake_kkp_read(md_info, grp, pf, G, Xa, id, &p, end)); + MBEDTLS_MPI_CHK(ecjpake_kkp_read(md_info, grp, pf, G, Xb, id, &p, end)); - if( p != end ) + if (p != end) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } cleanup: - return( ret ); + return ret; } /* * Generate a ECJPAKEKeyKPPairList * Outputs: the serialized structure, plus two private/public key pairs */ -static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - mbedtls_mpi *xm1, - mbedtls_ecp_point *Xa, - mbedtls_mpi *xm2, - mbedtls_ecp_point *Xb, - const char *id, - unsigned char *buf, - size_t len, - size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int ecjpake_kkpp_write(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + mbedtls_mpi *xm1, + mbedtls_ecp_point *Xa, + mbedtls_mpi *xm2, + mbedtls_ecp_point *Xb, + const char *id, + unsigned char *buf, + size_t len, + size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = buf; const unsigned char *end = buf + len; - MBEDTLS_MPI_CHK( ecjpake_kkp_write( md_info, grp, pf, G, xm1, Xa, id, - &p, end, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( ecjpake_kkp_write( md_info, grp, pf, G, xm2, Xb, id, - &p, end, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(ecjpake_kkp_write(md_info, grp, pf, G, xm1, Xa, id, + &p, end, f_rng, p_rng)); + MBEDTLS_MPI_CHK(ecjpake_kkp_write(md_info, grp, pf, G, xm2, Xb, id, + &p, end, f_rng, p_rng)); *olen = p - buf; cleanup: - return( ret ); + return ret; } /* * Read and process the first round message */ -int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx, - const unsigned char *buf, - size_t len ) +int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx, + const unsigned char *buf, + size_t len) { - ECJPAKE_VALIDATE_RET( ctx != NULL ); - ECJPAKE_VALIDATE_RET( buf != NULL ); + ECJPAKE_VALIDATE_RET(ctx != NULL); + ECJPAKE_VALIDATE_RET(buf != NULL); - return( ecjpake_kkpp_read( ctx->md_info, &ctx->grp, ctx->point_format, - &ctx->grp.G, - &ctx->Xp1, &ctx->Xp2, ID_PEER, - buf, len ) ); + return ecjpake_kkpp_read(ctx->md_info, &ctx->grp, ctx->point_format, + &ctx->grp.G, + &ctx->Xp1, &ctx->Xp2, ID_PEER, + buf, len); } /* * Generate and write the first round message */ -int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx, - unsigned char *buf, size_t len, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx, + unsigned char *buf, size_t len, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - ECJPAKE_VALIDATE_RET( ctx != NULL ); - ECJPAKE_VALIDATE_RET( buf != NULL ); - ECJPAKE_VALIDATE_RET( olen != NULL ); - ECJPAKE_VALIDATE_RET( f_rng != NULL ); - - return( ecjpake_kkpp_write( ctx->md_info, &ctx->grp, ctx->point_format, - &ctx->grp.G, - &ctx->xm1, &ctx->Xm1, &ctx->xm2, &ctx->Xm2, - ID_MINE, buf, len, olen, f_rng, p_rng ) ); + ECJPAKE_VALIDATE_RET(ctx != NULL); + ECJPAKE_VALIDATE_RET(buf != NULL); + ECJPAKE_VALIDATE_RET(olen != NULL); + ECJPAKE_VALIDATE_RET(f_rng != NULL); + + return ecjpake_kkpp_write(ctx->md_info, &ctx->grp, ctx->point_format, + &ctx->grp.G, + &ctx->xm1, &ctx->Xm1, &ctx->xm2, &ctx->Xm2, + ID_MINE, buf, len, olen, f_rng, p_rng); } /* * Compute the sum of three points R = A + B + C */ -static int ecjpake_ecp_add3( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_ecp_point *A, - const mbedtls_ecp_point *B, - const mbedtls_ecp_point *C ) +static int ecjpake_ecp_add3(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point *A, + const mbedtls_ecp_point *B, + const mbedtls_ecp_point *C) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi one; - mbedtls_mpi_init( &one ); + mbedtls_mpi_init(&one); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &one, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, R, &one, A, &one, B ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, R, &one, R, &one, C ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&one, 1)); + MBEDTLS_MPI_CHK(mbedtls_ecp_muladd(grp, R, &one, A, &one, B)); + MBEDTLS_MPI_CHK(mbedtls_ecp_muladd(grp, R, &one, R, &one, C)); cleanup: - mbedtls_mpi_free( &one ); + mbedtls_mpi_free(&one); - return( ret ); + return ret; } /* * Read and process second round message (C: 7.4.2.5, S: 7.4.2.6) */ -int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, - const unsigned char *buf, - size_t len ) +int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx, + const unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; @@ -571,11 +577,11 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, mbedtls_ecp_group grp; mbedtls_ecp_point G; /* C: GB, S: GA */ - ECJPAKE_VALIDATE_RET( ctx != NULL ); - ECJPAKE_VALIDATE_RET( buf != NULL ); + ECJPAKE_VALIDATE_RET(ctx != NULL); + ECJPAKE_VALIDATE_RET(buf != NULL); - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &G ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&G); /* * Server: GA = X3 + X4 + X1 (7.4.2.6.1) @@ -583,8 +589,8 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, * Unified: G = Xm1 + Xm2 + Xp1 * We need that before parsing in order to check Xp as we read it */ - MBEDTLS_MPI_CHK( ecjpake_ecp_add3( &ctx->grp, &G, - &ctx->Xm1, &ctx->Xm2, &ctx->Xp1 ) ); + MBEDTLS_MPI_CHK(ecjpake_ecp_add3(&ctx->grp, &G, + &ctx->Xm1, &ctx->Xm2, &ctx->Xp1)); /* * struct { @@ -592,71 +598,68 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, * ECJPAKEKeyKP ecjpake_key_kp; * } Client/ServerECJPAKEParams; */ - if( ctx->role == MBEDTLS_ECJPAKE_CLIENT ) - { - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_read_group( &grp, &p, len ) ); - if( grp.id != ctx->grp.id ) - { + if (ctx->role == MBEDTLS_ECJPAKE_CLIENT) { + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_group(&grp, &p, len)); + if (grp.id != ctx->grp.id) { ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; goto cleanup; } } - MBEDTLS_MPI_CHK( ecjpake_kkp_read( ctx->md_info, &ctx->grp, - ctx->point_format, - &G, &ctx->Xp, ID_PEER, &p, end ) ); + MBEDTLS_MPI_CHK(ecjpake_kkp_read(ctx->md_info, &ctx->grp, + ctx->point_format, + &G, &ctx->Xp, ID_PEER, &p, end)); - if( p != end ) - { + if (p != end) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } cleanup: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &G ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&G); - return( ret ); + return ret; } /* * Compute R = +/- X * S mod N, taking care not to leak S */ -static int ecjpake_mul_secret( mbedtls_mpi *R, int sign, - const mbedtls_mpi *X, - const mbedtls_mpi *S, - const mbedtls_mpi *N, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int ecjpake_mul_secret(mbedtls_mpi *R, int sign, + const mbedtls_mpi *X, + const mbedtls_mpi *S, + const mbedtls_mpi *N, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi b; /* Blinding value, then s + N * blinding */ - mbedtls_mpi_init( &b ); + mbedtls_mpi_init(&b); /* b = s + rnd-128-bit * N */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &b, 16, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &b, &b, N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &b, &b, S ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&b, 16, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&b, &b, N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&b, &b, S)); /* R = sign * X * b mod N */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( R, X, &b ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(R, X, &b)); R->s *= sign; - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( R, R, N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(R, R, N)); cleanup: - mbedtls_mpi_free( &b ); + mbedtls_mpi_free(&b); - return( ret ); + return ret; } /* * Generate and write the second round message (S: 7.4.2.5, C: 7.4.2.6) */ -int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, - unsigned char *buf, size_t len, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx, + unsigned char *buf, size_t len, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point G; /* C: GA, S: GB */ @@ -666,14 +669,14 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, const unsigned char *end = buf + len; size_t ec_len; - ECJPAKE_VALIDATE_RET( ctx != NULL ); - ECJPAKE_VALIDATE_RET( buf != NULL ); - ECJPAKE_VALIDATE_RET( olen != NULL ); - ECJPAKE_VALIDATE_RET( f_rng != NULL ); + ECJPAKE_VALIDATE_RET(ctx != NULL); + ECJPAKE_VALIDATE_RET(buf != NULL); + ECJPAKE_VALIDATE_RET(olen != NULL); + ECJPAKE_VALIDATE_RET(f_rng != NULL); - mbedtls_ecp_point_init( &G ); - mbedtls_ecp_point_init( &Xm ); - mbedtls_mpi_init( &xm ); + mbedtls_ecp_point_init(&G); + mbedtls_ecp_point_init(&Xm); + mbedtls_mpi_init(&xm); /* * First generate private/public key pair (S: 7.4.2.5.1, C: 7.4.2.6.1) @@ -682,11 +685,11 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, * Server: GB = X3 + X1 + X2 | xs = x4 * s | Xs = xs * GB * Unified: G = Xm1 + Xp1 + Xp2 | xm = xm2 * s | Xm = xm * G */ - MBEDTLS_MPI_CHK( ecjpake_ecp_add3( &ctx->grp, &G, - &ctx->Xp1, &ctx->Xp2, &ctx->Xm1 ) ); - MBEDTLS_MPI_CHK( ecjpake_mul_secret( &xm, 1, &ctx->xm2, &ctx->s, - &ctx->grp.N, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &Xm, &xm, &G, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(ecjpake_ecp_add3(&ctx->grp, &G, + &ctx->Xp1, &ctx->Xp2, &ctx->Xm1)); + MBEDTLS_MPI_CHK(ecjpake_mul_secret(&xm, 1, &ctx->xm2, &ctx->s, + &ctx->grp.N, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&ctx->grp, &Xm, &xm, &G, f_rng, p_rng)); /* * Now write things out @@ -696,49 +699,46 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, * ECJPAKEKeyKP ecjpake_key_kp; * } Client/ServerECJPAKEParams; */ - if( ctx->role == MBEDTLS_ECJPAKE_SERVER ) - { - if( end < p ) - { + if (ctx->role == MBEDTLS_ECJPAKE_SERVER) { + if (end < p) { ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_group( &ctx->grp, &ec_len, - p, end - p ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_group(&ctx->grp, &ec_len, + p, end - p)); p += ec_len; } - if( end < p ) - { + if (end < p) { ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_point( &ctx->grp, &Xm, - ctx->point_format, &ec_len, p, end - p ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(&ctx->grp, &Xm, + ctx->point_format, &ec_len, p, end - p)); p += ec_len; - MBEDTLS_MPI_CHK( ecjpake_zkp_write( ctx->md_info, &ctx->grp, - ctx->point_format, - &G, &xm, &Xm, ID_MINE, - &p, end, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(ecjpake_zkp_write(ctx->md_info, &ctx->grp, + ctx->point_format, + &G, &xm, &Xm, ID_MINE, + &p, end, f_rng, p_rng)); *olen = p - buf; cleanup: - mbedtls_ecp_point_free( &G ); - mbedtls_ecp_point_free( &Xm ); - mbedtls_mpi_free( &xm ); + mbedtls_ecp_point_free(&G); + mbedtls_ecp_point_free(&Xm); + mbedtls_mpi_free(&xm); - return( ret ); + return ret; } /* * Derive PMS (7.4.2.7 / 7.4.2.8) */ -int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, - unsigned char *buf, size_t len, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx, + unsigned char *buf, size_t len, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point K; @@ -746,45 +746,46 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, unsigned char kx[MBEDTLS_ECP_MAX_BYTES]; size_t x_bytes; - ECJPAKE_VALIDATE_RET( ctx != NULL ); - ECJPAKE_VALIDATE_RET( buf != NULL ); - ECJPAKE_VALIDATE_RET( olen != NULL ); - ECJPAKE_VALIDATE_RET( f_rng != NULL ); + ECJPAKE_VALIDATE_RET(ctx != NULL); + ECJPAKE_VALIDATE_RET(buf != NULL); + ECJPAKE_VALIDATE_RET(olen != NULL); + ECJPAKE_VALIDATE_RET(f_rng != NULL); - *olen = mbedtls_md_get_size( ctx->md_info ); - if( len < *olen ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + *olen = mbedtls_md_get_size(ctx->md_info); + if (len < *olen) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - mbedtls_ecp_point_init( &K ); - mbedtls_mpi_init( &m_xm2_s ); - mbedtls_mpi_init( &one ); + mbedtls_ecp_point_init(&K); + mbedtls_mpi_init(&m_xm2_s); + mbedtls_mpi_init(&one); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &one, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&one, 1)); /* * Client: K = ( Xs - X4 * x2 * s ) * x2 * Server: K = ( Xc - X2 * x4 * s ) * x4 * Unified: K = ( Xp - Xp2 * xm2 * s ) * xm2 */ - MBEDTLS_MPI_CHK( ecjpake_mul_secret( &m_xm2_s, -1, &ctx->xm2, &ctx->s, - &ctx->grp.N, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( &ctx->grp, &K, - &one, &ctx->Xp, - &m_xm2_s, &ctx->Xp2 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &K, &ctx->xm2, &K, - f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(ecjpake_mul_secret(&m_xm2_s, -1, &ctx->xm2, &ctx->s, + &ctx->grp.N, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_ecp_muladd(&ctx->grp, &K, + &one, &ctx->Xp, + &m_xm2_s, &ctx->Xp2)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&ctx->grp, &K, &ctx->xm2, &K, + f_rng, p_rng)); /* PMS = SHA-256( K.X ) */ - x_bytes = ( ctx->grp.pbits + 7 ) / 8; - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &K.X, kx, x_bytes ) ); - MBEDTLS_MPI_CHK( mbedtls_md( ctx->md_info, kx, x_bytes, buf ) ); + x_bytes = (ctx->grp.pbits + 7) / 8; + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&K.X, kx, x_bytes)); + MBEDTLS_MPI_CHK(mbedtls_md(ctx->md_info, kx, x_bytes, buf)); cleanup: - mbedtls_ecp_point_free( &K ); - mbedtls_mpi_free( &m_xm2_s ); - mbedtls_mpi_free( &one ); + mbedtls_ecp_point_free(&K); + mbedtls_mpi_free(&m_xm2_s); + mbedtls_mpi_free(&one); - return( ret ); + return ret; } #undef ID_MINE @@ -798,10 +799,10 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, #if !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ !defined(MBEDTLS_SHA256_C) -int mbedtls_ecjpake_self_test( int verbose ) +int mbedtls_ecjpake_self_test(int verbose) { (void) verbose; - return( 0 ); + return 0; } #else @@ -939,59 +940,58 @@ static const unsigned char ecjpake_test_pms[] = { }; /* Load my private keys and generate the corresponding public keys */ -static int ecjpake_test_load( mbedtls_ecjpake_context *ctx, - const unsigned char *xm1, size_t len1, - const unsigned char *xm2, size_t len2 ) +static int ecjpake_test_load(mbedtls_ecjpake_context *ctx, + const unsigned char *xm1, size_t len1, + const unsigned char *xm2, size_t len2) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len2 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm1, &ctx->xm1, - &ctx->grp.G, NULL, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm2, &ctx->xm2, - &ctx->grp.G, NULL, NULL ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->xm1, xm1, len1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->xm2, xm2, len2)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&ctx->grp, &ctx->Xm1, &ctx->xm1, + &ctx->grp.G, NULL, NULL)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&ctx->grp, &ctx->Xm2, &ctx->xm2, + &ctx->grp.G, NULL, NULL)); cleanup: - return( ret ); + return ret; } #endif /* ! MBEDTLS_ECJPAKE_ALT */ /* For tests we don't need a secure RNG; * use the LGC from Numerical Recipes for simplicity */ -static int ecjpake_lgc( void *p, unsigned char *out, size_t len ) +static int ecjpake_lgc(void *p, unsigned char *out, size_t len) { static uint32_t x = 42; (void) p; - while( len > 0 ) - { + while (len > 0) { size_t use_len = len > 4 ? 4 : len; x = 1664525 * x + 1013904223; - memcpy( out, &x, use_len ); + memcpy(out, &x, use_len); out += use_len; len -= use_len; } - return( 0 ); + return 0; } -#define TEST_ASSERT( x ) \ +#define TEST_ASSERT(x) \ do { \ - if( x ) \ - ret = 0; \ + if (x) \ + ret = 0; \ else \ { \ ret = 1; \ goto cleanup; \ } \ - } while( 0 ) + } while (0) /* * Checkup routine */ -int mbedtls_ecjpake_self_test( int verbose ) +int mbedtls_ecjpake_self_test(int verbose) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecjpake_context cli; @@ -999,59 +999,63 @@ int mbedtls_ecjpake_self_test( int verbose ) unsigned char buf[512], pms[32]; size_t len, pmslen; - mbedtls_ecjpake_init( &cli ); - mbedtls_ecjpake_init( &srv ); + mbedtls_ecjpake_init(&cli); + mbedtls_ecjpake_init(&srv); - if( verbose != 0 ) - mbedtls_printf( " ECJPAKE test #0 (setup): " ); + if (verbose != 0) { + mbedtls_printf(" ECJPAKE test #0 (setup): "); + } - TEST_ASSERT( mbedtls_ecjpake_setup( &cli, MBEDTLS_ECJPAKE_CLIENT, - MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, - ecjpake_test_password, - sizeof( ecjpake_test_password ) ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_setup(&cli, MBEDTLS_ECJPAKE_CLIENT, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, + ecjpake_test_password, + sizeof(ecjpake_test_password)) == 0); - TEST_ASSERT( mbedtls_ecjpake_setup( &srv, MBEDTLS_ECJPAKE_SERVER, - MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, - ecjpake_test_password, - sizeof( ecjpake_test_password ) ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_setup(&srv, MBEDTLS_ECJPAKE_SERVER, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, + ecjpake_test_password, + sizeof(ecjpake_test_password)) == 0); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( " ECJPAKE test #1 (random handshake): " ); + if (verbose != 0) { + mbedtls_printf(" ECJPAKE test #1 (random handshake): "); + } - TEST_ASSERT( mbedtls_ecjpake_write_round_one( &cli, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_write_round_one(&cli, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_one( &srv, buf, len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_one(&srv, buf, len) == 0); - TEST_ASSERT( mbedtls_ecjpake_write_round_one( &srv, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_write_round_one(&srv, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_one( &cli, buf, len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_one(&cli, buf, len) == 0); - TEST_ASSERT( mbedtls_ecjpake_write_round_two( &srv, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_write_round_two(&srv, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_two( &cli, buf, len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_two(&cli, buf, len) == 0); - TEST_ASSERT( mbedtls_ecjpake_derive_secret( &cli, - pms, sizeof( pms ), &pmslen, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_derive_secret(&cli, + pms, sizeof(pms), &pmslen, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( mbedtls_ecjpake_write_round_two( &cli, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_write_round_two(&cli, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_two( &srv, buf, len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_two(&srv, buf, len) == 0); - TEST_ASSERT( mbedtls_ecjpake_derive_secret( &srv, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_derive_secret(&srv, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( len == pmslen ); - TEST_ASSERT( memcmp( buf, pms, len ) == 0 ); + TEST_ASSERT(len == pmslen); + TEST_ASSERT(memcmp(buf, pms, len) == 0); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } #if !defined(MBEDTLS_ECJPAKE_ALT) /* 'reference handshake' tests can only be run against implementations @@ -1059,72 +1063,75 @@ int mbedtls_ecjpake_self_test( int verbose ) * are generated. This is only the case for the internal mbed TLS * implementation, so these tests are skipped in case the internal * implementation is swapped out for an alternative one. */ - if( verbose != 0 ) - mbedtls_printf( " ECJPAKE test #2 (reference handshake): " ); + if (verbose != 0) { + mbedtls_printf(" ECJPAKE test #2 (reference handshake): "); + } /* Simulate generation of round one */ - MBEDTLS_MPI_CHK( ecjpake_test_load( &cli, - ecjpake_test_x1, sizeof( ecjpake_test_x1 ), - ecjpake_test_x2, sizeof( ecjpake_test_x2 ) ) ); + MBEDTLS_MPI_CHK(ecjpake_test_load(&cli, + ecjpake_test_x1, sizeof(ecjpake_test_x1), + ecjpake_test_x2, sizeof(ecjpake_test_x2))); - MBEDTLS_MPI_CHK( ecjpake_test_load( &srv, - ecjpake_test_x3, sizeof( ecjpake_test_x3 ), - ecjpake_test_x4, sizeof( ecjpake_test_x4 ) ) ); + MBEDTLS_MPI_CHK(ecjpake_test_load(&srv, + ecjpake_test_x3, sizeof(ecjpake_test_x3), + ecjpake_test_x4, sizeof(ecjpake_test_x4))); /* Read round one */ - TEST_ASSERT( mbedtls_ecjpake_read_round_one( &srv, - ecjpake_test_cli_one, - sizeof( ecjpake_test_cli_one ) ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_one(&srv, + ecjpake_test_cli_one, + sizeof(ecjpake_test_cli_one)) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_one( &cli, - ecjpake_test_srv_one, - sizeof( ecjpake_test_srv_one ) ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_one(&cli, + ecjpake_test_srv_one, + sizeof(ecjpake_test_srv_one)) == 0); /* Skip generation of round two, read round two */ - TEST_ASSERT( mbedtls_ecjpake_read_round_two( &cli, - ecjpake_test_srv_two, - sizeof( ecjpake_test_srv_two ) ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_two(&cli, + ecjpake_test_srv_two, + sizeof(ecjpake_test_srv_two)) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_two( &srv, - ecjpake_test_cli_two, - sizeof( ecjpake_test_cli_two ) ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_two(&srv, + ecjpake_test_cli_two, + sizeof(ecjpake_test_cli_two)) == 0); /* Server derives PMS */ - TEST_ASSERT( mbedtls_ecjpake_derive_secret( &srv, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_derive_secret(&srv, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( len == sizeof( ecjpake_test_pms ) ); - TEST_ASSERT( memcmp( buf, ecjpake_test_pms, len ) == 0 ); + TEST_ASSERT(len == sizeof(ecjpake_test_pms)); + TEST_ASSERT(memcmp(buf, ecjpake_test_pms, len) == 0); - memset( buf, 0, len ); /* Avoid interferences with next step */ + memset(buf, 0, len); /* Avoid interferences with next step */ /* Client derives PMS */ - TEST_ASSERT( mbedtls_ecjpake_derive_secret( &cli, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_derive_secret(&cli, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( len == sizeof( ecjpake_test_pms ) ); - TEST_ASSERT( memcmp( buf, ecjpake_test_pms, len ) == 0 ); + TEST_ASSERT(len == sizeof(ecjpake_test_pms)); + TEST_ASSERT(memcmp(buf, ecjpake_test_pms, len) == 0); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } #endif /* ! MBEDTLS_ECJPAKE_ALT */ cleanup: - mbedtls_ecjpake_free( &cli ); - mbedtls_ecjpake_free( &srv ); + mbedtls_ecjpake_free(&cli); + mbedtls_ecjpake_free(&srv); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( ret ); + return ret; } #undef TEST_ASSERT diff --git a/library/ecp.c b/library/ecp.c index ad19e05fb28d..a029c22067c2 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -85,10 +85,10 @@ #if !defined(MBEDTLS_ECP_ALT) /* Parameter validation macros based on platform_util.h */ -#define ECP_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) -#define ECP_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define ECP_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) +#define ECP_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #include "mbedtls/platform.h" @@ -100,7 +100,8 @@ #elif defined(MBEDTLS_CTR_DRBG_C) #include "mbedtls/ctr_drbg.h" #else -#error "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid." +#error \ + "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid." #endif #endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */ @@ -137,49 +138,48 @@ static unsigned long add_count, dbl_count, mul_count; typedef mbedtls_hmac_drbg_context ecp_drbg_context; /* DRBG context init */ -static inline void ecp_drbg_init( ecp_drbg_context *ctx ) +static inline void ecp_drbg_init(ecp_drbg_context *ctx) { - mbedtls_hmac_drbg_init( ctx ); + mbedtls_hmac_drbg_init(ctx); } /* DRBG context free */ -static inline void ecp_drbg_free( ecp_drbg_context *ctx ) +static inline void ecp_drbg_free(ecp_drbg_context *ctx) { - mbedtls_hmac_drbg_free( ctx ); + mbedtls_hmac_drbg_free(ctx); } /* DRBG function */ -static inline int ecp_drbg_random( void *p_rng, - unsigned char *output, size_t output_len ) +static inline int ecp_drbg_random(void *p_rng, + unsigned char *output, size_t output_len) { - return( mbedtls_hmac_drbg_random( p_rng, output, output_len ) ); + return mbedtls_hmac_drbg_random(p_rng, output, output_len); } /* DRBG context seeding */ -static int ecp_drbg_seed( ecp_drbg_context *ctx, - const mbedtls_mpi *secret, size_t secret_len ) +static int ecp_drbg_seed(ecp_drbg_context *ctx, + const mbedtls_mpi *secret, size_t secret_len) { int ret; unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES]; /* The list starts with strong hashes */ const mbedtls_md_type_t md_type = mbedtls_md_list()[0]; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type); - if( secret_len > MBEDTLS_ECP_MAX_BYTES ) - { + if (secret_len > MBEDTLS_ECP_MAX_BYTES) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret, - secret_bytes, secret_len ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(secret, + secret_bytes, secret_len)); - ret = mbedtls_hmac_drbg_seed_buf( ctx, md_info, secret_bytes, secret_len ); + ret = mbedtls_hmac_drbg_seed_buf(ctx, md_info, secret_bytes, secret_len); cleanup: - mbedtls_platform_zeroize( secret_bytes, secret_len ); + mbedtls_platform_zeroize(secret_bytes, secret_len); - return( ret ); + return ret; } #elif defined(MBEDTLS_CTR_DRBG_C) @@ -188,22 +188,22 @@ static int ecp_drbg_seed( ecp_drbg_context *ctx, typedef mbedtls_ctr_drbg_context ecp_drbg_context; /* DRBG context init */ -static inline void ecp_drbg_init( ecp_drbg_context *ctx ) +static inline void ecp_drbg_init(ecp_drbg_context *ctx) { - mbedtls_ctr_drbg_init( ctx ); + mbedtls_ctr_drbg_init(ctx); } /* DRBG context free */ -static inline void ecp_drbg_free( ecp_drbg_context *ctx ) +static inline void ecp_drbg_free(ecp_drbg_context *ctx) { - mbedtls_ctr_drbg_free( ctx ); + mbedtls_ctr_drbg_free(ctx); } /* DRBG function */ -static inline int ecp_drbg_random( void *p_rng, - unsigned char *output, size_t output_len ) +static inline int ecp_drbg_random(void *p_rng, + unsigned char *output, size_t output_len) { - return( mbedtls_ctr_drbg_random( p_rng, output, output_len ) ); + return mbedtls_ctr_drbg_random(p_rng, output, output_len); } /* @@ -216,37 +216,37 @@ static inline int ecp_drbg_random( void *p_rng, static int ecp_ctr_drbg_null_entropy(void *ctx, unsigned char *out, size_t len) { (void) ctx; - memset( out, 0, len ); - return( 0 ); + memset(out, 0, len); + return 0; } /* DRBG context seeding */ -static int ecp_drbg_seed( ecp_drbg_context *ctx, - const mbedtls_mpi *secret, size_t secret_len ) +static int ecp_drbg_seed(ecp_drbg_context *ctx, + const mbedtls_mpi *secret, size_t secret_len) { int ret; unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES]; - if( secret_len > MBEDTLS_ECP_MAX_BYTES ) - { + if (secret_len > MBEDTLS_ECP_MAX_BYTES) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret, - secret_bytes, secret_len ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(secret, + secret_bytes, secret_len)); - ret = mbedtls_ctr_drbg_seed( ctx, ecp_ctr_drbg_null_entropy, NULL, - secret_bytes, secret_len ); + ret = mbedtls_ctr_drbg_seed(ctx, ecp_ctr_drbg_null_entropy, NULL, + secret_bytes, secret_len); cleanup: - mbedtls_platform_zeroize( secret_bytes, secret_len ); + mbedtls_platform_zeroize(secret_bytes, secret_len); - return( ret ); + return ret; } #else -#error "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid." +#error \ + "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid." #endif /* DRBG modules */ #endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */ @@ -266,7 +266,7 @@ static unsigned ecp_max_ops = 0; /* * Set ecp_max_ops */ -void mbedtls_ecp_set_max_ops( unsigned max_ops ) +void mbedtls_ecp_set_max_ops(unsigned max_ops) { ecp_max_ops = max_ops; } @@ -274,16 +274,15 @@ void mbedtls_ecp_set_max_ops( unsigned max_ops ) /* * Check if restart is enabled */ -int mbedtls_ecp_restart_is_enabled( void ) +int mbedtls_ecp_restart_is_enabled(void) { - return( ecp_max_ops != 0 ); + return ecp_max_ops != 0; } /* * Restart sub-context for ecp_mul_comb() */ -struct mbedtls_ecp_restart_mul -{ +struct mbedtls_ecp_restart_mul { mbedtls_ecp_point R; /* current intermediate result */ size_t i; /* current index in various loops, 0 outside */ mbedtls_ecp_point *T; /* table for precomputed points */ @@ -306,15 +305,15 @@ struct mbedtls_ecp_restart_mul /* * Init restart_mul sub-context */ -static void ecp_restart_rsm_init( mbedtls_ecp_restart_mul_ctx *ctx ) +static void ecp_restart_rsm_init(mbedtls_ecp_restart_mul_ctx *ctx) { - mbedtls_ecp_point_init( &ctx->R ); + mbedtls_ecp_point_init(&ctx->R); ctx->i = 0; ctx->T = NULL; ctx->T_size = 0; ctx->state = ecp_rsm_init; #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_init( &ctx->drbg_ctx ); + ecp_drbg_init(&ctx->drbg_ctx); ctx->drbg_seeded = 0; #endif } @@ -322,34 +321,34 @@ static void ecp_restart_rsm_init( mbedtls_ecp_restart_mul_ctx *ctx ) /* * Free the components of a restart_mul sub-context */ -static void ecp_restart_rsm_free( mbedtls_ecp_restart_mul_ctx *ctx ) +static void ecp_restart_rsm_free(mbedtls_ecp_restart_mul_ctx *ctx) { unsigned char i; - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_ecp_point_free( &ctx->R ); + mbedtls_ecp_point_free(&ctx->R); - if( ctx->T != NULL ) - { - for( i = 0; i < ctx->T_size; i++ ) - mbedtls_ecp_point_free( ctx->T + i ); - mbedtls_free( ctx->T ); + if (ctx->T != NULL) { + for (i = 0; i < ctx->T_size; i++) { + mbedtls_ecp_point_free(ctx->T + i); + } + mbedtls_free(ctx->T); } #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_free( &ctx->drbg_ctx ); + ecp_drbg_free(&ctx->drbg_ctx); #endif - ecp_restart_rsm_init( ctx ); + ecp_restart_rsm_init(ctx); } /* * Restart context for ecp_muladd() */ -struct mbedtls_ecp_restart_muladd -{ +struct mbedtls_ecp_restart_muladd { mbedtls_ecp_point mP; /* mP value */ mbedtls_ecp_point R; /* R intermediate result */ enum { /* what should we do next? */ @@ -363,33 +362,34 @@ struct mbedtls_ecp_restart_muladd /* * Init restart_muladd sub-context */ -static void ecp_restart_ma_init( mbedtls_ecp_restart_muladd_ctx *ctx ) +static void ecp_restart_ma_init(mbedtls_ecp_restart_muladd_ctx *ctx) { - mbedtls_ecp_point_init( &ctx->mP ); - mbedtls_ecp_point_init( &ctx->R ); + mbedtls_ecp_point_init(&ctx->mP); + mbedtls_ecp_point_init(&ctx->R); ctx->state = ecp_rsma_mul1; } /* * Free the components of a restart_muladd sub-context */ -static void ecp_restart_ma_free( mbedtls_ecp_restart_muladd_ctx *ctx ) +static void ecp_restart_ma_free(mbedtls_ecp_restart_muladd_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_ecp_point_free( &ctx->mP ); - mbedtls_ecp_point_free( &ctx->R ); + mbedtls_ecp_point_free(&ctx->mP); + mbedtls_ecp_point_free(&ctx->R); - ecp_restart_ma_init( ctx ); + ecp_restart_ma_init(ctx); } /* * Initialize a restart context */ -void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx ) +void mbedtls_ecp_restart_init(mbedtls_ecp_restart_ctx *ctx) { - ECP_VALIDATE( ctx != NULL ); + ECP_VALIDATE(ctx != NULL); ctx->ops_done = 0; ctx->depth = 0; ctx->rsm = NULL; @@ -399,93 +399,93 @@ void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx ) /* * Free the components of a restart context */ -void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx ) +void mbedtls_ecp_restart_free(mbedtls_ecp_restart_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - ecp_restart_rsm_free( ctx->rsm ); - mbedtls_free( ctx->rsm ); + ecp_restart_rsm_free(ctx->rsm); + mbedtls_free(ctx->rsm); - ecp_restart_ma_free( ctx->ma ); - mbedtls_free( ctx->ma ); + ecp_restart_ma_free(ctx->ma); + mbedtls_free(ctx->ma); - mbedtls_ecp_restart_init( ctx ); + mbedtls_ecp_restart_init(ctx); } /* * Check if we can do the next step */ -int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp, - mbedtls_ecp_restart_ctx *rs_ctx, - unsigned ops ) +int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp, + mbedtls_ecp_restart_ctx *rs_ctx, + unsigned ops) { - ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET(grp != NULL); - if( rs_ctx != NULL && ecp_max_ops != 0 ) - { + if (rs_ctx != NULL && ecp_max_ops != 0) { /* scale depending on curve size: the chosen reference is 256-bit, * and multiplication is quadratic. Round to the closest integer. */ - if( grp->pbits >= 512 ) + if (grp->pbits >= 512) { ops *= 4; - else if( grp->pbits >= 384 ) + } else if (grp->pbits >= 384) { ops *= 2; + } /* Avoid infinite loops: always allow first step. * Because of that, however, it's not generally true * that ops_done <= ecp_max_ops, so the check * ops_done > ecp_max_ops below is mandatory. */ - if( ( rs_ctx->ops_done != 0 ) && - ( rs_ctx->ops_done > ecp_max_ops || - ops > ecp_max_ops - rs_ctx->ops_done ) ) - { - return( MBEDTLS_ERR_ECP_IN_PROGRESS ); + if ((rs_ctx->ops_done != 0) && + (rs_ctx->ops_done > ecp_max_ops || + ops > ecp_max_ops - rs_ctx->ops_done)) { + return MBEDTLS_ERR_ECP_IN_PROGRESS; } /* update running count */ rs_ctx->ops_done += ops; } - return( 0 ); + return 0; } /* Call this when entering a function that needs its own sub-context */ -#define ECP_RS_ENTER( SUB ) do { \ - /* reset ops count for this call if top-level */ \ - if( rs_ctx != NULL && rs_ctx->depth++ == 0 ) \ +#define ECP_RS_ENTER(SUB) do { \ + /* reset ops count for this call if top-level */ \ + if (rs_ctx != NULL && rs_ctx->depth++ == 0) \ rs_ctx->ops_done = 0; \ \ - /* set up our own sub-context if needed */ \ - if( mbedtls_ecp_restart_is_enabled() && \ - rs_ctx != NULL && rs_ctx->SUB == NULL ) \ - { \ - rs_ctx->SUB = mbedtls_calloc( 1, sizeof( *rs_ctx->SUB ) ); \ - if( rs_ctx->SUB == NULL ) \ - return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); \ - \ - ecp_restart_## SUB ##_init( rs_ctx->SUB ); \ - } \ -} while( 0 ) + /* set up our own sub-context if needed */ \ + if (mbedtls_ecp_restart_is_enabled() && \ + rs_ctx != NULL && rs_ctx->SUB == NULL) \ + { \ + rs_ctx->SUB = mbedtls_calloc(1, sizeof(*rs_ctx->SUB)); \ + if (rs_ctx->SUB == NULL) \ + return MBEDTLS_ERR_ECP_ALLOC_FAILED; \ + \ + ecp_restart_## SUB ##_init(rs_ctx->SUB); \ + } \ +} while (0) /* Call this when leaving a function that needs its own sub-context */ -#define ECP_RS_LEAVE( SUB ) do { \ - /* clear our sub-context when not in progress (done or error) */ \ - if( rs_ctx != NULL && rs_ctx->SUB != NULL && \ - ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) \ - { \ - ecp_restart_## SUB ##_free( rs_ctx->SUB ); \ - mbedtls_free( rs_ctx->SUB ); \ - rs_ctx->SUB = NULL; \ - } \ +#define ECP_RS_LEAVE(SUB) do { \ + /* clear our sub-context when not in progress (done or error) */ \ + if (rs_ctx != NULL && rs_ctx->SUB != NULL && \ + ret != MBEDTLS_ERR_ECP_IN_PROGRESS) \ + { \ + ecp_restart_## SUB ##_free(rs_ctx->SUB); \ + mbedtls_free(rs_ctx->SUB); \ + rs_ctx->SUB = NULL; \ + } \ \ - if( rs_ctx != NULL ) \ + if (rs_ctx != NULL) \ rs_ctx->depth--; \ -} while( 0 ) +} while (0) #else /* MBEDTLS_ECP_RESTARTABLE */ -#define ECP_RS_ENTER( sub ) (void) rs_ctx; -#define ECP_RS_LEAVE( sub ) (void) rs_ctx; +#define ECP_RS_ENTER(sub) (void) rs_ctx; +#define ECP_RS_LEAVE(sub) (void) rs_ctx; #endif /* MBEDTLS_ECP_RESTARTABLE */ @@ -545,35 +545,33 @@ static const mbedtls_ecp_curve_info ecp_supported_curves[] = { MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, }; -#define ECP_NB_CURVES sizeof( ecp_supported_curves ) / \ - sizeof( ecp_supported_curves[0] ) +#define ECP_NB_CURVES sizeof(ecp_supported_curves) / \ + sizeof(ecp_supported_curves[0]) static mbedtls_ecp_group_id ecp_supported_grp_id[ECP_NB_CURVES]; /* * List of supported curves and associated info */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void ) +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list(void) { - return( ecp_supported_curves ); + return ecp_supported_curves; } /* * List of supported curves, group ID only */ -const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void ) +const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list(void) { static int init_done = 0; - if( ! init_done ) - { + if (!init_done) { size_t i = 0; const mbedtls_ecp_curve_info *curve_info; - for( curve_info = mbedtls_ecp_curve_list(); + for (curve_info = mbedtls_ecp_curve_list(); curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { + curve_info++) { ecp_supported_grp_id[i++] = curve_info->grp_id; } ecp_supported_grp_id[i] = MBEDTLS_ECP_DP_NONE; @@ -581,105 +579,108 @@ const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void ) init_done = 1; } - return( ecp_supported_grp_id ); + return ecp_supported_grp_id; } /* * Get the curve info for the internal identifier */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id ) +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id) { const mbedtls_ecp_curve_info *curve_info; - for( curve_info = mbedtls_ecp_curve_list(); + for (curve_info = mbedtls_ecp_curve_list(); curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( curve_info->grp_id == grp_id ) - return( curve_info ); + curve_info++) { + if (curve_info->grp_id == grp_id) { + return curve_info; + } } - return( NULL ); + return NULL; } /* * Get the curve info from the TLS identifier */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id ) +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id) { const mbedtls_ecp_curve_info *curve_info; - for( curve_info = mbedtls_ecp_curve_list(); + for (curve_info = mbedtls_ecp_curve_list(); curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( curve_info->tls_id == tls_id ) - return( curve_info ); + curve_info++) { + if (curve_info->tls_id == tls_id) { + return curve_info; + } } - return( NULL ); + return NULL; } /* * Get the curve info from the name */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name ) +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name(const char *name) { const mbedtls_ecp_curve_info *curve_info; - if( name == NULL ) - return( NULL ); + if (name == NULL) { + return NULL; + } - for( curve_info = mbedtls_ecp_curve_list(); + for (curve_info = mbedtls_ecp_curve_list(); curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( strcmp( curve_info->name, name ) == 0 ) - return( curve_info ); + curve_info++) { + if (strcmp(curve_info->name, name) == 0) { + return curve_info; + } } - return( NULL ); + return NULL; } /* * Get the type of a curve */ -mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp ) +mbedtls_ecp_curve_type mbedtls_ecp_get_type(const mbedtls_ecp_group *grp) { - if( grp->G.X.p == NULL ) - return( MBEDTLS_ECP_TYPE_NONE ); + if (grp->G.X.p == NULL) { + return MBEDTLS_ECP_TYPE_NONE; + } - if( grp->G.Y.p == NULL ) - return( MBEDTLS_ECP_TYPE_MONTGOMERY ); - else - return( MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ); + if (grp->G.Y.p == NULL) { + return MBEDTLS_ECP_TYPE_MONTGOMERY; + } else { + return MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS; + } } /* * Initialize (the components of) a point */ -void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ) +void mbedtls_ecp_point_init(mbedtls_ecp_point *pt) { - ECP_VALIDATE( pt != NULL ); + ECP_VALIDATE(pt != NULL); - mbedtls_mpi_init( &pt->X ); - mbedtls_mpi_init( &pt->Y ); - mbedtls_mpi_init( &pt->Z ); + mbedtls_mpi_init(&pt->X); + mbedtls_mpi_init(&pt->Y); + mbedtls_mpi_init(&pt->Z); } /* * Initialize (the components of) a group */ -void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ) +void mbedtls_ecp_group_init(mbedtls_ecp_group *grp) { - ECP_VALIDATE( grp != NULL ); + ECP_VALIDATE(grp != NULL); grp->id = MBEDTLS_ECP_DP_NONE; - mbedtls_mpi_init( &grp->P ); - mbedtls_mpi_init( &grp->A ); - mbedtls_mpi_init( &grp->B ); - mbedtls_ecp_point_init( &grp->G ); - mbedtls_mpi_init( &grp->N ); + mbedtls_mpi_init(&grp->P); + mbedtls_mpi_init(&grp->A); + mbedtls_mpi_init(&grp->B); + mbedtls_ecp_point_init(&grp->G); + mbedtls_mpi_init(&grp->N); grp->pbits = 0; grp->nbits = 0; grp->h = 0; @@ -694,297 +695,299 @@ void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ) /* * Initialize (the components of) a key pair */ -void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key ) +void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key) { - ECP_VALIDATE( key != NULL ); + ECP_VALIDATE(key != NULL); - mbedtls_ecp_group_init( &key->grp ); - mbedtls_mpi_init( &key->d ); - mbedtls_ecp_point_init( &key->Q ); + mbedtls_ecp_group_init(&key->grp); + mbedtls_mpi_init(&key->d); + mbedtls_ecp_point_init(&key->Q); } /* * Unallocate (the components of) a point */ -void mbedtls_ecp_point_free( mbedtls_ecp_point *pt ) +void mbedtls_ecp_point_free(mbedtls_ecp_point *pt) { - if( pt == NULL ) + if (pt == NULL) { return; + } - mbedtls_mpi_free( &( pt->X ) ); - mbedtls_mpi_free( &( pt->Y ) ); - mbedtls_mpi_free( &( pt->Z ) ); + mbedtls_mpi_free(&(pt->X)); + mbedtls_mpi_free(&(pt->Y)); + mbedtls_mpi_free(&(pt->Z)); } /* * Unallocate (the components of) a group */ -void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ) +void mbedtls_ecp_group_free(mbedtls_ecp_group *grp) { size_t i; - if( grp == NULL ) + if (grp == NULL) { return; + } - if( grp->h != 1 ) - { - mbedtls_mpi_free( &grp->P ); - mbedtls_mpi_free( &grp->A ); - mbedtls_mpi_free( &grp->B ); - mbedtls_ecp_point_free( &grp->G ); - mbedtls_mpi_free( &grp->N ); + if (grp->h != 1) { + mbedtls_mpi_free(&grp->P); + mbedtls_mpi_free(&grp->A); + mbedtls_mpi_free(&grp->B); + mbedtls_ecp_point_free(&grp->G); + mbedtls_mpi_free(&grp->N); } - if( grp->T != NULL ) - { - for( i = 0; i < grp->T_size; i++ ) - mbedtls_ecp_point_free( &grp->T[i] ); - mbedtls_free( grp->T ); + if (grp->T != NULL) { + for (i = 0; i < grp->T_size; i++) { + mbedtls_ecp_point_free(&grp->T[i]); + } + mbedtls_free(grp->T); } - mbedtls_platform_zeroize( grp, sizeof( mbedtls_ecp_group ) ); + mbedtls_platform_zeroize(grp, sizeof(mbedtls_ecp_group)); } /* * Unallocate (the components of) a key pair */ -void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ) +void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key) { - if( key == NULL ) + if (key == NULL) { return; + } - mbedtls_ecp_group_free( &key->grp ); - mbedtls_mpi_free( &key->d ); - mbedtls_ecp_point_free( &key->Q ); + mbedtls_ecp_group_free(&key->grp); + mbedtls_mpi_free(&key->d); + mbedtls_ecp_point_free(&key->Q); } /* * Copy the contents of a point */ -int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ) +int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( P != NULL ); - ECP_VALIDATE_RET( Q != NULL ); + ECP_VALIDATE_RET(P != NULL); + ECP_VALIDATE_RET(Q != NULL); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->X, &Q->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->Y, &Q->Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->Z, &Q->Z ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&P->X, &Q->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&P->Y, &Q->Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&P->Z, &Q->Z)); cleanup: - return( ret ); + return ret; } /* * Copy the contents of a group object */ -int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src ) +int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst, const mbedtls_ecp_group *src) { - ECP_VALIDATE_RET( dst != NULL ); - ECP_VALIDATE_RET( src != NULL ); + ECP_VALIDATE_RET(dst != NULL); + ECP_VALIDATE_RET(src != NULL); - return( mbedtls_ecp_group_load( dst, src->id ) ); + return mbedtls_ecp_group_load(dst, src->id); } /* * Set point to zero */ -int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ) +int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( pt != NULL ); + ECP_VALIDATE_RET(pt != NULL); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->X , 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Y , 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z , 0 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->X, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Y, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Z, 0)); cleanup: - return( ret ); + return ret; } /* * Tell if a point is zero */ -int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ) +int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt) { - ECP_VALIDATE_RET( pt != NULL ); + ECP_VALIDATE_RET(pt != NULL); - return( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 ); + return mbedtls_mpi_cmp_int(&pt->Z, 0) == 0; } /* * Compare two points lazily */ -int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P, - const mbedtls_ecp_point *Q ) +int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P, + const mbedtls_ecp_point *Q) { - ECP_VALIDATE_RET( P != NULL ); - ECP_VALIDATE_RET( Q != NULL ); + ECP_VALIDATE_RET(P != NULL); + ECP_VALIDATE_RET(Q != NULL); - if( mbedtls_mpi_cmp_mpi( &P->X, &Q->X ) == 0 && - mbedtls_mpi_cmp_mpi( &P->Y, &Q->Y ) == 0 && - mbedtls_mpi_cmp_mpi( &P->Z, &Q->Z ) == 0 ) - { - return( 0 ); + if (mbedtls_mpi_cmp_mpi(&P->X, &Q->X) == 0 && + mbedtls_mpi_cmp_mpi(&P->Y, &Q->Y) == 0 && + mbedtls_mpi_cmp_mpi(&P->Z, &Q->Z) == 0) { + return 0; } - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } /* * Import a non-zero point from ASCII strings */ -int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, - const char *x, const char *y ) +int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix, + const char *x, const char *y) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( P != NULL ); - ECP_VALIDATE_RET( x != NULL ); - ECP_VALIDATE_RET( y != NULL ); + ECP_VALIDATE_RET(P != NULL); + ECP_VALIDATE_RET(x != NULL); + ECP_VALIDATE_RET(y != NULL); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P->X, radix, x ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P->Y, radix, y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &P->Z, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&P->X, radix, x)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&P->Y, radix, y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&P->Z, 1)); cleanup: - return( ret ); + return ret; } /* * Export a point into unsigned binary data (SEC1 2.3.3 and RFC7748) */ -int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, - const mbedtls_ecp_point *P, - int format, size_t *olen, - unsigned char *buf, size_t buflen ) +int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *P, + int format, size_t *olen, + unsigned char *buf, size_t buflen) { int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; size_t plen; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( P != NULL ); - ECP_VALIDATE_RET( olen != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( format == MBEDTLS_ECP_PF_UNCOMPRESSED || - format == MBEDTLS_ECP_PF_COMPRESSED ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(P != NULL); + ECP_VALIDATE_RET(olen != NULL); + ECP_VALIDATE_RET(buf != NULL); + ECP_VALIDATE_RET(format == MBEDTLS_ECP_PF_UNCOMPRESSED || + format == MBEDTLS_ECP_PF_COMPRESSED); - plen = mbedtls_mpi_size( &grp->P ); + plen = mbedtls_mpi_size(&grp->P); #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) (void) format; /* Montgomery curves always use the same point format */ - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { *olen = plen; - if( buflen < *olen ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (buflen < *olen) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary_le( &P->X, buf, plen ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary_le(&P->X, buf, plen)); } #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - { + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { /* * Common case: P == 0 */ - if( mbedtls_mpi_cmp_int( &P->Z, 0 ) == 0 ) - { - if( buflen < 1 ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (mbedtls_mpi_cmp_int(&P->Z, 0) == 0) { + if (buflen < 1) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } buf[0] = 0x00; *olen = 1; - return( 0 ); + return 0; } - if( format == MBEDTLS_ECP_PF_UNCOMPRESSED ) - { + if (format == MBEDTLS_ECP_PF_UNCOMPRESSED) { *olen = 2 * plen + 1; - if( buflen < *olen ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (buflen < *olen) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } buf[0] = 0x04; - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->X, buf + 1, plen ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->Y, buf + 1 + plen, plen ) ); - } - else if( format == MBEDTLS_ECP_PF_COMPRESSED ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&P->X, buf + 1, plen)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&P->Y, buf + 1 + plen, plen)); + } else if (format == MBEDTLS_ECP_PF_COMPRESSED) { *olen = plen + 1; - if( buflen < *olen ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (buflen < *olen) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - buf[0] = 0x02 + mbedtls_mpi_get_bit( &P->Y, 0 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->X, buf + 1, plen ) ); + buf[0] = 0x02 + mbedtls_mpi_get_bit(&P->Y, 0); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&P->X, buf + 1, plen)); } } #endif cleanup: - return( ret ); + return ret; } /* * Import a point from unsigned binary data (SEC1 2.3.4 and RFC7748) */ -int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *pt, - const unsigned char *buf, size_t ilen ) +int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt, + const unsigned char *buf, size_t ilen) { int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; size_t plen; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( pt != NULL ); - ECP_VALIDATE_RET( buf != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(pt != NULL); + ECP_VALIDATE_RET(buf != NULL); - if( ilen < 1 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (ilen < 1) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - plen = mbedtls_mpi_size( &grp->P ); + plen = mbedtls_mpi_size(&grp->P); #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { - if( plen != ilen ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + if (plen != ilen) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary_le( &pt->X, buf, plen ) ); - mbedtls_mpi_free( &pt->Y ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary_le(&pt->X, buf, plen)); + mbedtls_mpi_free(&pt->Y); - if( grp->id == MBEDTLS_ECP_DP_CURVE25519 ) + if (grp->id == MBEDTLS_ECP_DP_CURVE25519) { /* Set most significant bit to 0 as prescribed in RFC7748 §5 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &pt->X, plen * 8 - 1, 0 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&pt->X, plen * 8 - 1, 0)); + } - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Z, 1)); } #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - { - if( buf[0] == 0x00 ) - { - if( ilen == 1 ) - return( mbedtls_ecp_set_zero( pt ) ); - else - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + if (buf[0] == 0x00) { + if (ilen == 1) { + return mbedtls_ecp_set_zero(pt); + } else { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } } - if( buf[0] != 0x04 ) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + if (buf[0] != 0x04) { + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } - if( ilen != 2 * plen + 1 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (ilen != 2 * plen + 1) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &pt->X, buf + 1, plen ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &pt->Y, - buf + 1 + plen, plen ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&pt->X, buf + 1, plen)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&pt->Y, + buf + 1 + plen, plen)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Z, 1)); } #endif cleanup: - return( ret ); + return ret; } /* @@ -993,26 +996,28 @@ int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, * opaque point <1..2^8-1>; * } ECPoint; */ -int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *pt, - const unsigned char **buf, size_t buf_len ) +int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt, + const unsigned char **buf, size_t buf_len) { unsigned char data_len; const unsigned char *buf_start; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( pt != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( *buf != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(pt != NULL); + ECP_VALIDATE_RET(buf != NULL); + ECP_VALIDATE_RET(*buf != NULL); /* * We must have at least two bytes (1 for length, at least one for data) */ - if( buf_len < 2 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (buf_len < 2) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } data_len = *(*buf)++; - if( data_len < 1 || data_len > buf_len - 1 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (data_len < 1 || data_len > buf_len - 1) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* * Save buffer start for read_binary and update buf @@ -1020,7 +1025,7 @@ int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, buf_start = *buf; *buf += data_len; - return( mbedtls_ecp_point_read_binary( grp, pt, buf_start, data_len ) ); + return mbedtls_ecp_point_read_binary(grp, pt, buf_start, data_len); } /* @@ -1029,27 +1034,29 @@ int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, * opaque point <1..2^8-1>; * } ECPoint; */ -int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, - int format, size_t *olen, - unsigned char *buf, size_t blen ) +int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, + int format, size_t *olen, + unsigned char *buf, size_t blen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( pt != NULL ); - ECP_VALIDATE_RET( olen != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( format == MBEDTLS_ECP_PF_UNCOMPRESSED || - format == MBEDTLS_ECP_PF_COMPRESSED ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(pt != NULL); + ECP_VALIDATE_RET(olen != NULL); + ECP_VALIDATE_RET(buf != NULL); + ECP_VALIDATE_RET(format == MBEDTLS_ECP_PF_UNCOMPRESSED || + format == MBEDTLS_ECP_PF_COMPRESSED); /* * buffer length must be at least one, for our length byte */ - if( blen < 1 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (blen < 1) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - if( ( ret = mbedtls_ecp_point_write_binary( grp, pt, format, - olen, buf + 1, blen - 1) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_point_write_binary(grp, pt, format, + olen, buf + 1, blen - 1)) != 0) { + return ret; + } /* * write length to the first byte and update total length @@ -1057,51 +1064,54 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp buf[0] = (unsigned char) *olen; ++*olen; - return( 0 ); + return 0; } /* * Set a group from an ECParameters record (RFC 4492) */ -int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, - const unsigned char **buf, size_t len ) +int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp, + const unsigned char **buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( *buf != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(buf != NULL); + ECP_VALIDATE_RET(*buf != NULL); - if( ( ret = mbedtls_ecp_tls_read_group_id( &grp_id, buf, len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_tls_read_group_id(&grp_id, buf, len)) != 0) { + return ret; + } - return( mbedtls_ecp_group_load( grp, grp_id ) ); + return mbedtls_ecp_group_load(grp, grp_id); } /* * Read a group id from an ECParameters record (RFC 4492) and convert it to * mbedtls_ecp_group_id. */ -int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp, - const unsigned char **buf, size_t len ) +int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp, + const unsigned char **buf, size_t len) { uint16_t tls_id; const mbedtls_ecp_curve_info *curve_info; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( *buf != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(buf != NULL); + ECP_VALIDATE_RET(*buf != NULL); /* * We expect at least three bytes (see below) */ - if( len < 3 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (len < 3) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* * First byte is curve_type; only named_curve is handled */ - if( *(*buf)++ != MBEDTLS_ECP_TLS_NAMED_CURVE ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (*(*buf)++ != MBEDTLS_ECP_TLS_NAMED_CURVE) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* * Next two bytes are the namedcurve value @@ -1110,34 +1120,37 @@ int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp, tls_id <<= 8; tls_id |= *(*buf)++; - if( ( curve_info = mbedtls_ecp_curve_info_from_tls_id( tls_id ) ) == NULL ) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + if ((curve_info = mbedtls_ecp_curve_info_from_tls_id(tls_id)) == NULL) { + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } *grp = curve_info->grp_id; - return( 0 ); + return 0; } /* * Write the ECParameters record corresponding to a group (RFC 4492) */ -int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, - unsigned char *buf, size_t blen ) +int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp, size_t *olen, + unsigned char *buf, size_t blen) { const mbedtls_ecp_curve_info *curve_info; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( olen != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(buf != NULL); + ECP_VALIDATE_RET(olen != NULL); - if( ( curve_info = mbedtls_ecp_curve_info_from_grp_id( grp->id ) ) == NULL ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if ((curve_info = mbedtls_ecp_curve_info_from_grp_id(grp->id)) == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* * We are going to write 3 bytes (see below) */ *olen = 3; - if( blen < *olen ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (blen < *olen) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } /* * First byte is curve_type, always named_curve @@ -1147,9 +1160,9 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, /* * Next two bytes are the namedcurve value */ - MBEDTLS_PUT_UINT16_BE( curve_info->tls_id, buf, 0 ); + MBEDTLS_PUT_UINT16_BE(curve_info->tls_id, buf, 0); - return( 0 ); + return 0; } /* @@ -1158,32 +1171,34 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, * * This function is in the critial loop for mbedtls_ecp_mul, so pay attention to perf. */ -static int ecp_modp( mbedtls_mpi *N, const mbedtls_ecp_group *grp ) +static int ecp_modp(mbedtls_mpi *N, const mbedtls_ecp_group *grp) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( grp->modp == NULL ) - return( mbedtls_mpi_mod_mpi( N, N, &grp->P ) ); + if (grp->modp == NULL) { + return mbedtls_mpi_mod_mpi(N, N, &grp->P); + } /* N->s < 0 is a much faster test, which fails only if N is 0 */ - if( ( N->s < 0 && mbedtls_mpi_cmp_int( N, 0 ) != 0 ) || - mbedtls_mpi_bitlen( N ) > 2 * grp->pbits ) - { - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if ((N->s < 0 && mbedtls_mpi_cmp_int(N, 0) != 0) || + mbedtls_mpi_bitlen(N) > 2 * grp->pbits) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } - MBEDTLS_MPI_CHK( grp->modp( N ) ); + MBEDTLS_MPI_CHK(grp->modp(N)); /* N->s < 0 is a much faster test, which fails only if N is 0 */ - while( N->s < 0 && mbedtls_mpi_cmp_int( N, 0 ) != 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &grp->P ) ); + while (N->s < 0 && mbedtls_mpi_cmp_int(N, 0) != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(N, N, &grp->P)); + } - while( mbedtls_mpi_cmp_mpi( N, &grp->P ) >= 0 ) + while (mbedtls_mpi_cmp_mpi(N, &grp->P) >= 0) { /* we known P, N and the result are positive */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( N, N, &grp->P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(N, N, &grp->P)); + } cleanup: - return( ret ); + return ret; } /* @@ -1205,50 +1220,50 @@ static int ecp_modp( mbedtls_mpi *N, const mbedtls_ecp_group *grp ) #define INC_MUL_COUNT #endif -#define MOD_MUL( N ) \ +#define MOD_MUL(N) \ do \ { \ - MBEDTLS_MPI_CHK( ecp_modp( &(N), grp ) ); \ + MBEDTLS_MPI_CHK(ecp_modp(&(N), grp)); \ INC_MUL_COUNT \ - } while( 0 ) + } while (0) -static inline int mbedtls_mpi_mul_mod( const mbedtls_ecp_group *grp, - mbedtls_mpi *X, - const mbedtls_mpi *A, - const mbedtls_mpi *B ) +static inline int mbedtls_mpi_mul_mod(const mbedtls_ecp_group *grp, + mbedtls_mpi *X, + const mbedtls_mpi *A, + const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( X, A, B ) ); - MOD_MUL( *X ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(X, A, B)); + MOD_MUL(*X); cleanup: - return( ret ); + return ret; } /* * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_sub_mpi * N->s < 0 is a very fast test, which fails only if N is 0 */ -#define MOD_SUB( N ) \ - while( (N).s < 0 && mbedtls_mpi_cmp_int( &(N), 0 ) != 0 ) \ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &(N), &(N), &grp->P ) ) - -#if ( defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \ - !( defined(MBEDTLS_ECP_NO_FALLBACK) && \ - defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \ - defined(MBEDTLS_ECP_ADD_MIXED_ALT) ) ) || \ - ( defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) && \ - !( defined(MBEDTLS_ECP_NO_FALLBACK) && \ - defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) ) ) -static inline int mbedtls_mpi_sub_mod( const mbedtls_ecp_group *grp, - mbedtls_mpi *X, - const mbedtls_mpi *A, - const mbedtls_mpi *B ) +#define MOD_SUB(N) \ + while ((N).s < 0 && mbedtls_mpi_cmp_int(&(N), 0) != 0) \ + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&(N), &(N), &grp->P)) + +#if (defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \ + !(defined(MBEDTLS_ECP_NO_FALLBACK) && \ + defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \ + defined(MBEDTLS_ECP_ADD_MIXED_ALT))) || \ + (defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) && \ + !(defined(MBEDTLS_ECP_NO_FALLBACK) && \ + defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT))) +static inline int mbedtls_mpi_sub_mod(const mbedtls_ecp_group *grp, + mbedtls_mpi *X, + const mbedtls_mpi *A, + const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( X, A, B ) ); - MOD_SUB( *X ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(X, A, B)); + MOD_SUB(*X); cleanup: - return( ret ); + return ret; } #endif /* All functions referencing mbedtls_mpi_sub_mod() are alt-implemented without fallback */ @@ -1257,37 +1272,38 @@ static inline int mbedtls_mpi_sub_mod( const mbedtls_ecp_group *grp, * We known P, N and the result are positive, so sub_abs is correct, and * a bit faster. */ -#define MOD_ADD( N ) \ - while( mbedtls_mpi_cmp_mpi( &(N), &grp->P ) >= 0 ) \ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &(N), &(N), &grp->P ) ) +#define MOD_ADD(N) \ + while (mbedtls_mpi_cmp_mpi(&(N), &grp->P) >= 0) \ + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(&(N), &(N), &grp->P)) -static inline int mbedtls_mpi_add_mod( const mbedtls_ecp_group *grp, - mbedtls_mpi *X, - const mbedtls_mpi *A, - const mbedtls_mpi *B ) +static inline int mbedtls_mpi_add_mod(const mbedtls_ecp_group *grp, + mbedtls_mpi *X, + const mbedtls_mpi *A, + const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( X, A, B ) ); - MOD_ADD( *X ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(X, A, B)); + MOD_ADD(*X); cleanup: - return( ret ); + return ret; } #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \ - !( defined(MBEDTLS_ECP_NO_FALLBACK) && \ - defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \ - defined(MBEDTLS_ECP_ADD_MIXED_ALT) ) -static inline int mbedtls_mpi_shift_l_mod( const mbedtls_ecp_group *grp, - mbedtls_mpi *X, - size_t count ) + !(defined(MBEDTLS_ECP_NO_FALLBACK) && \ + defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \ + defined(MBEDTLS_ECP_ADD_MIXED_ALT)) +static inline int mbedtls_mpi_shift_l_mod(const mbedtls_ecp_group *grp, + mbedtls_mpi *X, + size_t count) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( X, count ) ); - MOD_ADD( *X ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(X, count)); + MOD_ADD(*X); cleanup: - return( ret ); + return ret; } -#endif /* All functions referencing mbedtls_mpi_shift_l_mod() are alt-implemented without fallback */ +#endif \ + /* All functions referencing mbedtls_mpi_shift_l_mod() are alt-implemented without fallback */ #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) /* @@ -1302,46 +1318,48 @@ static inline int mbedtls_mpi_shift_l_mod( const mbedtls_ecp_group *grp, * Normalize jacobian coordinates so that Z == 0 || Z == 1 (GECC 3.2.1) * Cost: 1N := 1I + 3M + 1S */ -static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt ) +static int ecp_normalize_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt) { - if( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 ) - return( 0 ); + if (mbedtls_mpi_cmp_int(&pt->Z, 0) == 0) { + return 0; + } #if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_normalize_jac( grp, pt ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_normalize_jac(grp, pt); + } #endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi Zi, ZZi; - mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi ); + mbedtls_mpi_init(&Zi); mbedtls_mpi_init(&ZZi); /* * X = X / Z^2 mod p */ - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &Zi, &pt->Z, &grp->P ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ZZi, &Zi, &Zi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->X, &pt->X, &ZZi ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&Zi, &pt->Z, &grp->P)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &ZZi, &Zi, &Zi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->X, &pt->X, &ZZi)); /* * Y = Y / Z^3 mod p */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Y, &pt->Y, &ZZi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Y, &pt->Y, &Zi ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->Y, &pt->Y, &ZZi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->Y, &pt->Y, &Zi)); /* * Z = 1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Z, 1)); cleanup: - mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi ); + mbedtls_mpi_free(&Zi); mbedtls_mpi_free(&ZZi); - return( ret ); + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) */ } @@ -1356,68 +1374,68 @@ static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *p * * Cost: 1N(t) := 1I + (6t - 3)M + 1S */ -static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *T[], size_t T_size ) +static int ecp_normalize_jac_many(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *T[], size_t T_size) { - if( T_size < 2 ) - return( ecp_normalize_jac( grp, *T ) ); + if (T_size < 2) { + return ecp_normalize_jac(grp, *T); + } #if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_normalize_jac_many( grp, T, T_size ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_normalize_jac_many(grp, T, T_size); + } #endif #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi *c, u, Zi, ZZi; - if( ( c = mbedtls_calloc( T_size, sizeof( mbedtls_mpi ) ) ) == NULL ) - return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + if ((c = mbedtls_calloc(T_size, sizeof(mbedtls_mpi))) == NULL) { + return MBEDTLS_ERR_ECP_ALLOC_FAILED; + } - for( i = 0; i < T_size; i++ ) - mbedtls_mpi_init( &c[i] ); + for (i = 0; i < T_size; i++) { + mbedtls_mpi_init(&c[i]); + } - mbedtls_mpi_init( &u ); mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi ); + mbedtls_mpi_init(&u); mbedtls_mpi_init(&Zi); mbedtls_mpi_init(&ZZi); /* * c[i] = Z_0 * ... * Z_i */ - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &c[0], &T[0]->Z ) ); - for( i = 1; i < T_size; i++ ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &c[i], &c[i-1], &T[i]->Z ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&c[0], &T[0]->Z)); + for (i = 1; i < T_size; i++) { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &c[i], &c[i-1], &T[i]->Z)); } /* * u = 1 / (Z_0 * ... * Z_n) mod P */ - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &u, &c[T_size-1], &grp->P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&u, &c[T_size-1], &grp->P)); - for( i = T_size - 1; ; i-- ) - { + for (i = T_size - 1;; i--) { /* * Zi = 1 / Z_i mod p * u = 1 / (Z_0 * ... * Z_i) mod P */ - if( i == 0 ) { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Zi, &u ) ); - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &Zi, &u, &c[i-1] ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &u, &u, &T[i]->Z ) ); + if (i == 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&Zi, &u)); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &Zi, &u, &c[i-1])); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &u, &u, &T[i]->Z)); } /* * proceed as in normalize() */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ZZi, &Zi, &Zi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T[i]->X, &T[i]->X, &ZZi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T[i]->Y, &T[i]->Y, &ZZi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T[i]->Y, &T[i]->Y, &Zi ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &ZZi, &Zi, &Zi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T[i]->X, &T[i]->X, &ZZi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T[i]->Y, &T[i]->Y, &ZZi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T[i]->Y, &T[i]->Y, &Zi)); /* * Post-precessing: reclaim some memory by shrinking coordinates @@ -1425,22 +1443,24 @@ static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, * - shrinking other coordinates, but still keeping the same number of * limbs as P, as otherwise it will too likely be regrown too fast. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( &T[i]->X, grp->P.n ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( &T[i]->Y, grp->P.n ) ); - mbedtls_mpi_free( &T[i]->Z ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shrink(&T[i]->X, grp->P.n)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shrink(&T[i]->Y, grp->P.n)); + mbedtls_mpi_free(&T[i]->Z); - if( i == 0 ) + if (i == 0) { break; + } } cleanup: - mbedtls_mpi_free( &u ); mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi ); - for( i = 0; i < T_size; i++ ) - mbedtls_mpi_free( &c[i] ); - mbedtls_free( c ); + mbedtls_mpi_free(&u); mbedtls_mpi_free(&Zi); mbedtls_mpi_free(&ZZi); + for (i = 0; i < T_size; i++) { + mbedtls_mpi_free(&c[i]); + } + mbedtls_free(c); - return( ret ); + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) */ } @@ -1448,25 +1468,25 @@ static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, * Conditional point inversion: Q -> -Q = (Q.X, -Q.Y, Q.Z) without leak. * "inv" must be 0 (don't invert) or 1 (invert) or the result will be invalid */ -static int ecp_safe_invert_jac( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *Q, - unsigned char inv ) +static int ecp_safe_invert_jac(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *Q, + unsigned char inv) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char nonzero; mbedtls_mpi mQY; - mbedtls_mpi_init( &mQY ); + mbedtls_mpi_init(&mQY); /* Use the fact that -Q.Y mod P = P - Q.Y unless Q.Y == 0 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mQY, &grp->P, &Q->Y ) ); - nonzero = mbedtls_mpi_cmp_int( &Q->Y, 0 ) != 0; - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &Q->Y, &mQY, inv & nonzero ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&mQY, &grp->P, &Q->Y)); + nonzero = mbedtls_mpi_cmp_int(&Q->Y, 0) != 0; + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(&Q->Y, &mQY, inv & nonzero)); cleanup: - mbedtls_mpi_free( &mQY ); + mbedtls_mpi_free(&mQY); - return( ret ); + return ret; } /* @@ -1483,85 +1503,82 @@ static int ecp_safe_invert_jac( const mbedtls_ecp_group *grp, * 4M + 4S (A == -3) * 3M + 6S + 1a otherwise */ -static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_ecp_point *P ) +static int ecp_double_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point *P) { #if defined(MBEDTLS_SELF_TEST) dbl_count++; #endif #if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_double_jac( grp, R, P ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_double_jac(grp, R, P); + } #endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi M, S, T, U; - mbedtls_mpi_init( &M ); mbedtls_mpi_init( &S ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &U ); + mbedtls_mpi_init(&M); mbedtls_mpi_init(&S); mbedtls_mpi_init(&T); mbedtls_mpi_init(&U); /* Special case for A = -3 */ - if( grp->A.p == NULL ) - { + if (grp->A.p == NULL) { /* M = 3(X + Z^2)(X - Z^2) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &P->Z, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &T, &P->X, &S ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &U, &P->X, &S ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &T, &U ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &S, 3 ) ); MOD_ADD( M ); - } - else - { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &P->Z, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &T, &P->X, &S)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &U, &P->X, &S)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &T, &U)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&M, &S, 3)); MOD_ADD(M); + } else { /* M = 3.X^2 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &P->X, &P->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &S, 3 ) ); MOD_ADD( M ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &P->X, &P->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&M, &S, 3)); MOD_ADD(M); /* Optimize away for "koblitz" curves with A = 0 */ - if( mbedtls_mpi_cmp_int( &grp->A, 0 ) != 0 ) - { + if (mbedtls_mpi_cmp_int(&grp->A, 0) != 0) { /* M += A.Z^4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &P->Z, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T, &S, &S ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &T, &grp->A ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &M, &M, &S ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &P->Z, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T, &S, &S)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &T, &grp->A)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &M, &M, &S)); } } /* S = 4.X.Y^2 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T, &P->Y, &P->Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &T, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &P->X, &T ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &S, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T, &P->Y, &P->Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &T, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &P->X, &T)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &S, 1)); /* U = 8.Y^4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &U, &T, &T ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &U, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &U, &T, &T)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &U, 1)); /* T = M^2 - 2.S */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T, &M, &M ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T, &T, &S ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T, &T, &S ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T, &M, &M)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T, &T, &S)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T, &T, &S)); /* S = M(S - T) - U */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &S, &S, &T ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &S, &M ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &S, &S, &U ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &S, &S, &T)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &S, &M)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &S, &S, &U)); /* U = 2.Y.Z */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &U, &P->Y, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &U, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &U, &P->Y, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &U, 1)); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->X, &T ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Y, &S ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Z, &U ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->X, &T)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->Y, &S)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->Z, &U)); cleanup: - mbedtls_mpi_free( &M ); mbedtls_mpi_free( &S ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &U ); + mbedtls_mpi_free(&M); mbedtls_mpi_free(&S); mbedtls_mpi_free(&T); mbedtls_mpi_free(&U); - return( ret ); + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) */ } @@ -1583,20 +1600,21 @@ static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * * Cost: 1A := 8M + 3S */ -static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ) +static int ecp_add_mixed(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q) { #if defined(MBEDTLS_SELF_TEST) add_count++; #endif #if defined(MBEDTLS_ECP_ADD_MIXED_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_add_mixed( grp, R, P, Q ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_add_mixed(grp, R, P, Q); + } #endif /* MBEDTLS_ECP_ADD_MIXED_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_ADD_MIXED_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi T1, T2, T3, T4, X, Y, Z; @@ -1604,67 +1622,66 @@ static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, /* * Trivial cases: P == 0 or Q == 0 (case 1) */ - if( mbedtls_mpi_cmp_int( &P->Z, 0 ) == 0 ) - return( mbedtls_ecp_copy( R, Q ) ); + if (mbedtls_mpi_cmp_int(&P->Z, 0) == 0) { + return mbedtls_ecp_copy(R, Q); + } - if( Q->Z.p != NULL && mbedtls_mpi_cmp_int( &Q->Z, 0 ) == 0 ) - return( mbedtls_ecp_copy( R, P ) ); + if (Q->Z.p != NULL && mbedtls_mpi_cmp_int(&Q->Z, 0) == 0) { + return mbedtls_ecp_copy(R, P); + } /* * Make sure Q coordinates are normalized */ - if( Q->Z.p != NULL && mbedtls_mpi_cmp_int( &Q->Z, 1 ) != 0 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (Q->Z.p != NULL && mbedtls_mpi_cmp_int(&Q->Z, 1) != 0) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 ); mbedtls_mpi_init( &T3 ); mbedtls_mpi_init( &T4 ); - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); + mbedtls_mpi_init(&T1); mbedtls_mpi_init(&T2); mbedtls_mpi_init(&T3); mbedtls_mpi_init(&T4); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T1, &P->Z, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T2, &T1, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T1, &T1, &Q->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T2, &T2, &Q->Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T1, &T1, &P->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T2, &T2, &P->Y ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T1, &P->Z, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T2, &T1, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T1, &T1, &Q->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T2, &T2, &Q->Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T1, &T1, &P->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T2, &T2, &P->Y)); /* Special cases (2) and (3) */ - if( mbedtls_mpi_cmp_int( &T1, 0 ) == 0 ) - { - if( mbedtls_mpi_cmp_int( &T2, 0 ) == 0 ) - { - ret = ecp_double_jac( grp, R, P ); + if (mbedtls_mpi_cmp_int(&T1, 0) == 0) { + if (mbedtls_mpi_cmp_int(&T2, 0) == 0) { + ret = ecp_double_jac(grp, R, P); goto cleanup; - } - else - { - ret = mbedtls_ecp_set_zero( R ); + } else { + ret = mbedtls_ecp_set_zero(R); goto cleanup; } } - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &Z, &P->Z, &T1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T3, &T1, &T1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T4, &T3, &T1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T3, &T3, &P->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T1, &T3 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &T1, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &X, &T2, &T2 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &X, &X, &T1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &X, &X, &T4 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T3, &T3, &X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T3, &T3, &T2 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T4, &T4, &P->Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &Y, &T3, &T4 ) ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->X, &X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Y, &Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Z, &Z ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &Z, &P->Z, &T1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T3, &T1, &T1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T4, &T3, &T1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T3, &T3, &P->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&T1, &T3)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &T1, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &X, &T2, &T2)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &X, &X, &T1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &X, &X, &T4)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T3, &T3, &X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T3, &T3, &T2)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T4, &T4, &P->Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &Y, &T3, &T4)); + + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->X, &X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->Y, &Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->Z, &Z)); cleanup: - mbedtls_mpi_free( &T1 ); mbedtls_mpi_free( &T2 ); mbedtls_mpi_free( &T3 ); mbedtls_mpi_free( &T4 ); - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); + mbedtls_mpi_free(&T1); mbedtls_mpi_free(&T2); mbedtls_mpi_free(&T3); mbedtls_mpi_free(&T4); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); - return( ret ); + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_ADD_MIXED_ALT) */ } @@ -1675,42 +1692,44 @@ static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * * This countermeasure was first suggested in [2]. */ -static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int ecp_randomize_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { #if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_randomize_jac( grp, pt, f_rng, p_rng ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_randomize_jac(grp, pt, f_rng, p_rng); + } #endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi l, ll; - mbedtls_mpi_init( &l ); mbedtls_mpi_init( &ll ); + mbedtls_mpi_init(&l); mbedtls_mpi_init(&ll); /* Generate l such that 1 < l < p */ - MBEDTLS_MPI_CHK( mbedtls_mpi_random( &l, 2, &grp->P, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_random(&l, 2, &grp->P, f_rng, p_rng)); /* Z = l * Z */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Z, &pt->Z, &l ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->Z, &pt->Z, &l)); /* X = l^2 * X */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ll, &l, &l ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->X, &pt->X, &ll ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &ll, &l, &l)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->X, &pt->X, &ll)); /* Y = l^3 * Y */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ll, &ll, &l ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Y, &pt->Y, &ll ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &ll, &ll, &l)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->Y, &pt->Y, &ll)); cleanup: - mbedtls_mpi_free( &l ); mbedtls_mpi_free( &ll ); + mbedtls_mpi_free(&l); mbedtls_mpi_free(&ll); - if( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + if (ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; - return( ret ); + } + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) */ } @@ -1722,10 +1741,10 @@ static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *p #endif /* d = ceil( n / w ) */ -#define COMB_MAX_D ( MBEDTLS_ECP_MAX_BITS + 1 ) / 2 +#define COMB_MAX_D (MBEDTLS_ECP_MAX_BITS + 1) / 2 /* number of precomputed points */ -#define COMB_MAX_PRE ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) ) +#define COMB_MAX_PRE (1 << (MBEDTLS_ECP_WINDOW_SIZE - 1)) /* * Compute the representation of m that will be used with our comb method. @@ -1774,32 +1793,33 @@ static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *p * - m is the MPI, expected to be odd and such that bitlength(m) <= w * d * (the result will be incorrect if these assumptions are not satisfied) */ -static void ecp_comb_recode_core( unsigned char x[], size_t d, - unsigned char w, const mbedtls_mpi *m ) +static void ecp_comb_recode_core(unsigned char x[], size_t d, + unsigned char w, const mbedtls_mpi *m) { size_t i, j; unsigned char c, cc, adjust; - memset( x, 0, d+1 ); + memset(x, 0, d+1); /* First get the classical comb values (except for x_d = 0) */ - for( i = 0; i < d; i++ ) - for( j = 0; j < w; j++ ) - x[i] |= mbedtls_mpi_get_bit( m, i + d * j ) << j; + for (i = 0; i < d; i++) { + for (j = 0; j < w; j++) { + x[i] |= mbedtls_mpi_get_bit(m, i + d * j) << j; + } + } /* Now make sure x_1 .. x_d are odd */ c = 0; - for( i = 1; i <= d; i++ ) - { + for (i = 1; i <= d; i++) { /* Add carry and update it */ cc = x[i] & c; x[i] = x[i] ^ c; c = cc; /* Adjust if needed, avoiding branches */ - adjust = 1 - ( x[i] & 0x01 ); - c |= x[i] & ( x[i-1] * adjust ); - x[i] = x[i] ^ ( x[i-1] * adjust ); + adjust = 1 - (x[i] & 0x01); + c |= x[i] & (x[i-1] * adjust); + x[i] = x[i] ^ (x[i-1] * adjust); x[i-1] |= adjust << 7; } } @@ -1838,36 +1858,38 @@ static void ecp_comb_recode_core( unsigned char x[], size_t d, * value, it's useful to set MBEDTLS_ECP_WINDOW_SIZE to a lower value in order * to minimize maximum blocking time. */ -static int ecp_precompute_comb( const mbedtls_ecp_group *grp, - mbedtls_ecp_point T[], const mbedtls_ecp_point *P, - unsigned char w, size_t d, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int ecp_precompute_comb(const mbedtls_ecp_group *grp, + mbedtls_ecp_point T[], const mbedtls_ecp_point *P, + unsigned char w, size_t d, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; size_t j = 0; - const unsigned char T_size = 1U << ( w - 1 ); + const unsigned char T_size = 1U << (w - 1); mbedtls_ecp_point *cur, *TT[COMB_MAX_PRE - 1]; #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) - { - if( rs_ctx->rsm->state == ecp_rsm_pre_dbl ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { + if (rs_ctx->rsm->state == ecp_rsm_pre_dbl) { goto dbl; - if( rs_ctx->rsm->state == ecp_rsm_pre_norm_dbl ) + } + if (rs_ctx->rsm->state == ecp_rsm_pre_norm_dbl) { goto norm_dbl; - if( rs_ctx->rsm->state == ecp_rsm_pre_add ) + } + if (rs_ctx->rsm->state == ecp_rsm_pre_add) { goto add; - if( rs_ctx->rsm->state == ecp_rsm_pre_norm_add ) + } + if (rs_ctx->rsm->state == ecp_rsm_pre_norm_add) { goto norm_add; + } } #else (void) rs_ctx; #endif #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { rs_ctx->rsm->state = ecp_rsm_pre_dbl; /* initial state for the loop */ @@ -1880,31 +1902,32 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, * Set T[0] = P and * T[2^{l-1}] = 2^{dl} P for l = 1 .. w-1 (this is not the final value) */ - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &T[0], P ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(&T[0], P)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0 ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0) { j = rs_ctx->rsm->i; - else + } else #endif - j = 0; + j = 0; - for( ; j < d * ( w - 1 ); j++ ) - { - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_DBL ); + for (; j < d * (w - 1); j++) { + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_DBL); - i = 1U << ( j / d ); + i = 1U << (j / d); cur = T + i; - if( j % d == 0 ) - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( cur, T + ( i >> 1 ) ) ); + if (j % d == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(cur, T + (i >> 1))); + } - MBEDTLS_MPI_CHK( ecp_double_jac( grp, cur, cur ) ); + MBEDTLS_MPI_CHK(ecp_double_jac(grp, cur, cur)); } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { rs_ctx->rsm->state = ecp_rsm_pre_norm_dbl; + } norm_dbl: #endif @@ -1913,16 +1936,18 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, * use an auxiliary array of pointers to elements in T. */ j = 0; - for( i = 1; i < T_size; i <<= 1 ) + for (i = 1; i < T_size; i <<= 1) { TT[j++] = T + i; + } - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV + 6 * j - 2 ); + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_INV + 6 * j - 2); - MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, j ) ); + MBEDTLS_MPI_CHK(ecp_normalize_jac_many(grp, TT, j)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { rs_ctx->rsm->state = ecp_rsm_pre_add; + } add: #endif @@ -1930,18 +1955,19 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, * Compute the remaining ones using the minimal number of additions * Be careful to update T[2^l] only after using it! */ - MBEDTLS_ECP_BUDGET( ( T_size - 1 ) * MBEDTLS_ECP_OPS_ADD ); + MBEDTLS_ECP_BUDGET((T_size - 1) * MBEDTLS_ECP_OPS_ADD); - for( i = 1; i < T_size; i <<= 1 ) - { + for (i = 1; i < T_size; i <<= 1) { j = i; - while( j-- ) - MBEDTLS_MPI_CHK( ecp_add_mixed( grp, &T[i + j], &T[j], &T[i] ) ); + while (j--) { + MBEDTLS_MPI_CHK(ecp_add_mixed(grp, &T[i + j], &T[j], &T[i])); + } } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { rs_ctx->rsm->state = ecp_rsm_pre_norm_add; + } norm_add: #endif @@ -1950,24 +1976,25 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, * still need the auxiliary array for homogeneity with the previous * call. Also, skip T[0] which is already normalised, being a copy of P. */ - for( j = 0; j + 1 < T_size; j++ ) + for (j = 0; j + 1 < T_size; j++) { TT[j] = T + j + 1; + } - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV + 6 * j - 2 ); + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_INV + 6 * j - 2); - MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, j ) ); + MBEDTLS_MPI_CHK(ecp_normalize_jac_many(grp, TT, j)); cleanup: #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL && - ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { - if( rs_ctx->rsm->state == ecp_rsm_pre_dbl ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL && + ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { + if (rs_ctx->rsm->state == ecp_rsm_pre_dbl) { rs_ctx->rsm->i = j; + } } #endif - return( ret ); + return ret; } /* @@ -1975,28 +2002,27 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, * * See ecp_comb_recode_core() for background */ -static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_ecp_point T[], unsigned char T_size, - unsigned char i ) +static int ecp_select_comb(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point T[], unsigned char T_size, + unsigned char i) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char ii, j; /* Ignore the "sign" bit and scale down */ - ii = ( i & 0x7Fu ) >> 1; + ii = (i & 0x7Fu) >> 1; /* Read the whole table to thwart cache-based timing attacks */ - for( j = 0; j < T_size; j++ ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->X, &T[j].X, j == ii ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->Y, &T[j].Y, j == ii ) ); + for (j = 0; j < T_size; j++) { + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(&R->X, &T[j].X, j == ii)); + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(&R->Y, &T[j].Y, j == ii)); } /* Safely invert result if i is "negative" */ - MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, R, i >> 7 ) ); + MBEDTLS_MPI_CHK(ecp_safe_invert_jac(grp, R, i >> 7)); cleanup: - return( ret ); + return ret; } /* @@ -2005,78 +2031,75 @@ static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * * Cost: d A + d D + 1 R */ -static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_ecp_point T[], unsigned char T_size, - const unsigned char x[], size_t d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int ecp_mul_comb_core(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point T[], unsigned char T_size, + const unsigned char x[], size_t d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point Txi; size_t i; - mbedtls_ecp_point_init( &Txi ); + mbedtls_ecp_point_init(&Txi); #if !defined(MBEDTLS_ECP_RESTARTABLE) (void) rs_ctx; #endif #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL && - rs_ctx->rsm->state != ecp_rsm_comb_core ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL && + rs_ctx->rsm->state != ecp_rsm_comb_core) { rs_ctx->rsm->i = 0; rs_ctx->rsm->state = ecp_rsm_comb_core; } /* new 'if' instead of nested for the sake of the 'else' branch */ - if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0 ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0) { /* restore current index (R already pointing to rs_ctx->rsm->R) */ i = rs_ctx->rsm->i; - } - else + } else #endif { /* Start with a non-zero point and randomize its coordinates */ i = d; - MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, T_size, x[i] ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) ); + MBEDTLS_MPI_CHK(ecp_select_comb(grp, R, T, T_size, x[i])); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&R->Z, 1)); int have_rng = 1; #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng == NULL ) + if (f_rng == NULL) { have_rng = 0; + } #endif - if( have_rng ) - MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) ); + if (have_rng) { + MBEDTLS_MPI_CHK(ecp_randomize_jac(grp, R, f_rng, p_rng)); + } } - while( i != 0 ) - { - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_DBL + MBEDTLS_ECP_OPS_ADD ); + while (i != 0) { + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_DBL + MBEDTLS_ECP_OPS_ADD); --i; - MBEDTLS_MPI_CHK( ecp_double_jac( grp, R, R ) ); - MBEDTLS_MPI_CHK( ecp_select_comb( grp, &Txi, T, T_size, x[i] ) ); - MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, R, &Txi ) ); + MBEDTLS_MPI_CHK(ecp_double_jac(grp, R, R)); + MBEDTLS_MPI_CHK(ecp_select_comb(grp, &Txi, T, T_size, x[i])); + MBEDTLS_MPI_CHK(ecp_add_mixed(grp, R, R, &Txi)); } cleanup: - mbedtls_ecp_point_free( &Txi ); + mbedtls_ecp_point_free(&Txi); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL && - ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL && + ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { rs_ctx->rsm->i = i; /* no need to save R, already pointing to rs_ctx->rsm->R */ } #endif - return( ret ); + return ret; } /* @@ -2091,39 +2114,40 @@ static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R * * See ecp_comb_recode_core() for background. */ -static int ecp_comb_recode_scalar( const mbedtls_ecp_group *grp, - const mbedtls_mpi *m, - unsigned char k[COMB_MAX_D + 1], - size_t d, - unsigned char w, - unsigned char *parity_trick ) +static int ecp_comb_recode_scalar(const mbedtls_ecp_group *grp, + const mbedtls_mpi *m, + unsigned char k[COMB_MAX_D + 1], + size_t d, + unsigned char w, + unsigned char *parity_trick) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi M, mm; - mbedtls_mpi_init( &M ); - mbedtls_mpi_init( &mm ); + mbedtls_mpi_init(&M); + mbedtls_mpi_init(&mm); /* N is always odd (see above), just make extra sure */ - if( mbedtls_mpi_get_bit( &grp->N, 0 ) != 1 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (mbedtls_mpi_get_bit(&grp->N, 0) != 1) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* do we need the parity trick? */ - *parity_trick = ( mbedtls_mpi_get_bit( m, 0 ) == 0 ); + *parity_trick = (mbedtls_mpi_get_bit(m, 0) == 0); /* execute parity fix in constant time */ - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &M, m ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mm, &grp->N, m ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &M, &mm, *parity_trick ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&M, m)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&mm, &grp->N, m)); + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(&M, &mm, *parity_trick)); /* actual scalar recoding */ - ecp_comb_recode_core( k, d, w, &M ); + ecp_comb_recode_core(k, d, w, &M); cleanup: - mbedtls_mpi_free( &mm ); - mbedtls_mpi_free( &M ); + mbedtls_mpi_free(&mm); + mbedtls_mpi_free(&M); - return( ret ); + return ret; } /* @@ -2133,16 +2157,16 @@ static int ecp_comb_recode_scalar( const mbedtls_ecp_group *grp, * Scalar recoding may use a parity trick that makes us compute -m * P, * if that is the case we'll need to recover m * P at the end. */ -static int ecp_mul_comb_after_precomp( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, - const mbedtls_mpi *m, - const mbedtls_ecp_point *T, - unsigned char T_size, - unsigned char w, - size_t d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int ecp_mul_comb_after_precomp(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, + const mbedtls_mpi *m, + const mbedtls_ecp_point *T, + unsigned char T_size, + unsigned char w, + size_t d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char parity_trick; @@ -2150,27 +2174,28 @@ static int ecp_mul_comb_after_precomp( const mbedtls_ecp_group *grp, mbedtls_ecp_point *RR = R; #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { RR = &rs_ctx->rsm->R; - if( rs_ctx->rsm->state == ecp_rsm_final_norm ) + if (rs_ctx->rsm->state == ecp_rsm_final_norm) { goto final_norm; + } } #endif - MBEDTLS_MPI_CHK( ecp_comb_recode_scalar( grp, m, k, d, w, - &parity_trick ) ); - MBEDTLS_MPI_CHK( ecp_mul_comb_core( grp, RR, T, T_size, k, d, - f_rng, p_rng, rs_ctx ) ); - MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, RR, parity_trick ) ); + MBEDTLS_MPI_CHK(ecp_comb_recode_scalar(grp, m, k, d, w, + &parity_trick)); + MBEDTLS_MPI_CHK(ecp_mul_comb_core(grp, RR, T, T_size, k, d, + f_rng, p_rng, rs_ctx)); + MBEDTLS_MPI_CHK(ecp_safe_invert_jac(grp, RR, parity_trick)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { rs_ctx->rsm->state = ecp_rsm_final_norm; + } final_norm: - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV ); + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_INV); #endif /* * Knowledge of the jacobian coordinates may leak the last few bits of the @@ -2185,28 +2210,31 @@ static int ecp_mul_comb_after_precomp( const mbedtls_ecp_group *grp, */ int have_rng = 1; #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng == NULL ) + if (f_rng == NULL) { have_rng = 0; + } #endif - if( have_rng ) - MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, RR, f_rng, p_rng ) ); + if (have_rng) { + MBEDTLS_MPI_CHK(ecp_randomize_jac(grp, RR, f_rng, p_rng)); + } - MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, RR ) ); + MBEDTLS_MPI_CHK(ecp_normalize_jac(grp, RR)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, RR ) ); + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(R, RR)); + } #endif cleanup: - return( ret ); + return ret; } /* * Pick window size based on curve size and whether we optimize for base point */ -static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp, - unsigned char p_eq_g ) +static unsigned char ecp_pick_window_size(const mbedtls_ecp_group *grp, + unsigned char p_eq_g) { unsigned char w; @@ -2222,21 +2250,24 @@ static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp, * Just adding one avoids upping the cost of the first mul too much, * and the memory cost too. */ - if( p_eq_g ) + if (p_eq_g) { w++; + } /* * Make sure w is within bounds. * (The last test is useful only for very small curves in the test suite.) */ -#if( MBEDTLS_ECP_WINDOW_SIZE < 6 ) - if( w > MBEDTLS_ECP_WINDOW_SIZE ) +#if (MBEDTLS_ECP_WINDOW_SIZE < 6) + if (w > MBEDTLS_ECP_WINDOW_SIZE) { w = MBEDTLS_ECP_WINDOW_SIZE; + } #endif - if( w >= grp->nbits ) + if (w >= grp->nbits) { w = 2; + } - return( w ); + return w; } /* @@ -2252,11 +2283,11 @@ static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp, * * See comments on ecp_comb_recode_core() regarding the computation strategy. */ -static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int ecp_mul_comb(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char w, p_eq_g, i; @@ -2266,64 +2297,61 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) ecp_drbg_context drbg_ctx; - ecp_drbg_init( &drbg_ctx ); + ecp_drbg_init(&drbg_ctx); #endif - ECP_RS_ENTER( rsm ); + ECP_RS_ENTER(rsm); #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng == NULL ) - { + if (f_rng == NULL) { /* Adjust pointers */ f_rng = &ecp_drbg_random; #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { p_rng = &rs_ctx->rsm->drbg_ctx; - else + } else #endif - p_rng = &drbg_ctx; + p_rng = &drbg_ctx; /* Initialize internal DRBG if necessary */ #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx == NULL || rs_ctx->rsm == NULL || - rs_ctx->rsm->drbg_seeded == 0 ) + if (rs_ctx == NULL || rs_ctx->rsm == NULL || + rs_ctx->rsm->drbg_seeded == 0) #endif { - const size_t m_len = ( grp->nbits + 7 ) / 8; - MBEDTLS_MPI_CHK( ecp_drbg_seed( p_rng, m, m_len ) ); + const size_t m_len = (grp->nbits + 7) / 8; + MBEDTLS_MPI_CHK(ecp_drbg_seed(p_rng, m, m_len)); } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { rs_ctx->rsm->drbg_seeded = 1; + } #endif } #endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */ /* Is P the base point ? */ #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 - p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 && - mbedtls_mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 ); + p_eq_g = (mbedtls_mpi_cmp_mpi(&P->Y, &grp->G.Y) == 0 && + mbedtls_mpi_cmp_mpi(&P->X, &grp->G.X) == 0); #else p_eq_g = 0; #endif /* Pick window size and deduce related sizes */ - w = ecp_pick_window_size( grp, p_eq_g ); - T_size = 1U << ( w - 1 ); - d = ( grp->nbits + w - 1 ) / w; + w = ecp_pick_window_size(grp, p_eq_g); + T_size = 1U << (w - 1); + d = (grp->nbits + w - 1) / w; /* Pre-computed table: do we have it already for the base point? */ - if( p_eq_g && grp->T != NULL ) - { + if (p_eq_g && grp->T != NULL) { /* second pointer to the same table, will be deleted on exit */ T = grp->T; T_ok = 1; - } - else + } else #if defined(MBEDTLS_ECP_RESTARTABLE) /* Pre-computed table: do we have one in progress? complete? */ - if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->T != NULL ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->T != NULL) { /* transfer ownership of T from rsm to local function */ T = rs_ctx->rsm->T; rs_ctx->rsm->T = NULL; @@ -2331,31 +2359,28 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, /* This effectively jumps to the call to mul_comb_after_precomp() */ T_ok = rs_ctx->rsm->state >= ecp_rsm_comb_core; - } - else + } else #endif /* Allocate table if we didn't have any */ { - T = mbedtls_calloc( T_size, sizeof( mbedtls_ecp_point ) ); - if( T == NULL ) - { + T = mbedtls_calloc(T_size, sizeof(mbedtls_ecp_point)); + if (T == NULL) { ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; goto cleanup; } - for( i = 0; i < T_size; i++ ) - mbedtls_ecp_point_init( &T[i] ); + for (i = 0; i < T_size; i++) { + mbedtls_ecp_point_init(&T[i]); + } T_ok = 0; } /* Compute table (or finish computing it) if not done already */ - if( !T_ok ) - { - MBEDTLS_MPI_CHK( ecp_precompute_comb( grp, T, P, w, d, rs_ctx ) ); + if (!T_ok) { + MBEDTLS_MPI_CHK(ecp_precompute_comb(grp, T, P, w, d, rs_ctx)); - if( p_eq_g ) - { + if (p_eq_g) { /* almost transfer ownership of T to the group, but keep a copy of * the pointer to use for calling the next function more easily */ grp->T = T; @@ -2364,24 +2389,24 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, } /* Actual comb multiplication using precomputed points */ - MBEDTLS_MPI_CHK( ecp_mul_comb_after_precomp( grp, R, m, - T, T_size, w, d, - f_rng, p_rng, rs_ctx ) ); + MBEDTLS_MPI_CHK(ecp_mul_comb_after_precomp(grp, R, m, + T, T_size, w, d, + f_rng, p_rng, rs_ctx)); cleanup: #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_free( &drbg_ctx ); + ecp_drbg_free(&drbg_ctx); #endif /* does T belong to the group? */ - if( T == grp->T ) + if (T == grp->T) { T = NULL; + } /* does T belong to the restart context? */ #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS && T != NULL ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS && T != NULL) { /* transfer ownership of T from local function to rsm */ rs_ctx->rsm->T_size = T_size; rs_ctx->rsm->T = T; @@ -2390,26 +2415,28 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #endif /* did T belong to us? then let's destroy it! */ - if( T != NULL ) - { - for( i = 0; i < T_size; i++ ) - mbedtls_ecp_point_free( &T[i] ); - mbedtls_free( T ); + if (T != NULL) { + for (i = 0; i < T_size; i++) { + mbedtls_ecp_point_free(&T[i]); + } + mbedtls_free(T); } /* prevent caller from using invalid value */ - int should_free_R = ( ret != 0 ); + int should_free_R = (ret != 0); #if defined(MBEDTLS_ECP_RESTARTABLE) /* don't free R while in progress in case R == P */ - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { should_free_R = 0; + } #endif - if( should_free_R ) - mbedtls_ecp_point_free( R ); + if (should_free_R) { + mbedtls_ecp_point_free(R); + } - ECP_RS_LEAVE( rsm ); + ECP_RS_LEAVE(rsm); - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ @@ -2427,23 +2454,24 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * Normalize Montgomery x/z coordinates: X = X/Z, Z = 1 * Cost: 1M + 1I */ -static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P ) +static int ecp_normalize_mxz(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P) { #if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_normalize_mxz( grp, P ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_normalize_mxz(grp, P); + } #endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &P->Z, &P->Z, &grp->P ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->X, &P->X, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &P->Z, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&P->Z, &P->Z, &grp->P)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &P->X, &P->X, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&P->Z, 1)); cleanup: - return( ret ); + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) */ } @@ -2455,33 +2483,35 @@ static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P * This countermeasure was first suggested in [2]. * Cost: 2M */ -static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int ecp_randomize_mxz(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { #if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_randomize_mxz(grp, P, f_rng, p_rng); + } #endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi l; - mbedtls_mpi_init( &l ); + mbedtls_mpi_init(&l); /* Generate l such that 1 < l < p */ - MBEDTLS_MPI_CHK( mbedtls_mpi_random( &l, 2, &grp->P, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_random(&l, 2, &grp->P, f_rng, p_rng)); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->X, &P->X, &l ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->Z, &P->Z, &l ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &P->X, &P->X, &l)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &P->Z, &P->Z, &l)); cleanup: - mbedtls_mpi_free( &l ); + mbedtls_mpi_free(&l); - if( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + if (ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; - return( ret ); + } + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) */ } @@ -2500,51 +2530,52 @@ static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P * * Cost: 5M + 4S */ -static int ecp_double_add_mxz( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, mbedtls_ecp_point *S, - const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q, - const mbedtls_mpi *d ) +static int ecp_double_add_mxz(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, mbedtls_ecp_point *S, + const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q, + const mbedtls_mpi *d) { #if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_double_add_mxz( grp, R, S, P, Q, d ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_double_add_mxz(grp, R, S, P, Q, d); + } #endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi A, AA, B, BB, E, C, D, DA, CB; - mbedtls_mpi_init( &A ); mbedtls_mpi_init( &AA ); mbedtls_mpi_init( &B ); - mbedtls_mpi_init( &BB ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &C ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &DA ); mbedtls_mpi_init( &CB ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &A, &P->X, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &AA, &A, &A ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &B, &P->X, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &BB, &B, &B ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &E, &AA, &BB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &C, &Q->X, &Q->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &D, &Q->X, &Q->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &DA, &D, &A ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &CB, &C, &B ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &S->X, &DA, &CB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S->X, &S->X, &S->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &S->Z, &DA, &CB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S->Z, &S->Z, &S->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S->Z, d, &S->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &R->X, &AA, &BB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &R->Z, &grp->A, &E ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &R->Z, &BB, &R->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &R->Z, &E, &R->Z ) ); + mbedtls_mpi_init(&A); mbedtls_mpi_init(&AA); mbedtls_mpi_init(&B); + mbedtls_mpi_init(&BB); mbedtls_mpi_init(&E); mbedtls_mpi_init(&C); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&DA); mbedtls_mpi_init(&CB); + + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &A, &P->X, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &AA, &A, &A)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &B, &P->X, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &BB, &B, &B)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &E, &AA, &BB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &C, &Q->X, &Q->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &D, &Q->X, &Q->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &DA, &D, &A)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &CB, &C, &B)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &S->X, &DA, &CB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S->X, &S->X, &S->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &S->Z, &DA, &CB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S->Z, &S->Z, &S->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S->Z, d, &S->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &R->X, &AA, &BB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &R->Z, &grp->A, &E)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &R->Z, &BB, &R->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &R->Z, &E, &R->Z)); cleanup: - mbedtls_mpi_free( &A ); mbedtls_mpi_free( &AA ); mbedtls_mpi_free( &B ); - mbedtls_mpi_free( &BB ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &C ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &DA ); mbedtls_mpi_free( &CB ); + mbedtls_mpi_free(&A); mbedtls_mpi_free(&AA); mbedtls_mpi_free(&B); + mbedtls_mpi_free(&BB); mbedtls_mpi_free(&E); mbedtls_mpi_free(&C); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&DA); mbedtls_mpi_free(&CB); - return( ret ); + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) */ } @@ -2552,10 +2583,10 @@ static int ecp_double_add_mxz( const mbedtls_ecp_group *grp, * Multiplication with Montgomery ladder in x/z coordinates, * for curves in Montgomery form */ -static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int ecp_mul_mxz(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; @@ -2565,46 +2596,46 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) ecp_drbg_context drbg_ctx; - ecp_drbg_init( &drbg_ctx ); + ecp_drbg_init(&drbg_ctx); #endif - mbedtls_ecp_point_init( &RP ); mbedtls_mpi_init( &PX ); + mbedtls_ecp_point_init(&RP); mbedtls_mpi_init(&PX); #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng == NULL ) - { - const size_t m_len = ( grp->nbits + 7 ) / 8; - MBEDTLS_MPI_CHK( ecp_drbg_seed( &drbg_ctx, m, m_len ) ); + if (f_rng == NULL) { + const size_t m_len = (grp->nbits + 7) / 8; + MBEDTLS_MPI_CHK(ecp_drbg_seed(&drbg_ctx, m, m_len)); f_rng = &ecp_drbg_random; p_rng = &drbg_ctx; } #endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */ /* Save PX and read from P before writing to R, in case P == R */ - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &PX, &P->X ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &RP, P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&PX, &P->X)); + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(&RP, P)); /* Set R to zero in modified x/z coordinates */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->X, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 0 ) ); - mbedtls_mpi_free( &R->Y ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&R->X, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&R->Z, 0)); + mbedtls_mpi_free(&R->Y); /* RP.X might be slightly larger than P, so reduce it */ - MOD_ADD( RP.X ); + MOD_ADD(RP.X); /* Randomize coordinates of the starting point */ int have_rng = 1; #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng == NULL ) + if (f_rng == NULL) { have_rng = 0; + } #endif - if( have_rng ) - MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) ); + if (have_rng) { + MBEDTLS_MPI_CHK(ecp_randomize_mxz(grp, &RP, f_rng, p_rng)); + } /* Loop invariant: R = result so far, RP = R + P */ i = grp->nbits + 1; /* one past the (zero-based) required msb for private keys */ - while( i-- > 0 ) - { - b = mbedtls_mpi_get_bit( m, i ); + while (i-- > 0) { + b = mbedtls_mpi_get_bit(m, i); /* * if (b) R = 2R + P else R = 2R, * which is: @@ -2612,11 +2643,11 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * else double_add( R, RP, R, RP ) * but using safe conditional swaps to avoid leaks */ - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->X, &RP.X, b ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->Z, &RP.Z, b ) ); - MBEDTLS_MPI_CHK( ecp_double_add_mxz( grp, R, &RP, R, &RP, &PX ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->X, &RP.X, b ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->Z, &RP.Z, b ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_swap(&R->X, &RP.X, b)); + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_swap(&R->Z, &RP.Z, b)); + MBEDTLS_MPI_CHK(ecp_double_add_mxz(grp, R, &RP, R, &RP, &PX)); + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_swap(&R->X, &RP.X, b)); + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_swap(&R->Z, &RP.Z, b)); } /* @@ -2632,22 +2663,24 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, */ have_rng = 1; #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng == NULL ) + if (f_rng == NULL) { have_rng = 0; + } #endif - if( have_rng ) - MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) ); + if (have_rng) { + MBEDTLS_MPI_CHK(ecp_randomize_mxz(grp, R, f_rng, p_rng)); + } - MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) ); + MBEDTLS_MPI_CHK(ecp_normalize_mxz(grp, R)); cleanup: #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_free( &drbg_ctx ); + ecp_drbg_free(&drbg_ctx); #endif - mbedtls_ecp_point_free( &RP ); mbedtls_mpi_free( &PX ); + mbedtls_ecp_point_free(&RP); mbedtls_mpi_free(&PX); - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ @@ -2655,85 +2688,90 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, /* * Restartable multiplication R = m * P */ -int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ) +int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; #if defined(MBEDTLS_ECP_INTERNAL_ALT) char is_grp_capable = 0; #endif - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( R != NULL ); - ECP_VALIDATE_RET( m != NULL ); - ECP_VALIDATE_RET( P != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(R != NULL); + ECP_VALIDATE_RET(m != NULL); + ECP_VALIDATE_RET(P != NULL); #if defined(MBEDTLS_ECP_RESTARTABLE) /* reset ops count for this call if top-level */ - if( rs_ctx != NULL && rs_ctx->depth++ == 0 ) + if (rs_ctx != NULL && rs_ctx->depth++ == 0) { rs_ctx->ops_done = 0; + } #else (void) rs_ctx; #endif #if defined(MBEDTLS_ECP_INTERNAL_ALT) - if( ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) ) ) - MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) ); + if ((is_grp_capable = mbedtls_internal_ecp_grp_capable(grp))) { + MBEDTLS_MPI_CHK(mbedtls_internal_ecp_init(grp)); + } #endif /* MBEDTLS_ECP_INTERNAL_ALT */ int restarting = 0; #if defined(MBEDTLS_ECP_RESTARTABLE) - restarting = ( rs_ctx != NULL && rs_ctx->rsm != NULL ); + restarting = (rs_ctx != NULL && rs_ctx->rsm != NULL); #endif /* skip argument check when restarting */ - if( !restarting ) - { + if (!restarting) { /* check_privkey is free */ - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_CHK ); + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_CHK); /* Common sanity checks */ - MBEDTLS_MPI_CHK( mbedtls_ecp_check_privkey( grp, m ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, P ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(grp, m)); + MBEDTLS_MPI_CHK(mbedtls_ecp_check_pubkey(grp, P)); } ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - MBEDTLS_MPI_CHK( ecp_mul_mxz( grp, R, m, P, f_rng, p_rng ) ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + MBEDTLS_MPI_CHK(ecp_mul_mxz(grp, R, m, P, f_rng, p_rng)); + } #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - MBEDTLS_MPI_CHK( ecp_mul_comb( grp, R, m, P, f_rng, p_rng, rs_ctx ) ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + MBEDTLS_MPI_CHK(ecp_mul_comb(grp, R, m, P, f_rng, p_rng, rs_ctx)); + } #endif cleanup: #if defined(MBEDTLS_ECP_INTERNAL_ALT) - if( is_grp_capable ) - mbedtls_internal_ecp_free( grp ); + if (is_grp_capable) { + mbedtls_internal_ecp_free(grp); + } #endif /* MBEDTLS_ECP_INTERNAL_ALT */ #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL ) + if (rs_ctx != NULL) { rs_ctx->depth--; + } #endif - return( ret ); + return ret; } /* * Multiplication R = m * P */ -int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( R != NULL ); - ECP_VALIDATE_RET( m != NULL ); - ECP_VALIDATE_RET( P != NULL ); - return( mbedtls_ecp_mul_restartable( grp, R, m, P, f_rng, p_rng, NULL ) ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(R != NULL); + ECP_VALIDATE_RET(m != NULL); + ECP_VALIDATE_RET(P != NULL); + return mbedtls_ecp_mul_restartable(grp, R, m, P, f_rng, p_rng, NULL); } #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) @@ -2741,48 +2779,47 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * Check that an affine point is valid as a public key, * short weierstrass curves (SEC1 3.2.3.1) */ -static int ecp_check_pubkey_sw( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) +static int ecp_check_pubkey_sw(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi YY, RHS; /* pt coordinates must be normalized for our checks */ - if( mbedtls_mpi_cmp_int( &pt->X, 0 ) < 0 || - mbedtls_mpi_cmp_int( &pt->Y, 0 ) < 0 || - mbedtls_mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 || - mbedtls_mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (mbedtls_mpi_cmp_int(&pt->X, 0) < 0 || + mbedtls_mpi_cmp_int(&pt->Y, 0) < 0 || + mbedtls_mpi_cmp_mpi(&pt->X, &grp->P) >= 0 || + mbedtls_mpi_cmp_mpi(&pt->Y, &grp->P) >= 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } - mbedtls_mpi_init( &YY ); mbedtls_mpi_init( &RHS ); + mbedtls_mpi_init(&YY); mbedtls_mpi_init(&RHS); /* * YY = Y^2 * RHS = X (X^2 + A) + B = X^3 + A X + B */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &YY, &pt->Y, &pt->Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &RHS, &pt->X, &pt->X ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &YY, &pt->Y, &pt->Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &RHS, &pt->X, &pt->X)); /* Special case for A = -3 */ - if( grp->A.p == NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &RHS, &RHS, 3 ) ); MOD_SUB( RHS ); - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &RHS, &RHS, &grp->A ) ); + if (grp->A.p == NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&RHS, &RHS, 3)); MOD_SUB(RHS); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &RHS, &RHS, &grp->A)); } - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &RHS, &RHS, &pt->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &RHS, &RHS, &grp->B ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &RHS, &RHS, &pt->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &RHS, &RHS, &grp->B)); - if( mbedtls_mpi_cmp_mpi( &YY, &RHS ) != 0 ) + if (mbedtls_mpi_cmp_mpi(&YY, &RHS) != 0) { ret = MBEDTLS_ERR_ECP_INVALID_KEY; + } cleanup: - mbedtls_mpi_free( &YY ); mbedtls_mpi_free( &RHS ); + mbedtls_mpi_free(&YY); mbedtls_mpi_free(&RHS); - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ @@ -2791,39 +2828,33 @@ static int ecp_check_pubkey_sw( const mbedtls_ecp_group *grp, const mbedtls_ecp_ * R = m * P with shortcuts for m == 0, m == 1 and m == -1 * NOT constant-time - ONLY for short Weierstrass! */ -static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, - const mbedtls_mpi *m, - const mbedtls_ecp_point *P, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int mbedtls_ecp_mul_shortcuts(mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, + const mbedtls_mpi *m, + const mbedtls_ecp_point *P, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( mbedtls_mpi_cmp_int( m, 0 ) == 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, P ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_set_zero( R ) ); - } - else if( mbedtls_mpi_cmp_int( m, 1 ) == 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, P ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, P ) ); - } - else if( mbedtls_mpi_cmp_int( m, -1 ) == 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, P ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, P ) ); - if( mbedtls_mpi_cmp_int( &R->Y, 0 ) != 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &R->Y, &grp->P, &R->Y ) ); - } - else - { - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, R, m, P, - NULL, NULL, rs_ctx ) ); + if (mbedtls_mpi_cmp_int(m, 0) == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecp_check_pubkey(grp, P)); + MBEDTLS_MPI_CHK(mbedtls_ecp_set_zero(R)); + } else if (mbedtls_mpi_cmp_int(m, 1) == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecp_check_pubkey(grp, P)); + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(R, P)); + } else if (mbedtls_mpi_cmp_int(m, -1) == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecp_check_pubkey(grp, P)); + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(R, P)); + if (mbedtls_mpi_cmp_int(&R->Y, 0) != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&R->Y, &grp->P, &R->Y)); + } + } else { + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, R, m, P, + NULL, NULL, rs_ctx)); } cleanup: - return( ret ); + return ret; } /* @@ -2831,10 +2862,10 @@ static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp, * NOT constant-time */ int mbedtls_ecp_muladd_restartable( - mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - const mbedtls_mpi *n, const mbedtls_ecp_point *Q, - mbedtls_ecp_restart_ctx *rs_ctx ) + mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + const mbedtls_mpi *n, const mbedtls_ecp_point *Q, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point mP; @@ -2843,107 +2874,116 @@ int mbedtls_ecp_muladd_restartable( #if defined(MBEDTLS_ECP_INTERNAL_ALT) char is_grp_capable = 0; #endif - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( R != NULL ); - ECP_VALIDATE_RET( m != NULL ); - ECP_VALIDATE_RET( P != NULL ); - ECP_VALIDATE_RET( n != NULL ); - ECP_VALIDATE_RET( Q != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(R != NULL); + ECP_VALIDATE_RET(m != NULL); + ECP_VALIDATE_RET(P != NULL); + ECP_VALIDATE_RET(n != NULL); + ECP_VALIDATE_RET(Q != NULL); - if( mbedtls_ecp_get_type( grp ) != MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + if (mbedtls_ecp_get_type(grp) != MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } - mbedtls_ecp_point_init( &mP ); + mbedtls_ecp_point_init(&mP); - ECP_RS_ENTER( ma ); + ECP_RS_ENTER(ma); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ma != NULL ) - { + if (rs_ctx != NULL && rs_ctx->ma != NULL) { /* redirect intermediate results to restart context */ pmP = &rs_ctx->ma->mP; pR = &rs_ctx->ma->R; /* jump to next operation */ - if( rs_ctx->ma->state == ecp_rsma_mul2 ) + if (rs_ctx->ma->state == ecp_rsma_mul2) { goto mul2; - if( rs_ctx->ma->state == ecp_rsma_add ) + } + if (rs_ctx->ma->state == ecp_rsma_add) { goto add; - if( rs_ctx->ma->state == ecp_rsma_norm ) + } + if (rs_ctx->ma->state == ecp_rsma_norm) { goto norm; + } } #endif /* MBEDTLS_ECP_RESTARTABLE */ - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, pmP, m, P, rs_ctx ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_shortcuts(grp, pmP, m, P, rs_ctx)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ma != NULL ) + if (rs_ctx != NULL && rs_ctx->ma != NULL) { rs_ctx->ma->state = ecp_rsma_mul2; + } mul2: #endif - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, pR, n, Q, rs_ctx ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_shortcuts(grp, pR, n, Q, rs_ctx)); #if defined(MBEDTLS_ECP_INTERNAL_ALT) - if( ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) ) ) - MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) ); + if ((is_grp_capable = mbedtls_internal_ecp_grp_capable(grp))) { + MBEDTLS_MPI_CHK(mbedtls_internal_ecp_init(grp)); + } #endif /* MBEDTLS_ECP_INTERNAL_ALT */ #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ma != NULL ) + if (rs_ctx != NULL && rs_ctx->ma != NULL) { rs_ctx->ma->state = ecp_rsma_add; + } add: #endif - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_ADD ); - MBEDTLS_MPI_CHK( ecp_add_mixed( grp, pR, pmP, pR ) ); + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_ADD); + MBEDTLS_MPI_CHK(ecp_add_mixed(grp, pR, pmP, pR)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ma != NULL ) + if (rs_ctx != NULL && rs_ctx->ma != NULL) { rs_ctx->ma->state = ecp_rsma_norm; + } norm: #endif - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV ); - MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, pR ) ); + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_INV); + MBEDTLS_MPI_CHK(ecp_normalize_jac(grp, pR)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ma != NULL ) - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, pR ) ); + if (rs_ctx != NULL && rs_ctx->ma != NULL) { + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(R, pR)); + } #endif cleanup: #if defined(MBEDTLS_ECP_INTERNAL_ALT) - if( is_grp_capable ) - mbedtls_internal_ecp_free( grp ); + if (is_grp_capable) { + mbedtls_internal_ecp_free(grp); + } #endif /* MBEDTLS_ECP_INTERNAL_ALT */ - mbedtls_ecp_point_free( &mP ); + mbedtls_ecp_point_free(&mP); - ECP_RS_LEAVE( ma ); + ECP_RS_LEAVE(ma); - return( ret ); + return ret; } /* * Linear combination * NOT constant-time */ -int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - const mbedtls_mpi *n, const mbedtls_ecp_point *Q ) +int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + const mbedtls_mpi *n, const mbedtls_ecp_point *Q) { - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( R != NULL ); - ECP_VALIDATE_RET( m != NULL ); - ECP_VALIDATE_RET( P != NULL ); - ECP_VALIDATE_RET( n != NULL ); - ECP_VALIDATE_RET( Q != NULL ); - return( mbedtls_ecp_muladd_restartable( grp, R, m, P, n, Q, NULL ) ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(R != NULL); + ECP_VALIDATE_RET(m != NULL); + ECP_VALIDATE_RET(P != NULL); + ECP_VALIDATE_RET(n != NULL); + ECP_VALIDATE_RET(Q != NULL); + return mbedtls_ecp_muladd_restartable(grp, R, m, P, n, Q, NULL); } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) -#define ECP_MPI_INIT(s, n, p) {s, (n), (mbedtls_mpi_uint *)(p)} +#define ECP_MPI_INIT(s, n, p) { s, (n), (mbedtls_mpi_uint *) (p) } #define ECP_MPI_INIT_ARRAY(x) \ ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x) /* @@ -2952,21 +2992,21 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * See ecp_check_pubkey_x25519(). */ static const mbedtls_mpi_uint x25519_bad_point_1[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a), + MBEDTLS_BYTES_TO_T_UINT_8(0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00), }; static const mbedtls_mpi_uint x25519_bad_point_2[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24), + MBEDTLS_BYTES_TO_T_UINT_8(0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86), + MBEDTLS_BYTES_TO_T_UINT_8(0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57), }; static const mbedtls_mpi ecp_x25519_bad_point_1 = ECP_MPI_INIT_ARRAY( - x25519_bad_point_1 ); + x25519_bad_point_1); static const mbedtls_mpi ecp_x25519_bad_point_2 = ECP_MPI_INIT_ARRAY( - x25519_bad_point_2 ); + x25519_bad_point_2); #endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ /* @@ -2975,40 +3015,37 @@ static const mbedtls_mpi ecp_x25519_bad_point_2 = ECP_MPI_INIT_ARRAY( * https://eprint.iacr.org/2017/806.pdf * Those points are never sent by an honest peer. */ -static int ecp_check_bad_points_mx( const mbedtls_mpi *X, const mbedtls_mpi *P, - const mbedtls_ecp_group_id grp_id ) +static int ecp_check_bad_points_mx(const mbedtls_mpi *X, const mbedtls_mpi *P, + const mbedtls_ecp_group_id grp_id) { int ret; mbedtls_mpi XmP; - mbedtls_mpi_init( &XmP ); + mbedtls_mpi_init(&XmP); /* Reduce X mod P so that we only need to check values less than P. * We know X < 2^256 so we can proceed by subtraction. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &XmP, X ) ); - while( mbedtls_mpi_cmp_mpi( &XmP, P ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &XmP, &XmP, P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&XmP, X)); + while (mbedtls_mpi_cmp_mpi(&XmP, P) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&XmP, &XmP, P)); + } /* Check against the known bad values that are less than P. For Curve448 * these are 0, 1 and -1. For Curve25519 we check the values less than P * from the following list: https://cr.yp.to/ecdh.html#validate */ - if( mbedtls_mpi_cmp_int( &XmP, 1 ) <= 0 ) /* takes care of 0 and 1 */ - { + if (mbedtls_mpi_cmp_int(&XmP, 1) <= 0) { /* takes care of 0 and 1 */ ret = MBEDTLS_ERR_ECP_INVALID_KEY; goto cleanup; } #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - if( grp_id == MBEDTLS_ECP_DP_CURVE25519 ) - { - if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_1 ) == 0 ) - { + if (grp_id == MBEDTLS_ECP_DP_CURVE25519) { + if (mbedtls_mpi_cmp_mpi(&XmP, &ecp_x25519_bad_point_1) == 0) { ret = MBEDTLS_ERR_ECP_INVALID_KEY; goto cleanup; } - if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_2 ) == 0 ) - { + if (mbedtls_mpi_cmp_mpi(&XmP, &ecp_x25519_bad_point_2) == 0) { ret = MBEDTLS_ERR_ECP_INVALID_KEY; goto cleanup; } @@ -3018,9 +3055,8 @@ static int ecp_check_bad_points_mx( const mbedtls_mpi *X, const mbedtls_mpi *P, #endif /* Final check: check if XmP + 1 is P (final because it changes XmP!) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &XmP, &XmP, 1 ) ); - if( mbedtls_mpi_cmp_mpi( &XmP, P ) == 0 ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&XmP, &XmP, 1)); + if (mbedtls_mpi_cmp_mpi(&XmP, P) == 0) { ret = MBEDTLS_ERR_ECP_INVALID_KEY; goto cleanup; } @@ -3028,102 +3064,108 @@ static int ecp_check_bad_points_mx( const mbedtls_mpi *X, const mbedtls_mpi *P, ret = 0; cleanup: - mbedtls_mpi_free( &XmP ); + mbedtls_mpi_free(&XmP); - return( ret ); + return ret; } /* * Check validity of a public key for Montgomery curves with x-only schemes */ -static int ecp_check_pubkey_mx( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) +static int ecp_check_pubkey_mx(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt) { /* [Curve25519 p. 5] Just check X is the correct number of bytes */ /* Allow any public value, if it's too big then we'll just reduce it mod p * (RFC 7748 sec. 5 para. 3). */ - if( mbedtls_mpi_size( &pt->X ) > ( grp->nbits + 7 ) / 8 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (mbedtls_mpi_size(&pt->X) > (grp->nbits + 7) / 8) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } /* Implicit in all standards (as they don't consider negative numbers): * X must be non-negative. This is normally ensured by the way it's * encoded for transmission, but let's be extra sure. */ - if( mbedtls_mpi_cmp_int( &pt->X, 0 ) < 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (mbedtls_mpi_cmp_int(&pt->X, 0) < 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } - return( ecp_check_bad_points_mx( &pt->X, &grp->P, grp->id ) ); + return ecp_check_bad_points_mx(&pt->X, &grp->P, grp->id); } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ /* * Check that a point is valid as a public key */ -int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, - const mbedtls_ecp_point *pt ) +int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *pt) { - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( pt != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(pt != NULL); /* Must use affine coordinates */ - if( mbedtls_mpi_cmp_int( &pt->Z, 1 ) != 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (mbedtls_mpi_cmp_int(&pt->Z, 1) != 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - return( ecp_check_pubkey_mx( grp, pt ) ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + return ecp_check_pubkey_mx(grp, pt); + } #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - return( ecp_check_pubkey_sw( grp, pt ) ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + return ecp_check_pubkey_sw(grp, pt); + } #endif - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } /* * Check that an mbedtls_mpi is valid as a private key */ -int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, - const mbedtls_mpi *d ) +int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp, + const mbedtls_mpi *d) { - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( d != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(d != NULL); #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { /* see RFC 7748 sec. 5 para. 5 */ - if( mbedtls_mpi_get_bit( d, 0 ) != 0 || - mbedtls_mpi_get_bit( d, 1 ) != 0 || - mbedtls_mpi_bitlen( d ) - 1 != grp->nbits ) /* mbedtls_mpi_bitlen is one-based! */ - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (mbedtls_mpi_get_bit(d, 0) != 0 || + mbedtls_mpi_get_bit(d, 1) != 0 || + mbedtls_mpi_bitlen(d) - 1 != grp->nbits) { /* mbedtls_mpi_bitlen is one-based! */ + return MBEDTLS_ERR_ECP_INVALID_KEY; + } /* see [Curve25519] page 5 */ - if( grp->nbits == 254 && mbedtls_mpi_get_bit( d, 2 ) != 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (grp->nbits == 254 && mbedtls_mpi_get_bit(d, 2) != 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } - return( 0 ); + return 0; } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - { + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { /* see SEC1 3.2 */ - if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || - mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); - else - return( 0 ); + if (mbedtls_mpi_cmp_int(d, 1) < 0 || + mbedtls_mpi_cmp_mpi(d, &grp->N) >= 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } else { + return 0; + } } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) MBEDTLS_STATIC_TESTABLE -int mbedtls_ecp_gen_privkey_mx( size_t high_bit, - mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecp_gen_privkey_mx(size_t high_bit, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; size_t n_random_bytes = high_bit / 8 + 1; @@ -3132,38 +3174,36 @@ int mbedtls_ecp_gen_privkey_mx( size_t high_bit, /* Generate a (high_bit+1)-bit random number by generating just enough * random bytes, then shifting out extra bits from the top (necessary * when (high_bit+1) is not a multiple of 8). */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_random_bytes, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_random_bytes - high_bit - 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(d, n_random_bytes, + f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(d, 8 * n_random_bytes - high_bit - 1)); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, high_bit, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(d, high_bit, 1)); /* Make sure the last two bits are unset for Curve448, three bits for Curve25519 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) ); - if( high_bit == 254 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(d, 0, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(d, 1, 0)); + if (high_bit == 254) { + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(d, 2, 0)); } cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) static int mbedtls_ecp_gen_privkey_sw( const mbedtls_mpi *N, mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - int ret = mbedtls_mpi_random( d, 1, N, f_rng, p_rng ); - switch( ret ) - { + int ret = mbedtls_mpi_random(d, 1, N, f_rng, p_rng); + switch (ret) { case MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: - return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); + return MBEDTLS_ERR_ECP_RANDOM_FAILED; default: - return( ret ); + return ret; } } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ @@ -3171,233 +3211,232 @@ static int mbedtls_ecp_gen_privkey_sw( /* * Generate a private key */ -int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, - mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( d != NULL ); - ECP_VALIDATE_RET( f_rng != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(d != NULL); + ECP_VALIDATE_RET(f_rng != NULL); #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - return( mbedtls_ecp_gen_privkey_mx( grp->nbits, d, f_rng, p_rng ) ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + return mbedtls_ecp_gen_privkey_mx(grp->nbits, d, f_rng, p_rng); + } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - return( mbedtls_ecp_gen_privkey_sw( &grp->N, d, f_rng, p_rng ) ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + return mbedtls_ecp_gen_privkey_sw(&grp->N, d, f_rng, p_rng); + } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } /* * Generate a keypair with configurable base point */ -int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, - const mbedtls_ecp_point *G, - mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp, + const mbedtls_ecp_point *G, + mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( d != NULL ); - ECP_VALIDATE_RET( G != NULL ); - ECP_VALIDATE_RET( Q != NULL ); - ECP_VALIDATE_RET( f_rng != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(d != NULL); + ECP_VALIDATE_RET(G != NULL); + ECP_VALIDATE_RET(Q != NULL); + ECP_VALIDATE_RET(f_rng != NULL); - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, Q, d, G, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, d, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(grp, Q, d, G, f_rng, p_rng)); cleanup: - return( ret ); + return ret; } /* * Generate key pair, wrapper for conventional base point */ -int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, - mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, + mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( d != NULL ); - ECP_VALIDATE_RET( Q != NULL ); - ECP_VALIDATE_RET( f_rng != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(d != NULL); + ECP_VALIDATE_RET(Q != NULL); + ECP_VALIDATE_RET(f_rng != NULL); - return( mbedtls_ecp_gen_keypair_base( grp, &grp->G, d, Q, f_rng, p_rng ) ); + return mbedtls_ecp_gen_keypair_base(grp, &grp->G, d, Q, f_rng, p_rng); } /* * Generate a keypair, prettier wrapper */ -int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( key != NULL ); - ECP_VALIDATE_RET( f_rng != NULL ); + ECP_VALIDATE_RET(key != NULL); + ECP_VALIDATE_RET(f_rng != NULL); - if( ( ret = mbedtls_ecp_group_load( &key->grp, grp_id ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_group_load(&key->grp, grp_id)) != 0) { + return ret; + } - return( mbedtls_ecp_gen_keypair( &key->grp, &key->d, &key->Q, f_rng, p_rng ) ); + return mbedtls_ecp_gen_keypair(&key->grp, &key->d, &key->Q, f_rng, p_rng); } #define ECP_CURVE25519_KEY_SIZE 32 /* * Read a private key. */ -int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, - const unsigned char *buf, size_t buflen ) +int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, + const unsigned char *buf, size_t buflen) { int ret = 0; - ECP_VALIDATE_RET( key != NULL ); - ECP_VALIDATE_RET( buf != NULL ); + ECP_VALIDATE_RET(key != NULL); + ECP_VALIDATE_RET(buf != NULL); - if( ( ret = mbedtls_ecp_group_load( &key->grp, grp_id ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_group_load(&key->grp, grp_id)) != 0) { + return ret; + } ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { + if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { /* * If it is Curve25519 curve then mask the key as mandated by RFC7748 */ - if( grp_id == MBEDTLS_ECP_DP_CURVE25519 ) - { - if( buflen != ECP_CURVE25519_KEY_SIZE ) + if (grp_id == MBEDTLS_ECP_DP_CURVE25519) { + if (buflen != ECP_CURVE25519_KEY_SIZE) { return MBEDTLS_ERR_ECP_INVALID_KEY; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary_le( &key->d, buf, buflen ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary_le(&key->d, buf, buflen)); /* Set the three least significant bits to 0 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &key->d, 0, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &key->d, 1, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &key->d, 2, 0 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&key->d, 0, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&key->d, 1, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&key->d, 2, 0)); /* Set the most significant bit to 0 */ MBEDTLS_MPI_CHK( - mbedtls_mpi_set_bit( &key->d, - ECP_CURVE25519_KEY_SIZE * 8 - 1, 0 ) - ); + mbedtls_mpi_set_bit(&key->d, + ECP_CURVE25519_KEY_SIZE * 8 - 1, 0) + ); /* Set the second most significant bit to 1 */ MBEDTLS_MPI_CHK( - mbedtls_mpi_set_bit( &key->d, - ECP_CURVE25519_KEY_SIZE * 8 - 2, 1 ) - ); - } - else + mbedtls_mpi_set_bit(&key->d, + ECP_CURVE25519_KEY_SIZE * 8 - 2, 1) + ); + } else { ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } } #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &key->d, buf, buflen ) ); + if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&key->d, buf, buflen)); - MBEDTLS_MPI_CHK( mbedtls_ecp_check_privkey( &key->grp, &key->d ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(&key->grp, &key->d)); } #endif cleanup: - if( ret != 0 ) - mbedtls_mpi_free( &key->d ); + if (ret != 0) { + mbedtls_mpi_free(&key->d); + } - return( ret ); + return ret; } /* * Write a private key. */ -int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key, - unsigned char *buf, size_t buflen ) +int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key, + unsigned char *buf, size_t buflen) { int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; - ECP_VALIDATE_RET( key != NULL ); - ECP_VALIDATE_RET( buf != NULL ); + ECP_VALIDATE_RET(key != NULL); + ECP_VALIDATE_RET(buf != NULL); #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { - if( key->grp.id == MBEDTLS_ECP_DP_CURVE25519 ) - { - if( buflen < ECP_CURVE25519_KEY_SIZE ) + if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + if (key->grp.id == MBEDTLS_ECP_DP_CURVE25519) { + if (buflen < ECP_CURVE25519_KEY_SIZE) { return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary_le( &key->d, buf, buflen ) ); - } - else + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary_le(&key->d, buf, buflen)); + } else { ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } } #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &key->d, buf, buflen ) ); + if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&key->d, buf, buflen)); } #endif cleanup: - return( ret ); + return ret; } /* * Check a public-private key pair */ -int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv ) +int mbedtls_ecp_check_pub_priv(const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point Q; mbedtls_ecp_group grp; - ECP_VALIDATE_RET( pub != NULL ); - ECP_VALIDATE_RET( prv != NULL ); + ECP_VALIDATE_RET(pub != NULL); + ECP_VALIDATE_RET(prv != NULL); - if( pub->grp.id == MBEDTLS_ECP_DP_NONE || + if (pub->grp.id == MBEDTLS_ECP_DP_NONE || pub->grp.id != prv->grp.id || - mbedtls_mpi_cmp_mpi( &pub->Q.X, &prv->Q.X ) || - mbedtls_mpi_cmp_mpi( &pub->Q.Y, &prv->Q.Y ) || - mbedtls_mpi_cmp_mpi( &pub->Q.Z, &prv->Q.Z ) ) - { - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + mbedtls_mpi_cmp_mpi(&pub->Q.X, &prv->Q.X) || + mbedtls_mpi_cmp_mpi(&pub->Q.Y, &prv->Q.Y) || + mbedtls_mpi_cmp_mpi(&pub->Q.Z, &prv->Q.Z)) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } - mbedtls_ecp_point_init( &Q ); - mbedtls_ecp_group_init( &grp ); + mbedtls_ecp_point_init(&Q); + mbedtls_ecp_group_init(&grp); /* mbedtls_ecp_mul() needs a non-const group... */ - mbedtls_ecp_group_copy( &grp, &prv->grp ); + mbedtls_ecp_group_copy(&grp, &prv->grp); /* Also checks d is valid */ - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, NULL, NULL ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&grp, &Q, &prv->d, &prv->grp.G, NULL, NULL)); - if( mbedtls_mpi_cmp_mpi( &Q.X, &prv->Q.X ) || - mbedtls_mpi_cmp_mpi( &Q.Y, &prv->Q.Y ) || - mbedtls_mpi_cmp_mpi( &Q.Z, &prv->Q.Z ) ) - { + if (mbedtls_mpi_cmp_mpi(&Q.X, &prv->Q.X) || + mbedtls_mpi_cmp_mpi(&Q.Y, &prv->Q.Y) || + mbedtls_mpi_cmp_mpi(&Q.Z, &prv->Q.Z)) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } cleanup: - mbedtls_ecp_point_free( &Q ); - mbedtls_ecp_group_free( &grp ); + mbedtls_ecp_point_free(&Q); + mbedtls_ecp_group_free(&grp); - return( ret ); + return ret; } #if defined(MBEDTLS_SELF_TEST) @@ -3405,26 +3444,25 @@ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ec /* Adjust the exponent to be a valid private point for the specified curve. * This is sometimes necessary because we use a single set of exponents * for all curves but the validity of values depends on the curve. */ -static int self_test_adjust_exponent( const mbedtls_ecp_group *grp, - mbedtls_mpi *m ) +static int self_test_adjust_exponent(const mbedtls_ecp_group *grp, + mbedtls_mpi *m) { int ret = 0; - switch( grp->id ) - { - /* If Curve25519 is available, then that's what we use for the - * Montgomery test, so we don't need the adjustment code. */ -#if ! defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + switch (grp->id) { + /* If Curve25519 is available, then that's what we use for the + * Montgomery test, so we don't need the adjustment code. */ +#if !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) case MBEDTLS_ECP_DP_CURVE448: /* Move highest bit from 254 to N-1. Setting bit N-1 is * necessary to enforce the highest-bit-set constraint. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( m, 254, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( m, grp->nbits, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(m, 254, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(m, grp->nbits, 1)); /* Copy second-highest bit from 253 to N-2. This is not * necessary but improves the test variety a bit. */ MBEDTLS_MPI_CHK( - mbedtls_mpi_set_bit( m, grp->nbits - 1, - mbedtls_mpi_get_bit( m, 253 ) ) ); + mbedtls_mpi_set_bit(m, grp->nbits - 1, + mbedtls_mpi_get_bit(m, 253))); break; #endif #endif /* ! defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) */ @@ -3435,18 +3473,18 @@ static int self_test_adjust_exponent( const mbedtls_ecp_group *grp, goto cleanup; } cleanup: - return( ret ); + return ret; } /* Calculate R = m.P for each m in exponents. Check that the number of * basic operations doesn't depend on the value of m. */ -static int self_test_point( int verbose, - mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, - mbedtls_mpi *m, - const mbedtls_ecp_point *P, - const char *const *exponents, - size_t n_exponents ) +static int self_test_point(int verbose, + mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, + mbedtls_mpi *m, + const mbedtls_ecp_point *P, + const char *const *exponents, + size_t n_exponents) { int ret = 0; size_t i = 0; @@ -3455,12 +3493,11 @@ static int self_test_point( int verbose, dbl_count = 0; mul_count = 0; - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[0] ) ); - MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(m, 16, exponents[0])); + MBEDTLS_MPI_CHK(self_test_adjust_exponent(grp, m)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(grp, R, m, P, NULL, NULL)); - for( i = 1; i < n_exponents; i++ ) - { + for (i = 1; i < n_exponents; i++) { add_c_prev = add_count; dbl_c_prev = dbl_count; mul_c_prev = mul_count; @@ -3468,34 +3505,33 @@ static int self_test_point( int verbose, dbl_count = 0; mul_count = 0; - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[i] ) ); - MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(m, 16, exponents[i])); + MBEDTLS_MPI_CHK(self_test_adjust_exponent(grp, m)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(grp, R, m, P, NULL, NULL)); - if( add_count != add_c_prev || + if (add_count != add_c_prev || dbl_count != dbl_c_prev || - mul_count != mul_c_prev ) - { + mul_count != mul_c_prev) { ret = 1; break; } } cleanup: - if( verbose != 0 ) - { - if( ret != 0 ) - mbedtls_printf( "failed (%u)\n", (unsigned int) i ); - else - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + if (ret != 0) { + mbedtls_printf("failed (%u)\n", (unsigned int) i); + } else { + mbedtls_printf("passed\n"); + } } - return( ret ); + return ret; } /* * Checkup routine */ -int mbedtls_ecp_self_test( int verbose ) +int mbedtls_ecp_self_test(int verbose) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group grp; @@ -3531,77 +3567,85 @@ int mbedtls_ecp_self_test( int verbose ) }; #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &R ); - mbedtls_ecp_point_init( &P ); - mbedtls_mpi_init( &m ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&R); + mbedtls_ecp_point_init(&P); + mbedtls_mpi_init(&m); #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) /* Use secp192r1 if available, or any available curve */ #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) - MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_SECP192R1 ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_SECP192R1)); #else - MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, mbedtls_ecp_curve_list()->grp_id ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&grp, mbedtls_ecp_curve_list()->grp_id)); #endif - if( verbose != 0 ) - mbedtls_printf( " ECP SW test #1 (constant op_count, base point G): " ); + if (verbose != 0) { + mbedtls_printf(" ECP SW test #1 (constant op_count, base point G): "); + } /* Do a dummy multiplication first to trigger precomputation */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &m, 2 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, NULL, NULL ) ); - ret = self_test_point( verbose, - &grp, &R, &m, &grp.G, - sw_exponents, - sizeof( sw_exponents ) / sizeof( sw_exponents[0] )); - if( ret != 0 ) + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&m, 2)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&grp, &P, &m, &grp.G, NULL, NULL)); + ret = self_test_point(verbose, + &grp, &R, &m, &grp.G, + sw_exponents, + sizeof(sw_exponents) / sizeof(sw_exponents[0])); + if (ret != 0) { goto cleanup; + } - if( verbose != 0 ) - mbedtls_printf( " ECP SW test #2 (constant op_count, other point): " ); + if (verbose != 0) { + mbedtls_printf(" ECP SW test #2 (constant op_count, other point): "); + } /* We computed P = 2G last time, use it */ - ret = self_test_point( verbose, - &grp, &R, &m, &P, - sw_exponents, - sizeof( sw_exponents ) / sizeof( sw_exponents[0] )); - if( ret != 0 ) + ret = self_test_point(verbose, + &grp, &R, &m, &P, + sw_exponents, + sizeof(sw_exponents) / sizeof(sw_exponents[0])); + if (ret != 0) { goto cleanup; + } - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &R ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&R); #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( verbose != 0 ) - mbedtls_printf( " ECP Montgomery test (constant op_count): " ); + if (verbose != 0) { + mbedtls_printf(" ECP Montgomery test (constant op_count): "); + } #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_CURVE25519 ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_CURVE25519)); #elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) - MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_CURVE448 ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_CURVE448)); #else #error "MBEDTLS_ECP_MONTGOMERY_ENABLED is defined, but no curve is supported for self-test" #endif - ret = self_test_point( verbose, - &grp, &R, &m, &grp.G, - m_exponents, - sizeof( m_exponents ) / sizeof( m_exponents[0] )); - if( ret != 0 ) + ret = self_test_point(verbose, + &grp, &R, &m, &grp.G, + m_exponents, + sizeof(m_exponents) / sizeof(m_exponents[0])); + if (ret != 0) { goto cleanup; + } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ cleanup: - if( ret < 0 && verbose != 0 ) - mbedtls_printf( "Unexpected error, return code = %08X\n", (unsigned int) ret ); + if (ret < 0 && verbose != 0) { + mbedtls_printf("Unexpected error, return code = %08X\n", (unsigned int) ret); + } - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &R ); - mbedtls_ecp_point_free( &P ); - mbedtls_mpi_free( &m ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&R); + mbedtls_ecp_point_free(&P); + mbedtls_mpi_free(&m); - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 47761eef4e3e..8a9f79e2e04e 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -33,12 +33,12 @@ #if !defined(MBEDTLS_ECP_ALT) /* Parameter validation macros based on platform_util.h */ -#define ECP_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) -#define ECP_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define ECP_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) +#define ECP_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) -#define ECP_MPI_INIT(s, n, p) {s, (n), (mbedtls_mpi_uint *)(p)} +#define ECP_MPI_INIT(s, n, p) { s, (n), (mbedtls_mpi_uint *) (p) } #define ECP_MPI_INIT_ARRAY(x) \ ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x) @@ -53,29 +53,29 @@ */ #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) static const mbedtls_mpi_uint secp192r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; static const mbedtls_mpi_uint secp192r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64), }; static const mbedtls_mpi_uint secp192r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18), }; static const mbedtls_mpi_uint secp192r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63), + MBEDTLS_BYTES_TO_T_UINT_8(0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07), }; static const mbedtls_mpi_uint secp192r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14), + MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ @@ -84,34 +84,34 @@ static const mbedtls_mpi_uint secp192r1_n[] = { */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) static const mbedtls_mpi_uint secp224r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00), }; static const mbedtls_mpi_uint secp224r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C ), - MBEDTLS_BYTES_TO_T_UINT_4( 0x85, 0x0A, 0x05, 0xB4 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C), + MBEDTLS_BYTES_TO_T_UINT_4(0x85, 0x0A, 0x05, 0xB4), }; static const mbedtls_mpi_uint secp224r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B ), - MBEDTLS_BYTES_TO_T_UINT_4( 0xBD, 0x0C, 0x0E, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34), + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_4(0xBD, 0x0C, 0x0E, 0xB7), }; static const mbedtls_mpi_uint secp224r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5 ), - MBEDTLS_BYTES_TO_T_UINT_4( 0x88, 0x63, 0x37, 0xBD ), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_4(0x88, 0x63, 0x37, 0xBD), }; static const mbedtls_mpi_uint secp224r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_4(0xFF, 0xFF, 0xFF, 0xFF), }; #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ @@ -120,34 +120,34 @@ static const mbedtls_mpi_uint secp224r1_n[] = { */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) static const mbedtls_mpi_uint secp256r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF), }; static const mbedtls_mpi_uint secp256r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8(0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A), }; static const mbedtls_mpi_uint secp256r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B), }; static const mbedtls_mpi_uint secp256r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F ), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F), }; static const mbedtls_mpi_uint secp256r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF), }; #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ @@ -156,44 +156,44 @@ static const mbedtls_mpi_uint secp256r1_n[] = { */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) static const mbedtls_mpi_uint secp384r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; static const mbedtls_mpi_uint secp384r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3), }; static const mbedtls_mpi_uint secp384r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA), }; static const mbedtls_mpi_uint secp384r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36), }; static const mbedtls_mpi_uint secp384r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ @@ -202,154 +202,154 @@ static const mbedtls_mpi_uint secp384r1_n[] = { */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) static const mbedtls_mpi_uint secp521r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_2( 0xFF, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_2(0xFF, 0x01), }; static const mbedtls_mpi_uint secp521r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0x09, 0xF1, 0x8E, 0x91, 0x89, 0xB4, 0xB8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95 ), - MBEDTLS_BYTES_TO_T_UINT_2( 0x51, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56), + MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0x09, 0xF1, 0x8E, 0x91, 0x89, 0xB4, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92), + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95), + MBEDTLS_BYTES_TO_T_UINT_2(0x51, 0x00), }; static const mbedtls_mpi_uint secp521r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85 ), - MBEDTLS_BYTES_TO_T_UINT_2( 0xC6, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33), + MBEDTLS_BYTES_TO_T_UINT_8(0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85), + MBEDTLS_BYTES_TO_T_UINT_2(0xC6, 0x00), }; static const mbedtls_mpi_uint secp521r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39 ), - MBEDTLS_BYTES_TO_T_UINT_2( 0x18, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39), + MBEDTLS_BYTES_TO_T_UINT_2(0x18, 0x01), }; static const mbedtls_mpi_uint secp521r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_2( 0xFF, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_2(0xFF, 0x01), }; #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) static const mbedtls_mpi_uint secp192k1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; static const mbedtls_mpi_uint secp192k1_a[] = { - MBEDTLS_BYTES_TO_T_UINT_2( 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2(0x00, 0x00), }; static const mbedtls_mpi_uint secp192k1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_2( 0x03, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2(0x03, 0x00), }; static const mbedtls_mpi_uint secp192k1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB), }; static const mbedtls_mpi_uint secp192k1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B), }; static const mbedtls_mpi_uint secp192k1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) static const mbedtls_mpi_uint secp224k1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_4(0xFF, 0xFF, 0xFF, 0xFF), }; static const mbedtls_mpi_uint secp224k1_a[] = { - MBEDTLS_BYTES_TO_T_UINT_2( 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2(0x00, 0x00), }; static const mbedtls_mpi_uint secp224k1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_2( 0x05, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2(0x05, 0x00), }; static const mbedtls_mpi_uint secp224k1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D ), - MBEDTLS_BYTES_TO_T_UINT_4( 0x33, 0x5B, 0x45, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D), + MBEDTLS_BYTES_TO_T_UINT_4(0x33, 0x5B, 0x45, 0xA1), }; static const mbedtls_mpi_uint secp224k1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F ), - MBEDTLS_BYTES_TO_T_UINT_4( 0xED, 0x9F, 0x08, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_4(0xED, 0x9F, 0x08, 0x7E), }; static const mbedtls_mpi_uint secp224k1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00), }; #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) static const mbedtls_mpi_uint secp256k1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; static const mbedtls_mpi_uint secp256k1_a[] = { - MBEDTLS_BYTES_TO_T_UINT_2( 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2(0x00, 0x00), }; static const mbedtls_mpi_uint secp256k1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_2( 0x07, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2(0x07, 0x00), }; static const mbedtls_mpi_uint secp256k1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79), }; static const mbedtls_mpi_uint secp256k1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD), + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48), }; static const mbedtls_mpi_uint secp256k1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF), + MBEDTLS_BYTES_TO_T_UINT_8(0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ @@ -358,40 +358,40 @@ static const mbedtls_mpi_uint secp256k1_n[] = { */ #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) static const mbedtls_mpi_uint brainpoolP256r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9), }; static const mbedtls_mpi_uint brainpoolP256r1_a[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D), }; static const mbedtls_mpi_uint brainpoolP256r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95), + MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3), + MBEDTLS_BYTES_TO_T_UINT_8(0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26), }; static const mbedtls_mpi_uint brainpoolP256r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B), }; static const mbedtls_mpi_uint brainpoolP256r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54), }; static const mbedtls_mpi_uint brainpoolP256r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90), + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9), }; #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ @@ -400,52 +400,52 @@ static const mbedtls_mpi_uint brainpoolP256r1_n[] = { */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) static const mbedtls_mpi_uint brainpoolP384r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8(0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC), + MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C), }; static const mbedtls_mpi_uint brainpoolP384r1_a[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0x27, 0xB2, 0x4F, 0x8E, 0xA2, 0xBE, 0xC2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A), + MBEDTLS_BYTES_TO_T_UINT_8(0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0x27, 0xB2, 0x4F, 0x8E, 0xA2, 0xBE, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B), }; static const mbedtls_mpi_uint brainpoolP384r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA6, 0xD2, 0xDC, 0x07, 0xE1, 0x7D, 0xB7, 0x2F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E), + MBEDTLS_BYTES_TO_T_UINT_8(0xA6, 0xD2, 0xDC, 0x07, 0xE1, 0x7D, 0xB7, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04), }; static const mbedtls_mpi_uint brainpoolP384r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D), }; static const mbedtls_mpi_uint brainpoolP384r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A ), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A), }; static const mbedtls_mpi_uint brainpoolP384r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xB3, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0xB3, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C), }; #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ @@ -454,64 +454,64 @@ static const mbedtls_mpi_uint brainpoolP384r1_n[] = { */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) static const mbedtls_mpi_uint brainpoolP512r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0x68, 0xC6, 0x9B, 0x00, 0x9B, 0x4D, 0x7D ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0x68, 0xC6, 0x9B, 0x00, 0x9B, 0x4D, 0x7D), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA), }; static const mbedtls_mpi_uint brainpoolP512r1_a[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x3A, 0x25, 0xA8, 0x5A, 0x5D, 0xED, 0x2D ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x63, 0x98, 0xEA, 0xCA, 0x41, 0x34, 0xA8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0x16, 0xF9, 0x3D, 0x8D, 0xDD, 0xCB, 0x94 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x3A, 0x25, 0xA8, 0x5A, 0x5D, 0xED, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x63, 0x98, 0xEA, 0xCA, 0x41, 0x34, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0x16, 0xF9, 0x3D, 0x8D, 0xDD, 0xCB, 0x94), + MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78), }; static const mbedtls_mpi_uint brainpoolP512r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x4D, 0xAC, 0xC1, 0xE7, 0xB9, 0xC7, 0xF2, 0x2B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x17, 0x11, 0x7F, 0xB5, 0xC8, 0x9A, 0x8B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0xF1, 0x2E, 0x0A, 0xA1, 0x3A, 0x25, 0xA8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D ), + MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0x4D, 0xAC, 0xC1, 0xE7, 0xB9, 0xC7, 0xF2, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x17, 0x11, 0x7F, 0xB5, 0xC8, 0x9A, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0xF1, 0x2E, 0x0A, 0xA1, 0x3A, 0x25, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA), + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D), }; static const mbedtls_mpi_uint brainpoolP512r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81), }; static const mbedtls_mpi_uint brainpoolP512r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0), + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2), + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0), + MBEDTLS_BYTES_TO_T_UINT_8(0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D), }; static const mbedtls_mpi_uint brainpoolP512r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x26, 0xA9, 0x4C, 0x41, 0x5C, 0x3E, 0x55 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8(0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x26, 0xA9, 0x4C, 0x41, 0x5C, 0x3E, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA), }; #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ @@ -535,17 +535,17 @@ static const mbedtls_mpi_uint brainpoolP512r1_n[] = { * Create an MPI from embedded constants * (assumes len is an exact multiple of sizeof mbedtls_mpi_uint) */ -static inline void ecp_mpi_load( mbedtls_mpi *X, const mbedtls_mpi_uint *p, size_t len ) +static inline void ecp_mpi_load(mbedtls_mpi *X, const mbedtls_mpi_uint *p, size_t len) { X->s = 1; - X->n = len / sizeof( mbedtls_mpi_uint ); + X->n = len / sizeof(mbedtls_mpi_uint); X->p = (mbedtls_mpi_uint *) p; } /* * Set an MPI to static value 1 */ -static inline void ecp_mpi_set1( mbedtls_mpi *X ) +static inline void ecp_mpi_set1(mbedtls_mpi *X) { static mbedtls_mpi_uint one[] = { 1 }; X->s = 1; @@ -556,89 +556,90 @@ static inline void ecp_mpi_set1( mbedtls_mpi *X ) /* * Make group available from embedded constants */ -static int ecp_group_load( mbedtls_ecp_group *grp, - const mbedtls_mpi_uint *p, size_t plen, - const mbedtls_mpi_uint *a, size_t alen, - const mbedtls_mpi_uint *b, size_t blen, - const mbedtls_mpi_uint *gx, size_t gxlen, - const mbedtls_mpi_uint *gy, size_t gylen, - const mbedtls_mpi_uint *n, size_t nlen) +static int ecp_group_load(mbedtls_ecp_group *grp, + const mbedtls_mpi_uint *p, size_t plen, + const mbedtls_mpi_uint *a, size_t alen, + const mbedtls_mpi_uint *b, size_t blen, + const mbedtls_mpi_uint *gx, size_t gxlen, + const mbedtls_mpi_uint *gy, size_t gylen, + const mbedtls_mpi_uint *n, size_t nlen) { - ecp_mpi_load( &grp->P, p, plen ); - if( a != NULL ) - ecp_mpi_load( &grp->A, a, alen ); - ecp_mpi_load( &grp->B, b, blen ); - ecp_mpi_load( &grp->N, n, nlen ); + ecp_mpi_load(&grp->P, p, plen); + if (a != NULL) { + ecp_mpi_load(&grp->A, a, alen); + } + ecp_mpi_load(&grp->B, b, blen); + ecp_mpi_load(&grp->N, n, nlen); - ecp_mpi_load( &grp->G.X, gx, gxlen ); - ecp_mpi_load( &grp->G.Y, gy, gylen ); - ecp_mpi_set1( &grp->G.Z ); + ecp_mpi_load(&grp->G.X, gx, gxlen); + ecp_mpi_load(&grp->G.Y, gy, gylen); + ecp_mpi_set1(&grp->G.Z); - grp->pbits = mbedtls_mpi_bitlen( &grp->P ); - grp->nbits = mbedtls_mpi_bitlen( &grp->N ); + grp->pbits = mbedtls_mpi_bitlen(&grp->P); + grp->nbits = mbedtls_mpi_bitlen(&grp->N); grp->h = 1; - return( 0 ); + return 0; } #endif /* ECP_LOAD_GROUP */ #if defined(MBEDTLS_ECP_NIST_OPTIM) /* Forward declarations */ #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) -static int ecp_mod_p192( mbedtls_mpi * ); +static int ecp_mod_p192(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) -static int ecp_mod_p224( mbedtls_mpi * ); +static int ecp_mod_p224(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) -static int ecp_mod_p256( mbedtls_mpi * ); +static int ecp_mod_p256(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) -static int ecp_mod_p384( mbedtls_mpi * ); +static int ecp_mod_p384(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) -static int ecp_mod_p521( mbedtls_mpi * ); +static int ecp_mod_p521(mbedtls_mpi *); #endif -#define NIST_MODP( P ) grp->modp = ecp_mod_ ## P; +#define NIST_MODP(P) grp->modp = ecp_mod_ ## P; #else -#define NIST_MODP( P ) +#define NIST_MODP(P) #endif /* MBEDTLS_ECP_NIST_OPTIM */ /* Additional forward declarations */ #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) -static int ecp_mod_p255( mbedtls_mpi * ); +static int ecp_mod_p255(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) -static int ecp_mod_p448( mbedtls_mpi * ); +static int ecp_mod_p448(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) -static int ecp_mod_p192k1( mbedtls_mpi * ); +static int ecp_mod_p192k1(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) -static int ecp_mod_p224k1( mbedtls_mpi * ); +static int ecp_mod_p224k1(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) -static int ecp_mod_p256k1( mbedtls_mpi * ); +static int ecp_mod_p256k1(mbedtls_mpi *); #endif #if defined(ECP_LOAD_GROUP) -#define LOAD_GROUP_A( G ) ecp_group_load( grp, \ - G ## _p, sizeof( G ## _p ), \ - G ## _a, sizeof( G ## _a ), \ - G ## _b, sizeof( G ## _b ), \ - G ## _gx, sizeof( G ## _gx ), \ - G ## _gy, sizeof( G ## _gy ), \ - G ## _n, sizeof( G ## _n ) ) - -#define LOAD_GROUP( G ) ecp_group_load( grp, \ - G ## _p, sizeof( G ## _p ), \ - NULL, 0, \ - G ## _b, sizeof( G ## _b ), \ - G ## _gx, sizeof( G ## _gx ), \ - G ## _gy, sizeof( G ## _gy ), \ - G ## _n, sizeof( G ## _n ) ) +#define LOAD_GROUP_A(G) ecp_group_load(grp, \ + G ## _p, sizeof(G ## _p), \ + G ## _a, sizeof(G ## _a), \ + G ## _b, sizeof(G ## _b), \ + G ## _gx, sizeof(G ## _gx), \ + G ## _gy, sizeof(G ## _gy), \ + G ## _n, sizeof(G ## _n)) + +#define LOAD_GROUP(G) ecp_group_load(grp, \ + G ## _p, sizeof(G ## _p), \ + NULL, 0, \ + G ## _b, sizeof(G ## _b), \ + G ## _gx, sizeof(G ## _gx), \ + G ## _gy, sizeof(G ## _gy), \ + G ## _n, sizeof(G ## _n)) #endif /* ECP_LOAD_GROUP */ #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) @@ -652,38 +653,39 @@ static const unsigned char curve25519_part_of_n[] = { /* * Specialized function for creating the Curve25519 group */ -static int ecp_use_curve25519( mbedtls_ecp_group *grp ) +static int ecp_use_curve25519(mbedtls_ecp_group *grp) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Actually ( A + 2 ) / 4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->A, curve25519_a24 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->A, curve25519_a24)); /* P = 2^255 - 19 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &grp->P, 255 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &grp->P, &grp->P, 19 ) ); - grp->pbits = mbedtls_mpi_bitlen( &grp->P ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&grp->P, 255)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&grp->P, &grp->P, 19)); + grp->pbits = mbedtls_mpi_bitlen(&grp->P); /* N = 2^252 + 27742317777372353535851937790883648493 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &grp->N, - curve25519_part_of_n, sizeof( curve25519_part_of_n ) ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &grp->N, 252, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&grp->N, + curve25519_part_of_n, sizeof(curve25519_part_of_n))); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&grp->N, 252, 1)); /* Y intentionally not set, since we use x/z coordinates. * This is used as a marker to identify Montgomery curves! */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.X, 9 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.Z, 1 ) ); - mbedtls_mpi_free( &grp->G.Y ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.X, 9)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.Z, 1)); + mbedtls_mpi_free(&grp->G.Y); /* Actually, the required msb for private keys */ grp->nbits = 254; cleanup: - if( ret != 0 ) - mbedtls_ecp_group_free( grp ); + if (ret != 0) { + mbedtls_ecp_group_free(grp); + } - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ @@ -700,140 +702,140 @@ static const unsigned char curve448_part_of_n[] = { /* * Specialized function for creating the Curve448 group */ -static int ecp_use_curve448( mbedtls_ecp_group *grp ) +static int ecp_use_curve448(mbedtls_ecp_group *grp) { mbedtls_mpi Ns; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_mpi_init( &Ns ); + mbedtls_mpi_init(&Ns); /* Actually ( A + 2 ) / 4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->A, curve448_a24 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->A, curve448_a24)); /* P = 2^448 - 2^224 - 1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &grp->P, 224 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &grp->P, &grp->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &grp->P, 224 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &grp->P, &grp->P, 1 ) ); - grp->pbits = mbedtls_mpi_bitlen( &grp->P ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&grp->P, 224)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&grp->P, &grp->P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&grp->P, 224)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&grp->P, &grp->P, 1)); + grp->pbits = mbedtls_mpi_bitlen(&grp->P); /* Y intentionally not set, since we use x/z coordinates. * This is used as a marker to identify Montgomery curves! */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.X, 5 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.Z, 1 ) ); - mbedtls_mpi_free( &grp->G.Y ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.X, 5)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.Z, 1)); + mbedtls_mpi_free(&grp->G.Y); /* N = 2^446 - 13818066809895115352007386748515426880336692474882178609894547503885 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &grp->N, 446, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &Ns, - curve448_part_of_n, sizeof( curve448_part_of_n ) ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &grp->N, &grp->N, &Ns ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&grp->N, 446, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&Ns, + curve448_part_of_n, sizeof(curve448_part_of_n))); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&grp->N, &grp->N, &Ns)); /* Actually, the required msb for private keys */ grp->nbits = 447; cleanup: - mbedtls_mpi_free( &Ns ); - if( ret != 0 ) - mbedtls_ecp_group_free( grp ); + mbedtls_mpi_free(&Ns); + if (ret != 0) { + mbedtls_ecp_group_free(grp); + } - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ /* * Set a group using well-known domain parameters */ -int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ) +int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id) { - ECP_VALIDATE_RET( grp != NULL ); - mbedtls_ecp_group_free( grp ); + ECP_VALIDATE_RET(grp != NULL); + mbedtls_ecp_group_free(grp); - mbedtls_ecp_group_init( grp ); + mbedtls_ecp_group_init(grp); grp->id = id; - switch( id ) - { + switch (id) { #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) case MBEDTLS_ECP_DP_SECP192R1: - NIST_MODP( p192 ); - return( LOAD_GROUP( secp192r1 ) ); + NIST_MODP(p192); + return LOAD_GROUP(secp192r1); #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) case MBEDTLS_ECP_DP_SECP224R1: - NIST_MODP( p224 ); - return( LOAD_GROUP( secp224r1 ) ); + NIST_MODP(p224); + return LOAD_GROUP(secp224r1); #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) case MBEDTLS_ECP_DP_SECP256R1: - NIST_MODP( p256 ); - return( LOAD_GROUP( secp256r1 ) ); + NIST_MODP(p256); + return LOAD_GROUP(secp256r1); #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) case MBEDTLS_ECP_DP_SECP384R1: - NIST_MODP( p384 ); - return( LOAD_GROUP( secp384r1 ) ); + NIST_MODP(p384); + return LOAD_GROUP(secp384r1); #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) case MBEDTLS_ECP_DP_SECP521R1: - NIST_MODP( p521 ); - return( LOAD_GROUP( secp521r1 ) ); + NIST_MODP(p521); + return LOAD_GROUP(secp521r1); #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) case MBEDTLS_ECP_DP_SECP192K1: grp->modp = ecp_mod_p192k1; - return( LOAD_GROUP_A( secp192k1 ) ); + return LOAD_GROUP_A(secp192k1); #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) case MBEDTLS_ECP_DP_SECP224K1: grp->modp = ecp_mod_p224k1; - return( LOAD_GROUP_A( secp224k1 ) ); + return LOAD_GROUP_A(secp224k1); #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) case MBEDTLS_ECP_DP_SECP256K1: grp->modp = ecp_mod_p256k1; - return( LOAD_GROUP_A( secp256k1 ) ); + return LOAD_GROUP_A(secp256k1); #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) case MBEDTLS_ECP_DP_BP256R1: - return( LOAD_GROUP_A( brainpoolP256r1 ) ); + return LOAD_GROUP_A(brainpoolP256r1); #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) case MBEDTLS_ECP_DP_BP384R1: - return( LOAD_GROUP_A( brainpoolP384r1 ) ); + return LOAD_GROUP_A(brainpoolP384r1); #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) case MBEDTLS_ECP_DP_BP512R1: - return( LOAD_GROUP_A( brainpoolP512r1 ) ); + return LOAD_GROUP_A(brainpoolP512r1); #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) case MBEDTLS_ECP_DP_CURVE25519: grp->modp = ecp_mod_p255; - return( ecp_use_curve25519( grp ) ); + return ecp_use_curve25519(grp); #endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) case MBEDTLS_ECP_DP_CURVE448: grp->modp = ecp_mod_p448; - return( ecp_use_curve448( grp ) ); + return ecp_use_curve448(grp); #endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ default: grp->id = MBEDTLS_ECP_DP_NONE; - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; } } @@ -862,56 +864,54 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ) */ /* Add 64-bit chunks (dst += src) and update carry */ -static inline void add64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *src, mbedtls_mpi_uint *carry ) +static inline void add64(mbedtls_mpi_uint *dst, mbedtls_mpi_uint *src, mbedtls_mpi_uint *carry) { unsigned char i; mbedtls_mpi_uint c = 0; - for( i = 0; i < 8 / sizeof( mbedtls_mpi_uint ); i++, dst++, src++ ) - { - *dst += c; c = ( *dst < c ); - *dst += *src; c += ( *dst < *src ); + for (i = 0; i < 8 / sizeof(mbedtls_mpi_uint); i++, dst++, src++) { + *dst += c; c = (*dst < c); + *dst += *src; c += (*dst < *src); } *carry += c; } /* Add carry to a 64-bit chunk and update carry */ -static inline void carry64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry ) +static inline void carry64(mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry) { unsigned char i; - for( i = 0; i < 8 / sizeof( mbedtls_mpi_uint ); i++, dst++ ) - { + for (i = 0; i < 8 / sizeof(mbedtls_mpi_uint); i++, dst++) { *dst += *carry; - *carry = ( *dst < *carry ); + *carry = (*dst < *carry); } } -#define WIDTH 8 / sizeof( mbedtls_mpi_uint ) -#define A( i ) N->p + (i) * WIDTH -#define ADD( i ) add64( p, A( i ), &c ) -#define NEXT p += WIDTH; carry64( p, &c ) -#define LAST p += WIDTH; *p = c; while( ++p < end ) *p = 0 +#define WIDTH 8 / sizeof(mbedtls_mpi_uint) +#define A(i) N->p + (i) * WIDTH +#define ADD(i) add64(p, A(i), &c) +#define NEXT p += WIDTH; carry64(p, &c) +#define LAST p += WIDTH; *p = c; while (++p < end) *p = 0 /* * Fast quasi-reduction modulo p192 (FIPS 186-3 D.2.1) */ -static int ecp_mod_p192( mbedtls_mpi *N ) +static int ecp_mod_p192(mbedtls_mpi *N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi_uint c = 0; mbedtls_mpi_uint *p, *end; /* Make sure we have enough blocks so that A(5) is legal */ - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, 6 * WIDTH ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, 6 * WIDTH)); p = N->p; end = p + N->n; - ADD( 3 ); ADD( 5 ); NEXT; // A0 += A3 + A5 - ADD( 3 ); ADD( 4 ); ADD( 5 ); NEXT; // A1 += A3 + A4 + A5 - ADD( 4 ); ADD( 5 ); LAST; // A2 += A4 + A5 + ADD(3); ADD(5); NEXT; // A0 += A3 + A5 + ADD(3); ADD(4); ADD(5); NEXT; // A1 += A3 + A4 + A5 + ADD(4); ADD(5); LAST; // A2 += A4 + A5 cleanup: - return( ret ); + return ret; } #undef WIDTH @@ -940,21 +940,21 @@ static int ecp_mod_p192( mbedtls_mpi *N ) * * While at it, also define the size of N in terms of 32-bit chunks. */ -#define LOAD32 cur = A( i ); +#define LOAD32 cur = A(i); #if defined(MBEDTLS_HAVE_INT32) /* 32 bit */ #define MAX32 N->n -#define A( j ) N->p[j] +#define A(j) N->p[j] #define STORE32 N->p[i] = cur; #else /* 64-bit */ #define MAX32 N->n * 2 -#define A( j ) (j) % 2 ? (uint32_t)( N->p[(j)/2] >> 32 ) : \ - (uint32_t)( N->p[(j)/2] ) +#define A(j) (j) % 2 ? (uint32_t) (N->p[(j)/2] >> 32) : \ + (uint32_t) (N->p[(j)/2]) #define STORE32 \ - if( i % 2 ) { \ + if (i % 2) { \ N->p[i/2] &= 0x00000000FFFFFFFF; \ N->p[i/2] |= ((mbedtls_mpi_uint) cur) << 32; \ } else { \ @@ -967,20 +967,20 @@ static int ecp_mod_p192( mbedtls_mpi *N ) /* * Helpers for addition and subtraction of chunks, with signed carry. */ -static inline void add32( uint32_t *dst, uint32_t src, signed char *carry ) +static inline void add32(uint32_t *dst, uint32_t src, signed char *carry) { *dst += src; - *carry += ( *dst < src ); + *carry += (*dst < src); } -static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry ) +static inline void sub32(uint32_t *dst, uint32_t src, signed char *carry) { - *carry -= ( *dst < src ); + *carry -= (*dst < src); *dst -= src; } -#define ADD( j ) add32( &cur, A( j ), &c ); -#define SUB( j ) sub32( &cur, A( j ), &c ); +#define ADD(j) add32(&cur, A(j), &c); +#define SUB(j) sub32(&cur, A(j), &c); #define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */ #define biL (ciL << 3) /* bits in limb */ @@ -988,83 +988,83 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry ) /* * Helpers for the main 'loop' */ -#define INIT( b ) \ +#define INIT(b) \ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; \ signed char c = 0, cc; \ uint32_t cur; \ size_t i = 0, bits = (b); \ /* N is the size of the product of two b-bit numbers, plus one */ \ /* limb for fix_negative */ \ - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, ( b ) * 2 / biL + 1 ) ); \ + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, (b) * 2 / biL + 1)); \ LOAD32; #define NEXT \ STORE32; i++; LOAD32; \ cc = c; c = 0; \ - if( cc < 0 ) \ - sub32( &cur, -cc, &c ); \ + if (cc < 0) \ + sub32(&cur, -cc, &c); \ else \ - add32( &cur, cc, &c ); \ + add32(&cur, cc, &c); \ #define LAST \ STORE32; i++; \ cur = c > 0 ? c : 0; STORE32; \ - cur = 0; while( ++i < MAX32 ) { STORE32; } \ - if( c < 0 ) mbedtls_ecp_fix_negative( N, c, bits ); + cur = 0; while (++i < MAX32) { STORE32; } \ + if (c < 0) mbedtls_ecp_fix_negative(N, c, bits); /* * If the result is negative, we get it in the form * c * 2^bits + N, with c negative and N positive shorter than 'bits' */ MBEDTLS_STATIC_TESTABLE -void mbedtls_ecp_fix_negative( mbedtls_mpi *N, signed char c, size_t bits ) +void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits) { size_t i; /* Set N := 2^bits - 1 - N. We know that 0 <= N < 2^bits, so * set the absolute value to 0xfff...fff - N. There is no carry * since we're subtracting from all-bits-one. */ - for( i = 0; i <= bits / 8 / sizeof( mbedtls_mpi_uint ); i++ ) - { - N->p[i] = ~(mbedtls_mpi_uint)0 - N->p[i]; + for (i = 0; i <= bits / 8 / sizeof(mbedtls_mpi_uint); i++) { + N->p[i] = ~(mbedtls_mpi_uint) 0 - N->p[i]; } /* Add 1, taking care of the carry. */ i = 0; - do + do { ++N->p[i]; - while( N->p[i++] == 0 && i <= bits / 8 / sizeof( mbedtls_mpi_uint ) ); + } while (N->p[i++] == 0 && i <= bits / 8 / sizeof(mbedtls_mpi_uint)); /* Invert the sign. * Now N = N0 - 2^bits where N0 is the initial value of N. */ N->s = -1; /* Add |c| * 2^bits to the absolute value. Since c and N are - * negative, this adds c * 2^bits. */ + * negative, this adds c * 2^bits. */ mbedtls_mpi_uint msw = (mbedtls_mpi_uint) -c; #if defined(MBEDTLS_HAVE_INT64) - if( bits == 224 ) + if (bits == 224) { msw <<= 32; + } #endif - N->p[bits / 8 / sizeof( mbedtls_mpi_uint)] += msw; + N->p[bits / 8 / sizeof(mbedtls_mpi_uint)] += msw; } #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) /* * Fast quasi-reduction modulo p224 (FIPS 186-3 D.2.2) */ -static int ecp_mod_p224( mbedtls_mpi *N ) +static int ecp_mod_p224(mbedtls_mpi *N) { - INIT( 224 ); + INIT(224); - SUB( 7 ); SUB( 11 ); NEXT; // A0 += -A7 - A11 - SUB( 8 ); SUB( 12 ); NEXT; // A1 += -A8 - A12 - SUB( 9 ); SUB( 13 ); NEXT; // A2 += -A9 - A13 - SUB( 10 ); ADD( 7 ); ADD( 11 ); NEXT; // A3 += -A10 + A7 + A11 - SUB( 11 ); ADD( 8 ); ADD( 12 ); NEXT; // A4 += -A11 + A8 + A12 - SUB( 12 ); ADD( 9 ); ADD( 13 ); NEXT; // A5 += -A12 + A9 + A13 - SUB( 13 ); ADD( 10 ); LAST; // A6 += -A13 + A10 + SUB(7); SUB(11); NEXT; // A0 += -A7 - A11 + SUB(8); SUB(12); NEXT; // A1 += -A8 - A12 + SUB(9); SUB(13); NEXT; // A2 += -A9 - A13 + SUB(10); ADD(7); ADD(11); NEXT; // A3 += -A10 + A7 + A11 + SUB(11); ADD(8); ADD(12); NEXT; // A4 += -A11 + A8 + A12 + SUB(12); ADD(9); ADD(13); NEXT; // A5 += -A12 + A9 + A13 + SUB(13); ADD(10); LAST; // A6 += -A13 + A10 cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ @@ -1072,36 +1072,36 @@ static int ecp_mod_p224( mbedtls_mpi *N ) /* * Fast quasi-reduction modulo p256 (FIPS 186-3 D.2.3) */ -static int ecp_mod_p256( mbedtls_mpi *N ) +static int ecp_mod_p256(mbedtls_mpi *N) { - INIT( 256 ); + INIT(256); - ADD( 8 ); ADD( 9 ); - SUB( 11 ); SUB( 12 ); SUB( 13 ); SUB( 14 ); NEXT; // A0 + ADD(8); ADD(9); + SUB(11); SUB(12); SUB(13); SUB(14); NEXT; // A0 - ADD( 9 ); ADD( 10 ); - SUB( 12 ); SUB( 13 ); SUB( 14 ); SUB( 15 ); NEXT; // A1 + ADD(9); ADD(10); + SUB(12); SUB(13); SUB(14); SUB(15); NEXT; // A1 - ADD( 10 ); ADD( 11 ); - SUB( 13 ); SUB( 14 ); SUB( 15 ); NEXT; // A2 + ADD(10); ADD(11); + SUB(13); SUB(14); SUB(15); NEXT; // A2 - ADD( 11 ); ADD( 11 ); ADD( 12 ); ADD( 12 ); ADD( 13 ); - SUB( 15 ); SUB( 8 ); SUB( 9 ); NEXT; // A3 + ADD(11); ADD(11); ADD(12); ADD(12); ADD(13); + SUB(15); SUB(8); SUB(9); NEXT; // A3 - ADD( 12 ); ADD( 12 ); ADD( 13 ); ADD( 13 ); ADD( 14 ); - SUB( 9 ); SUB( 10 ); NEXT; // A4 + ADD(12); ADD(12); ADD(13); ADD(13); ADD(14); + SUB(9); SUB(10); NEXT; // A4 - ADD( 13 ); ADD( 13 ); ADD( 14 ); ADD( 14 ); ADD( 15 ); - SUB( 10 ); SUB( 11 ); NEXT; // A5 + ADD(13); ADD(13); ADD(14); ADD(14); ADD(15); + SUB(10); SUB(11); NEXT; // A5 - ADD( 14 ); ADD( 14 ); ADD( 15 ); ADD( 15 ); ADD( 14 ); ADD( 13 ); - SUB( 8 ); SUB( 9 ); NEXT; // A6 + ADD(14); ADD(14); ADD(15); ADD(15); ADD(14); ADD(13); + SUB(8); SUB(9); NEXT; // A6 - ADD( 15 ); ADD( 15 ); ADD( 15 ); ADD( 8 ); - SUB( 10 ); SUB( 11 ); SUB( 12 ); SUB( 13 ); LAST; // A7 + ADD(15); ADD(15); ADD(15); ADD(8); + SUB(10); SUB(11); SUB(12); SUB(13); LAST; // A7 cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ @@ -1109,48 +1109,48 @@ static int ecp_mod_p256( mbedtls_mpi *N ) /* * Fast quasi-reduction modulo p384 (FIPS 186-3 D.2.4) */ -static int ecp_mod_p384( mbedtls_mpi *N ) +static int ecp_mod_p384(mbedtls_mpi *N) { - INIT( 384 ); + INIT(384); - ADD( 12 ); ADD( 21 ); ADD( 20 ); - SUB( 23 ); NEXT; // A0 + ADD(12); ADD(21); ADD(20); + SUB(23); NEXT; // A0 - ADD( 13 ); ADD( 22 ); ADD( 23 ); - SUB( 12 ); SUB( 20 ); NEXT; // A2 + ADD(13); ADD(22); ADD(23); + SUB(12); SUB(20); NEXT; // A2 - ADD( 14 ); ADD( 23 ); - SUB( 13 ); SUB( 21 ); NEXT; // A2 + ADD(14); ADD(23); + SUB(13); SUB(21); NEXT; // A2 - ADD( 15 ); ADD( 12 ); ADD( 20 ); ADD( 21 ); - SUB( 14 ); SUB( 22 ); SUB( 23 ); NEXT; // A3 + ADD(15); ADD(12); ADD(20); ADD(21); + SUB(14); SUB(22); SUB(23); NEXT; // A3 - ADD( 21 ); ADD( 21 ); ADD( 16 ); ADD( 13 ); ADD( 12 ); ADD( 20 ); ADD( 22 ); - SUB( 15 ); SUB( 23 ); SUB( 23 ); NEXT; // A4 + ADD(21); ADD(21); ADD(16); ADD(13); ADD(12); ADD(20); ADD(22); + SUB(15); SUB(23); SUB(23); NEXT; // A4 - ADD( 22 ); ADD( 22 ); ADD( 17 ); ADD( 14 ); ADD( 13 ); ADD( 21 ); ADD( 23 ); - SUB( 16 ); NEXT; // A5 + ADD(22); ADD(22); ADD(17); ADD(14); ADD(13); ADD(21); ADD(23); + SUB(16); NEXT; // A5 - ADD( 23 ); ADD( 23 ); ADD( 18 ); ADD( 15 ); ADD( 14 ); ADD( 22 ); - SUB( 17 ); NEXT; // A6 + ADD(23); ADD(23); ADD(18); ADD(15); ADD(14); ADD(22); + SUB(17); NEXT; // A6 - ADD( 19 ); ADD( 16 ); ADD( 15 ); ADD( 23 ); - SUB( 18 ); NEXT; // A7 + ADD(19); ADD(16); ADD(15); ADD(23); + SUB(18); NEXT; // A7 - ADD( 20 ); ADD( 17 ); ADD( 16 ); - SUB( 19 ); NEXT; // A8 + ADD(20); ADD(17); ADD(16); + SUB(19); NEXT; // A8 - ADD( 21 ); ADD( 18 ); ADD( 17 ); - SUB( 20 ); NEXT; // A9 + ADD(21); ADD(18); ADD(17); + SUB(20); NEXT; // A9 - ADD( 22 ); ADD( 19 ); ADD( 18 ); - SUB( 21 ); NEXT; // A10 + ADD(22); ADD(19); ADD(18); + SUB(21); NEXT; // A10 - ADD( 23 ); ADD( 20 ); ADD( 19 ); - SUB( 22 ); LAST; // A11 + ADD(23); ADD(20); ADD(19); + SUB(22); LAST; // A11 cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ @@ -1173,7 +1173,7 @@ static int ecp_mod_p384( mbedtls_mpi *N ) */ /* Size of p521 in terms of mbedtls_mpi_uint */ -#define P521_WIDTH ( 521 / 8 / sizeof( mbedtls_mpi_uint ) + 1 ) +#define P521_WIDTH (521 / 8 / sizeof(mbedtls_mpi_uint) + 1) /* Bits to keep in the most significant mbedtls_mpi_uint */ #define P521_MASK 0x01FF @@ -1182,7 +1182,7 @@ static int ecp_mod_p384( mbedtls_mpi *N ) * Fast quasi-reduction modulo p521 (FIPS 186-3 D.2.5) * Write N as A1 + 2^521 A0, return A0 + A1 */ -static int ecp_mod_p521( mbedtls_mpi *N ) +static int ecp_mod_p521(mbedtls_mpi *N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; @@ -1192,28 +1192,31 @@ static int ecp_mod_p521( mbedtls_mpi *N ) * we need to hold bits 513 to 1056, which is 34 limbs, that is * P521_WIDTH + 1. Otherwise P521_WIDTH is enough. */ - if( N->n < P521_WIDTH ) - return( 0 ); + if (N->n < P521_WIDTH) { + return 0; + } /* M = A1 */ M.s = 1; - M.n = N->n - ( P521_WIDTH - 1 ); - if( M.n > P521_WIDTH + 1 ) + M.n = N->n - (P521_WIDTH - 1); + if (M.n > P521_WIDTH + 1) { M.n = P521_WIDTH + 1; + } M.p = Mp; - memcpy( Mp, N->p + P521_WIDTH - 1, M.n * sizeof( mbedtls_mpi_uint ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, 521 % ( 8 * sizeof( mbedtls_mpi_uint ) ) ) ); + memcpy(Mp, N->p + P521_WIDTH - 1, M.n * sizeof(mbedtls_mpi_uint)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, 521 % (8 * sizeof(mbedtls_mpi_uint)))); /* N = A0 */ N->p[P521_WIDTH - 1] &= P521_MASK; - for( i = P521_WIDTH; i < N->n; i++ ) + for (i = P521_WIDTH; i < N->n; i++) { N->p[i] = 0; + } /* N = A0 + A1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M)); cleanup: - return( ret ); + return ret; } #undef P521_WIDTH @@ -1225,57 +1228,60 @@ static int ecp_mod_p521( mbedtls_mpi *N ) #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) /* Size of p255 in terms of mbedtls_mpi_uint */ -#define P255_WIDTH ( 255 / 8 / sizeof( mbedtls_mpi_uint ) + 1 ) +#define P255_WIDTH (255 / 8 / sizeof(mbedtls_mpi_uint) + 1) /* * Fast quasi-reduction modulo p255 = 2^255 - 19 * Write N as A0 + 2^255 A1, return A0 + 19 * A1 */ -static int ecp_mod_p255( mbedtls_mpi *N ) +static int ecp_mod_p255(mbedtls_mpi *N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M; mbedtls_mpi_uint Mp[P255_WIDTH + 2]; - if( N->n < P255_WIDTH ) - return( 0 ); + if (N->n < P255_WIDTH) { + return 0; + } /* M = A1 */ M.s = 1; - M.n = N->n - ( P255_WIDTH - 1 ); - if( M.n > P255_WIDTH + 1 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + M.n = N->n - (P255_WIDTH - 1); + if (M.n > P255_WIDTH + 1) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } M.p = Mp; - memset( Mp, 0, sizeof Mp ); - memcpy( Mp, N->p + P255_WIDTH - 1, M.n * sizeof( mbedtls_mpi_uint ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, 255 % ( 8 * sizeof( mbedtls_mpi_uint ) ) ) ); + memset(Mp, 0, sizeof Mp); + memcpy(Mp, N->p + P255_WIDTH - 1, M.n * sizeof(mbedtls_mpi_uint)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, 255 % (8 * sizeof(mbedtls_mpi_uint)))); M.n++; /* Make room for multiplication by 19 */ /* N = A0 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( N, 255, 0 ) ); - for( i = P255_WIDTH; i < N->n; i++ ) + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(N, 255, 0)); + for (i = P255_WIDTH; i < N->n; i++) { N->p[i] = 0; + } /* N = A0 + 19 * A1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &M, 19 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&M, &M, 19)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M)); cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) /* Size of p448 in terms of mbedtls_mpi_uint */ -#define P448_WIDTH ( 448 / 8 / sizeof( mbedtls_mpi_uint ) ) +#define P448_WIDTH (448 / 8 / sizeof(mbedtls_mpi_uint)) /* Number of limbs fully occupied by 2^224 (max), and limbs used by it (min) */ -#define DIV_ROUND_UP( X, Y ) ( ( ( X ) + ( Y ) - 1 ) / ( Y ) ) -#define P224_WIDTH_MIN ( 28 / sizeof( mbedtls_mpi_uint ) ) -#define P224_WIDTH_MAX DIV_ROUND_UP( 28, sizeof( mbedtls_mpi_uint ) ) -#define P224_UNUSED_BITS ( ( P224_WIDTH_MAX * sizeof( mbedtls_mpi_uint ) * 8 ) - 224 ) +#define DIV_ROUND_UP(X, Y) (((X) + (Y) -1) / (Y)) +#define P224_WIDTH_MIN (28 / sizeof(mbedtls_mpi_uint)) +#define P224_WIDTH_MAX DIV_ROUND_UP(28, sizeof(mbedtls_mpi_uint)) +#define P224_UNUSED_BITS ((P224_WIDTH_MAX * sizeof(mbedtls_mpi_uint) * 8) - 224) /* * Fast quasi-reduction modulo p448 = 2^448 - 2^224 - 1 @@ -1288,52 +1294,57 @@ static int ecp_mod_p255( mbedtls_mpi *N ) * but for 64-bit targets it should use half the number of operations if we do * the reduction with 224-bit limbs, since mpi_add_mpi will then use 64-bit adds. */ -static int ecp_mod_p448( mbedtls_mpi *N ) +static int ecp_mod_p448(mbedtls_mpi *N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M, Q; mbedtls_mpi_uint Mp[P448_WIDTH + 1], Qp[P448_WIDTH]; - if( N->n <= P448_WIDTH ) - return( 0 ); + if (N->n <= P448_WIDTH) { + return 0; + } /* M = A1 */ M.s = 1; - M.n = N->n - ( P448_WIDTH ); - if( M.n > P448_WIDTH ) + M.n = N->n - (P448_WIDTH); + if (M.n > P448_WIDTH) { /* Shouldn't be called with N larger than 2^896! */ - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } M.p = Mp; - memset( Mp, 0, sizeof( Mp ) ); - memcpy( Mp, N->p + P448_WIDTH, M.n * sizeof( mbedtls_mpi_uint ) ); + memset(Mp, 0, sizeof(Mp)); + memcpy(Mp, N->p + P448_WIDTH, M.n * sizeof(mbedtls_mpi_uint)); /* N = A0 */ - for( i = P448_WIDTH; i < N->n; i++ ) + for (i = P448_WIDTH; i < N->n; i++) { N->p[i] = 0; + } /* N += A1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &M ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(N, N, &M)); /* Q = B1, N += B1 */ Q = M; Q.p = Qp; - memcpy( Qp, Mp, sizeof( Qp ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Q, 224 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &Q ) ); + memcpy(Qp, Mp, sizeof(Qp)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&Q, 224)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(N, N, &Q)); /* M = (B0 + B1) * 2^224, N += M */ - if( sizeof( mbedtls_mpi_uint ) > 4 ) - Mp[P224_WIDTH_MIN] &= ( (mbedtls_mpi_uint)-1 ) >> ( P224_UNUSED_BITS ); - for( i = P224_WIDTH_MAX; i < M.n; ++i ) + if (sizeof(mbedtls_mpi_uint) > 4) { + Mp[P224_WIDTH_MIN] &= ((mbedtls_mpi_uint)-1) >> (P224_UNUSED_BITS); + } + for (i = P224_WIDTH_MAX; i < M.n; ++i) { Mp[i] = 0; - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &M, &M, &Q ) ); + } + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&M, &M, &Q)); M.n = P448_WIDTH + 1; /* Make room for shifted carry bit from the addition */ - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &M, 224 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &M ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&M, 224)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(N, N, &M)); cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ @@ -1347,18 +1358,19 @@ static int ecp_mod_p448( mbedtls_mpi *N ) * Write N as A0 + 2^224 A1, return A0 + R * A1. * Actually do two passes, since R is big. */ -#define P_KOBLITZ_MAX ( 256 / 8 / sizeof( mbedtls_mpi_uint ) ) // Max limbs in P -#define P_KOBLITZ_R ( 8 / sizeof( mbedtls_mpi_uint ) ) // Limbs in R -static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs, - size_t adjust, size_t shift, mbedtls_mpi_uint mask ) +#define P_KOBLITZ_MAX (256 / 8 / sizeof(mbedtls_mpi_uint)) // Max limbs in P +#define P_KOBLITZ_R (8 / sizeof(mbedtls_mpi_uint)) // Limbs in R +static inline int ecp_mod_koblitz(mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs, + size_t adjust, size_t shift, mbedtls_mpi_uint mask) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M, R; mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1]; - if( N->n < p_limbs ) - return( 0 ); + if (N->n < p_limbs) { + return 0; + } /* Init R */ R.s = 1; @@ -1370,49 +1382,57 @@ static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t M.p = Mp; /* M = A1 */ - M.n = N->n - ( p_limbs - adjust ); - if( M.n > p_limbs + adjust ) + M.n = N->n - (p_limbs - adjust); + if (M.n > p_limbs + adjust) { M.n = p_limbs + adjust; - memset( Mp, 0, sizeof Mp ); - memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) ); - if( shift != 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) ); + } + memset(Mp, 0, sizeof Mp); + memcpy(Mp, N->p + p_limbs - adjust, M.n * sizeof(mbedtls_mpi_uint)); + if (shift != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, shift)); + } M.n += R.n; /* Make room for multiplication by R */ /* N = A0 */ - if( mask != 0 ) + if (mask != 0) { N->p[p_limbs - 1] &= mask; - for( i = p_limbs; i < N->n; i++ ) + } + for (i = p_limbs; i < N->n; i++) { N->p[i] = 0; + } /* N = A0 + R * A1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &M, &M, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&M, &M, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M)); /* Second pass */ /* M = A1 */ - M.n = N->n - ( p_limbs - adjust ); - if( M.n > p_limbs + adjust ) + M.n = N->n - (p_limbs - adjust); + if (M.n > p_limbs + adjust) { M.n = p_limbs + adjust; - memset( Mp, 0, sizeof Mp ); - memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) ); - if( shift != 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) ); + } + memset(Mp, 0, sizeof Mp); + memcpy(Mp, N->p + p_limbs - adjust, M.n * sizeof(mbedtls_mpi_uint)); + if (shift != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, shift)); + } M.n += R.n; /* Make room for multiplication by R */ /* N = A0 */ - if( mask != 0 ) + if (mask != 0) { N->p[p_limbs - 1] &= mask; - for( i = p_limbs; i < N->n; i++ ) + } + for (i = p_limbs; i < N->n; i++) { N->p[i] = 0; + } /* N = A0 + R * A1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &M, &M, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&M, &M, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M)); cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED) || MBEDTLS_ECP_DP_SECP224K1_ENABLED) || @@ -1423,14 +1443,15 @@ static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t * Fast quasi-reduction modulo p192k1 = 2^192 - R, * with R = 2^32 + 2^12 + 2^8 + 2^7 + 2^6 + 2^3 + 1 = 0x0100001119 */ -static int ecp_mod_p192k1( mbedtls_mpi *N ) +static int ecp_mod_p192k1(mbedtls_mpi *N) { static mbedtls_mpi_uint Rp[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00, - 0x00 ) }; + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00, + 0x00) + }; - return( ecp_mod_koblitz( N, Rp, 192 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, - 0 ) ); + return ecp_mod_koblitz(N, Rp, 192 / 8 / sizeof(mbedtls_mpi_uint), 0, 0, + 0); } #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ @@ -1439,17 +1460,18 @@ static int ecp_mod_p192k1( mbedtls_mpi *N ) * Fast quasi-reduction modulo p224k1 = 2^224 - R, * with R = 2^32 + 2^12 + 2^11 + 2^9 + 2^7 + 2^4 + 2 + 1 = 0x0100001A93 */ -static int ecp_mod_p224k1( mbedtls_mpi *N ) +static int ecp_mod_p224k1(mbedtls_mpi *N) { static mbedtls_mpi_uint Rp[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00, - 0x00 ) }; + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00, + 0x00) + }; #if defined(MBEDTLS_HAVE_INT64) - return( ecp_mod_koblitz( N, Rp, 4, 1, 32, 0xFFFFFFFF ) ); + return ecp_mod_koblitz(N, Rp, 4, 1, 32, 0xFFFFFFFF); #else - return( ecp_mod_koblitz( N, Rp, 224 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, - 0 ) ); + return ecp_mod_koblitz(N, Rp, 224 / 8 / sizeof(mbedtls_mpi_uint), 0, 0, + 0); #endif } @@ -1460,13 +1482,14 @@ static int ecp_mod_p224k1( mbedtls_mpi *N ) * Fast quasi-reduction modulo p256k1 = 2^256 - R, * with R = 2^32 + 2^9 + 2^8 + 2^7 + 2^6 + 2^4 + 1 = 0x01000003D1 */ -static int ecp_mod_p256k1( mbedtls_mpi *N ) +static int ecp_mod_p256k1(mbedtls_mpi *N) { static mbedtls_mpi_uint Rp[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00, - 0x00 ) }; - return( ecp_mod_koblitz( N, Rp, 256 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, - 0 ) ); + MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00, + 0x00) + }; + return ecp_mod_koblitz(N, Rp, 256 / 8 / sizeof(mbedtls_mpi_uint), 0, 0, + 0); } #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h index 71c77027582e..18815be08911 100644 --- a/library/ecp_invasive.h +++ b/library/ecp_invasive.h @@ -44,7 +44,7 @@ * Behavior: * Set N to c * 2^bits + old_value_of_N. */ -void mbedtls_ecp_fix_negative( mbedtls_mpi *N, signed char c, size_t bits ); +void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits); #endif #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) @@ -69,10 +69,10 @@ void mbedtls_ecp_fix_negative( mbedtls_mpi *N, signed char c, size_t bits ); * \return \c 0 on success. * \return \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure. */ -int mbedtls_ecp_gen_privkey_mx( size_t n_bits, - mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecp_gen_privkey_mx(size_t n_bits, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ diff --git a/library/entropy.c b/library/entropy.c index 77e2bfdd5101..1a4ac96457cd 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -48,103 +48,104 @@ #define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */ -void mbedtls_entropy_init( mbedtls_entropy_context *ctx ) +void mbedtls_entropy_init(mbedtls_entropy_context *ctx) { ctx->source_count = 0; - memset( ctx->source, 0, sizeof( ctx->source ) ); + memset(ctx->source, 0, sizeof(ctx->source)); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif ctx->accumulator_started = 0; #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_init( &ctx->accumulator ); + mbedtls_sha512_init(&ctx->accumulator); #else - mbedtls_sha256_init( &ctx->accumulator ); + mbedtls_sha256_init(&ctx->accumulator); #endif #if defined(MBEDTLS_HAVEGE_C) - mbedtls_havege_init( &ctx->havege_data ); + mbedtls_havege_init(&ctx->havege_data); #endif /* Reminder: Update ENTROPY_HAVE_STRONG in the test files * when adding more strong entropy sources here. */ #if defined(MBEDTLS_TEST_NULL_ENTROPY) - mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL, - 1, MBEDTLS_ENTROPY_SOURCE_STRONG ); + mbedtls_entropy_add_source(ctx, mbedtls_null_entropy_poll, NULL, + 1, MBEDTLS_ENTROPY_SOURCE_STRONG); #endif #if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) - mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL, - MBEDTLS_ENTROPY_MIN_PLATFORM, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + mbedtls_entropy_add_source(ctx, mbedtls_platform_entropy_poll, NULL, + MBEDTLS_ENTROPY_MIN_PLATFORM, + MBEDTLS_ENTROPY_SOURCE_STRONG); #endif #if defined(MBEDTLS_TIMING_C) - mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL, - MBEDTLS_ENTROPY_MIN_HARDCLOCK, - MBEDTLS_ENTROPY_SOURCE_WEAK ); + mbedtls_entropy_add_source(ctx, mbedtls_hardclock_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDCLOCK, + MBEDTLS_ENTROPY_SOURCE_WEAK); #endif #if defined(MBEDTLS_HAVEGE_C) - mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data, - MBEDTLS_ENTROPY_MIN_HAVEGE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + mbedtls_entropy_add_source(ctx, mbedtls_havege_poll, &ctx->havege_data, + MBEDTLS_ENTROPY_MIN_HAVEGE, + MBEDTLS_ENTROPY_SOURCE_STRONG); #endif #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL, - MBEDTLS_ENTROPY_MIN_HARDWARE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + mbedtls_entropy_add_source(ctx, mbedtls_hardware_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDWARE, + MBEDTLS_ENTROPY_SOURCE_STRONG); #endif #if defined(MBEDTLS_ENTROPY_NV_SEED) - mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL, - MBEDTLS_ENTROPY_BLOCK_SIZE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + mbedtls_entropy_add_source(ctx, mbedtls_nv_seed_poll, NULL, + MBEDTLS_ENTROPY_BLOCK_SIZE, + MBEDTLS_ENTROPY_SOURCE_STRONG); ctx->initial_entropy_run = 0; #endif #endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ } -void mbedtls_entropy_free( mbedtls_entropy_context *ctx ) +void mbedtls_entropy_free(mbedtls_entropy_context *ctx) { /* If the context was already free, don't call free() again. * This is important for mutexes which don't allow double-free. */ - if( ctx->accumulator_started == -1 ) + if (ctx->accumulator_started == -1) { return; + } #if defined(MBEDTLS_HAVEGE_C) - mbedtls_havege_free( &ctx->havege_data ); + mbedtls_havege_free(&ctx->havege_data); #endif #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &ctx->mutex ); + mbedtls_mutex_free(&ctx->mutex); #endif #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_free( &ctx->accumulator ); + mbedtls_sha512_free(&ctx->accumulator); #else - mbedtls_sha256_free( &ctx->accumulator ); + mbedtls_sha256_free(&ctx->accumulator); #endif #if defined(MBEDTLS_ENTROPY_NV_SEED) ctx->initial_entropy_run = 0; #endif ctx->source_count = 0; - mbedtls_platform_zeroize( ctx->source, sizeof( ctx->source ) ); + mbedtls_platform_zeroize(ctx->source, sizeof(ctx->source)); ctx->accumulator_started = -1; } -int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, - mbedtls_entropy_f_source_ptr f_source, void *p_source, - size_t threshold, int strong ) +int mbedtls_entropy_add_source(mbedtls_entropy_context *ctx, + mbedtls_entropy_f_source_ptr f_source, void *p_source, + size_t threshold, int strong) { int idx, ret = 0; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif idx = ctx->source_count; - if( idx >= MBEDTLS_ENTROPY_MAX_SOURCES ) - { + if (idx >= MBEDTLS_ENTROPY_MAX_SOURCES) { ret = MBEDTLS_ERR_ENTROPY_MAX_SOURCES; goto exit; } @@ -158,18 +159,19 @@ int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, exit: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } /* * Entropy accumulator update */ -static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id, - const unsigned char *data, size_t len ) +static int entropy_update(mbedtls_entropy_context *ctx, unsigned char source_id, + const unsigned char *data, size_t len) { unsigned char header[2]; unsigned char tmp[MBEDTLS_ENTROPY_BLOCK_SIZE]; @@ -177,14 +179,15 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id const unsigned char *p = data; int ret = 0; - if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE ) - { + if (use_len > MBEDTLS_ENTROPY_BLOCK_SIZE) { #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - if( ( ret = mbedtls_sha512_ret( data, len, tmp, 0 ) ) != 0 ) + if ((ret = mbedtls_sha512_ret(data, len, tmp, 0)) != 0) { goto cleanup; + } #else - if( ( ret = mbedtls_sha256_ret( data, len, tmp, 0 ) ) != 0 ) + if ((ret = mbedtls_sha256_ret(data, len, tmp, 0)) != 0) { goto cleanup; + } #endif p = tmp; use_len = MBEDTLS_ENTROPY_BLOCK_SIZE; @@ -199,55 +202,61 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id * gather entropy eventually execute this code. */ #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - if( ctx->accumulator_started == 0 && - ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) + if (ctx->accumulator_started == 0 && + (ret = mbedtls_sha512_starts_ret(&ctx->accumulator, 0)) != 0) { goto cleanup; - else + } else { ctx->accumulator_started = 1; - if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, header, 2 ) ) != 0 ) + } + if ((ret = mbedtls_sha512_update_ret(&ctx->accumulator, header, 2)) != 0) { goto cleanup; - ret = mbedtls_sha512_update_ret( &ctx->accumulator, p, use_len ); + } + ret = mbedtls_sha512_update_ret(&ctx->accumulator, p, use_len); #else - if( ctx->accumulator_started == 0 && - ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) + if (ctx->accumulator_started == 0 && + (ret = mbedtls_sha256_starts_ret(&ctx->accumulator, 0)) != 0) { goto cleanup; - else + } else { ctx->accumulator_started = 1; - if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, header, 2 ) ) != 0 ) + } + if ((ret = mbedtls_sha256_update_ret(&ctx->accumulator, header, 2)) != 0) { goto cleanup; - ret = mbedtls_sha256_update_ret( &ctx->accumulator, p, use_len ); + } + ret = mbedtls_sha256_update_ret(&ctx->accumulator, p, use_len); #endif cleanup: - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); + mbedtls_platform_zeroize(tmp, sizeof(tmp)); - return( ret ); + return ret; } -int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, - const unsigned char *data, size_t len ) +int mbedtls_entropy_update_manual(mbedtls_entropy_context *ctx, + const unsigned char *data, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - ret = entropy_update( ctx, MBEDTLS_ENTROPY_SOURCE_MANUAL, data, len ); + ret = entropy_update(ctx, MBEDTLS_ENTROPY_SOURCE_MANUAL, data, len); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } /* * Run through the different sources to add entropy to our accumulator */ -static int entropy_gather_internal( mbedtls_entropy_context *ctx ) +static int entropy_gather_internal(mbedtls_entropy_context *ctx) { int ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; int i; @@ -255,121 +264,125 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx ) unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER]; size_t olen; - if( ctx->source_count == 0 ) - return( MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED ); + if (ctx->source_count == 0) { + return MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED; + } /* * Run through our entropy sources */ - for( i = 0; i < ctx->source_count; i++ ) - { - if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG ) + for (i = 0; i < ctx->source_count; i++) { + if (ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG) { have_one_strong = 1; + } olen = 0; - if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source, - buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen ) ) != 0 ) - { + if ((ret = ctx->source[i].f_source(ctx->source[i].p_source, + buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen)) != 0) { goto cleanup; } /* * Add if we actually gathered something */ - if( olen > 0 ) - { - if( ( ret = entropy_update( ctx, (unsigned char) i, - buf, olen ) ) != 0 ) - return( ret ); + if (olen > 0) { + if ((ret = entropy_update(ctx, (unsigned char) i, + buf, olen)) != 0) { + return ret; + } ctx->source[i].size += olen; } } - if( have_one_strong == 0 ) + if (have_one_strong == 0) { ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE; + } cleanup: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); - return( ret ); + return ret; } /* * Thread-safe wrapper for entropy_gather_internal() */ -int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ) +int mbedtls_entropy_gather(mbedtls_entropy_context *ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - ret = entropy_gather_internal( ctx ); + ret = entropy_gather_internal(ctx); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } -int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) +int mbedtls_entropy_func(void *data, unsigned char *output, size_t len) { int ret, count = 0, i, thresholds_reached; size_t strong_size; mbedtls_entropy_context *ctx = (mbedtls_entropy_context *) data; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - if( len > MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (len > MBEDTLS_ENTROPY_BLOCK_SIZE) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } #if defined(MBEDTLS_ENTROPY_NV_SEED) /* Update the NV entropy seed before generating any entropy for outside * use. */ - if( ctx->initial_entropy_run == 0 ) - { + if (ctx->initial_entropy_run == 0) { ctx->initial_entropy_run = 1; - if( ( ret = mbedtls_entropy_update_nv_seed( ctx ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_entropy_update_nv_seed(ctx)) != 0) { + return ret; + } } #endif #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif /* * Always gather extra entropy before a call */ - do - { - if( count++ > ENTROPY_MAX_LOOP ) - { + do { + if (count++ > ENTROPY_MAX_LOOP) { ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; goto exit; } - if( ( ret = entropy_gather_internal( ctx ) ) != 0 ) + if ((ret = entropy_gather_internal(ctx)) != 0) { goto exit; + } thresholds_reached = 1; strong_size = 0; - for( i = 0; i < ctx->source_count; i++ ) - { - if( ctx->source[i].size < ctx->source[i].threshold ) + for (i = 0; i < ctx->source_count; i++) { + if (ctx->source[i].size < ctx->source[i].threshold) { thresholds_reached = 0; - if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG ) + } + if (ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG) { strong_size += ctx->source[i].size; + } } - } - while( ! thresholds_reached || strong_size < MBEDTLS_ENTROPY_BLOCK_SIZE ); + } while (!thresholds_reached || strong_size < MBEDTLS_ENTROPY_BLOCK_SIZE); - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) /* @@ -377,109 +390,118 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) * in a previous call to entropy_update(). If this is not guaranteed, the * code below will fail. */ - if( ( ret = mbedtls_sha512_finish_ret( &ctx->accumulator, buf ) ) != 0 ) + if ((ret = mbedtls_sha512_finish_ret(&ctx->accumulator, buf)) != 0) { goto exit; + } /* * Reset accumulator and counters and recycle existing entropy */ - mbedtls_sha512_free( &ctx->accumulator ); - mbedtls_sha512_init( &ctx->accumulator ); - if( ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) + mbedtls_sha512_free(&ctx->accumulator); + mbedtls_sha512_init(&ctx->accumulator); + if ((ret = mbedtls_sha512_starts_ret(&ctx->accumulator, 0)) != 0) { goto exit; - if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, buf, - MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) + } + if ((ret = mbedtls_sha512_update_ret(&ctx->accumulator, buf, + MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { goto exit; + } /* * Perform second SHA-512 on entropy */ - if( ( ret = mbedtls_sha512_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - buf, 0 ) ) != 0 ) + if ((ret = mbedtls_sha512_ret(buf, MBEDTLS_ENTROPY_BLOCK_SIZE, + buf, 0)) != 0) { goto exit; + } #else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ - if( ( ret = mbedtls_sha256_finish_ret( &ctx->accumulator, buf ) ) != 0 ) + if ((ret = mbedtls_sha256_finish_ret(&ctx->accumulator, buf)) != 0) { goto exit; + } /* * Reset accumulator and counters and recycle existing entropy */ - mbedtls_sha256_free( &ctx->accumulator ); - mbedtls_sha256_init( &ctx->accumulator ); - if( ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) + mbedtls_sha256_free(&ctx->accumulator); + mbedtls_sha256_init(&ctx->accumulator); + if ((ret = mbedtls_sha256_starts_ret(&ctx->accumulator, 0)) != 0) { goto exit; - if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, buf, - MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) + } + if ((ret = mbedtls_sha256_update_ret(&ctx->accumulator, buf, + MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { goto exit; + } /* * Perform second SHA-256 on entropy */ - if( ( ret = mbedtls_sha256_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - buf, 0 ) ) != 0 ) + if ((ret = mbedtls_sha256_ret(buf, MBEDTLS_ENTROPY_BLOCK_SIZE, + buf, 0)) != 0) { goto exit; + } #endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ - for( i = 0; i < ctx->source_count; i++ ) + for (i = 0; i < ctx->source_count; i++) { ctx->source[i].size = 0; + } - memcpy( output, buf, len ); + memcpy(output, buf, len); ret = 0; exit: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } #if defined(MBEDTLS_ENTROPY_NV_SEED) -int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx ) +int mbedtls_entropy_update_nv_seed(mbedtls_entropy_context *ctx) { int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; /* Read new seed and write it to NV */ - if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_entropy_func(ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { + return ret; + } - if( mbedtls_nv_seed_write( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 ) - return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR ); + if (mbedtls_nv_seed_write(buf, MBEDTLS_ENTROPY_BLOCK_SIZE) < 0) { + return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; + } /* Manually update the remaining stream with a separator value to diverge */ - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); - ret = mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); + ret = mbedtls_entropy_update_manual(ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE); - return( ret ); + return ret; } #endif /* MBEDTLS_ENTROPY_NV_SEED */ #if defined(MBEDTLS_FS_IO) -int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path ) +int mbedtls_entropy_write_seed_file(mbedtls_entropy_context *ctx, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; FILE *f = NULL; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) - { + if ((ret = mbedtls_entropy_func(ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; goto exit; } - if( ( f = fopen( path, "wb" ) ) == NULL ) - { + if ((f = fopen(path, "wb")) == NULL) { ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; goto exit; } - if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE ) - { + if (fwrite(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) != MBEDTLS_ENTROPY_BLOCK_SIZE) { ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; goto exit; } @@ -487,44 +509,49 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p ret = 0; exit: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); - if( f != NULL ) - fclose( f ); + if (f != NULL) { + fclose(f); + } - return( ret ); + return ret; } -int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path ) +int mbedtls_entropy_update_seed_file(mbedtls_entropy_context *ctx, const char *path) { int ret = 0; FILE *f; size_t n; - unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ]; + unsigned char buf[MBEDTLS_ENTROPY_MAX_SEED_SIZE]; - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR ); + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; + } - fseek( f, 0, SEEK_END ); - n = (size_t) ftell( f ); - fseek( f, 0, SEEK_SET ); + fseek(f, 0, SEEK_END); + n = (size_t) ftell(f); + fseek(f, 0, SEEK_SET); - if( n > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) + if (n > MBEDTLS_ENTROPY_MAX_SEED_SIZE) { n = MBEDTLS_ENTROPY_MAX_SEED_SIZE; + } - if( fread( buf, 1, n, f ) != n ) + if (fread(buf, 1, n, f) != n) { ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; - else - ret = mbedtls_entropy_update_manual( ctx, buf, n ); + } else { + ret = mbedtls_entropy_update_manual(ctx, buf, n); + } - fclose( f ); + fclose(f); - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); - if( ret != 0 ) - return( ret ); + if (ret != 0) { + return ret; + } - return( mbedtls_entropy_write_seed_file( ctx, path ) ); + return mbedtls_entropy_write_seed_file(ctx, path); } #endif /* MBEDTLS_FS_IO */ @@ -533,60 +560,58 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char * /* * Dummy source function */ -static int entropy_dummy_source( void *data, unsigned char *output, - size_t len, size_t *olen ) +static int entropy_dummy_source(void *data, unsigned char *output, + size_t len, size_t *olen) { ((void) data); - memset( output, 0x2a, len ); + memset(output, 0x2a, len); *olen = len; - return( 0 ); + return 0; } #endif /* !MBEDTLS_TEST_NULL_ENTROPY */ #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) -static int mbedtls_entropy_source_self_test_gather( unsigned char *buf, size_t buf_len ) +static int mbedtls_entropy_source_self_test_gather(unsigned char *buf, size_t buf_len) { int ret = 0; size_t entropy_len = 0; size_t olen = 0; size_t attempts = buf_len; - while( attempts > 0 && entropy_len < buf_len ) - { - if( ( ret = mbedtls_hardware_poll( NULL, buf + entropy_len, - buf_len - entropy_len, &olen ) ) != 0 ) - return( ret ); + while (attempts > 0 && entropy_len < buf_len) { + if ((ret = mbedtls_hardware_poll(NULL, buf + entropy_len, + buf_len - entropy_len, &olen)) != 0) { + return ret; + } entropy_len += olen; attempts--; } - if( entropy_len < buf_len ) - { + if (entropy_len < buf_len) { ret = 1; } - return( ret ); + return ret; } -static int mbedtls_entropy_source_self_test_check_bits( const unsigned char *buf, - size_t buf_len ) +static int mbedtls_entropy_source_self_test_check_bits(const unsigned char *buf, + size_t buf_len) { - unsigned char set= 0xFF; + unsigned char set = 0xFF; unsigned char unset = 0x00; size_t i; - for( i = 0; i < buf_len; i++ ) - { + for (i = 0; i < buf_len; i++) { set &= buf[i]; unset |= buf[i]; } - return( set == 0xFF || unset == 0x00 ); + return set == 0xFF || unset == 0x00; } /* @@ -600,45 +625,50 @@ static int mbedtls_entropy_source_self_test_check_bits( const unsigned char *buf * are not equal. * - The error code returned by the entropy source is not an error. */ -int mbedtls_entropy_source_self_test( int verbose ) +int mbedtls_entropy_source_self_test(int verbose) { int ret = 0; - unsigned char buf0[2 * sizeof( unsigned long long int )]; - unsigned char buf1[2 * sizeof( unsigned long long int )]; + unsigned char buf0[2 * sizeof(unsigned long long int)]; + unsigned char buf1[2 * sizeof(unsigned long long int)]; - if( verbose != 0 ) - mbedtls_printf( " ENTROPY_BIAS test: " ); + if (verbose != 0) { + mbedtls_printf(" ENTROPY_BIAS test: "); + } - memset( buf0, 0x00, sizeof( buf0 ) ); - memset( buf1, 0x00, sizeof( buf1 ) ); + memset(buf0, 0x00, sizeof(buf0)); + memset(buf1, 0x00, sizeof(buf1)); - if( ( ret = mbedtls_entropy_source_self_test_gather( buf0, sizeof( buf0 ) ) ) != 0 ) + if ((ret = mbedtls_entropy_source_self_test_gather(buf0, sizeof(buf0))) != 0) { goto cleanup; - if( ( ret = mbedtls_entropy_source_self_test_gather( buf1, sizeof( buf1 ) ) ) != 0 ) + } + if ((ret = mbedtls_entropy_source_self_test_gather(buf1, sizeof(buf1))) != 0) { goto cleanup; + } /* Make sure that the returned values are not all 0 or 1 */ - if( ( ret = mbedtls_entropy_source_self_test_check_bits( buf0, sizeof( buf0 ) ) ) != 0 ) + if ((ret = mbedtls_entropy_source_self_test_check_bits(buf0, sizeof(buf0))) != 0) { goto cleanup; - if( ( ret = mbedtls_entropy_source_self_test_check_bits( buf1, sizeof( buf1 ) ) ) != 0 ) + } + if ((ret = mbedtls_entropy_source_self_test_check_bits(buf1, sizeof(buf1))) != 0) { goto cleanup; + } /* Make sure that the entropy source is not returning values in a * pattern */ - ret = memcmp( buf0, buf1, sizeof( buf0 ) ) == 0; + ret = memcmp(buf0, buf1, sizeof(buf0)) == 0; cleanup: - if( verbose != 0 ) - { - if( ret != 0 ) - mbedtls_printf( "failed\n" ); - else - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + if (ret != 0) { + mbedtls_printf("failed\n"); + } else { + mbedtls_printf("passed\n"); + } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); } - return( ret != 0 ); + return ret != 0; } #endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ @@ -648,7 +678,7 @@ int mbedtls_entropy_source_self_test( int verbose ) * test that the functions don't cause errors and write the correct * amount of data to buffers. */ -int mbedtls_entropy_self_test( int verbose ) +int mbedtls_entropy_self_test(int verbose) { int ret = 1; #if !defined(MBEDTLS_TEST_NULL_ENTROPY) @@ -658,23 +688,27 @@ int mbedtls_entropy_self_test( int verbose ) size_t i, j; #endif /* !MBEDTLS_TEST_NULL_ENTROPY */ - if( verbose != 0 ) - mbedtls_printf( " ENTROPY test: " ); + if (verbose != 0) { + mbedtls_printf(" ENTROPY test: "); + } #if !defined(MBEDTLS_TEST_NULL_ENTROPY) - mbedtls_entropy_init( &ctx ); + mbedtls_entropy_init(&ctx); /* First do a gather to make sure we have default sources */ - if( ( ret = mbedtls_entropy_gather( &ctx ) ) != 0 ) + if ((ret = mbedtls_entropy_gather(&ctx)) != 0) { goto cleanup; + } - ret = mbedtls_entropy_add_source( &ctx, entropy_dummy_source, NULL, 16, - MBEDTLS_ENTROPY_SOURCE_WEAK ); - if( ret != 0 ) + ret = mbedtls_entropy_add_source(&ctx, entropy_dummy_source, NULL, 16, + MBEDTLS_ENTROPY_SOURCE_WEAK); + if (ret != 0) { goto cleanup; + } - if( ( ret = mbedtls_entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 ) + if ((ret = mbedtls_entropy_update_manual(&ctx, buf, sizeof buf)) != 0) { goto cleanup; + } /* * To test that mbedtls_entropy_func writes correct number of bytes: @@ -684,44 +718,44 @@ int mbedtls_entropy_self_test( int verbose ) * each of the 32 or 64 bytes to be non-zero has a false failure rate * of at most 2^(-58) which is acceptable. */ - for( i = 0; i < 8; i++ ) - { - if( ( ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 ) + for (i = 0; i < 8; i++) { + if ((ret = mbedtls_entropy_func(&ctx, buf, sizeof(buf))) != 0) { goto cleanup; + } - for( j = 0; j < sizeof( buf ); j++ ) + for (j = 0; j < sizeof(buf); j++) { acc[j] |= buf[j]; + } } - for( j = 0; j < sizeof( buf ); j++ ) - { - if( acc[j] == 0 ) - { + for (j = 0; j < sizeof(buf); j++) { + if (acc[j] == 0) { ret = 1; goto cleanup; } } #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - if( ( ret = mbedtls_entropy_source_self_test( 0 ) ) != 0 ) + if ((ret = mbedtls_entropy_source_self_test(0)) != 0) { goto cleanup; + } #endif cleanup: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); #endif /* !MBEDTLS_TEST_NULL_ENTROPY */ - if( verbose != 0 ) - { - if( ret != 0 ) - mbedtls_printf( "failed\n" ); - else - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + if (ret != 0) { + mbedtls_printf("failed\n"); + } else { + mbedtls_printf("passed\n"); + } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); } - return( ret != 0 ); + return ret != 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/entropy_poll.c b/library/entropy_poll.c index a858c1892b3c..3420616a06c6 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -45,7 +45,8 @@ #if !defined(unix) && !defined(__unix__) && !defined(__unix) && \ !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \ !defined(__HAIKU__) && !defined(__midipix__) -#error "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h" +#error \ + "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h" #endif #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -56,29 +57,27 @@ #include #include -int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len, - size_t *olen ) +int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len, + size_t *olen) { HCRYPTPROV provider; ((void) data); *olen = 0; - if( CryptAcquireContext( &provider, NULL, NULL, - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE ) - { - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (CryptAcquireContext(&provider, NULL, NULL, + PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) == FALSE) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } - if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE ) - { - CryptReleaseContext( provider, 0 ); - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (CryptGenRandom(provider, (DWORD) len, output) == FALSE) { + CryptReleaseContext(provider, 0); + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } - CryptReleaseContext( provider, 0 ); + CryptReleaseContext(provider, 0); *olen = len; - return( 0 ); + return 0; } #else /* _WIN32 && !EFIX64 && !EFI32 */ @@ -94,15 +93,15 @@ int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len #define HAVE_GETRANDOM #include -static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) +static int getrandom_wrapper(void *buf, size_t buflen, unsigned int flags) { /* MemSan cannot understand that the syscall writes to the buffer */ #if defined(__has_feature) #if __has_feature(memory_sanitizer) - memset( buf, 0, buflen ); + memset(buf, 0, buflen); #endif #endif - return( syscall( SYS_getrandom, buf, buflen, flags ) ); + return syscall(SYS_getrandom, buf, buflen, flags); } #endif /* SYS_getrandom */ #endif /* __linux__ || __midipix__ */ @@ -114,9 +113,9 @@ static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) #include #include #define HAVE_GETRANDOM -static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) +static int getrandom_wrapper(void *buf, size_t buflen, unsigned int flags) { - return getrandom( buf, buflen, flags ); + return getrandom(buf, buflen, flags); } #endif /* (__FreeBSD__ && __FreeBSD_version >= 1200000) || (__DragonFly__ && __DragonFly_version >= 500700) */ @@ -136,7 +135,7 @@ static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) #if defined(KERN_ARND) #define HAVE_SYSCTL_ARND -static int sysctl_arnd_wrapper( unsigned char *buf, size_t buflen ) +static int sysctl_arnd_wrapper(unsigned char *buf, size_t buflen) { int name[2]; size_t len; @@ -144,23 +143,23 @@ static int sysctl_arnd_wrapper( unsigned char *buf, size_t buflen ) name[0] = CTL_KERN; name[1] = KERN_ARND; - while( buflen > 0 ) - { + while (buflen > 0) { len = buflen > 256 ? 256 : buflen; - if( sysctl(name, 2, buf, &len, NULL, 0) == -1 ) - return( -1 ); + if (sysctl(name, 2, buf, &len, NULL, 0) == -1) { + return -1; + } buflen -= len; buf += len; } - return( 0 ); + return 0; } #endif /* KERN_ARND */ #endif /* __FreeBSD__ || __NetBSD__ */ #include -int mbedtls_platform_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) +int mbedtls_platform_entropy_poll(void *data, + unsigned char *output, size_t len, size_t *olen) { FILE *file; size_t read_len; @@ -168,14 +167,13 @@ int mbedtls_platform_entropy_poll( void *data, ((void) data); #if defined(HAVE_GETRANDOM) - ret = getrandom_wrapper( output, len, 0 ); - if( ret >= 0 ) - { + ret = getrandom_wrapper(output, len, 0); + if (ret >= 0) { *olen = ret; - return( 0 ); + return 0; + } else if (errno != ENOSYS) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } - else if( errno != ENOSYS ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); /* Fall through if the system call isn't known. */ #else ((void) ret); @@ -184,105 +182,111 @@ int mbedtls_platform_entropy_poll( void *data, #if defined(HAVE_SYSCTL_ARND) ((void) file); ((void) read_len); - if( sysctl_arnd_wrapper( output, len ) == -1 ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (sysctl_arnd_wrapper(output, len) == -1) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } *olen = len; - return( 0 ); + return 0; #else *olen = 0; - file = fopen( "/dev/urandom", "rb" ); - if( file == NULL ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + file = fopen("/dev/urandom", "rb"); + if (file == NULL) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } - read_len = fread( output, 1, len, file ); - if( read_len != len ) - { - fclose( file ); - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + read_len = fread(output, 1, len, file); + if (read_len != len) { + fclose(file); + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } - fclose( file ); + fclose(file); *olen = len; - return( 0 ); + return 0; #endif /* HAVE_SYSCTL_ARND */ } #endif /* _WIN32 && !EFIX64 && !EFI32 */ #endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */ #if defined(MBEDTLS_TEST_NULL_ENTROPY) -int mbedtls_null_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) +int mbedtls_null_entropy_poll(void *data, + unsigned char *output, size_t len, size_t *olen) { ((void) data); ((void) output); *olen = 0; - if( len < sizeof(unsigned char) ) - return( 0 ); + if (len < sizeof(unsigned char)) { + return 0; + } output[0] = 0; *olen = sizeof(unsigned char); - return( 0 ); + return 0; } #endif #if defined(MBEDTLS_TIMING_C) -int mbedtls_hardclock_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) +int mbedtls_hardclock_poll(void *data, + unsigned char *output, size_t len, size_t *olen) { unsigned long timer = mbedtls_timing_hardclock(); ((void) data); *olen = 0; - if( len < sizeof(unsigned long) ) - return( 0 ); + if (len < sizeof(unsigned long)) { + return 0; + } - memcpy( output, &timer, sizeof(unsigned long) ); + memcpy(output, &timer, sizeof(unsigned long)); *olen = sizeof(unsigned long); - return( 0 ); + return 0; } #endif /* MBEDTLS_TIMING_C */ #if defined(MBEDTLS_HAVEGE_C) -int mbedtls_havege_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) +int mbedtls_havege_poll(void *data, + unsigned char *output, size_t len, size_t *olen) { mbedtls_havege_state *hs = (mbedtls_havege_state *) data; *olen = 0; - if( mbedtls_havege_random( hs, output, len ) != 0 ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (mbedtls_havege_random(hs, output, len) != 0) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } *olen = len; - return( 0 ); + return 0; } #endif /* MBEDTLS_HAVEGE_C */ #if defined(MBEDTLS_ENTROPY_NV_SEED) -int mbedtls_nv_seed_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) +int mbedtls_nv_seed_poll(void *data, + unsigned char *output, size_t len, size_t *olen) { unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; size_t use_len = MBEDTLS_ENTROPY_BLOCK_SIZE; ((void) data); - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); - if( mbedtls_nv_seed_read( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (mbedtls_nv_seed_read(buf, MBEDTLS_ENTROPY_BLOCK_SIZE) < 0) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } - if( len < use_len ) - use_len = len; + if (len < use_len) { + use_len = len; + } - memcpy( output, buf, use_len ); + memcpy(output, buf, use_len); *olen = use_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_ENTROPY_NV_SEED */ diff --git a/library/gcm.c b/library/gcm.c index d0b73379a617..f7db0d42df7b 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -45,18 +45,18 @@ #if !defined(MBEDTLS_GCM_ALT) /* Parameter validation macros */ -#define GCM_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_GCM_BAD_INPUT ) -#define GCM_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define GCM_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_GCM_BAD_INPUT) +#define GCM_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) /* * Initialize a context */ -void mbedtls_gcm_init( mbedtls_gcm_context *ctx ) +void mbedtls_gcm_init(mbedtls_gcm_context *ctx) { - GCM_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_gcm_context ) ); + GCM_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_gcm_context)); } /* @@ -67,7 +67,7 @@ void mbedtls_gcm_init( mbedtls_gcm_context *ctx ) * is the high-order bit of HH corresponds to P^0 and the low-order bit of HL * corresponds to P^127. */ -static int gcm_gen_table( mbedtls_gcm_context *ctx ) +static int gcm_gen_table(mbedtls_gcm_context *ctx) { int ret, i, j; uint64_t hi, lo; @@ -75,17 +75,18 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx ) unsigned char h[16]; size_t olen = 0; - memset( h, 0, 16 ); - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 ) - return( ret ); + memset(h, 0, 16); + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen)) != 0) { + return ret; + } /* pack h as two 64-bits ints, big-endian */ - hi = MBEDTLS_GET_UINT32_BE( h, 0 ); - lo = MBEDTLS_GET_UINT32_BE( h, 4 ); + hi = MBEDTLS_GET_UINT32_BE(h, 0); + lo = MBEDTLS_GET_UINT32_BE(h, 4); vh = (uint64_t) hi << 32 | lo; - hi = MBEDTLS_GET_UINT32_BE( h, 8 ); - lo = MBEDTLS_GET_UINT32_BE( h, 12 ); + hi = MBEDTLS_GET_UINT32_BE(h, 8); + lo = MBEDTLS_GET_UINT32_BE(h, 12); vl = (uint64_t) hi << 32 | lo; /* 8 = 1000 corresponds to 1 in GF(2^128) */ @@ -94,74 +95,75 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx ) #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) /* With CLMUL support, we need only h, not the rest of the table */ - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) - return( 0 ); + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) { + return 0; + } #endif /* 0 corresponds to 0 in GF(2^128) */ ctx->HH[0] = 0; ctx->HL[0] = 0; - for( i = 4; i > 0; i >>= 1 ) - { - uint32_t T = ( vl & 1 ) * 0xe1000000U; - vl = ( vh << 63 ) | ( vl >> 1 ); - vh = ( vh >> 1 ) ^ ( (uint64_t) T << 32); + for (i = 4; i > 0; i >>= 1) { + uint32_t T = (vl & 1) * 0xe1000000U; + vl = (vh << 63) | (vl >> 1); + vh = (vh >> 1) ^ ((uint64_t) T << 32); ctx->HL[i] = vl; ctx->HH[i] = vh; } - for( i = 2; i <= 8; i *= 2 ) - { + for (i = 2; i <= 8; i *= 2) { uint64_t *HiL = ctx->HL + i, *HiH = ctx->HH + i; vh = *HiH; vl = *HiL; - for( j = 1; j < i; j++ ) - { + for (j = 1; j < i; j++) { HiH[j] = vh ^ ctx->HH[j]; HiL[j] = vl ^ ctx->HL[j]; } } - return( 0 ); + return 0; } -int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, - mbedtls_cipher_id_t cipher, - const unsigned char *key, - unsigned int keybits ) +int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; - GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( key != NULL ); - GCM_VALIDATE_RET( keybits == 128 || keybits == 192 || keybits == 256 ); + GCM_VALIDATE_RET(ctx != NULL); + GCM_VALIDATE_RET(key != NULL); + GCM_VALIDATE_RET(keybits == 128 || keybits == 192 || keybits == 256); - cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, - MBEDTLS_MODE_ECB ); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_GCM_BAD_INPUT ); + cipher_info = mbedtls_cipher_info_from_values(cipher, keybits, + MBEDTLS_MODE_ECB); + if (cipher_info == NULL) { + return MBEDTLS_ERR_GCM_BAD_INPUT; + } - if( cipher_info->block_size != 16 ) - return( MBEDTLS_ERR_GCM_BAD_INPUT ); + if (cipher_info->block_size != 16) { + return MBEDTLS_ERR_GCM_BAD_INPUT; + } - mbedtls_cipher_free( &ctx->cipher_ctx ); + mbedtls_cipher_free(&ctx->cipher_ctx); - if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) { + return ret; + } - if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits, - MBEDTLS_ENCRYPT ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits, + MBEDTLS_ENCRYPT)) != 0) { + return ret; } - if( ( ret = gcm_gen_table( ctx ) ) != 0 ) - return( ret ); + if ((ret = gcm_gen_table(ctx)) != 0) { + return ret; + } - return( 0 ); + return 0; } /* @@ -181,23 +183,23 @@ static const uint64_t last4[16] = * Sets output to x times H using the precomputed tables. * x and output are seen as elements of GF(2^128) as in [MGV]. */ -static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], - unsigned char output[16] ) +static void gcm_mult(mbedtls_gcm_context *ctx, const unsigned char x[16], + unsigned char output[16]) { int i = 0; unsigned char lo, hi, rem; uint64_t zh, zl; #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) { + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) { unsigned char h[16]; - MBEDTLS_PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 ); - MBEDTLS_PUT_UINT32_BE( ctx->HH[8], h, 4 ); - MBEDTLS_PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 ); - MBEDTLS_PUT_UINT32_BE( ctx->HL[8], h, 12 ); + MBEDTLS_PUT_UINT32_BE(ctx->HH[8] >> 32, h, 0); + MBEDTLS_PUT_UINT32_BE(ctx->HH[8], h, 4); + MBEDTLS_PUT_UINT32_BE(ctx->HL[8] >> 32, h, 8); + MBEDTLS_PUT_UINT32_BE(ctx->HL[8], h, 12); - mbedtls_aesni_gcm_mult( output, x, h ); + mbedtls_aesni_gcm_mult(output, x, h); return; } #endif /* MBEDTLS_AESNI_C && MBEDTLS_HAVE_X86_64 */ @@ -207,16 +209,14 @@ static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], zh = ctx->HH[lo]; zl = ctx->HL[lo]; - for( i = 15; i >= 0; i-- ) - { + for (i = 15; i >= 0; i--) { lo = x[i] & 0xf; - hi = ( x[i] >> 4 ) & 0xf; + hi = (x[i] >> 4) & 0xf; - if( i != 15 ) - { + if (i != 15) { rem = (unsigned char) zl & 0xf; - zl = ( zh << 60 ) | ( zl >> 4 ); - zh = ( zh >> 4 ); + zl = (zh << 60) | (zl >> 4); + zh = (zh >> 4); zh ^= (uint64_t) last4[rem] << 48; zh ^= ctx->HH[lo]; zl ^= ctx->HL[lo]; @@ -224,25 +224,25 @@ static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], } rem = (unsigned char) zl & 0xf; - zl = ( zh << 60 ) | ( zl >> 4 ); - zh = ( zh >> 4 ); + zl = (zh << 60) | (zl >> 4); + zh = (zh >> 4); zh ^= (uint64_t) last4[rem] << 48; zh ^= ctx->HH[hi]; zl ^= ctx->HL[hi]; } - MBEDTLS_PUT_UINT32_BE( zh >> 32, output, 0 ); - MBEDTLS_PUT_UINT32_BE( zh, output, 4 ); - MBEDTLS_PUT_UINT32_BE( zl >> 32, output, 8 ); - MBEDTLS_PUT_UINT32_BE( zl, output, 12 ); + MBEDTLS_PUT_UINT32_BE(zh >> 32, output, 0); + MBEDTLS_PUT_UINT32_BE(zh, output, 4); + MBEDTLS_PUT_UINT32_BE(zl >> 32, output, 8); + MBEDTLS_PUT_UINT32_BE(zl, output, 12); } -int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, - int mode, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len ) +int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, + int mode, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char work_buf[16]; @@ -251,85 +251,81 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, size_t use_len, olen = 0; uint64_t iv_bits; - GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( iv != NULL ); - GCM_VALIDATE_RET( add_len == 0 || add != NULL ); + GCM_VALIDATE_RET(ctx != NULL); + GCM_VALIDATE_RET(iv != NULL); + GCM_VALIDATE_RET(add_len == 0 || add != NULL); /* IV and AD are limited to 2^64 bits, so 2^61 bytes */ /* IV is not allowed to be zero length */ - if( iv_len == 0 || - ( (uint64_t) iv_len ) >> 61 != 0 || - ( (uint64_t) add_len ) >> 61 != 0 ) - { - return( MBEDTLS_ERR_GCM_BAD_INPUT ); + if (iv_len == 0 || + ((uint64_t) iv_len) >> 61 != 0 || + ((uint64_t) add_len) >> 61 != 0) { + return MBEDTLS_ERR_GCM_BAD_INPUT; } - memset( ctx->y, 0x00, sizeof(ctx->y) ); - memset( ctx->buf, 0x00, sizeof(ctx->buf) ); + memset(ctx->y, 0x00, sizeof(ctx->y)); + memset(ctx->buf, 0x00, sizeof(ctx->buf)); ctx->mode = mode; ctx->len = 0; ctx->add_len = 0; - if( iv_len == 12 ) - { - memcpy( ctx->y, iv, iv_len ); + if (iv_len == 12) { + memcpy(ctx->y, iv, iv_len); ctx->y[15] = 1; - } - else - { - memset( work_buf, 0x00, 16 ); - iv_bits = (uint64_t)iv_len * 8; - MBEDTLS_PUT_UINT64_BE( iv_bits, work_buf, 8 ); + } else { + memset(work_buf, 0x00, 16); + iv_bits = (uint64_t) iv_len * 8; + MBEDTLS_PUT_UINT64_BE(iv_bits, work_buf, 8); p = iv; - while( iv_len > 0 ) - { - use_len = ( iv_len < 16 ) ? iv_len : 16; + while (iv_len > 0) { + use_len = (iv_len < 16) ? iv_len : 16; - for( i = 0; i < use_len; i++ ) + for (i = 0; i < use_len; i++) { ctx->y[i] ^= p[i]; + } - gcm_mult( ctx, ctx->y, ctx->y ); + gcm_mult(ctx, ctx->y, ctx->y); iv_len -= use_len; p += use_len; } - for( i = 0; i < 16; i++ ) + for (i = 0; i < 16; i++) { ctx->y[i] ^= work_buf[i]; + } - gcm_mult( ctx, ctx->y, ctx->y ); + gcm_mult(ctx, ctx->y, ctx->y); } - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, - ctx->base_ectr, &olen ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, + ctx->base_ectr, &olen)) != 0) { + return ret; } ctx->add_len = add_len; p = add; - while( add_len > 0 ) - { - use_len = ( add_len < 16 ) ? add_len : 16; + while (add_len > 0) { + use_len = (add_len < 16) ? add_len : 16; - for( i = 0; i < use_len; i++ ) + for (i = 0; i < use_len; i++) { ctx->buf[i] ^= p[i]; + } - gcm_mult( ctx, ctx->buf, ctx->buf ); + gcm_mult(ctx, ctx->buf, ctx->buf); add_len -= use_len; p += use_len; } - return( 0 ); + return 0; } -int mbedtls_gcm_update( mbedtls_gcm_context *ctx, - size_t length, - const unsigned char *input, - unsigned char *output ) +int mbedtls_gcm_update(mbedtls_gcm_context *ctx, + size_t length, + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char ectr[16]; @@ -338,180 +334,186 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, unsigned char *out_p = output; size_t use_len, olen = 0; - GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( length == 0 || input != NULL ); - GCM_VALIDATE_RET( length == 0 || output != NULL ); + GCM_VALIDATE_RET(ctx != NULL); + GCM_VALIDATE_RET(length == 0 || input != NULL); + GCM_VALIDATE_RET(length == 0 || output != NULL); - if( output > input && (size_t) ( output - input ) < length ) - return( MBEDTLS_ERR_GCM_BAD_INPUT ); + if (output > input && (size_t) (output - input) < length) { + return MBEDTLS_ERR_GCM_BAD_INPUT; + } /* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes * Also check for possible overflow */ - if( ctx->len + length < ctx->len || - (uint64_t) ctx->len + length > 0xFFFFFFFE0ull ) - { - return( MBEDTLS_ERR_GCM_BAD_INPUT ); + if (ctx->len + length < ctx->len || + (uint64_t) ctx->len + length > 0xFFFFFFFE0ull) { + return MBEDTLS_ERR_GCM_BAD_INPUT; } ctx->len += length; p = input; - while( length > 0 ) - { - use_len = ( length < 16 ) ? length : 16; + while (length > 0) { + use_len = (length < 16) ? length : 16; - for( i = 16; i > 12; i-- ) - if( ++ctx->y[i - 1] != 0 ) + for (i = 16; i > 12; i--) { + if (++ctx->y[i - 1] != 0) { break; + } + } - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr, - &olen ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ectr, + &olen)) != 0) { + return ret; } - for( i = 0; i < use_len; i++ ) - { - if( ctx->mode == MBEDTLS_GCM_DECRYPT ) + for (i = 0; i < use_len; i++) { + if (ctx->mode == MBEDTLS_GCM_DECRYPT) { ctx->buf[i] ^= p[i]; + } out_p[i] = ectr[i] ^ p[i]; - if( ctx->mode == MBEDTLS_GCM_ENCRYPT ) + if (ctx->mode == MBEDTLS_GCM_ENCRYPT) { ctx->buf[i] ^= out_p[i]; + } } - gcm_mult( ctx, ctx->buf, ctx->buf ); + gcm_mult(ctx, ctx->buf, ctx->buf); length -= use_len; p += use_len; out_p += use_len; } - return( 0 ); + return 0; } -int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, - unsigned char *tag, - size_t tag_len ) +int mbedtls_gcm_finish(mbedtls_gcm_context *ctx, + unsigned char *tag, + size_t tag_len) { unsigned char work_buf[16]; size_t i; uint64_t orig_len; uint64_t orig_add_len; - GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( tag != NULL ); + GCM_VALIDATE_RET(ctx != NULL); + GCM_VALIDATE_RET(tag != NULL); orig_len = ctx->len * 8; orig_add_len = ctx->add_len * 8; - if( tag_len > 16 || tag_len < 4 ) - return( MBEDTLS_ERR_GCM_BAD_INPUT ); + if (tag_len > 16 || tag_len < 4) { + return MBEDTLS_ERR_GCM_BAD_INPUT; + } - memcpy( tag, ctx->base_ectr, tag_len ); + memcpy(tag, ctx->base_ectr, tag_len); - if( orig_len || orig_add_len ) - { - memset( work_buf, 0x00, 16 ); + if (orig_len || orig_add_len) { + memset(work_buf, 0x00, 16); - MBEDTLS_PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 ); - MBEDTLS_PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 ); - MBEDTLS_PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 ); - MBEDTLS_PUT_UINT32_BE( ( orig_len ), work_buf, 12 ); + MBEDTLS_PUT_UINT32_BE((orig_add_len >> 32), work_buf, 0); + MBEDTLS_PUT_UINT32_BE((orig_add_len), work_buf, 4); + MBEDTLS_PUT_UINT32_BE((orig_len >> 32), work_buf, 8); + MBEDTLS_PUT_UINT32_BE((orig_len), work_buf, 12); - for( i = 0; i < 16; i++ ) + for (i = 0; i < 16; i++) { ctx->buf[i] ^= work_buf[i]; + } - gcm_mult( ctx, ctx->buf, ctx->buf ); + gcm_mult(ctx, ctx->buf, ctx->buf); - for( i = 0; i < tag_len; i++ ) + for (i = 0; i < tag_len; i++) { tag[i] ^= ctx->buf[i]; + } } - return( 0 ); + return 0; } -int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, - int mode, - size_t length, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len, - const unsigned char *input, - unsigned char *output, - size_t tag_len, - unsigned char *tag ) +int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx, + int mode, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *input, + unsigned char *output, + size_t tag_len, + unsigned char *tag) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( iv != NULL ); - GCM_VALIDATE_RET( add_len == 0 || add != NULL ); - GCM_VALIDATE_RET( length == 0 || input != NULL ); - GCM_VALIDATE_RET( length == 0 || output != NULL ); - GCM_VALIDATE_RET( tag != NULL ); + GCM_VALIDATE_RET(ctx != NULL); + GCM_VALIDATE_RET(iv != NULL); + GCM_VALIDATE_RET(add_len == 0 || add != NULL); + GCM_VALIDATE_RET(length == 0 || input != NULL); + GCM_VALIDATE_RET(length == 0 || output != NULL); + GCM_VALIDATE_RET(tag != NULL); - if( ( ret = mbedtls_gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_gcm_starts(ctx, mode, iv, iv_len, add, add_len)) != 0) { + return ret; + } - if( ( ret = mbedtls_gcm_update( ctx, length, input, output ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_gcm_update(ctx, length, input, output)) != 0) { + return ret; + } - if( ( ret = mbedtls_gcm_finish( ctx, tag, tag_len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_gcm_finish(ctx, tag, tag_len)) != 0) { + return ret; + } - return( 0 ); + return 0; } -int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, - size_t length, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len, - const unsigned char *tag, - size_t tag_len, - const unsigned char *input, - unsigned char *output ) +int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *tag, + size_t tag_len, + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; size_t i; int diff; - GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( iv != NULL ); - GCM_VALIDATE_RET( add_len == 0 || add != NULL ); - GCM_VALIDATE_RET( tag != NULL ); - GCM_VALIDATE_RET( length == 0 || input != NULL ); - GCM_VALIDATE_RET( length == 0 || output != NULL ); - - if( ( ret = mbedtls_gcm_crypt_and_tag( ctx, MBEDTLS_GCM_DECRYPT, length, - iv, iv_len, add, add_len, - input, output, tag_len, check_tag ) ) != 0 ) - { - return( ret ); + GCM_VALIDATE_RET(ctx != NULL); + GCM_VALIDATE_RET(iv != NULL); + GCM_VALIDATE_RET(add_len == 0 || add != NULL); + GCM_VALIDATE_RET(tag != NULL); + GCM_VALIDATE_RET(length == 0 || input != NULL); + GCM_VALIDATE_RET(length == 0 || output != NULL); + + if ((ret = mbedtls_gcm_crypt_and_tag(ctx, MBEDTLS_GCM_DECRYPT, length, + iv, iv_len, add, add_len, + input, output, tag_len, check_tag)) != 0) { + return ret; } /* Check tag in "constant-time" */ - for( diff = 0, i = 0; i < tag_len; i++ ) + for (diff = 0, i = 0; i < tag_len; i++) { diff |= tag[i] ^ check_tag[i]; + } - if( diff != 0 ) - { - mbedtls_platform_zeroize( output, length ); - return( MBEDTLS_ERR_GCM_AUTH_FAILED ); + if (diff != 0) { + mbedtls_platform_zeroize(output, length); + return MBEDTLS_ERR_GCM_AUTH_FAILED; } - return( 0 ); + return 0; } -void mbedtls_gcm_free( mbedtls_gcm_context *ctx ) +void mbedtls_gcm_free(mbedtls_gcm_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; - mbedtls_cipher_free( &ctx->cipher_ctx ); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_gcm_context ) ); + } + mbedtls_cipher_free(&ctx->cipher_ctx); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_gcm_context)); } #endif /* !MBEDTLS_GCM_ALT */ @@ -525,7 +527,7 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx ) #define MAX_TESTS 6 static const int key_index_test_data[MAX_TESTS] = - { 0, 0, 1, 1, 1, 1 }; +{ 0, 0, 1, 1, 1, 1 }; static const unsigned char key_test_data[MAX_TESTS][32] = { @@ -540,10 +542,10 @@ static const unsigned char key_test_data[MAX_TESTS][32] = }; static const size_t iv_len_test_data[MAX_TESTS] = - { 12, 12, 12, 12, 8, 60 }; +{ 12, 12, 12, 12, 8, 60 }; static const int iv_index_test_data[MAX_TESTS] = - { 0, 0, 1, 1, 1, 2 }; +{ 0, 0, 1, 1, 1, 2 }; static const unsigned char iv_test_data[MAX_TESTS][64] = { @@ -562,10 +564,10 @@ static const unsigned char iv_test_data[MAX_TESTS][64] = }; static const size_t add_len_test_data[MAX_TESTS] = - { 0, 0, 0, 20, 20, 20 }; +{ 0, 0, 0, 20, 20, 20 }; static const int add_index_test_data[MAX_TESTS] = - { 0, 0, 0, 1, 1, 1 }; +{ 0, 0, 0, 1, 1, 1 }; static const unsigned char additional_test_data[MAX_TESTS][64] = { @@ -576,10 +578,10 @@ static const unsigned char additional_test_data[MAX_TESTS][64] = }; static const size_t pt_len_test_data[MAX_TESTS] = - { 0, 16, 64, 60, 60, 60 }; +{ 0, 16, 64, 60, 60, 60 }; static const int pt_index_test_data[MAX_TESTS] = - { 0, 0, 1, 1, 1, 1 }; +{ 0, 0, 1, 1, 1, 1 }; static const unsigned char pt_test_data[MAX_TESTS][64] = { @@ -744,7 +746,7 @@ static const unsigned char tag_test_data[MAX_TESTS * 3][16] = 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a }, }; -int mbedtls_gcm_self_test( int verbose ) +int mbedtls_gcm_self_test(int verbose) { mbedtls_gcm_context ctx; unsigned char buf[64]; @@ -752,242 +754,250 @@ int mbedtls_gcm_self_test( int verbose ) int i, j, ret; mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES; - for( j = 0; j < 3; j++ ) - { + for (j = 0; j < 3; j++) { int key_len = 128 + 64 * j; - for( i = 0; i < MAX_TESTS; i++ ) - { - mbedtls_gcm_init( &ctx ); + for (i = 0; i < MAX_TESTS; i++) { + mbedtls_gcm_init(&ctx); - if( verbose != 0 ) - mbedtls_printf( " AES-GCM-%3d #%d (%s): ", - key_len, i, "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-GCM-%3d #%d (%s): ", + key_len, i, "enc"); + } - ret = mbedtls_gcm_setkey( &ctx, cipher, - key_test_data[key_index_test_data[i]], - key_len ); + ret = mbedtls_gcm_setkey(&ctx, cipher, + key_test_data[key_index_test_data[i]], + key_len); /* * AES-192 is an optional feature that may be unavailable when * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && key_len == 192 ) - { - mbedtls_printf( "skipped\n" ); + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && key_len == 192) { + mbedtls_printf("skipped\n"); break; - } - else if( ret != 0 ) - { + } else if (ret != 0) { goto exit; } - ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, - pt_len_test_data[i], - iv_test_data[iv_index_test_data[i]], - iv_len_test_data[i], - additional_test_data[add_index_test_data[i]], - add_len_test_data[i], - pt_test_data[pt_index_test_data[i]], - buf, 16, tag_buf ); + ret = mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, + pt_len_test_data[i], + iv_test_data[iv_index_test_data[i]], + iv_len_test_data[i], + additional_test_data[add_index_test_data[i]], + add_len_test_data[i], + pt_test_data[pt_index_test_data[i]], + buf, 16, tag_buf); #if defined(MBEDTLS_GCM_ALT) /* Allow alternative implementations to only support 12-byte nonces. */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && - iv_len_test_data[i] != 12 ) - { - mbedtls_printf( "skipped\n" ); + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && + iv_len_test_data[i] != 12) { + mbedtls_printf("skipped\n"); break; } #endif /* defined(MBEDTLS_GCM_ALT) */ - if( ret != 0 ) + if (ret != 0) { goto exit; + } - if ( memcmp( buf, ct_test_data[j * 6 + i], - pt_len_test_data[i] ) != 0 || - memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 ) - { + if (memcmp(buf, ct_test_data[j * 6 + i], + pt_len_test_data[i]) != 0 || + memcmp(tag_buf, tag_test_data[j * 6 + i], 16) != 0) { ret = 1; goto exit; } - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); - if( verbose != 0 ) - mbedtls_printf( " AES-GCM-%3d #%d (%s): ", - key_len, i, "dec" ); + if (verbose != 0) { + mbedtls_printf(" AES-GCM-%3d #%d (%s): ", + key_len, i, "dec"); + } - ret = mbedtls_gcm_setkey( &ctx, cipher, - key_test_data[key_index_test_data[i]], - key_len ); - if( ret != 0 ) + ret = mbedtls_gcm_setkey(&ctx, cipher, + key_test_data[key_index_test_data[i]], + key_len); + if (ret != 0) { goto exit; + } - ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT, - pt_len_test_data[i], - iv_test_data[iv_index_test_data[i]], - iv_len_test_data[i], - additional_test_data[add_index_test_data[i]], - add_len_test_data[i], - ct_test_data[j * 6 + i], buf, 16, tag_buf ); + ret = mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_DECRYPT, + pt_len_test_data[i], + iv_test_data[iv_index_test_data[i]], + iv_len_test_data[i], + additional_test_data[add_index_test_data[i]], + add_len_test_data[i], + ct_test_data[j * 6 + i], buf, 16, tag_buf); - if( ret != 0 ) + if (ret != 0) { goto exit; + } - if( memcmp( buf, pt_test_data[pt_index_test_data[i]], - pt_len_test_data[i] ) != 0 || - memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 ) - { + if (memcmp(buf, pt_test_data[pt_index_test_data[i]], + pt_len_test_data[i]) != 0 || + memcmp(tag_buf, tag_test_data[j * 6 + i], 16) != 0) { ret = 1; goto exit; } - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); - if( verbose != 0 ) - mbedtls_printf( " AES-GCM-%3d #%d split (%s): ", - key_len, i, "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-GCM-%3d #%d split (%s): ", + key_len, i, "enc"); + } - ret = mbedtls_gcm_setkey( &ctx, cipher, - key_test_data[key_index_test_data[i]], - key_len ); - if( ret != 0 ) + ret = mbedtls_gcm_setkey(&ctx, cipher, + key_test_data[key_index_test_data[i]], + key_len); + if (ret != 0) { goto exit; + } - ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT, - iv_test_data[iv_index_test_data[i]], - iv_len_test_data[i], - additional_test_data[add_index_test_data[i]], - add_len_test_data[i] ); - if( ret != 0 ) + ret = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_ENCRYPT, + iv_test_data[iv_index_test_data[i]], + iv_len_test_data[i], + additional_test_data[add_index_test_data[i]], + add_len_test_data[i]); + if (ret != 0) { goto exit; + } - if( pt_len_test_data[i] > 32 ) - { + if (pt_len_test_data[i] > 32) { size_t rest_len = pt_len_test_data[i] - 32; - ret = mbedtls_gcm_update( &ctx, 32, - pt_test_data[pt_index_test_data[i]], - buf ); - if( ret != 0 ) + ret = mbedtls_gcm_update(&ctx, 32, + pt_test_data[pt_index_test_data[i]], + buf); + if (ret != 0) { goto exit; + } - ret = mbedtls_gcm_update( &ctx, rest_len, - pt_test_data[pt_index_test_data[i]] + 32, - buf + 32 ); - if( ret != 0 ) + ret = mbedtls_gcm_update(&ctx, rest_len, + pt_test_data[pt_index_test_data[i]] + 32, + buf + 32); + if (ret != 0) { goto exit; - } - else - { - ret = mbedtls_gcm_update( &ctx, pt_len_test_data[i], - pt_test_data[pt_index_test_data[i]], - buf ); - if( ret != 0 ) + } + } else { + ret = mbedtls_gcm_update(&ctx, pt_len_test_data[i], + pt_test_data[pt_index_test_data[i]], + buf); + if (ret != 0) { goto exit; + } } - ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 ); - if( ret != 0 ) + ret = mbedtls_gcm_finish(&ctx, tag_buf, 16); + if (ret != 0) { goto exit; + } - if( memcmp( buf, ct_test_data[j * 6 + i], - pt_len_test_data[i] ) != 0 || - memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 ) - { + if (memcmp(buf, ct_test_data[j * 6 + i], + pt_len_test_data[i]) != 0 || + memcmp(tag_buf, tag_test_data[j * 6 + i], 16) != 0) { ret = 1; goto exit; } - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); - if( verbose != 0 ) - mbedtls_printf( " AES-GCM-%3d #%d split (%s): ", - key_len, i, "dec" ); + if (verbose != 0) { + mbedtls_printf(" AES-GCM-%3d #%d split (%s): ", + key_len, i, "dec"); + } - ret = mbedtls_gcm_setkey( &ctx, cipher, - key_test_data[key_index_test_data[i]], - key_len ); - if( ret != 0 ) + ret = mbedtls_gcm_setkey(&ctx, cipher, + key_test_data[key_index_test_data[i]], + key_len); + if (ret != 0) { goto exit; + } - ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT, - iv_test_data[iv_index_test_data[i]], - iv_len_test_data[i], - additional_test_data[add_index_test_data[i]], - add_len_test_data[i] ); - if( ret != 0 ) + ret = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, + iv_test_data[iv_index_test_data[i]], + iv_len_test_data[i], + additional_test_data[add_index_test_data[i]], + add_len_test_data[i]); + if (ret != 0) { goto exit; + } - if( pt_len_test_data[i] > 32 ) - { + if (pt_len_test_data[i] > 32) { size_t rest_len = pt_len_test_data[i] - 32; - ret = mbedtls_gcm_update( &ctx, 32, ct_test_data[j * 6 + i], - buf ); - if( ret != 0 ) + ret = mbedtls_gcm_update(&ctx, 32, ct_test_data[j * 6 + i], + buf); + if (ret != 0) { goto exit; + } - ret = mbedtls_gcm_update( &ctx, rest_len, - ct_test_data[j * 6 + i] + 32, - buf + 32 ); - if( ret != 0 ) + ret = mbedtls_gcm_update(&ctx, rest_len, + ct_test_data[j * 6 + i] + 32, + buf + 32); + if (ret != 0) { goto exit; - } - else - { - ret = mbedtls_gcm_update( &ctx, pt_len_test_data[i], - ct_test_data[j * 6 + i], - buf ); - if( ret != 0 ) + } + } else { + ret = mbedtls_gcm_update(&ctx, pt_len_test_data[i], + ct_test_data[j * 6 + i], + buf); + if (ret != 0) { goto exit; + } } - ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 ); - if( ret != 0 ) + ret = mbedtls_gcm_finish(&ctx, tag_buf, 16); + if (ret != 0) { goto exit; + } - if( memcmp( buf, pt_test_data[pt_index_test_data[i]], - pt_len_test_data[i] ) != 0 || - memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 ) - { + if (memcmp(buf, pt_test_data[pt_index_test_data[i]], + pt_len_test_data[i]) != 0 || + memcmp(tag_buf, tag_test_data[j * 6 + i], 16) != 0) { ret = 1; goto exit; } - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } ret = 0; exit: - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - mbedtls_gcm_free( &ctx ); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } + mbedtls_gcm_free(&ctx); } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ diff --git a/library/havege.c b/library/havege.c index 2a360a150ce0..c23cdad9a578 100644 --- a/library/havege.c +++ b/library/havege.c @@ -49,10 +49,10 @@ * ------------------------------------------------------------------------ */ -#define SWAP(X,Y) { uint32_t *T = (X); (X) = (Y); (Y) = T; } +#define SWAP(X, Y) { uint32_t *T = (X); (X) = (Y); (Y) = T; } -#define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1; -#define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1; +#define TST1_ENTER if (PTEST & 1) { PTEST ^= 3; PTEST >>= 1; +#define TST2_ENTER if (PTEST & 1) { PTEST ^= 3; PTEST >>= 1; #define TST1_LEAVE U1++; } #define TST2_LEAVE U2++; } @@ -69,14 +69,14 @@ TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \ TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \ \ - PTX = (PT1 >> 18) & 7; \ + PTX = (PT1 >> 18) & 7; \ PT1 &= 0x1FFF; \ PT2 &= 0x1FFF; \ CLK = (uint32_t) mbedtls_timing_hardclock(); \ \ i = 0; \ - A = &WALK[PT1 ]; RES[i++] ^= *A; \ - B = &WALK[PT2 ]; RES[i++] ^= *B; \ + A = &WALK[PT1]; RES[i++] ^= *A; \ + B = &WALK[PT2]; RES[i++] ^= *B; \ C = &WALK[PT1 ^ 1]; RES[i++] ^= *C; \ D = &WALK[PT2 ^ 4]; RES[i++] ^= *D; \ \ @@ -91,7 +91,7 @@ C = &WALK[PT1 ^ 3]; RES[i++] ^= *C; \ D = &WALK[PT2 ^ 6]; RES[i++] ^= *D; \ \ - if( PTEST & 1 ) SWAP( A, C ); \ + if (PTEST & 1) SWAP(A, C); \ \ IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \ *A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \ @@ -116,7 +116,7 @@ TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \ TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \ \ - C = &WALK[PT1 ^ 5]; \ + C = &WALK[PT1 ^ 5]; \ D = &WALK[PT2 ^ 5]; \ \ RES[i++] ^= *A; \ @@ -124,7 +124,7 @@ RES[i++] ^= *C; \ RES[i++] ^= *D; \ \ - IN = (*A >> ( 9)) ^ (*A << (23)) ^ CLK; \ + IN = (*A >> (9)) ^ (*A << (23)) ^ CLK; \ *A = (*B >> (10)) ^ (*B << (22)) ^ CLK; \ *B = IN ^ U2; \ *C = (*C >> (11)) ^ (*C << (21)) ^ CLK; \ @@ -141,17 +141,17 @@ *C = (*C >> (15)) ^ (*C << (17)) ^ CLK; \ *D = (*D >> (16)) ^ (*D << (16)) ^ CLK; \ \ - PT1 = ( RES[( i - 8 ) ^ PTX] ^ \ - WALK[PT1 ^ PTX ^ 7] ) & (~1); \ + PT1 = (RES[(i - 8) ^ PTX] ^ \ + WALK[PT1 ^ PTX ^ 7]) & (~1); \ PT1 ^= (PT2 ^ 0x10) & 0x10; \ \ - for( n++, i = 0; i < 16; i++ ) \ - hs->pool[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i]; + for (n++, i = 0; i < 16; i++) \ + hs->pool[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i]; /* * Entropy gathering function */ -static void havege_fill( mbedtls_havege_state *hs ) +static void havege_fill(mbedtls_havege_state *hs) { size_t n = 0; size_t i; @@ -166,16 +166,15 @@ static void havege_fill( mbedtls_havege_state *hs ) PTX = U1 = 0; PTY = U2 = 0; - (void)PTX; + (void) PTX; - memset( RES, 0, sizeof( RES ) ); + memset(RES, 0, sizeof(RES)); - while( n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4 ) - { - ONE_ITERATION + while (n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4) { ONE_ITERATION ONE_ITERATION ONE_ITERATION + ONE_ITERATION } hs->PT1 = PT1; @@ -188,50 +187,52 @@ static void havege_fill( mbedtls_havege_state *hs ) /* * HAVEGE initialization */ -void mbedtls_havege_init( mbedtls_havege_state *hs ) +void mbedtls_havege_init(mbedtls_havege_state *hs) { - memset( hs, 0, sizeof( mbedtls_havege_state ) ); + memset(hs, 0, sizeof(mbedtls_havege_state)); - havege_fill( hs ); + havege_fill(hs); } -void mbedtls_havege_free( mbedtls_havege_state *hs ) +void mbedtls_havege_free(mbedtls_havege_state *hs) { - if( hs == NULL ) + if (hs == NULL) { return; + } - mbedtls_platform_zeroize( hs, sizeof( mbedtls_havege_state ) ); + mbedtls_platform_zeroize(hs, sizeof(mbedtls_havege_state)); } /* * HAVEGE rand function */ -int mbedtls_havege_random( void *p_rng, unsigned char *buf, size_t len ) +int mbedtls_havege_random(void *p_rng, unsigned char *buf, size_t len) { uint32_t val; size_t use_len; mbedtls_havege_state *hs = (mbedtls_havege_state *) p_rng; unsigned char *p = buf; - while( len > 0 ) - { + while (len > 0) { use_len = len; - if( use_len > sizeof( val ) ) - use_len = sizeof( val ); + if (use_len > sizeof(val)) { + use_len = sizeof(val); + } - if( hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE ) - havege_fill( hs ); + if (hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE) { + havege_fill(hs); + } val = hs->pool[hs->offset[0]++]; val ^= hs->pool[hs->offset[1]++]; - memcpy( p, &val, use_len ); + memcpy(p, &val, use_len); len -= use_len; p += use_len; } - return( 0 ); + return 0; } #endif /* MBEDTLS_HAVEGE_C */ diff --git a/library/hkdf.c b/library/hkdf.c index 5013729d2a65..a3f071ecef46 100644 --- a/library/hkdf.c +++ b/library/hkdf.c @@ -25,47 +25,43 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" -int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, - size_t salt_len, const unsigned char *ikm, size_t ikm_len, - const unsigned char *info, size_t info_len, - unsigned char *okm, size_t okm_len ) +int mbedtls_hkdf(const mbedtls_md_info_t *md, const unsigned char *salt, + size_t salt_len, const unsigned char *ikm, size_t ikm_len, + const unsigned char *info, size_t info_len, + unsigned char *okm, size_t okm_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char prk[MBEDTLS_MD_MAX_SIZE]; - ret = mbedtls_hkdf_extract( md, salt, salt_len, ikm, ikm_len, prk ); + ret = mbedtls_hkdf_extract(md, salt, salt_len, ikm, ikm_len, prk); - if( ret == 0 ) - { - ret = mbedtls_hkdf_expand( md, prk, mbedtls_md_get_size( md ), - info, info_len, okm, okm_len ); + if (ret == 0) { + ret = mbedtls_hkdf_expand(md, prk, mbedtls_md_get_size(md), + info, info_len, okm, okm_len); } - mbedtls_platform_zeroize( prk, sizeof( prk ) ); + mbedtls_platform_zeroize(prk, sizeof(prk)); - return( ret ); + return ret; } -int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, - const unsigned char *salt, size_t salt_len, - const unsigned char *ikm, size_t ikm_len, - unsigned char *prk ) +int mbedtls_hkdf_extract(const mbedtls_md_info_t *md, + const unsigned char *salt, size_t salt_len, + const unsigned char *ikm, size_t ikm_len, + unsigned char *prk) { unsigned char null_salt[MBEDTLS_MD_MAX_SIZE] = { '\0' }; - if( salt == NULL ) - { + if (salt == NULL) { size_t hash_len; - if( salt_len != 0 ) - { + if (salt_len != 0) { return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA; } - hash_len = mbedtls_md_get_size( md ); + hash_len = mbedtls_md_get_size(md); - if( hash_len == 0 ) - { + if (hash_len == 0) { return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA; } @@ -73,12 +69,12 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, salt_len = hash_len; } - return( mbedtls_md_hmac( md, salt, salt_len, ikm, ikm_len, prk ) ); + return mbedtls_md_hmac(md, salt, salt_len, ikm, ikm_len, prk); } -int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, - size_t prk_len, const unsigned char *info, - size_t info_len, unsigned char *okm, size_t okm_len ) +int mbedtls_hkdf_expand(const mbedtls_md_info_t *md, const unsigned char *prk, + size_t prk_len, const unsigned char *info, + size_t info_len, unsigned char *okm, size_t okm_len) { size_t hash_len; size_t where = 0; @@ -89,28 +85,24 @@ int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, mbedtls_md_context_t ctx; unsigned char t[MBEDTLS_MD_MAX_SIZE]; - if( okm == NULL ) - { - return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA ); + if (okm == NULL) { + return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA; } - hash_len = mbedtls_md_get_size( md ); + hash_len = mbedtls_md_get_size(md); - if( prk_len < hash_len || hash_len == 0 ) - { - return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA ); + if (prk_len < hash_len || hash_len == 0) { + return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA; } - if( info == NULL ) - { + if (info == NULL) { info = (const unsigned char *) ""; info_len = 0; } n = okm_len / hash_len; - if( okm_len % hash_len != 0 ) - { + if (okm_len % hash_len != 0) { n++; } @@ -118,72 +110,64 @@ int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, * Per RFC 5869 Section 2.3, okm_len must not exceed * 255 times the hash length */ - if( n > 255 ) - { - return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA ); + if (n > 255) { + return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA; } - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); - if( ( ret = mbedtls_md_setup( &ctx, md, 1 ) ) != 0 ) - { + if ((ret = mbedtls_md_setup(&ctx, md, 1)) != 0) { goto exit; } - memset( t, 0, hash_len ); + memset(t, 0, hash_len); /* * Compute T = T(1) | T(2) | T(3) | ... | T(N) * Where T(N) is defined in RFC 5869 Section 2.3 */ - for( i = 1; i <= n; i++ ) - { + for (i = 1; i <= n; i++) { size_t num_to_copy; unsigned char c = i & 0xff; - ret = mbedtls_md_hmac_starts( &ctx, prk, prk_len ); - if( ret != 0 ) - { + ret = mbedtls_md_hmac_starts(&ctx, prk, prk_len); + if (ret != 0) { goto exit; } - ret = mbedtls_md_hmac_update( &ctx, t, t_len ); - if( ret != 0 ) - { + ret = mbedtls_md_hmac_update(&ctx, t, t_len); + if (ret != 0) { goto exit; } - ret = mbedtls_md_hmac_update( &ctx, info, info_len ); - if( ret != 0 ) - { + ret = mbedtls_md_hmac_update(&ctx, info, info_len); + if (ret != 0) { goto exit; } /* The constant concatenated to the end of each T(n) is a single octet. * */ - ret = mbedtls_md_hmac_update( &ctx, &c, 1 ); - if( ret != 0 ) - { + ret = mbedtls_md_hmac_update(&ctx, &c, 1); + if (ret != 0) { goto exit; } - ret = mbedtls_md_hmac_finish( &ctx, t ); - if( ret != 0 ) - { + ret = mbedtls_md_hmac_finish(&ctx, t); + if (ret != 0) { goto exit; } num_to_copy = i != n ? hash_len : okm_len - where; - memcpy( okm + where, t, num_to_copy ); + memcpy(okm + where, t, num_to_copy); where += hash_len; t_len = hash_len; } exit: - mbedtls_md_free( &ctx ); - mbedtls_platform_zeroize( t, sizeof( t ) ); + mbedtls_md_free(&ctx); + mbedtls_platform_zeroize(t, sizeof(t)); - return( ret ); + return ret; } #endif /* MBEDTLS_HKDF_C */ diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index 69272fa73d33..fabe00252a57 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -42,9 +42,9 @@ /* * HMAC_DRBG context initialization */ -void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ) +void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) ); + memset(ctx, 0, sizeof(mbedtls_hmac_drbg_context)); ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL; } @@ -52,74 +52,81 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ) /* * HMAC_DRBG update, using optional additional data (10.1.2.2) */ -int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ) +int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, + size_t add_len) { - size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); - unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1; + size_t md_len = mbedtls_md_get_size(ctx->md_ctx.md_info); + unsigned char rounds = (additional != NULL && add_len != 0) ? 2 : 1; unsigned char sep[1]; unsigned char K[MBEDTLS_MD_MAX_SIZE]; int ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; - for( sep[0] = 0; sep[0] < rounds; sep[0]++ ) - { + for (sep[0] = 0; sep[0] < rounds; sep[0]++) { /* Step 1 or 4 */ - if( ( ret = mbedtls_md_hmac_reset( &ctx->md_ctx ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, - ctx->V, md_len ) ) != 0 ) + if ((ret = mbedtls_md_hmac_reset(&ctx->md_ctx)) != 0) { goto exit; - if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, - sep, 1 ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx, + ctx->V, md_len)) != 0) { goto exit; - if( rounds == 2 ) - { - if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, - additional, add_len ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx, + sep, 1)) != 0) { goto exit; } - if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, K ) ) != 0 ) + if (rounds == 2) { + if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx, + additional, add_len)) != 0) { + goto exit; + } + } + if ((ret = mbedtls_md_hmac_finish(&ctx->md_ctx, K)) != 0) { goto exit; + } /* Step 2 or 5 */ - if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len ) ) != 0 ) + if ((ret = mbedtls_md_hmac_starts(&ctx->md_ctx, K, md_len)) != 0) { goto exit; - if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, - ctx->V, md_len ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx, + ctx->V, md_len)) != 0) { goto exit; - if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_finish(&ctx->md_ctx, ctx->V)) != 0) { goto exit; + } } exit: - mbedtls_platform_zeroize( K, sizeof( K ) ); - return( ret ); + mbedtls_platform_zeroize(K, sizeof(K)); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ) +void mbedtls_hmac_drbg_update(mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, + size_t add_len) { - (void) mbedtls_hmac_drbg_update_ret( ctx, additional, add_len ); + (void) mbedtls_hmac_drbg_update_ret(ctx, additional, add_len); } #endif /* MBEDTLS_DEPRECATED_REMOVED */ /* * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA) */ -int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, - const unsigned char *data, size_t data_len ) +int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx, + const mbedtls_md_info_t *md_info, + const unsigned char *data, size_t data_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_md_setup(&ctx->md_ctx, md_info, 1)) != 0) { + return ret; + } #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif /* @@ -127,15 +134,17 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, * Use the V memory location, which is currently all 0, to initialize the * MD context with an all-zero key. Then set V to its initial value. */ - if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, - mbedtls_md_get_size( md_info ) ) ) != 0 ) - return( ret ); - memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) ); + if ((ret = mbedtls_md_hmac_starts(&ctx->md_ctx, ctx->V, + mbedtls_md_get_size(md_info))) != 0) { + return ret; + } + memset(ctx->V, 0x01, mbedtls_md_get_size(md_info)); - if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, data, data_len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_hmac_drbg_update_ret(ctx, data, data_len)) != 0) { + return ret; + } - return( 0 ); + return 0; } /* @@ -143,9 +152,9 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, * Comments starting with arabic numbers refer to section 10.1.2.4 * of SP800-90A, while roman numbers refer to section 9.2. */ -static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t len, - int use_nonce ) +static int hmac_drbg_reseed_core(mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, size_t len, + int use_nonce) { unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT]; size_t seedlen = 0; @@ -154,33 +163,31 @@ static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, { size_t total_entropy_len; - if( use_nonce == 0 ) + if (use_nonce == 0) { total_entropy_len = ctx->entropy_len; - else + } else { total_entropy_len = ctx->entropy_len * 3 / 2; + } /* III. Check input length */ - if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT || - total_entropy_len + len > MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ) - { - return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG ); + if (len > MBEDTLS_HMAC_DRBG_MAX_INPUT || + total_entropy_len + len > MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT) { + return MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG; } } - memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ); + memset(seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT); /* IV. Gather entropy_len bytes of entropy for the seed */ - if( ( ret = ctx->f_entropy( ctx->p_entropy, - seed, ctx->entropy_len ) ) != 0 ) - { - return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED ); + if ((ret = ctx->f_entropy(ctx->p_entropy, + seed, ctx->entropy_len)) != 0) { + return MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED; } seedlen += ctx->entropy_len; /* For initial seeding, allow adding of nonce generated * from the entropy source. See Sect 8.6.7 in SP800-90A. */ - if( use_nonce ) - { + if (use_nonce) { /* Note: We don't merge the two calls to f_entropy() in order * to avoid requesting too much entropy from f_entropy() * at once. Specifically, if the underlying digest is not @@ -188,11 +195,10 @@ static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, * is larger than the maximum of 32 Bytes that our own * entropy source implementation can emit in a single * call in configurations disabling SHA-512. */ - if( ( ret = ctx->f_entropy( ctx->p_entropy, - seed + seedlen, - ctx->entropy_len / 2 ) ) != 0 ) - { - return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED ); + if ((ret = ctx->f_entropy(ctx->p_entropy, + seed + seedlen, + ctx->entropy_len / 2)) != 0) { + return MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED; } seedlen += ctx->entropy_len / 2; @@ -200,32 +206,32 @@ static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, /* 1. Concatenate entropy and additional data if any */ - if( additional != NULL && len != 0 ) - { - memcpy( seed + seedlen, additional, len ); + if (additional != NULL && len != 0) { + memcpy(seed + seedlen, additional, len); seedlen += len; } /* 2. Update state */ - if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, seed, seedlen ) ) != 0 ) + if ((ret = mbedtls_hmac_drbg_update_ret(ctx, seed, seedlen)) != 0) { goto exit; + } /* 3. Reset reseed_counter */ ctx->reseed_counter = 1; exit: /* 4. Done */ - mbedtls_platform_zeroize( seed, seedlen ); - return( ret ); + mbedtls_platform_zeroize(seed, seedlen); + return ret; } /* * HMAC_DRBG reseeding: 10.1.2.4 + 9.2 */ -int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t len ) +int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, size_t len) { - return( hmac_drbg_reseed_core( ctx, additional, len, 0 ) ); + return hmac_drbg_reseed_core(ctx, additional, len, 0); } /* @@ -234,40 +240,41 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, * The nonce is not passed as a separate parameter but extracted * from the entropy source as suggested in 8.6.7. */ -int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len ) +int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx, + const mbedtls_md_info_t *md_info, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t md_size; - if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_md_setup(&ctx->md_ctx, md_info, 1)) != 0) { + return ret; + } /* The mutex is initialized iff the md context is set up. */ #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif - md_size = mbedtls_md_get_size( md_info ); + md_size = mbedtls_md_get_size(md_info); /* * Set initial working state. * Use the V memory location, which is currently all 0, to initialize the * MD context with an all-zero key. Then set V to its initial value. */ - if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, md_size ) ) != 0 ) - return( ret ); - memset( ctx->V, 0x01, md_size ); + if ((ret = mbedtls_md_hmac_starts(&ctx->md_ctx, ctx->V, md_size)) != 0) { + return ret; + } + memset(ctx->V, 0x01, md_size); ctx->f_entropy = f_entropy; ctx->p_entropy = p_entropy; - if( ctx->entropy_len == 0 ) - { + if (ctx->entropy_len == 0) { /* * See SP800-57 5.6.1 (p. 65-66) for the security strength provided by * each hash function, then according to SP800-90A rev1 10.1 table 2, @@ -280,20 +287,19 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, 32; /* better (256+) -> 256 bits */ } - if( ( ret = hmac_drbg_reseed_core( ctx, custom, len, - 1 /* add nonce */ ) ) != 0 ) - { - return( ret ); + if ((ret = hmac_drbg_reseed_core(ctx, custom, len, + 1 /* add nonce */)) != 0) { + return ret; } - return( 0 ); + return 0; } /* * Set prediction resistance */ -void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx, - int resistance ) +void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx, + int resistance) { ctx->prediction_resistance = resistance; } @@ -301,7 +307,7 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx /* * Set entropy length grabbed for seeding */ -void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len ) +void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx, size_t len) { ctx->entropy_len = len; } @@ -309,7 +315,7 @@ void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t l /* * Set reseed interval */ -void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, int interval ) +void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx, int interval) { ctx->reseed_interval = interval; } @@ -318,131 +324,141 @@ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, int * HMAC_DRBG random function with optional additional data: * 10.1.2.5 (arabic) + 9.3 (Roman) */ -int mbedtls_hmac_drbg_random_with_add( void *p_rng, - unsigned char *output, size_t out_len, - const unsigned char *additional, size_t add_len ) +int mbedtls_hmac_drbg_random_with_add(void *p_rng, + unsigned char *output, size_t out_len, + const unsigned char *additional, size_t add_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; - size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); + size_t md_len = mbedtls_md_get_size(ctx->md_ctx.md_info); size_t left = out_len; unsigned char *out = output; /* II. Check request length */ - if( out_len > MBEDTLS_HMAC_DRBG_MAX_REQUEST ) - return( MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG ); + if (out_len > MBEDTLS_HMAC_DRBG_MAX_REQUEST) { + return MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG; + } /* III. Check input length */ - if( add_len > MBEDTLS_HMAC_DRBG_MAX_INPUT ) - return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG ); + if (add_len > MBEDTLS_HMAC_DRBG_MAX_INPUT) { + return MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG; + } /* 1. (aka VII and IX) Check reseed counter and PR */ - if( ctx->f_entropy != NULL && /* For no-reseeding instances */ - ( ctx->prediction_resistance == MBEDTLS_HMAC_DRBG_PR_ON || - ctx->reseed_counter > ctx->reseed_interval ) ) - { - if( ( ret = mbedtls_hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 ) - return( ret ); + if (ctx->f_entropy != NULL && /* For no-reseeding instances */ + (ctx->prediction_resistance == MBEDTLS_HMAC_DRBG_PR_ON || + ctx->reseed_counter > ctx->reseed_interval)) { + if ((ret = mbedtls_hmac_drbg_reseed(ctx, additional, add_len)) != 0) { + return ret; + } add_len = 0; /* VII.4 */ } /* 2. Use additional data if any */ - if( additional != NULL && add_len != 0 ) - { - if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, - additional, add_len ) ) != 0 ) + if (additional != NULL && add_len != 0) { + if ((ret = mbedtls_hmac_drbg_update_ret(ctx, + additional, add_len)) != 0) { goto exit; + } } /* 3, 4, 5. Generate bytes */ - while( left != 0 ) - { + while (left != 0) { size_t use_len = left > md_len ? md_len : left; - if( ( ret = mbedtls_md_hmac_reset( &ctx->md_ctx ) ) != 0 ) + if ((ret = mbedtls_md_hmac_reset(&ctx->md_ctx)) != 0) { goto exit; - if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, - ctx->V, md_len ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx, + ctx->V, md_len)) != 0) { goto exit; - if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_finish(&ctx->md_ctx, ctx->V)) != 0) { goto exit; + } - memcpy( out, ctx->V, use_len ); + memcpy(out, ctx->V, use_len); out += use_len; left -= use_len; } /* 6. Update */ - if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, - additional, add_len ) ) != 0 ) + if ((ret = mbedtls_hmac_drbg_update_ret(ctx, + additional, add_len)) != 0) { goto exit; + } /* 7. Update reseed counter */ ctx->reseed_counter++; exit: /* 8. Done */ - return( ret ); + return ret; } /* * HMAC_DRBG random function */ -int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ) +int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - ret = mbedtls_hmac_drbg_random_with_add( ctx, output, out_len, NULL, 0 ); + ret = mbedtls_hmac_drbg_random_with_add(ctx, output, out_len, NULL, 0); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } /* * This function resets HMAC_DRBG context to the state immediately * after initial call of mbedtls_hmac_drbg_init(). */ -void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ) +void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } #if defined(MBEDTLS_THREADING_C) /* The mutex is initialized iff the md context is set up. */ - if( ctx->md_ctx.md_info != NULL ) - mbedtls_mutex_free( &ctx->mutex ); + if (ctx->md_ctx.md_info != NULL) { + mbedtls_mutex_free(&ctx->mutex); + } #endif - mbedtls_md_free( &ctx->md_ctx ); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_hmac_drbg_context ) ); + mbedtls_md_free(&ctx->md_ctx); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_hmac_drbg_context)); ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL; } #if defined(MBEDTLS_FS_IO) -int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ) +int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; FILE *f; - unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ]; + unsigned char buf[MBEDTLS_HMAC_DRBG_MAX_INPUT]; - if( ( f = fopen( path, "wb" ) ) == NULL ) - return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR ); + if ((f = fopen(path, "wb")) == NULL) { + return MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR; + } - if( ( ret = mbedtls_hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 ) + if ((ret = mbedtls_hmac_drbg_random(ctx, buf, sizeof(buf))) != 0) { goto exit; + } - if( fwrite( buf, 1, sizeof( buf ), f ) != sizeof( buf ) ) - { + if (fwrite(buf, 1, sizeof(buf), f) != sizeof(buf)) { ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR; goto exit; } @@ -450,46 +466,47 @@ int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const cha ret = 0; exit: - fclose( f ); - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + fclose(f); + mbedtls_platform_zeroize(buf, sizeof(buf)); - return( ret ); + return ret; } -int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ) +int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path) { int ret = 0; FILE *f = NULL; size_t n; - unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ]; + unsigned char buf[MBEDTLS_HMAC_DRBG_MAX_INPUT]; unsigned char c; - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR ); + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR; + } - n = fread( buf, 1, sizeof( buf ), f ); - if( fread( &c, 1, 1, f ) != 0 ) - { + n = fread(buf, 1, sizeof(buf), f); + if (fread(&c, 1, 1, f) != 0) { ret = MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG; goto exit; } - if( n == 0 || ferror( f ) ) - { + if (n == 0 || ferror(f)) { ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR; goto exit; } - fclose( f ); + fclose(f); f = NULL; - ret = mbedtls_hmac_drbg_update_ret( ctx, buf, n ); + ret = mbedtls_hmac_drbg_update_ret(ctx, buf, n); exit: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - if( f != NULL ) - fclose( f ); - if( ret != 0 ) - return( ret ); - return( mbedtls_hmac_drbg_write_seed_file( ctx, path ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); + if (f != NULL) { + fclose(f); + } + if (ret != 0) { + return ret; + } + return mbedtls_hmac_drbg_write_seed_file(ctx, path); } #endif /* MBEDTLS_FS_IO */ @@ -498,10 +515,10 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch #if !defined(MBEDTLS_SHA1_C) /* Dummy checkup routine */ -int mbedtls_hmac_drbg_self_test( int verbose ) +int mbedtls_hmac_drbg_self_test(int verbose) { (void) verbose; - return( 0 ); + return 0; } #else @@ -513,7 +530,8 @@ static const unsigned char entropy_pr[] = { 0xf7, 0x3e, 0x9c, 0x5b, 0x64, 0xef, 0xd8, 0xca, 0x02, 0x8c, 0xf8, 0x11, 0x48, 0xa5, 0x84, 0xfe, 0x69, 0xab, 0x5a, 0xee, 0x42, 0xaa, 0x4d, 0x42, 0x17, 0x60, 0x99, 0xd4, 0x5e, 0x13, 0x97, 0xdc, 0x40, 0x4d, 0x86, 0xa3, - 0x7b, 0xf5, 0x59, 0x54, 0x75, 0x69, 0x51, 0xe4 }; + 0x7b, 0xf5, 0x59, 0x54, 0x75, 0x69, 0x51, 0xe4 +}; static const unsigned char result_pr[OUTPUT_LEN] = { 0x9a, 0x00, 0xa2, 0xd0, 0x0e, 0xd5, 0x9b, 0xfe, 0x31, 0xec, 0xb1, 0x39, 0x9b, 0x60, 0x81, 0x48, 0xd1, 0x96, 0x9d, 0x25, 0x0d, 0x3c, 0x1e, 0x94, @@ -521,14 +539,16 @@ static const unsigned char result_pr[OUTPUT_LEN] = { 0x73, 0x19, 0x70, 0xc0, 0x10, 0x7a, 0xa4, 0x89, 0x25, 0x19, 0x95, 0x5e, 0x4b, 0xc6, 0x00, 0x1d, 0x7f, 0x4e, 0x6a, 0x2b, 0xf8, 0xa3, 0x01, 0xab, 0x46, 0x05, 0x5c, 0x09, 0xa6, 0x71, 0x88, 0xf1, 0xa7, 0x40, 0xee, 0xf3, - 0xe1, 0x5c, 0x02, 0x9b, 0x44, 0xaf, 0x03, 0x44 }; + 0xe1, 0x5c, 0x02, 0x9b, 0x44, 0xaf, 0x03, 0x44 +}; /* From a NIST PR=false test vector */ static const unsigned char entropy_nopr[] = { 0x79, 0x34, 0x9b, 0xbf, 0x7c, 0xdd, 0xa5, 0x79, 0x95, 0x57, 0x86, 0x66, 0x21, 0xc9, 0x13, 0x83, 0x11, 0x46, 0x73, 0x3a, 0xbf, 0x8c, 0x35, 0xc8, 0xc7, 0x21, 0x5b, 0x5b, 0x96, 0xc4, 0x8e, 0x9b, 0x33, 0x8c, 0x74, 0xe3, - 0xe9, 0x9d, 0xfe, 0xdf }; + 0xe9, 0x9d, 0xfe, 0xdf +}; static const unsigned char result_nopr[OUTPUT_LEN] = { 0xc6, 0xa1, 0x6a, 0xb8, 0xd4, 0x20, 0x70, 0x6f, 0x0f, 0x34, 0xab, 0x7f, 0xec, 0x5a, 0xdc, 0xa9, 0xd8, 0xca, 0x3a, 0x13, 0x3e, 0x15, 0x9c, 0xa6, @@ -536,85 +556,91 @@ static const unsigned char result_nopr[OUTPUT_LEN] = { 0xff, 0xb1, 0x0d, 0x71, 0x94, 0xf1, 0xc1, 0xa5, 0xcf, 0x73, 0x22, 0xec, 0x1a, 0xe0, 0x96, 0x4e, 0xd4, 0xbf, 0x12, 0x27, 0x46, 0xe0, 0x87, 0xfd, 0xb5, 0xb3, 0xe9, 0x1b, 0x34, 0x93, 0xd5, 0xbb, 0x98, 0xfa, 0xed, 0x49, - 0xe8, 0x5f, 0x13, 0x0f, 0xc8, 0xa4, 0x59, 0xb7 }; + 0xe8, 0x5f, 0x13, 0x0f, 0xc8, 0xa4, 0x59, 0xb7 +}; /* "Entropy" from buffer */ static size_t test_offset; -static int hmac_drbg_self_test_entropy( void *data, - unsigned char *buf, size_t len ) +static int hmac_drbg_self_test_entropy(void *data, + unsigned char *buf, size_t len) { const unsigned char *p = data; - memcpy( buf, p + test_offset, len ); + memcpy(buf, p + test_offset, len); test_offset += len; - return( 0 ); + return 0; } -#define CHK( c ) if( (c) != 0 ) \ - { \ - if( verbose != 0 ) \ - mbedtls_printf( "failed\n" ); \ - return( 1 ); \ - } +#define CHK(c) if ((c) != 0) \ + { \ + if (verbose != 0) \ + mbedtls_printf("failed\n"); \ + return 1; \ + } /* * Checkup routine for HMAC_DRBG with SHA-1 */ -int mbedtls_hmac_drbg_self_test( int verbose ) +int mbedtls_hmac_drbg_self_test(int verbose) { mbedtls_hmac_drbg_context ctx; unsigned char buf[OUTPUT_LEN]; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); - mbedtls_hmac_drbg_init( &ctx ); + mbedtls_hmac_drbg_init(&ctx); /* * PR = True */ - if( verbose != 0 ) - mbedtls_printf( " HMAC_DRBG (PR = True) : " ); + if (verbose != 0) { + mbedtls_printf(" HMAC_DRBG (PR = True) : "); + } test_offset = 0; - CHK( mbedtls_hmac_drbg_seed( &ctx, md_info, - hmac_drbg_self_test_entropy, (void *) entropy_pr, - NULL, 0 ) ); - mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON ); - CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); - CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); - CHK( memcmp( buf, result_pr, OUTPUT_LEN ) ); - mbedtls_hmac_drbg_free( &ctx ); - - mbedtls_hmac_drbg_free( &ctx ); - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + CHK(mbedtls_hmac_drbg_seed(&ctx, md_info, + hmac_drbg_self_test_entropy, (void *) entropy_pr, + NULL, 0)); + mbedtls_hmac_drbg_set_prediction_resistance(&ctx, MBEDTLS_HMAC_DRBG_PR_ON); + CHK(mbedtls_hmac_drbg_random(&ctx, buf, OUTPUT_LEN)); + CHK(mbedtls_hmac_drbg_random(&ctx, buf, OUTPUT_LEN)); + CHK(memcmp(buf, result_pr, OUTPUT_LEN)); + mbedtls_hmac_drbg_free(&ctx); + + mbedtls_hmac_drbg_free(&ctx); + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } /* * PR = False */ - if( verbose != 0 ) - mbedtls_printf( " HMAC_DRBG (PR = False) : " ); + if (verbose != 0) { + mbedtls_printf(" HMAC_DRBG (PR = False) : "); + } - mbedtls_hmac_drbg_init( &ctx ); + mbedtls_hmac_drbg_init(&ctx); test_offset = 0; - CHK( mbedtls_hmac_drbg_seed( &ctx, md_info, - hmac_drbg_self_test_entropy, (void *) entropy_nopr, - NULL, 0 ) ); - CHK( mbedtls_hmac_drbg_reseed( &ctx, NULL, 0 ) ); - CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); - CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); - CHK( memcmp( buf, result_nopr, OUTPUT_LEN ) ); - mbedtls_hmac_drbg_free( &ctx ); - - mbedtls_hmac_drbg_free( &ctx ); - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + CHK(mbedtls_hmac_drbg_seed(&ctx, md_info, + hmac_drbg_self_test_entropy, (void *) entropy_nopr, + NULL, 0)); + CHK(mbedtls_hmac_drbg_reseed(&ctx, NULL, 0)); + CHK(mbedtls_hmac_drbg_random(&ctx, buf, OUTPUT_LEN)); + CHK(mbedtls_hmac_drbg_random(&ctx, buf, OUTPUT_LEN)); + CHK(memcmp(buf, result_nopr, OUTPUT_LEN)); + mbedtls_hmac_drbg_free(&ctx); + + mbedtls_hmac_drbg_free(&ctx); + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/md.c b/library/md.c index 53a84b01c6d4..1e24ee45bc64 100644 --- a/library/md.c +++ b/library/md.c @@ -131,174 +131,182 @@ const mbedtls_md_info_t mbedtls_sha512_info = { static const int supported_digests[] = { #if defined(MBEDTLS_SHA512_C) - MBEDTLS_MD_SHA512, + MBEDTLS_MD_SHA512, #if !defined(MBEDTLS_SHA512_NO_SHA384) - MBEDTLS_MD_SHA384, + MBEDTLS_MD_SHA384, #endif #endif #if defined(MBEDTLS_SHA256_C) - MBEDTLS_MD_SHA256, - MBEDTLS_MD_SHA224, + MBEDTLS_MD_SHA256, + MBEDTLS_MD_SHA224, #endif #if defined(MBEDTLS_SHA1_C) - MBEDTLS_MD_SHA1, + MBEDTLS_MD_SHA1, #endif #if defined(MBEDTLS_RIPEMD160_C) - MBEDTLS_MD_RIPEMD160, + MBEDTLS_MD_RIPEMD160, #endif #if defined(MBEDTLS_MD5_C) - MBEDTLS_MD_MD5, + MBEDTLS_MD_MD5, #endif #if defined(MBEDTLS_MD4_C) - MBEDTLS_MD_MD4, + MBEDTLS_MD_MD4, #endif #if defined(MBEDTLS_MD2_C) - MBEDTLS_MD_MD2, + MBEDTLS_MD_MD2, #endif - MBEDTLS_MD_NONE + MBEDTLS_MD_NONE }; -const int *mbedtls_md_list( void ) +const int *mbedtls_md_list(void) { - return( supported_digests ); + return supported_digests; } -const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) +const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name) { - if( NULL == md_name ) - return( NULL ); + if (NULL == md_name) { + return NULL; + } /* Get the appropriate digest information */ #if defined(MBEDTLS_MD2_C) - if( !strcmp( "MD2", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 ); + if (!strcmp("MD2", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_MD2); + } #endif #if defined(MBEDTLS_MD4_C) - if( !strcmp( "MD4", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 ); + if (!strcmp("MD4", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_MD4); + } #endif #if defined(MBEDTLS_MD5_C) - if( !strcmp( "MD5", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ); + if (!strcmp("MD5", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_MD5); + } #endif #if defined(MBEDTLS_RIPEMD160_C) - if( !strcmp( "RIPEMD160", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_RIPEMD160 ); + if (!strcmp("RIPEMD160", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_RIPEMD160); + } #endif #if defined(MBEDTLS_SHA1_C) - if( !strcmp( "SHA1", md_name ) || !strcmp( "SHA", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); + if (!strcmp("SHA1", md_name) || !strcmp("SHA", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); + } #endif #if defined(MBEDTLS_SHA256_C) - if( !strcmp( "SHA224", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 ); - if( !strcmp( "SHA256", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ); + if (!strcmp("SHA224", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_SHA224); + } + if (!strcmp("SHA256", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); + } #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) - if( !strcmp( "SHA384", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 ); + if (!strcmp("SHA384", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_SHA384); + } #endif - if( !strcmp( "SHA512", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 ); + if (!strcmp("SHA512", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); + } #endif - return( NULL ); + return NULL; } -const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) +const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type) { - switch( md_type ) - { + switch (md_type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( &mbedtls_md2_info ); + return &mbedtls_md2_info; #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( &mbedtls_md4_info ); + return &mbedtls_md4_info; #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( &mbedtls_md5_info ); + return &mbedtls_md5_info; #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( &mbedtls_ripemd160_info ); + return &mbedtls_ripemd160_info; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( &mbedtls_sha1_info ); + return &mbedtls_sha1_info; #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: - return( &mbedtls_sha224_info ); + return &mbedtls_sha224_info; case MBEDTLS_MD_SHA256: - return( &mbedtls_sha256_info ); + return &mbedtls_sha256_info; #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: - return( &mbedtls_sha384_info ); + return &mbedtls_sha384_info; #endif case MBEDTLS_MD_SHA512: - return( &mbedtls_sha512_info ); + return &mbedtls_sha512_info; #endif default: - return( NULL ); + return NULL; } } -void mbedtls_md_init( mbedtls_md_context_t *ctx ) +void mbedtls_md_init(mbedtls_md_context_t *ctx) { - memset( ctx, 0, sizeof( mbedtls_md_context_t ) ); + memset(ctx, 0, sizeof(mbedtls_md_context_t)); } -void mbedtls_md_free( mbedtls_md_context_t *ctx ) +void mbedtls_md_free(mbedtls_md_context_t *ctx) { - if( ctx == NULL || ctx->md_info == NULL ) + if (ctx == NULL || ctx->md_info == NULL) { return; + } - if( ctx->md_ctx != NULL ) - { - switch( ctx->md_info->type ) - { + if (ctx->md_ctx != NULL) { + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - mbedtls_md2_free( ctx->md_ctx ); + mbedtls_md2_free(ctx->md_ctx); break; #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - mbedtls_md4_free( ctx->md_ctx ); + mbedtls_md4_free(ctx->md_ctx); break; #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - mbedtls_md5_free( ctx->md_ctx ); + mbedtls_md5_free(ctx->md_ctx); break; #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - mbedtls_ripemd160_free( ctx->md_ctx ); + mbedtls_ripemd160_free(ctx->md_ctx); break; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - mbedtls_sha1_free( ctx->md_ctx ); + mbedtls_sha1_free(ctx->md_ctx); break; #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - mbedtls_sha256_free( ctx->md_ctx ); + mbedtls_sha256_free(ctx->md_ctx); break; #endif #if defined(MBEDTLS_SHA512_C) @@ -306,67 +314,64 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) case MBEDTLS_MD_SHA384: #endif case MBEDTLS_MD_SHA512: - mbedtls_sha512_free( ctx->md_ctx ); + mbedtls_sha512_free(ctx->md_ctx); break; #endif default: /* Shouldn't happen */ break; } - mbedtls_free( ctx->md_ctx ); + mbedtls_free(ctx->md_ctx); } - if( ctx->hmac_ctx != NULL ) - { - mbedtls_platform_zeroize( ctx->hmac_ctx, - 2 * ctx->md_info->block_size ); - mbedtls_free( ctx->hmac_ctx ); + if (ctx->hmac_ctx != NULL) { + mbedtls_platform_zeroize(ctx->hmac_ctx, + 2 * ctx->md_info->block_size); + mbedtls_free(ctx->hmac_ctx); } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md_context_t)); } -int mbedtls_md_clone( mbedtls_md_context_t *dst, - const mbedtls_md_context_t *src ) +int mbedtls_md_clone(mbedtls_md_context_t *dst, + const mbedtls_md_context_t *src) { - if( dst == NULL || dst->md_info == NULL || + if (dst == NULL || dst->md_info == NULL || src == NULL || src->md_info == NULL || - dst->md_info != src->md_info ) - { - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + dst->md_info != src->md_info) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } - switch( src->md_info->type ) - { + switch (src->md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - mbedtls_md2_clone( dst->md_ctx, src->md_ctx ); + mbedtls_md2_clone(dst->md_ctx, src->md_ctx); break; #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - mbedtls_md4_clone( dst->md_ctx, src->md_ctx ); + mbedtls_md4_clone(dst->md_ctx, src->md_ctx); break; #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - mbedtls_md5_clone( dst->md_ctx, src->md_ctx ); + mbedtls_md5_clone(dst->md_ctx, src->md_ctx); break; #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - mbedtls_ripemd160_clone( dst->md_ctx, src->md_ctx ); + mbedtls_ripemd160_clone(dst->md_ctx, src->md_ctx); break; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - mbedtls_sha1_clone( dst->md_ctx, src->md_ctx ); + mbedtls_sha1_clone(dst->md_ctx, src->md_ctx); break; #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - mbedtls_sha256_clone( dst->md_ctx, src->md_ctx ); + mbedtls_sha256_clone(dst->md_ctx, src->md_ctx); break; #endif #if defined(MBEDTLS_SHA512_C) @@ -374,72 +379,72 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, case MBEDTLS_MD_SHA384: #endif case MBEDTLS_MD_SHA512: - mbedtls_sha512_clone( dst->md_ctx, src->md_ctx ); + mbedtls_sha512_clone(dst->md_ctx, src->md_ctx); break; #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } - return( 0 ); + return 0; } -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +int mbedtls_md_init_ctx(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info) { - return mbedtls_md_setup( ctx, md_info, 1 ); + return mbedtls_md_setup(ctx, md_info, 1); } #endif -#define ALLOC( type ) \ +#define ALLOC(type) \ do { \ - ctx->md_ctx = mbedtls_calloc( 1, sizeof( mbedtls_##type##_context ) ); \ - if( ctx->md_ctx == NULL ) \ - return( MBEDTLS_ERR_MD_ALLOC_FAILED ); \ - mbedtls_##type##_init( ctx->md_ctx ); \ + ctx->md_ctx = mbedtls_calloc(1, sizeof(mbedtls_##type##_context)); \ + if (ctx->md_ctx == NULL) \ + return MBEDTLS_ERR_MD_ALLOC_FAILED; \ + mbedtls_##type##_init(ctx->md_ctx); \ } \ - while( 0 ) + while (0) -int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ) +int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac) { - if( md_info == NULL || ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (md_info == NULL || ctx == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } ctx->md_info = md_info; ctx->md_ctx = NULL; ctx->hmac_ctx = NULL; - switch( md_info->type ) - { + switch (md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - ALLOC( md2 ); + ALLOC(md2); break; #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - ALLOC( md4 ); + ALLOC(md4); break; #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - ALLOC( md5 ); + ALLOC(md5); break; #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - ALLOC( ripemd160 ); + ALLOC(ripemd160); break; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - ALLOC( sha1 ); + ALLOC(sha1); break; #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - ALLOC( sha256 ); + ALLOC(sha256); break; #endif #if defined(MBEDTLS_SHA512_C) @@ -447,210 +452,208 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf case MBEDTLS_MD_SHA384: #endif case MBEDTLS_MD_SHA512: - ALLOC( sha512 ); + ALLOC(sha512); break; #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } - if( hmac != 0 ) - { - ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size ); - if( ctx->hmac_ctx == NULL ) - { - mbedtls_md_free( ctx ); - return( MBEDTLS_ERR_MD_ALLOC_FAILED ); + if (hmac != 0) { + ctx->hmac_ctx = mbedtls_calloc(2, md_info->block_size); + if (ctx->hmac_ctx == NULL) { + mbedtls_md_free(ctx); + return MBEDTLS_ERR_MD_ALLOC_FAILED; } } - return( 0 ); + return 0; } #undef ALLOC -int mbedtls_md_starts( mbedtls_md_context_t *ctx ) +int mbedtls_md_starts(mbedtls_md_context_t *ctx) { - if( ctx == NULL || ctx->md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - switch( ctx->md_info->type ) - { + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_md2_starts_ret( ctx->md_ctx ) ); + return mbedtls_md2_starts_ret(ctx->md_ctx); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_md4_starts_ret( ctx->md_ctx ) ); + return mbedtls_md4_starts_ret(ctx->md_ctx); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_md5_starts_ret( ctx->md_ctx ) ); + return mbedtls_md5_starts_ret(ctx->md_ctx); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_ripemd160_starts_ret( ctx->md_ctx ) ); + return mbedtls_ripemd160_starts_ret(ctx->md_ctx); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_sha1_starts_ret( ctx->md_ctx ) ); + return mbedtls_sha1_starts_ret(ctx->md_ctx); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: - return( mbedtls_sha256_starts_ret( ctx->md_ctx, 1 ) ); + return mbedtls_sha256_starts_ret(ctx->md_ctx, 1); case MBEDTLS_MD_SHA256: - return( mbedtls_sha256_starts_ret( ctx->md_ctx, 0 ) ); + return mbedtls_sha256_starts_ret(ctx->md_ctx, 0); #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: - return( mbedtls_sha512_starts_ret( ctx->md_ctx, 1 ) ); + return mbedtls_sha512_starts_ret(ctx->md_ctx, 1); #endif case MBEDTLS_MD_SHA512: - return( mbedtls_sha512_starts_ret( ctx->md_ctx, 0 ) ); + return mbedtls_sha512_starts_ret(ctx->md_ctx, 0); #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } } -int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) +int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen) { - if( ctx == NULL || ctx->md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - switch( ctx->md_info->type ) - { + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_md2_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_md2_update_ret(ctx->md_ctx, input, ilen); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_md4_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_md4_update_ret(ctx->md_ctx, input, ilen); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_md5_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_md5_update_ret(ctx->md_ctx, input, ilen); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_ripemd160_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_ripemd160_update_ret(ctx->md_ctx, input, ilen); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_sha1_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_sha1_update_ret(ctx->md_ctx, input, ilen); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_sha256_update_ret(ctx->md_ctx, input, ilen); #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: #endif case MBEDTLS_MD_SHA512: - return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_sha512_update_ret(ctx->md_ctx, input, ilen); #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } } -int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) +int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output) { - if( ctx == NULL || ctx->md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - switch( ctx->md_info->type ) - { + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_md2_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_md2_finish_ret(ctx->md_ctx, output); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_md4_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_md4_finish_ret(ctx->md_ctx, output); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_md5_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_md5_finish_ret(ctx->md_ctx, output); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_ripemd160_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_ripemd160_finish_ret(ctx->md_ctx, output); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_sha1_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_sha1_finish_ret(ctx->md_ctx, output); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_sha256_finish_ret(ctx->md_ctx, output); #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: #endif case MBEDTLS_MD_SHA512: - return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_sha512_finish_ret(ctx->md_ctx, output); #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } } -int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, - unsigned char *output ) +int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, + unsigned char *output) { - if( md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - switch( md_info->type ) - { + switch (md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_md2_ret( input, ilen, output ) ); + return mbedtls_md2_ret(input, ilen, output); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_md4_ret( input, ilen, output ) ); + return mbedtls_md4_ret(input, ilen, output); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_md5_ret( input, ilen, output ) ); + return mbedtls_md5_ret(input, ilen, output); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_ripemd160_ret( input, ilen, output ) ); + return mbedtls_ripemd160_ret(input, ilen, output); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_sha1_ret( input, ilen, output ) ); + return mbedtls_sha1_ret(input, ilen, output); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: - return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); + return mbedtls_sha256_ret(input, ilen, output, 1); case MBEDTLS_MD_SHA256: - return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); + return mbedtls_sha256_ret(input, ilen, output, 0); #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: - return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); + return mbedtls_sha512_ret(input, ilen, output, 1); #endif case MBEDTLS_MD_SHA512: - return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); + return mbedtls_sha512_ret(input, ilen, output, 0); #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } } #if defined(MBEDTLS_FS_IO) -int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output ) +int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path, unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; FILE *f; @@ -658,56 +661,66 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne mbedtls_md_context_t ctx; unsigned char buf[1024]; - if( md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_MD_FILE_IO_ERROR ); + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_MD_FILE_IO_ERROR; + } - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); - if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 ) + if ((ret = mbedtls_md_setup(&ctx, md_info, 0)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 ) + if ((ret = mbedtls_md_starts(&ctx)) != 0) { goto cleanup; + } - while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - if( ( ret = mbedtls_md_update( &ctx, buf, n ) ) != 0 ) + while ((n = fread(buf, 1, sizeof(buf), f)) > 0) { + if ((ret = mbedtls_md_update(&ctx, buf, n)) != 0) { goto cleanup; + } + } - if( ferror( f ) != 0 ) + if (ferror(f) != 0) { ret = MBEDTLS_ERR_MD_FILE_IO_ERROR; - else - ret = mbedtls_md_finish( &ctx, output ); + } else { + ret = mbedtls_md_finish(&ctx, output); + } cleanup: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - fclose( f ); - mbedtls_md_free( &ctx ); + mbedtls_platform_zeroize(buf, sizeof(buf)); + fclose(f); + mbedtls_md_free(&ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ -int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen ) +int mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char sum[MBEDTLS_MD_MAX_SIZE]; unsigned char *ipad, *opad; size_t i; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - if( keylen > (size_t) ctx->md_info->block_size ) - { - if( ( ret = mbedtls_md_starts( ctx ) ) != 0 ) + if (keylen > (size_t) ctx->md_info->block_size) { + if ((ret = mbedtls_md_starts(ctx)) != 0) { goto cleanup; - if( ( ret = mbedtls_md_update( ctx, key, keylen ) ) != 0 ) + } + if ((ret = mbedtls_md_update(ctx, key, keylen)) != 0) { goto cleanup; - if( ( ret = mbedtls_md_finish( ctx, sum ) ) != 0 ) + } + if ((ret = mbedtls_md_finish(ctx, sum)) != 0) { goto cleanup; + } keylen = ctx->md_info->size; key = sum; @@ -716,167 +729,184 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, ipad = (unsigned char *) ctx->hmac_ctx; opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; - memset( ipad, 0x36, ctx->md_info->block_size ); - memset( opad, 0x5C, ctx->md_info->block_size ); + memset(ipad, 0x36, ctx->md_info->block_size); + memset(opad, 0x5C, ctx->md_info->block_size); - for( i = 0; i < keylen; i++ ) - { - ipad[i] = (unsigned char)( ipad[i] ^ key[i] ); - opad[i] = (unsigned char)( opad[i] ^ key[i] ); + for (i = 0; i < keylen; i++) { + ipad[i] = (unsigned char) (ipad[i] ^ key[i]); + opad[i] = (unsigned char) (opad[i] ^ key[i]); } - if( ( ret = mbedtls_md_starts( ctx ) ) != 0 ) + if ((ret = mbedtls_md_starts(ctx)) != 0) { goto cleanup; - if( ( ret = mbedtls_md_update( ctx, ipad, - ctx->md_info->block_size ) ) != 0 ) + } + if ((ret = mbedtls_md_update(ctx, ipad, + ctx->md_info->block_size)) != 0) { goto cleanup; + } cleanup: - mbedtls_platform_zeroize( sum, sizeof( sum ) ); + mbedtls_platform_zeroize(sum, sizeof(sum)); - return( ret ); + return ret; } -int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) +int mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen) { - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - return( mbedtls_md_update( ctx, input, ilen ) ); + return mbedtls_md_update(ctx, input, ilen); } -int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) +int mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; unsigned char *opad; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; - if( ( ret = mbedtls_md_finish( ctx, tmp ) ) != 0 ) - return( ret ); - if( ( ret = mbedtls_md_starts( ctx ) ) != 0 ) - return( ret ); - if( ( ret = mbedtls_md_update( ctx, opad, - ctx->md_info->block_size ) ) != 0 ) - return( ret ); - if( ( ret = mbedtls_md_update( ctx, tmp, - ctx->md_info->size ) ) != 0 ) - return( ret ); - return( mbedtls_md_finish( ctx, output ) ); + if ((ret = mbedtls_md_finish(ctx, tmp)) != 0) { + return ret; + } + if ((ret = mbedtls_md_starts(ctx)) != 0) { + return ret; + } + if ((ret = mbedtls_md_update(ctx, opad, + ctx->md_info->block_size)) != 0) { + return ret; + } + if ((ret = mbedtls_md_update(ctx, tmp, + ctx->md_info->size)) != 0) { + return ret; + } + return mbedtls_md_finish(ctx, output); } -int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) +int mbedtls_md_hmac_reset(mbedtls_md_context_t *ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *ipad; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } ipad = (unsigned char *) ctx->hmac_ctx; - if( ( ret = mbedtls_md_starts( ctx ) ) != 0 ) - return( ret ); - return( mbedtls_md_update( ctx, ipad, ctx->md_info->block_size ) ); + if ((ret = mbedtls_md_starts(ctx)) != 0) { + return ret; + } + return mbedtls_md_update(ctx, ipad, ctx->md_info->block_size); } -int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, - const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ) +int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, + const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output) { mbedtls_md_context_t ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); - if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 ) + if ((ret = mbedtls_md_setup(&ctx, md_info, 1)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 ) + if ((ret = mbedtls_md_hmac_starts(&ctx, key, keylen)) != 0) { goto cleanup; - if( ( ret = mbedtls_md_hmac_update( &ctx, input, ilen ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_update(&ctx, input, ilen)) != 0) { goto cleanup; - if( ( ret = mbedtls_md_hmac_finish( &ctx, output ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_finish(&ctx, output)) != 0) { goto cleanup; + } cleanup: - mbedtls_md_free( &ctx ); + mbedtls_md_free(&ctx); - return( ret ); + return ret; } -int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) +int mbedtls_md_process(mbedtls_md_context_t *ctx, const unsigned char *data) { - if( ctx == NULL || ctx->md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - switch( ctx->md_info->type ) - { + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_internal_md2_process( ctx->md_ctx ) ); + return mbedtls_internal_md2_process(ctx->md_ctx); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_internal_md4_process( ctx->md_ctx, data ) ); + return mbedtls_internal_md4_process(ctx->md_ctx, data); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_internal_md5_process( ctx->md_ctx, data ) ); + return mbedtls_internal_md5_process(ctx->md_ctx, data); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_internal_ripemd160_process( ctx->md_ctx, data ) ); + return mbedtls_internal_ripemd160_process(ctx->md_ctx, data); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_internal_sha1_process( ctx->md_ctx, data ) ); + return mbedtls_internal_sha1_process(ctx->md_ctx, data); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) ); + return mbedtls_internal_sha256_process(ctx->md_ctx, data); #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: #endif case MBEDTLS_MD_SHA512: - return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) ); + return mbedtls_internal_sha512_process(ctx->md_ctx, data); #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } } -unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ) +unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info) { - if( md_info == NULL ) - return( 0 ); + if (md_info == NULL) { + return 0; + } return md_info->size; } -mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ) +mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info) { - if( md_info == NULL ) - return( MBEDTLS_MD_NONE ); + if (md_info == NULL) { + return MBEDTLS_MD_NONE; + } return md_info->type; } -const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ) +const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info) { - if( md_info == NULL ) - return( NULL ); + if (md_info == NULL) { + return NULL; + } return md_info->name; } diff --git a/library/md2.c b/library/md2.c index f8293a1df39b..f009498c4894 100644 --- a/library/md2.c +++ b/library/md2.c @@ -67,21 +67,22 @@ static const unsigned char PI_SUBST[256] = 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14 }; -void mbedtls_md2_init( mbedtls_md2_context *ctx ) +void mbedtls_md2_init(mbedtls_md2_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_md2_context ) ); + memset(ctx, 0, sizeof(mbedtls_md2_context)); } -void mbedtls_md2_free( mbedtls_md2_context *ctx ) +void mbedtls_md2_free(mbedtls_md2_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md2_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md2_context)); } -void mbedtls_md2_clone( mbedtls_md2_context *dst, - const mbedtls_md2_context *src ) +void mbedtls_md2_clone(mbedtls_md2_context *dst, + const mbedtls_md2_context *src) { *dst = *src; } @@ -89,67 +90,63 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst, /* * MD2 context setup */ -int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx ) +int mbedtls_md2_starts_ret(mbedtls_md2_context *ctx) { - memset( ctx->cksum, 0, 16 ); - memset( ctx->state, 0, 46 ); - memset( ctx->buffer, 0, 16 ); + memset(ctx->cksum, 0, 16); + memset(ctx->state, 0, 46); + memset(ctx->buffer, 0, 16); ctx->left = 0; - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md2_starts( mbedtls_md2_context *ctx ) +void mbedtls_md2_starts(mbedtls_md2_context *ctx) { - mbedtls_md2_starts_ret( ctx ); + mbedtls_md2_starts_ret(ctx); } #endif #if !defined(MBEDTLS_MD2_PROCESS_ALT) -int mbedtls_internal_md2_process( mbedtls_md2_context *ctx ) +int mbedtls_internal_md2_process(mbedtls_md2_context *ctx) { int i, j; unsigned char t = 0; - for( i = 0; i < 16; i++ ) - { + for (i = 0; i < 16; i++) { ctx->state[i + 16] = ctx->buffer[i]; ctx->state[i + 32] = - (unsigned char)( ctx->buffer[i] ^ ctx->state[i]); + (unsigned char) (ctx->buffer[i] ^ ctx->state[i]); } - for( i = 0; i < 18; i++ ) - { - for( j = 0; j < 48; j++ ) - { + for (i = 0; i < 18; i++) { + for (j = 0; j < 48; j++) { ctx->state[j] = (unsigned char) - ( ctx->state[j] ^ PI_SUBST[t] ); + (ctx->state[j] ^ PI_SUBST[t]); t = ctx->state[j]; } - t = (unsigned char)( t + i ); + t = (unsigned char) (t + i); } t = ctx->cksum[15]; - for( i = 0; i < 16; i++ ) - { + for (i = 0; i < 16; i++) { ctx->cksum[i] = (unsigned char) - ( ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t] ); + (ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t]); t = ctx->cksum[i]; } /* Zeroise variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &t, sizeof( t ) ); + mbedtls_platform_zeroize(&t, sizeof(t)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md2_process( mbedtls_md2_context *ctx ) +void mbedtls_md2_process(mbedtls_md2_context *ctx) { - mbedtls_internal_md2_process( ctx ); + mbedtls_internal_md2_process(ctx); } #endif #endif /* !MBEDTLS_MD2_PROCESS_ALT */ @@ -157,78 +154,81 @@ void mbedtls_md2_process( mbedtls_md2_context *ctx ) /* * MD2 process buffer */ -int mbedtls_md2_update_ret( mbedtls_md2_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_md2_update_ret(mbedtls_md2_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; - while( ilen > 0 ) - { - if( ilen > 16 - ctx->left ) + while (ilen > 0) { + if (ilen > 16 - ctx->left) { fill = 16 - ctx->left; - else + } else { fill = ilen; + } - memcpy( ctx->buffer + ctx->left, input, fill ); + memcpy(ctx->buffer + ctx->left, input, fill); ctx->left += fill; input += fill; ilen -= fill; - if( ctx->left == 16 ) - { + if (ctx->left == 16) { ctx->left = 0; - if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_md2_process(ctx)) != 0) { + return ret; + } } } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md2_update( mbedtls_md2_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_md2_update(mbedtls_md2_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_md2_update_ret( ctx, input, ilen ); + mbedtls_md2_update_ret(ctx, input, ilen); } #endif /* * MD2 final digest */ -int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx, - unsigned char output[16] ) +int mbedtls_md2_finish_ret(mbedtls_md2_context *ctx, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; unsigned char x; - x = (unsigned char)( 16 - ctx->left ); + x = (unsigned char) (16 - ctx->left); - for( i = ctx->left; i < 16; i++ ) + for (i = ctx->left; i < 16; i++) { ctx->buffer[i] = x; + } - if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_md2_process(ctx)) != 0) { + return ret; + } - memcpy( ctx->buffer, ctx->cksum, 16 ); - if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 ) - return( ret ); + memcpy(ctx->buffer, ctx->cksum, 16); + if ((ret = mbedtls_internal_md2_process(ctx)) != 0) { + return ret; + } - memcpy( output, ctx->state, 16 ); + memcpy(output, ctx->state, 16); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md2_finish( mbedtls_md2_context *ctx, - unsigned char output[16] ) +void mbedtls_md2_finish(mbedtls_md2_context *ctx, + unsigned char output[16]) { - mbedtls_md2_finish_ret( ctx, output ); + mbedtls_md2_finish_ret(ctx, output); } #endif @@ -237,36 +237,39 @@ void mbedtls_md2_finish( mbedtls_md2_context *ctx, /* * output = MD2( input buffer ) */ -int mbedtls_md2_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) +int mbedtls_md2_ret(const unsigned char *input, + size_t ilen, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md2_context ctx; - mbedtls_md2_init( &ctx ); + mbedtls_md2_init(&ctx); - if( ( ret = mbedtls_md2_starts_ret( &ctx ) ) != 0 ) + if ((ret = mbedtls_md2_starts_ret(&ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_md2_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_md2_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_md2_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_md2_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_md2_free( &ctx ); + mbedtls_md2_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md2( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) +void mbedtls_md2(const unsigned char *input, + size_t ilen, + unsigned char output[16]) { - mbedtls_md2_ret( input, ilen, output ); + mbedtls_md2_ret(input, ilen, output); } #endif @@ -312,40 +315,43 @@ static const unsigned char md2_test_sum[7][16] = /* * Checkup routine */ -int mbedtls_md2_self_test( int verbose ) +int mbedtls_md2_self_test(int verbose) { int i, ret = 0; unsigned char md2sum[16]; - for( i = 0; i < 7; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " MD2 test #%d: ", i + 1 ); + for (i = 0; i < 7; i++) { + if (verbose != 0) { + mbedtls_printf(" MD2 test #%d: ", i + 1); + } - ret = mbedtls_md2_ret( md2_test_str[i], md2_test_strlen[i], md2sum ); - if( ret != 0 ) + ret = mbedtls_md2_ret(md2_test_str[i], md2_test_strlen[i], md2sum); + if (ret != 0) { goto fail; + } - if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 ) - { + if (memcmp(md2sum, md2_test_sum[i], 16) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/md4.c b/library/md4.c index a4122134801d..163afb1ddb46 100644 --- a/library/md4.c +++ b/library/md4.c @@ -37,21 +37,22 @@ #if !defined(MBEDTLS_MD4_ALT) -void mbedtls_md4_init( mbedtls_md4_context *ctx ) +void mbedtls_md4_init(mbedtls_md4_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_md4_context ) ); + memset(ctx, 0, sizeof(mbedtls_md4_context)); } -void mbedtls_md4_free( mbedtls_md4_context *ctx ) +void mbedtls_md4_free(mbedtls_md4_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md4_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md4_context)); } -void mbedtls_md4_clone( mbedtls_md4_context *dst, - const mbedtls_md4_context *src ) +void mbedtls_md4_clone(mbedtls_md4_context *dst, + const mbedtls_md4_context *src) { *dst = *src; } @@ -59,7 +60,7 @@ void mbedtls_md4_clone( mbedtls_md4_context *dst, /* * MD4 context setup */ -int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx ) +int mbedtls_md4_starts_ret(mbedtls_md4_context *ctx) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -69,43 +70,42 @@ int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx ) ctx->state[2] = 0x98BADCFE; ctx->state[3] = 0x10325476; - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md4_starts( mbedtls_md4_context *ctx ) +void mbedtls_md4_starts(mbedtls_md4_context *ctx) { - mbedtls_md4_starts_ret( ctx ); + mbedtls_md4_starts_ret(ctx); } #endif #if !defined(MBEDTLS_MD4_PROCESS_ALT) -int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, - const unsigned char data[64] ) +int mbedtls_internal_md4_process(mbedtls_md4_context *ctx, + const unsigned char data[64]) { - struct - { + struct { uint32_t X[16], A, B, C, D; } local; - local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 ); - local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 ); - local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 ); - local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 ); - local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 ); - local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 ); - local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 ); - local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 ); - local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 ); - local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 ); - local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 ); - local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 ); - local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 ); - local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 ); - local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 ); - local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 ); - -#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) + local.X[0] = MBEDTLS_GET_UINT32_LE(data, 0); + local.X[1] = MBEDTLS_GET_UINT32_LE(data, 4); + local.X[2] = MBEDTLS_GET_UINT32_LE(data, 8); + local.X[3] = MBEDTLS_GET_UINT32_LE(data, 12); + local.X[4] = MBEDTLS_GET_UINT32_LE(data, 16); + local.X[5] = MBEDTLS_GET_UINT32_LE(data, 20); + local.X[6] = MBEDTLS_GET_UINT32_LE(data, 24); + local.X[7] = MBEDTLS_GET_UINT32_LE(data, 28); + local.X[8] = MBEDTLS_GET_UINT32_LE(data, 32); + local.X[9] = MBEDTLS_GET_UINT32_LE(data, 36); + local.X[10] = MBEDTLS_GET_UINT32_LE(data, 40); + local.X[11] = MBEDTLS_GET_UINT32_LE(data, 44); + local.X[12] = MBEDTLS_GET_UINT32_LE(data, 48); + local.X[13] = MBEDTLS_GET_UINT32_LE(data, 52); + local.X[14] = MBEDTLS_GET_UINT32_LE(data, 56); + local.X[15] = MBEDTLS_GET_UINT32_LE(data, 60); + +#define S(x, n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) local.A = ctx->state[0]; local.B = ctx->state[1]; @@ -113,86 +113,86 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, local.D = ctx->state[3]; #define F(x, y, z) (((x) & (y)) | ((~(x)) & (z))) -#define P(a,b,c,d,x,s) \ +#define P(a, b, c, d, x, s) \ do \ { \ - (a) += F((b),(c),(d)) + (x); \ - (a) = S((a),(s)); \ - } while( 0 ) - - - P( local.A, local.B, local.C, local.D, local.X[ 0], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 1], 7 ); - P( local.C, local.D, local.A, local.B, local.X[ 2], 11 ); - P( local.B, local.C, local.D, local.A, local.X[ 3], 19 ); - P( local.A, local.B, local.C, local.D, local.X[ 4], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 5], 7 ); - P( local.C, local.D, local.A, local.B, local.X[ 6], 11 ); - P( local.B, local.C, local.D, local.A, local.X[ 7], 19 ); - P( local.A, local.B, local.C, local.D, local.X[ 8], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 9], 7 ); - P( local.C, local.D, local.A, local.B, local.X[10], 11 ); - P( local.B, local.C, local.D, local.A, local.X[11], 19 ); - P( local.A, local.B, local.C, local.D, local.X[12], 3 ); - P( local.D, local.A, local.B, local.C, local.X[13], 7 ); - P( local.C, local.D, local.A, local.B, local.X[14], 11 ); - P( local.B, local.C, local.D, local.A, local.X[15], 19 ); + (a) += F((b), (c), (d)) + (x); \ + (a) = S((a), (s)); \ + } while (0) + + + P(local.A, local.B, local.C, local.D, local.X[0], 3); + P(local.D, local.A, local.B, local.C, local.X[1], 7); + P(local.C, local.D, local.A, local.B, local.X[2], 11); + P(local.B, local.C, local.D, local.A, local.X[3], 19); + P(local.A, local.B, local.C, local.D, local.X[4], 3); + P(local.D, local.A, local.B, local.C, local.X[5], 7); + P(local.C, local.D, local.A, local.B, local.X[6], 11); + P(local.B, local.C, local.D, local.A, local.X[7], 19); + P(local.A, local.B, local.C, local.D, local.X[8], 3); + P(local.D, local.A, local.B, local.C, local.X[9], 7); + P(local.C, local.D, local.A, local.B, local.X[10], 11); + P(local.B, local.C, local.D, local.A, local.X[11], 19); + P(local.A, local.B, local.C, local.D, local.X[12], 3); + P(local.D, local.A, local.B, local.C, local.X[13], 7); + P(local.C, local.D, local.A, local.B, local.X[14], 11); + P(local.B, local.C, local.D, local.A, local.X[15], 19); #undef P #undef F -#define F(x,y,z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) -#define P(a,b,c,d,x,s) \ +#define F(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) +#define P(a, b, c, d, x, s) \ do \ { \ - (a) += F((b),(c),(d)) + (x) + 0x5A827999; \ - (a) = S((a),(s)); \ - } while( 0 ) - - P( local.A, local.B, local.C, local.D, local.X[ 0], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 4], 5 ); - P( local.C, local.D, local.A, local.B, local.X[ 8], 9 ); - P( local.B, local.C, local.D, local.A, local.X[12], 13 ); - P( local.A, local.B, local.C, local.D, local.X[ 1], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 5], 5 ); - P( local.C, local.D, local.A, local.B, local.X[ 9], 9 ); - P( local.B, local.C, local.D, local.A, local.X[13], 13 ); - P( local.A, local.B, local.C, local.D, local.X[ 2], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 6], 5 ); - P( local.C, local.D, local.A, local.B, local.X[10], 9 ); - P( local.B, local.C, local.D, local.A, local.X[14], 13 ); - P( local.A, local.B, local.C, local.D, local.X[ 3], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 7], 5 ); - P( local.C, local.D, local.A, local.B, local.X[11], 9 ); - P( local.B, local.C, local.D, local.A, local.X[15], 13 ); + (a) += F((b), (c), (d)) + (x) + 0x5A827999; \ + (a) = S((a), (s)); \ + } while (0) + + P(local.A, local.B, local.C, local.D, local.X[0], 3); + P(local.D, local.A, local.B, local.C, local.X[4], 5); + P(local.C, local.D, local.A, local.B, local.X[8], 9); + P(local.B, local.C, local.D, local.A, local.X[12], 13); + P(local.A, local.B, local.C, local.D, local.X[1], 3); + P(local.D, local.A, local.B, local.C, local.X[5], 5); + P(local.C, local.D, local.A, local.B, local.X[9], 9); + P(local.B, local.C, local.D, local.A, local.X[13], 13); + P(local.A, local.B, local.C, local.D, local.X[2], 3); + P(local.D, local.A, local.B, local.C, local.X[6], 5); + P(local.C, local.D, local.A, local.B, local.X[10], 9); + P(local.B, local.C, local.D, local.A, local.X[14], 13); + P(local.A, local.B, local.C, local.D, local.X[3], 3); + P(local.D, local.A, local.B, local.C, local.X[7], 5); + P(local.C, local.D, local.A, local.B, local.X[11], 9); + P(local.B, local.C, local.D, local.A, local.X[15], 13); #undef P #undef F -#define F(x,y,z) ((x) ^ (y) ^ (z)) -#define P(a,b,c,d,x,s) \ +#define F(x, y, z) ((x) ^ (y) ^ (z)) +#define P(a, b, c, d, x, s) \ do \ { \ - (a) += F((b),(c),(d)) + (x) + 0x6ED9EBA1; \ - (a) = S((a),(s)); \ - } while( 0 ) - - P( local.A, local.B, local.C, local.D, local.X[ 0], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 8], 9 ); - P( local.C, local.D, local.A, local.B, local.X[ 4], 11 ); - P( local.B, local.C, local.D, local.A, local.X[12], 15 ); - P( local.A, local.B, local.C, local.D, local.X[ 2], 3 ); - P( local.D, local.A, local.B, local.C, local.X[10], 9 ); - P( local.C, local.D, local.A, local.B, local.X[ 6], 11 ); - P( local.B, local.C, local.D, local.A, local.X[14], 15 ); - P( local.A, local.B, local.C, local.D, local.X[ 1], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 9], 9 ); - P( local.C, local.D, local.A, local.B, local.X[ 5], 11 ); - P( local.B, local.C, local.D, local.A, local.X[13], 15 ); - P( local.A, local.B, local.C, local.D, local.X[ 3], 3 ); - P( local.D, local.A, local.B, local.C, local.X[11], 9 ); - P( local.C, local.D, local.A, local.B, local.X[ 7], 11 ); - P( local.B, local.C, local.D, local.A, local.X[15], 15 ); + (a) += F((b), (c), (d)) + (x) + 0x6ED9EBA1; \ + (a) = S((a), (s)); \ + } while (0) + + P(local.A, local.B, local.C, local.D, local.X[0], 3); + P(local.D, local.A, local.B, local.C, local.X[8], 9); + P(local.C, local.D, local.A, local.B, local.X[4], 11); + P(local.B, local.C, local.D, local.A, local.X[12], 15); + P(local.A, local.B, local.C, local.D, local.X[2], 3); + P(local.D, local.A, local.B, local.C, local.X[10], 9); + P(local.C, local.D, local.A, local.B, local.X[6], 11); + P(local.B, local.C, local.D, local.A, local.X[14], 15); + P(local.A, local.B, local.C, local.D, local.X[1], 3); + P(local.D, local.A, local.B, local.C, local.X[9], 9); + P(local.C, local.D, local.A, local.B, local.X[5], 11); + P(local.B, local.C, local.D, local.A, local.X[13], 15); + P(local.A, local.B, local.C, local.D, local.X[3], 3); + P(local.D, local.A, local.B, local.C, local.X[11], 9); + P(local.C, local.D, local.A, local.B, local.X[7], 11); + P(local.B, local.C, local.D, local.A, local.X[15], 15); #undef F #undef P @@ -203,16 +203,16 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, ctx->state[3] += local.D; /* Zeroise variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); + mbedtls_platform_zeroize(&local, sizeof(local)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md4_process( mbedtls_md4_context *ctx, - const unsigned char data[64] ) +void mbedtls_md4_process(mbedtls_md4_context *ctx, + const unsigned char data[64]) { - mbedtls_internal_md4_process( ctx, data ); + mbedtls_internal_md4_process(ctx, data); } #endif #endif /* !MBEDTLS_MD4_PROCESS_ALT */ @@ -220,16 +220,17 @@ void mbedtls_md4_process( mbedtls_md4_context *ctx, /* * MD4 process buffer */ -int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_md4_update_ret(mbedtls_md4_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; - if( ilen == 0 ) - return( 0 ); + if (ilen == 0) { + return 0; + } left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -237,52 +238,52 @@ int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, ctx->total[0] += (uint32_t) ilen; ctx->total[0] &= 0xFFFFFFFF; - if( ctx->total[0] < (uint32_t) ilen ) + if (ctx->total[0] < (uint32_t) ilen) { ctx->total[1]++; + } - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), - (void *) input, fill ); + if (left && ilen >= fill) { + memcpy((void *) (ctx->buffer + left), + (void *) input, fill); - if( ( ret = mbedtls_internal_md4_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_md4_process(ctx, ctx->buffer)) != 0) { + return ret; + } input += fill; ilen -= fill; left = 0; } - while( ilen >= 64 ) - { - if( ( ret = mbedtls_internal_md4_process( ctx, input ) ) != 0 ) - return( ret ); + while (ilen >= 64) { + if ((ret = mbedtls_internal_md4_process(ctx, input)) != 0) { + return ret; + } input += 64; ilen -= 64; } - if( ilen > 0 ) - { - memcpy( (void *) (ctx->buffer + left), - (void *) input, ilen ); + if (ilen > 0) { + memcpy((void *) (ctx->buffer + left), + (void *) input, ilen); } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md4_update( mbedtls_md4_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_md4_update(mbedtls_md4_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_md4_update_ret( ctx, input, ilen ); + mbedtls_md4_update_ret(ctx, input, ilen); } #endif static const unsigned char md4_padding[64] = { - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 @@ -291,45 +292,47 @@ static const unsigned char md4_padding[64] = /* * MD4 final digest */ -int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx, - unsigned char output[16] ) +int mbedtls_md4_finish_ret(mbedtls_md4_context *ctx, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t last, padn; uint32_t high, low; unsigned char msglen[8]; - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); + high = (ctx->total[0] >> 29) + | (ctx->total[1] << 3); + low = (ctx->total[0] << 3); - MBEDTLS_PUT_UINT32_LE( low, msglen, 0 ); - MBEDTLS_PUT_UINT32_LE( high, msglen, 4 ); + MBEDTLS_PUT_UINT32_LE(low, msglen, 0); + MBEDTLS_PUT_UINT32_LE(high, msglen, 4); last = ctx->total[0] & 0x3F; - padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); + padn = (last < 56) ? (56 - last) : (120 - last); - ret = mbedtls_md4_update_ret( ctx, (unsigned char *)md4_padding, padn ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_md4_update_ret(ctx, (unsigned char *) md4_padding, padn); + if (ret != 0) { + return ret; + } - if( ( ret = mbedtls_md4_update_ret( ctx, msglen, 8 ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_md4_update_ret(ctx, msglen, 8)) != 0) { + return ret; + } - MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE(ctx->state[0], output, 0); + MBEDTLS_PUT_UINT32_LE(ctx->state[1], output, 4); + MBEDTLS_PUT_UINT32_LE(ctx->state[2], output, 8); + MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md4_finish( mbedtls_md4_context *ctx, - unsigned char output[16] ) +void mbedtls_md4_finish(mbedtls_md4_context *ctx, + unsigned char output[16]) { - mbedtls_md4_finish_ret( ctx, output ); + mbedtls_md4_finish_ret(ctx, output); } #endif @@ -338,36 +341,39 @@ void mbedtls_md4_finish( mbedtls_md4_context *ctx, /* * output = MD4( input buffer ) */ -int mbedtls_md4_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) +int mbedtls_md4_ret(const unsigned char *input, + size_t ilen, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md4_context ctx; - mbedtls_md4_init( &ctx ); + mbedtls_md4_init(&ctx); - if( ( ret = mbedtls_md4_starts_ret( &ctx ) ) != 0 ) + if ((ret = mbedtls_md4_starts_ret(&ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_md4_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_md4_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_md4_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_md4_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_md4_free( &ctx ); + mbedtls_md4_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md4( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) +void mbedtls_md4(const unsigned char *input, + size_t ilen, + unsigned char output[16]) { - mbedtls_md4_ret( input, ilen, output ); + mbedtls_md4_ret(input, ilen, output); } #endif @@ -413,40 +419,43 @@ static const unsigned char md4_test_sum[7][16] = /* * Checkup routine */ -int mbedtls_md4_self_test( int verbose ) +int mbedtls_md4_self_test(int verbose) { int i, ret = 0; unsigned char md4sum[16]; - for( i = 0; i < 7; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " MD4 test #%d: ", i + 1 ); + for (i = 0; i < 7; i++) { + if (verbose != 0) { + mbedtls_printf(" MD4 test #%d: ", i + 1); + } - ret = mbedtls_md4_ret( md4_test_str[i], md4_test_strlen[i], md4sum ); - if( ret != 0 ) + ret = mbedtls_md4_ret(md4_test_str[i], md4_test_strlen[i], md4sum); + if (ret != 0) { goto fail; + } - if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 ) - { + if (memcmp(md4sum, md4_test_sum[i], 16) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/md5.c b/library/md5.c index e53bfe63063b..fb47486fe11b 100644 --- a/library/md5.c +++ b/library/md5.c @@ -36,21 +36,22 @@ #if !defined(MBEDTLS_MD5_ALT) -void mbedtls_md5_init( mbedtls_md5_context *ctx ) +void mbedtls_md5_init(mbedtls_md5_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_md5_context ) ); + memset(ctx, 0, sizeof(mbedtls_md5_context)); } -void mbedtls_md5_free( mbedtls_md5_context *ctx ) +void mbedtls_md5_free(mbedtls_md5_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md5_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md5_context)); } -void mbedtls_md5_clone( mbedtls_md5_context *dst, - const mbedtls_md5_context *src ) +void mbedtls_md5_clone(mbedtls_md5_context *dst, + const mbedtls_md5_context *src) { *dst = *src; } @@ -58,7 +59,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst, /* * MD5 context setup */ -int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ) +int mbedtls_md5_starts_ret(mbedtls_md5_context *ctx) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -68,138 +69,137 @@ int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ) ctx->state[2] = 0x98BADCFE; ctx->state[3] = 0x10325476; - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md5_starts( mbedtls_md5_context *ctx ) +void mbedtls_md5_starts(mbedtls_md5_context *ctx) { - mbedtls_md5_starts_ret( ctx ); + mbedtls_md5_starts_ret(ctx); } #endif #if !defined(MBEDTLS_MD5_PROCESS_ALT) -int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, - const unsigned char data[64] ) +int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, + const unsigned char data[64]) { - struct - { + struct { uint32_t X[16], A, B, C, D; } local; - local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 ); - local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 ); - local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 ); - local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 ); - local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 ); - local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 ); - local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 ); - local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 ); - local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 ); - local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 ); - local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 ); - local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 ); - local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 ); - local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 ); - local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 ); - local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 ); - -#define S(x,n) \ - ( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) ) - -#define P(a,b,c,d,k,s,t) \ + local.X[0] = MBEDTLS_GET_UINT32_LE(data, 0); + local.X[1] = MBEDTLS_GET_UINT32_LE(data, 4); + local.X[2] = MBEDTLS_GET_UINT32_LE(data, 8); + local.X[3] = MBEDTLS_GET_UINT32_LE(data, 12); + local.X[4] = MBEDTLS_GET_UINT32_LE(data, 16); + local.X[5] = MBEDTLS_GET_UINT32_LE(data, 20); + local.X[6] = MBEDTLS_GET_UINT32_LE(data, 24); + local.X[7] = MBEDTLS_GET_UINT32_LE(data, 28); + local.X[8] = MBEDTLS_GET_UINT32_LE(data, 32); + local.X[9] = MBEDTLS_GET_UINT32_LE(data, 36); + local.X[10] = MBEDTLS_GET_UINT32_LE(data, 40); + local.X[11] = MBEDTLS_GET_UINT32_LE(data, 44); + local.X[12] = MBEDTLS_GET_UINT32_LE(data, 48); + local.X[13] = MBEDTLS_GET_UINT32_LE(data, 52); + local.X[14] = MBEDTLS_GET_UINT32_LE(data, 56); + local.X[15] = MBEDTLS_GET_UINT32_LE(data, 60); + +#define S(x, n) \ + (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) + +#define P(a, b, c, d, k, s, t) \ do \ { \ - (a) += F((b),(c),(d)) + local.X[(k)] + (t); \ - (a) = S((a),(s)) + (b); \ - } while( 0 ) + (a) += F((b), (c), (d)) + local.X[(k)] + (t); \ + (a) = S((a), (s)) + (b); \ + } while (0) local.A = ctx->state[0]; local.B = ctx->state[1]; local.C = ctx->state[2]; local.D = ctx->state[3]; -#define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) - - P( local.A, local.B, local.C, local.D, 0, 7, 0xD76AA478 ); - P( local.D, local.A, local.B, local.C, 1, 12, 0xE8C7B756 ); - P( local.C, local.D, local.A, local.B, 2, 17, 0x242070DB ); - P( local.B, local.C, local.D, local.A, 3, 22, 0xC1BDCEEE ); - P( local.A, local.B, local.C, local.D, 4, 7, 0xF57C0FAF ); - P( local.D, local.A, local.B, local.C, 5, 12, 0x4787C62A ); - P( local.C, local.D, local.A, local.B, 6, 17, 0xA8304613 ); - P( local.B, local.C, local.D, local.A, 7, 22, 0xFD469501 ); - P( local.A, local.B, local.C, local.D, 8, 7, 0x698098D8 ); - P( local.D, local.A, local.B, local.C, 9, 12, 0x8B44F7AF ); - P( local.C, local.D, local.A, local.B, 10, 17, 0xFFFF5BB1 ); - P( local.B, local.C, local.D, local.A, 11, 22, 0x895CD7BE ); - P( local.A, local.B, local.C, local.D, 12, 7, 0x6B901122 ); - P( local.D, local.A, local.B, local.C, 13, 12, 0xFD987193 ); - P( local.C, local.D, local.A, local.B, 14, 17, 0xA679438E ); - P( local.B, local.C, local.D, local.A, 15, 22, 0x49B40821 ); +#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) + + P(local.A, local.B, local.C, local.D, 0, 7, 0xD76AA478); + P(local.D, local.A, local.B, local.C, 1, 12, 0xE8C7B756); + P(local.C, local.D, local.A, local.B, 2, 17, 0x242070DB); + P(local.B, local.C, local.D, local.A, 3, 22, 0xC1BDCEEE); + P(local.A, local.B, local.C, local.D, 4, 7, 0xF57C0FAF); + P(local.D, local.A, local.B, local.C, 5, 12, 0x4787C62A); + P(local.C, local.D, local.A, local.B, 6, 17, 0xA8304613); + P(local.B, local.C, local.D, local.A, 7, 22, 0xFD469501); + P(local.A, local.B, local.C, local.D, 8, 7, 0x698098D8); + P(local.D, local.A, local.B, local.C, 9, 12, 0x8B44F7AF); + P(local.C, local.D, local.A, local.B, 10, 17, 0xFFFF5BB1); + P(local.B, local.C, local.D, local.A, 11, 22, 0x895CD7BE); + P(local.A, local.B, local.C, local.D, 12, 7, 0x6B901122); + P(local.D, local.A, local.B, local.C, 13, 12, 0xFD987193); + P(local.C, local.D, local.A, local.B, 14, 17, 0xA679438E); + P(local.B, local.C, local.D, local.A, 15, 22, 0x49B40821); #undef F -#define F(x,y,z) ((y) ^ ((z) & ((x) ^ (y)))) - - P( local.A, local.B, local.C, local.D, 1, 5, 0xF61E2562 ); - P( local.D, local.A, local.B, local.C, 6, 9, 0xC040B340 ); - P( local.C, local.D, local.A, local.B, 11, 14, 0x265E5A51 ); - P( local.B, local.C, local.D, local.A, 0, 20, 0xE9B6C7AA ); - P( local.A, local.B, local.C, local.D, 5, 5, 0xD62F105D ); - P( local.D, local.A, local.B, local.C, 10, 9, 0x02441453 ); - P( local.C, local.D, local.A, local.B, 15, 14, 0xD8A1E681 ); - P( local.B, local.C, local.D, local.A, 4, 20, 0xE7D3FBC8 ); - P( local.A, local.B, local.C, local.D, 9, 5, 0x21E1CDE6 ); - P( local.D, local.A, local.B, local.C, 14, 9, 0xC33707D6 ); - P( local.C, local.D, local.A, local.B, 3, 14, 0xF4D50D87 ); - P( local.B, local.C, local.D, local.A, 8, 20, 0x455A14ED ); - P( local.A, local.B, local.C, local.D, 13, 5, 0xA9E3E905 ); - P( local.D, local.A, local.B, local.C, 2, 9, 0xFCEFA3F8 ); - P( local.C, local.D, local.A, local.B, 7, 14, 0x676F02D9 ); - P( local.B, local.C, local.D, local.A, 12, 20, 0x8D2A4C8A ); +#define F(x, y, z) ((y) ^ ((z) & ((x) ^ (y)))) + + P(local.A, local.B, local.C, local.D, 1, 5, 0xF61E2562); + P(local.D, local.A, local.B, local.C, 6, 9, 0xC040B340); + P(local.C, local.D, local.A, local.B, 11, 14, 0x265E5A51); + P(local.B, local.C, local.D, local.A, 0, 20, 0xE9B6C7AA); + P(local.A, local.B, local.C, local.D, 5, 5, 0xD62F105D); + P(local.D, local.A, local.B, local.C, 10, 9, 0x02441453); + P(local.C, local.D, local.A, local.B, 15, 14, 0xD8A1E681); + P(local.B, local.C, local.D, local.A, 4, 20, 0xE7D3FBC8); + P(local.A, local.B, local.C, local.D, 9, 5, 0x21E1CDE6); + P(local.D, local.A, local.B, local.C, 14, 9, 0xC33707D6); + P(local.C, local.D, local.A, local.B, 3, 14, 0xF4D50D87); + P(local.B, local.C, local.D, local.A, 8, 20, 0x455A14ED); + P(local.A, local.B, local.C, local.D, 13, 5, 0xA9E3E905); + P(local.D, local.A, local.B, local.C, 2, 9, 0xFCEFA3F8); + P(local.C, local.D, local.A, local.B, 7, 14, 0x676F02D9); + P(local.B, local.C, local.D, local.A, 12, 20, 0x8D2A4C8A); #undef F -#define F(x,y,z) ((x) ^ (y) ^ (z)) - - P( local.A, local.B, local.C, local.D, 5, 4, 0xFFFA3942 ); - P( local.D, local.A, local.B, local.C, 8, 11, 0x8771F681 ); - P( local.C, local.D, local.A, local.B, 11, 16, 0x6D9D6122 ); - P( local.B, local.C, local.D, local.A, 14, 23, 0xFDE5380C ); - P( local.A, local.B, local.C, local.D, 1, 4, 0xA4BEEA44 ); - P( local.D, local.A, local.B, local.C, 4, 11, 0x4BDECFA9 ); - P( local.C, local.D, local.A, local.B, 7, 16, 0xF6BB4B60 ); - P( local.B, local.C, local.D, local.A, 10, 23, 0xBEBFBC70 ); - P( local.A, local.B, local.C, local.D, 13, 4, 0x289B7EC6 ); - P( local.D, local.A, local.B, local.C, 0, 11, 0xEAA127FA ); - P( local.C, local.D, local.A, local.B, 3, 16, 0xD4EF3085 ); - P( local.B, local.C, local.D, local.A, 6, 23, 0x04881D05 ); - P( local.A, local.B, local.C, local.D, 9, 4, 0xD9D4D039 ); - P( local.D, local.A, local.B, local.C, 12, 11, 0xE6DB99E5 ); - P( local.C, local.D, local.A, local.B, 15, 16, 0x1FA27CF8 ); - P( local.B, local.C, local.D, local.A, 2, 23, 0xC4AC5665 ); +#define F(x, y, z) ((x) ^ (y) ^ (z)) + + P(local.A, local.B, local.C, local.D, 5, 4, 0xFFFA3942); + P(local.D, local.A, local.B, local.C, 8, 11, 0x8771F681); + P(local.C, local.D, local.A, local.B, 11, 16, 0x6D9D6122); + P(local.B, local.C, local.D, local.A, 14, 23, 0xFDE5380C); + P(local.A, local.B, local.C, local.D, 1, 4, 0xA4BEEA44); + P(local.D, local.A, local.B, local.C, 4, 11, 0x4BDECFA9); + P(local.C, local.D, local.A, local.B, 7, 16, 0xF6BB4B60); + P(local.B, local.C, local.D, local.A, 10, 23, 0xBEBFBC70); + P(local.A, local.B, local.C, local.D, 13, 4, 0x289B7EC6); + P(local.D, local.A, local.B, local.C, 0, 11, 0xEAA127FA); + P(local.C, local.D, local.A, local.B, 3, 16, 0xD4EF3085); + P(local.B, local.C, local.D, local.A, 6, 23, 0x04881D05); + P(local.A, local.B, local.C, local.D, 9, 4, 0xD9D4D039); + P(local.D, local.A, local.B, local.C, 12, 11, 0xE6DB99E5); + P(local.C, local.D, local.A, local.B, 15, 16, 0x1FA27CF8); + P(local.B, local.C, local.D, local.A, 2, 23, 0xC4AC5665); #undef F -#define F(x,y,z) ((y) ^ ((x) | ~(z))) - - P( local.A, local.B, local.C, local.D, 0, 6, 0xF4292244 ); - P( local.D, local.A, local.B, local.C, 7, 10, 0x432AFF97 ); - P( local.C, local.D, local.A, local.B, 14, 15, 0xAB9423A7 ); - P( local.B, local.C, local.D, local.A, 5, 21, 0xFC93A039 ); - P( local.A, local.B, local.C, local.D, 12, 6, 0x655B59C3 ); - P( local.D, local.A, local.B, local.C, 3, 10, 0x8F0CCC92 ); - P( local.C, local.D, local.A, local.B, 10, 15, 0xFFEFF47D ); - P( local.B, local.C, local.D, local.A, 1, 21, 0x85845DD1 ); - P( local.A, local.B, local.C, local.D, 8, 6, 0x6FA87E4F ); - P( local.D, local.A, local.B, local.C, 15, 10, 0xFE2CE6E0 ); - P( local.C, local.D, local.A, local.B, 6, 15, 0xA3014314 ); - P( local.B, local.C, local.D, local.A, 13, 21, 0x4E0811A1 ); - P( local.A, local.B, local.C, local.D, 4, 6, 0xF7537E82 ); - P( local.D, local.A, local.B, local.C, 11, 10, 0xBD3AF235 ); - P( local.C, local.D, local.A, local.B, 2, 15, 0x2AD7D2BB ); - P( local.B, local.C, local.D, local.A, 9, 21, 0xEB86D391 ); +#define F(x, y, z) ((y) ^ ((x) | ~(z))) + + P(local.A, local.B, local.C, local.D, 0, 6, 0xF4292244); + P(local.D, local.A, local.B, local.C, 7, 10, 0x432AFF97); + P(local.C, local.D, local.A, local.B, 14, 15, 0xAB9423A7); + P(local.B, local.C, local.D, local.A, 5, 21, 0xFC93A039); + P(local.A, local.B, local.C, local.D, 12, 6, 0x655B59C3); + P(local.D, local.A, local.B, local.C, 3, 10, 0x8F0CCC92); + P(local.C, local.D, local.A, local.B, 10, 15, 0xFFEFF47D); + P(local.B, local.C, local.D, local.A, 1, 21, 0x85845DD1); + P(local.A, local.B, local.C, local.D, 8, 6, 0x6FA87E4F); + P(local.D, local.A, local.B, local.C, 15, 10, 0xFE2CE6E0); + P(local.C, local.D, local.A, local.B, 6, 15, 0xA3014314); + P(local.B, local.C, local.D, local.A, 13, 21, 0x4E0811A1); + P(local.A, local.B, local.C, local.D, 4, 6, 0xF7537E82); + P(local.D, local.A, local.B, local.C, 11, 10, 0xBD3AF235); + P(local.C, local.D, local.A, local.B, 2, 15, 0x2AD7D2BB); + P(local.B, local.C, local.D, local.A, 9, 21, 0xEB86D391); #undef F @@ -209,16 +209,16 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, ctx->state[3] += local.D; /* Zeroise variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); + mbedtls_platform_zeroize(&local, sizeof(local)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md5_process( mbedtls_md5_context *ctx, - const unsigned char data[64] ) +void mbedtls_md5_process(mbedtls_md5_context *ctx, + const unsigned char data[64]) { - mbedtls_internal_md5_process( ctx, data ); + mbedtls_internal_md5_process(ctx, data); } #endif #endif /* !MBEDTLS_MD5_PROCESS_ALT */ @@ -226,16 +226,17 @@ void mbedtls_md5_process( mbedtls_md5_context *ctx, /* * MD5 process buffer */ -int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_md5_update_ret(mbedtls_md5_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; - if( ilen == 0 ) - return( 0 ); + if (ilen == 0) { + return 0; + } left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -243,51 +244,51 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, ctx->total[0] += (uint32_t) ilen; ctx->total[0] &= 0xFFFFFFFF; - if( ctx->total[0] < (uint32_t) ilen ) + if (ctx->total[0] < (uint32_t) ilen) { ctx->total[1]++; + } - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); - if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if (left && ilen >= fill) { + memcpy((void *) (ctx->buffer + left), input, fill); + if ((ret = mbedtls_internal_md5_process(ctx, ctx->buffer)) != 0) { + return ret; + } input += fill; ilen -= fill; left = 0; } - while( ilen >= 64 ) - { - if( ( ret = mbedtls_internal_md5_process( ctx, input ) ) != 0 ) - return( ret ); + while (ilen >= 64) { + if ((ret = mbedtls_internal_md5_process(ctx, input)) != 0) { + return ret; + } input += 64; ilen -= 64; } - if( ilen > 0 ) - { - memcpy( (void *) (ctx->buffer + left), input, ilen ); + if (ilen > 0) { + memcpy((void *) (ctx->buffer + left), input, ilen); } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md5_update( mbedtls_md5_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_md5_update(mbedtls_md5_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_md5_update_ret( ctx, input, ilen ); + mbedtls_md5_update_ret(ctx, input, ilen); } #endif /* * MD5 final digest */ -int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, - unsigned char output[16] ) +int mbedtls_md5_finish_ret(mbedtls_md5_context *ctx, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; @@ -300,51 +301,50 @@ int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, ctx->buffer[used++] = 0x80; - if( used <= 56 ) - { + if (used <= 56) { /* Enough room for padding + length in current block */ - memset( ctx->buffer + used, 0, 56 - used ); - } - else - { + memset(ctx->buffer + used, 0, 56 - used); + } else { /* We'll need an extra block */ - memset( ctx->buffer + used, 0, 64 - used ); + memset(ctx->buffer + used, 0, 64 - used); - if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_md5_process(ctx, ctx->buffer)) != 0) { + return ret; + } - memset( ctx->buffer, 0, 56 ); + memset(ctx->buffer, 0, 56); } /* * Add message length */ - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); + high = (ctx->total[0] >> 29) + | (ctx->total[1] << 3); + low = (ctx->total[0] << 3); - MBEDTLS_PUT_UINT32_LE( low, ctx->buffer, 56 ); - MBEDTLS_PUT_UINT32_LE( high, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_LE(low, ctx->buffer, 56); + MBEDTLS_PUT_UINT32_LE(high, ctx->buffer, 60); - if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_md5_process(ctx, ctx->buffer)) != 0) { + return ret; + } /* * Output final state */ - MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE(ctx->state[0], output, 0); + MBEDTLS_PUT_UINT32_LE(ctx->state[1], output, 4); + MBEDTLS_PUT_UINT32_LE(ctx->state[2], output, 8); + MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md5_finish( mbedtls_md5_context *ctx, - unsigned char output[16] ) +void mbedtls_md5_finish(mbedtls_md5_context *ctx, + unsigned char output[16]) { - mbedtls_md5_finish_ret( ctx, output ); + mbedtls_md5_finish_ret(ctx, output); } #endif @@ -353,36 +353,39 @@ void mbedtls_md5_finish( mbedtls_md5_context *ctx, /* * output = MD5( input buffer ) */ -int mbedtls_md5_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) +int mbedtls_md5_ret(const unsigned char *input, + size_t ilen, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md5_context ctx; - mbedtls_md5_init( &ctx ); + mbedtls_md5_init(&ctx); - if( ( ret = mbedtls_md5_starts_ret( &ctx ) ) != 0 ) + if ((ret = mbedtls_md5_starts_ret(&ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_md5_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_md5_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_md5_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_md5_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_md5_free( &ctx ); + mbedtls_md5_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md5( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) +void mbedtls_md5(const unsigned char *input, + size_t ilen, + unsigned char output[16]) { - mbedtls_md5_ret( input, ilen, output ); + mbedtls_md5_ret(input, ilen, output); } #endif @@ -427,40 +430,43 @@ static const unsigned char md5_test_sum[7][16] = /* * Checkup routine */ -int mbedtls_md5_self_test( int verbose ) +int mbedtls_md5_self_test(int verbose) { int i, ret = 0; unsigned char md5sum[16]; - for( i = 0; i < 7; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " MD5 test #%d: ", i + 1 ); + for (i = 0; i < 7; i++) { + if (verbose != 0) { + mbedtls_printf(" MD5 test #%d: ", i + 1); + } - ret = mbedtls_md5_ret( md5_test_buf[i], md5_test_buflen[i], md5sum ); - if( ret != 0 ) + ret = mbedtls_md5_ret(md5_test_buf[i], md5_test_buflen[i], md5sum); + if (ret != 0) { goto fail; + } - if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 ) - { + if (memcmp(md5sum, md5_test_sum[i], 16) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index cc62324bdc6c..bdde4e0ba49c 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -42,8 +42,7 @@ #define MAX_BT 20 typedef struct _memory_header memory_header; -struct _memory_header -{ +struct _memory_header { size_t magic1; size_t size; size_t alloc; @@ -58,8 +57,7 @@ struct _memory_header size_t magic2; }; -typedef struct -{ +typedef struct { unsigned char *buf; size_t len; memory_header *first; @@ -82,146 +80,135 @@ buffer_alloc_ctx; static buffer_alloc_ctx heap; #if defined(MBEDTLS_MEMORY_DEBUG) -static void debug_header( memory_header *hdr ) +static void debug_header(memory_header *hdr) { #if defined(MBEDTLS_MEMORY_BACKTRACE) size_t i; #endif - mbedtls_fprintf( stderr, "HDR: PTR(%10zu), PREV(%10zu), NEXT(%10zu), " - "ALLOC(%zu), SIZE(%10zu)\n", - (size_t) hdr, (size_t) hdr->prev, (size_t) hdr->next, - hdr->alloc, hdr->size ); - mbedtls_fprintf( stderr, " FPREV(%10zu), FNEXT(%10zu)\n", - (size_t) hdr->prev_free, (size_t) hdr->next_free ); + mbedtls_fprintf(stderr, "HDR: PTR(%10zu), PREV(%10zu), NEXT(%10zu), " + "ALLOC(%zu), SIZE(%10zu)\n", + (size_t) hdr, (size_t) hdr->prev, (size_t) hdr->next, + hdr->alloc, hdr->size); + mbedtls_fprintf(stderr, " FPREV(%10zu), FNEXT(%10zu)\n", + (size_t) hdr->prev_free, (size_t) hdr->next_free); #if defined(MBEDTLS_MEMORY_BACKTRACE) - mbedtls_fprintf( stderr, "TRACE: \n" ); - for( i = 0; i < hdr->trace_count; i++ ) - mbedtls_fprintf( stderr, "%s\n", hdr->trace[i] ); - mbedtls_fprintf( stderr, "\n" ); + mbedtls_fprintf(stderr, "TRACE: \n"); + for (i = 0; i < hdr->trace_count; i++) { + mbedtls_fprintf(stderr, "%s\n", hdr->trace[i]); + } + mbedtls_fprintf(stderr, "\n"); #endif } -static void debug_chain( void ) +static void debug_chain(void) { memory_header *cur = heap.first; - mbedtls_fprintf( stderr, "\nBlock list\n" ); - while( cur != NULL ) - { - debug_header( cur ); + mbedtls_fprintf(stderr, "\nBlock list\n"); + while (cur != NULL) { + debug_header(cur); cur = cur->next; } - mbedtls_fprintf( stderr, "Free list\n" ); + mbedtls_fprintf(stderr, "Free list\n"); cur = heap.first_free; - while( cur != NULL ) - { - debug_header( cur ); + while (cur != NULL) { + debug_header(cur); cur = cur->next_free; } } #endif /* MBEDTLS_MEMORY_DEBUG */ -static int verify_header( memory_header *hdr ) +static int verify_header(memory_header *hdr) { - if( hdr->magic1 != MAGIC1 ) - { + if (hdr->magic1 != MAGIC1) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: MAGIC1 mismatch\n" ); + mbedtls_fprintf(stderr, "FATAL: MAGIC1 mismatch\n"); #endif - return( 1 ); + return 1; } - if( hdr->magic2 != MAGIC2 ) - { + if (hdr->magic2 != MAGIC2) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: MAGIC2 mismatch\n" ); + mbedtls_fprintf(stderr, "FATAL: MAGIC2 mismatch\n"); #endif - return( 1 ); + return 1; } - if( hdr->alloc > 1 ) - { + if (hdr->alloc > 1) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: alloc has illegal value\n" ); + mbedtls_fprintf(stderr, "FATAL: alloc has illegal value\n"); #endif - return( 1 ); + return 1; } - if( hdr->prev != NULL && hdr->prev == hdr->next ) - { + if (hdr->prev != NULL && hdr->prev == hdr->next) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: prev == next\n" ); + mbedtls_fprintf(stderr, "FATAL: prev == next\n"); #endif - return( 1 ); + return 1; } - if( hdr->prev_free != NULL && hdr->prev_free == hdr->next_free ) - { + if (hdr->prev_free != NULL && hdr->prev_free == hdr->next_free) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: prev_free == next_free\n" ); + mbedtls_fprintf(stderr, "FATAL: prev_free == next_free\n"); #endif - return( 1 ); + return 1; } - return( 0 ); + return 0; } -static int verify_chain( void ) +static int verify_chain(void) { memory_header *prv = heap.first, *cur; - if( prv == NULL || verify_header( prv ) != 0 ) - { + if (prv == NULL || verify_header(prv) != 0) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: verification of first header " - "failed\n" ); + mbedtls_fprintf(stderr, "FATAL: verification of first header " + "failed\n"); #endif - return( 1 ); + return 1; } - if( heap.first->prev != NULL ) - { + if (heap.first->prev != NULL) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: verification failed: " - "first->prev != NULL\n" ); + mbedtls_fprintf(stderr, "FATAL: verification failed: " + "first->prev != NULL\n"); #endif - return( 1 ); + return 1; } cur = heap.first->next; - while( cur != NULL ) - { - if( verify_header( cur ) != 0 ) - { + while (cur != NULL) { + if (verify_header(cur) != 0) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: verification of header " - "failed\n" ); + mbedtls_fprintf(stderr, "FATAL: verification of header " + "failed\n"); #endif - return( 1 ); + return 1; } - if( cur->prev != prv ) - { + if (cur->prev != prv) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: verification failed: " - "cur->prev != prv\n" ); + mbedtls_fprintf(stderr, "FATAL: verification failed: " + "cur->prev != prv\n"); #endif - return( 1 ); + return 1; } prv = cur; cur = cur->next; } - return( 0 ); + return 0; } -static void *buffer_alloc_calloc( size_t n, size_t size ) +static void *buffer_alloc_calloc(size_t n, size_t size) { memory_header *new, *cur = heap.first_free; unsigned char *p; @@ -232,42 +219,43 @@ static void *buffer_alloc_calloc( size_t n, size_t size ) size_t trace_cnt; #endif - if( heap.buf == NULL || heap.first == NULL ) - return( NULL ); + if (heap.buf == NULL || heap.first == NULL) { + return NULL; + } original_len = len = n * size; - if( n == 0 || size == 0 || len / n != size ) - return( NULL ); - else if( len > (size_t)-MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - return( NULL ); + if (n == 0 || size == 0 || len / n != size) { + return NULL; + } else if (len > (size_t) -MBEDTLS_MEMORY_ALIGN_MULTIPLE) { + return NULL; + } - if( len % MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - { + if (len % MBEDTLS_MEMORY_ALIGN_MULTIPLE) { len -= len % MBEDTLS_MEMORY_ALIGN_MULTIPLE; len += MBEDTLS_MEMORY_ALIGN_MULTIPLE; } // Find block that fits // - while( cur != NULL ) - { - if( cur->size >= len ) + while (cur != NULL) { + if (cur->size >= len) { break; + } cur = cur->next_free; } - if( cur == NULL ) - return( NULL ); + if (cur == NULL) { + return NULL; + } - if( cur->alloc != 0 ) - { + if (cur->alloc != 0) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: block in free_list but allocated " - "data\n" ); + mbedtls_fprintf(stderr, "FATAL: block in free_list but allocated " + "data\n"); #endif - mbedtls_exit( 1 ); + mbedtls_exit(1); } #if defined(MBEDTLS_MEMORY_DEBUG) @@ -276,45 +264,48 @@ static void *buffer_alloc_calloc( size_t n, size_t size ) // Found location, split block if > memory_header + 4 room left // - if( cur->size - len < sizeof(memory_header) + - MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - { + if (cur->size - len < sizeof(memory_header) + + MBEDTLS_MEMORY_ALIGN_MULTIPLE) { cur->alloc = 1; // Remove from free_list // - if( cur->prev_free != NULL ) + if (cur->prev_free != NULL) { cur->prev_free->next_free = cur->next_free; - else + } else { heap.first_free = cur->next_free; + } - if( cur->next_free != NULL ) + if (cur->next_free != NULL) { cur->next_free->prev_free = cur->prev_free; + } cur->prev_free = NULL; cur->next_free = NULL; #if defined(MBEDTLS_MEMORY_DEBUG) heap.total_used += cur->size; - if( heap.total_used > heap.maximum_used ) + if (heap.total_used > heap.maximum_used) { heap.maximum_used = heap.total_used; + } #endif #if defined(MBEDTLS_MEMORY_BACKTRACE) - trace_cnt = backtrace( trace_buffer, MAX_BT ); - cur->trace = backtrace_symbols( trace_buffer, trace_cnt ); + trace_cnt = backtrace(trace_buffer, MAX_BT); + cur->trace = backtrace_symbols(trace_buffer, trace_cnt); cur->trace_count = trace_cnt; #endif - if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) - mbedtls_exit( 1 ); + if ((heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC) && verify_chain() != 0) { + mbedtls_exit(1); + } - ret = (unsigned char *) cur + sizeof( memory_header ); - memset( ret, 0, original_len ); + ret = (unsigned char *) cur + sizeof(memory_header); + memset(ret, 0, original_len); - return( ret ); + return ret; } - p = ( (unsigned char *) cur ) + sizeof(memory_header) + len; + p = ((unsigned char *) cur) + sizeof(memory_header) + len; new = (memory_header *) p; new->size = cur->size - len - sizeof(memory_header); @@ -328,20 +319,23 @@ static void *buffer_alloc_calloc( size_t n, size_t size ) new->magic1 = MAGIC1; new->magic2 = MAGIC2; - if( new->next != NULL ) + if (new->next != NULL) { new->next->prev = new; + } // Replace cur with new in free_list // new->prev_free = cur->prev_free; new->next_free = cur->next_free; - if( new->prev_free != NULL ) + if (new->prev_free != NULL) { new->prev_free->next_free = new; - else + } else { heap.first_free = new; + } - if( new->next_free != NULL ) + if (new->next_free != NULL) { new->next_free->prev_free = new; + } cur->alloc = 1; cur->size = len; @@ -351,57 +345,60 @@ static void *buffer_alloc_calloc( size_t n, size_t size ) #if defined(MBEDTLS_MEMORY_DEBUG) heap.header_count++; - if( heap.header_count > heap.maximum_header_count ) + if (heap.header_count > heap.maximum_header_count) { heap.maximum_header_count = heap.header_count; + } heap.total_used += cur->size; - if( heap.total_used > heap.maximum_used ) + if (heap.total_used > heap.maximum_used) { heap.maximum_used = heap.total_used; + } #endif #if defined(MBEDTLS_MEMORY_BACKTRACE) - trace_cnt = backtrace( trace_buffer, MAX_BT ); - cur->trace = backtrace_symbols( trace_buffer, trace_cnt ); + trace_cnt = backtrace(trace_buffer, MAX_BT); + cur->trace = backtrace_symbols(trace_buffer, trace_cnt); cur->trace_count = trace_cnt; #endif - if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) - mbedtls_exit( 1 ); + if ((heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC) && verify_chain() != 0) { + mbedtls_exit(1); + } - ret = (unsigned char *) cur + sizeof( memory_header ); - memset( ret, 0, original_len ); + ret = (unsigned char *) cur + sizeof(memory_header); + memset(ret, 0, original_len); - return( ret ); + return ret; } -static void buffer_alloc_free( void *ptr ) +static void buffer_alloc_free(void *ptr) { memory_header *hdr, *old = NULL; unsigned char *p = (unsigned char *) ptr; - if( ptr == NULL || heap.buf == NULL || heap.first == NULL ) + if (ptr == NULL || heap.buf == NULL || heap.first == NULL) { return; + } - if( p < heap.buf || p >= heap.buf + heap.len ) - { + if (p < heap.buf || p >= heap.buf + heap.len) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: mbedtls_free() outside of managed " - "space\n" ); + mbedtls_fprintf(stderr, "FATAL: mbedtls_free() outside of managed " + "space\n"); #endif - mbedtls_exit( 1 ); + mbedtls_exit(1); } p -= sizeof(memory_header); hdr = (memory_header *) p; - if( verify_header( hdr ) != 0 ) - mbedtls_exit( 1 ); + if (verify_header(hdr) != 0) { + mbedtls_exit(1); + } - if( hdr->alloc != 1 ) - { + if (hdr->alloc != 1) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: mbedtls_free() on unallocated " - "data\n" ); + mbedtls_fprintf(stderr, "FATAL: mbedtls_free() on unallocated " + "data\n"); #endif - mbedtls_exit( 1 ); + mbedtls_exit(1); } hdr->alloc = 0; @@ -412,15 +409,14 @@ static void buffer_alloc_free( void *ptr ) #endif #if defined(MBEDTLS_MEMORY_BACKTRACE) - free( hdr->trace ); + free(hdr->trace); hdr->trace = NULL; hdr->trace_count = 0; #endif // Regroup with block before // - if( hdr->prev != NULL && hdr->prev->alloc == 0 ) - { + if (hdr->prev != NULL && hdr->prev->alloc == 0) { #if defined(MBEDTLS_MEMORY_DEBUG) heap.header_count--; #endif @@ -429,16 +425,16 @@ static void buffer_alloc_free( void *ptr ) old = hdr; hdr = hdr->prev; - if( hdr->next != NULL ) + if (hdr->next != NULL) { hdr->next->prev = hdr; + } - memset( old, 0, sizeof(memory_header) ); + memset(old, 0, sizeof(memory_header)); } // Regroup with block after // - if( hdr->next != NULL && hdr->next->alloc == 0 ) - { + if (hdr->next != NULL && hdr->next->alloc == 0) { #if defined(MBEDTLS_MEMORY_DEBUG) heap.header_count--; #endif @@ -446,95 +442,97 @@ static void buffer_alloc_free( void *ptr ) old = hdr->next; hdr->next = hdr->next->next; - if( hdr->prev_free != NULL || hdr->next_free != NULL ) - { - if( hdr->prev_free != NULL ) + if (hdr->prev_free != NULL || hdr->next_free != NULL) { + if (hdr->prev_free != NULL) { hdr->prev_free->next_free = hdr->next_free; - else + } else { heap.first_free = hdr->next_free; + } - if( hdr->next_free != NULL ) + if (hdr->next_free != NULL) { hdr->next_free->prev_free = hdr->prev_free; + } } hdr->prev_free = old->prev_free; hdr->next_free = old->next_free; - if( hdr->prev_free != NULL ) + if (hdr->prev_free != NULL) { hdr->prev_free->next_free = hdr; - else + } else { heap.first_free = hdr; + } - if( hdr->next_free != NULL ) + if (hdr->next_free != NULL) { hdr->next_free->prev_free = hdr; + } - if( hdr->next != NULL ) + if (hdr->next != NULL) { hdr->next->prev = hdr; + } - memset( old, 0, sizeof(memory_header) ); + memset(old, 0, sizeof(memory_header)); } // Prepend to free_list if we have not merged // (Does not have to stay in same order as prev / next list) // - if( old == NULL ) - { + if (old == NULL) { hdr->next_free = heap.first_free; - if( heap.first_free != NULL ) + if (heap.first_free != NULL) { heap.first_free->prev_free = hdr; + } heap.first_free = hdr; } - if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_FREE ) && verify_chain() != 0 ) - mbedtls_exit( 1 ); + if ((heap.verify & MBEDTLS_MEMORY_VERIFY_FREE) && verify_chain() != 0) { + mbedtls_exit(1); + } } -void mbedtls_memory_buffer_set_verify( int verify ) +void mbedtls_memory_buffer_set_verify(int verify) { heap.verify = verify; } -int mbedtls_memory_buffer_alloc_verify( void ) +int mbedtls_memory_buffer_alloc_verify(void) { return verify_chain(); } #if defined(MBEDTLS_MEMORY_DEBUG) -void mbedtls_memory_buffer_alloc_status( void ) +void mbedtls_memory_buffer_alloc_status(void) { - mbedtls_fprintf( stderr, - "Current use: %zu blocks / %zu bytes, max: %zu blocks / " - "%zu bytes (total %zu bytes), alloc / free: %zu / %zu\n", - heap.header_count, heap.total_used, - heap.maximum_header_count, heap.maximum_used, - heap.maximum_header_count * sizeof( memory_header ) - + heap.maximum_used, - heap.alloc_count, heap.free_count ); - - if( heap.first->next == NULL ) - { - mbedtls_fprintf( stderr, "All memory de-allocated in stack buffer\n" ); - } - else - { - mbedtls_fprintf( stderr, "Memory currently allocated:\n" ); + mbedtls_fprintf(stderr, + "Current use: %zu blocks / %zu bytes, max: %zu blocks / " + "%zu bytes (total %zu bytes), alloc / free: %zu / %zu\n", + heap.header_count, heap.total_used, + heap.maximum_header_count, heap.maximum_used, + heap.maximum_header_count * sizeof(memory_header) + + heap.maximum_used, + heap.alloc_count, heap.free_count); + + if (heap.first->next == NULL) { + mbedtls_fprintf(stderr, "All memory de-allocated in stack buffer\n"); + } else { + mbedtls_fprintf(stderr, "Memory currently allocated:\n"); debug_chain(); } } -void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ) +void mbedtls_memory_buffer_alloc_max_get(size_t *max_used, size_t *max_blocks) { *max_used = heap.maximum_used; *max_blocks = heap.maximum_header_count; } -void mbedtls_memory_buffer_alloc_max_reset( void ) +void mbedtls_memory_buffer_alloc_max_reset(void) { heap.maximum_used = 0; heap.maximum_header_count = 0; } -void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ) +void mbedtls_memory_buffer_alloc_cur_get(size_t *cur_used, size_t *cur_blocks) { *cur_used = heap.total_used; *cur_blocks = heap.header_count; @@ -542,202 +540,211 @@ void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ) #endif /* MBEDTLS_MEMORY_DEBUG */ #if defined(MBEDTLS_THREADING_C) -static void *buffer_alloc_calloc_mutexed( size_t n, size_t size ) +static void *buffer_alloc_calloc_mutexed(size_t n, size_t size) { void *buf; - if( mbedtls_mutex_lock( &heap.mutex ) != 0 ) - return( NULL ); - buf = buffer_alloc_calloc( n, size ); - if( mbedtls_mutex_unlock( &heap.mutex ) ) - return( NULL ); - return( buf ); + if (mbedtls_mutex_lock(&heap.mutex) != 0) { + return NULL; + } + buf = buffer_alloc_calloc(n, size); + if (mbedtls_mutex_unlock(&heap.mutex)) { + return NULL; + } + return buf; } -static void buffer_alloc_free_mutexed( void *ptr ) +static void buffer_alloc_free_mutexed(void *ptr) { /* We have no good option here, but corrupting the heap seems * worse than losing memory. */ - if( mbedtls_mutex_lock( &heap.mutex ) ) + if (mbedtls_mutex_lock(&heap.mutex)) { return; - buffer_alloc_free( ptr ); - (void) mbedtls_mutex_unlock( &heap.mutex ); + } + buffer_alloc_free(ptr); + (void) mbedtls_mutex_unlock(&heap.mutex); } #endif /* MBEDTLS_THREADING_C */ -void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len ) +void mbedtls_memory_buffer_alloc_init(unsigned char *buf, size_t len) { - memset( &heap, 0, sizeof( buffer_alloc_ctx ) ); + memset(&heap, 0, sizeof(buffer_alloc_ctx)); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &heap.mutex ); - mbedtls_platform_set_calloc_free( buffer_alloc_calloc_mutexed, - buffer_alloc_free_mutexed ); + mbedtls_mutex_init(&heap.mutex); + mbedtls_platform_set_calloc_free(buffer_alloc_calloc_mutexed, + buffer_alloc_free_mutexed); #else - mbedtls_platform_set_calloc_free( buffer_alloc_calloc, buffer_alloc_free ); + mbedtls_platform_set_calloc_free(buffer_alloc_calloc, buffer_alloc_free); #endif - if( len < sizeof( memory_header ) + MBEDTLS_MEMORY_ALIGN_MULTIPLE ) + if (len < sizeof(memory_header) + MBEDTLS_MEMORY_ALIGN_MULTIPLE) { return; - else if( (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - { + } else if ((size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE) { /* Adjust len first since buf is used in the computation */ len -= MBEDTLS_MEMORY_ALIGN_MULTIPLE - - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; + - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; buf += MBEDTLS_MEMORY_ALIGN_MULTIPLE - - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; + - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; } - memset( buf, 0, len ); + memset(buf, 0, len); heap.buf = buf; heap.len = len; - heap.first = (memory_header *)buf; - heap.first->size = len - sizeof( memory_header ); + heap.first = (memory_header *) buf; + heap.first->size = len - sizeof(memory_header); heap.first->magic1 = MAGIC1; heap.first->magic2 = MAGIC2; heap.first_free = heap.first; } -void mbedtls_memory_buffer_alloc_free( void ) +void mbedtls_memory_buffer_alloc_free(void) { #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &heap.mutex ); + mbedtls_mutex_free(&heap.mutex); #endif - mbedtls_platform_zeroize( &heap, sizeof(buffer_alloc_ctx) ); + mbedtls_platform_zeroize(&heap, sizeof(buffer_alloc_ctx)); } #if defined(MBEDTLS_SELF_TEST) -static int check_pointer( void *p ) +static int check_pointer(void *p) { - if( p == NULL ) - return( -1 ); + if (p == NULL) { + return -1; + } - if( (size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0 ) - return( -1 ); + if ((size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0) { + return -1; + } - return( 0 ); + return 0; } -static int check_all_free( void ) +static int check_all_free(void) { - if( + if ( #if defined(MBEDTLS_MEMORY_DEBUG) heap.total_used != 0 || #endif heap.first != heap.first_free || - (void *) heap.first != (void *) heap.buf ) - { - return( -1 ); + (void *) heap.first != (void *) heap.buf) { + return -1; } - return( 0 ); + return 0; } -#define TEST_ASSERT( condition ) \ - if( ! (condition) ) \ +#define TEST_ASSERT(condition) \ + if (!(condition)) \ { \ - if( verbose != 0 ) \ - mbedtls_printf( "failed\n" ); \ + if (verbose != 0) \ + mbedtls_printf("failed\n"); \ \ ret = 1; \ goto cleanup; \ } -int mbedtls_memory_buffer_alloc_self_test( int verbose ) +int mbedtls_memory_buffer_alloc_self_test(int verbose) { unsigned char buf[1024]; unsigned char *p, *q, *r, *end; int ret = 0; - if( verbose != 0 ) - mbedtls_printf( " MBA test #1 (basic alloc-free cycle): " ); + if (verbose != 0) { + mbedtls_printf(" MBA test #1 (basic alloc-free cycle): "); + } - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); - p = mbedtls_calloc( 1, 1 ); - q = mbedtls_calloc( 1, 128 ); - r = mbedtls_calloc( 1, 16 ); + p = mbedtls_calloc(1, 1); + q = mbedtls_calloc(1, 128); + r = mbedtls_calloc(1, 16); - TEST_ASSERT( check_pointer( p ) == 0 && - check_pointer( q ) == 0 && - check_pointer( r ) == 0 ); + TEST_ASSERT(check_pointer(p) == 0 && + check_pointer(q) == 0 && + check_pointer(r) == 0); - mbedtls_free( r ); - mbedtls_free( q ); - mbedtls_free( p ); + mbedtls_free(r); + mbedtls_free(q); + mbedtls_free(p); - TEST_ASSERT( check_all_free( ) == 0 ); + TEST_ASSERT(check_all_free() == 0); /* Memorize end to compare with the next test */ end = heap.buf + heap.len; - mbedtls_memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free(); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( " MBA test #2 (buf not aligned): " ); + if (verbose != 0) { + mbedtls_printf(" MBA test #2 (buf not aligned): "); + } - mbedtls_memory_buffer_alloc_init( buf + 1, sizeof( buf ) - 1 ); + mbedtls_memory_buffer_alloc_init(buf + 1, sizeof(buf) - 1); - TEST_ASSERT( heap.buf + heap.len == end ); + TEST_ASSERT(heap.buf + heap.len == end); - p = mbedtls_calloc( 1, 1 ); - q = mbedtls_calloc( 1, 128 ); - r = mbedtls_calloc( 1, 16 ); + p = mbedtls_calloc(1, 1); + q = mbedtls_calloc(1, 128); + r = mbedtls_calloc(1, 16); - TEST_ASSERT( check_pointer( p ) == 0 && - check_pointer( q ) == 0 && - check_pointer( r ) == 0 ); + TEST_ASSERT(check_pointer(p) == 0 && + check_pointer(q) == 0 && + check_pointer(r) == 0); - mbedtls_free( r ); - mbedtls_free( q ); - mbedtls_free( p ); + mbedtls_free(r); + mbedtls_free(q); + mbedtls_free(p); - TEST_ASSERT( check_all_free( ) == 0 ); + TEST_ASSERT(check_all_free() == 0); - mbedtls_memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free(); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( " MBA test #3 (full): " ); + if (verbose != 0) { + mbedtls_printf(" MBA test #3 (full): "); + } - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); - p = mbedtls_calloc( 1, sizeof( buf ) - sizeof( memory_header ) ); + p = mbedtls_calloc(1, sizeof(buf) - sizeof(memory_header)); - TEST_ASSERT( check_pointer( p ) == 0 ); - TEST_ASSERT( mbedtls_calloc( 1, 1 ) == NULL ); + TEST_ASSERT(check_pointer(p) == 0); + TEST_ASSERT(mbedtls_calloc(1, 1) == NULL); - mbedtls_free( p ); + mbedtls_free(p); - p = mbedtls_calloc( 1, sizeof( buf ) - 2 * sizeof( memory_header ) - 16 ); - q = mbedtls_calloc( 1, 16 ); + p = mbedtls_calloc(1, sizeof(buf) - 2 * sizeof(memory_header) - 16); + q = mbedtls_calloc(1, 16); - TEST_ASSERT( check_pointer( p ) == 0 && check_pointer( q ) == 0 ); - TEST_ASSERT( mbedtls_calloc( 1, 1 ) == NULL ); + TEST_ASSERT(check_pointer(p) == 0 && check_pointer(q) == 0); + TEST_ASSERT(mbedtls_calloc(1, 1) == NULL); - mbedtls_free( q ); + mbedtls_free(q); - TEST_ASSERT( mbedtls_calloc( 1, 17 ) == NULL ); + TEST_ASSERT(mbedtls_calloc(1, 17) == NULL); - mbedtls_free( p ); + mbedtls_free(p); - TEST_ASSERT( check_all_free( ) == 0 ); + TEST_ASSERT(check_all_free() == 0); - mbedtls_memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free(); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } cleanup: - mbedtls_memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free(); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/mps_common.h b/library/mps_common.h index 668876ccfc83..4a10176bd594 100644 --- a/library/mps_common.h +++ b/library/mps_common.h @@ -99,41 +99,41 @@ #if defined(MBEDTLS_MPS_STATE_VALIDATION) -#define MBEDTLS_MPS_STATE_VALIDATE_RAW( cond, string ) \ +#define MBEDTLS_MPS_STATE_VALIDATE_RAW(cond, string) \ do \ { \ - if( !(cond) ) \ + if (!(cond)) \ { \ - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR, string ); \ - MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED ); \ + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR, string); \ + MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED); \ } \ - } while( 0 ) + } while (0) #else /* MBEDTLS_MPS_STATE_VALIDATION */ -#define MBEDTLS_MPS_STATE_VALIDATE_RAW( cond, string ) \ +#define MBEDTLS_MPS_STATE_VALIDATE_RAW(cond, string) \ do \ { \ - ( cond ); \ - } while( 0 ) + (cond); \ + } while (0) #endif /* MBEDTLS_MPS_STATE_VALIDATION */ #if defined(MBEDTLS_MPS_ENABLE_ASSERTIONS) -#define MBEDTLS_MPS_ASSERT_RAW( cond, string ) \ +#define MBEDTLS_MPS_ASSERT_RAW(cond, string) \ do \ { \ - if( !(cond) ) \ + if (!(cond)) \ { \ - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR, string ); \ - MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_INTERNAL_ERROR ); \ + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR, string); \ + MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_INTERNAL_ERROR); \ } \ - } while( 0 ) + } while (0) #else /* MBEDTLS_MPS_ENABLE_ASSERTIONS */ -#define MBEDTLS_MPS_ASSERT_RAW( cond, string ) do {} while( 0 ) +#define MBEDTLS_MPS_ASSERT_RAW(cond, string) do {} while (0) #endif /* MBEDTLS_MPS_ENABLE_ASSERTIONS */ @@ -169,7 +169,7 @@ * */ typedef size_t mbedtls_mps_stored_size_t; -#define MBEDTLS_MPS_STORED_SIZE_MAX ( (mbedtls_mps_stored_size_t) -1 ) +#define MBEDTLS_MPS_STORED_SIZE_MAX ((mbedtls_mps_stored_size_t) -1) /** \brief The type of buffer sizes and offsets used in the MPS API * and implementation. @@ -183,7 +183,7 @@ typedef size_t mbedtls_mps_stored_size_t; * so almost 10%. */ typedef size_t mbedtls_mps_size_t; -#define MBEDTLS_MPS_SIZE_MAX ( (mbedtls_mps_size_t) -1 ) +#define MBEDTLS_MPS_SIZE_MAX ((mbedtls_mps_size_t) -1) #if MBEDTLS_MPS_STORED_SIZE_MAX > MBEDTLS_MPS_SIZE_MAX #error "Misconfiguration of mbedtls_mps_size_t and mbedtls_mps_stored_size_t." diff --git a/library/mps_error.h b/library/mps_error.h index f78d9a05f15b..15570d238419 100644 --- a/library/mps_error.h +++ b/library/mps_error.h @@ -45,14 +45,14 @@ */ #ifndef MBEDTLS_MPS_ERR_BASE -#define MBEDTLS_MPS_ERR_BASE ( 0 ) +#define MBEDTLS_MPS_ERR_BASE (0) #endif #define MBEDTLS_MPS_MAKE_ERROR(code) \ - ( -( MBEDTLS_MPS_ERR_BASE | (code) ) ) + (-(MBEDTLS_MPS_ERR_BASE | (code))) -#define MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED MBEDTLS_MPS_MAKE_ERROR( 0x1 ) -#define MBEDTLS_ERR_MPS_INTERNAL_ERROR MBEDTLS_MPS_MAKE_ERROR( 0x2 ) +#define MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED MBEDTLS_MPS_MAKE_ERROR(0x1) +#define MBEDTLS_ERR_MPS_INTERNAL_ERROR MBEDTLS_MPS_MAKE_ERROR(0x2) /* \} name SECTION: MPS general error codes */ @@ -63,40 +63,40 @@ */ #ifndef MBEDTLS_MPS_READER_ERR_BASE -#define MBEDTLS_MPS_READER_ERR_BASE ( 1 << 8 ) +#define MBEDTLS_MPS_READER_ERR_BASE (1 << 8) #endif #define MBEDTLS_MPS_READER_MAKE_ERROR(code) \ - ( -( MBEDTLS_MPS_READER_ERR_BASE | (code) ) ) + (-(MBEDTLS_MPS_READER_ERR_BASE | (code))) /*! An attempt to reclaim the data buffer from a reader failed because * the user hasn't yet read and committed all of it. */ -#define MBEDTLS_ERR_MPS_READER_DATA_LEFT MBEDTLS_MPS_READER_MAKE_ERROR( 0x1 ) +#define MBEDTLS_ERR_MPS_READER_DATA_LEFT MBEDTLS_MPS_READER_MAKE_ERROR(0x1) /*! An invalid argument was passed to the reader. */ -#define MBEDTLS_ERR_MPS_READER_INVALID_ARG MBEDTLS_MPS_READER_MAKE_ERROR( 0x2 ) +#define MBEDTLS_ERR_MPS_READER_INVALID_ARG MBEDTLS_MPS_READER_MAKE_ERROR(0x2) /*! An attempt to move a reader to consuming mode through mbedtls_mps_reader_feed() * after pausing failed because the provided data is not sufficient to serve the * read requests that led to the pausing. */ -#define MBEDTLS_ERR_MPS_READER_NEED_MORE MBEDTLS_MPS_READER_MAKE_ERROR( 0x3 ) +#define MBEDTLS_ERR_MPS_READER_NEED_MORE MBEDTLS_MPS_READER_MAKE_ERROR(0x3) /*! A get request failed because not enough data is available in the reader. */ -#define MBEDTLS_ERR_MPS_READER_OUT_OF_DATA MBEDTLS_MPS_READER_MAKE_ERROR( 0x4 ) +#define MBEDTLS_ERR_MPS_READER_OUT_OF_DATA MBEDTLS_MPS_READER_MAKE_ERROR(0x4) /*!< A get request after pausing and reactivating the reader failed because * the request is not in line with the request made prior to pausing. The user * must not change it's 'strategy' after pausing and reactivating a reader. */ -#define MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS MBEDTLS_MPS_READER_MAKE_ERROR( 0x5 ) +#define MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS MBEDTLS_MPS_READER_MAKE_ERROR(0x5) /*! An attempt to reclaim the data buffer from a reader failed because the reader * has no accumulator it can use to backup the data that hasn't been processed. */ -#define MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR MBEDTLS_MPS_READER_MAKE_ERROR( 0x6 ) +#define MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR MBEDTLS_MPS_READER_MAKE_ERROR(0x6) /*! An attempt to reclaim the data buffer from a reader failed because the * accumulator passed to the reader is not large enough to hold both the * data that hasn't been processed and the excess of the last read-request. */ -#define MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL MBEDTLS_MPS_READER_MAKE_ERROR( 0x7 ) +#define MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL MBEDTLS_MPS_READER_MAKE_ERROR(0x7) /* \} name SECTION: MPS Reader error codes */ diff --git a/library/mps_reader.c b/library/mps_reader.c index 0c30a75d05e3..75c563add227 100644 --- a/library/mps_reader.c +++ b/library/mps_reader.c @@ -67,54 +67,56 @@ static int mbedtls_mps_trace_id = MBEDTLS_MPS_TRACE_BIT_READER; */ static inline int mps_reader_is_accumulating( - mbedtls_mps_reader const *rd ) + mbedtls_mps_reader const *rd) { mbedtls_mps_size_t acc_remaining; - if( rd->acc == NULL ) - return( 0 ); + if (rd->acc == NULL) { + return 0; + } acc_remaining = rd->acc_share.acc_remaining; - return( acc_remaining > 0 ); + return acc_remaining > 0; } static inline int mps_reader_is_producing( - mbedtls_mps_reader const *rd ) + mbedtls_mps_reader const *rd) { unsigned char *frag = rd->frag; - return( frag == NULL ); + return frag == NULL; } static inline int mps_reader_is_consuming( - mbedtls_mps_reader const *rd ) + mbedtls_mps_reader const *rd) { - return( !mps_reader_is_producing( rd ) ); + return !mps_reader_is_producing(rd); } static inline mbedtls_mps_size_t mps_reader_get_fragment_offset( - mbedtls_mps_reader const *rd ) + mbedtls_mps_reader const *rd) { unsigned char *acc = rd->acc; mbedtls_mps_size_t frag_offset; - if( acc == NULL ) - return( 0 ); + if (acc == NULL) { + return 0; + } frag_offset = rd->acc_share.frag_offset; - return( frag_offset ); + return frag_offset; } static inline mbedtls_mps_size_t mps_reader_serving_from_accumulator( - mbedtls_mps_reader const *rd ) + mbedtls_mps_reader const *rd) { mbedtls_mps_size_t frag_offset, end; - frag_offset = mps_reader_get_fragment_offset( rd ); + frag_offset = mps_reader_get_fragment_offset(rd); end = rd->end; - return( end < frag_offset ); + return end < frag_offset; } -static inline void mps_reader_zero( mbedtls_mps_reader *rd ) +static inline void mps_reader_zero(mbedtls_mps_reader *rd) { /* A plain memset() would likely be more efficient, * but the current way of zeroing makes it harder @@ -123,56 +125,56 @@ static inline void mps_reader_zero( mbedtls_mps_reader *rd ) * doesn't require reasoning about structs being * interpreted as unstructured binary blobs. */ static mbedtls_mps_reader const zero = - { .frag = NULL, - .frag_len = 0, - .commit = 0, - .end = 0, - .pending = 0, - .acc = NULL, - .acc_len = 0, - .acc_available = 0, - .acc_share = { .acc_remaining = 0 } - }; + { .frag = NULL, + .frag_len = 0, + .commit = 0, + .end = 0, + .pending = 0, + .acc = NULL, + .acc_len = 0, + .acc_available = 0, + .acc_share = { .acc_remaining = 0 } }; *rd = zero; } -int mbedtls_mps_reader_init( mbedtls_mps_reader *rd, - unsigned char *acc, - mbedtls_mps_size_t acc_len ) +int mbedtls_mps_reader_init(mbedtls_mps_reader *rd, + unsigned char *acc, + mbedtls_mps_size_t acc_len) { - MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_init" ); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "* Accumulator size: %u bytes", (unsigned) acc_len ); - mps_reader_zero( rd ); + MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_init"); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "* Accumulator size: %u bytes", (unsigned) acc_len); + mps_reader_zero(rd); rd->acc = acc; rd->acc_len = acc_len; - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE_RETURN(0); } -int mbedtls_mps_reader_free( mbedtls_mps_reader *rd ) +int mbedtls_mps_reader_free(mbedtls_mps_reader *rd) { - MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_free" ); - mps_reader_zero( rd ); - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_free"); + mps_reader_zero(rd); + MBEDTLS_MPS_TRACE_RETURN(0); } -int mbedtls_mps_reader_feed( mbedtls_mps_reader *rd, - unsigned char *new_frag, - mbedtls_mps_size_t new_frag_len ) +int mbedtls_mps_reader_feed(mbedtls_mps_reader *rd, + unsigned char *new_frag, + mbedtls_mps_size_t new_frag_len) { mbedtls_mps_size_t copy_to_acc; - MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_feed" ); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "* Fragment length: %u bytes", (unsigned) new_frag_len ); + MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_feed"); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "* Fragment length: %u bytes", (unsigned) new_frag_len); - if( new_frag == NULL ) - MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_READER_INVALID_ARG ); + if (new_frag == NULL) { + MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_INVALID_ARG); + } - MBEDTLS_MPS_STATE_VALIDATE_RAW( mps_reader_is_producing( rd ), - "mbedtls_mps_reader_feed() requires reader to be in producing mode" ); + MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_producing( + rd), + "mbedtls_mps_reader_feed() requires reader to be in producing mode"); - if( mps_reader_is_accumulating( rd ) ) - { + if (mps_reader_is_accumulating(rd)) { unsigned char *acc = rd->acc; mbedtls_mps_size_t acc_remaining = rd->acc_share.acc_remaining; mbedtls_mps_size_t acc_available = rd->acc_available; @@ -181,39 +183,38 @@ int mbedtls_mps_reader_feed( mbedtls_mps_reader *rd, acc += acc_available; copy_to_acc = acc_remaining; - if( copy_to_acc > new_frag_len ) + if (copy_to_acc > new_frag_len) { copy_to_acc = new_frag_len; + } /* Copy new contents to accumulator. */ - memcpy( acc, new_frag, copy_to_acc ); + memcpy(acc, new_frag, copy_to_acc); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Copy new data of size %u of %u into accumulator at offset %u", - (unsigned) copy_to_acc, (unsigned) new_frag_len, (unsigned) acc_available ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Copy new data of size %u of %u into accumulator at offset %u", + (unsigned) copy_to_acc, (unsigned) new_frag_len, + (unsigned) acc_available); /* Check if, with the new fragment, we have enough data. */ acc_remaining -= copy_to_acc; - if( acc_remaining > 0 ) - { + if (acc_remaining > 0) { /* We need to accumulate more data. Stay in producing mode. */ acc_available += copy_to_acc; rd->acc_share.acc_remaining = acc_remaining; rd->acc_available = acc_available; - MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_READER_NEED_MORE ); + MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_NEED_MORE); } /* We have filled the accumulator: Move to consuming mode. */ - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Enough data available to serve user request" ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Enough data available to serve user request"); /* Remember overlap of accumulator and fragment. */ rd->acc_share.frag_offset = acc_available; acc_available += copy_to_acc; rd->acc_available = acc_available; - } - else /* Not accumulating */ - { + } else { /* Not accumulating */ rd->acc_share.frag_offset = 0; } @@ -221,30 +222,30 @@ int mbedtls_mps_reader_feed( mbedtls_mps_reader *rd, rd->frag_len = new_frag_len; rd->commit = 0; rd->end = 0; - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE_RETURN(0); } -int mbedtls_mps_reader_get( mbedtls_mps_reader *rd, - mbedtls_mps_size_t desired, - unsigned char **buffer, - mbedtls_mps_size_t *buflen ) +int mbedtls_mps_reader_get(mbedtls_mps_reader *rd, + mbedtls_mps_size_t desired, + unsigned char **buffer, + mbedtls_mps_size_t *buflen) { unsigned char *frag; mbedtls_mps_size_t frag_len, frag_offset, end, frag_fetched, frag_remaining; - MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_get" ); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "* Bytes requested: %u", (unsigned) desired ); + MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_get"); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "* Bytes requested: %u", (unsigned) desired); - MBEDTLS_MPS_STATE_VALIDATE_RAW( mps_reader_is_consuming( rd ), - "mbedtls_mps_reader_get() requires reader to be in consuming mode" ); + MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_consuming( + rd), + "mbedtls_mps_reader_get() requires reader to be in consuming mode"); end = rd->end; - frag_offset = mps_reader_get_fragment_offset( rd ); + frag_offset = mps_reader_get_fragment_offset(rd); /* Check if we're still serving from the accumulator. */ - if( mps_reader_serving_from_accumulator( rd ) ) - { + if (mps_reader_serving_from_accumulator(rd)) { /* Illustration of supported and unsupported cases: * * - Allowed #1 @@ -310,14 +311,12 @@ int mbedtls_mps_reader_get( mbedtls_mps_reader *rd, unsigned char *acc; - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Serve the request from the accumulator" ); - if( frag_offset - end < desired ) - { + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Serve the request from the accumulator"); + if (frag_offset - end < desired) { mbedtls_mps_size_t acc_available; acc_available = rd->acc_available; - if( acc_available - end != desired ) - { + if (acc_available - end != desired) { /* It might be possible to serve some of these situations by * making additional space in the accumulator, removing those * parts that have already been committed. @@ -329,7 +328,7 @@ int mbedtls_mps_reader_get( mbedtls_mps_reader *rd, * the library, this check is a good opportunity to * validate this. */ MBEDTLS_MPS_TRACE_RETURN( - MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS ); + MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS); } } @@ -337,19 +336,20 @@ int mbedtls_mps_reader_get( mbedtls_mps_reader *rd, acc += end; *buffer = acc; - if( buflen != NULL ) + if (buflen != NULL) { *buflen = desired; + } end += desired; rd->end = end; rd->pending = 0; - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE_RETURN(0); } /* Attempt to serve the request from the current fragment */ - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Serve the request from the current fragment." ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Serve the request from the current fragment."); frag_len = rd->frag_len; frag_fetched = end - frag_offset; /* The amount of data from the current @@ -358,23 +358,20 @@ int mbedtls_mps_reader_get( mbedtls_mps_reader *rd, frag_remaining = frag_len - frag_fetched; /* Remaining data in fragment */ /* Check if we can serve the read request from the fragment. */ - if( frag_remaining < desired ) - { - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "There's not enough data in the current fragment " - "to serve the request." ); + if (frag_remaining < desired) { + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "There's not enough data in the current fragment " + "to serve the request."); /* There's not enough data in the current fragment, * so either just RETURN what we have or fail. */ - if( buflen == NULL ) - { - if( frag_remaining > 0 ) - { + if (buflen == NULL) { + if (frag_remaining > 0) { rd->pending = desired - frag_remaining; - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Remember to collect %u bytes before re-opening", - (unsigned) rd->pending ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Remember to collect %u bytes before re-opening", + (unsigned) rd->pending); } - MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); } desired = frag_remaining; @@ -387,41 +384,45 @@ int mbedtls_mps_reader_get( mbedtls_mps_reader *rd, frag += frag_fetched; *buffer = frag; - if( buflen != NULL ) + if (buflen != NULL) { *buflen = desired; + } end += desired; rd->end = end; rd->pending = 0; - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE_RETURN(0); } -int mbedtls_mps_reader_commit( mbedtls_mps_reader *rd ) +int mbedtls_mps_reader_commit(mbedtls_mps_reader *rd) { mbedtls_mps_size_t end; - MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_commit" ); - MBEDTLS_MPS_STATE_VALIDATE_RAW( mps_reader_is_consuming( rd ), - "mbedtls_mps_reader_commit() requires reader to be in consuming mode" ); + MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_commit"); + MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_consuming( + rd), + "mbedtls_mps_reader_commit() requires reader to be in consuming mode"); end = rd->end; rd->commit = end; - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE_RETURN(0); } -int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd, - int *paused ) +int mbedtls_mps_reader_reclaim(mbedtls_mps_reader *rd, + int *paused) { unsigned char *frag, *acc; mbedtls_mps_size_t pending, commit; mbedtls_mps_size_t acc_len, frag_offset, frag_len; - MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_reclaim" ); + MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_reclaim"); - if( paused != NULL ) + if (paused != NULL) { *paused = 0; + } - MBEDTLS_MPS_STATE_VALIDATE_RAW( mps_reader_is_consuming( rd ), - "mbedtls_mps_reader_reclaim() requires reader to be in consuming mode" ); + MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_consuming( + rd), + "mbedtls_mps_reader_reclaim() requires reader to be in consuming mode"); frag = rd->frag; acc = rd->acc; @@ -429,30 +430,26 @@ int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd, commit = rd->commit; frag_len = rd->frag_len; - frag_offset = mps_reader_get_fragment_offset( rd ); + frag_offset = mps_reader_get_fragment_offset(rd); - if( pending == 0 ) - { - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "No unsatisfied read-request has been logged." ); + if (pending == 0) { + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "No unsatisfied read-request has been logged."); /* Check if there's data left to be consumed. */ - if( commit < frag_offset || commit - frag_offset < frag_len ) - { - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "There is data left to be consumed." ); + if (commit < frag_offset || commit - frag_offset < frag_len) { + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "There is data left to be consumed."); rd->end = commit; - MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_READER_DATA_LEFT ); + MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_DATA_LEFT); } rd->acc_available = 0; rd->acc_share.acc_remaining = 0; - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Fragment has been fully processed and committed." ); - } - else - { + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Fragment has been fully processed and committed."); + } else { int overflow; mbedtls_mps_size_t acc_backup_offset; @@ -463,31 +460,27 @@ int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd, mbedtls_mps_size_t backup_len; mbedtls_mps_size_t acc_len_needed; - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "There has been an unsatisfied read with %u bytes overhead.", - (unsigned) pending ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "There has been an unsatisfied read with %u bytes overhead.", + (unsigned) pending); - if( acc == NULL ) - { - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "No accumulator present" ); + if (acc == NULL) { + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "No accumulator present"); MBEDTLS_MPS_TRACE_RETURN( - MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR ); + MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR); } acc_len = rd->acc_len; /* Check if the upper layer has already fetched * and committed the contents of the accumulator. */ - if( commit < frag_offset ) - { + if (commit < frag_offset) { /* No, accumulator is still being processed. */ frag_backup_offset = 0; frag_backup_len = frag_len; acc_backup_offset = commit; acc_backup_len = frag_offset - commit; - } - else - { + } else { /* Yes, the accumulator is already processed. */ frag_backup_offset = commit - frag_offset; frag_backup_len = frag_len - frag_backup_offset; @@ -499,47 +492,47 @@ int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd, acc_len_needed = backup_len + pending; overflow = 0; - overflow |= ( backup_len < acc_backup_len ); - overflow |= ( acc_len_needed < backup_len ); + overflow |= (backup_len < acc_backup_len); + overflow |= (acc_len_needed < backup_len); - if( overflow || acc_len < acc_len_needed ) - { + if (overflow || acc_len < acc_len_needed) { /* Except for the different return code, we behave as if * there hadn't been a call to mbedtls_mps_reader_get() * since the last commit. */ rd->end = commit; rd->pending = 0; - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR, - "The accumulator is too small to handle the backup." ); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR, - "* Size: %u", (unsigned) acc_len ); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR, - "* Needed: %u (%u + %u)", - (unsigned) acc_len_needed, - (unsigned) backup_len, (unsigned) pending ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR, + "The accumulator is too small to handle the backup."); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR, + "* Size: %u", (unsigned) acc_len); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR, + "* Needed: %u (%u + %u)", + (unsigned) acc_len_needed, + (unsigned) backup_len, (unsigned) pending); MBEDTLS_MPS_TRACE_RETURN( - MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL ); + MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL); } - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Fragment backup: %u", (unsigned) frag_backup_len ); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Accumulator backup: %u", (unsigned) acc_backup_len ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Fragment backup: %u", (unsigned) frag_backup_len); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Accumulator backup: %u", (unsigned) acc_backup_len); /* Move uncommitted parts from the accumulator to the front * of the accumulator. */ - memmove( acc, acc + acc_backup_offset, acc_backup_len ); + memmove(acc, acc + acc_backup_offset, acc_backup_len); /* Copy uncommitted parts of the current fragment to the * accumulator. */ - memcpy( acc + acc_backup_len, - frag + frag_backup_offset, frag_backup_len ); + memcpy(acc + acc_backup_len, + frag + frag_backup_offset, frag_backup_len); rd->acc_available = backup_len; rd->acc_share.acc_remaining = pending; - if( paused != NULL ) + if (paused != NULL) { *paused = 1; + } } rd->frag = NULL; @@ -549,11 +542,11 @@ int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd, rd->end = 0; rd->pending = 0; - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Final state: aa %u, al %u, ar %u", - (unsigned) rd->acc_available, (unsigned) rd->acc_len, - (unsigned) rd->acc_share.acc_remaining ); - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Final state: aa %u, al %u, ar %u", + (unsigned) rd->acc_available, (unsigned) rd->acc_len, + (unsigned) rd->acc_share.acc_remaining); + MBEDTLS_MPS_TRACE_RETURN(0); } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/mps_reader.h b/library/mps_reader.h index 427c1bd254f9..bff67050374e 100644 --- a/library/mps_reader.h +++ b/library/mps_reader.h @@ -134,8 +134,7 @@ typedef struct mbedtls_mps_reader mbedtls_mps_reader; * Structure definitions */ -struct mbedtls_mps_reader -{ +struct mbedtls_mps_reader { unsigned char *frag; /*!< The fragment of incoming data managed by * the reader; it is provided to the reader * through mbedtls_mps_reader_feed(). The reader @@ -146,46 +145,46 @@ struct mbedtls_mps_reader * The reader is in consuming mode if * and only if \c frag is not \c NULL. */ mbedtls_mps_stored_size_t frag_len; - /*!< The length of the current fragment. - * Must be 0 if \c frag == \c NULL. */ + /*!< The length of the current fragment. + * Must be 0 if \c frag == \c NULL. */ mbedtls_mps_stored_size_t commit; - /*!< The offset of the last commit, relative - * to the first byte in the fragment, if - * no accumulator is present. If an accumulator - * is present, it is viewed as a prefix to the - * current fragment, and this variable contains - * an offset from the beginning of the accumulator. - * - * This is only used when the reader is in - * consuming mode, i.e. \c frag != \c NULL; - * otherwise, its value is \c 0. */ + /*!< The offset of the last commit, relative + * to the first byte in the fragment, if + * no accumulator is present. If an accumulator + * is present, it is viewed as a prefix to the + * current fragment, and this variable contains + * an offset from the beginning of the accumulator. + * + * This is only used when the reader is in + * consuming mode, i.e. \c frag != \c NULL; + * otherwise, its value is \c 0. */ mbedtls_mps_stored_size_t end; - /*!< The offset of the end of the last chunk - * passed to the user through a call to - * mbedtls_mps_reader_get(), relative to the first - * byte in the fragment, if no accumulator is - * present. If an accumulator is present, it is - * viewed as a prefix to the current fragment, and - * this variable contains an offset from the - * beginning of the accumulator. - * - * This is only used when the reader is in - * consuming mode, i.e. \c frag != \c NULL; - * otherwise, its value is \c 0. */ + /*!< The offset of the end of the last chunk + * passed to the user through a call to + * mbedtls_mps_reader_get(), relative to the first + * byte in the fragment, if no accumulator is + * present. If an accumulator is present, it is + * viewed as a prefix to the current fragment, and + * this variable contains an offset from the + * beginning of the accumulator. + * + * This is only used when the reader is in + * consuming mode, i.e. \c frag != \c NULL; + * otherwise, its value is \c 0. */ mbedtls_mps_stored_size_t pending; - /*!< The amount of incoming data missing on the - * last call to mbedtls_mps_reader_get(). - * In particular, it is \c 0 if the last call - * was successful. - * If a reader is reclaimed after an - * unsuccessful call to mbedtls_mps_reader_get(), - * this variable is used to have the reader - * remember how much data should be accumulated - * so that the call to mbedtls_mps_reader_get() - * succeeds next time. - * This is only used when the reader is in - * consuming mode, i.e. \c frag != \c NULL; - * otherwise, its value is \c 0. */ + /*!< The amount of incoming data missing on the + * last call to mbedtls_mps_reader_get(). + * In particular, it is \c 0 if the last call + * was successful. + * If a reader is reclaimed after an + * unsuccessful call to mbedtls_mps_reader_get(), + * this variable is used to have the reader + * remember how much data should be accumulated + * so that the call to mbedtls_mps_reader_get() + * succeeds next time. + * This is only used when the reader is in + * consuming mode, i.e. \c frag != \c NULL; + * otherwise, its value is \c 0. */ /* The accumulator is only needed if we need to be able to pause * the reader. A few bytes could be saved by moving this to a @@ -195,32 +194,31 @@ struct mbedtls_mps_reader * data if a read-request via mbedtls_mps_reader_get() * cannot be served from the current fragment. */ mbedtls_mps_stored_size_t acc_len; - /*!< The total size of the accumulator. */ + /*!< The total size of the accumulator. */ mbedtls_mps_stored_size_t acc_available; - /*!< The number of bytes currently gathered in - * the accumulator. This is both used in - * producing and in consuming mode: - * While producing, it is increased until - * it reaches the value of \c acc_remaining below. - * While consuming, it is used to judge if a - * get request can be served from the - * accumulator or not. - * Must not be larger than \c acc_len. */ - union - { + /*!< The number of bytes currently gathered in + * the accumulator. This is both used in + * producing and in consuming mode: + * While producing, it is increased until + * it reaches the value of \c acc_remaining below. + * While consuming, it is used to judge if a + * get request can be served from the + * accumulator or not. + * Must not be larger than \c acc_len. */ + union { mbedtls_mps_stored_size_t acc_remaining; - /*!< This indicates the amount of data still - * to be gathered in the accumulator. It is - * only used in producing mode. - * Must be at most acc_len - acc_available. */ + /*!< This indicates the amount of data still + * to be gathered in the accumulator. It is + * only used in producing mode. + * Must be at most acc_len - acc_available. */ mbedtls_mps_stored_size_t frag_offset; - /*!< If an accumulator is present and in use, this - * field indicates the offset of the current - * fragment from the beginning of the - * accumulator. If no accumulator is present - * or the accumulator is not in use, this is \c 0. - * It is only used in consuming mode. - * Must not be larger than \c acc_available. */ + /*!< If an accumulator is present and in use, this + * field indicates the offset of the current + * fragment from the beginning of the + * accumulator. If no accumulator is present + * or the accumulator is not in use, this is \c 0. + * It is only used in consuming mode. + * Must not be larger than \c acc_available. */ } acc_share; }; @@ -254,9 +252,9 @@ struct mbedtls_mps_reader * \return \c 0 on success. * \return A negative \c MBEDTLS_ERR_READER_XXX error code on failure. */ -int mbedtls_mps_reader_init( mbedtls_mps_reader *reader, - unsigned char *acc, - mbedtls_mps_size_t acc_len ); +int mbedtls_mps_reader_init(mbedtls_mps_reader *reader, + unsigned char *acc, + mbedtls_mps_size_t acc_len); /** * \brief Free a reader object @@ -266,7 +264,7 @@ int mbedtls_mps_reader_init( mbedtls_mps_reader *reader, * \return \c 0 on success. * \return A negative \c MBEDTLS_ERR_READER_XXX error code on failure. */ -int mbedtls_mps_reader_free( mbedtls_mps_reader *reader ); +int mbedtls_mps_reader_free(mbedtls_mps_reader *reader); /** * \brief Pass chunk of data for the reader to manage. @@ -291,9 +289,9 @@ int mbedtls_mps_reader_free( mbedtls_mps_reader *reader ); * \return Another negative \c MBEDTLS_ERR_READER_XXX error code on * different kinds of failures. */ -int mbedtls_mps_reader_feed( mbedtls_mps_reader *reader, - unsigned char *buf, - mbedtls_mps_size_t buflen ); +int mbedtls_mps_reader_feed(mbedtls_mps_reader *reader, + unsigned char *buf, + mbedtls_mps_size_t buflen); /** * \brief Reclaim reader's access to the current input buffer. @@ -310,8 +308,8 @@ int mbedtls_mps_reader_feed( mbedtls_mps_reader *reader, * \return \c 0 on success. * \return A negative \c MBEDTLS_ERR_READER_XXX error code on failure. */ -int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *reader, - int *paused ); +int mbedtls_mps_reader_reclaim(mbedtls_mps_reader *reader, + int *paused); /* * Usage API (Upper layer) @@ -353,10 +351,10 @@ int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *reader, * address as buflen and checking \c *buflen == \c desired * afterwards. */ -int mbedtls_mps_reader_get( mbedtls_mps_reader *reader, - mbedtls_mps_size_t desired, - unsigned char **buffer, - mbedtls_mps_size_t *buflen ); +int mbedtls_mps_reader_get(mbedtls_mps_reader *reader, + mbedtls_mps_size_t desired, + unsigned char **buffer, + mbedtls_mps_size_t *buflen); /** * \brief Mark data obtained from mbedtls_mps_reader_get() as processed. @@ -377,6 +375,6 @@ int mbedtls_mps_reader_get( mbedtls_mps_reader *reader, * \return A negative \c MBEDTLS_ERR_READER_XXX error code on failure. * */ -int mbedtls_mps_reader_commit( mbedtls_mps_reader *reader ); +int mbedtls_mps_reader_commit(mbedtls_mps_reader *reader); #endif /* MBEDTLS_READER_H */ diff --git a/library/mps_trace.c b/library/mps_trace.c index 6026a07163b1..ccd944f5339c 100644 --- a/library/mps_trace.c +++ b/library/mps_trace.c @@ -41,7 +41,7 @@ static int trace_depth = 0; #define color_cyan "\x1B[1;36m" #define color_white "\x1B[1;37m" -static char const * colors[] = +static char const *colors[] = { color_default, color_green, @@ -54,19 +54,18 @@ static char const * colors[] = #define MPS_TRACE_BUF_SIZE 100 -void mbedtls_mps_trace_print_msg( int id, int line, const char *format, ... ) +void mbedtls_mps_trace_print_msg(int id, int line, const char *format, ...) { int ret; char str[MPS_TRACE_BUF_SIZE]; va_list argp; - va_start( argp, format ); - ret = mbedtls_vsnprintf( str, MPS_TRACE_BUF_SIZE, format, argp ); - va_end( argp ); + va_start(argp, format); + ret = mbedtls_vsnprintf(str, MPS_TRACE_BUF_SIZE, format, argp); + va_end(argp); - if( ret >= 0 && ret < MPS_TRACE_BUF_SIZE ) - { + if (ret >= 0 && ret < MPS_TRACE_BUF_SIZE) { str[ret] = '\0'; - mbedtls_printf( "[%d|L%d]: %s\n", id, line, str ); + mbedtls_printf("[%d|L%d]: %s\n", id, line, str); } } @@ -83,39 +82,39 @@ void mbedtls_mps_trace_inc_depth() trace_depth++; } -void mbedtls_mps_trace_color( int id ) +void mbedtls_mps_trace_color(int id) { - if( id > (int) ( sizeof( colors ) / sizeof( *colors ) ) ) + if (id > (int) (sizeof(colors) / sizeof(*colors))) { return; - printf( "%s", colors[ id ] ); + } + printf("%s", colors[id]); } -void mbedtls_mps_trace_indent( int level, mbedtls_mps_trace_type ty ) +void mbedtls_mps_trace_indent(int level, mbedtls_mps_trace_type ty) { - if( level > 0 ) - { - while( --level ) - printf( "| " ); + if (level > 0) { + while (--level) { + printf("| "); + } - printf( "| " ); + printf("| "); } - switch( ty ) - { + switch (ty) { case MBEDTLS_MPS_TRACE_TYPE_COMMENT: - mbedtls_printf( "@ " ); + mbedtls_printf("@ "); break; case MBEDTLS_MPS_TRACE_TYPE_CALL: - mbedtls_printf( "+--> " ); + mbedtls_printf("+--> "); break; case MBEDTLS_MPS_TRACE_TYPE_ERROR: - mbedtls_printf( "E " ); + mbedtls_printf("E "); break; case MBEDTLS_MPS_TRACE_TYPE_RETURN: - mbedtls_printf( "< " ); + mbedtls_printf("< "); break; default: diff --git a/library/mps_trace.h b/library/mps_trace.h index 820a1b66c2af..6f0455f03835 100644 --- a/library/mps_trace.h +++ b/library/mps_trace.h @@ -52,8 +52,7 @@ * rest of this file. */ -typedef enum -{ +typedef enum { MBEDTLS_MPS_TRACE_TYPE_COMMENT, MBEDTLS_MPS_TRACE_TYPE_CALL, MBEDTLS_MPS_TRACE_TYPE_ERROR, @@ -68,101 +67,101 @@ typedef enum #define MBEDTLS_MPS_TRACE_BIT_READER 6 #if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_1) -#define MBEDTLS_MPS_TRACE_MASK_LAYER_1 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_1 ) +#define MBEDTLS_MPS_TRACE_MASK_LAYER_1 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_1) #else #define MBEDTLS_MPS_TRACE_MASK_LAYER_1 0 #endif #if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_2) -#define MBEDTLS_MPS_TRACE_MASK_LAYER_2 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_2 ) +#define MBEDTLS_MPS_TRACE_MASK_LAYER_2 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_2) #else #define MBEDTLS_MPS_TRACE_MASK_LAYER_2 0 #endif #if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_3) -#define MBEDTLS_MPS_TRACE_MASK_LAYER_3 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_3 ) +#define MBEDTLS_MPS_TRACE_MASK_LAYER_3 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_3) #else #define MBEDTLS_MPS_TRACE_MASK_LAYER_3 0 #endif #if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_4) -#define MBEDTLS_MPS_TRACE_MASK_LAYER_4 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_4 ) +#define MBEDTLS_MPS_TRACE_MASK_LAYER_4 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_4) #else #define MBEDTLS_MPS_TRACE_MASK_LAYER_4 0 #endif #if defined(MBEDTLS_MPS_TRACE_ENABLE_READER) -#define MBEDTLS_MPS_TRACE_MASK_READER (1u << MBEDTLS_MPS_TRACE_BIT_READER ) +#define MBEDTLS_MPS_TRACE_MASK_READER (1u << MBEDTLS_MPS_TRACE_BIT_READER) #else #define MBEDTLS_MPS_TRACE_MASK_READER 0 #endif #if defined(MBEDTLS_MPS_TRACE_ENABLE_WRITER) -#define MBEDTLS_MPS_TRACE_MASK_WRITER (1u << MBEDTLS_MPS_TRACE_BIT_WRITER ) +#define MBEDTLS_MPS_TRACE_MASK_WRITER (1u << MBEDTLS_MPS_TRACE_BIT_WRITER) #else #define MBEDTLS_MPS_TRACE_MASK_WRITER 0 #endif -#define MBEDTLS_MPS_TRACE_MASK ( MBEDTLS_MPS_TRACE_MASK_LAYER_1 | \ - MBEDTLS_MPS_TRACE_MASK_LAYER_2 | \ - MBEDTLS_MPS_TRACE_MASK_LAYER_3 | \ - MBEDTLS_MPS_TRACE_MASK_LAYER_4 | \ - MBEDTLS_MPS_TRACE_MASK_READER | \ - MBEDTLS_MPS_TRACE_MASK_WRITER ) +#define MBEDTLS_MPS_TRACE_MASK (MBEDTLS_MPS_TRACE_MASK_LAYER_1 | \ + MBEDTLS_MPS_TRACE_MASK_LAYER_2 | \ + MBEDTLS_MPS_TRACE_MASK_LAYER_3 | \ + MBEDTLS_MPS_TRACE_MASK_LAYER_4 | \ + MBEDTLS_MPS_TRACE_MASK_READER | \ + MBEDTLS_MPS_TRACE_MASK_WRITER) /* We have to avoid globals because E-ACSL chokes on them... * Wrap everything in stub functions. */ -int mbedtls_mps_trace_get_depth( void ); -void mbedtls_mps_trace_inc_depth( void ); -void mbedtls_mps_trace_dec_depth( void ); +int mbedtls_mps_trace_get_depth(void); +void mbedtls_mps_trace_inc_depth(void); +void mbedtls_mps_trace_dec_depth(void); -void mbedtls_mps_trace_color( int id ); -void mbedtls_mps_trace_indent( int level, mbedtls_mps_trace_type ty ); +void mbedtls_mps_trace_color(int id); +void mbedtls_mps_trace_indent(int level, mbedtls_mps_trace_type ty); -void mbedtls_mps_trace_print_msg( int id, int line, const char *format, ... ); +void mbedtls_mps_trace_print_msg(int id, int line, const char *format, ...); -#define MBEDTLS_MPS_TRACE( type, ... ) \ +#define MBEDTLS_MPS_TRACE(type, ...) \ do { \ - if( ! ( MBEDTLS_MPS_TRACE_MASK & ( 1u << mbedtls_mps_trace_id ) ) ) \ - break; \ - mbedtls_mps_trace_indent( mbedtls_mps_trace_get_depth(), type ); \ - mbedtls_mps_trace_color( mbedtls_mps_trace_id ); \ - mbedtls_mps_trace_print_msg( mbedtls_mps_trace_id, __LINE__, __VA_ARGS__ ); \ - mbedtls_mps_trace_color( 0 ); \ - } while( 0 ) - -#define MBEDTLS_MPS_TRACE_INIT( ... ) \ + if (!(MBEDTLS_MPS_TRACE_MASK & (1u << mbedtls_mps_trace_id))) \ + break; \ + mbedtls_mps_trace_indent(mbedtls_mps_trace_get_depth(), type); \ + mbedtls_mps_trace_color(mbedtls_mps_trace_id); \ + mbedtls_mps_trace_print_msg(mbedtls_mps_trace_id, __LINE__, __VA_ARGS__); \ + mbedtls_mps_trace_color(0); \ + } while (0) + +#define MBEDTLS_MPS_TRACE_INIT(...) \ do { \ - if( ! ( MBEDTLS_MPS_TRACE_MASK & ( 1u << mbedtls_mps_trace_id ) ) ) \ - break; \ - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_CALL, __VA_ARGS__ ); \ + if (!(MBEDTLS_MPS_TRACE_MASK & (1u << mbedtls_mps_trace_id))) \ + break; \ + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_CALL, __VA_ARGS__); \ mbedtls_mps_trace_inc_depth(); \ - } while( 0 ) + } while (0) -#define MBEDTLS_MPS_TRACE_END( val ) \ +#define MBEDTLS_MPS_TRACE_END(val) \ do { \ - if( ! ( MBEDTLS_MPS_TRACE_MASK & ( 1u << mbedtls_mps_trace_id ) ) ) \ - break; \ - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_RETURN, "%d (-%#04x)", \ - (int) (val), -((unsigned)(val)) ); \ + if (!(MBEDTLS_MPS_TRACE_MASK & (1u << mbedtls_mps_trace_id))) \ + break; \ + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_RETURN, "%d (-%#04x)", \ + (int) (val), -((unsigned) (val))); \ mbedtls_mps_trace_dec_depth(); \ - } while( 0 ) + } while (0) -#define MBEDTLS_MPS_TRACE_RETURN( val ) \ +#define MBEDTLS_MPS_TRACE_RETURN(val) \ do { \ /* Breaks tail recursion. */ \ int ret__ = val; \ - MBEDTLS_MPS_TRACE_END( ret__ ); \ - return( ret__ ); \ - } while( 0 ) + MBEDTLS_MPS_TRACE_END(ret__); \ + return ret__; \ + } while (0) #else /* MBEDTLS_MPS_TRACE */ -#define MBEDTLS_MPS_TRACE( type, ... ) do { } while( 0 ) -#define MBEDTLS_MPS_TRACE_INIT( ... ) do { } while( 0 ) -#define MBEDTLS_MPS_TRACE_END do { } while( 0 ) +#define MBEDTLS_MPS_TRACE(type, ...) do { } while (0) +#define MBEDTLS_MPS_TRACE_INIT(...) do { } while (0) +#define MBEDTLS_MPS_TRACE_END do { } while (0) -#define MBEDTLS_MPS_TRACE_RETURN( val ) return( val ); +#define MBEDTLS_MPS_TRACE_RETURN(val) return val; #endif /* MBEDTLS_MPS_TRACE */ diff --git a/library/net_sockets.c b/library/net_sockets.c index b2cab503f215..bdd82ac6fe56 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -47,7 +47,7 @@ #if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) -#define IS_EINTR( ret ) ( ( ret ) == WSAEINTR ) +#define IS_EINTR(ret) ((ret) == WSAEINTR) #if !defined(_WIN32_WINNT) /* Enables getaddrinfo() & Co */ @@ -70,8 +70,8 @@ #endif #endif /* _MSC_VER */ -#define read(fd,buf,len) recv( fd, (char*)( buf ), (int)( len ), 0 ) -#define write(fd,buf,len) send( fd, (char*)( buf ), (int)( len ), 0 ) +#define read(fd, buf, len) recv(fd, (char *) (buf), (int) (len), 0) +#define write(fd, buf, len) send(fd, (char *) (buf), (int) (len), 0) #define close(fd) closesocket(fd) static int wsa_init_done = 0; @@ -89,7 +89,7 @@ static int wsa_init_done = 0; #include #include -#define IS_EINTR( ret ) ( ( ret ) == EINTR ) +#define IS_EINTR(ret) ((ret) == EINTR) #endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ @@ -112,25 +112,25 @@ static int wsa_init_done = 0; /* * Prepare for using the sockets interface */ -static int net_prepare( void ) +static int net_prepare(void) { -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) WSADATA wsaData; - if( wsa_init_done == 0 ) - { - if( WSAStartup( MAKEWORD(2,0), &wsaData ) != 0 ) - return( MBEDTLS_ERR_NET_SOCKET_FAILED ); + if (wsa_init_done == 0) { + if (WSAStartup(MAKEWORD(2, 0), &wsaData) != 0) { + return MBEDTLS_ERR_NET_SOCKET_FAILED; + } wsa_init_done = 1; } #else #if !defined(EFIX64) && !defined(EFI32) - signal( SIGPIPE, SIG_IGN ); + signal(SIGPIPE, SIG_IGN); #endif #endif - return( 0 ); + return 0; } /* @@ -138,10 +138,11 @@ static int net_prepare( void ) * If for_select != 0, check whether the file descriptor is within the range * allowed for fd_set used for the FD_xxx macros and the select() function. */ -static int check_fd( int fd, int for_select ) +static int check_fd(int fd, int for_select) { - if( fd < 0 ) - return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); + if (fd < 0) { + return MBEDTLS_ERR_NET_INVALID_CONTEXT; + } #if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) @@ -151,17 +152,18 @@ static int check_fd( int fd, int for_select ) * that are strictly less than FD_SETSIZE. This is a limitation of the * fd_set type. Error out early, because attempting to call FD_SET on a * large file descriptor is a buffer overflow on typical platforms. */ - if( for_select && fd >= FD_SETSIZE ) - return( MBEDTLS_ERR_NET_POLL_FAILED ); + if (for_select && fd >= FD_SETSIZE) { + return MBEDTLS_ERR_NET_POLL_FAILED; + } #endif - return( 0 ); + return 0; } /* * Initialize a context */ -void mbedtls_net_init( mbedtls_net_context *ctx ) +void mbedtls_net_init(mbedtls_net_context *ctx) { ctx->fd = -1; } @@ -169,107 +171,103 @@ void mbedtls_net_init( mbedtls_net_context *ctx ) /* * Initiate a TCP connection with host:port and the given protocol */ -int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, - const char *port, int proto ) +int mbedtls_net_connect(mbedtls_net_context *ctx, const char *host, + const char *port, int proto) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; struct addrinfo hints, *addr_list, *cur; - if( ( ret = net_prepare() ) != 0 ) - return( ret ); + if ((ret = net_prepare()) != 0) { + return ret; + } /* Do name resolution with both IPv6 and IPv4 */ - memset( &hints, 0, sizeof( hints ) ); + memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM; hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP; - if( getaddrinfo( host, port, &hints, &addr_list ) != 0 ) - return( MBEDTLS_ERR_NET_UNKNOWN_HOST ); + if (getaddrinfo(host, port, &hints, &addr_list) != 0) { + return MBEDTLS_ERR_NET_UNKNOWN_HOST; + } /* Try the sockaddrs until a connection succeeds */ ret = MBEDTLS_ERR_NET_UNKNOWN_HOST; - for( cur = addr_list; cur != NULL; cur = cur->ai_next ) - { - ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype, - cur->ai_protocol ); - if( ctx->fd < 0 ) - { + for (cur = addr_list; cur != NULL; cur = cur->ai_next) { + ctx->fd = (int) socket(cur->ai_family, cur->ai_socktype, + cur->ai_protocol); + if (ctx->fd < 0) { ret = MBEDTLS_ERR_NET_SOCKET_FAILED; continue; } - if( connect( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) == 0 ) - { + if (connect(ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen) == 0) { ret = 0; break; } - close( ctx->fd ); + close(ctx->fd); ret = MBEDTLS_ERR_NET_CONNECT_FAILED; } - freeaddrinfo( addr_list ); + freeaddrinfo(addr_list); - return( ret ); + return ret; } /* * Create a listening socket on bind_ip:port */ -int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ) +int mbedtls_net_bind(mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto) { int n, ret; struct addrinfo hints, *addr_list, *cur; - if( ( ret = net_prepare() ) != 0 ) - return( ret ); + if ((ret = net_prepare()) != 0) { + return ret; + } /* Bind to IPv6 and/or IPv4, but only in the desired protocol */ - memset( &hints, 0, sizeof( hints ) ); + memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM; hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP; - if( bind_ip == NULL ) + if (bind_ip == NULL) { hints.ai_flags = AI_PASSIVE; + } - if( getaddrinfo( bind_ip, port, &hints, &addr_list ) != 0 ) - return( MBEDTLS_ERR_NET_UNKNOWN_HOST ); + if (getaddrinfo(bind_ip, port, &hints, &addr_list) != 0) { + return MBEDTLS_ERR_NET_UNKNOWN_HOST; + } /* Try the sockaddrs until a binding succeeds */ ret = MBEDTLS_ERR_NET_UNKNOWN_HOST; - for( cur = addr_list; cur != NULL; cur = cur->ai_next ) - { - ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype, - cur->ai_protocol ); - if( ctx->fd < 0 ) - { + for (cur = addr_list; cur != NULL; cur = cur->ai_next) { + ctx->fd = (int) socket(cur->ai_family, cur->ai_socktype, + cur->ai_protocol); + if (ctx->fd < 0) { ret = MBEDTLS_ERR_NET_SOCKET_FAILED; continue; } n = 1; - if( setsockopt( ctx->fd, SOL_SOCKET, SO_REUSEADDR, - (const char *) &n, sizeof( n ) ) != 0 ) - { - close( ctx->fd ); + if (setsockopt(ctx->fd, SOL_SOCKET, SO_REUSEADDR, + (const char *) &n, sizeof(n)) != 0) { + close(ctx->fd); ret = MBEDTLS_ERR_NET_SOCKET_FAILED; continue; } - if( bind( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) != 0 ) - { - close( ctx->fd ); + if (bind(ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen) != 0) { + close(ctx->fd); ret = MBEDTLS_ERR_NET_BIND_FAILED; continue; } /* Listen only makes sense for TCP */ - if( proto == MBEDTLS_NET_PROTO_TCP ) - { - if( listen( ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG ) != 0 ) - { - close( ctx->fd ); + if (proto == MBEDTLS_NET_PROTO_TCP) { + if (listen(ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG) != 0) { + close(ctx->fd); ret = MBEDTLS_ERR_NET_LISTEN_FAILED; continue; } @@ -280,22 +278,22 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char break; } - freeaddrinfo( addr_list ); + freeaddrinfo(addr_list); - return( ret ); + return ret; } -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) /* * Check if the requested operation would be blocking on a non-blocking socket * and thus 'failed' with a negative return value. */ -static int net_would_block( const mbedtls_net_context *ctx ) +static int net_would_block(const mbedtls_net_context *ctx) { ((void) ctx); - return( WSAGetLastError() == WSAEWOULDBLOCK ); + return WSAGetLastError() == WSAEWOULDBLOCK; } #else /* @@ -304,39 +302,37 @@ static int net_would_block( const mbedtls_net_context *ctx ) * * Note: on a blocking socket this function always returns 0! */ -static int net_would_block( const mbedtls_net_context *ctx ) +static int net_would_block(const mbedtls_net_context *ctx) { int err = errno; /* * Never return 'WOULD BLOCK' on a blocking socket */ - if( ( fcntl( ctx->fd, F_GETFL ) & O_NONBLOCK ) != O_NONBLOCK ) - { + if ((fcntl(ctx->fd, F_GETFL) & O_NONBLOCK) != O_NONBLOCK) { errno = err; - return( 0 ); + return 0; } - switch( errno = err ) - { + switch (errno = err) { #if defined EAGAIN case EAGAIN: #endif #if defined EWOULDBLOCK && EWOULDBLOCK != EAGAIN case EWOULDBLOCK: #endif - return( 1 ); + return 1; } - return( 0 ); + return 0; } #endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ /* * Accept a connection from a remote client */ -int mbedtls_net_accept( mbedtls_net_context *bind_ctx, - mbedtls_net_context *client_ctx, - void *client_ip, size_t buf_size, size_t *ip_len ) +int mbedtls_net_accept(mbedtls_net_context *bind_ctx, + mbedtls_net_context *client_ctx, + void *client_ip, size_t buf_size, size_t *ip_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int type; @@ -346,132 +342,123 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx, #if defined(__socklen_t_defined) || defined(_SOCKLEN_T) || \ defined(_SOCKLEN_T_DECLARED) || defined(__DEFINED_socklen_t) || \ defined(socklen_t) || (defined(_POSIX_VERSION) && _POSIX_VERSION >= 200112L) - socklen_t n = (socklen_t) sizeof( client_addr ); - socklen_t type_len = (socklen_t) sizeof( type ); + socklen_t n = (socklen_t) sizeof(client_addr); + socklen_t type_len = (socklen_t) sizeof(type); #else - int n = (int) sizeof( client_addr ); - int type_len = (int) sizeof( type ); + int n = (int) sizeof(client_addr); + int type_len = (int) sizeof(type); #endif /* Is this a TCP or UDP socket? */ - if( getsockopt( bind_ctx->fd, SOL_SOCKET, SO_TYPE, - (void *) &type, &type_len ) != 0 || - ( type != SOCK_STREAM && type != SOCK_DGRAM ) ) - { - return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); + if (getsockopt(bind_ctx->fd, SOL_SOCKET, SO_TYPE, + (void *) &type, &type_len) != 0 || + (type != SOCK_STREAM && type != SOCK_DGRAM)) { + return MBEDTLS_ERR_NET_ACCEPT_FAILED; } - if( type == SOCK_STREAM ) - { + if (type == SOCK_STREAM) { /* TCP: actual accept() */ - ret = client_ctx->fd = (int) accept( bind_ctx->fd, - (struct sockaddr *) &client_addr, &n ); - } - else - { + ret = client_ctx->fd = (int) accept(bind_ctx->fd, + (struct sockaddr *) &client_addr, &n); + } else { /* UDP: wait for a message, but keep it in the queue */ char buf[1] = { 0 }; - ret = (int) recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK, - (struct sockaddr *) &client_addr, &n ); + ret = (int) recvfrom(bind_ctx->fd, buf, sizeof(buf), MSG_PEEK, + (struct sockaddr *) &client_addr, &n); #if defined(_WIN32) - if( ret == SOCKET_ERROR && - WSAGetLastError() == WSAEMSGSIZE ) - { + if (ret == SOCKET_ERROR && + WSAGetLastError() == WSAEMSGSIZE) { /* We know buf is too small, thanks, just peeking here */ ret = 0; } #endif } - if( ret < 0 ) - { - if( net_would_block( bind_ctx ) != 0 ) - return( MBEDTLS_ERR_SSL_WANT_READ ); + if (ret < 0) { + if (net_would_block(bind_ctx) != 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } - return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); + return MBEDTLS_ERR_NET_ACCEPT_FAILED; } /* UDP: hijack the listening socket to communicate with the client, * then bind a new socket to accept new connections */ - if( type != SOCK_STREAM ) - { + if (type != SOCK_STREAM) { struct sockaddr_storage local_addr; int one = 1; - if( connect( bind_ctx->fd, (struct sockaddr *) &client_addr, n ) != 0 ) - return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); + if (connect(bind_ctx->fd, (struct sockaddr *) &client_addr, n) != 0) { + return MBEDTLS_ERR_NET_ACCEPT_FAILED; + } client_ctx->fd = bind_ctx->fd; bind_ctx->fd = -1; /* In case we exit early */ - n = sizeof( struct sockaddr_storage ); - if( getsockname( client_ctx->fd, - (struct sockaddr *) &local_addr, &n ) != 0 || - ( bind_ctx->fd = (int) socket( local_addr.ss_family, - SOCK_DGRAM, IPPROTO_UDP ) ) < 0 || - setsockopt( bind_ctx->fd, SOL_SOCKET, SO_REUSEADDR, - (const char *) &one, sizeof( one ) ) != 0 ) - { - return( MBEDTLS_ERR_NET_SOCKET_FAILED ); + n = sizeof(struct sockaddr_storage); + if (getsockname(client_ctx->fd, + (struct sockaddr *) &local_addr, &n) != 0 || + (bind_ctx->fd = (int) socket(local_addr.ss_family, + SOCK_DGRAM, IPPROTO_UDP)) < 0 || + setsockopt(bind_ctx->fd, SOL_SOCKET, SO_REUSEADDR, + (const char *) &one, sizeof(one)) != 0) { + return MBEDTLS_ERR_NET_SOCKET_FAILED; } - if( bind( bind_ctx->fd, (struct sockaddr *) &local_addr, n ) != 0 ) - { - return( MBEDTLS_ERR_NET_BIND_FAILED ); + if (bind(bind_ctx->fd, (struct sockaddr *) &local_addr, n) != 0) { + return MBEDTLS_ERR_NET_BIND_FAILED; } } - if( client_ip != NULL ) - { - if( client_addr.ss_family == AF_INET ) - { + if (client_ip != NULL) { + if (client_addr.ss_family == AF_INET) { struct sockaddr_in *addr4 = (struct sockaddr_in *) &client_addr; - *ip_len = sizeof( addr4->sin_addr.s_addr ); + *ip_len = sizeof(addr4->sin_addr.s_addr); - if( buf_size < *ip_len ) - return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL ); + if (buf_size < *ip_len) { + return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL; + } - memcpy( client_ip, &addr4->sin_addr.s_addr, *ip_len ); - } - else - { + memcpy(client_ip, &addr4->sin_addr.s_addr, *ip_len); + } else { struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &client_addr; - *ip_len = sizeof( addr6->sin6_addr.s6_addr ); + *ip_len = sizeof(addr6->sin6_addr.s6_addr); - if( buf_size < *ip_len ) - return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL ); + if (buf_size < *ip_len) { + return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL; + } - memcpy( client_ip, &addr6->sin6_addr.s6_addr, *ip_len); + memcpy(client_ip, &addr6->sin6_addr.s6_addr, *ip_len); } } - return( 0 ); + return 0; } /* * Set the socket blocking or non-blocking */ -int mbedtls_net_set_block( mbedtls_net_context *ctx ) +int mbedtls_net_set_block(mbedtls_net_context *ctx) { -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) u_long n = 0; - return( ioctlsocket( ctx->fd, FIONBIO, &n ) ); + return ioctlsocket(ctx->fd, FIONBIO, &n); #else - return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) & ~O_NONBLOCK ) ); + return fcntl(ctx->fd, F_SETFL, fcntl(ctx->fd, F_GETFL) & ~O_NONBLOCK); #endif } -int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ) +int mbedtls_net_set_nonblock(mbedtls_net_context *ctx) { -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) u_long n = 1; - return( ioctlsocket( ctx->fd, FIONBIO, &n ) ); + return ioctlsocket(ctx->fd, FIONBIO, &n); #else - return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) | O_NONBLOCK ) ); + return fcntl(ctx->fd, F_SETFL, fcntl(ctx->fd, F_GETFL) | O_NONBLOCK); #endif } @@ -479,7 +466,7 @@ int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ) * Check if data is available on the socket */ -int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ) +int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; struct timeval tv; @@ -489,207 +476,220 @@ int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ) int fd = ctx->fd; - ret = check_fd( fd, 1 ); - if( ret != 0 ) - return( ret ); + ret = check_fd(fd, 1); + if (ret != 0) { + return ret; + } #if defined(__has_feature) #if __has_feature(memory_sanitizer) /* Ensure that memory sanitizers consider read_fds and write_fds as * initialized even on platforms such as Glibc/x86_64 where FD_ZERO * is implemented in assembly. */ - memset( &read_fds, 0, sizeof( read_fds ) ); - memset( &write_fds, 0, sizeof( write_fds ) ); + memset(&read_fds, 0, sizeof(read_fds)); + memset(&write_fds, 0, sizeof(write_fds)); #endif #endif - FD_ZERO( &read_fds ); - if( rw & MBEDTLS_NET_POLL_READ ) - { + FD_ZERO(&read_fds); + if (rw & MBEDTLS_NET_POLL_READ) { rw &= ~MBEDTLS_NET_POLL_READ; - FD_SET( fd, &read_fds ); + FD_SET(fd, &read_fds); } - FD_ZERO( &write_fds ); - if( rw & MBEDTLS_NET_POLL_WRITE ) - { + FD_ZERO(&write_fds); + if (rw & MBEDTLS_NET_POLL_WRITE) { rw &= ~MBEDTLS_NET_POLL_WRITE; - FD_SET( fd, &write_fds ); + FD_SET(fd, &write_fds); } - if( rw != 0 ) - return( MBEDTLS_ERR_NET_BAD_INPUT_DATA ); + if (rw != 0) { + return MBEDTLS_ERR_NET_BAD_INPUT_DATA; + } tv.tv_sec = timeout / 1000; - tv.tv_usec = ( timeout % 1000 ) * 1000; + tv.tv_usec = (timeout % 1000) * 1000; - do - { - ret = select( fd + 1, &read_fds, &write_fds, NULL, - timeout == (uint32_t) -1 ? NULL : &tv ); - } - while( IS_EINTR( ret ) ); + do { + ret = select(fd + 1, &read_fds, &write_fds, NULL, + timeout == (uint32_t) -1 ? NULL : &tv); + } while (IS_EINTR(ret)); - if( ret < 0 ) - return( MBEDTLS_ERR_NET_POLL_FAILED ); + if (ret < 0) { + return MBEDTLS_ERR_NET_POLL_FAILED; + } ret = 0; - if( FD_ISSET( fd, &read_fds ) ) + if (FD_ISSET(fd, &read_fds)) { ret |= MBEDTLS_NET_POLL_READ; - if( FD_ISSET( fd, &write_fds ) ) + } + if (FD_ISSET(fd, &write_fds)) { ret |= MBEDTLS_NET_POLL_WRITE; + } - return( ret ); + return ret; } /* * Portable usleep helper */ -void mbedtls_net_usleep( unsigned long usec ) +void mbedtls_net_usleep(unsigned long usec) { #if defined(_WIN32) - Sleep( ( usec + 999 ) / 1000 ); + Sleep((usec + 999) / 1000); #else struct timeval tv; tv.tv_sec = usec / 1000000; #if defined(__unix__) || defined(__unix) || \ - ( defined(__APPLE__) && defined(__MACH__) ) + (defined(__APPLE__) && defined(__MACH__)) tv.tv_usec = (suseconds_t) usec % 1000000; #else tv.tv_usec = usec % 1000000; #endif - select( 0, NULL, NULL, NULL, &tv ); + select(0, NULL, NULL, NULL, &tv); #endif } /* * Read at most 'len' characters */ -int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ) +int mbedtls_net_recv(void *ctx, unsigned char *buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int fd = ((mbedtls_net_context *) ctx)->fd; - ret = check_fd( fd, 0 ); - if( ret != 0 ) - return( ret ); + ret = check_fd(fd, 0); + if (ret != 0) { + return ret; + } - ret = (int) read( fd, buf, len ); + ret = (int) read(fd, buf, len); - if( ret < 0 ) - { - if( net_would_block( ctx ) != 0 ) - return( MBEDTLS_ERR_SSL_WANT_READ ); + if (ret < 0) { + if (net_would_block(ctx) != 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) - if( WSAGetLastError() == WSAECONNRESET ) - return( MBEDTLS_ERR_NET_CONN_RESET ); +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ + !defined(EFI32) + if (WSAGetLastError() == WSAECONNRESET) { + return MBEDTLS_ERR_NET_CONN_RESET; + } #else - if( errno == EPIPE || errno == ECONNRESET ) - return( MBEDTLS_ERR_NET_CONN_RESET ); + if (errno == EPIPE || errno == ECONNRESET) { + return MBEDTLS_ERR_NET_CONN_RESET; + } - if( errno == EINTR ) - return( MBEDTLS_ERR_SSL_WANT_READ ); + if (errno == EINTR) { + return MBEDTLS_ERR_SSL_WANT_READ; + } #endif - return( MBEDTLS_ERR_NET_RECV_FAILED ); + return MBEDTLS_ERR_NET_RECV_FAILED; } - return( ret ); + return ret; } /* * Read at most 'len' characters, blocking for at most 'timeout' ms */ -int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, - size_t len, uint32_t timeout ) +int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, + size_t len, uint32_t timeout) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; struct timeval tv; fd_set read_fds; int fd = ((mbedtls_net_context *) ctx)->fd; - ret = check_fd( fd, 1 ); - if( ret != 0 ) - return( ret ); + ret = check_fd(fd, 1); + if (ret != 0) { + return ret; + } - FD_ZERO( &read_fds ); - FD_SET( fd, &read_fds ); + FD_ZERO(&read_fds); + FD_SET(fd, &read_fds); tv.tv_sec = timeout / 1000; - tv.tv_usec = ( timeout % 1000 ) * 1000; + tv.tv_usec = (timeout % 1000) * 1000; - ret = select( fd + 1, &read_fds, NULL, NULL, timeout == 0 ? NULL : &tv ); + ret = select(fd + 1, &read_fds, NULL, NULL, timeout == 0 ? NULL : &tv); /* Zero fds ready means we timed out */ - if( ret == 0 ) - return( MBEDTLS_ERR_SSL_TIMEOUT ); + if (ret == 0) { + return MBEDTLS_ERR_SSL_TIMEOUT; + } - if( ret < 0 ) - { -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) - if( WSAGetLastError() == WSAEINTR ) - return( MBEDTLS_ERR_SSL_WANT_READ ); + if (ret < 0) { +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ + !defined(EFI32) + if (WSAGetLastError() == WSAEINTR) { + return MBEDTLS_ERR_SSL_WANT_READ; + } #else - if( errno == EINTR ) - return( MBEDTLS_ERR_SSL_WANT_READ ); + if (errno == EINTR) { + return MBEDTLS_ERR_SSL_WANT_READ; + } #endif - return( MBEDTLS_ERR_NET_RECV_FAILED ); + return MBEDTLS_ERR_NET_RECV_FAILED; } /* This call will not block */ - return( mbedtls_net_recv( ctx, buf, len ) ); + return mbedtls_net_recv(ctx, buf, len); } /* * Write at most 'len' characters */ -int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ) +int mbedtls_net_send(void *ctx, const unsigned char *buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int fd = ((mbedtls_net_context *) ctx)->fd; - ret = check_fd( fd, 0 ); - if( ret != 0 ) - return( ret ); + ret = check_fd(fd, 0); + if (ret != 0) { + return ret; + } - ret = (int) write( fd, buf, len ); + ret = (int) write(fd, buf, len); - if( ret < 0 ) - { - if( net_would_block( ctx ) != 0 ) - return( MBEDTLS_ERR_SSL_WANT_WRITE ); + if (ret < 0) { + if (net_would_block(ctx) != 0) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) - if( WSAGetLastError() == WSAECONNRESET ) - return( MBEDTLS_ERR_NET_CONN_RESET ); +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ + !defined(EFI32) + if (WSAGetLastError() == WSAECONNRESET) { + return MBEDTLS_ERR_NET_CONN_RESET; + } #else - if( errno == EPIPE || errno == ECONNRESET ) - return( MBEDTLS_ERR_NET_CONN_RESET ); + if (errno == EPIPE || errno == ECONNRESET) { + return MBEDTLS_ERR_NET_CONN_RESET; + } - if( errno == EINTR ) - return( MBEDTLS_ERR_SSL_WANT_WRITE ); + if (errno == EINTR) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } #endif - return( MBEDTLS_ERR_NET_SEND_FAILED ); + return MBEDTLS_ERR_NET_SEND_FAILED; } - return( ret ); + return ret; } /* * Close the connection */ -void mbedtls_net_close( mbedtls_net_context *ctx ) +void mbedtls_net_close(mbedtls_net_context *ctx) { - if( ctx->fd == -1 ) + if (ctx->fd == -1) { return; + } - close( ctx->fd ); + close(ctx->fd); ctx->fd = -1; } @@ -697,13 +697,14 @@ void mbedtls_net_close( mbedtls_net_context *ctx ) /* * Gracefully close the connection */ -void mbedtls_net_free( mbedtls_net_context *ctx ) +void mbedtls_net_free(mbedtls_net_context *ctx) { - if( ctx->fd == -1 ) + if (ctx->fd == -1) { return; + } - shutdown( ctx->fd, 2 ); - close( ctx->fd ); + shutdown(ctx->fd, 2); + close(ctx->fd); ctx->fd = -1; } diff --git a/library/nist_kw.c b/library/nist_kw.c index 495c23d06a2e..5817bf4f4c28 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -47,35 +47,37 @@ #define MIN_SEMIBLOCKS_COUNT 3 /*! The 64-bit default integrity check value (ICV) for KW mode. */ -static const unsigned char NIST_KW_ICV1[] = {0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6}; +static const unsigned char NIST_KW_ICV1[] = { 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6 }; /*! The 32-bit default integrity check value (ICV) for KWP mode. */ -static const unsigned char NIST_KW_ICV2[] = {0xA6, 0x59, 0x59, 0xA6}; +static const unsigned char NIST_KW_ICV2[] = { 0xA6, 0x59, 0x59, 0xA6 }; /* * Initialize context */ -void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx ) +void mbedtls_nist_kw_init(mbedtls_nist_kw_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_nist_kw_context ) ); + memset(ctx, 0, sizeof(mbedtls_nist_kw_context)); } -int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, - mbedtls_cipher_id_t cipher, - const unsigned char *key, - unsigned int keybits, - const int is_wrap ) +int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits, + const int is_wrap) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; - cipher_info = mbedtls_cipher_info_from_values( cipher, - keybits, - MBEDTLS_MODE_ECB ); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + cipher_info = mbedtls_cipher_info_from_values(cipher, + keybits, + MBEDTLS_MODE_ECB); + if (cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - if( cipher_info->block_size != 16 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (cipher_info->block_size != 16) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } /* * SP 800-38F currently defines AES cipher as the only block cipher allowed: @@ -86,44 +88,44 @@ int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, * Currently we don't support other 128 bit block ciphers for key wrapping, * such as Camellia and Aria. */ - if( cipher != MBEDTLS_CIPHER_ID_AES ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + if (cipher != MBEDTLS_CIPHER_ID_AES) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } - mbedtls_cipher_free( &ctx->cipher_ctx ); + mbedtls_cipher_free(&ctx->cipher_ctx); - if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) { + return ret; + } - if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits, - is_wrap ? MBEDTLS_ENCRYPT : - MBEDTLS_DECRYPT ) - ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits, + is_wrap ? MBEDTLS_ENCRYPT : + MBEDTLS_DECRYPT) + ) != 0) { + return ret; } - return( 0 ); + return 0; } /* * Free context */ -void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx ) +void mbedtls_nist_kw_free(mbedtls_nist_kw_context *ctx) { - mbedtls_cipher_free( &ctx->cipher_ctx ); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_nist_kw_context ) ); + mbedtls_cipher_free(&ctx->cipher_ctx); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_nist_kw_context)); } /* * Helper function for Xoring the uint64_t "t" with the encrypted A. * Defined in NIST SP 800-38F section 6.1 */ -static void calc_a_xor_t( unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t ) +static void calc_a_xor_t(unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t) { size_t i = 0; - for( i = 0; i < sizeof( t ); i++ ) - { - A[i] ^= ( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ) & 0xff; + for (i = 0; i < sizeof(t); i++) { + A[i] ^= (t >> ((sizeof(t) - 1 - i) * 8)) & 0xff; } } @@ -131,10 +133,10 @@ static void calc_a_xor_t( unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t ) * KW-AE as defined in SP 800-38F section 6.2 * KWP-AE as defined in SP 800-38F section 6.3 */ -int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, - mbedtls_nist_kw_mode_t mode, - const unsigned char *input, size_t in_len, - unsigned char *output, size_t *out_len, size_t out_size ) +int mbedtls_nist_kw_wrap(mbedtls_nist_kw_context *ctx, + mbedtls_nist_kw_mode_t mode, + const unsigned char *input, size_t in_len, + unsigned char *output, size_t *out_len, size_t out_size) { int ret = 0; size_t semiblocks = 0; @@ -148,106 +150,96 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, /* * Generate the String to work on */ - if( mode == MBEDTLS_KW_MODE_KW ) - { - if( out_size < in_len + KW_SEMIBLOCK_LENGTH ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (mode == MBEDTLS_KW_MODE_KW) { + if (out_size < in_len + KW_SEMIBLOCK_LENGTH) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } /* * According to SP 800-38F Table 1, the plaintext length for KW * must be between 2 to 2^54-1 semiblocks inclusive. */ - if( in_len < 16 || + if (in_len < 16 || #if SIZE_MAX > 0x1FFFFFFFFFFFFF8 in_len > 0x1FFFFFFFFFFFFF8 || #endif - in_len % KW_SEMIBLOCK_LENGTH != 0 ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + in_len % KW_SEMIBLOCK_LENGTH != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - memcpy( output, NIST_KW_ICV1, KW_SEMIBLOCK_LENGTH ); - memmove( output + KW_SEMIBLOCK_LENGTH, input, in_len ); - } - else - { - if( in_len % 8 != 0 ) - { - padlen = ( 8 - ( in_len % 8 ) ); + memcpy(output, NIST_KW_ICV1, KW_SEMIBLOCK_LENGTH); + memmove(output + KW_SEMIBLOCK_LENGTH, input, in_len); + } else { + if (in_len % 8 != 0) { + padlen = (8 - (in_len % 8)); } - if( out_size < in_len + KW_SEMIBLOCK_LENGTH + padlen ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (out_size < in_len + KW_SEMIBLOCK_LENGTH + padlen) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } /* * According to SP 800-38F Table 1, the plaintext length for KWP * must be between 1 and 2^32-1 octets inclusive. */ - if( in_len < 1 + if (in_len < 1 #if SIZE_MAX > 0xFFFFFFFF || in_len > 0xFFFFFFFF #endif - ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + ) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - memcpy( output, NIST_KW_ICV2, KW_SEMIBLOCK_LENGTH / 2 ); - MBEDTLS_PUT_UINT32_BE( ( in_len & 0xffffffff ), output, - KW_SEMIBLOCK_LENGTH / 2 ); + memcpy(output, NIST_KW_ICV2, KW_SEMIBLOCK_LENGTH / 2); + MBEDTLS_PUT_UINT32_BE((in_len & 0xffffffff), output, + KW_SEMIBLOCK_LENGTH / 2); - memcpy( output + KW_SEMIBLOCK_LENGTH, input, in_len ); - memset( output + KW_SEMIBLOCK_LENGTH + in_len, 0, padlen ); + memcpy(output + KW_SEMIBLOCK_LENGTH, input, in_len); + memset(output + KW_SEMIBLOCK_LENGTH + in_len, 0, padlen); } - semiblocks = ( ( in_len + padlen ) / KW_SEMIBLOCK_LENGTH ) + 1; + semiblocks = ((in_len + padlen) / KW_SEMIBLOCK_LENGTH) + 1; - s = 6 * ( semiblocks - 1 ); + s = 6 * (semiblocks - 1); - if( mode == MBEDTLS_KW_MODE_KWP - && in_len <= KW_SEMIBLOCK_LENGTH ) - { - memcpy( inbuff, output, 16 ); - ret = mbedtls_cipher_update( &ctx->cipher_ctx, - inbuff, 16, output, &olen ); - if( ret != 0 ) + if (mode == MBEDTLS_KW_MODE_KWP + && in_len <= KW_SEMIBLOCK_LENGTH) { + memcpy(inbuff, output, 16); + ret = mbedtls_cipher_update(&ctx->cipher_ctx, + inbuff, 16, output, &olen); + if (ret != 0) { goto cleanup; - } - else - { + } + } else { unsigned char *R2 = output + KW_SEMIBLOCK_LENGTH; unsigned char *A = output; /* * Do the wrapping function W, as defined in RFC 3394 section 2.2.1 */ - if( semiblocks < MIN_SEMIBLOCKS_COUNT ) - { + if (semiblocks < MIN_SEMIBLOCKS_COUNT) { ret = MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; goto cleanup; } /* Calculate intermediate values */ - for( t = 1; t <= s; t++ ) - { - memcpy( inbuff, A, KW_SEMIBLOCK_LENGTH ); - memcpy( inbuff + KW_SEMIBLOCK_LENGTH, R2, KW_SEMIBLOCK_LENGTH ); - - ret = mbedtls_cipher_update( &ctx->cipher_ctx, - inbuff, 16, outbuff, &olen ); - if( ret != 0 ) + for (t = 1; t <= s; t++) { + memcpy(inbuff, A, KW_SEMIBLOCK_LENGTH); + memcpy(inbuff + KW_SEMIBLOCK_LENGTH, R2, KW_SEMIBLOCK_LENGTH); + + ret = mbedtls_cipher_update(&ctx->cipher_ctx, + inbuff, 16, outbuff, &olen); + if (ret != 0) { goto cleanup; + } - memcpy( A, outbuff, KW_SEMIBLOCK_LENGTH ); - calc_a_xor_t( A, t ); + memcpy(A, outbuff, KW_SEMIBLOCK_LENGTH); + calc_a_xor_t(A, t); - memcpy( R2, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH ); + memcpy(R2, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH); R2 += KW_SEMIBLOCK_LENGTH; - if( R2 >= output + ( semiblocks * KW_SEMIBLOCK_LENGTH ) ) + if (R2 >= output + (semiblocks * KW_SEMIBLOCK_LENGTH)) { R2 = output + KW_SEMIBLOCK_LENGTH; + } } } @@ -255,14 +247,13 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, cleanup: - if( ret != 0) - { - memset( output, 0, semiblocks * KW_SEMIBLOCK_LENGTH ); + if (ret != 0) { + memset(output, 0, semiblocks * KW_SEMIBLOCK_LENGTH); } - mbedtls_platform_zeroize( inbuff, KW_SEMIBLOCK_LENGTH * 2 ); - mbedtls_platform_zeroize( outbuff, KW_SEMIBLOCK_LENGTH * 2 ); + mbedtls_platform_zeroize(inbuff, KW_SEMIBLOCK_LENGTH * 2); + mbedtls_platform_zeroize(outbuff, KW_SEMIBLOCK_LENGTH * 2); - return( ret ); + return ret; } /* @@ -273,13 +264,13 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, * 3. Minimal number of semiblocks is 3. * 4. A is a buffer to hold the first semiblock of the input buffer. */ -static int unwrap( mbedtls_nist_kw_context *ctx, - const unsigned char *input, size_t semiblocks, - unsigned char A[KW_SEMIBLOCK_LENGTH], - unsigned char *output, size_t* out_len ) +static int unwrap(mbedtls_nist_kw_context *ctx, + const unsigned char *input, size_t semiblocks, + unsigned char A[KW_SEMIBLOCK_LENGTH], + unsigned char *output, size_t *out_len) { int ret = 0; - const size_t s = 6 * ( semiblocks - 1 ); + const size_t s = 6 * (semiblocks - 1); size_t olen; uint64_t t = 0; unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2]; @@ -287,58 +278,59 @@ static int unwrap( mbedtls_nist_kw_context *ctx, unsigned char *R = NULL; *out_len = 0; - if( semiblocks < MIN_SEMIBLOCKS_COUNT ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (semiblocks < MIN_SEMIBLOCKS_COUNT) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - memcpy( A, input, KW_SEMIBLOCK_LENGTH ); - memmove( output, input + KW_SEMIBLOCK_LENGTH, ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH ); - R = output + ( semiblocks - 2 ) * KW_SEMIBLOCK_LENGTH; + memcpy(A, input, KW_SEMIBLOCK_LENGTH); + memmove(output, input + KW_SEMIBLOCK_LENGTH, (semiblocks - 1) * KW_SEMIBLOCK_LENGTH); + R = output + (semiblocks - 2) * KW_SEMIBLOCK_LENGTH; /* Calculate intermediate values */ - for( t = s; t >= 1; t-- ) - { - calc_a_xor_t( A, t ); + for (t = s; t >= 1; t--) { + calc_a_xor_t(A, t); - memcpy( inbuff, A, KW_SEMIBLOCK_LENGTH ); - memcpy( inbuff + KW_SEMIBLOCK_LENGTH, R, KW_SEMIBLOCK_LENGTH ); + memcpy(inbuff, A, KW_SEMIBLOCK_LENGTH); + memcpy(inbuff + KW_SEMIBLOCK_LENGTH, R, KW_SEMIBLOCK_LENGTH); - ret = mbedtls_cipher_update( &ctx->cipher_ctx, - inbuff, 16, outbuff, &olen ); - if( ret != 0 ) + ret = mbedtls_cipher_update(&ctx->cipher_ctx, + inbuff, 16, outbuff, &olen); + if (ret != 0) { goto cleanup; + } - memcpy( A, outbuff, KW_SEMIBLOCK_LENGTH ); + memcpy(A, outbuff, KW_SEMIBLOCK_LENGTH); /* Set R as LSB64 of outbuff */ - memcpy( R, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH ); + memcpy(R, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH); - if( R == output ) - R = output + ( semiblocks - 2 ) * KW_SEMIBLOCK_LENGTH; - else + if (R == output) { + R = output + (semiblocks - 2) * KW_SEMIBLOCK_LENGTH; + } else { R -= KW_SEMIBLOCK_LENGTH; + } } - *out_len = ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH; + *out_len = (semiblocks - 1) * KW_SEMIBLOCK_LENGTH; cleanup: - if( ret != 0) - memset( output, 0, ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH ); - mbedtls_platform_zeroize( inbuff, sizeof( inbuff ) ); - mbedtls_platform_zeroize( outbuff, sizeof( outbuff ) ); + if (ret != 0) { + memset(output, 0, (semiblocks - 1) * KW_SEMIBLOCK_LENGTH); + } + mbedtls_platform_zeroize(inbuff, sizeof(inbuff)); + mbedtls_platform_zeroize(outbuff, sizeof(outbuff)); - return( ret ); + return ret; } /* * KW-AD as defined in SP 800-38F section 6.2 * KWP-AD as defined in SP 800-38F section 6.3 */ -int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, - mbedtls_nist_kw_mode_t mode, - const unsigned char *input, size_t in_len, - unsigned char *output, size_t *out_len, size_t out_size ) +int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, + mbedtls_nist_kw_mode_t mode, + const unsigned char *input, size_t in_len, + unsigned char *output, size_t *out_len, size_t out_size) { int ret = 0; size_t i, olen; @@ -346,89 +338,81 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, unsigned char diff, bad_padding = 0; *out_len = 0; - if( out_size < in_len - KW_SEMIBLOCK_LENGTH ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (out_size < in_len - KW_SEMIBLOCK_LENGTH) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - if( mode == MBEDTLS_KW_MODE_KW ) - { + if (mode == MBEDTLS_KW_MODE_KW) { /* * According to SP 800-38F Table 1, the ciphertext length for KW * must be between 3 to 2^54 semiblocks inclusive. */ - if( in_len < 24 || + if (in_len < 24 || #if SIZE_MAX > 0x200000000000000 in_len > 0x200000000000000 || #endif - in_len % KW_SEMIBLOCK_LENGTH != 0 ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + in_len % KW_SEMIBLOCK_LENGTH != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - ret = unwrap( ctx, input, in_len / KW_SEMIBLOCK_LENGTH, - A, output, out_len ); - if( ret != 0 ) + ret = unwrap(ctx, input, in_len / KW_SEMIBLOCK_LENGTH, + A, output, out_len); + if (ret != 0) { goto cleanup; + } /* Check ICV in "constant-time" */ - diff = mbedtls_ct_memcmp( NIST_KW_ICV1, A, KW_SEMIBLOCK_LENGTH ); + diff = mbedtls_ct_memcmp(NIST_KW_ICV1, A, KW_SEMIBLOCK_LENGTH); - if( diff != 0 ) - { + if (diff != 0) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; goto cleanup; } - } - else if( mode == MBEDTLS_KW_MODE_KWP ) - { + } else if (mode == MBEDTLS_KW_MODE_KWP) { size_t padlen = 0; uint32_t Plen; /* * According to SP 800-38F Table 1, the ciphertext length for KWP * must be between 2 to 2^29 semiblocks inclusive. */ - if( in_len < KW_SEMIBLOCK_LENGTH * 2 || + if (in_len < KW_SEMIBLOCK_LENGTH * 2 || #if SIZE_MAX > 0x100000000 in_len > 0x100000000 || #endif - in_len % KW_SEMIBLOCK_LENGTH != 0 ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + in_len % KW_SEMIBLOCK_LENGTH != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - if( in_len == KW_SEMIBLOCK_LENGTH * 2 ) - { + if (in_len == KW_SEMIBLOCK_LENGTH * 2) { unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2]; - ret = mbedtls_cipher_update( &ctx->cipher_ctx, - input, 16, outbuff, &olen ); - if( ret != 0 ) + ret = mbedtls_cipher_update(&ctx->cipher_ctx, + input, 16, outbuff, &olen); + if (ret != 0) { goto cleanup; + } - memcpy( A, outbuff, KW_SEMIBLOCK_LENGTH ); - memcpy( output, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH ); - mbedtls_platform_zeroize( outbuff, sizeof( outbuff ) ); + memcpy(A, outbuff, KW_SEMIBLOCK_LENGTH); + memcpy(output, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH); + mbedtls_platform_zeroize(outbuff, sizeof(outbuff)); *out_len = KW_SEMIBLOCK_LENGTH; - } - else - { + } else { /* in_len >= KW_SEMIBLOCK_LENGTH * 3 */ - ret = unwrap( ctx, input, in_len / KW_SEMIBLOCK_LENGTH, - A, output, out_len ); - if( ret != 0 ) + ret = unwrap(ctx, input, in_len / KW_SEMIBLOCK_LENGTH, + A, output, out_len); + if (ret != 0) { goto cleanup; + } } /* Check ICV in "constant-time" */ - diff = mbedtls_ct_memcmp( NIST_KW_ICV2, A, KW_SEMIBLOCK_LENGTH / 2 ); + diff = mbedtls_ct_memcmp(NIST_KW_ICV2, A, KW_SEMIBLOCK_LENGTH / 2); - if( diff != 0 ) - { + if (diff != 0) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } - Plen = MBEDTLS_GET_UINT32_BE( A, KW_SEMIBLOCK_LENGTH / 2 ); + Plen = MBEDTLS_GET_UINT32_BE(A, KW_SEMIBLOCK_LENGTH / 2); /* * Plen is the length of the plaintext, when the input is valid. @@ -436,51 +420,45 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, * larger than 8, because of the type wrap around. */ padlen = in_len - KW_SEMIBLOCK_LENGTH - Plen; - if ( padlen > 7 ) - { + if (padlen > 7) { padlen &= 7; ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } /* Check padding in "constant-time" */ - for( diff = 0, i = 0; i < KW_SEMIBLOCK_LENGTH; i++ ) - { - if( i >= KW_SEMIBLOCK_LENGTH - padlen ) - diff |= output[*out_len - KW_SEMIBLOCK_LENGTH + i]; - else - bad_padding |= output[*out_len - KW_SEMIBLOCK_LENGTH + i]; + for (diff = 0, i = 0; i < KW_SEMIBLOCK_LENGTH; i++) { + if (i >= KW_SEMIBLOCK_LENGTH - padlen) { + diff |= output[*out_len - KW_SEMIBLOCK_LENGTH + i]; + } else { + bad_padding |= output[*out_len - KW_SEMIBLOCK_LENGTH + i]; + } } - if( diff != 0 ) - { + if (diff != 0) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } - if( ret != 0 ) - { + if (ret != 0) { goto cleanup; } - memset( output + Plen, 0, padlen ); + memset(output + Plen, 0, padlen); *out_len = Plen; - } - else - { + } else { ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; goto cleanup; } cleanup: - if( ret != 0 ) - { - memset( output, 0, *out_len ); + if (ret != 0) { + memset(output, 0, *out_len); *out_len = 0; } - mbedtls_platform_zeroize( &bad_padding, sizeof( bad_padding) ); - mbedtls_platform_zeroize( &diff, sizeof( diff ) ); - mbedtls_platform_zeroize( A, sizeof( A ) ); + mbedtls_platform_zeroize(&bad_padding, sizeof(bad_padding)); + mbedtls_platform_zeroize(&diff, sizeof(diff)); + mbedtls_platform_zeroize(A, sizeof(A)); - return( ret ); + return ret; } #endif /* !MBEDTLS_NIST_KW_ALT */ @@ -575,130 +553,133 @@ static const unsigned char kwp_res[KW_TESTS][48] = { }; static const size_t kwp_out_len[KW_TESTS] = { 24, 40, 16 }; -int mbedtls_nist_kw_self_test( int verbose ) +int mbedtls_nist_kw_self_test(int verbose) { mbedtls_nist_kw_context ctx; unsigned char out[48]; size_t olen; int i; int ret = 0; - mbedtls_nist_kw_init( &ctx ); + mbedtls_nist_kw_init(&ctx); - for( i = 0; i < KW_TESTS; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " KW-AES-%u ", (unsigned int) key_len[i] * 8 ); + for (i = 0; i < KW_TESTS; i++) { + if (verbose != 0) { + mbedtls_printf(" KW-AES-%u ", (unsigned int) key_len[i] * 8); + } - ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - kw_key[i], key_len[i] * 8, 1 ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( " KW: setup failed " ); + ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + kw_key[i], key_len[i] * 8, 1); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf(" KW: setup failed "); + } goto end; } - ret = mbedtls_nist_kw_wrap( &ctx, MBEDTLS_KW_MODE_KW, kw_msg[i], - kw_msg_len[i], out, &olen, sizeof( out ) ); - if( ret != 0 || kw_out_len[i] != olen || - memcmp( out, kw_res[i], kw_out_len[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed. "); + ret = mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KW, kw_msg[i], + kw_msg_len[i], out, &olen, sizeof(out)); + if (ret != 0 || kw_out_len[i] != olen || + memcmp(out, kw_res[i], kw_out_len[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed. "); + } ret = 1; goto end; } - if( ( ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - kw_key[i], key_len[i] * 8, 0 ) ) - != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( " KW: setup failed "); + if ((ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + kw_key[i], key_len[i] * 8, 0)) + != 0) { + if (verbose != 0) { + mbedtls_printf(" KW: setup failed "); + } goto end; } - ret = mbedtls_nist_kw_unwrap( &ctx, MBEDTLS_KW_MODE_KW, - out, olen, out, &olen, sizeof( out ) ); + ret = mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KW, + out, olen, out, &olen, sizeof(out)); - if( ret != 0 || olen != kw_msg_len[i] || - memcmp( out, kw_msg[i], kw_msg_len[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (ret != 0 || olen != kw_msg_len[i] || + memcmp(out, kw_msg[i], kw_msg_len[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto end; } - if( verbose != 0 ) - mbedtls_printf( " passed\n" ); + if (verbose != 0) { + mbedtls_printf(" passed\n"); + } } - for( i = 0; i < KW_TESTS; i++ ) - { - olen = sizeof( out ); - if( verbose != 0 ) - mbedtls_printf( " KWP-AES-%u ", (unsigned int) key_len[i] * 8 ); + for (i = 0; i < KW_TESTS; i++) { + olen = sizeof(out); + if (verbose != 0) { + mbedtls_printf(" KWP-AES-%u ", (unsigned int) key_len[i] * 8); + } - ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, kwp_key[i], - key_len[i] * 8, 1 ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( " KWP: setup failed " ); + ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, kwp_key[i], + key_len[i] * 8, 1); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf(" KWP: setup failed "); + } goto end; } - ret = mbedtls_nist_kw_wrap( &ctx, MBEDTLS_KW_MODE_KWP, kwp_msg[i], - kwp_msg_len[i], out, &olen, sizeof( out ) ); + ret = mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KWP, kwp_msg[i], + kwp_msg_len[i], out, &olen, sizeof(out)); - if( ret != 0 || kwp_out_len[i] != olen || - memcmp( out, kwp_res[i], kwp_out_len[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed. "); + if (ret != 0 || kwp_out_len[i] != olen || + memcmp(out, kwp_res[i], kwp_out_len[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed. "); + } ret = 1; goto end; } - if( ( ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - kwp_key[i], key_len[i] * 8, 0 ) ) - != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( " KWP: setup failed "); + if ((ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + kwp_key[i], key_len[i] * 8, 0)) + != 0) { + if (verbose != 0) { + mbedtls_printf(" KWP: setup failed "); + } goto end; } - ret = mbedtls_nist_kw_unwrap( &ctx, MBEDTLS_KW_MODE_KWP, out, - olen, out, &olen, sizeof( out ) ); + ret = mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KWP, out, + olen, out, &olen, sizeof(out)); - if( ret != 0 || olen != kwp_msg_len[i] || - memcmp( out, kwp_msg[i], kwp_msg_len[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed. "); + if (ret != 0 || olen != kwp_msg_len[i] || + memcmp(out, kwp_msg[i], kwp_msg_len[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed. "); + } ret = 1; goto end; } - if( verbose != 0 ) - mbedtls_printf( " passed\n" ); + if (verbose != 0) { + mbedtls_printf(" passed\n"); + } } end: - mbedtls_nist_kw_free( &ctx ); + mbedtls_nist_kw_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ diff --git a/library/oid.c b/library/oid.c index 53e5350eb3d5..fcff15273bee 100644 --- a/library/oid.c +++ b/library/oid.c @@ -41,23 +41,23 @@ * Macro to generate an internal function for oid_XXX_from_asn1() (used by * the other functions) */ -#define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \ - static const TYPE_T * oid_ ## NAME ## _from_asn1( \ - const mbedtls_asn1_buf *oid ) \ +#define FN_OID_TYPED_FROM_ASN1(TYPE_T, NAME, LIST) \ + static const TYPE_T *oid_ ## NAME ## _from_asn1( \ + const mbedtls_asn1_buf *oid) \ { \ const TYPE_T *p = (LIST); \ const mbedtls_oid_descriptor_t *cur = \ (const mbedtls_oid_descriptor_t *) p; \ - if( p == NULL || oid == NULL ) return( NULL ); \ - while( cur->asn1 != NULL ) { \ - if( cur->asn1_len == oid->len && \ - memcmp( cur->asn1, oid->p, oid->len ) == 0 ) { \ - return( p ); \ + if (p == NULL || oid == NULL) return NULL; \ + while (cur->asn1 != NULL) { \ + if (cur->asn1_len == oid->len && \ + memcmp(cur->asn1, oid->p, oid->len) == 0) { \ + return p; \ } \ p++; \ cur = (const mbedtls_oid_descriptor_t *) p; \ } \ - return( NULL ); \ + return NULL; \ } /* @@ -65,26 +65,26 @@ * descriptor of an mbedtls_oid_descriptor_t wrapper. */ #define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \ -int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \ -{ \ - const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \ - if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \ - *ATTR1 = data->descriptor.ATTR1; \ - return( 0 ); \ -} + int FN_NAME(const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1) \ + { \ + const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1(oid); \ + if (data == NULL) return MBEDTLS_ERR_OID_NOT_FOUND; \ + *ATTR1 = data->descriptor.ATTR1; \ + return 0; \ + } /* * Macro to generate a function for retrieving a single attribute from an * mbedtls_oid_descriptor_t wrapper. */ #define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \ -int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \ -{ \ - const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \ - if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \ - *ATTR1 = data->ATTR1; \ - return( 0 ); \ -} + int FN_NAME(const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1) \ + { \ + const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1(oid); \ + if (data == NULL) return MBEDTLS_ERR_OID_NOT_FOUND; \ + *ATTR1 = data->ATTR1; \ + return 0; \ + } /* * Macro to generate a function for retrieving two attributes from an @@ -92,34 +92,34 @@ int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) */ #define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \ ATTR2_TYPE, ATTR2) \ -int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, \ - ATTR2_TYPE * ATTR2 ) \ -{ \ - const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \ - if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \ - *(ATTR1) = data->ATTR1; \ - *(ATTR2) = data->ATTR2; \ - return( 0 ); \ -} + int FN_NAME(const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, \ + ATTR2_TYPE * ATTR2) \ + { \ + const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1(oid); \ + if (data == NULL) return MBEDTLS_ERR_OID_NOT_FOUND; \ + *(ATTR1) = data->ATTR1; \ + *(ATTR2) = data->ATTR2; \ + return 0; \ + } /* * Macro to generate a function for retrieving the OID based on a single * attribute from a mbedtls_oid_descriptor_t wrapper. */ #define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \ -int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \ -{ \ - const TYPE_T *cur = (LIST); \ - while( cur->descriptor.asn1 != NULL ) { \ - if( cur->ATTR1 == (ATTR1) ) { \ - *oid = cur->descriptor.asn1; \ - *olen = cur->descriptor.asn1_len; \ - return( 0 ); \ - } \ - cur++; \ - } \ - return( MBEDTLS_ERR_OID_NOT_FOUND ); \ -} + int FN_NAME(ATTR1_TYPE ATTR1, const char **oid, size_t *olen) \ + { \ + const TYPE_T *cur = (LIST); \ + while (cur->descriptor.asn1 != NULL) { \ + if (cur->ATTR1 == (ATTR1)) { \ + *oid = cur->descriptor.asn1; \ + *olen = cur->descriptor.asn1_len; \ + return 0; \ + } \ + cur++; \ + } \ + return MBEDTLS_ERR_OID_NOT_FOUND; \ + } /* * Macro to generate a function for retrieving the OID based on two @@ -127,20 +127,20 @@ int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \ */ #define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1, \ ATTR2_TYPE, ATTR2) \ -int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \ - size_t *olen ) \ -{ \ - const TYPE_T *cur = (LIST); \ - while( cur->descriptor.asn1 != NULL ) { \ - if( cur->ATTR1 == (ATTR1) && cur->ATTR2 == (ATTR2) ) { \ - *oid = cur->descriptor.asn1; \ - *olen = cur->descriptor.asn1_len; \ - return( 0 ); \ - } \ - cur++; \ - } \ - return( MBEDTLS_ERR_OID_NOT_FOUND ); \ -} + int FN_NAME(ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid, \ + size_t *olen) \ + { \ + const TYPE_T *cur = (LIST); \ + while (cur->descriptor.asn1 != NULL) { \ + if (cur->ATTR1 == (ATTR1) && cur->ATTR2 == (ATTR2)) { \ + *oid = cur->descriptor.asn1; \ + *olen = cur->descriptor.asn1_len; \ + return 0; \ + } \ + cur++; \ + } \ + return MBEDTLS_ERR_OID_NOT_FOUND; \ + } /* * For X520 attribute types @@ -153,79 +153,84 @@ typedef struct { static const oid_x520_attr_t oid_x520_attr_type[] = { { - { ADD_LEN( MBEDTLS_OID_AT_CN ), "id-at-commonName", "Common Name" }, + { ADD_LEN(MBEDTLS_OID_AT_CN), "id-at-commonName", "Common Name" }, "CN", }, { - { ADD_LEN( MBEDTLS_OID_AT_COUNTRY ), "id-at-countryName", "Country" }, + { ADD_LEN(MBEDTLS_OID_AT_COUNTRY), "id-at-countryName", "Country" }, "C", }, { - { ADD_LEN( MBEDTLS_OID_AT_LOCALITY ), "id-at-locality", "Locality" }, + { ADD_LEN(MBEDTLS_OID_AT_LOCALITY), "id-at-locality", "Locality" }, "L", }, { - { ADD_LEN( MBEDTLS_OID_AT_STATE ), "id-at-state", "State" }, + { ADD_LEN(MBEDTLS_OID_AT_STATE), "id-at-state", "State" }, "ST", }, { - { ADD_LEN( MBEDTLS_OID_AT_ORGANIZATION ),"id-at-organizationName", "Organization" }, + { ADD_LEN(MBEDTLS_OID_AT_ORGANIZATION), "id-at-organizationName", "Organization" }, "O", }, { - { ADD_LEN( MBEDTLS_OID_AT_ORG_UNIT ), "id-at-organizationalUnitName", "Org Unit" }, + { ADD_LEN(MBEDTLS_OID_AT_ORG_UNIT), "id-at-organizationalUnitName", "Org Unit" }, "OU", }, { - { ADD_LEN( MBEDTLS_OID_PKCS9_EMAIL ), "emailAddress", "E-mail address" }, + { ADD_LEN(MBEDTLS_OID_PKCS9_EMAIL), "emailAddress", "E-mail address" }, "emailAddress", }, { - { ADD_LEN( MBEDTLS_OID_AT_SERIAL_NUMBER ),"id-at-serialNumber", "Serial number" }, + { ADD_LEN(MBEDTLS_OID_AT_SERIAL_NUMBER), "id-at-serialNumber", "Serial number" }, "serialNumber", }, { - { ADD_LEN( MBEDTLS_OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress", "Postal address" }, + { ADD_LEN(MBEDTLS_OID_AT_POSTAL_ADDRESS), "id-at-postalAddress", + "Postal address" }, "postalAddress", }, { - { ADD_LEN( MBEDTLS_OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" }, + { ADD_LEN(MBEDTLS_OID_AT_POSTAL_CODE), "id-at-postalCode", "Postal code" }, "postalCode", }, { - { ADD_LEN( MBEDTLS_OID_AT_SUR_NAME ), "id-at-surName", "Surname" }, + { ADD_LEN(MBEDTLS_OID_AT_SUR_NAME), "id-at-surName", "Surname" }, "SN", }, { - { ADD_LEN( MBEDTLS_OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" }, + { ADD_LEN(MBEDTLS_OID_AT_GIVEN_NAME), "id-at-givenName", "Given name" }, "GN", }, { - { ADD_LEN( MBEDTLS_OID_AT_INITIALS ), "id-at-initials", "Initials" }, + { ADD_LEN(MBEDTLS_OID_AT_INITIALS), "id-at-initials", "Initials" }, "initials", }, { - { ADD_LEN( MBEDTLS_OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" }, + { ADD_LEN(MBEDTLS_OID_AT_GENERATION_QUALIFIER), "id-at-generationQualifier", + "Generation qualifier" }, "generationQualifier", }, { - { ADD_LEN( MBEDTLS_OID_AT_TITLE ), "id-at-title", "Title" }, + { ADD_LEN(MBEDTLS_OID_AT_TITLE), "id-at-title", "Title" }, "title", }, { - { ADD_LEN( MBEDTLS_OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" }, + { ADD_LEN(MBEDTLS_OID_AT_DN_QUALIFIER), "id-at-dnQualifier", + "Distinguished Name qualifier" }, "dnQualifier", }, { - { ADD_LEN( MBEDTLS_OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" }, + { ADD_LEN(MBEDTLS_OID_AT_PSEUDONYM), "id-at-pseudonym", "Pseudonym" }, "pseudonym", }, { - { ADD_LEN( MBEDTLS_OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" }, + { ADD_LEN(MBEDTLS_OID_DOMAIN_COMPONENT), "id-domainComponent", + "Domain component" }, "DC", }, { - { ADD_LEN( MBEDTLS_OID_AT_UNIQUE_IDENTIFIER ), "id-at-uniqueIdentifier", "Unique Identifier" }, + { ADD_LEN(MBEDTLS_OID_AT_UNIQUE_IDENTIFIER), "id-at-uniqueIdentifier", + "Unique Identifier" }, "uniqueIdentifier", }, { @@ -235,7 +240,11 @@ static const oid_x520_attr_t oid_x520_attr_type[] = }; FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type) -FN_OID_GET_ATTR1(mbedtls_oid_get_attr_short_name, oid_x520_attr_t, x520_attr, const char *, short_name) +FN_OID_GET_ATTR1(mbedtls_oid_get_attr_short_name, + oid_x520_attr_t, + x520_attr, + const char *, + short_name) /* * For X509 extensions @@ -248,27 +257,32 @@ typedef struct { static const oid_x509_ext_t oid_x509_ext[] = { { - { ADD_LEN( MBEDTLS_OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" }, + { ADD_LEN(MBEDTLS_OID_BASIC_CONSTRAINTS), "id-ce-basicConstraints", + "Basic Constraints" }, MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS, }, { - { ADD_LEN( MBEDTLS_OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" }, + { ADD_LEN(MBEDTLS_OID_KEY_USAGE), "id-ce-keyUsage", "Key Usage" }, MBEDTLS_OID_X509_EXT_KEY_USAGE, }, { - { ADD_LEN( MBEDTLS_OID_EXTENDED_KEY_USAGE ), "id-ce-extKeyUsage", "Extended Key Usage" }, + { ADD_LEN(MBEDTLS_OID_EXTENDED_KEY_USAGE), "id-ce-extKeyUsage", + "Extended Key Usage" }, MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE, }, { - { ADD_LEN( MBEDTLS_OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" }, + { ADD_LEN(MBEDTLS_OID_SUBJECT_ALT_NAME), "id-ce-subjectAltName", + "Subject Alt Name" }, MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME, }, { - { ADD_LEN( MBEDTLS_OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" }, + { ADD_LEN(MBEDTLS_OID_NS_CERT_TYPE), "id-netscape-certtype", + "Netscape Certificate Type" }, MBEDTLS_OID_X509_EXT_NS_CERT_TYPE, }, { - { ADD_LEN( MBEDTLS_OID_CERTIFICATE_POLICIES ), "id-ce-certificatePolicies", "Certificate Policies" }, + { ADD_LEN(MBEDTLS_OID_CERTIFICATE_POLICIES), "id-ce-certificatePolicies", + "Certificate Policies" }, MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES, }, { @@ -282,27 +296,38 @@ FN_OID_GET_ATTR1(mbedtls_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, e static const mbedtls_oid_descriptor_t oid_ext_key_usage[] = { - { ADD_LEN( MBEDTLS_OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" }, - { ADD_LEN( MBEDTLS_OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" }, - { ADD_LEN( MBEDTLS_OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" }, - { ADD_LEN( MBEDTLS_OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" }, - { ADD_LEN( MBEDTLS_OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" }, - { ADD_LEN( MBEDTLS_OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" }, - { ADD_LEN( MBEDTLS_OID_WISUN_FAN ), "id-kp-wisun-fan-device", "Wi-SUN Alliance Field Area Network (FAN)" }, + { ADD_LEN(MBEDTLS_OID_SERVER_AUTH), "id-kp-serverAuth", + "TLS Web Server Authentication" }, + { ADD_LEN(MBEDTLS_OID_CLIENT_AUTH), "id-kp-clientAuth", + "TLS Web Client Authentication" }, + { ADD_LEN(MBEDTLS_OID_CODE_SIGNING), "id-kp-codeSigning", "Code Signing" }, + { ADD_LEN(MBEDTLS_OID_EMAIL_PROTECTION), "id-kp-emailProtection", "E-mail Protection" }, + { ADD_LEN(MBEDTLS_OID_TIME_STAMPING), "id-kp-timeStamping", "Time Stamping" }, + { ADD_LEN(MBEDTLS_OID_OCSP_SIGNING), "id-kp-OCSPSigning", "OCSP Signing" }, + { ADD_LEN(MBEDTLS_OID_WISUN_FAN), "id-kp-wisun-fan-device", + "Wi-SUN Alliance Field Area Network (FAN)" }, { NULL, 0, NULL, NULL }, }; FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, ext_key_usage, oid_ext_key_usage) -FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage, mbedtls_oid_descriptor_t, ext_key_usage, const char *, description) +FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage, + mbedtls_oid_descriptor_t, + ext_key_usage, + const char *, + description) static const mbedtls_oid_descriptor_t oid_certificate_policies[] = { - { ADD_LEN( MBEDTLS_OID_ANY_POLICY ), "anyPolicy", "Any Policy" }, + { ADD_LEN(MBEDTLS_OID_ANY_POLICY), "anyPolicy", "Any Policy" }, { NULL, 0, NULL, NULL }, }; FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, certificate_policies, oid_certificate_policies) -FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies, mbedtls_oid_descriptor_t, certificate_policies, const char *, description) +FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies, + mbedtls_oid_descriptor_t, + certificate_policies, + const char *, + description) #if defined(MBEDTLS_MD_C) /* @@ -319,51 +344,51 @@ static const oid_sig_alg_t oid_sig_alg[] = #if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_MD2_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_MD2 ), "md2WithRSAEncryption", "RSA with MD2" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_MD2), "md2WithRSAEncryption", "RSA with MD2" }, MBEDTLS_MD_MD2, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_MD2_C */ #if defined(MBEDTLS_MD4_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_MD4 ), "md4WithRSAEncryption", "RSA with MD4" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_MD4), "md4WithRSAEncryption", "RSA with MD4" }, MBEDTLS_MD_MD4, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_MD4_C */ #if defined(MBEDTLS_MD5_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_MD5 ), "md5WithRSAEncryption", "RSA with MD5" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_MD5), "md5WithRSAEncryption", "RSA with MD5" }, MBEDTLS_MD_MD5, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_MD5_C */ #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA1 ), "sha-1WithRSAEncryption", "RSA with SHA1" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_SHA1), "sha-1WithRSAEncryption", "RSA with SHA1" }, MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA224 ), "sha224WithRSAEncryption", "RSA with SHA-224" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_SHA224), "sha224WithRSAEncryption", "RSA with SHA-224" }, MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA, }, { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA256 ), "sha256WithRSAEncryption", "RSA with SHA-256" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_SHA256), "sha256WithRSAEncryption", "RSA with SHA-256" }, MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA384 ), "sha384WithRSAEncryption", "RSA with SHA-384" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_SHA384), "sha384WithRSAEncryption", "RSA with SHA-384" }, MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA, }, { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA512 ), "sha512WithRSAEncryption", "RSA with SHA-512" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_SHA512), "sha512WithRSAEncryption", "RSA with SHA-512" }, MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA512_C */ #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_RSA_SHA_OBS ), "sha-1WithRSAEncryption", "RSA with SHA1" }, + { ADD_LEN(MBEDTLS_OID_RSA_SHA_OBS), "sha-1WithRSAEncryption", "RSA with SHA1" }, MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA1_C */ @@ -371,34 +396,34 @@ static const oid_sig_alg_t oid_sig_alg[] = #if defined(MBEDTLS_ECDSA_C) #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA1 ), "ecdsa-with-SHA1", "ECDSA with SHA1" }, + { ADD_LEN(MBEDTLS_OID_ECDSA_SHA1), "ecdsa-with-SHA1", "ECDSA with SHA1" }, MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA224 ), "ecdsa-with-SHA224", "ECDSA with SHA224" }, + { ADD_LEN(MBEDTLS_OID_ECDSA_SHA224), "ecdsa-with-SHA224", "ECDSA with SHA224" }, MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA, }, { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA256 ), "ecdsa-with-SHA256", "ECDSA with SHA256" }, + { ADD_LEN(MBEDTLS_OID_ECDSA_SHA256), "ecdsa-with-SHA256", "ECDSA with SHA256" }, MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA384 ), "ecdsa-with-SHA384", "ECDSA with SHA384" }, + { ADD_LEN(MBEDTLS_OID_ECDSA_SHA384), "ecdsa-with-SHA384", "ECDSA with SHA384" }, MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA, }, { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" }, + { ADD_LEN(MBEDTLS_OID_ECDSA_SHA512), "ecdsa-with-SHA512", "ECDSA with SHA512" }, MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_ECDSA_C */ #if defined(MBEDTLS_RSA_C) { - { ADD_LEN( MBEDTLS_OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" }, + { ADD_LEN(MBEDTLS_OID_RSASSA_PSS), "RSASSA-PSS", "RSASSA-PSS" }, MBEDTLS_MD_NONE, MBEDTLS_PK_RSASSA_PSS, }, #endif /* MBEDTLS_RSA_C */ @@ -409,9 +434,25 @@ static const oid_sig_alg_t oid_sig_alg[] = }; FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg) -FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description) -FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg) -FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg) +FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, + oid_sig_alg_t, + sig_alg, + const char *, + description) +FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, + oid_sig_alg_t, + sig_alg, + mbedtls_md_type_t, + md_alg, + mbedtls_pk_type_t, + pk_alg) +FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, + oid_sig_alg_t, + oid_sig_alg, + mbedtls_pk_type_t, + pk_alg, + mbedtls_md_type_t, + md_alg) #endif /* MBEDTLS_MD_C */ /* @@ -425,15 +466,15 @@ typedef struct { static const oid_pk_alg_t oid_pk_alg[] = { { - { ADD_LEN( MBEDTLS_OID_PKCS1_RSA ), "rsaEncryption", "RSA" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_RSA), "rsaEncryption", "RSA" }, MBEDTLS_PK_RSA, }, { - { ADD_LEN( MBEDTLS_OID_EC_ALG_UNRESTRICTED ), "id-ecPublicKey", "Generic EC key" }, + { ADD_LEN(MBEDTLS_OID_EC_ALG_UNRESTRICTED), "id-ecPublicKey", "Generic EC key" }, MBEDTLS_PK_ECKEY, }, { - { ADD_LEN( MBEDTLS_OID_EC_ALG_ECDH ), "id-ecDH", "EC key for ECDH" }, + { ADD_LEN(MBEDTLS_OID_EC_ALG_ECDH), "id-ecDH", "EC key for ECDH" }, MBEDTLS_PK_ECKEY_DH, }, { @@ -444,7 +485,11 @@ static const oid_pk_alg_t oid_pk_alg[] = FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg) FN_OID_GET_ATTR1(mbedtls_oid_get_pk_alg, oid_pk_alg_t, pk_alg, mbedtls_pk_type_t, pk_alg) -FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_pk_alg, oid_pk_alg_t, oid_pk_alg, mbedtls_pk_type_t, pk_alg) +FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_pk_alg, + oid_pk_alg_t, + oid_pk_alg, + mbedtls_pk_type_t, + pk_alg) #if defined(MBEDTLS_ECP_C) /* @@ -459,67 +504,67 @@ static const oid_ecp_grp_t oid_ecp_grp[] = { #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192R1 ), "secp192r1", "secp192r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP192R1), "secp192r1", "secp192r1" }, MBEDTLS_ECP_DP_SECP192R1, }, #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224R1 ), "secp224r1", "secp224r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP224R1), "secp224r1", "secp224r1" }, MBEDTLS_ECP_DP_SECP224R1, }, #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256R1 ), "secp256r1", "secp256r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP256R1), "secp256r1", "secp256r1" }, MBEDTLS_ECP_DP_SECP256R1, }, #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP384R1 ), "secp384r1", "secp384r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP384R1), "secp384r1", "secp384r1" }, MBEDTLS_ECP_DP_SECP384R1, }, #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP521R1 ), "secp521r1", "secp521r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP521R1), "secp521r1", "secp521r1" }, MBEDTLS_ECP_DP_SECP521R1, }, #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192K1 ), "secp192k1", "secp192k1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP192K1), "secp192k1", "secp192k1" }, MBEDTLS_ECP_DP_SECP192K1, }, #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224K1 ), "secp224k1", "secp224k1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP224K1), "secp224k1", "secp224k1" }, MBEDTLS_ECP_DP_SECP224K1, }, #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256K1 ), "secp256k1", "secp256k1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP256K1), "secp256k1", "secp256k1" }, MBEDTLS_ECP_DP_SECP256K1, }, #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_BP256R1 ), "brainpoolP256r1","brainpool256r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_BP256R1), "brainpoolP256r1", "brainpool256r1" }, MBEDTLS_ECP_DP_BP256R1, }, #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_BP384R1 ), "brainpoolP384r1","brainpool384r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_BP384R1), "brainpoolP384r1", "brainpool384r1" }, MBEDTLS_ECP_DP_BP384R1, }, #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_BP512R1 ), "brainpoolP512r1","brainpool512r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_BP512R1), "brainpoolP512r1", "brainpool512r1" }, MBEDTLS_ECP_DP_BP512R1, }, #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ @@ -531,7 +576,11 @@ static const oid_ecp_grp_t oid_ecp_grp[] = FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp) FN_OID_GET_ATTR1(mbedtls_oid_get_ec_grp, oid_ecp_grp_t, grp_id, mbedtls_ecp_group_id, grp_id) -FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_ec_grp, oid_ecp_grp_t, oid_ecp_grp, mbedtls_ecp_group_id, grp_id) +FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_ec_grp, + oid_ecp_grp_t, + oid_ecp_grp, + mbedtls_ecp_group_id, + grp_id) #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_CIPHER_C) @@ -546,11 +595,11 @@ typedef struct { static const oid_cipher_alg_t oid_cipher_alg[] = { { - { ADD_LEN( MBEDTLS_OID_DES_CBC ), "desCBC", "DES-CBC" }, + { ADD_LEN(MBEDTLS_OID_DES_CBC), "desCBC", "DES-CBC" }, MBEDTLS_CIPHER_DES_CBC, }, { - { ADD_LEN( MBEDTLS_OID_DES_EDE3_CBC ), "des-ede3-cbc", "DES-EDE3-CBC" }, + { ADD_LEN(MBEDTLS_OID_DES_EDE3_CBC), "des-ede3-cbc", "DES-EDE3-CBC" }, MBEDTLS_CIPHER_DES_EDE3_CBC, }, { @@ -560,7 +609,11 @@ static const oid_cipher_alg_t oid_cipher_alg[] = }; FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg) -FN_OID_GET_ATTR1(mbedtls_oid_get_cipher_alg, oid_cipher_alg_t, cipher_alg, mbedtls_cipher_type_t, cipher_alg) +FN_OID_GET_ATTR1(mbedtls_oid_get_cipher_alg, + oid_cipher_alg_t, + cipher_alg, + mbedtls_cipher_type_t, + cipher_alg) #endif /* MBEDTLS_CIPHER_C */ #if defined(MBEDTLS_MD_C) @@ -576,51 +629,51 @@ static const oid_md_alg_t oid_md_alg[] = { #if defined(MBEDTLS_MD2_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD2 ), "id-md2", "MD2" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_MD2), "id-md2", "MD2" }, MBEDTLS_MD_MD2, }, #endif /* MBEDTLS_MD2_C */ #if defined(MBEDTLS_MD4_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD4 ), "id-md4", "MD4" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_MD4), "id-md4", "MD4" }, MBEDTLS_MD_MD4, }, #endif /* MBEDTLS_MD4_C */ #if defined(MBEDTLS_MD5_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD5 ), "id-md5", "MD5" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_MD5), "id-md5", "MD5" }, MBEDTLS_MD_MD5, }, #endif /* MBEDTLS_MD5_C */ #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA1 ), "id-sha1", "SHA-1" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA1), "id-sha1", "SHA-1" }, MBEDTLS_MD_SHA1, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA224 ), "id-sha224", "SHA-224" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA224), "id-sha224", "SHA-224" }, MBEDTLS_MD_SHA224, }, { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA256 ), "id-sha256", "SHA-256" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA256), "id-sha256", "SHA-256" }, MBEDTLS_MD_SHA256, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA384 ), "id-sha384", "SHA-384" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA384), "id-sha384", "SHA-384" }, MBEDTLS_MD_SHA384, }, { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA512 ), "id-sha512", "SHA-512" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA512), "id-sha512", "SHA-512" }, MBEDTLS_MD_SHA512, }, #endif /* MBEDTLS_SHA512_C */ #if defined(MBEDTLS_RIPEMD160_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_RIPEMD160 ), "id-ripemd160", "RIPEMD-160" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_RIPEMD160), "id-ripemd160", "RIPEMD-160" }, MBEDTLS_MD_RIPEMD160, }, #endif /* MBEDTLS_RIPEMD160_C */ @@ -632,7 +685,11 @@ static const oid_md_alg_t oid_md_alg[] = FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg) FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg) -FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg) +FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, + oid_md_alg_t, + oid_md_alg, + mbedtls_md_type_t, + md_alg) /* * For HMAC digestAlgorithm @@ -646,27 +703,27 @@ static const oid_md_hmac_t oid_md_hmac[] = { #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA1 ), "hmacSHA1", "HMAC-SHA-1" }, + { ADD_LEN(MBEDTLS_OID_HMAC_SHA1), "hmacSHA1", "HMAC-SHA-1" }, MBEDTLS_MD_SHA1, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA224 ), "hmacSHA224", "HMAC-SHA-224" }, + { ADD_LEN(MBEDTLS_OID_HMAC_SHA224), "hmacSHA224", "HMAC-SHA-224" }, MBEDTLS_MD_SHA224, }, { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA256 ), "hmacSHA256", "HMAC-SHA-256" }, + { ADD_LEN(MBEDTLS_OID_HMAC_SHA256), "hmacSHA256", "HMAC-SHA-256" }, MBEDTLS_MD_SHA256, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA384 ), "hmacSHA384", "HMAC-SHA-384" }, + { ADD_LEN(MBEDTLS_OID_HMAC_SHA384), "hmacSHA384", "HMAC-SHA-384" }, MBEDTLS_MD_SHA384, }, { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA512 ), "hmacSHA512", "HMAC-SHA-512" }, + { ADD_LEN(MBEDTLS_OID_HMAC_SHA512), "hmacSHA512", "HMAC-SHA-512" }, MBEDTLS_MD_SHA512, }, #endif /* MBEDTLS_SHA512_C */ @@ -693,11 +750,13 @@ typedef struct { static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] = { { - { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" }, + { ADD_LEN(MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC), "pbeWithSHAAnd3-KeyTripleDES-CBC", + "PBE with SHA1 and 3-Key 3DES" }, MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE3_CBC, }, { - { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" }, + { ADD_LEN(MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC), "pbeWithSHAAnd2-KeyTripleDES-CBC", + "PBE with SHA1 and 2-Key 3DES" }, MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE_CBC, }, { @@ -707,21 +766,27 @@ static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] = }; FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg) -FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, mbedtls_md_type_t, md_alg, mbedtls_cipher_type_t, cipher_alg) +FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, + oid_pkcs12_pbe_alg_t, + pkcs12_pbe_alg, + mbedtls_md_type_t, + md_alg, + mbedtls_cipher_type_t, + cipher_alg) #endif /* MBEDTLS_PKCS12_C */ #define OID_SAFE_SNPRINTF \ do { \ - if( ret < 0 || (size_t) ret >= n ) \ - return( MBEDTLS_ERR_OID_BUF_TOO_SMALL ); \ - \ + if (ret < 0 || (size_t) ret >= n) \ + return MBEDTLS_ERR_OID_BUF_TOO_SMALL; \ + \ n -= (size_t) ret; \ p += (size_t) ret; \ - } while( 0 ) + } while (0) /* Return the x.y.z.... style numeric string for the given OID */ -int mbedtls_oid_get_numeric_string( char *buf, size_t size, - const mbedtls_asn1_buf *oid ) +int mbedtls_oid_get_numeric_string(char *buf, size_t size, + const mbedtls_asn1_buf *oid) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, n; @@ -732,32 +797,30 @@ int mbedtls_oid_get_numeric_string( char *buf, size_t size, n = size; /* First byte contains first two dots */ - if( oid->len > 0 ) - { - ret = mbedtls_snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 ); + if (oid->len > 0) { + ret = mbedtls_snprintf(p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40); OID_SAFE_SNPRINTF; } value = 0; - for( i = 1; i < oid->len; i++ ) - { + for (i = 1; i < oid->len; i++) { /* Prevent overflow in value. */ - if( ( ( value << 7 ) >> 7 ) != value ) - return( MBEDTLS_ERR_OID_BUF_TOO_SMALL ); + if (((value << 7) >> 7) != value) { + return MBEDTLS_ERR_OID_BUF_TOO_SMALL; + } value <<= 7; value += oid->p[i] & 0x7F; - if( !( oid->p[i] & 0x80 ) ) - { + if (!(oid->p[i] & 0x80)) { /* Last byte */ - ret = mbedtls_snprintf( p, n, ".%u", value ); + ret = mbedtls_snprintf(p, n, ".%u", value); OID_SAFE_SNPRINTF; value = 0; } } - return( (int) ( size - n ) ); + return (int) (size - n); } #endif /* MBEDTLS_OID_C */ diff --git a/library/padlock.c b/library/padlock.c index 12ea2472d7ea..303f82c71038 100644 --- a/library/padlock.c +++ b/library/padlock.c @@ -42,14 +42,13 @@ /* * PadLock detection routine */ -int mbedtls_padlock_has_support( int feature ) +int mbedtls_padlock_has_support(int feature) { static int flags = -1; int ebx = 0, edx = 0; - if( flags == -1 ) - { - asm( "movl %%ebx, %0 \n\t" + if (flags == -1) { + asm ("movl %%ebx, %0 \n\t" "movl $0xC0000000, %%eax \n\t" "cpuid \n\t" "cmpl $0xC0000001, %%eax \n\t" @@ -62,21 +61,21 @@ int mbedtls_padlock_has_support( int feature ) "movl %2, %%ebx \n\t" : "=m" (ebx), "=m" (edx) : "m" (ebx) - : "eax", "ecx", "edx" ); + : "eax", "ecx", "edx"); flags = edx; } - return( flags & feature ); + return flags & feature; } /* * PadLock AES-ECB block en(de)cryption */ -int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ) +int mbedtls_padlock_xcryptecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]) { int ebx = 0; uint32_t *rk; @@ -85,13 +84,13 @@ int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, unsigned char buf[256]; rk = ctx->rk; - blk = MBEDTLS_PADLOCK_ALIGN16( buf ); - memcpy( blk, input, 16 ); + blk = MBEDTLS_PADLOCK_ALIGN16(buf); + memcpy(blk, input, 16); - ctrl = blk + 4; - *ctrl = 0x80 | ctx->nr | ( ( ctx->nr + ( mode^1 ) - 10 ) << 9 ); + ctrl = blk + 4; + *ctrl = 0x80 | ctx->nr | ((ctx->nr + (mode^1) - 10) << 9); - asm( "pushfl \n\t" + asm ("pushfl \n\t" "popfl \n\t" "movl %%ebx, %0 \n\t" "movl $1, %%ecx \n\t" @@ -103,22 +102,22 @@ int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, "movl %1, %%ebx \n\t" : "=m" (ebx) : "m" (ebx), "m" (ctrl), "m" (rk), "m" (blk) - : "memory", "ecx", "edx", "esi", "edi" ); + : "memory", "ecx", "edx", "esi", "edi"); - memcpy( output, blk, 16 ); + memcpy(output, blk, 16); - return( 0 ); + return 0; } /* * PadLock AES-CBC buffer en(de)cryption */ -int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int ebx = 0; size_t count; @@ -127,20 +126,21 @@ int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx, uint32_t *ctrl; unsigned char buf[256]; - if( ( (long) input & 15 ) != 0 || - ( (long) output & 15 ) != 0 ) - return( MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED ); + if (((long) input & 15) != 0 || + ((long) output & 15) != 0) { + return MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED; + } rk = ctx->rk; - iw = MBEDTLS_PADLOCK_ALIGN16( buf ); - memcpy( iw, iv, 16 ); + iw = MBEDTLS_PADLOCK_ALIGN16(buf); + memcpy(iw, iv, 16); - ctrl = iw + 4; - *ctrl = 0x80 | ctx->nr | ( ( ctx->nr + ( mode ^ 1 ) - 10 ) << 9 ); + ctrl = iw + 4; + *ctrl = 0x80 | ctx->nr | ((ctx->nr + (mode ^ 1) - 10) << 9); - count = ( length + 15 ) >> 4; + count = (length + 15) >> 4; - asm( "pushfl \n\t" + asm ("pushfl \n\t" "popfl \n\t" "movl %%ebx, %0 \n\t" "movl %2, %%ecx \n\t" @@ -153,12 +153,12 @@ int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx, "movl %1, %%ebx \n\t" : "=m" (ebx) : "m" (ebx), "m" (count), "m" (ctrl), - "m" (rk), "m" (input), "m" (output), "m" (iw) - : "memory", "eax", "ecx", "edx", "esi", "edi" ); + "m" (rk), "m" (input), "m" (output), "m" (iw) + : "memory", "eax", "ecx", "edx", "esi", "edi"); - memcpy( iv, iw, 16 ); + memcpy(iv, iw, 16); - return( 0 ); + return 0; } #endif /* MBEDTLS_HAVE_X86 */ diff --git a/library/pem.c b/library/pem.c index cb1c82b3e4d7..3b9a3e91f291 100644 --- a/library/pem.c +++ b/library/pem.c @@ -35,151 +35,170 @@ #include "mbedtls/platform.h" #if defined(MBEDTLS_PEM_PARSE_C) -void mbedtls_pem_init( mbedtls_pem_context *ctx ) +void mbedtls_pem_init(mbedtls_pem_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_pem_context ) ); + memset(ctx, 0, sizeof(mbedtls_pem_context)); } #if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) + (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C)) /* * Read a 16-byte hex string and convert it to binary */ -static int pem_get_iv( const unsigned char *s, unsigned char *iv, - size_t iv_len ) +static int pem_get_iv(const unsigned char *s, unsigned char *iv, + size_t iv_len) { size_t i, j, k; - memset( iv, 0, iv_len ); - - for( i = 0; i < iv_len * 2; i++, s++ ) - { - if( *s >= '0' && *s <= '9' ) j = *s - '0'; else - if( *s >= 'A' && *s <= 'F' ) j = *s - '7'; else - if( *s >= 'a' && *s <= 'f' ) j = *s - 'W'; else - return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); + memset(iv, 0, iv_len); + + for (i = 0; i < iv_len * 2; i++, s++) { + if (*s >= '0' && *s <= '9') { + j = *s - '0'; + } else + if (*s >= 'A' && *s <= 'F') { + j = *s - '7'; + } else + if (*s >= 'a' && *s <= 'f') { + j = *s - 'W'; + } else { + return MBEDTLS_ERR_PEM_INVALID_ENC_IV; + } - k = ( ( i & 1 ) != 0 ) ? j : j << 4; + k = ((i & 1) != 0) ? j : j << 4; - iv[i >> 1] = (unsigned char)( iv[i >> 1] | k ); + iv[i >> 1] = (unsigned char) (iv[i >> 1] | k); } - return( 0 ); + return 0; } -static int pem_pbkdf1( unsigned char *key, size_t keylen, - unsigned char *iv, - const unsigned char *pwd, size_t pwdlen ) +static int pem_pbkdf1(unsigned char *key, size_t keylen, + unsigned char *iv, + const unsigned char *pwd, size_t pwdlen) { mbedtls_md5_context md5_ctx; unsigned char md5sum[16]; size_t use_len; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_md5_init( &md5_ctx ); + mbedtls_md5_init(&md5_ctx); /* * key[ 0..15] = MD5(pwd || IV) */ - if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 ) + if ((ret = mbedtls_md5_starts_ret(&md5_ctx)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5_ctx, pwd, pwdlen)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5_ctx, iv, 8)) != 0) { goto exit; - if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 ) + } + if ((ret = mbedtls_md5_finish_ret(&md5_ctx, md5sum)) != 0) { goto exit; + } - if( keylen <= 16 ) - { - memcpy( key, md5sum, keylen ); + if (keylen <= 16) { + memcpy(key, md5sum, keylen); goto exit; } - memcpy( key, md5sum, 16 ); + memcpy(key, md5sum, 16); /* * key[16..23] = MD5(key[ 0..15] || pwd || IV]) */ - if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 ) + if ((ret = mbedtls_md5_starts_ret(&md5_ctx)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, md5sum, 16 ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5_ctx, md5sum, 16)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5_ctx, pwd, pwdlen)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5_ctx, iv, 8)) != 0) { goto exit; - if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 ) + } + if ((ret = mbedtls_md5_finish_ret(&md5_ctx, md5sum)) != 0) { goto exit; + } use_len = 16; - if( keylen < 32 ) + if (keylen < 32) { use_len = keylen - 16; + } - memcpy( key + 16, md5sum, use_len ); + memcpy(key + 16, md5sum, use_len); exit: - mbedtls_md5_free( &md5_ctx ); - mbedtls_platform_zeroize( md5sum, 16 ); + mbedtls_md5_free(&md5_ctx); + mbedtls_platform_zeroize(md5sum, 16); - return( ret ); + return ret; } #if defined(MBEDTLS_DES_C) /* * Decrypt with DES-CBC, using PBKDF1 for key derivation */ -static int pem_des_decrypt( unsigned char des_iv[8], - unsigned char *buf, size_t buflen, - const unsigned char *pwd, size_t pwdlen ) +static int pem_des_decrypt(unsigned char des_iv[8], + unsigned char *buf, size_t buflen, + const unsigned char *pwd, size_t pwdlen) { mbedtls_des_context des_ctx; unsigned char des_key[8]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_des_init( &des_ctx ); + mbedtls_des_init(&des_ctx); - if( ( ret = pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen ) ) != 0 ) + if ((ret = pem_pbkdf1(des_key, 8, des_iv, pwd, pwdlen)) != 0) { goto exit; + } - if( ( ret = mbedtls_des_setkey_dec( &des_ctx, des_key ) ) != 0 ) + if ((ret = mbedtls_des_setkey_dec(&des_ctx, des_key)) != 0) { goto exit; - ret = mbedtls_des_crypt_cbc( &des_ctx, MBEDTLS_DES_DECRYPT, buflen, - des_iv, buf, buf ); + } + ret = mbedtls_des_crypt_cbc(&des_ctx, MBEDTLS_DES_DECRYPT, buflen, + des_iv, buf, buf); exit: - mbedtls_des_free( &des_ctx ); - mbedtls_platform_zeroize( des_key, 8 ); + mbedtls_des_free(&des_ctx); + mbedtls_platform_zeroize(des_key, 8); - return( ret ); + return ret; } /* * Decrypt with 3DES-CBC, using PBKDF1 for key derivation */ -static int pem_des3_decrypt( unsigned char des3_iv[8], - unsigned char *buf, size_t buflen, - const unsigned char *pwd, size_t pwdlen ) +static int pem_des3_decrypt(unsigned char des3_iv[8], + unsigned char *buf, size_t buflen, + const unsigned char *pwd, size_t pwdlen) { mbedtls_des3_context des3_ctx; unsigned char des3_key[24]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_des3_init( &des3_ctx ); + mbedtls_des3_init(&des3_ctx); - if( ( ret = pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen ) ) != 0 ) + if ((ret = pem_pbkdf1(des3_key, 24, des3_iv, pwd, pwdlen)) != 0) { goto exit; + } - if( ( ret = mbedtls_des3_set3key_dec( &des3_ctx, des3_key ) ) != 0 ) + if ((ret = mbedtls_des3_set3key_dec(&des3_ctx, des3_key)) != 0) { goto exit; - ret = mbedtls_des3_crypt_cbc( &des3_ctx, MBEDTLS_DES_DECRYPT, buflen, - des3_iv, buf, buf ); + } + ret = mbedtls_des3_crypt_cbc(&des3_ctx, MBEDTLS_DES_DECRYPT, buflen, + des3_iv, buf, buf); exit: - mbedtls_des3_free( &des3_ctx ); - mbedtls_platform_zeroize( des3_key, 24 ); + mbedtls_des3_free(&des3_ctx); + mbedtls_platform_zeroize(des3_key, 24); - return( ret ); + return ret; } #endif /* MBEDTLS_DES_C */ @@ -187,45 +206,47 @@ static int pem_des3_decrypt( unsigned char des3_iv[8], /* * Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation */ -static int pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen, - unsigned char *buf, size_t buflen, - const unsigned char *pwd, size_t pwdlen ) +static int pem_aes_decrypt(unsigned char aes_iv[16], unsigned int keylen, + unsigned char *buf, size_t buflen, + const unsigned char *pwd, size_t pwdlen) { mbedtls_aes_context aes_ctx; unsigned char aes_key[32]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_aes_init( &aes_ctx ); + mbedtls_aes_init(&aes_ctx); - if( ( ret = pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen ) ) != 0 ) + if ((ret = pem_pbkdf1(aes_key, keylen, aes_iv, pwd, pwdlen)) != 0) { goto exit; + } - if( ( ret = mbedtls_aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 ) ) != 0 ) + if ((ret = mbedtls_aes_setkey_dec(&aes_ctx, aes_key, keylen * 8)) != 0) { goto exit; - ret = mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_DECRYPT, buflen, - aes_iv, buf, buf ); + } + ret = mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_DECRYPT, buflen, + aes_iv, buf, buf); exit: - mbedtls_aes_free( &aes_ctx ); - mbedtls_platform_zeroize( aes_key, keylen ); + mbedtls_aes_free(&aes_ctx); + mbedtls_platform_zeroize(aes_key, keylen); - return( ret ); + return ret; } #endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ -int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer, - const unsigned char *data, const unsigned char *pwd, - size_t pwdlen, size_t *use_len ) +int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const char *footer, + const unsigned char *data, const unsigned char *pwd, + size_t pwdlen, size_t *use_len) { int ret, enc; size_t len; unsigned char *buf; const unsigned char *s1, *s2, *end; #if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) + (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C)) unsigned char pem_iv[16]; mbedtls_cipher_type_t enc_alg = MBEDTLS_CIPHER_NONE; #else @@ -234,154 +255,181 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const #endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ - if( ctx == NULL ) - return( MBEDTLS_ERR_PEM_BAD_INPUT_DATA ); + if (ctx == NULL) { + return MBEDTLS_ERR_PEM_BAD_INPUT_DATA; + } - s1 = (unsigned char *) strstr( (const char *) data, header ); + s1 = (unsigned char *) strstr((const char *) data, header); - if( s1 == NULL ) - return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); + if (s1 == NULL) { + return MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + } - s2 = (unsigned char *) strstr( (const char *) data, footer ); + s2 = (unsigned char *) strstr((const char *) data, footer); - if( s2 == NULL || s2 <= s1 ) - return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); + if (s2 == NULL || s2 <= s1) { + return MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + } - s1 += strlen( header ); - if( *s1 == ' ' ) s1++; - if( *s1 == '\r' ) s1++; - if( *s1 == '\n' ) s1++; - else return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); + s1 += strlen(header); + if (*s1 == ' ') { + s1++; + } + if (*s1 == '\r') { + s1++; + } + if (*s1 == '\n') { + s1++; + } else { + return MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + } end = s2; - end += strlen( footer ); - if( *end == ' ' ) end++; - if( *end == '\r' ) end++; - if( *end == '\n' ) end++; + end += strlen(footer); + if (*end == ' ') { + end++; + } + if (*end == '\r') { + end++; + } + if (*end == '\n') { + end++; + } *use_len = end - data; enc = 0; - if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 ) - { + if (s2 - s1 >= 22 && memcmp(s1, "Proc-Type: 4,ENCRYPTED", 22) == 0) { #if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) + (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C)) enc++; s1 += 22; - if( *s1 == '\r' ) s1++; - if( *s1 == '\n' ) s1++; - else return( MBEDTLS_ERR_PEM_INVALID_DATA ); + if (*s1 == '\r') { + s1++; + } + if (*s1 == '\n') { + s1++; + } else { + return MBEDTLS_ERR_PEM_INVALID_DATA; + } #if defined(MBEDTLS_DES_C) - if( s2 - s1 >= 23 && memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 ) - { + if (s2 - s1 >= 23 && memcmp(s1, "DEK-Info: DES-EDE3-CBC,", 23) == 0) { enc_alg = MBEDTLS_CIPHER_DES_EDE3_CBC; s1 += 23; - if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8 ) != 0 ) - return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); + if (s2 - s1 < 16 || pem_get_iv(s1, pem_iv, 8) != 0) { + return MBEDTLS_ERR_PEM_INVALID_ENC_IV; + } s1 += 16; - } - else if( s2 - s1 >= 18 && memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 ) - { + } else if (s2 - s1 >= 18 && memcmp(s1, "DEK-Info: DES-CBC,", 18) == 0) { enc_alg = MBEDTLS_CIPHER_DES_CBC; s1 += 18; - if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8) != 0 ) - return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); + if (s2 - s1 < 16 || pem_get_iv(s1, pem_iv, 8) != 0) { + return MBEDTLS_ERR_PEM_INVALID_ENC_IV; + } s1 += 16; } #endif /* MBEDTLS_DES_C */ #if defined(MBEDTLS_AES_C) - if( s2 - s1 >= 14 && memcmp( s1, "DEK-Info: AES-", 14 ) == 0 ) - { - if( s2 - s1 < 22 ) - return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); - else if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 ) + if (s2 - s1 >= 14 && memcmp(s1, "DEK-Info: AES-", 14) == 0) { + if (s2 - s1 < 22) { + return MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG; + } else if (memcmp(s1, "DEK-Info: AES-128-CBC,", 22) == 0) { enc_alg = MBEDTLS_CIPHER_AES_128_CBC; - else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 ) + } else if (memcmp(s1, "DEK-Info: AES-192-CBC,", 22) == 0) { enc_alg = MBEDTLS_CIPHER_AES_192_CBC; - else if( memcmp( s1, "DEK-Info: AES-256-CBC,", 22 ) == 0 ) + } else if (memcmp(s1, "DEK-Info: AES-256-CBC,", 22) == 0) { enc_alg = MBEDTLS_CIPHER_AES_256_CBC; - else - return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); + } else { + return MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG; + } s1 += 22; - if( s2 - s1 < 32 || pem_get_iv( s1, pem_iv, 16 ) != 0 ) - return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); + if (s2 - s1 < 32 || pem_get_iv(s1, pem_iv, 16) != 0) { + return MBEDTLS_ERR_PEM_INVALID_ENC_IV; + } s1 += 32; } #endif /* MBEDTLS_AES_C */ - if( enc_alg == MBEDTLS_CIPHER_NONE ) - return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); + if (enc_alg == MBEDTLS_CIPHER_NONE) { + return MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG; + } - if( *s1 == '\r' ) s1++; - if( *s1 == '\n' ) s1++; - else return( MBEDTLS_ERR_PEM_INVALID_DATA ); + if (*s1 == '\r') { + s1++; + } + if (*s1 == '\n') { + s1++; + } else { + return MBEDTLS_ERR_PEM_INVALID_DATA; + } #else - return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ } - if( s1 >= s2 ) - return( MBEDTLS_ERR_PEM_INVALID_DATA ); + if (s1 >= s2) { + return MBEDTLS_ERR_PEM_INVALID_DATA; + } - ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 ); + ret = mbedtls_base64_decode(NULL, 0, &len, s1, s2 - s1); - if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PEM_INVALID_DATA, ret ) ); + if (ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret); + } - if( ( buf = mbedtls_calloc( 1, len ) ) == NULL ) - return( MBEDTLS_ERR_PEM_ALLOC_FAILED ); + if ((buf = mbedtls_calloc(1, len)) == NULL) { + return MBEDTLS_ERR_PEM_ALLOC_FAILED; + } - if( ( ret = mbedtls_base64_decode( buf, len, &len, s1, s2 - s1 ) ) != 0 ) - { - mbedtls_platform_zeroize( buf, len ); - mbedtls_free( buf ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PEM_INVALID_DATA, ret ) ); + if ((ret = mbedtls_base64_decode(buf, len, &len, s1, s2 - s1)) != 0) { + mbedtls_platform_zeroize(buf, len); + mbedtls_free(buf); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret); } - if( enc != 0 ) - { + if (enc != 0) { #if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) - if( pwd == NULL ) - { - mbedtls_platform_zeroize( buf, len ); - mbedtls_free( buf ); - return( MBEDTLS_ERR_PEM_PASSWORD_REQUIRED ); + (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C)) + if (pwd == NULL) { + mbedtls_platform_zeroize(buf, len); + mbedtls_free(buf); + return MBEDTLS_ERR_PEM_PASSWORD_REQUIRED; } ret = 0; #if defined(MBEDTLS_DES_C) - if( enc_alg == MBEDTLS_CIPHER_DES_EDE3_CBC ) - ret = pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen ); - else if( enc_alg == MBEDTLS_CIPHER_DES_CBC ) - ret = pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen ); + if (enc_alg == MBEDTLS_CIPHER_DES_EDE3_CBC) { + ret = pem_des3_decrypt(pem_iv, buf, len, pwd, pwdlen); + } else if (enc_alg == MBEDTLS_CIPHER_DES_CBC) { + ret = pem_des_decrypt(pem_iv, buf, len, pwd, pwdlen); + } #endif /* MBEDTLS_DES_C */ #if defined(MBEDTLS_AES_C) - if( enc_alg == MBEDTLS_CIPHER_AES_128_CBC ) - ret = pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen ); - else if( enc_alg == MBEDTLS_CIPHER_AES_192_CBC ) - ret = pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen ); - else if( enc_alg == MBEDTLS_CIPHER_AES_256_CBC ) - ret = pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen ); + if (enc_alg == MBEDTLS_CIPHER_AES_128_CBC) { + ret = pem_aes_decrypt(pem_iv, 16, buf, len, pwd, pwdlen); + } else if (enc_alg == MBEDTLS_CIPHER_AES_192_CBC) { + ret = pem_aes_decrypt(pem_iv, 24, buf, len, pwd, pwdlen); + } else if (enc_alg == MBEDTLS_CIPHER_AES_256_CBC) { + ret = pem_aes_decrypt(pem_iv, 32, buf, len, pwd, pwdlen); + } #endif /* MBEDTLS_AES_C */ - if( ret != 0 ) - { - mbedtls_free( buf ); - return( ret ); + if (ret != 0) { + mbedtls_free(buf); + return ret; } /* @@ -390,16 +438,15 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const * * Use that as a heuristic to try to detect password mismatches. */ - if( len <= 2 || buf[0] != 0x30 || buf[1] > 0x83 ) - { - mbedtls_platform_zeroize( buf, len ); - mbedtls_free( buf ); - return( MBEDTLS_ERR_PEM_PASSWORD_MISMATCH ); + if (len <= 2 || buf[0] != 0x30 || buf[1] > 0x83) { + mbedtls_platform_zeroize(buf, len); + mbedtls_free(buf); + return MBEDTLS_ERR_PEM_PASSWORD_MISMATCH; } #else - mbedtls_platform_zeroize( buf, len ); - mbedtls_free( buf ); - return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE ); + mbedtls_platform_zeroize(buf, len); + mbedtls_free(buf); + return MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ } @@ -407,77 +454,73 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const ctx->buf = buf; ctx->buflen = len; - return( 0 ); + return 0; } -void mbedtls_pem_free( mbedtls_pem_context *ctx ) +void mbedtls_pem_free(mbedtls_pem_context *ctx) { - if ( ctx->buf != NULL ) - { - mbedtls_platform_zeroize( ctx->buf, ctx->buflen ); - mbedtls_free( ctx->buf ); + if (ctx->buf != NULL) { + mbedtls_platform_zeroize(ctx->buf, ctx->buflen); + mbedtls_free(ctx->buf); } - mbedtls_free( ctx->info ); + mbedtls_free(ctx->info); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pem_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_pem_context)); } #endif /* MBEDTLS_PEM_PARSE_C */ #if defined(MBEDTLS_PEM_WRITE_C) -int mbedtls_pem_write_buffer( const char *header, const char *footer, - const unsigned char *der_data, size_t der_len, - unsigned char *buf, size_t buf_len, size_t *olen ) +int mbedtls_pem_write_buffer(const char *header, const char *footer, + const unsigned char *der_data, size_t der_len, + unsigned char *buf, size_t buf_len, size_t *olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *encode_buf = NULL, *c, *p = buf; size_t len = 0, use_len, add_len = 0; - mbedtls_base64_encode( NULL, 0, &use_len, der_data, der_len ); - add_len = strlen( header ) + strlen( footer ) + ( use_len / 64 ) + 1; + mbedtls_base64_encode(NULL, 0, &use_len, der_data, der_len); + add_len = strlen(header) + strlen(footer) + (use_len / 64) + 1; - if( use_len + add_len > buf_len ) - { + if (use_len + add_len > buf_len) { *olen = use_len + add_len; - return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL; } - if( use_len != 0 && - ( ( encode_buf = mbedtls_calloc( 1, use_len ) ) == NULL ) ) - return( MBEDTLS_ERR_PEM_ALLOC_FAILED ); + if (use_len != 0 && + ((encode_buf = mbedtls_calloc(1, use_len)) == NULL)) { + return MBEDTLS_ERR_PEM_ALLOC_FAILED; + } - if( ( ret = mbedtls_base64_encode( encode_buf, use_len, &use_len, der_data, - der_len ) ) != 0 ) - { - mbedtls_free( encode_buf ); - return( ret ); + if ((ret = mbedtls_base64_encode(encode_buf, use_len, &use_len, der_data, + der_len)) != 0) { + mbedtls_free(encode_buf); + return ret; } - memcpy( p, header, strlen( header ) ); - p += strlen( header ); + memcpy(p, header, strlen(header)); + p += strlen(header); c = encode_buf; - while( use_len ) - { - len = ( use_len > 64 ) ? 64 : use_len; - memcpy( p, c, len ); + while (use_len) { + len = (use_len > 64) ? 64 : use_len; + memcpy(p, c, len); use_len -= len; p += len; c += len; *p++ = '\n'; } - memcpy( p, footer, strlen( footer ) ); - p += strlen( footer ); + memcpy(p, footer, strlen(footer)); + p += strlen(footer); *p++ = '\0'; *olen = p - buf; - /* Clean any remaining data previously written to the buffer */ - memset( buf + *olen, 0, buf_len - *olen ); + /* Clean any remaining data previously written to the buffer */ + memset(buf + *olen, 0, buf_len - *olen); - mbedtls_free( encode_buf ); - return( 0 ); + mbedtls_free(encode_buf); + return 0; } #endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */ - diff --git a/library/pk.c b/library/pk.c index 05cc2134f1cb..d46a93461aaa 100644 --- a/library/pk.c +++ b/library/pk.c @@ -44,17 +44,17 @@ #include /* Parameter validation macros based on platform_util.h */ -#define PK_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA ) -#define PK_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define PK_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA) +#define PK_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) /* * Initialise a mbedtls_pk_context */ -void mbedtls_pk_init( mbedtls_pk_context *ctx ) +void mbedtls_pk_init(mbedtls_pk_context *ctx) { - PK_VALIDATE( ctx != NULL ); + PK_VALIDATE(ctx != NULL); ctx->pk_info = NULL; ctx->pk_ctx = NULL; @@ -63,24 +63,26 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx ) /* * Free (the components of) a mbedtls_pk_context */ -void mbedtls_pk_free( mbedtls_pk_context *ctx ) +void mbedtls_pk_free(mbedtls_pk_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - if ( ctx->pk_info != NULL ) - ctx->pk_info->ctx_free_func( ctx->pk_ctx ); + if (ctx->pk_info != NULL) { + ctx->pk_info->ctx_free_func(ctx->pk_ctx); + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pk_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_pk_context)); } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* * Initialize a restart context */ -void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ) +void mbedtls_pk_restart_init(mbedtls_pk_restart_ctx *ctx) { - PK_VALIDATE( ctx != NULL ); + PK_VALIDATE(ctx != NULL); ctx->pk_info = NULL; ctx->rs_ctx = NULL; } @@ -88,15 +90,14 @@ void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ) /* * Free the components of a restart context */ -void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ) +void mbedtls_pk_restart_free(mbedtls_pk_restart_ctx *ctx) { - if( ctx == NULL || ctx->pk_info == NULL || - ctx->pk_info->rs_free_func == NULL ) - { + if (ctx == NULL || ctx->pk_info == NULL || + ctx->pk_info->rs_free_func == NULL) { return; } - ctx->pk_info->rs_free_func( ctx->rs_ctx ); + ctx->pk_info->rs_free_func(ctx->rs_ctx); ctx->pk_info = NULL; ctx->rs_ctx = NULL; @@ -106,79 +107,85 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ) /* * Get pk_info structure from type */ -const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ) +const mbedtls_pk_info_t *mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type) { - switch( pk_type ) { + switch (pk_type) { #if defined(MBEDTLS_RSA_C) case MBEDTLS_PK_RSA: - return( &mbedtls_rsa_info ); + return &mbedtls_rsa_info; #endif #if defined(MBEDTLS_ECP_C) case MBEDTLS_PK_ECKEY: - return( &mbedtls_eckey_info ); + return &mbedtls_eckey_info; case MBEDTLS_PK_ECKEY_DH: - return( &mbedtls_eckeydh_info ); + return &mbedtls_eckeydh_info; #endif #if defined(MBEDTLS_ECDSA_C) case MBEDTLS_PK_ECDSA: - return( &mbedtls_ecdsa_info ); + return &mbedtls_ecdsa_info; #endif /* MBEDTLS_PK_RSA_ALT omitted on purpose */ default: - return( NULL ); + return NULL; } } /* * Initialise context */ -int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ) +int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info) { - PK_VALIDATE_RET( ctx != NULL ); - if( info == NULL || ctx->pk_info != NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + PK_VALIDATE_RET(ctx != NULL); + if (info == NULL || ctx->pk_info != NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + if ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } ctx->pk_info = info; - return( 0 ); + return 0; } #if defined(MBEDTLS_USE_PSA_CRYPTO) /* * Initialise a PSA-wrapping context */ -int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, - const psa_key_id_t key ) +int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx, + const psa_key_id_t key) { const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_info; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_id_t *pk_ctx; psa_key_type_t type; - if( ctx == NULL || ctx->pk_info != NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->pk_info != NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( PSA_SUCCESS != psa_get_key_attributes( key, &attributes ) ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - type = psa_get_key_type( &attributes ); - psa_reset_key_attributes( &attributes ); + if (PSA_SUCCESS != psa_get_key_attributes(key, &attributes)) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + type = psa_get_key_type(&attributes); + psa_reset_key_attributes(&attributes); /* Current implementation of can_do() relies on this. */ - if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) ; + if (!PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } - if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + if ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } ctx->pk_info = info; pk_ctx = (psa_key_id_t *) ctx->pk_ctx; *pk_ctx = key; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -186,20 +193,22 @@ int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, /* * Initialize an RSA-alt context */ -int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, - mbedtls_pk_rsa_alt_decrypt_func decrypt_func, - mbedtls_pk_rsa_alt_sign_func sign_func, - mbedtls_pk_rsa_alt_key_len_func key_len_func ) +int mbedtls_pk_setup_rsa_alt(mbedtls_pk_context *ctx, void *key, + mbedtls_pk_rsa_alt_decrypt_func decrypt_func, + mbedtls_pk_rsa_alt_sign_func sign_func, + mbedtls_pk_rsa_alt_key_len_func key_len_func) { mbedtls_rsa_alt_context *rsa_alt; const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info; - PK_VALIDATE_RET( ctx != NULL ); - if( ctx->pk_info != NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + PK_VALIDATE_RET(ctx != NULL); + if (ctx->pk_info != NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + if ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } ctx->pk_info = info; @@ -210,377 +219,406 @@ int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, rsa_alt->sign_func = sign_func; rsa_alt->key_len_func = key_len_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ /* * Tell if a PK can do the operations of the given type */ -int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ) +int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type) { /* A context with null pk_info is not set up yet and can't do anything. * For backward compatibility, also accept NULL instead of a context * pointer. */ - if( ctx == NULL || ctx->pk_info == NULL ) - return( 0 ); + if (ctx == NULL || ctx->pk_info == NULL) { + return 0; + } - return( ctx->pk_info->can_do( type ) ); + return ctx->pk_info->can_do(type); } /* * Helper for mbedtls_pk_sign and mbedtls_pk_verify */ -static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len ) +static inline int pk_hashlen_helper(mbedtls_md_type_t md_alg, size_t *hash_len) { const mbedtls_md_info_t *md_info; - if( *hash_len != 0 && md_alg == MBEDTLS_MD_NONE ) - return( 0 ); + if (*hash_len != 0 && md_alg == MBEDTLS_MD_NONE) { + return 0; + } - if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) - return( -1 ); + if ((md_info = mbedtls_md_info_from_type(md_alg)) == NULL) { + return -1; + } - if ( *hash_len != 0 && *hash_len != mbedtls_md_get_size( md_info ) ) - return ( -1 ); + if (*hash_len != 0 && *hash_len != mbedtls_md_get_size(md_info)) { + return -1; + } - *hash_len = mbedtls_md_get_size( md_info ); - return( 0 ); + *hash_len = mbedtls_md_get_size(md_info); + return 0; } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* * Helper to set up a restart context if needed */ -static int pk_restart_setup( mbedtls_pk_restart_ctx *ctx, - const mbedtls_pk_info_t *info ) +static int pk_restart_setup(mbedtls_pk_restart_ctx *ctx, + const mbedtls_pk_info_t *info) { /* Don't do anything if already set up or invalid */ - if( ctx == NULL || ctx->pk_info != NULL ) - return( 0 ); + if (ctx == NULL || ctx->pk_info != NULL) { + return 0; + } /* Should never happen when we're called */ - if( info->rs_alloc_func == NULL || info->rs_free_func == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (info->rs_alloc_func == NULL || info->rs_free_func == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ( ctx->rs_ctx = info->rs_alloc_func() ) == NULL ) - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + if ((ctx->rs_ctx = info->rs_alloc_func()) == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } ctx->pk_info = info; - return( 0 ); + return 0; } #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /* * Verify a signature (restartable) */ -int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - mbedtls_pk_restart_ctx *rs_ctx ) +int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + mbedtls_pk_restart_ctx *rs_ctx) { - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) || - hash != NULL ); - PK_VALIDATE_RET( sig != NULL ); - - if( ctx->pk_info == NULL || - pk_hashlen_helper( md_alg, &hash_len ) != 0 ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && hash_len == 0) || + hash != NULL); + PK_VALIDATE_RET(sig != NULL); + + if (ctx->pk_info == NULL || + pk_hashlen_helper(md_alg, &hash_len) != 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* optimization: use non-restartable version if restart disabled */ - if( rs_ctx != NULL && + if (rs_ctx != NULL && mbedtls_ecp_restart_is_enabled() && - ctx->pk_info->verify_rs_func != NULL ) - { + ctx->pk_info->verify_rs_func != NULL) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 ) - return( ret ); + if ((ret = pk_restart_setup(rs_ctx, ctx->pk_info)) != 0) { + return ret; + } - ret = ctx->pk_info->verify_rs_func( ctx->pk_ctx, - md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx ); + ret = ctx->pk_info->verify_rs_func(ctx->pk_ctx, + md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx); - if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) - mbedtls_pk_restart_free( rs_ctx ); + if (ret != MBEDTLS_ERR_ECP_IN_PROGRESS) { + mbedtls_pk_restart_free(rs_ctx); + } - return( ret ); + return ret; } #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ (void) rs_ctx; #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ - if( ctx->pk_info->verify_func == NULL ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (ctx->pk_info->verify_func == NULL) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len, - sig, sig_len ) ); + return ctx->pk_info->verify_func(ctx->pk_ctx, md_alg, hash, hash_len, + sig, sig_len); } /* * Verify a signature */ -int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) +int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { - return( mbedtls_pk_verify_restartable( ctx, md_alg, hash, hash_len, - sig, sig_len, NULL ) ); + return mbedtls_pk_verify_restartable(ctx, md_alg, hash, hash_len, + sig, sig_len, NULL); } /* * Verify a signature with options */ -int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, - mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) +int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options, + mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) || - hash != NULL ); - PK_VALIDATE_RET( sig != NULL ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && hash_len == 0) || + hash != NULL); + PK_VALIDATE_RET(sig != NULL); - if( ctx->pk_info == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (ctx->pk_info == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ! mbedtls_pk_can_do( ctx, type ) ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (!mbedtls_pk_can_do(ctx, type)) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - if( type == MBEDTLS_PK_RSASSA_PSS ) - { + if (type == MBEDTLS_PK_RSASSA_PSS) { #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_pk_rsassa_pss_options *pss_opts; #if SIZE_MAX > UINT_MAX - if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } #endif /* SIZE_MAX > UINT_MAX */ - if( options == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (options == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } pss_opts = (const mbedtls_pk_rsassa_pss_options *) options; - if( sig_len < mbedtls_pk_get_len( ctx ) ) - return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); - - ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ), - NULL, NULL, MBEDTLS_RSA_PUBLIC, - md_alg, (unsigned int) hash_len, hash, - pss_opts->mgf1_hash_id, - pss_opts->expected_salt_len, - sig ); - if( ret != 0 ) - return( ret ); - - if( sig_len > mbedtls_pk_get_len( ctx ) ) - return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); - - return( 0 ); + if (sig_len < mbedtls_pk_get_len(ctx)) { + return MBEDTLS_ERR_RSA_VERIFY_FAILED; + } + + ret = mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_pk_rsa(*ctx), + NULL, NULL, MBEDTLS_RSA_PUBLIC, + md_alg, (unsigned int) hash_len, hash, + pss_opts->mgf1_hash_id, + pss_opts->expected_salt_len, + sig); + if (ret != 0) { + return ret; + } + + if (sig_len > mbedtls_pk_get_len(ctx)) { + return MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; + } + + return 0; #else - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */ } /* General case: no options */ - if( options != NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (options != NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - return( mbedtls_pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) ); + return mbedtls_pk_verify(ctx, md_alg, hash, hash_len, sig, sig_len); } /* * Make a signature (restartable) */ -int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_pk_restart_ctx *rs_ctx ) +int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_pk_restart_ctx *rs_ctx) { - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) || - hash != NULL ); - PK_VALIDATE_RET( sig != NULL ); - - if( ctx->pk_info == NULL || - pk_hashlen_helper( md_alg, &hash_len ) != 0 ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && hash_len == 0) || + hash != NULL); + PK_VALIDATE_RET(sig != NULL); + + if (ctx->pk_info == NULL || + pk_hashlen_helper(md_alg, &hash_len) != 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* optimization: use non-restartable version if restart disabled */ - if( rs_ctx != NULL && + if (rs_ctx != NULL && mbedtls_ecp_restart_is_enabled() && - ctx->pk_info->sign_rs_func != NULL ) - { + ctx->pk_info->sign_rs_func != NULL) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 ) - return( ret ); + if ((ret = pk_restart_setup(rs_ctx, ctx->pk_info)) != 0) { + return ret; + } - ret = ctx->pk_info->sign_rs_func( ctx->pk_ctx, md_alg, - hash, hash_len, sig, sig_len, f_rng, p_rng, rs_ctx->rs_ctx ); + ret = ctx->pk_info->sign_rs_func(ctx->pk_ctx, md_alg, + hash, hash_len, sig, sig_len, f_rng, p_rng, + rs_ctx->rs_ctx); - if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) - mbedtls_pk_restart_free( rs_ctx ); + if (ret != MBEDTLS_ERR_ECP_IN_PROGRESS) { + mbedtls_pk_restart_free(rs_ctx); + } - return( ret ); + return ret; } #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ (void) rs_ctx; #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ - if( ctx->pk_info->sign_func == NULL ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (ctx->pk_info->sign_func == NULL) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len, - sig, sig_len, f_rng, p_rng ) ); + return ctx->pk_info->sign_func(ctx->pk_ctx, md_alg, hash, hash_len, + sig, sig_len, f_rng, p_rng); } /* * Make a signature */ -int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - return( mbedtls_pk_sign_restartable( ctx, md_alg, hash, hash_len, - sig, sig_len, f_rng, p_rng, NULL ) ); + return mbedtls_pk_sign_restartable(ctx, md_alg, hash, hash_len, + sig, sig_len, f_rng, p_rng, NULL); } /* * Decrypt message */ -int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_pk_decrypt(mbedtls_pk_context *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( input != NULL || ilen == 0 ); - PK_VALIDATE_RET( output != NULL || osize == 0 ); - PK_VALIDATE_RET( olen != NULL ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET(input != NULL || ilen == 0); + PK_VALIDATE_RET(output != NULL || osize == 0); + PK_VALIDATE_RET(olen != NULL); - if( ctx->pk_info == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (ctx->pk_info == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ctx->pk_info->decrypt_func == NULL ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (ctx->pk_info->decrypt_func == NULL) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen, - output, olen, osize, f_rng, p_rng ) ); + return ctx->pk_info->decrypt_func(ctx->pk_ctx, input, ilen, + output, olen, osize, f_rng, p_rng); } /* * Encrypt message */ -int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_pk_encrypt(mbedtls_pk_context *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( input != NULL || ilen == 0 ); - PK_VALIDATE_RET( output != NULL || osize == 0 ); - PK_VALIDATE_RET( olen != NULL ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET(input != NULL || ilen == 0); + PK_VALIDATE_RET(output != NULL || osize == 0); + PK_VALIDATE_RET(olen != NULL); - if( ctx->pk_info == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (ctx->pk_info == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ctx->pk_info->encrypt_func == NULL ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (ctx->pk_info->encrypt_func == NULL) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen, - output, olen, osize, f_rng, p_rng ) ); + return ctx->pk_info->encrypt_func(ctx->pk_ctx, input, ilen, + output, olen, osize, f_rng, p_rng); } /* * Check public-private key pair */ -int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ) +int mbedtls_pk_check_pair(const mbedtls_pk_context *pub, const mbedtls_pk_context *prv) { - PK_VALIDATE_RET( pub != NULL ); - PK_VALIDATE_RET( prv != NULL ); + PK_VALIDATE_RET(pub != NULL); + PK_VALIDATE_RET(prv != NULL); - if( pub->pk_info == NULL || - prv->pk_info == NULL ) - { - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (pub->pk_info == NULL || + prv->pk_info == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - if( prv->pk_info->check_pair_func == NULL ) - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); - - if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT ) - { - if( pub->pk_info->type != MBEDTLS_PK_RSA ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (prv->pk_info->check_pair_func == NULL) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } - else - { - if( pub->pk_info != prv->pk_info ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + + if (prv->pk_info->type == MBEDTLS_PK_RSA_ALT) { + if (pub->pk_info->type != MBEDTLS_PK_RSA) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } + } else { + if (pub->pk_info != prv->pk_info) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } } - return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) ); + return prv->pk_info->check_pair_func(pub->pk_ctx, prv->pk_ctx); } /* * Get key size in bits */ -size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ) +size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx) { /* For backward compatibility, accept NULL or a context that * isn't set up yet, and return a fake value that should be safe. */ - if( ctx == NULL || ctx->pk_info == NULL ) - return( 0 ); + if (ctx == NULL || ctx->pk_info == NULL) { + return 0; + } - return( ctx->pk_info->get_bitlen( ctx->pk_ctx ) ); + return ctx->pk_info->get_bitlen(ctx->pk_ctx); } /* * Export debug information */ -int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items ) +int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items) { - PK_VALIDATE_RET( ctx != NULL ); - if( ctx->pk_info == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + PK_VALIDATE_RET(ctx != NULL); + if (ctx->pk_info == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ctx->pk_info->debug_func == NULL ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (ctx->pk_info->debug_func == NULL) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - ctx->pk_info->debug_func( ctx->pk_ctx, items ); - return( 0 ); + ctx->pk_info->debug_func(ctx->pk_ctx, items); + return 0; } /* * Access the PK type name */ -const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx ) +const char *mbedtls_pk_get_name(const mbedtls_pk_context *ctx) { - if( ctx == NULL || ctx->pk_info == NULL ) - return( "invalid PK" ); + if (ctx == NULL || ctx->pk_info == NULL) { + return "invalid PK"; + } - return( ctx->pk_info->name ); + return ctx->pk_info->name; } /* * Access the PK type */ -mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ) +mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx) { - if( ctx == NULL || ctx->pk_info == NULL ) - return( MBEDTLS_PK_NONE ); + if (ctx == NULL || ctx->pk_info == NULL) { + return MBEDTLS_PK_NONE; + } - return( ctx->pk_info->type ); + return ctx->pk_info->type; } #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -590,15 +628,15 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ) * * Currently only works for EC private keys. */ -int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, - psa_key_id_t *key, - psa_algorithm_t hash_alg ) +int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk, + psa_key_id_t *key, + psa_algorithm_t hash_alg) { #if !defined(MBEDTLS_ECP_C) ((void) pk); ((void) key); ((void) hash_alg); - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + return MBEDTLS_ERR_PK_TYPE_MISMATCH; #else const mbedtls_ecp_keypair *ec; unsigned char d[MBEDTLS_ECP_MAX_BYTES]; @@ -610,32 +648,35 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* export the private key material in the format PSA wants */ - if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (mbedtls_pk_get_type(pk) != MBEDTLS_PK_ECKEY) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - ec = mbedtls_pk_ec( *pk ); - d_len = ( ec->grp.nbits + 7 ) / 8; - if( ( ret = mbedtls_mpi_write_binary( &ec->d, d, d_len ) ) != 0 ) - return( ret ); + ec = mbedtls_pk_ec(*pk); + d_len = (ec->grp.nbits + 7) / 8; + if ((ret = mbedtls_mpi_write_binary(&ec->d, d, d_len)) != 0) { + return ret; + } - curve_id = mbedtls_ecc_group_to_psa( ec->grp.id, &bits ); - key_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve_id ); + curve_id = mbedtls_ecc_group_to_psa(ec->grp.id, &bits); + key_type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve_id); /* prepare the key attributes */ - psa_set_key_type( &attributes, key_type ); - psa_set_key_bits( &attributes, bits ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(hash_alg) ); + psa_set_key_type(&attributes, key_type); + psa_set_key_bits(&attributes, bits); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(hash_alg)); /* import private key into PSA */ - if( PSA_SUCCESS != psa_import_key( &attributes, d, d_len, key ) ) - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + if (PSA_SUCCESS != psa_import_key(&attributes, d, d_len, key)) { + return MBEDTLS_ERR_PK_HW_ACCEL_FAILED; + } /* make PK context wrap the key slot */ - mbedtls_pk_free( pk ); - mbedtls_pk_init( pk ); + mbedtls_pk_free(pk); + mbedtls_pk_init(pk); - return( mbedtls_pk_setup_opaque( pk, *key ) ); + return mbedtls_pk_setup_opaque(pk, *key); #endif /* MBEDTLS_ECP_C */ } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index f35abf21a46a..f577fccdbba7 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -56,130 +56,138 @@ #include #if defined(MBEDTLS_RSA_C) -static int rsa_can_do( mbedtls_pk_type_t type ) +static int rsa_can_do(mbedtls_pk_type_t type) { - return( type == MBEDTLS_PK_RSA || - type == MBEDTLS_PK_RSASSA_PSS ); + return type == MBEDTLS_PK_RSA || + type == MBEDTLS_PK_RSASSA_PSS; } -static size_t rsa_get_bitlen( const void *ctx ) +static size_t rsa_get_bitlen(const void *ctx) { - const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx; - return( 8 * mbedtls_rsa_get_len( rsa ) ); + const mbedtls_rsa_context *rsa = (const mbedtls_rsa_context *) ctx; + return 8 * mbedtls_rsa_get_len(rsa); } -static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) +static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; - size_t rsa_len = mbedtls_rsa_get_len( rsa ); + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + size_t rsa_len = mbedtls_rsa_get_len(rsa); #if SIZE_MAX > UINT_MAX - if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } #endif /* SIZE_MAX > UINT_MAX */ - if( sig_len < rsa_len ) - return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); + if (sig_len < rsa_len) { + return MBEDTLS_ERR_RSA_VERIFY_FAILED; + } - if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, NULL, - MBEDTLS_RSA_PUBLIC, md_alg, - (unsigned int) hash_len, hash, sig ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_rsa_pkcs1_verify(rsa, NULL, NULL, + MBEDTLS_RSA_PUBLIC, md_alg, + (unsigned int) hash_len, hash, sig)) != 0) { + return ret; + } /* The buffer contains a valid signature followed by extra data. * We have a special error code for that so that so that callers can * use mbedtls_pk_verify() to check "Does the buffer start with a * valid signature?" and not just "Does the buffer contain a valid * signature?". */ - if( sig_len > rsa_len ) - return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); + if (sig_len > rsa_len) { + return MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; + } - return( 0 ); + return 0; } -static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int rsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; #if SIZE_MAX > UINT_MAX - if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } #endif /* SIZE_MAX > UINT_MAX */ - *sig_len = mbedtls_rsa_get_len( rsa ); + *sig_len = mbedtls_rsa_get_len(rsa); - return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, - md_alg, (unsigned int) hash_len, hash, sig ) ); + return mbedtls_rsa_pkcs1_sign(rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, + md_alg, (unsigned int) hash_len, hash, sig); } -static int rsa_decrypt_wrap( void *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int rsa_decrypt_wrap(void *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; - if( ilen != mbedtls_rsa_get_len( rsa ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ilen != mbedtls_rsa_get_len(rsa)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - return( mbedtls_rsa_pkcs1_decrypt( rsa, f_rng, p_rng, - MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); + return mbedtls_rsa_pkcs1_decrypt(rsa, f_rng, p_rng, + MBEDTLS_RSA_PRIVATE, olen, input, output, osize); } -static int rsa_encrypt_wrap( void *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int rsa_encrypt_wrap(void *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; - *olen = mbedtls_rsa_get_len( rsa ); + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + *olen = mbedtls_rsa_get_len(rsa); - if( *olen > osize ) - return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); + if (*olen > osize) { + return MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE; + } - return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC, - ilen, input, output ) ); + return mbedtls_rsa_pkcs1_encrypt(rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC, + ilen, input, output); } -static int rsa_check_pair_wrap( const void *pub, const void *prv ) +static int rsa_check_pair_wrap(const void *pub, const void *prv) { - return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub, - (const mbedtls_rsa_context *) prv ) ); + return mbedtls_rsa_check_pub_priv((const mbedtls_rsa_context *) pub, + (const mbedtls_rsa_context *) prv); } -static void *rsa_alloc_wrap( void ) +static void *rsa_alloc_wrap(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_rsa_context)); - if( ctx != NULL ) - mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 ); + if (ctx != NULL) { + mbedtls_rsa_init((mbedtls_rsa_context *) ctx, 0, 0); + } - return( ctx ); + return ctx; } -static void rsa_free_wrap( void *ctx ) +static void rsa_free_wrap(void *ctx) { - mbedtls_rsa_free( (mbedtls_rsa_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_rsa_free((mbedtls_rsa_context *) ctx); + mbedtls_free(ctx); } -static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items ) +static void rsa_debug(const void *ctx, mbedtls_pk_debug_item *items) { items->type = MBEDTLS_PK_DEBUG_MPI; items->name = "rsa.N"; - items->value = &( ((mbedtls_rsa_context *) ctx)->N ); + items->value = &(((mbedtls_rsa_context *) ctx)->N); items++; items->type = MBEDTLS_PK_DEBUG_MPI; items->name = "rsa.E"; - items->value = &( ((mbedtls_rsa_context *) ctx)->E ); + items->value = &(((mbedtls_rsa_context *) ctx)->E); } const mbedtls_pk_info_t mbedtls_rsa_info = { @@ -210,77 +218,79 @@ const mbedtls_pk_info_t mbedtls_rsa_info = { /* * Generic EC key */ -static int eckey_can_do( mbedtls_pk_type_t type ) +static int eckey_can_do(mbedtls_pk_type_t type) { - return( type == MBEDTLS_PK_ECKEY || - type == MBEDTLS_PK_ECKEY_DH || - type == MBEDTLS_PK_ECDSA ); + return type == MBEDTLS_PK_ECKEY || + type == MBEDTLS_PK_ECKEY_DH || + type == MBEDTLS_PK_ECDSA; } -static size_t eckey_get_bitlen( const void *ctx ) +static size_t eckey_get_bitlen(const void *ctx) { - return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits ); + return ((mbedtls_ecp_keypair *) ctx)->grp.pbits; } #if defined(MBEDTLS_ECDSA_C) /* Forward declarations */ -static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ); - -static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); - -static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) +static int ecdsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len); + +static int ecdsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + +static int eckey_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecdsa_context ecdsa; - mbedtls_ecdsa_init( &ecdsa ); + mbedtls_ecdsa_init(&ecdsa); - if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) - ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len ); + if ((ret = mbedtls_ecdsa_from_keypair(&ecdsa, ctx)) == 0) { + ret = ecdsa_verify_wrap(&ecdsa, md_alg, hash, hash_len, sig, sig_len); + } - mbedtls_ecdsa_free( &ecdsa ); + mbedtls_ecdsa_free(&ecdsa); - return( ret ); + return ret; } -static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int eckey_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecdsa_context ecdsa; - mbedtls_ecdsa_init( &ecdsa ); + mbedtls_ecdsa_init(&ecdsa); - if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) - ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len, - f_rng, p_rng ); + if ((ret = mbedtls_ecdsa_from_keypair(&ecdsa, ctx)) == 0) { + ret = ecdsa_sign_wrap(&ecdsa, md_alg, hash, hash_len, sig, sig_len, + f_rng, p_rng); + } - mbedtls_ecdsa_free( &ecdsa ); + mbedtls_ecdsa_free(&ecdsa); - return( ret ); + return ret; } #if defined(MBEDTLS_ECP_RESTARTABLE) /* Forward declarations */ -static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - void *rs_ctx ); +static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx); -static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - void *rs_ctx ); +static int ecdsa_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + void *rs_ctx); /* * Restart context for ECDSA operations with ECKEY context @@ -288,120 +298,124 @@ static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, * We need to store an actual ECDSA context, as we need to pass the same to * the underlying ecdsa function, so we can't create it on the fly every time. */ -typedef struct -{ +typedef struct { mbedtls_ecdsa_restart_ctx ecdsa_rs; mbedtls_ecdsa_context ecdsa_ctx; } eckey_restart_ctx; -static void *eckey_rs_alloc( void ) +static void *eckey_rs_alloc(void) { eckey_restart_ctx *rs_ctx; - void *ctx = mbedtls_calloc( 1, sizeof( eckey_restart_ctx ) ); + void *ctx = mbedtls_calloc(1, sizeof(eckey_restart_ctx)); - if( ctx != NULL ) - { + if (ctx != NULL) { rs_ctx = ctx; - mbedtls_ecdsa_restart_init( &rs_ctx->ecdsa_rs ); - mbedtls_ecdsa_init( &rs_ctx->ecdsa_ctx ); + mbedtls_ecdsa_restart_init(&rs_ctx->ecdsa_rs); + mbedtls_ecdsa_init(&rs_ctx->ecdsa_ctx); } - return( ctx ); + return ctx; } -static void eckey_rs_free( void *ctx ) +static void eckey_rs_free(void *ctx) { eckey_restart_ctx *rs_ctx; - if( ctx == NULL) + if (ctx == NULL) { return; + } rs_ctx = ctx; - mbedtls_ecdsa_restart_free( &rs_ctx->ecdsa_rs ); - mbedtls_ecdsa_free( &rs_ctx->ecdsa_ctx ); + mbedtls_ecdsa_restart_free(&rs_ctx->ecdsa_rs); + mbedtls_ecdsa_free(&rs_ctx->ecdsa_ctx); - mbedtls_free( ctx ); + mbedtls_free(ctx); } -static int eckey_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - void *rs_ctx ) +static int eckey_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; eckey_restart_ctx *rs = rs_ctx; /* Should never happen */ - if( rs == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (rs == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } /* set up our own sub-context if needed (that is, on first run) */ - if( rs->ecdsa_ctx.grp.pbits == 0 ) - MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) ); + if (rs->ecdsa_ctx.grp.pbits == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, ctx)); + } - MBEDTLS_MPI_CHK( ecdsa_verify_rs_wrap( &rs->ecdsa_ctx, - md_alg, hash, hash_len, - sig, sig_len, &rs->ecdsa_rs ) ); + MBEDTLS_MPI_CHK(ecdsa_verify_rs_wrap(&rs->ecdsa_ctx, + md_alg, hash, hash_len, + sig, sig_len, &rs->ecdsa_rs)); cleanup: - return( ret ); + return ret; } -static int eckey_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - void *rs_ctx ) +static int eckey_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + void *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; eckey_restart_ctx *rs = rs_ctx; /* Should never happen */ - if( rs == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (rs == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } /* set up our own sub-context if needed (that is, on first run) */ - if( rs->ecdsa_ctx.grp.pbits == 0 ) - MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) ); + if (rs->ecdsa_ctx.grp.pbits == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, ctx)); + } - MBEDTLS_MPI_CHK( ecdsa_sign_rs_wrap( &rs->ecdsa_ctx, md_alg, - hash, hash_len, sig, sig_len, - f_rng, p_rng, &rs->ecdsa_rs ) ); + MBEDTLS_MPI_CHK(ecdsa_sign_rs_wrap(&rs->ecdsa_ctx, md_alg, + hash, hash_len, sig, sig_len, + f_rng, p_rng, &rs->ecdsa_rs)); cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDSA_C */ -static int eckey_check_pair( const void *pub, const void *prv ) +static int eckey_check_pair(const void *pub, const void *prv) { - return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub, - (const mbedtls_ecp_keypair *) prv ) ); + return mbedtls_ecp_check_pub_priv((const mbedtls_ecp_keypair *) pub, + (const mbedtls_ecp_keypair *) prv); } -static void *eckey_alloc_wrap( void ) +static void *eckey_alloc_wrap(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecp_keypair)); - if( ctx != NULL ) - mbedtls_ecp_keypair_init( ctx ); + if (ctx != NULL) { + mbedtls_ecp_keypair_init(ctx); + } - return( ctx ); + return ctx; } -static void eckey_free_wrap( void *ctx ) +static void eckey_free_wrap(void *ctx) { - mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx ); - mbedtls_free( ctx ); + mbedtls_ecp_keypair_free((mbedtls_ecp_keypair *) ctx); + mbedtls_free(ctx); } -static void eckey_debug( const void *ctx, mbedtls_pk_debug_item *items ) +static void eckey_debug(const void *ctx, mbedtls_pk_debug_item *items) { items->type = MBEDTLS_PK_DEBUG_ECP; items->name = "eckey.Q"; - items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q ); + items->value = &(((mbedtls_ecp_keypair *) ctx)->Q); } const mbedtls_pk_info_t mbedtls_eckey_info = { @@ -435,10 +449,10 @@ const mbedtls_pk_info_t mbedtls_eckey_info = { /* * EC key restricted to ECDH */ -static int eckeydh_can_do( mbedtls_pk_type_t type ) +static int eckeydh_can_do(mbedtls_pk_type_t type) { - return( type == MBEDTLS_PK_ECKEY || - type == MBEDTLS_PK_ECKEY_DH ); + return type == MBEDTLS_PK_ECKEY || + type == MBEDTLS_PK_ECKEY_DH; } const mbedtls_pk_info_t mbedtls_eckeydh_info = { @@ -466,9 +480,9 @@ const mbedtls_pk_info_t mbedtls_eckeydh_info = { #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_ECDSA_C) -static int ecdsa_can_do( mbedtls_pk_type_t type ) +static int ecdsa_can_do(mbedtls_pk_type_t type) { - return( type == MBEDTLS_PK_ECDSA ); + return type == MBEDTLS_PK_ECDSA; } #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -476,33 +490,32 @@ static int ecdsa_can_do( mbedtls_pk_type_t type ) * An ASN.1 encoded signature is a sequence of two ASN.1 integers. Parse one of * those integers and convert it to the fixed-length encoding expected by PSA. */ -static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end, - unsigned char *to, size_t to_len ) +static int extract_ecdsa_sig_int(unsigned char **from, const unsigned char *end, + unsigned char *to, size_t to_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t unpadded_len, padding_len; - if( ( ret = mbedtls_asn1_get_tag( from, end, &unpadded_len, - MBEDTLS_ASN1_INTEGER ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_asn1_get_tag(from, end, &unpadded_len, + MBEDTLS_ASN1_INTEGER)) != 0) { + return ret; } - while( unpadded_len > 0 && **from == 0x00 ) - { - ( *from )++; + while (unpadded_len > 0 && **from == 0x00) { + (*from)++; unpadded_len--; } - if( unpadded_len > to_len || unpadded_len == 0 ) - return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (unpadded_len > to_len || unpadded_len == 0) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } padding_len = to_len - unpadded_len; - memset( to, 0x00, padding_len ); - memcpy( to + padding_len, *from, unpadded_len ); - ( *from ) += unpadded_len; + memset(to, 0x00, padding_len); + memcpy(to + padding_len, *from, unpadded_len); + (*from) += unpadded_len; - return( 0 ); + return 0; } /* @@ -510,29 +523,32 @@ static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end * to a raw {r,s} buffer. Note: the provided sig buffer must be at least * twice as big as int_size. */ -static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, - unsigned char *sig, size_t int_size ) +static int extract_ecdsa_sig(unsigned char **p, const unsigned char *end, + unsigned char *sig, size_t int_size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t tmp_size; - if( ( ret = mbedtls_asn1_get_tag( p, end, &tmp_size, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &tmp_size, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return ret; + } /* Extract r */ - if( ( ret = extract_ecdsa_sig_int( p, end, sig, int_size ) ) != 0 ) - return( ret ); + if ((ret = extract_ecdsa_sig_int(p, end, sig, int_size)) != 0) { + return ret; + } /* Extract s */ - if( ( ret = extract_ecdsa_sig_int( p, end, sig + int_size, int_size ) ) != 0 ) - return( ret ); + if ((ret = extract_ecdsa_sig_int(p, end, sig + int_size, int_size)) != 0) { + return ret; + } - return( 0 ); + return 0; } -static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) +static int ecdsa_verify_wrap(void *ctx_arg, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { mbedtls_ecdsa_context *ctx = ctx_arg; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -548,162 +564,163 @@ static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA_ANY; size_t curve_bits; psa_ecc_family_t curve = - mbedtls_ecc_group_to_psa( ctx->grp.id, &curve_bits ); - const size_t signature_part_size = ( ctx->grp.nbits + 7 ) / 8; + mbedtls_ecc_group_to_psa(ctx->grp.id, &curve_bits); + const size_t signature_part_size = (ctx->grp.nbits + 7) / 8; ((void) md_alg); - if( curve == 0 ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (curve == 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } /* mbedtls_pk_write_pubkey() expects a full PK context; * re-construct one to make it happy */ key.pk_info = &pk_info; key.pk_ctx = ctx; - p = buf + sizeof( buf ); - key_len = mbedtls_pk_write_pubkey( &p, buf, &key ); - if( key_len <= 0 ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - psa_set_key_type( &attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, psa_sig_md ); - - status = psa_import_key( &attributes, - buf + sizeof( buf ) - key_len, key_len, - &key_id ); - if( status != PSA_SUCCESS ) - { - ret = mbedtls_psa_err_translate_pk( status ); + p = buf + sizeof(buf); + key_len = mbedtls_pk_write_pubkey(&p, buf, &key); + if (key_len <= 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, psa_sig_md); + + status = psa_import_key(&attributes, + buf + sizeof(buf) - key_len, key_len, + &key_id); + if (status != PSA_SUCCESS) { + ret = mbedtls_psa_err_translate_pk(status); goto cleanup; } /* We don't need the exported key anymore and can * reuse its buffer for signature extraction. */ - if( 2 * signature_part_size > sizeof( buf ) ) - { + if (2 * signature_part_size > sizeof(buf)) { ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; goto cleanup; } - p = (unsigned char*) sig; - if( ( ret = extract_ecdsa_sig( &p, sig + sig_len, buf, - signature_part_size ) ) != 0 ) - { + p = (unsigned char *) sig; + if ((ret = extract_ecdsa_sig(&p, sig + sig_len, buf, + signature_part_size)) != 0) { goto cleanup; } - if( psa_verify_hash( key_id, psa_sig_md, - hash, hash_len, - buf, 2 * signature_part_size ) - != PSA_SUCCESS ) - { - ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; - goto cleanup; + if (psa_verify_hash(key_id, psa_sig_md, + hash, hash_len, + buf, 2 * signature_part_size) + != PSA_SUCCESS) { + ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; + goto cleanup; } - if( p != sig + sig_len ) - { + if (p != sig + sig_len) { ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; goto cleanup; } ret = 0; cleanup: - psa_destroy_key( key_id ); - return( ret ); + psa_destroy_key(key_id); + return ret; } #else /* MBEDTLS_USE_PSA_CRYPTO */ -static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) +static int ecdsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) md_alg); - ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx, - hash, hash_len, sig, sig_len ); + ret = mbedtls_ecdsa_read_signature((mbedtls_ecdsa_context *) ctx, + hash, hash_len, sig, sig_len); - if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH ) - return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); + if (ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) { + return MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; + } - return( ret ); + return ret; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ -static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int ecdsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx, - md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) ); + return mbedtls_ecdsa_write_signature((mbedtls_ecdsa_context *) ctx, + md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng); } #if defined(MBEDTLS_ECP_RESTARTABLE) -static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - void *rs_ctx ) +static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) md_alg); ret = mbedtls_ecdsa_read_signature_restartable( - (mbedtls_ecdsa_context *) ctx, - hash, hash_len, sig, sig_len, - (mbedtls_ecdsa_restart_ctx *) rs_ctx ); + (mbedtls_ecdsa_context *) ctx, + hash, hash_len, sig, sig_len, + (mbedtls_ecdsa_restart_ctx *) rs_ctx); - if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH ) - return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); + if (ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) { + return MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; + } - return( ret ); + return ret; } -static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - void *rs_ctx ) +static int ecdsa_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + void *rs_ctx) { - return( mbedtls_ecdsa_write_signature_restartable( - (mbedtls_ecdsa_context *) ctx, - md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng, - (mbedtls_ecdsa_restart_ctx *) rs_ctx ) ); + return mbedtls_ecdsa_write_signature_restartable( + (mbedtls_ecdsa_context *) ctx, + md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng, + (mbedtls_ecdsa_restart_ctx *) rs_ctx); } #endif /* MBEDTLS_ECP_RESTARTABLE */ -static void *ecdsa_alloc_wrap( void ) +static void *ecdsa_alloc_wrap(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecdsa_context)); - if( ctx != NULL ) - mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx ); + if (ctx != NULL) { + mbedtls_ecdsa_init((mbedtls_ecdsa_context *) ctx); + } - return( ctx ); + return ctx; } -static void ecdsa_free_wrap( void *ctx ) +static void ecdsa_free_wrap(void *ctx) { - mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_ecdsa_free((mbedtls_ecdsa_context *) ctx); + mbedtls_free(ctx); } #if defined(MBEDTLS_ECP_RESTARTABLE) -static void *ecdsa_rs_alloc( void ) +static void *ecdsa_rs_alloc(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_restart_ctx ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecdsa_restart_ctx)); - if( ctx != NULL ) - mbedtls_ecdsa_restart_init( ctx ); + if (ctx != NULL) { + mbedtls_ecdsa_restart_init(ctx); + } - return( ctx ); + return ctx; } -static void ecdsa_rs_free( void *ctx ) +static void ecdsa_rs_free(void *ctx) { - mbedtls_ecdsa_restart_free( ctx ); - mbedtls_free( ctx ); + mbedtls_ecdsa_restart_free(ctx); + mbedtls_free(ctx); } #endif /* MBEDTLS_ECP_RESTARTABLE */ @@ -736,99 +753,102 @@ const mbedtls_pk_info_t mbedtls_ecdsa_info = { * Support for alternative RSA-private implementations */ -static int rsa_alt_can_do( mbedtls_pk_type_t type ) +static int rsa_alt_can_do(mbedtls_pk_type_t type) { - return( type == MBEDTLS_PK_RSA ); + return type == MBEDTLS_PK_RSA; } -static size_t rsa_alt_get_bitlen( const void *ctx ) +static size_t rsa_alt_get_bitlen(const void *ctx) { const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx; - return( 8 * rsa_alt->key_len_func( rsa_alt->key ) ); + return 8 * rsa_alt->key_len_func(rsa_alt->key); } -static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int rsa_alt_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; #if SIZE_MAX > UINT_MAX - if( UINT_MAX < hash_len ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (UINT_MAX < hash_len) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } #endif /* SIZE_MAX > UINT_MAX */ - *sig_len = rsa_alt->key_len_func( rsa_alt->key ); - if( *sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + *sig_len = rsa_alt->key_len_func(rsa_alt->key); + if (*sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, - md_alg, (unsigned int) hash_len, hash, sig ) ); + return rsa_alt->sign_func(rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, + md_alg, (unsigned int) hash_len, hash, sig); } -static int rsa_alt_decrypt_wrap( void *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int rsa_alt_decrypt_wrap(void *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; ((void) f_rng); ((void) p_rng); - if( ilen != rsa_alt->key_len_func( rsa_alt->key ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ilen != rsa_alt->key_len_func(rsa_alt->key)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - return( rsa_alt->decrypt_func( rsa_alt->key, - MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); + return rsa_alt->decrypt_func(rsa_alt->key, + MBEDTLS_RSA_PRIVATE, olen, input, output, osize); } #if defined(MBEDTLS_RSA_C) -static int rsa_alt_check_pair( const void *pub, const void *prv ) +static int rsa_alt_check_pair(const void *pub, const void *prv) { unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; unsigned char hash[32]; size_t sig_len = 0; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) ) - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (rsa_alt_get_bitlen(prv) != rsa_get_bitlen(pub)) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; + } - memset( hash, 0x2a, sizeof( hash ) ); + memset(hash, 0x2a, sizeof(hash)); - if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE, - hash, sizeof( hash ), - sig, &sig_len, NULL, NULL ) ) != 0 ) - { - return( ret ); + if ((ret = rsa_alt_sign_wrap((void *) prv, MBEDTLS_MD_NONE, + hash, sizeof(hash), + sig, &sig_len, NULL, NULL)) != 0) { + return ret; } - if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE, - hash, sizeof( hash ), sig, sig_len ) != 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (rsa_verify_wrap((void *) pub, MBEDTLS_MD_NONE, + hash, sizeof(hash), sig, sig_len) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - return( 0 ); + return 0; } #endif /* MBEDTLS_RSA_C */ -static void *rsa_alt_alloc_wrap( void ) +static void *rsa_alt_alloc_wrap(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_rsa_alt_context)); - if( ctx != NULL ) - memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) ); + if (ctx != NULL) { + memset(ctx, 0, sizeof(mbedtls_rsa_alt_context)); + } - return( ctx ); + return ctx; } -static void rsa_alt_free_wrap( void *ctx ) +static void rsa_alt_free_wrap(void *ctx) { - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) ); - mbedtls_free( ctx ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_rsa_alt_context)); + mbedtls_free(ctx); } const mbedtls_pk_info_t mbedtls_rsa_alt_info = { @@ -862,42 +882,43 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = { #if defined(MBEDTLS_USE_PSA_CRYPTO) -static void *pk_opaque_alloc_wrap( void ) +static void *pk_opaque_alloc_wrap(void) { - void *ctx = mbedtls_calloc( 1, sizeof( psa_key_id_t ) ); + void *ctx = mbedtls_calloc(1, sizeof(psa_key_id_t)); /* no _init() function to call, as calloc() already zeroized */ - return( ctx ); + return ctx; } -static void pk_opaque_free_wrap( void *ctx ) +static void pk_opaque_free_wrap(void *ctx) { - mbedtls_platform_zeroize( ctx, sizeof( psa_key_id_t ) ); - mbedtls_free( ctx ); + mbedtls_platform_zeroize(ctx, sizeof(psa_key_id_t)); + mbedtls_free(ctx); } -static size_t pk_opaque_get_bitlen( const void *ctx ) +static size_t pk_opaque_get_bitlen(const void *ctx) { const psa_key_id_t *key = (const psa_key_id_t *) ctx; size_t bits; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - if( PSA_SUCCESS != psa_get_key_attributes( *key, &attributes ) ) - return( 0 ); + if (PSA_SUCCESS != psa_get_key_attributes(*key, &attributes)) { + return 0; + } - bits = psa_get_key_bits( &attributes ); - psa_reset_key_attributes( &attributes ); - return( bits ); + bits = psa_get_key_bits(&attributes); + psa_reset_key_attributes(&attributes); + return bits; } -static int pk_opaque_can_do( mbedtls_pk_type_t type ) +static int pk_opaque_can_do(mbedtls_pk_type_t type) { /* For now opaque PSA keys can only wrap ECC keypairs, * as checked by setup_psa(). * Also, ECKEY_DH does not really make sense with the current API. */ - return( type == MBEDTLS_PK_ECKEY || - type == MBEDTLS_PK_ECDSA ); + return type == MBEDTLS_PK_ECKEY || + type == MBEDTLS_PK_ECDSA; } #if defined(MBEDTLS_ECDSA_C) @@ -911,48 +932,49 @@ static int pk_opaque_can_do( mbedtls_pk_type_t type ) * start: start of the output buffer, and also of the mpi to write at the end * n_len: length of the mpi to read from start */ -static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, - size_t n_len ) +static int asn1_write_mpibuf(unsigned char **p, unsigned char *start, + size_t n_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - if( (size_t)( *p - start ) < n_len ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if ((size_t) (*p - start) < n_len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } len = n_len; *p -= len; - memmove( *p, start, len ); + memmove(*p, start, len); /* ASN.1 DER encoding requires minimal length, so skip leading 0s. * Neither r nor s should be 0, but as a failsafe measure, still detect * that rather than overflowing the buffer in case of a PSA error. */ - while( len > 0 && **p == 0x00 ) - { + while (len > 0 && **p == 0x00) { ++(*p); --len; } /* this is only reached if the signature was invalid */ - if( len == 0 ) - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + if (len == 0) { + return MBEDTLS_ERR_PK_HW_ACCEL_FAILED; + } /* if the msb is 1, ASN.1 requires that we prepend a 0. * Neither r nor s can be 0, so we can assume len > 0 at all times. */ - if( **p & 0x80 ) - { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (**p & 0x80) { + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = 0x00; len += 1; } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_INTEGER ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_INTEGER)); - return( (int) len ); + return (int) len; } /* Transcode signature from PSA format to ASN.1 sequence. @@ -963,33 +985,34 @@ static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, * [in/out] sig_len: signature length pre- and post-transcoding * [int] buf_len: the available size the in/out buffer */ -static int pk_ecdsa_sig_asn1_from_psa( unsigned char *sig, size_t *sig_len, - size_t buf_len ) +static int pk_ecdsa_sig_asn1_from_psa(unsigned char *sig, size_t *sig_len, + size_t buf_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; const size_t rs_len = *sig_len / 2; unsigned char *p = sig + buf_len; - MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig + rs_len, rs_len ) ); - MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig, rs_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, asn1_write_mpibuf(&p, sig + rs_len, rs_len)); + MBEDTLS_ASN1_CHK_ADD(len, asn1_write_mpibuf(&p, sig, rs_len)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, sig, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, sig, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, sig, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, sig, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - memmove( sig, p, len ); + memmove(sig, p, len); *sig_len = len; - return( 0 ); + return 0; } #endif /* MBEDTLS_ECDSA_C */ -static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int pk_opaque_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { #if !defined(MBEDTLS_ECDSA_C) ((void) ctx); @@ -1000,11 +1023,11 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, ((void) sig_len); ((void) f_rng); ((void) p_rng); - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; #else /* !MBEDTLS_ECDSA_C */ const psa_key_id_t *key = (const psa_key_id_t *) ctx; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) ); + psa_algorithm_t alg = PSA_ALG_ECDSA(mbedtls_psa_translate_md(md_alg)); size_t buf_len; psa_status_t status; @@ -1016,22 +1039,25 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, * that information. Assume that the buffer is large enough for a * maximal-length signature with that key (otherwise the application is * buggy anyway). */ - status = psa_get_key_attributes( *key, &attributes ); - if( status != PSA_SUCCESS ) - return( mbedtls_psa_err_translate_pk( status ) ); - buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( psa_get_key_bits( &attributes ) ); - psa_reset_key_attributes( &attributes ); - if( buf_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + status = psa_get_key_attributes(*key, &attributes); + if (status != PSA_SUCCESS) { + return mbedtls_psa_err_translate_pk(status); + } + buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN(psa_get_key_bits(&attributes)); + psa_reset_key_attributes(&attributes); + if (buf_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } /* make the signature */ - status = psa_sign_hash( *key, alg, hash, hash_len, - sig, buf_len, sig_len ); - if( status != PSA_SUCCESS ) - return( mbedtls_psa_err_translate_pk( status ) ); + status = psa_sign_hash(*key, alg, hash, hash_len, + sig, buf_len, sig_len); + if (status != PSA_SUCCESS) { + return mbedtls_psa_err_translate_pk(status); + } /* transcode it to ASN.1 sequence */ - return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, buf_len ) ); + return pk_ecdsa_sig_asn1_from_psa(sig, sig_len, buf_len); #endif /* !MBEDTLS_ECDSA_C */ } diff --git a/library/pkcs11.c b/library/pkcs11.c index a7207cfc930f..8ba40caf91d4 100644 --- a/library/pkcs11.c +++ b/library/pkcs11.c @@ -33,46 +33,41 @@ #include -void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ) +void mbedtls_pkcs11_init(mbedtls_pkcs11_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_pkcs11_context ) ); + memset(ctx, 0, sizeof(mbedtls_pkcs11_context)); } -int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert ) +int mbedtls_pkcs11_x509_cert_bind(mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert) { int ret = 1; unsigned char *cert_blob = NULL; size_t cert_blob_size = 0; - if( cert == NULL ) - { + if (cert == NULL) { ret = 2; goto cleanup; } - if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, NULL, - &cert_blob_size ) != CKR_OK ) - { + if (pkcs11h_certificate_getCertificateBlob(pkcs11_cert, NULL, + &cert_blob_size) != CKR_OK) { ret = 3; goto cleanup; } - cert_blob = mbedtls_calloc( 1, cert_blob_size ); - if( NULL == cert_blob ) - { + cert_blob = mbedtls_calloc(1, cert_blob_size); + if (NULL == cert_blob) { ret = 4; goto cleanup; } - if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, cert_blob, - &cert_blob_size ) != CKR_OK ) - { + if (pkcs11h_certificate_getCertificateBlob(pkcs11_cert, cert_blob, + &cert_blob_size) != CKR_OK) { ret = 5; goto cleanup; } - if( 0 != mbedtls_x509_crt_parse( cert, cert_blob, cert_blob_size ) ) - { + if (0 != mbedtls_x509_crt_parse(cert, cert_blob, cert_blob_size)) { ret = 6; goto cleanup; } @@ -80,121 +75,128 @@ int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t ret = 0; cleanup: - if( NULL != cert_blob ) - mbedtls_free( cert_blob ); + if (NULL != cert_blob) { + mbedtls_free(cert_blob); + } - return( ret ); + return ret; } -int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key, - pkcs11h_certificate_t pkcs11_cert ) +int mbedtls_pkcs11_priv_key_bind(mbedtls_pkcs11_context *priv_key, + pkcs11h_certificate_t pkcs11_cert) { int ret = 1; mbedtls_x509_crt cert; - mbedtls_x509_crt_init( &cert ); + mbedtls_x509_crt_init(&cert); - if( priv_key == NULL ) + if (priv_key == NULL) { goto cleanup; + } - if( 0 != mbedtls_pkcs11_x509_cert_bind( &cert, pkcs11_cert ) ) + if (0 != mbedtls_pkcs11_x509_cert_bind(&cert, pkcs11_cert)) { goto cleanup; + } - priv_key->len = mbedtls_pk_get_len( &cert.pk ); + priv_key->len = mbedtls_pk_get_len(&cert.pk); priv_key->pkcs11h_cert = pkcs11_cert; ret = 0; cleanup: - mbedtls_x509_crt_free( &cert ); + mbedtls_x509_crt_free(&cert); - return( ret ); + return ret; } -void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key ) +void mbedtls_pkcs11_priv_key_free(mbedtls_pkcs11_context *priv_key) { - if( NULL != priv_key ) - pkcs11h_certificate_freeCertificate( priv_key->pkcs11h_cert ); + if (NULL != priv_key) { + pkcs11h_certificate_freeCertificate(priv_key->pkcs11h_cert); + } } -int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ) +int mbedtls_pkcs11_decrypt(mbedtls_pkcs11_context *ctx, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len) { size_t input_len, output_len; - if( NULL == ctx ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (NULL == ctx) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( MBEDTLS_RSA_PRIVATE != mode ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (MBEDTLS_RSA_PRIVATE != mode) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } output_len = input_len = ctx->len; - if( input_len < 16 || input_len > output_max_len ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (input_len < 16 || input_len > output_max_len) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* Determine size of output buffer */ - if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input, - input_len, NULL, &output_len ) != CKR_OK ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (pkcs11h_certificate_decryptAny(ctx->pkcs11h_cert, CKM_RSA_PKCS, input, + input_len, NULL, &output_len) != CKR_OK) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - if( output_len > output_max_len ) - return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); + if (output_len > output_max_len) { + return MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE; + } - if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input, - input_len, output, &output_len ) != CKR_OK ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (pkcs11h_certificate_decryptAny(ctx->pkcs11h_cert, CKM_RSA_PKCS, input, + input_len, output, &output_len) != CKR_OK) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } *olen = output_len; - return( 0 ); + return 0; } -int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ) +int mbedtls_pkcs11_sign(mbedtls_pkcs11_context *ctx, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig) { size_t sig_len = 0, asn_len = 0, oid_size = 0; unsigned char *p = sig; const char *oid; - if( NULL == ctx ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (NULL == ctx) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( MBEDTLS_RSA_PRIVATE != mode ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (MBEDTLS_RSA_PRIVATE != mode) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( md_alg != MBEDTLS_MD_NONE ) - { - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (md_alg != MBEDTLS_MD_NONE) { + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_alg); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mbedtls_oid_get_oid_by_md(md_alg, &oid, &oid_size) != 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hashlen = mbedtls_md_get_size( md_info ); + hashlen = mbedtls_md_get_size(md_info); asn_len = 10 + oid_size; } sig_len = ctx->len; - if( hashlen > sig_len || asn_len > sig_len || - hashlen + asn_len > sig_len ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (hashlen > sig_len || asn_len > sig_len || + hashlen + asn_len > sig_len) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - if( md_alg != MBEDTLS_MD_NONE ) - { + if (md_alg != MBEDTLS_MD_NONE) { /* * DigestInfo ::= SEQUENCE { * digestAlgorithm DigestAlgorithmIdentifier, @@ -205,12 +207,12 @@ int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, * Digest ::= OCTET STRING */ *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; - *p++ = (unsigned char) ( 0x08 + oid_size + hashlen ); + *p++ = (unsigned char) (0x08 + oid_size + hashlen); *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; - *p++ = (unsigned char) ( 0x04 + oid_size ); + *p++ = (unsigned char) (0x04 + oid_size); *p++ = MBEDTLS_ASN1_OID; *p++ = oid_size & 0xFF; - memcpy( p, oid, oid_size ); + memcpy(p, oid, oid_size); p += oid_size; *p++ = MBEDTLS_ASN1_NULL; *p++ = 0x00; @@ -218,15 +220,14 @@ int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, *p++ = hashlen; } - memcpy( p, hash, hashlen ); + memcpy(p, hash, hashlen); - if( pkcs11h_certificate_signAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, sig, - asn_len + hashlen, sig, &sig_len ) != CKR_OK ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (pkcs11h_certificate_signAny(ctx->pkcs11h_cert, CKM_RSA_PKCS, sig, + asn_len + hashlen, sig, &sig_len) != CKR_OK) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - return( 0 ); + return 0; } #endif /* defined(MBEDTLS_PKCS11_C) */ diff --git a/library/pkcs12.c b/library/pkcs12.c index cacf7dba2211..039026b23fce 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -45,8 +45,8 @@ #if defined(MBEDTLS_ASN1_PARSE_C) -static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params, - mbedtls_asn1_buf *salt, int *iterations ) +static int pkcs12_parse_pbe_params(mbedtls_asn1_buf *params, + mbedtls_asn1_buf *salt, int *iterations) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char **p = ¶ms->p; @@ -59,76 +59,82 @@ static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params, * } * */ - if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } - if( ( ret = mbedtls_asn1_get_tag( p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret); + } salt->p = *p; *p += salt->len; - if( ( ret = mbedtls_asn1_get_int( p, end, iterations ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(p, end, iterations)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret); + } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } #define PKCS12_MAX_PWDLEN 128 -static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_type_t md_type, - const unsigned char *pwd, size_t pwdlen, - unsigned char *key, size_t keylen, - unsigned char *iv, size_t ivlen ) +static int pkcs12_pbe_derive_key_iv(mbedtls_asn1_buf *pbe_params, mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + unsigned char *key, size_t keylen, + unsigned char *iv, size_t ivlen) { int ret, iterations = 0; mbedtls_asn1_buf salt; size_t i; unsigned char unipwd[PKCS12_MAX_PWDLEN * 2 + 2]; - if( pwdlen > PKCS12_MAX_PWDLEN ) - return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if (pwdlen > PKCS12_MAX_PWDLEN) { + return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; + } - memset( &salt, 0, sizeof(mbedtls_asn1_buf) ); - memset( &unipwd, 0, sizeof(unipwd) ); + memset(&salt, 0, sizeof(mbedtls_asn1_buf)); + memset(&unipwd, 0, sizeof(unipwd)); - if( ( ret = pkcs12_parse_pbe_params( pbe_params, &salt, - &iterations ) ) != 0 ) - return( ret ); + if ((ret = pkcs12_parse_pbe_params(pbe_params, &salt, + &iterations)) != 0) { + return ret; + } - for( i = 0; i < pwdlen; i++ ) + for (i = 0; i < pwdlen; i++) { unipwd[i * 2 + 1] = pwd[i]; + } - if( ( ret = mbedtls_pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2, - salt.p, salt.len, md_type, - MBEDTLS_PKCS12_DERIVE_KEY, iterations ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pkcs12_derivation(key, keylen, unipwd, pwdlen * 2 + 2, + salt.p, salt.len, md_type, + MBEDTLS_PKCS12_DERIVE_KEY, iterations)) != 0) { + return ret; } - if( iv == NULL || ivlen == 0 ) - return( 0 ); + if (iv == NULL || ivlen == 0) { + return 0; + } - if( ( ret = mbedtls_pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2, - salt.p, salt.len, md_type, - MBEDTLS_PKCS12_DERIVE_IV, iterations ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pkcs12_derivation(iv, ivlen, unipwd, pwdlen * 2 + 2, + salt.p, salt.len, md_type, + MBEDTLS_PKCS12_DERIVE_IV, iterations)) != 0) { + return ret; } - return( 0 ); + return 0; } #undef PKCS12_MAX_PWDLEN -int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *data, size_t len, - unsigned char *output ) +int mbedtls_pkcs12_pbe_sha1_rc4_128(mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output) { #if !defined(MBEDTLS_ARC4_C) ((void) pbe_params); @@ -138,39 +144,39 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, ((void) data); ((void) len); ((void) output); - return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char key[16]; mbedtls_arc4_context ctx; ((void) mode); - mbedtls_arc4_init( &ctx ); + mbedtls_arc4_init(&ctx); - if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, MBEDTLS_MD_SHA1, - pwd, pwdlen, - key, 16, NULL, 0 ) ) != 0 ) - { - return( ret ); + if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, MBEDTLS_MD_SHA1, + pwd, pwdlen, + key, 16, NULL, 0)) != 0) { + return ret; } - mbedtls_arc4_setup( &ctx, key, 16 ); - if( ( ret = mbedtls_arc4_crypt( &ctx, len, data, output ) ) != 0 ) + mbedtls_arc4_setup(&ctx, key, 16); + if ((ret = mbedtls_arc4_crypt(&ctx, len, data, output)) != 0) { goto exit; + } exit: - mbedtls_platform_zeroize( key, sizeof( key ) ); - mbedtls_arc4_free( &ctx ); + mbedtls_platform_zeroize(key, sizeof(key)); + mbedtls_arc4_free(&ctx); - return( ret ); + return ret; #endif /* MBEDTLS_ARC4_C */ } -int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, - mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *data, size_t len, - unsigned char *output ) +int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output) { int ret, keylen = 0; unsigned char key[32]; @@ -179,73 +185,76 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, mbedtls_cipher_context_t cipher_ctx; size_t olen = 0; - if( pwd == NULL && pwdlen != 0 ) - return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if (pwd == NULL && pwdlen != 0) { + return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; + } - cipher_info = mbedtls_cipher_info_from_type( cipher_type ); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); + cipher_info = mbedtls_cipher_info_from_type(cipher_type); + if (cipher_info == NULL) { + return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE; + } keylen = cipher_info->key_bitlen / 8; - if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, md_type, pwd, pwdlen, - key, keylen, - iv, cipher_info->iv_size ) ) != 0 ) - { - return( ret ); + if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen, + key, keylen, + iv, cipher_info->iv_size)) != 0) { + return ret; } - mbedtls_cipher_init( &cipher_ctx ); + mbedtls_cipher_init(&cipher_ctx); - if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 ) + if ((ret = mbedtls_cipher_setup(&cipher_ctx, cipher_info)) != 0) { goto exit; + } - if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 ) + if ((ret = + mbedtls_cipher_setkey(&cipher_ctx, key, 8 * keylen, + (mbedtls_operation_t) mode)) != 0) { goto exit; + } - if( ( ret = mbedtls_cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 ) + if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, cipher_info->iv_size)) != 0) { goto exit; + } - if( ( ret = mbedtls_cipher_reset( &cipher_ctx ) ) != 0 ) + if ((ret = mbedtls_cipher_reset(&cipher_ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_cipher_update( &cipher_ctx, data, len, - output, &olen ) ) != 0 ) - { + if ((ret = mbedtls_cipher_update(&cipher_ctx, data, len, + output, &olen)) != 0) { goto exit; } - if( ( ret = mbedtls_cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 ) + if ((ret = mbedtls_cipher_finish(&cipher_ctx, output + olen, &olen)) != 0) { ret = MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH; + } exit: - mbedtls_platform_zeroize( key, sizeof( key ) ); - mbedtls_platform_zeroize( iv, sizeof( iv ) ); - mbedtls_cipher_free( &cipher_ctx ); + mbedtls_platform_zeroize(key, sizeof(key)); + mbedtls_platform_zeroize(iv, sizeof(iv)); + mbedtls_cipher_free(&cipher_ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_ASN1_PARSE_C */ -static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, - const unsigned char *filler, size_t fill_len ) +static void pkcs12_fill_buffer(unsigned char *data, size_t data_len, + const unsigned char *filler, size_t fill_len) { unsigned char *p = data; size_t use_len; - if( filler != NULL && fill_len != 0 ) - { - while( data_len > 0 ) - { - use_len = ( data_len > fill_len ) ? fill_len : data_len; - memcpy( p, filler, use_len ); + if (filler != NULL && fill_len != 0) { + while (data_len > 0) { + use_len = (data_len > fill_len) ? fill_len : data_len; + memcpy(p, filler, use_len); p += use_len; data_len -= use_len; } - } - else - { + } else { /* If either of the above are not true then clearly there is nothing * that this function can do. The function should *not* be called * under either of those circumstances, as you could end up with an @@ -254,10 +263,10 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, } } -int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *salt, size_t saltlen, - mbedtls_md_type_t md_type, int id, int iterations ) +int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *salt, size_t saltlen, + mbedtls_md_type_t md_type, int id, int iterations) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned int j; @@ -276,114 +285,119 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, mbedtls_md_context_t md_ctx; // This version only allows max of 64 bytes of password or salt - if( datalen > 128 || pwdlen > 64 || saltlen > 64 ) - return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if (datalen > 128 || pwdlen > 64 || saltlen > 64) { + return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; + } - if( pwd == NULL && pwdlen != 0 ) - return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if (pwd == NULL && pwdlen != 0) { + return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; + } - if( salt == NULL && saltlen != 0 ) - return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if (salt == NULL && saltlen != 0) { + return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; + } - use_password = ( pwd && pwdlen != 0 ); - use_salt = ( salt && saltlen != 0 ); + use_password = (pwd && pwdlen != 0); + use_salt = (salt && saltlen != 0); - md_info = mbedtls_md_info_from_type( md_type ); - if( md_info == NULL ) - return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); + md_info = mbedtls_md_info_from_type(md_type); + if (md_info == NULL) { + return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE; + } - mbedtls_md_init( &md_ctx ); + mbedtls_md_init(&md_ctx); - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) - return( ret ); - hlen = mbedtls_md_get_size( md_info ); + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) { + return ret; + } + hlen = mbedtls_md_get_size(md_info); - if( hlen <= 32 ) + if (hlen <= 32) { v = 64; - else + } else { v = 128; + } - memset( diversifier, (unsigned char) id, v ); + memset(diversifier, (unsigned char) id, v); - if( use_salt != 0 ) - { - pkcs12_fill_buffer( salt_block, v, salt, saltlen ); + if (use_salt != 0) { + pkcs12_fill_buffer(salt_block, v, salt, saltlen); } - if( use_password != 0 ) - { - pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen ); + if (use_password != 0) { + pkcs12_fill_buffer(pwd_block, v, pwd, pwdlen); } p = data; - while( datalen > 0 ) - { + while (datalen > 0) { // Calculate hash( diversifier || salt_block || pwd_block ) - if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 ) + if ((ret = mbedtls_md_starts(&md_ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 ) + if ((ret = mbedtls_md_update(&md_ctx, diversifier, v)) != 0) { goto exit; + } - if( use_salt != 0 ) - { - if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v )) != 0 ) + if (use_salt != 0) { + if ((ret = mbedtls_md_update(&md_ctx, salt_block, v)) != 0) { goto exit; + } } - if( use_password != 0) - { - if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v )) != 0 ) + if (use_password != 0) { + if ((ret = mbedtls_md_update(&md_ctx, pwd_block, v)) != 0) { goto exit; + } } - if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 ) + if ((ret = mbedtls_md_finish(&md_ctx, hash_output)) != 0) { goto exit; + } // Perform remaining ( iterations - 1 ) recursive hash calculations - for( i = 1; i < (size_t) iterations; i++ ) - { - if( ( ret = mbedtls_md( md_info, hash_output, hlen, hash_output ) ) != 0 ) + for (i = 1; i < (size_t) iterations; i++) { + if ((ret = mbedtls_md(md_info, hash_output, hlen, hash_output)) != 0) { goto exit; + } } - use_len = ( datalen > hlen ) ? hlen : datalen; - memcpy( p, hash_output, use_len ); + use_len = (datalen > hlen) ? hlen : datalen; + memcpy(p, hash_output, use_len); datalen -= use_len; p += use_len; - if( datalen == 0 ) + if (datalen == 0) { break; + } // Concatenating copies of hash_output into hash_block (B) - pkcs12_fill_buffer( hash_block, v, hash_output, hlen ); + pkcs12_fill_buffer(hash_block, v, hash_output, hlen); // B += 1 - for( i = v; i > 0; i-- ) - if( ++hash_block[i - 1] != 0 ) + for (i = v; i > 0; i--) { + if (++hash_block[i - 1] != 0) { break; + } + } - if( use_salt != 0 ) - { + if (use_salt != 0) { // salt_block += B c = 0; - for( i = v; i > 0; i-- ) - { + for (i = v; i > 0; i--) { j = salt_block[i - 1] + hash_block[i - 1] + c; - c = MBEDTLS_BYTE_1( j ); - salt_block[i - 1] = MBEDTLS_BYTE_0( j ); + c = MBEDTLS_BYTE_1(j); + salt_block[i - 1] = MBEDTLS_BYTE_0(j); } } - if( use_password != 0 ) - { + if (use_password != 0) { // pwd_block += B c = 0; - for( i = v; i > 0; i-- ) - { + for (i = v; i > 0; i--) { j = pwd_block[i - 1] + hash_block[i - 1] + c; - c = MBEDTLS_BYTE_1( j ); - pwd_block[i - 1] = MBEDTLS_BYTE_0( j ); + c = MBEDTLS_BYTE_1(j); + pwd_block[i - 1] = MBEDTLS_BYTE_0(j); } } } @@ -391,14 +405,14 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, ret = 0; exit: - mbedtls_platform_zeroize( salt_block, sizeof( salt_block ) ); - mbedtls_platform_zeroize( pwd_block, sizeof( pwd_block ) ); - mbedtls_platform_zeroize( hash_block, sizeof( hash_block ) ); - mbedtls_platform_zeroize( hash_output, sizeof( hash_output ) ); + mbedtls_platform_zeroize(salt_block, sizeof(salt_block)); + mbedtls_platform_zeroize(pwd_block, sizeof(pwd_block)); + mbedtls_platform_zeroize(hash_block, sizeof(hash_block)); + mbedtls_platform_zeroize(hash_output, sizeof(hash_output)); - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_PKCS12_C */ diff --git a/library/pkcs5.c b/library/pkcs5.c index f9d01371a7a5..52f1a0df22be 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -45,18 +45,19 @@ #include "mbedtls/platform.h" #if defined(MBEDTLS_ASN1_PARSE_C) -static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, - mbedtls_asn1_buf *salt, int *iterations, - int *keylen, mbedtls_md_type_t *md_type ) +static int pkcs5_parse_pbkdf2_params(const mbedtls_asn1_buf *params, + mbedtls_asn1_buf *salt, int *iterations, + int *keylen, mbedtls_md_type_t *md_type) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf prf_alg_oid; unsigned char *p = params->p; const unsigned char *end = params->p + params->len; - if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } /* * PBKDF2-params ::= SEQUENCE { * salt OCTET STRING, @@ -66,45 +67,52 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, * } * */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len, - MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &salt->len, + MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); + } salt->p = p; p += salt->len; - if( ( ret = mbedtls_asn1_get_int( &p, end, iterations ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end, iterations)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); + } - if( p == end ) - return( 0 ); + if (p == end) { + return 0; + } - if( ( ret = mbedtls_asn1_get_int( &p, end, keylen ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end, keylen)) != 0) { + if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); + } } - if( p == end ) - return( 0 ); + if (p == end) { + return 0; + } - if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_alg_null(&p, end, &prf_alg_oid)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); + } - if( mbedtls_oid_get_md_hmac( &prf_alg_oid, md_type ) != 0 ) - return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); + if (mbedtls_oid_get_md_hmac(&prf_alg_oid, md_type) != 0) { + return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE; + } - if( p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } -int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *data, size_t datalen, - unsigned char *output ) +int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output) { int ret, iterations = 0, keylen = 0; unsigned char *p, *end; @@ -128,42 +136,46 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, * encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} * } */ - if( pbe_params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (pbe_params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } - if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid, - &kdf_alg_params ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_alg(&p, end, &kdf_alg_oid, + &kdf_alg_params)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); + } // Only PBKDF2 supported at the moment // - if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS5_PBKDF2, &kdf_alg_oid ) != 0 ) - return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); - - if( ( ret = pkcs5_parse_pbkdf2_params( &kdf_alg_params, - &salt, &iterations, &keylen, - &md_type ) ) != 0 ) - { - return( ret ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS5_PBKDF2, &kdf_alg_oid) != 0) { + return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE; + } + + if ((ret = pkcs5_parse_pbkdf2_params(&kdf_alg_params, + &salt, &iterations, &keylen, + &md_type)) != 0) { + return ret; } - md_info = mbedtls_md_info_from_type( md_type ); - if( md_info == NULL ) - return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); + md_info = mbedtls_md_info_from_type(md_type); + if (md_info == NULL) { + return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE; + } - if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid, - &enc_scheme_params ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_alg(&p, end, &enc_scheme_oid, + &enc_scheme_params)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); } - if( mbedtls_oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 ) - return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); + if (mbedtls_oid_get_cipher_alg(&enc_scheme_oid, &cipher_alg) != 0) { + return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE; + } - cipher_info = mbedtls_cipher_info_from_type( cipher_alg ); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); + cipher_info = mbedtls_cipher_info_from_type(cipher_alg); + if (cipher_info == NULL) { + return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE; + } /* * The value of keylen from pkcs5_parse_pbkdf2_params() is ignored @@ -171,143 +183,156 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, */ keylen = cipher_info->key_bitlen / 8; - if( enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING || - enc_scheme_params.len != cipher_info->iv_size ) - { - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT ); + if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING || + enc_scheme_params.len != cipher_info->iv_size) { + return MBEDTLS_ERR_PKCS5_INVALID_FORMAT; } - mbedtls_md_init( &md_ctx ); - mbedtls_cipher_init( &cipher_ctx ); + mbedtls_md_init(&md_ctx); + mbedtls_cipher_init(&cipher_ctx); - memcpy( iv, enc_scheme_params.p, enc_scheme_params.len ); + memcpy(iv, enc_scheme_params.p, enc_scheme_params.len); - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) { goto exit; + } - if( ( ret = mbedtls_pkcs5_pbkdf2_hmac( &md_ctx, pwd, pwdlen, salt.p, salt.len, - iterations, keylen, key ) ) != 0 ) - { + if ((ret = mbedtls_pkcs5_pbkdf2_hmac(&md_ctx, pwd, pwdlen, salt.p, salt.len, + iterations, keylen, key)) != 0) { goto exit; } - if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 ) + if ((ret = mbedtls_cipher_setup(&cipher_ctx, cipher_info)) != 0) { goto exit; + } - if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, - (mbedtls_operation_t) mode ) ) != 0 ) + if ((ret = mbedtls_cipher_setkey(&cipher_ctx, key, 8 * keylen, + (mbedtls_operation_t) mode)) != 0) { goto exit; + } - if( ( ret = mbedtls_cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len, - data, datalen, output, &olen ) ) != 0 ) + if ((ret = mbedtls_cipher_crypt(&cipher_ctx, iv, enc_scheme_params.len, + data, datalen, output, &olen)) != 0) { ret = MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH; + } exit: - mbedtls_md_free( &md_ctx ); - mbedtls_cipher_free( &cipher_ctx ); + mbedtls_md_free(&md_ctx); + mbedtls_cipher_free(&cipher_ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_ASN1_PARSE_C */ -int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, - const unsigned char *password, - size_t plen, const unsigned char *salt, size_t slen, - unsigned int iteration_count, - uint32_t key_length, unsigned char *output ) +int mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, + const unsigned char *password, + size_t plen, const unsigned char *salt, size_t slen, + unsigned int iteration_count, + uint32_t key_length, unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int j; unsigned int i; unsigned char md1[MBEDTLS_MD_MAX_SIZE]; unsigned char work[MBEDTLS_MD_MAX_SIZE]; - unsigned char md_size = mbedtls_md_get_size( ctx->md_info ); + unsigned char md_size = mbedtls_md_get_size(ctx->md_info); size_t use_len; unsigned char *out_p = output; unsigned char counter[4]; - memset( counter, 0, 4 ); + memset(counter, 0, 4); counter[3] = 1; #if UINT_MAX > 0xFFFFFFFF - if( iteration_count > 0xFFFFFFFF ) - return( MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA ); + if (iteration_count > 0xFFFFFFFF) { + return MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA; + } #endif - if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 ) - return( ret ); - while( key_length ) - { + if ((ret = mbedtls_md_hmac_starts(ctx, password, plen)) != 0) { + return ret; + } + while (key_length) { // U1 ends up in work // - if( ( ret = mbedtls_md_hmac_update( ctx, salt, slen ) ) != 0 ) + if ((ret = mbedtls_md_hmac_update(ctx, salt, slen)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_hmac_update( ctx, counter, 4 ) ) != 0 ) + if ((ret = mbedtls_md_hmac_update(ctx, counter, 4)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 ) + if ((ret = mbedtls_md_hmac_finish(ctx, work)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_hmac_reset( ctx ) ) != 0 ) + if ((ret = mbedtls_md_hmac_reset(ctx)) != 0) { goto cleanup; + } - memcpy( md1, work, md_size ); + memcpy(md1, work, md_size); - for( i = 1; i < iteration_count; i++ ) - { + for (i = 1; i < iteration_count; i++) { // U2 ends up in md1 // - if( ( ret = mbedtls_md_hmac_update( ctx, md1, md_size ) ) != 0 ) + if ((ret = mbedtls_md_hmac_update(ctx, md1, md_size)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_hmac_finish( ctx, md1 ) ) != 0 ) + if ((ret = mbedtls_md_hmac_finish(ctx, md1)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_hmac_reset( ctx ) ) != 0 ) + if ((ret = mbedtls_md_hmac_reset(ctx)) != 0) { goto cleanup; + } // U1 xor U2 // - for( j = 0; j < md_size; j++ ) + for (j = 0; j < md_size; j++) { work[j] ^= md1[j]; + } } - use_len = ( key_length < md_size ) ? key_length : md_size; - memcpy( out_p, work, use_len ); + use_len = (key_length < md_size) ? key_length : md_size; + memcpy(out_p, work, use_len); key_length -= (uint32_t) use_len; out_p += use_len; - for( i = 4; i > 0; i-- ) - if( ++counter[i - 1] != 0 ) + for (i = 4; i > 0; i--) { + if (++counter[i - 1] != 0) { break; + } + } } cleanup: /* Zeroise buffers to clear sensitive data from memory. */ - mbedtls_platform_zeroize( work, MBEDTLS_MD_MAX_SIZE ); - mbedtls_platform_zeroize( md1, MBEDTLS_MD_MAX_SIZE ); + mbedtls_platform_zeroize(work, MBEDTLS_MD_MAX_SIZE); + mbedtls_platform_zeroize(md1, MBEDTLS_MD_MAX_SIZE); - return( ret ); + return ret; } #if defined(MBEDTLS_SELF_TEST) #if !defined(MBEDTLS_SHA1_C) -int mbedtls_pkcs5_self_test( int verbose ) +int mbedtls_pkcs5_self_test(int verbose) { - if( verbose != 0 ) - mbedtls_printf( " PBKDF2 (SHA1): skipped\n\n" ); + if (verbose != 0) { + mbedtls_printf(" PBKDF2 (SHA1): skipped\n\n"); + } - return( 0 ); + return 0; } #else #define MAX_TESTS 6 static const size_t plen_test_data[MAX_TESTS] = - { 8, 8, 8, 24, 9 }; +{ 8, 8, 8, 24, 9 }; static const unsigned char password_test_data[MAX_TESTS][32] = { @@ -319,7 +344,7 @@ static const unsigned char password_test_data[MAX_TESTS][32] = }; static const size_t slen_test_data[MAX_TESTS] = - { 4, 4, 4, 36, 5 }; +{ 4, 4, 4, 36, 5 }; static const unsigned char salt_test_data[MAX_TESTS][40] = { @@ -331,10 +356,10 @@ static const unsigned char salt_test_data[MAX_TESTS][40] = }; static const uint32_t it_cnt_test_data[MAX_TESTS] = - { 1, 2, 4096, 4096, 4096 }; +{ 1, 2, 4096, 4096, 4096 }; static const uint32_t key_len_test_data[MAX_TESTS] = - { 20, 20, 20, 25, 16 }; +{ 20, 20, 20, 25, 16 }; static const unsigned char result_key_test_data[MAX_TESTS][32] = { @@ -355,58 +380,58 @@ static const unsigned char result_key_test_data[MAX_TESTS][32] = 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3 }, }; -int mbedtls_pkcs5_self_test( int verbose ) +int mbedtls_pkcs5_self_test(int verbose) { mbedtls_md_context_t sha1_ctx; const mbedtls_md_info_t *info_sha1; int ret, i; unsigned char key[64]; - mbedtls_md_init( &sha1_ctx ); + mbedtls_md_init(&sha1_ctx); - info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); - if( info_sha1 == NULL ) - { + info_sha1 = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); + if (info_sha1 == NULL) { ret = 1; goto exit; } - if( ( ret = mbedtls_md_setup( &sha1_ctx, info_sha1, 1 ) ) != 0 ) - { + if ((ret = mbedtls_md_setup(&sha1_ctx, info_sha1, 1)) != 0) { ret = 1; goto exit; } - for( i = 0; i < MAX_TESTS; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " PBKDF2 (SHA1) #%d: ", i ); - - ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password_test_data[i], - plen_test_data[i], salt_test_data[i], - slen_test_data[i], it_cnt_test_data[i], - key_len_test_data[i], key ); - if( ret != 0 || - memcmp( result_key_test_data[i], key, key_len_test_data[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + for (i = 0; i < MAX_TESTS; i++) { + if (verbose != 0) { + mbedtls_printf(" PBKDF2 (SHA1) #%d: ", i); + } + + ret = mbedtls_pkcs5_pbkdf2_hmac(&sha1_ctx, password_test_data[i], + plen_test_data[i], salt_test_data[i], + slen_test_data[i], it_cnt_test_data[i], + key_len_test_data[i], key); + if (ret != 0 || + memcmp(result_key_test_data[i], key, key_len_test_data[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } exit: - mbedtls_md_free( &sha1_ctx ); + mbedtls_md_free(&sha1_ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_SHA1_C */ diff --git a/library/pkparse.c b/library/pkparse.c index 6170d6d0125e..deaff0b31027 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -51,10 +51,10 @@ #include "mbedtls/platform.h" /* Parameter validation macros based on platform_util.h */ -#define PK_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA ) -#define PK_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define PK_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA) +#define PK_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #if defined(MBEDTLS_FS_IO) /* @@ -64,104 +64,106 @@ * A terminating null byte is always appended. It is included in the announced * length only if the data looks like it is PEM encoded. */ -int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ) +int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n) { FILE *f; long size; - PK_VALIDATE_RET( path != NULL ); - PK_VALIDATE_RET( buf != NULL ); - PK_VALIDATE_RET( n != NULL ); + PK_VALIDATE_RET(path != NULL); + PK_VALIDATE_RET(buf != NULL); + PK_VALIDATE_RET(n != NULL); - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_PK_FILE_IO_ERROR ); + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_PK_FILE_IO_ERROR; + } - fseek( f, 0, SEEK_END ); - if( ( size = ftell( f ) ) == -1 ) - { - fclose( f ); - return( MBEDTLS_ERR_PK_FILE_IO_ERROR ); + fseek(f, 0, SEEK_END); + if ((size = ftell(f)) == -1) { + fclose(f); + return MBEDTLS_ERR_PK_FILE_IO_ERROR; } - fseek( f, 0, SEEK_SET ); + fseek(f, 0, SEEK_SET); *n = (size_t) size; - if( *n + 1 == 0 || - ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL ) - { - fclose( f ); - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + if (*n + 1 == 0 || + (*buf = mbedtls_calloc(1, *n + 1)) == NULL) { + fclose(f); + return MBEDTLS_ERR_PK_ALLOC_FAILED; } - if( fread( *buf, 1, *n, f ) != *n ) - { - fclose( f ); + if (fread(*buf, 1, *n, f) != *n) { + fclose(f); - mbedtls_platform_zeroize( *buf, *n ); - mbedtls_free( *buf ); + mbedtls_platform_zeroize(*buf, *n); + mbedtls_free(*buf); - return( MBEDTLS_ERR_PK_FILE_IO_ERROR ); + return MBEDTLS_ERR_PK_FILE_IO_ERROR; } - fclose( f ); + fclose(f); (*buf)[*n] = '\0'; - if( strstr( (const char *) *buf, "-----BEGIN " ) != NULL ) + if (strstr((const char *) *buf, "-----BEGIN ") != NULL) { ++*n; + } - return( 0 ); + return 0; } /* * Load and parse a private key */ -int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, - const char *path, const char *pwd ) +int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx, + const char *path, const char *pwd) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( path != NULL ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET(path != NULL); - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } - if( pwd == NULL ) - ret = mbedtls_pk_parse_key( ctx, buf, n, NULL, 0 ); - else - ret = mbedtls_pk_parse_key( ctx, buf, n, - (const unsigned char *) pwd, strlen( pwd ) ); + if (pwd == NULL) { + ret = mbedtls_pk_parse_key(ctx, buf, n, NULL, 0); + } else { + ret = mbedtls_pk_parse_key(ctx, buf, n, + (const unsigned char *) pwd, strlen(pwd)); + } - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); + mbedtls_platform_zeroize(buf, n); + mbedtls_free(buf); - return( ret ); + return ret; } /* * Load and parse a public key */ -int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) +int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( path != NULL ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET(path != NULL); - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } - ret = mbedtls_pk_parse_public_key( ctx, buf, n ); + ret = mbedtls_pk_parse_public_key(ctx, buf, n); - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); + mbedtls_platform_zeroize(buf, n); + mbedtls_free(buf); - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ @@ -174,40 +176,40 @@ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) * -- implicitCurve NULL * } */ -static int pk_get_ecparams( unsigned char **p, const unsigned char *end, - mbedtls_asn1_buf *params ) +static int pk_get_ecparams(unsigned char **p, const unsigned char *end, + mbedtls_asn1_buf *params) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if ( end - *p < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if (end - *p < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } /* Tag may be either OID or SEQUENCE */ params->tag = **p; - if( params->tag != MBEDTLS_ASN1_OID + if (params->tag != MBEDTLS_ASN1_OID #if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - && params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) + && params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) #endif - ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + ) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } - if( ( ret = mbedtls_asn1_get_tag( p, end, ¶ms->len, params->tag ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, ¶ms->len, params->tag)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } params->p = *p; *p += params->len; - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } #if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) @@ -230,7 +232,7 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end, * * We only support prime-field as field type, and ignore hash and cofactor. */ -static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp ) +static int pk_group_from_specified(const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = params->p; @@ -240,11 +242,13 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ int ver; /* SpecifiedECDomainVersion ::= INTEGER { 1, 2, 3 } */ - if( ( ret = mbedtls_asn1_get_int( &p, end, &ver ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end, &ver)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( ver < 1 || ver > 3 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + if (ver < 1 || ver > 3) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } /* * FieldID { FIELD-ID:IOSet } ::= SEQUENCE { -- Finite field @@ -252,9 +256,10 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ * parameters FIELD-ID.&Type({IOSet}{@fieldType}) * } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return ret; + } end_field = p + len; @@ -266,26 +271,28 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ * } * prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end_field, &len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(&p, end_field, &len, MBEDTLS_ASN1_OID)) != 0) { + return ret; + } - if( len != MBEDTLS_OID_SIZE( MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD ) || - memcmp( p, MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD, len ) != 0 ) - { - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + if (len != MBEDTLS_OID_SIZE(MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD) || + memcmp(p, MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD, len) != 0) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } p += len; /* Prime-p ::= INTEGER -- Field of size p. */ - if( ( ret = mbedtls_asn1_get_mpi( &p, end_field, &grp->P ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_mpi(&p, end_field, &grp->P)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - grp->pbits = mbedtls_mpi_bitlen( &grp->P ); + grp->pbits = mbedtls_mpi_bitlen(&grp->P); - if( p != end_field ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end_field) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* * Curve ::= SEQUENCE { @@ -296,9 +303,10 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ * -- with version equal to ecdpVer2 or ecdpVer3 * } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return ret; + } end_curve = p + len; @@ -306,51 +314,50 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ * FieldElement ::= OCTET STRING * containing an integer in the case of a prime field */ - if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 || - ( ret = mbedtls_mpi_read_binary( &grp->A, p, len ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0 || + (ret = mbedtls_mpi_read_binary(&grp->A, p, len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } p += len; - if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 || - ( ret = mbedtls_mpi_read_binary( &grp->B, p, len ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0 || + (ret = mbedtls_mpi_read_binary(&grp->B, p, len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } p += len; /* Ignore seed BIT STRING OPTIONAL */ - if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_BIT_STRING ) ) == 0 ) + if ((ret = mbedtls_asn1_get_tag(&p, end_curve, &len, MBEDTLS_ASN1_BIT_STRING)) == 0) { p += len; + } - if( p != end_curve ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end_curve) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* * ECPoint ::= OCTET STRING */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( ( ret = mbedtls_ecp_point_read_binary( grp, &grp->G, - ( const unsigned char *) p, len ) ) != 0 ) - { + if ((ret = mbedtls_ecp_point_read_binary(grp, &grp->G, + (const unsigned char *) p, len)) != 0) { /* * If we can't read the point because it's compressed, cheat by * reading only the X coordinate and the parity bit of Y. */ - if( ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE || - ( p[0] != 0x02 && p[0] != 0x03 ) || - len != mbedtls_mpi_size( &grp->P ) + 1 || - mbedtls_mpi_read_binary( &grp->G.X, p + 1, len - 1 ) != 0 || - mbedtls_mpi_lset( &grp->G.Y, p[0] - 2 ) != 0 || - mbedtls_mpi_lset( &grp->G.Z, 1 ) != 0 ) - { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + if (ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE || + (p[0] != 0x02 && p[0] != 0x03) || + len != mbedtls_mpi_size(&grp->P) + 1 || + mbedtls_mpi_read_binary(&grp->G.X, p + 1, len - 1) != 0 || + mbedtls_mpi_lset(&grp->G.Y, p[0] - 2) != 0 || + mbedtls_mpi_lset(&grp->G.Z, 1) != 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; } } @@ -359,83 +366,84 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ /* * order INTEGER */ - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &grp->N ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_mpi(&p, end, &grp->N)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - grp->nbits = mbedtls_mpi_bitlen( &grp->N ); + grp->nbits = mbedtls_mpi_bitlen(&grp->N); /* * Allow optional elements by purposefully not enforcing p == end here. */ - return( 0 ); + return 0; } /* * Find the group id associated with an (almost filled) group as generated by * pk_group_from_specified(), or return an error if unknown. */ -static int pk_group_id_from_group( const mbedtls_ecp_group *grp, mbedtls_ecp_group_id *grp_id ) +static int pk_group_id_from_group(const mbedtls_ecp_group *grp, mbedtls_ecp_group_id *grp_id) { int ret = 0; mbedtls_ecp_group ref; const mbedtls_ecp_group_id *id; - mbedtls_ecp_group_init( &ref ); + mbedtls_ecp_group_init(&ref); - for( id = mbedtls_ecp_grp_id_list(); *id != MBEDTLS_ECP_DP_NONE; id++ ) - { + for (id = mbedtls_ecp_grp_id_list(); *id != MBEDTLS_ECP_DP_NONE; id++) { /* Load the group associated to that id */ - mbedtls_ecp_group_free( &ref ); - MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ref, *id ) ); + mbedtls_ecp_group_free(&ref); + MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&ref, *id)); /* Compare to the group we were given, starting with easy tests */ - if( grp->pbits == ref.pbits && grp->nbits == ref.nbits && - mbedtls_mpi_cmp_mpi( &grp->P, &ref.P ) == 0 && - mbedtls_mpi_cmp_mpi( &grp->A, &ref.A ) == 0 && - mbedtls_mpi_cmp_mpi( &grp->B, &ref.B ) == 0 && - mbedtls_mpi_cmp_mpi( &grp->N, &ref.N ) == 0 && - mbedtls_mpi_cmp_mpi( &grp->G.X, &ref.G.X ) == 0 && - mbedtls_mpi_cmp_mpi( &grp->G.Z, &ref.G.Z ) == 0 && + if (grp->pbits == ref.pbits && grp->nbits == ref.nbits && + mbedtls_mpi_cmp_mpi(&grp->P, &ref.P) == 0 && + mbedtls_mpi_cmp_mpi(&grp->A, &ref.A) == 0 && + mbedtls_mpi_cmp_mpi(&grp->B, &ref.B) == 0 && + mbedtls_mpi_cmp_mpi(&grp->N, &ref.N) == 0 && + mbedtls_mpi_cmp_mpi(&grp->G.X, &ref.G.X) == 0 && + mbedtls_mpi_cmp_mpi(&grp->G.Z, &ref.G.Z) == 0 && /* For Y we may only know the parity bit, so compare only that */ - mbedtls_mpi_get_bit( &grp->G.Y, 0 ) == mbedtls_mpi_get_bit( &ref.G.Y, 0 ) ) - { + mbedtls_mpi_get_bit(&grp->G.Y, 0) == mbedtls_mpi_get_bit(&ref.G.Y, 0)) { break; } } cleanup: - mbedtls_ecp_group_free( &ref ); + mbedtls_ecp_group_free(&ref); *grp_id = *id; - if( ret == 0 && *id == MBEDTLS_ECP_DP_NONE ) + if (ret == 0 && *id == MBEDTLS_ECP_DP_NONE) { ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } - return( ret ); + return ret; } /* * Parse a SpecifiedECDomain (SEC 1 C.2) and find the associated group ID */ -static int pk_group_id_from_specified( const mbedtls_asn1_buf *params, - mbedtls_ecp_group_id *grp_id ) +static int pk_group_id_from_specified(const mbedtls_asn1_buf *params, + mbedtls_ecp_group_id *grp_id) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group grp; - mbedtls_ecp_group_init( &grp ); + mbedtls_ecp_group_init(&grp); - if( ( ret = pk_group_from_specified( params, &grp ) ) != 0 ) + if ((ret = pk_group_from_specified(params, &grp)) != 0) { goto cleanup; + } - ret = pk_group_id_from_group( &grp, grp_id ); + ret = pk_group_id_from_group(&grp, grp_id); cleanup: - mbedtls_ecp_group_free( &grp ); + mbedtls_ecp_group_free(&grp); - return( ret ); + return ret; } #endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ @@ -447,36 +455,37 @@ static int pk_group_id_from_specified( const mbedtls_asn1_buf *params, * specifiedCurve SpecifiedECDomain -- = SEQUENCE { ... } * -- implicitCurve NULL */ -static int pk_use_ecparams( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp ) +static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; - if( params->tag == MBEDTLS_ASN1_OID ) - { - if( mbedtls_oid_get_ec_grp( params, &grp_id ) != 0 ) - return( MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE ); - } - else - { + if (params->tag == MBEDTLS_ASN1_OID) { + if (mbedtls_oid_get_ec_grp(params, &grp_id) != 0) { + return MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE; + } + } else { #if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - if( ( ret = pk_group_id_from_specified( params, &grp_id ) ) != 0 ) - return( ret ); + if ((ret = pk_group_id_from_specified(params, &grp_id)) != 0) { + return ret; + } #else - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; #endif } /* * grp may already be initialized; if so, make sure IDs match */ - if( grp->id != MBEDTLS_ECP_DP_NONE && grp->id != grp_id ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + if (grp->id != MBEDTLS_ECP_DP_NONE && grp->id != grp_id) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } - if( ( ret = mbedtls_ecp_group_load( grp, grp_id ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_group_load(grp, grp_id)) != 0) { + return ret; + } - return( 0 ); + return 0; } /* @@ -486,15 +495,14 @@ static int pk_use_ecparams( const mbedtls_asn1_buf *params, mbedtls_ecp_group *g * desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state. */ -static int pk_get_ecpubkey( unsigned char **p, const unsigned char *end, - mbedtls_ecp_keypair *key ) +static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, + mbedtls_ecp_keypair *key) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_ecp_point_read_binary( &key->grp, &key->Q, - (const unsigned char *) *p, end - *p ) ) == 0 ) - { - ret = mbedtls_ecp_check_pubkey( &key->grp, &key->Q ); + if ((ret = mbedtls_ecp_point_read_binary(&key->grp, &key->Q, + (const unsigned char *) *p, end - *p)) == 0) { + ret = mbedtls_ecp_check_pubkey(&key->grp, &key->Q); } /* @@ -502,7 +510,7 @@ static int pk_get_ecpubkey( unsigned char **p, const unsigned char *end, */ *p = (unsigned char *) end; - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_C */ @@ -513,52 +521,58 @@ static int pk_get_ecpubkey( unsigned char **p, const unsigned char *end, * publicExponent INTEGER -- e * } */ -static int pk_get_rsapubkey( unsigned char **p, - const unsigned char *end, - mbedtls_rsa_context *rsa ) +static int pk_get_rsapubkey(unsigned char **p, + const unsigned char *end, + mbedtls_rsa_context *rsa) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + } - if( *p + len != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* Import N */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + } - if( ( ret = mbedtls_rsa_import_raw( rsa, *p, len, NULL, 0, NULL, 0, - NULL, 0, NULL, 0 ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY ); + if ((ret = mbedtls_rsa_import_raw(rsa, *p, len, NULL, 0, NULL, 0, + NULL, 0, NULL, 0)) != 0) { + return MBEDTLS_ERR_PK_INVALID_PUBKEY; + } *p += len; /* Import E */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + } - if( ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0, - NULL, 0, *p, len ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY ); + if ((ret = mbedtls_rsa_import_raw(rsa, NULL, 0, NULL, 0, NULL, 0, + NULL, 0, *p, len)) != 0) { + return MBEDTLS_ERR_PK_INVALID_PUBKEY; + } *p += len; - if( mbedtls_rsa_complete( rsa ) != 0 || - mbedtls_rsa_check_pubkey( rsa ) != 0 ) - { - return( MBEDTLS_ERR_PK_INVALID_PUBKEY ); + if (mbedtls_rsa_complete(rsa) != 0 || + mbedtls_rsa_check_pubkey(rsa) != 0) { + return MBEDTLS_ERR_PK_INVALID_PUBKEY; } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_RSA_C */ @@ -568,32 +582,33 @@ static int pk_get_rsapubkey( unsigned char **p, * algorithm OBJECT IDENTIFIER, * parameters ANY DEFINED BY algorithm OPTIONAL } */ -static int pk_get_pk_alg( unsigned char **p, - const unsigned char *end, - mbedtls_pk_type_t *pk_alg, mbedtls_asn1_buf *params ) +static int pk_get_pk_alg(unsigned char **p, + const unsigned char *end, + mbedtls_pk_type_t *pk_alg, mbedtls_asn1_buf *params) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf alg_oid; - memset( params, 0, sizeof(mbedtls_asn1_buf) ); + memset(params, 0, sizeof(mbedtls_asn1_buf)); - if( ( ret = mbedtls_asn1_get_alg( p, end, &alg_oid, params ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_alg(p, end, &alg_oid, params)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_ALG, ret); + } - if( mbedtls_oid_get_pk_alg( &alg_oid, pk_alg ) != 0 ) - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); + if (mbedtls_oid_get_pk_alg(&alg_oid, pk_alg) != 0) { + return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; + } /* * No parameters with RSA (only for EC) */ - if( *pk_alg == MBEDTLS_PK_RSA && - ( ( params->tag != MBEDTLS_ASN1_NULL && params->tag != 0 ) || - params->len != 0 ) ) - { - return( MBEDTLS_ERR_PK_INVALID_ALG ); + if (*pk_alg == MBEDTLS_PK_RSA && + ((params->tag != MBEDTLS_ASN1_NULL && params->tag != 0) || + params->len != 0)) { + return MBEDTLS_ERR_PK_INVALID_ALG; } - return( 0 ); + return 0; } /* @@ -601,8 +616,8 @@ static int pk_get_pk_alg( unsigned char **p, * algorithm AlgorithmIdentifier, * subjectPublicKey BIT STRING } */ -int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, - mbedtls_pk_context *pk ) +int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, + mbedtls_pk_context *pk) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -610,59 +625,64 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; const mbedtls_pk_info_t *pk_info; - PK_VALIDATE_RET( p != NULL ); - PK_VALIDATE_RET( *p != NULL ); - PK_VALIDATE_RET( end != NULL ); - PK_VALIDATE_RET( pk != NULL ); + PK_VALIDATE_RET(p != NULL); + PK_VALIDATE_RET(*p != NULL); + PK_VALIDATE_RET(end != NULL); + PK_VALIDATE_RET(pk != NULL); - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } end = *p + len; - if( ( ret = pk_get_pk_alg( p, end, &pk_alg, &alg_params ) ) != 0 ) - return( ret ); + if ((ret = pk_get_pk_alg(p, end, &pk_alg, &alg_params)) != 0) { + return ret; + } - if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); + if ((ret = mbedtls_asn1_get_bitstring_null(p, end, &len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + } - if( *p + len != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL ) - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); + if ((pk_info = mbedtls_pk_info_from_type(pk_alg)) == NULL) { + return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; + } - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0) { + return ret; + } #if defined(MBEDTLS_RSA_C) - if( pk_alg == MBEDTLS_PK_RSA ) - { - ret = pk_get_rsapubkey( p, end, mbedtls_pk_rsa( *pk ) ); + if (pk_alg == MBEDTLS_PK_RSA) { + ret = pk_get_rsapubkey(p, end, mbedtls_pk_rsa(*pk)); } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - if( pk_alg == MBEDTLS_PK_ECKEY_DH || pk_alg == MBEDTLS_PK_ECKEY ) - { - ret = pk_use_ecparams( &alg_params, &mbedtls_pk_ec( *pk )->grp ); - if( ret == 0 ) - ret = pk_get_ecpubkey( p, end, mbedtls_pk_ec( *pk ) ); + if (pk_alg == MBEDTLS_PK_ECKEY_DH || pk_alg == MBEDTLS_PK_ECKEY) { + ret = pk_use_ecparams(&alg_params, &mbedtls_pk_ec(*pk)->grp); + if (ret == 0) { + ret = pk_get_ecpubkey(p, end, mbedtls_pk_ec(*pk)); + } } else #endif /* MBEDTLS_ECP_C */ - ret = MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; + ret = MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; - if( ret == 0 && *p != end ) - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (ret == 0 && *p != end) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - if( ret != 0 ) - mbedtls_pk_free( pk ); + if (ret != 0) { + mbedtls_pk_free(pk); + } - return( ret ); + return ret; } #if defined(MBEDTLS_RSA_C) @@ -676,35 +696,37 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, * Since values can't be omitted in PKCS#1, passing a zero value to * rsa_complete() would be incorrect, so reject zero values early. */ -static int asn1_get_nonzero_mpi( unsigned char **p, - const unsigned char *end, - mbedtls_mpi *X ) +static int asn1_get_nonzero_mpi(unsigned char **p, + const unsigned char *end, + mbedtls_mpi *X) { int ret; - ret = mbedtls_asn1_get_mpi( p, end, X ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_asn1_get_mpi(p, end, X); + if (ret != 0) { + return ret; + } - if( mbedtls_mpi_cmp_int( X, 0 ) == 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + if (mbedtls_mpi_cmp_int(X, 0) == 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } - return( 0 ); + return 0; } /* * Parse a PKCS#1 encoded private RSA key */ -static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, - const unsigned char *key, - size_t keylen ) +static int pk_parse_key_pkcs1_der(mbedtls_rsa_context *rsa, + const unsigned char *key, + size_t keylen) { int ret, version; size_t len; unsigned char *p, *end; mbedtls_mpi T; - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); p = (unsigned char *) key; end = p + keylen; @@ -725,87 +747,93 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, * otherPrimeInfos OtherPrimeInfos OPTIONAL * } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } end = p + len; - if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } - if( version != 0 ) - { - return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION ); + if (version != 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_VERSION; } /* Import N */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_rsa_import( rsa, &T, NULL, NULL, - NULL, NULL ) ) != 0 ) + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, &T, NULL, NULL, + NULL, NULL)) != 0) { goto cleanup; + } /* Import E */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_rsa_import( rsa, NULL, NULL, NULL, - NULL, &T ) ) != 0 ) + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL, + NULL, &T)) != 0) { goto cleanup; + } /* Import D */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_rsa_import( rsa, NULL, NULL, NULL, - &T, NULL ) ) != 0 ) + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL, + &T, NULL)) != 0) { goto cleanup; + } /* Import P */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_rsa_import( rsa, NULL, &T, NULL, - NULL, NULL ) ) != 0 ) + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, &T, NULL, + NULL, NULL)) != 0) { goto cleanup; + } /* Import Q */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_rsa_import( rsa, NULL, NULL, &T, - NULL, NULL ) ) != 0 ) + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, NULL, &T, + NULL, NULL)) != 0) { goto cleanup; + } #if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT) /* - * The RSA CRT parameters DP, DQ and QP are nominally redundant, in - * that they can be easily recomputed from D, P and Q. However by - * parsing them from the PKCS1 structure it is possible to avoid - * recalculating them which both reduces the overhead of loading - * RSA private keys into memory and also avoids side channels which - * can arise when computing those values, since all of D, P, and Q - * are secret. See https://eprint.iacr.org/2020/055 for a - * description of one such attack. - */ + * The RSA CRT parameters DP, DQ and QP are nominally redundant, in + * that they can be easily recomputed from D, P and Q. However by + * parsing them from the PKCS1 structure it is possible to avoid + * recalculating them which both reduces the overhead of loading + * RSA private keys into memory and also avoids side channels which + * can arise when computing those values, since all of D, P, and Q + * are secret. See https://eprint.iacr.org/2020/055 for a + * description of one such attack. + */ /* Import DP */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_mpi_copy( &rsa->DP, &T ) ) != 0 ) - goto cleanup; + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_mpi_copy(&rsa->DP, &T)) != 0) { + goto cleanup; + } /* Import DQ */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_mpi_copy( &rsa->DQ, &T ) ) != 0 ) - goto cleanup; + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_mpi_copy(&rsa->DQ, &T)) != 0) { + goto cleanup; + } /* Import QP */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_mpi_copy( &rsa->QP, &T ) ) != 0 ) - goto cleanup; + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_mpi_copy(&rsa->QP, &T)) != 0) { + goto cleanup; + } #else /* Verify existence of the CRT params */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ) - goto cleanup; + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0) { + goto cleanup; + } #endif /* rsa_complete() doesn't complete anything with the default @@ -817,34 +845,32 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, * Furthermore, we also check the public part for consistency with * mbedtls_pk_parse_pubkey(), as it includes size minima for example. */ - if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 || - ( ret = mbedtls_rsa_check_pubkey( rsa ) ) != 0 ) - { + if ((ret = mbedtls_rsa_complete(rsa)) != 0 || + (ret = mbedtls_rsa_check_pubkey(rsa)) != 0) { goto cleanup; } - if( p != end ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (p != end) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } cleanup: - mbedtls_mpi_free( &T ); + mbedtls_mpi_free(&T); - if( ret != 0 ) - { + if (ret != 0) { /* Wrap error code if it's coming from a lower level */ - if( ( ret & 0xff80 ) == 0 ) - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ); - else + if ((ret & 0xff80) == 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } else { ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } - mbedtls_rsa_free( rsa ); + mbedtls_rsa_free(rsa); } - return( ret ); + return ret; } #endif /* MBEDTLS_RSA_C */ @@ -852,9 +878,9 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, /* * Parse a SEC1 encoded private EC key */ -static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, - const unsigned char *key, - size_t keylen ) +static int pk_parse_key_sec1_der(mbedtls_ecp_keypair *eck, + const unsigned char *key, + size_t keylen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int version, pubkey_done; @@ -874,106 +900,100 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, * publicKey [1] BIT STRING OPTIONAL * } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } end = p + len; - if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( version != 1 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION ); + if (version != 1) { + return MBEDTLS_ERR_PK_KEY_INVALID_VERSION; + } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( ( ret = mbedtls_mpi_read_binary( &eck->d, p, len ) ) != 0 ) - { - mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_mpi_read_binary(&eck->d, p, len)) != 0) { + mbedtls_ecp_keypair_free(eck); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } p += len; pubkey_done = 0; - if( p != end ) - { + if (p != end) { /* * Is 'parameters' present? */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 ) - { - if( ( ret = pk_get_ecparams( &p, p + len, ¶ms) ) != 0 || - ( ret = pk_use_ecparams( ¶ms, &eck->grp ) ) != 0 ) - { - mbedtls_ecp_keypair_free( eck ); - return( ret ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 0)) == 0) { + if ((ret = pk_get_ecparams(&p, p + len, ¶ms)) != 0 || + (ret = pk_use_ecparams(¶ms, &eck->grp)) != 0) { + mbedtls_ecp_keypair_free(eck); + return ret; } - } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { - mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + mbedtls_ecp_keypair_free(eck); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } } - if( p != end ) - { + if (p != end) { /* * Is 'publickey' present? If not, or if we can't read it (eg because it * is compressed), create it from the private key. */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 ) - { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 1)) == 0) { end2 = p + len; - if( ( ret = mbedtls_asn1_get_bitstring_null( &p, end2, &len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_bitstring_null(&p, end2, &len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( p + len != end2 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p + len != end2) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - if( ( ret = pk_get_ecpubkey( &p, end2, eck ) ) == 0 ) + if ((ret = pk_get_ecpubkey(&p, end2, eck)) == 0) { pubkey_done = 1; - else - { + } else { /* * The only acceptable failure mode of pk_get_ecpubkey() above * is if the point format is not recognized. */ - if( ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + if (ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } } - } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { - mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + mbedtls_ecp_keypair_free(eck); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } } - if( ! pubkey_done && - ( ret = mbedtls_ecp_mul( &eck->grp, &eck->Q, &eck->d, &eck->grp.G, - NULL, NULL ) ) != 0 ) - { - mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if (!pubkey_done && + (ret = mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, + NULL, NULL)) != 0) { + mbedtls_ecp_keypair_free(eck); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } - if( ( ret = mbedtls_ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 ) - { - mbedtls_ecp_keypair_free( eck ); - return( ret ); + if ((ret = mbedtls_ecp_check_privkey(&eck->grp, &eck->d)) != 0) { + mbedtls_ecp_keypair_free(eck); + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_ECP_C */ @@ -991,9 +1011,9 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, * */ static int pk_parse_key_pkcs8_unencrypted_der( - mbedtls_pk_context *pk, - const unsigned char* key, - size_t keylen ) + mbedtls_pk_context *pk, + const unsigned char *key, + size_t keylen) { int ret, version; size_t len; @@ -1019,62 +1039,62 @@ static int pk_parse_key_pkcs8_unencrypted_der( * The PrivateKey OCTET STRING is a SEC1 ECPrivateKey */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } end = p + len; - if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( version != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_VERSION, ret ) ); + if (version != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_VERSION, ret); + } - if( ( ret = pk_get_pk_alg( &p, end, &pk_alg, ¶ms ) ) != 0 ) - { - return( ret ); + if ((ret = pk_get_pk_alg(&p, end, &pk_alg, ¶ms)) != 0) { + return ret; } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( len < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if (len < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } - if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL ) - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); + if ((pk_info = mbedtls_pk_info_from_type(pk_alg)) == NULL) { + return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; + } - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0) { + return ret; + } #if defined(MBEDTLS_RSA_C) - if( pk_alg == MBEDTLS_PK_RSA ) - { - if( ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), p, len ) ) != 0 ) - { - mbedtls_pk_free( pk ); - return( ret ); + if (pk_alg == MBEDTLS_PK_RSA) { + if ((ret = pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), p, len)) != 0) { + mbedtls_pk_free(pk); + return ret; } } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - if( pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH ) - { - if( ( ret = pk_use_ecparams( ¶ms, &mbedtls_pk_ec( *pk )->grp ) ) != 0 || - ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), p, len ) ) != 0 ) - { - mbedtls_pk_free( pk ); - return( ret ); + if (pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH) { + if ((ret = pk_use_ecparams(¶ms, &mbedtls_pk_ec(*pk)->grp)) != 0 || + (ret = pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), p, len)) != 0) { + mbedtls_pk_free(pk); + return ret; } } else #endif /* MBEDTLS_ECP_C */ - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); + return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; - return( 0 ); + return 0; } /* @@ -1088,9 +1108,9 @@ static int pk_parse_key_pkcs8_unencrypted_der( */ #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) static int pk_parse_key_pkcs8_encrypted_der( - mbedtls_pk_context *pk, - unsigned char *key, size_t keylen, - const unsigned char *pwd, size_t pwdlen ) + mbedtls_pk_context *pk, + unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen) { int ret, decrypted = 0; size_t len; @@ -1105,8 +1125,9 @@ static int pk_parse_key_pkcs8_encrypted_der( p = key; end = p + keylen; - if( pwdlen == 0 ) - return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED ); + if (pwdlen == 0) { + return MBEDTLS_ERR_PK_PASSWORD_REQUIRED; + } /* * This function parses the EncryptedPrivateKeyInfo object (PKCS#8) @@ -1123,19 +1144,20 @@ static int pk_parse_key_pkcs8_encrypted_der( * The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo * */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } end = p + len; - if( ( ret = mbedtls_asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_alg(&p, end, &pbe_alg_oid, &pbe_params)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } buf = p; @@ -1143,73 +1165,68 @@ static int pk_parse_key_pkcs8_encrypted_der( * Decrypt EncryptedData with appropriate PBE */ #if defined(MBEDTLS_PKCS12_C) - if( mbedtls_oid_get_pkcs12_pbe_alg( &pbe_alg_oid, &md_alg, &cipher_alg ) == 0 ) - { - if( ( ret = mbedtls_pkcs12_pbe( &pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, - cipher_alg, md_alg, - pwd, pwdlen, p, len, buf ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH ) - return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); - - return( ret ); + if (mbedtls_oid_get_pkcs12_pbe_alg(&pbe_alg_oid, &md_alg, &cipher_alg) == 0) { + if ((ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, + cipher_alg, md_alg, + pwd, pwdlen, p, len, buf)) != 0) { + if (ret == MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH) { + return MBEDTLS_ERR_PK_PASSWORD_MISMATCH; + } + + return ret; } decrypted = 1; - } - else if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) == 0 ) - { - if( ( ret = mbedtls_pkcs12_pbe_sha1_rc4_128( &pbe_params, - MBEDTLS_PKCS12_PBE_DECRYPT, - pwd, pwdlen, - p, len, buf ) ) != 0 ) - { - return( ret ); + } else if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid) == 0) { + if ((ret = mbedtls_pkcs12_pbe_sha1_rc4_128(&pbe_params, + MBEDTLS_PKCS12_PBE_DECRYPT, + pwd, pwdlen, + p, len, buf)) != 0) { + return ret; } // Best guess for password mismatch when using RC4. If first tag is // not MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE // - if( *buf != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); + if (*buf != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + return MBEDTLS_ERR_PK_PASSWORD_MISMATCH; + } decrypted = 1; - } - else + } else #endif /* MBEDTLS_PKCS12_C */ #if defined(MBEDTLS_PKCS5_C) - if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS5_PBES2, &pbe_alg_oid ) == 0 ) - { - if( ( ret = mbedtls_pkcs5_pbes2( &pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen, - p, len, buf ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH ) - return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS5_PBES2, &pbe_alg_oid) == 0) { + if ((ret = mbedtls_pkcs5_pbes2(&pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen, + p, len, buf)) != 0) { + if (ret == MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH) { + return MBEDTLS_ERR_PK_PASSWORD_MISMATCH; + } - return( ret ); + return ret; } decrypted = 1; - } - else + } else #endif /* MBEDTLS_PKCS5_C */ { ((void) pwd); } - if( decrypted == 0 ) - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + if (decrypted == 0) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } - return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len ) ); + return pk_parse_key_pkcs8_unencrypted_der(pk, buf, len); } #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ /* * Parse a private key */ -int mbedtls_pk_parse_key( mbedtls_pk_context *pk, - const unsigned char *key, size_t keylen, - const unsigned char *pwd, size_t pwdlen ) +int mbedtls_pk_parse_key(mbedtls_pk_context *pk, + const unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_pk_info_t *pk_info; @@ -1218,121 +1235,118 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, mbedtls_pem_context pem; #endif - PK_VALIDATE_RET( pk != NULL ); - if( keylen == 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); - PK_VALIDATE_RET( key != NULL ); + PK_VALIDATE_RET(pk != NULL); + if (keylen == 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + PK_VALIDATE_RET(key != NULL); #if defined(MBEDTLS_PEM_PARSE_C) - mbedtls_pem_init( &pem ); + mbedtls_pem_init(&pem); #if defined(MBEDTLS_RSA_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN RSA PRIVATE KEY-----", - "-----END RSA PRIVATE KEY-----", - key, pwd, pwdlen, &len ); + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN RSA PRIVATE KEY-----", + "-----END RSA PRIVATE KEY-----", + key, pwd, pwdlen, &len); + } - if( ret == 0 ) - { - pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ); - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 || - ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), - pem.buf, pem.buflen ) ) != 0 ) - { - mbedtls_pk_free( pk ); + if (ret == 0) { + pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA); + if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0 || + (ret = pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), + pem.buf, pem.buflen)) != 0) { + mbedtls_pk_free(pk); } - mbedtls_pem_free( &pem ); - return( ret ); + mbedtls_pem_free(&pem); + return ret; + } else if (ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH) { + return MBEDTLS_ERR_PK_PASSWORD_MISMATCH; + } else if (ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED) { + return MBEDTLS_ERR_PK_PASSWORD_REQUIRED; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + return ret; } - else if( ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH ) - return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); - else if( ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED ) - return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED ); - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - return( ret ); #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN EC PRIVATE KEY-----", - "-----END EC PRIVATE KEY-----", - key, pwd, pwdlen, &len ); - if( ret == 0 ) - { - pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ); + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN EC PRIVATE KEY-----", + "-----END EC PRIVATE KEY-----", + key, pwd, pwdlen, &len); + } + if (ret == 0) { + pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY); - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 || - ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), - pem.buf, pem.buflen ) ) != 0 ) - { - mbedtls_pk_free( pk ); + if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0 || + (ret = pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), + pem.buf, pem.buflen)) != 0) { + mbedtls_pk_free(pk); } - mbedtls_pem_free( &pem ); - return( ret ); + mbedtls_pem_free(&pem); + return ret; + } else if (ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH) { + return MBEDTLS_ERR_PK_PASSWORD_MISMATCH; + } else if (ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED) { + return MBEDTLS_ERR_PK_PASSWORD_REQUIRED; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + return ret; } - else if( ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH ) - return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); - else if( ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED ) - return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED ); - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - return( ret ); #endif /* MBEDTLS_ECP_C */ /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN PRIVATE KEY-----", - "-----END PRIVATE KEY-----", - key, NULL, 0, &len ); - if( ret == 0 ) - { - if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, - pem.buf, pem.buflen ) ) != 0 ) - { - mbedtls_pk_free( pk ); + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN PRIVATE KEY-----", + "-----END PRIVATE KEY-----", + key, NULL, 0, &len); + } + if (ret == 0) { + if ((ret = pk_parse_key_pkcs8_unencrypted_der(pk, + pem.buf, pem.buflen)) != 0) { + mbedtls_pk_free(pk); } - mbedtls_pem_free( &pem ); - return( ret ); + mbedtls_pem_free(&pem); + return ret; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + return ret; } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - return( ret ); #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN ENCRYPTED PRIVATE KEY-----", - "-----END ENCRYPTED PRIVATE KEY-----", - key, NULL, 0, &len ); - if( ret == 0 ) - { - if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, - pem.buf, pem.buflen, - pwd, pwdlen ) ) != 0 ) - { - mbedtls_pk_free( pk ); + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN ENCRYPTED PRIVATE KEY-----", + "-----END ENCRYPTED PRIVATE KEY-----", + key, NULL, 0, &len); + } + if (ret == 0) { + if ((ret = pk_parse_key_pkcs8_encrypted_der(pk, + pem.buf, pem.buflen, + pwd, pwdlen)) != 0) { + mbedtls_pk_free(pk); } - mbedtls_pem_free( &pem ); - return( ret ); + mbedtls_pem_free(&pem); + return ret; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + return ret; } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - return( ret ); #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ #else ((void) pwd); @@ -1350,61 +1364,59 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, { unsigned char *key_copy; - if( ( key_copy = mbedtls_calloc( 1, keylen ) ) == NULL ) - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + if ((key_copy = mbedtls_calloc(1, keylen)) == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } - memcpy( key_copy, key, keylen ); + memcpy(key_copy, key, keylen); - ret = pk_parse_key_pkcs8_encrypted_der( pk, key_copy, keylen, - pwd, pwdlen ); + ret = pk_parse_key_pkcs8_encrypted_der(pk, key_copy, keylen, + pwd, pwdlen); - mbedtls_platform_zeroize( key_copy, keylen ); - mbedtls_free( key_copy ); + mbedtls_platform_zeroize(key_copy, keylen); + mbedtls_free(key_copy); } - if( ret == 0 ) - return( 0 ); + if (ret == 0) { + return 0; + } - mbedtls_pk_free( pk ); - mbedtls_pk_init( pk ); + mbedtls_pk_free(pk); + mbedtls_pk_init(pk); - if( ret == MBEDTLS_ERR_PK_PASSWORD_MISMATCH ) - { - return( ret ); + if (ret == MBEDTLS_ERR_PK_PASSWORD_MISMATCH) { + return ret; } #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ - ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen ); - if( ret == 0 ) - { - return( 0 ); + ret = pk_parse_key_pkcs8_unencrypted_der(pk, key, keylen); + if (ret == 0) { + return 0; } - mbedtls_pk_free( pk ); - mbedtls_pk_init( pk ); + mbedtls_pk_free(pk); + mbedtls_pk_init(pk); #if defined(MBEDTLS_RSA_C) - pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ); - if( mbedtls_pk_setup( pk, pk_info ) == 0 && - pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), key, keylen ) == 0 ) - { - return( 0 ); + pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA); + if (mbedtls_pk_setup(pk, pk_info) == 0 && + pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), key, keylen) == 0) { + return 0; } - mbedtls_pk_free( pk ); - mbedtls_pk_init( pk ); + mbedtls_pk_free(pk); + mbedtls_pk_init(pk); #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ); - if( mbedtls_pk_setup( pk, pk_info ) == 0 && - pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), - key, keylen ) == 0 ) - { - return( 0 ); + pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY); + if (mbedtls_pk_setup(pk, pk_info) == 0 && + pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), + key, keylen) == 0) { + return 0; } - mbedtls_pk_free( pk ); + mbedtls_pk_free(pk); #endif /* MBEDTLS_ECP_C */ /* If MBEDTLS_RSA_C is defined but MBEDTLS_ECP_C isn't, @@ -1417,14 +1429,14 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, * also ok and in line with the mbedtls_pk_free() calls * on failed PEM parsing attempts. */ - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; } /* * Parse a public key */ -int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, - const unsigned char *key, size_t keylen ) +int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, + const unsigned char *key, size_t keylen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p; @@ -1436,104 +1448,100 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, mbedtls_pem_context pem; #endif - PK_VALIDATE_RET( ctx != NULL ); - if( keylen == 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); - PK_VALIDATE_RET( key != NULL || keylen == 0 ); + PK_VALIDATE_RET(ctx != NULL); + if (keylen == 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + PK_VALIDATE_RET(key != NULL || keylen == 0); #if defined(MBEDTLS_PEM_PARSE_C) - mbedtls_pem_init( &pem ); + mbedtls_pem_init(&pem); #if defined(MBEDTLS_RSA_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN RSA PUBLIC KEY-----", - "-----END RSA PUBLIC KEY-----", - key, NULL, 0, &len ); + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN RSA PUBLIC KEY-----", + "-----END RSA PUBLIC KEY-----", + key, NULL, 0, &len); + } - if( ret == 0 ) - { + if (ret == 0) { p = pem.buf; - if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL ) - { - mbedtls_pem_free( &pem ); - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); + if ((pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == NULL) { + mbedtls_pem_free(&pem); + return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; } - if( ( ret = mbedtls_pk_setup( ctx, pk_info ) ) != 0 ) - { - mbedtls_pem_free( &pem ); - return( ret ); + if ((ret = mbedtls_pk_setup(ctx, pk_info)) != 0) { + mbedtls_pem_free(&pem); + return ret; } - if ( ( ret = pk_get_rsapubkey( &p, p + pem.buflen, mbedtls_pk_rsa( *ctx ) ) ) != 0 ) - mbedtls_pk_free( ctx ); + if ((ret = pk_get_rsapubkey(&p, p + pem.buflen, mbedtls_pk_rsa(*ctx))) != 0) { + mbedtls_pk_free(ctx); + } - mbedtls_pem_free( &pem ); - return( ret ); - } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - { - mbedtls_pem_free( &pem ); - return( ret ); + mbedtls_pem_free(&pem); + return ret; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + mbedtls_pem_free(&pem); + return ret; } #endif /* MBEDTLS_RSA_C */ /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN PUBLIC KEY-----", - "-----END PUBLIC KEY-----", - key, NULL, 0, &len ); + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN PUBLIC KEY-----", + "-----END PUBLIC KEY-----", + key, NULL, 0, &len); + } - if( ret == 0 ) - { + if (ret == 0) { /* * Was PEM encoded */ p = pem.buf; - ret = mbedtls_pk_parse_subpubkey( &p, p + pem.buflen, ctx ); - mbedtls_pem_free( &pem ); - return( ret ); + ret = mbedtls_pk_parse_subpubkey(&p, p + pem.buflen, ctx); + mbedtls_pem_free(&pem); + return ret; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + mbedtls_pem_free(&pem); + return ret; } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - { - mbedtls_pem_free( &pem ); - return( ret ); - } - mbedtls_pem_free( &pem ); + mbedtls_pem_free(&pem); #endif /* MBEDTLS_PEM_PARSE_C */ #if defined(MBEDTLS_RSA_C) - if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL ) - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); + if ((pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == NULL) { + return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; + } - if( ( ret = mbedtls_pk_setup( ctx, pk_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_setup(ctx, pk_info)) != 0) { + return ret; + } - p = (unsigned char *)key; - ret = pk_get_rsapubkey( &p, p + keylen, mbedtls_pk_rsa( *ctx ) ); - if( ret == 0 ) - { - return( ret ); + p = (unsigned char *) key; + ret = pk_get_rsapubkey(&p, p + keylen, mbedtls_pk_rsa(*ctx)); + if (ret == 0) { + return ret; } - mbedtls_pk_free( ctx ); - if( ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) ) - { - return( ret ); + mbedtls_pk_free(ctx); + if (ret != (MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG))) { + return ret; } #endif /* MBEDTLS_RSA_C */ p = (unsigned char *) key; - ret = mbedtls_pk_parse_subpubkey( &p, p + keylen, ctx ); + ret = mbedtls_pk_parse_subpubkey(&p, p + keylen, ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_PK_PARSE_C */ diff --git a/library/pkwrite.c b/library/pkwrite.c index c1ce0e3f02f2..0107f20b1d0d 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -51,10 +51,10 @@ #include "mbedtls/platform.h" /* Parameter validation macros based on platform_util.h */ -#define PK_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA ) -#define PK_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define PK_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA) +#define PK_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #if defined(MBEDTLS_RSA_C) /* @@ -63,38 +63,41 @@ * publicExponent INTEGER -- e * } */ -static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start, - mbedtls_rsa_context *rsa ) +static int pk_write_rsa_pubkey(unsigned char **p, unsigned char *start, + mbedtls_rsa_context *rsa) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; mbedtls_mpi T; - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); /* Export E */ - if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, NULL, NULL, &T ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { goto end_of_export; + } len += ret; /* Export N */ - if ( ( ret = mbedtls_rsa_export( rsa, &T, NULL, NULL, NULL, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { goto end_of_export; + } len += ret; end_of_export: - mbedtls_mpi_free( &T ); - if( ret < 0 ) - return( ret ); + mbedtls_mpi_free(&T); + if (ret < 0) { + return ret; + } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( (int) len ); + return (int) len; } #endif /* MBEDTLS_RSA_C */ @@ -102,27 +105,27 @@ static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start, /* * EC public key is an EC point */ -static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start, - mbedtls_ecp_keypair *ec ) +static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, + mbedtls_ecp_keypair *ec) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN]; - if( ( ret = mbedtls_ecp_point_write_binary( &ec->grp, &ec->Q, - MBEDTLS_ECP_PF_UNCOMPRESSED, - &len, buf, sizeof( buf ) ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_ecp_point_write_binary(&ec->grp, &ec->Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + &len, buf, sizeof(buf))) != 0) { + return ret; } - if( *p < start || (size_t)( *p - start ) < len ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p < start || (size_t) (*p - start) < len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *p -= len; - memcpy( *p, buf, len ); + memcpy(*p, buf, len); - return( (int) len ); + return (int) len; } /* @@ -130,93 +133,91 @@ static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start, * namedCurve OBJECT IDENTIFIER * } */ -static int pk_write_ec_param( unsigned char **p, unsigned char *start, - mbedtls_ecp_keypair *ec ) +static int pk_write_ec_param(unsigned char **p, unsigned char *start, + mbedtls_ecp_keypair *ec) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; const char *oid; size_t oid_len; - if( ( ret = mbedtls_oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_oid_get_oid_by_ec_grp(ec->grp.id, &oid, &oid_len)) != 0) { + return ret; + } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len)); - return( (int) len ); + return (int) len; } /* * privateKey OCTET STRING -- always of length ceil(log2(n)/8) */ -static int pk_write_ec_private( unsigned char **p, unsigned char *start, - mbedtls_ecp_keypair *ec ) +static int pk_write_ec_private(unsigned char **p, unsigned char *start, + mbedtls_ecp_keypair *ec) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t byte_length = ( ec->grp.pbits + 7 ) / 8; + size_t byte_length = (ec->grp.pbits + 7) / 8; unsigned char tmp[MBEDTLS_ECP_MAX_BYTES]; - ret = mbedtls_ecp_write_key( ec, tmp, byte_length ); - if( ret != 0 ) + ret = mbedtls_ecp_write_key(ec, tmp, byte_length); + if (ret != 0) { goto exit; - ret = mbedtls_asn1_write_octet_string( p, start, tmp, byte_length ); + } + ret = mbedtls_asn1_write_octet_string(p, start, tmp, byte_length); exit: - mbedtls_platform_zeroize( tmp, byte_length ); - return( ret ); + mbedtls_platform_zeroize(tmp, byte_length); + return ret; } #endif /* MBEDTLS_ECP_C */ -int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, - const mbedtls_pk_context *key ) +int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, + const mbedtls_pk_context *key) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - PK_VALIDATE_RET( p != NULL ); - PK_VALIDATE_RET( *p != NULL ); - PK_VALIDATE_RET( start != NULL ); - PK_VALIDATE_RET( key != NULL ); + PK_VALIDATE_RET(p != NULL); + PK_VALIDATE_RET(*p != NULL); + PK_VALIDATE_RET(start != NULL); + PK_VALIDATE_RET(key != NULL); #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA ) - MBEDTLS_ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, mbedtls_pk_rsa( *key ) ) ); - else + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { + MBEDTLS_ASN1_CHK_ADD(len, pk_write_rsa_pubkey(p, start, mbedtls_pk_rsa(*key))); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY ) - MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, mbedtls_pk_ec( *key ) ) ); - else + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) { + MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_pubkey(p, start, mbedtls_pk_ec(*key))); + } else #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE ) - { + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) { size_t buffer_size; - psa_key_id_t* key_id = (psa_key_id_t*) key->pk_ctx; + psa_key_id_t *key_id = (psa_key_id_t *) key->pk_ctx; - if ( *p < start ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - buffer_size = (size_t)( *p - start ); - if ( psa_export_public_key( *key_id, start, buffer_size, &len ) - != PSA_SUCCESS ) - { - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (*p < start) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - else - { + + buffer_size = (size_t) (*p - start); + if (psa_export_public_key(*key_id, start, buffer_size, &len) + != PSA_SUCCESS) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } else { *p -= len; - memmove( *p, start, len ); + memmove(*p, start, len); } - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - return( (int) len ); + return (int) len; } -int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, size_t size ) +int mbedtls_pk_write_pubkey_der(mbedtls_pk_context *key, unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *c; @@ -224,17 +225,19 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si mbedtls_pk_type_t pk_type; const char *oid; - PK_VALIDATE_RET( key != NULL ); - if( size == 0 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - PK_VALIDATE_RET( buf != NULL ); + PK_VALIDATE_RET(key != NULL); + if (size == 0) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + PK_VALIDATE_RET(buf != NULL); c = buf + size; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_pk_write_pubkey(&c, buf, key)); - if( c - buf < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (c - buf < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } /* * SubjectPublicKeyInfo ::= SEQUENCE { @@ -244,162 +247,169 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si *--c = 0; len += 1; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING)); - pk_type = mbedtls_pk_get_type( key ); + pk_type = mbedtls_pk_get_type(key); #if defined(MBEDTLS_ECP_C) - if( pk_type == MBEDTLS_PK_ECKEY ) - { - MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, mbedtls_pk_ec( *key ) ) ); + if (pk_type == MBEDTLS_PK_ECKEY) { + MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, mbedtls_pk_ec(*key))); } #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( pk_type == MBEDTLS_PK_OPAQUE ) - { + if (pk_type == MBEDTLS_PK_OPAQUE) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type; psa_key_id_t key_id; psa_ecc_family_t curve; size_t bits; - key_id = *((psa_key_id_t*) key->pk_ctx ); - if( PSA_SUCCESS != psa_get_key_attributes( key_id, &attributes ) ) - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); - key_type = psa_get_key_type( &attributes ); - bits = psa_get_key_bits( &attributes ); - psa_reset_key_attributes( &attributes ); + key_id = *((psa_key_id_t *) key->pk_ctx); + if (PSA_SUCCESS != psa_get_key_attributes(key_id, &attributes)) { + return MBEDTLS_ERR_PK_HW_ACCEL_FAILED; + } + key_type = psa_get_key_type(&attributes); + bits = psa_get_key_bits(&attributes); + psa_reset_key_attributes(&attributes); - curve = PSA_KEY_TYPE_ECC_GET_FAMILY( key_type ); - if( curve == 0 ) - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + curve = PSA_KEY_TYPE_ECC_GET_FAMILY(key_type); + if (curve == 0) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } - ret = mbedtls_psa_get_ecc_oid_from_id( curve, bits, &oid, &oid_len ); - if( ret != 0 ) - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + ret = mbedtls_psa_get_ecc_oid_from_id(curve, bits, &oid, &oid_len); + if (ret != 0) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } /* Write EC algorithm parameters; that's akin * to pk_write_ec_param() above. */ - MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_oid( &c, buf, - oid, oid_len ) ); + MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_oid(&c, buf, + oid, oid_len)); /* The rest of the function works as for legacy EC contexts. */ pk_type = MBEDTLS_PK_ECKEY; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_oid_get_oid_by_pk_alg( pk_type, &oid, - &oid_len ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_oid_get_oid_by_pk_alg(pk_type, &oid, + &oid_len)) != 0) { + return ret; } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, buf, oid, oid_len, - par_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_algorithm_identifier(&c, buf, oid, oid_len, + par_len)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( (int) len ); + return (int) len; } -int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_t size ) +int mbedtls_pk_write_key_der(mbedtls_pk_context *key, unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *c; size_t len = 0; - PK_VALIDATE_RET( key != NULL ); - if( size == 0 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - PK_VALIDATE_RET( buf != NULL ); + PK_VALIDATE_RET(key != NULL); + if (size == 0) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + PK_VALIDATE_RET(buf != NULL); c = buf + size; #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA ) - { + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { mbedtls_mpi T; /* Temporary holding the exported parameters */ - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *key ); + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*key); /* * Export the parameters one after another to avoid simultaneous copies. */ - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); /* Export QP */ - if( ( ret = mbedtls_rsa_export_crt( rsa, NULL, NULL, &T ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export DQ */ - if( ( ret = mbedtls_rsa_export_crt( rsa, NULL, &T, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export DP */ - if( ( ret = mbedtls_rsa_export_crt( rsa, &T, NULL, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export Q */ - if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, - &T, NULL, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, + &T, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export P */ - if ( ( ret = mbedtls_rsa_export( rsa, NULL, &T, - NULL, NULL, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, NULL, &T, + NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export D */ - if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, - NULL, &T, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, + NULL, &T, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export E */ - if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, - NULL, NULL, &T ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, + NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export N */ - if ( ( ret = mbedtls_rsa_export( rsa, &T, NULL, - NULL, NULL, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, &T, NULL, + NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; - end_of_export: +end_of_export: - mbedtls_mpi_free( &T ); - if( ret < 0 ) - return( ret ); + mbedtls_mpi_free(&T); + if (ret < 0) { + return ret; + } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, - buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - } - else + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 0)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, + buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY ) - { - mbedtls_ecp_keypair *ec = mbedtls_pk_ec( *key ); + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*key); size_t pub_len = 0, par_len = 0; /* @@ -414,44 +424,46 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ */ /* publicKey */ - MBEDTLS_ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) ); + MBEDTLS_ASN1_CHK_ADD(pub_len, pk_write_ec_pubkey(&c, buf, ec)); - if( c - buf < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (c - buf < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--c = 0; pub_len += 1; - MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) ); - MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(&c, buf, pub_len)); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING)); - MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) ); - MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(&c, buf, pub_len)); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 1)); len += pub_len; /* parameters */ - MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) ); + MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, ec)); - MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_len( &c, buf, par_len ) ); - MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ); + MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_len(&c, buf, par_len)); + MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 0)); len += par_len; /* privateKey */ - MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_private( &c, buf, ec ) ); + MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(&c, buf, ec)); /* version */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 1 ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 1)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - } - else + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + } else #endif /* MBEDTLS_ECP_C */ - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - return( (int) len ); + return (int) len; } #if defined(MBEDTLS_PEM_WRITE_C) @@ -481,7 +493,7 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ * publicExponent INTEGER -- e 1 + 3 + MPI_MAX + 1 * } */ -#define RSA_PUB_DER_MAX_BYTES ( 38 + 2 * MBEDTLS_MPI_MAX_SIZE ) +#define RSA_PUB_DER_MAX_BYTES (38 + 2 * MBEDTLS_MPI_MAX_SIZE) /* * RSA private keys: @@ -498,10 +510,10 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ * otherPrimeInfos OtherPrimeInfos OPTIONAL 0 (not supported) * } */ -#define MPI_MAX_SIZE_2 ( MBEDTLS_MPI_MAX_SIZE / 2 + \ - MBEDTLS_MPI_MAX_SIZE % 2 ) -#define RSA_PRV_DER_MAX_BYTES ( 47 + 3 * MBEDTLS_MPI_MAX_SIZE \ - + 5 * MPI_MAX_SIZE_2 ) +#define MPI_MAX_SIZE_2 (MBEDTLS_MPI_MAX_SIZE / 2 + \ + MBEDTLS_MPI_MAX_SIZE % 2) +#define RSA_PRV_DER_MAX_BYTES (47 + 3 * MBEDTLS_MPI_MAX_SIZE \ + + 5 * MPI_MAX_SIZE_2) #else /* MBEDTLS_RSA_C */ @@ -522,7 +534,7 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ * + 2 * ECP_MAX (coords) [1] * } */ -#define ECP_PUB_DER_MAX_BYTES ( 30 + 2 * MBEDTLS_ECP_MAX_BYTES ) +#define ECP_PUB_DER_MAX_BYTES (30 + 2 * MBEDTLS_ECP_MAX_BYTES) /* * EC private keys: @@ -533,7 +545,7 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ * publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above * } */ -#define ECP_PRV_DER_MAX_BYTES ( 29 + 3 * MBEDTLS_ECP_MAX_BYTES ) +#define ECP_PRV_DER_MAX_BYTES (29 + 3 * MBEDTLS_ECP_MAX_BYTES) #else /* MBEDTLS_ECP_C */ @@ -542,75 +554,69 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ #endif /* MBEDTLS_ECP_C */ -#define PUB_DER_MAX_BYTES ( RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \ - RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES ) -#define PRV_DER_MAX_BYTES ( RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \ - RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES ) +#define PUB_DER_MAX_BYTES (RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \ + RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES) +#define PRV_DER_MAX_BYTES (RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \ + RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES) -int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size ) +int mbedtls_pk_write_pubkey_pem(mbedtls_pk_context *key, unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output_buf[PUB_DER_MAX_BYTES]; size_t olen = 0; - PK_VALIDATE_RET( key != NULL ); - PK_VALIDATE_RET( buf != NULL || size == 0 ); + PK_VALIDATE_RET(key != NULL); + PK_VALIDATE_RET(buf != NULL || size == 0); - if( ( ret = mbedtls_pk_write_pubkey_der( key, output_buf, - sizeof(output_buf) ) ) < 0 ) - { - return( ret ); + if ((ret = mbedtls_pk_write_pubkey_der(key, output_buf, + sizeof(output_buf))) < 0) { + return ret; } - if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, - output_buf + sizeof(output_buf) - ret, - ret, buf, size, &olen ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, + output_buf + sizeof(output_buf) - ret, + ret, buf, size, &olen)) != 0) { + return ret; } - return( 0 ); + return 0; } -int mbedtls_pk_write_key_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size ) +int mbedtls_pk_write_key_pem(mbedtls_pk_context *key, unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output_buf[PRV_DER_MAX_BYTES]; const char *begin, *end; size_t olen = 0; - PK_VALIDATE_RET( key != NULL ); - PK_VALIDATE_RET( buf != NULL || size == 0 ); + PK_VALIDATE_RET(key != NULL); + PK_VALIDATE_RET(buf != NULL || size == 0); - if( ( ret = mbedtls_pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 ) - return( ret ); + if ((ret = mbedtls_pk_write_key_der(key, output_buf, sizeof(output_buf))) < 0) { + return ret; + } #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA ) - { + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { begin = PEM_BEGIN_PRIVATE_KEY_RSA; end = PEM_END_PRIVATE_KEY_RSA; - } - else + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY ) - { + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) { begin = PEM_BEGIN_PRIVATE_KEY_EC; end = PEM_END_PRIVATE_KEY_EC; - } - else + } else #endif - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - if( ( ret = mbedtls_pem_write_buffer( begin, end, - output_buf + sizeof(output_buf) - ret, - ret, buf, size, &olen ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pem_write_buffer(begin, end, + output_buf + sizeof(output_buf) - ret, + ret, buf, size, &olen)) != 0) { + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_PEM_WRITE_C */ diff --git a/library/platform.c b/library/platform.c index e742fde7ccc5..c8b0328d1da2 100644 --- a/library/platform.c +++ b/library/platform.c @@ -30,22 +30,22 @@ * configuration via mbedtls_platform_set_calloc_free(). So, omit everything * related to the latter if MBEDTLS_PLATFORM_{FREE/CALLOC}_MACRO are defined. */ #if defined(MBEDTLS_PLATFORM_MEMORY) && \ - !( defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && \ - defined(MBEDTLS_PLATFORM_FREE_MACRO) ) + !(defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && \ + defined(MBEDTLS_PLATFORM_FREE_MACRO)) #if !defined(MBEDTLS_PLATFORM_STD_CALLOC) -static void *platform_calloc_uninit( size_t n, size_t size ) +static void *platform_calloc_uninit(size_t n, size_t size) { ((void) n); ((void) size); - return( NULL ); + return NULL; } #define MBEDTLS_PLATFORM_STD_CALLOC platform_calloc_uninit #endif /* !MBEDTLS_PLATFORM_STD_CALLOC */ #if !defined(MBEDTLS_PLATFORM_STD_FREE) -static void platform_free_uninit( void *ptr ) +static void platform_free_uninit(void *ptr) { ((void) ptr); } @@ -53,25 +53,25 @@ static void platform_free_uninit( void *ptr ) #define MBEDTLS_PLATFORM_STD_FREE platform_free_uninit #endif /* !MBEDTLS_PLATFORM_STD_FREE */ -static void * (*mbedtls_calloc_func)( size_t, size_t ) = MBEDTLS_PLATFORM_STD_CALLOC; -static void (*mbedtls_free_func)( void * ) = MBEDTLS_PLATFORM_STD_FREE; +static void * (*mbedtls_calloc_func)(size_t, size_t) = MBEDTLS_PLATFORM_STD_CALLOC; +static void (*mbedtls_free_func)(void *) = MBEDTLS_PLATFORM_STD_FREE; -void * mbedtls_calloc( size_t nmemb, size_t size ) +void *mbedtls_calloc(size_t nmemb, size_t size) { - return (*mbedtls_calloc_func)( nmemb, size ); + return (*mbedtls_calloc_func)(nmemb, size); } -void mbedtls_free( void * ptr ) +void mbedtls_free(void *ptr) { - (*mbedtls_free_func)( ptr ); + (*mbedtls_free_func)(ptr); } -int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), - void (*free_func)( void * ) ) +int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t), + void (*free_func)(void *)) { mbedtls_calloc_func = calloc_func; mbedtls_free_func = free_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_MEMORY && !( defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && @@ -79,16 +79,16 @@ int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF) #include -int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ) +int mbedtls_platform_win32_snprintf(char *s, size_t n, const char *fmt, ...) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; va_list argp; - va_start( argp, fmt ); - ret = mbedtls_vsnprintf( s, n, fmt, argp ); - va_end( argp ); + va_start(argp, fmt); + ret = mbedtls_vsnprintf(s, n, fmt, argp); + va_end(argp); - return( ret ); + return ret; } #endif @@ -97,53 +97,53 @@ int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ) /* * Make dummy function to prevent NULL pointer dereferences */ -static int platform_snprintf_uninit( char * s, size_t n, - const char * format, ... ) +static int platform_snprintf_uninit(char *s, size_t n, + const char *format, ...) { ((void) s); ((void) n); ((void) format); - return( 0 ); + return 0; } #define MBEDTLS_PLATFORM_STD_SNPRINTF platform_snprintf_uninit #endif /* !MBEDTLS_PLATFORM_STD_SNPRINTF */ -int (*mbedtls_snprintf)( char * s, size_t n, - const char * format, - ... ) = MBEDTLS_PLATFORM_STD_SNPRINTF; +int (*mbedtls_snprintf)(char *s, size_t n, + const char *format, + ...) = MBEDTLS_PLATFORM_STD_SNPRINTF; -int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, - const char * format, - ... ) ) +int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n, + const char *format, + ...)) { mbedtls_snprintf = snprintf_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF) #include -int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg ) +int mbedtls_platform_win32_vsnprintf(char *s, size_t n, const char *fmt, va_list arg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Avoid calling the invalid parameter handler by checking ourselves */ - if( s == NULL || n == 0 || fmt == NULL ) - return( -1 ); + if (s == NULL || n == 0 || fmt == NULL) { + return -1; + } #if defined(_TRUNCATE) - ret = vsnprintf_s( s, n, _TRUNCATE, fmt, arg ); + ret = vsnprintf_s(s, n, _TRUNCATE, fmt, arg); #else - ret = vsnprintf( s, n, fmt, arg ); - if( ret < 0 || (size_t) ret == n ) - { + ret = vsnprintf(s, n, fmt, arg); + if (ret < 0 || (size_t) ret == n) { s[n-1] = '\0'; ret = -1; } #endif - return( ret ); + return ret; } #endif @@ -152,29 +152,29 @@ int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_lis /* * Make dummy function to prevent NULL pointer dereferences */ -static int platform_vsnprintf_uninit( char * s, size_t n, - const char * format, va_list arg ) +static int platform_vsnprintf_uninit(char *s, size_t n, + const char *format, va_list arg) { ((void) s); ((void) n); ((void) format); ((void) arg); - return( -1 ); + return -1; } #define MBEDTLS_PLATFORM_STD_VSNPRINTF platform_vsnprintf_uninit #endif /* !MBEDTLS_PLATFORM_STD_VSNPRINTF */ -int (*mbedtls_vsnprintf)( char * s, size_t n, - const char * format, - va_list arg ) = MBEDTLS_PLATFORM_STD_VSNPRINTF; +int (*mbedtls_vsnprintf)(char *s, size_t n, + const char *format, + va_list arg) = MBEDTLS_PLATFORM_STD_VSNPRINTF; -int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n, - const char * format, - va_list arg ) ) +int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n, + const char *format, + va_list arg)) { mbedtls_vsnprintf = vsnprintf_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ @@ -183,21 +183,21 @@ int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n, /* * Make dummy function to prevent NULL pointer dereferences */ -static int platform_printf_uninit( const char *format, ... ) +static int platform_printf_uninit(const char *format, ...) { ((void) format); - return( 0 ); + return 0; } #define MBEDTLS_PLATFORM_STD_PRINTF platform_printf_uninit #endif /* !MBEDTLS_PLATFORM_STD_PRINTF */ -int (*mbedtls_printf)( const char *, ... ) = MBEDTLS_PLATFORM_STD_PRINTF; +int (*mbedtls_printf)(const char *, ...) = MBEDTLS_PLATFORM_STD_PRINTF; -int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ) +int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...)) { mbedtls_printf = printf_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ @@ -206,23 +206,23 @@ int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ) /* * Make dummy function to prevent NULL pointer dereferences */ -static int platform_fprintf_uninit( FILE *stream, const char *format, ... ) +static int platform_fprintf_uninit(FILE *stream, const char *format, ...) { ((void) stream); ((void) format); - return( 0 ); + return 0; } #define MBEDTLS_PLATFORM_STD_FPRINTF platform_fprintf_uninit #endif /* !MBEDTLS_PLATFORM_STD_FPRINTF */ -int (*mbedtls_fprintf)( FILE *, const char *, ... ) = - MBEDTLS_PLATFORM_STD_FPRINTF; +int (*mbedtls_fprintf)(FILE *, const char *, ...) = + MBEDTLS_PLATFORM_STD_FPRINTF; -int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *, const char *, ... ) ) +int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *, const char *, ...)) { mbedtls_fprintf = fprintf_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ @@ -231,7 +231,7 @@ int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *, const char *, ... /* * Make dummy function to prevent NULL pointer dereferences */ -static void platform_exit_uninit( int status ) +static void platform_exit_uninit(int status) { ((void) status); } @@ -239,12 +239,12 @@ static void platform_exit_uninit( int status ) #define MBEDTLS_PLATFORM_STD_EXIT platform_exit_uninit #endif /* !MBEDTLS_PLATFORM_STD_EXIT */ -void (*mbedtls_exit)( int status ) = MBEDTLS_PLATFORM_STD_EXIT; +void (*mbedtls_exit)(int status) = MBEDTLS_PLATFORM_STD_EXIT; -int mbedtls_platform_set_exit( void (*exit_func)( int status ) ) +int mbedtls_platform_set_exit(void (*exit_func)(int status)) { mbedtls_exit = exit_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_EXIT_ALT */ @@ -255,21 +255,21 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) ) /* * Make dummy function to prevent NULL pointer dereferences */ -static mbedtls_time_t platform_time_uninit( mbedtls_time_t* timer ) +static mbedtls_time_t platform_time_uninit(mbedtls_time_t *timer) { ((void) timer); - return( 0 ); + return 0; } #define MBEDTLS_PLATFORM_STD_TIME platform_time_uninit #endif /* !MBEDTLS_PLATFORM_STD_TIME */ -mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* timer ) = MBEDTLS_PLATFORM_STD_TIME; +mbedtls_time_t (*mbedtls_time)(mbedtls_time_t *timer) = MBEDTLS_PLATFORM_STD_TIME; -int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* timer ) ) +int mbedtls_platform_set_time(mbedtls_time_t (*time_func)(mbedtls_time_t *timer)) { mbedtls_time = time_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_TIME_ALT */ @@ -280,41 +280,41 @@ int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time /* Default implementations for the platform independent seed functions use * standard libc file functions to read from and write to a pre-defined filename */ -int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len ) +int mbedtls_platform_std_nv_seed_read(unsigned char *buf, size_t buf_len) { FILE *file; size_t n; - if( ( file = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb" ) ) == NULL ) - return( -1 ); + if ((file = fopen(MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb")) == NULL) { + return -1; + } - if( ( n = fread( buf, 1, buf_len, file ) ) != buf_len ) - { - fclose( file ); - mbedtls_platform_zeroize( buf, buf_len ); - return( -1 ); + if ((n = fread(buf, 1, buf_len, file)) != buf_len) { + fclose(file); + mbedtls_platform_zeroize(buf, buf_len); + return -1; } - fclose( file ); - return( (int)n ); + fclose(file); + return (int) n; } -int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len ) +int mbedtls_platform_std_nv_seed_write(unsigned char *buf, size_t buf_len) { FILE *file; size_t n; - if( ( file = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w" ) ) == NULL ) + if ((file = fopen(MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w")) == NULL) { return -1; + } - if( ( n = fwrite( buf, 1, buf_len, file ) ) != buf_len ) - { - fclose( file ); + if ((n = fwrite(buf, 1, buf_len, file)) != buf_len) { + fclose(file); return -1; } - fclose( file ); - return( (int)n ); + fclose(file); + return (int) n; } #endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ @@ -323,11 +323,11 @@ int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len ) /* * Make dummy function to prevent NULL pointer dereferences */ -static int platform_nv_seed_read_uninit( unsigned char *buf, size_t buf_len ) +static int platform_nv_seed_read_uninit(unsigned char *buf, size_t buf_len) { ((void) buf); ((void) buf_len); - return( -1 ); + return -1; } #define MBEDTLS_PLATFORM_STD_NV_SEED_READ platform_nv_seed_read_uninit @@ -337,28 +337,28 @@ static int platform_nv_seed_read_uninit( unsigned char *buf, size_t buf_len ) /* * Make dummy function to prevent NULL pointer dereferences */ -static int platform_nv_seed_write_uninit( unsigned char *buf, size_t buf_len ) +static int platform_nv_seed_write_uninit(unsigned char *buf, size_t buf_len) { ((void) buf); ((void) buf_len); - return( -1 ); + return -1; } #define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE platform_nv_seed_write_uninit #endif /* !MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */ -int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ) = - MBEDTLS_PLATFORM_STD_NV_SEED_READ; -int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ) = - MBEDTLS_PLATFORM_STD_NV_SEED_WRITE; +int (*mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len) = + MBEDTLS_PLATFORM_STD_NV_SEED_READ; +int (*mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len) = + MBEDTLS_PLATFORM_STD_NV_SEED_WRITE; int mbedtls_platform_set_nv_seed( - int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ), - int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len ) ) + int (*nv_seed_read_func)(unsigned char *buf, size_t buf_len), + int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len)) { mbedtls_nv_seed_read = nv_seed_read_func; mbedtls_nv_seed_write = nv_seed_write_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */ #endif /* MBEDTLS_ENTROPY_NV_SEED */ @@ -367,19 +367,19 @@ int mbedtls_platform_set_nv_seed( /* * Placeholder platform setup that does nothing by default */ -int mbedtls_platform_setup( mbedtls_platform_context *ctx ) +int mbedtls_platform_setup(mbedtls_platform_context *ctx) { - (void)ctx; + (void) ctx; - return( 0 ); + return 0; } /* * Placeholder platform teardown that does nothing by default */ -void mbedtls_platform_teardown( mbedtls_platform_context *ctx ) +void mbedtls_platform_teardown(mbedtls_platform_context *ctx) { - (void)ctx; + (void) ctx; } #endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ diff --git a/library/platform_util.c b/library/platform_util.c index 98fe5deb2de0..3783f0eb8445 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -62,14 +62,15 @@ * mbedtls_platform_zeroize() to use a suitable implementation for their * platform and needs. */ -static void * (* const volatile memset_func)( void *, int, size_t ) = memset; +static void *(*const volatile memset_func)(void *, int, size_t) = memset; -void mbedtls_platform_zeroize( void *buf, size_t len ) +void mbedtls_platform_zeroize(void *buf, size_t len) { - MBEDTLS_INTERNAL_VALIDATE( len == 0 || buf != NULL ); + MBEDTLS_INTERNAL_VALIDATE(len == 0 || buf != NULL); - if( len > 0 ) - memset_func( buf, 0, len ); + if (len > 0) { + memset_func(buf, 0, len); + } } #endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */ @@ -82,9 +83,9 @@ void mbedtls_platform_zeroize( void *buf, size_t len ) #endif /* !_WIN32 && (unix || __unix || __unix__ || * (__APPLE__ && __MACH__)) */ -#if !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ - ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ - _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) ) +#if !((defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L) || \ + (defined(_POSIX_THREAD_SAFE_FUNCTIONS) && \ + _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L)) /* * This is a convenience shorthand macro to avoid checking the long * preprocessor conditions above. Ideally, we could expose this macro in @@ -92,42 +93,43 @@ void mbedtls_platform_zeroize( void *buf, size_t len ) * threading.h. However, this macro is not part of the Mbed TLS public API, so * we keep it private by only defining it in this file */ -#if ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) +#if !(defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)) #define PLATFORM_UTIL_USE_GMTIME #endif /* ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) */ -#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ - ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ +#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ + ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) ) */ -struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt, - struct tm *tm_buf ) +struct tm *mbedtls_platform_gmtime_r(const mbedtls_time_t *tt, + struct tm *tm_buf) { #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) - return( ( gmtime_s( tm_buf, tt ) == 0 ) ? tm_buf : NULL ); + return (gmtime_s(tm_buf, tt) == 0) ? tm_buf : NULL; #elif !defined(PLATFORM_UTIL_USE_GMTIME) - return( gmtime_r( tt, tm_buf ) ); + return gmtime_r(tt, tm_buf); #else struct tm *lt; #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_lock( &mbedtls_threading_gmtime_mutex ) != 0 ) - return( NULL ); + if (mbedtls_mutex_lock(&mbedtls_threading_gmtime_mutex) != 0) { + return NULL; + } #endif /* MBEDTLS_THREADING_C */ - lt = gmtime( tt ); + lt = gmtime(tt); - if( lt != NULL ) - { - memcpy( tm_buf, lt, sizeof( struct tm ) ); + if (lt != NULL) { + memcpy(tm_buf, lt, sizeof(struct tm)); } #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &mbedtls_threading_gmtime_mutex ) != 0 ) - return( NULL ); + if (mbedtls_mutex_unlock(&mbedtls_threading_gmtime_mutex) != 0) { + return NULL; + } #endif /* MBEDTLS_THREADING_C */ - return( ( lt == NULL ) ? NULL : tm_buf ); + return (lt == NULL) ? NULL : tm_buf; #endif /* _WIN32 && !EFIX64 && !EFI32 */ } #endif /* MBEDTLS_HAVE_TIME_DATE && MBEDTLS_PLATFORM_GMTIME_R_ALT */ diff --git a/library/poly1305.c b/library/poly1305.c index a1c5b19d8e89..510a45a698d2 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -33,19 +33,19 @@ #if !defined(MBEDTLS_POLY1305_ALT) /* Parameter validation macros */ -#define POLY1305_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ) -#define POLY1305_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define POLY1305_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA) +#define POLY1305_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) -#define POLY1305_BLOCK_SIZE_BYTES ( 16U ) +#define POLY1305_BLOCK_SIZE_BYTES (16U) /* * Our implementation is tuned for 32-bit platforms with a 64-bit multiplier. * However we provided an alternative for platforms without such a multiplier. */ #if defined(MBEDTLS_NO_64BIT_MULTIPLICATION) -static uint64_t mul64( uint32_t a, uint32_t b ) +static uint64_t mul64(uint32_t a, uint32_t b) { /* a = al + 2**16 ah, b = bl + 2**16 bh */ const uint16_t al = (uint16_t) a; @@ -55,15 +55,15 @@ static uint64_t mul64( uint32_t a, uint32_t b ) /* ab = al*bl + 2**16 (ah*bl + bl*bh) + 2**32 ah*bh */ const uint32_t lo = (uint32_t) al * bl; - const uint64_t me = (uint64_t)( (uint32_t) ah * bl ) + (uint32_t) al * bh; + const uint64_t me = (uint64_t) ((uint32_t) ah * bl) + (uint32_t) al * bh; const uint32_t hi = (uint32_t) ah * bh; - return( lo + ( me << 16 ) + ( (uint64_t) hi << 32 ) ); + return lo + (me << 16) + ((uint64_t) hi << 32); } #else -static inline uint64_t mul64( uint32_t a, uint32_t b ) +static inline uint64_t mul64(uint32_t a, uint32_t b) { - return( (uint64_t) a * b ); + return (uint64_t) a * b; } #endif @@ -79,10 +79,10 @@ static inline uint64_t mul64( uint32_t a, uint32_t b ) * applied to the input data before calling this * function. Otherwise, set this parameter to 1. */ -static void poly1305_process( mbedtls_poly1305_context *ctx, - size_t nblocks, - const unsigned char *input, - uint32_t needs_padding ) +static void poly1305_process(mbedtls_poly1305_context *ctx, + size_t nblocks, + const unsigned char *input, + uint32_t needs_padding) { uint64_t d0, d1, d2, d3; uint32_t acc0, acc1, acc2, acc3, acc4; @@ -96,9 +96,9 @@ static void poly1305_process( mbedtls_poly1305_context *ctx, r2 = ctx->r[2]; r3 = ctx->r[3]; - rs1 = r1 + ( r1 >> 2U ); - rs2 = r2 + ( r2 >> 2U ); - rs3 = r3 + ( r3 >> 2U ); + rs1 = r1 + (r1 >> 2U); + rs2 = r2 + (r2 >> 2U); + rs3 = r3 + (r3 >> 2U); acc0 = ctx->acc[0]; acc1 = ctx->acc[1]; @@ -107,67 +107,66 @@ static void poly1305_process( mbedtls_poly1305_context *ctx, acc4 = ctx->acc[4]; /* Process full blocks */ - for( i = 0U; i < nblocks; i++ ) - { + for (i = 0U; i < nblocks; i++) { /* The input block is treated as a 128-bit little-endian integer */ - d0 = MBEDTLS_GET_UINT32_LE( input, offset + 0 ); - d1 = MBEDTLS_GET_UINT32_LE( input, offset + 4 ); - d2 = MBEDTLS_GET_UINT32_LE( input, offset + 8 ); - d3 = MBEDTLS_GET_UINT32_LE( input, offset + 12 ); + d0 = MBEDTLS_GET_UINT32_LE(input, offset + 0); + d1 = MBEDTLS_GET_UINT32_LE(input, offset + 4); + d2 = MBEDTLS_GET_UINT32_LE(input, offset + 8); + d3 = MBEDTLS_GET_UINT32_LE(input, offset + 12); /* Compute: acc += (padded) block as a 130-bit integer */ d0 += (uint64_t) acc0; - d1 += (uint64_t) acc1 + ( d0 >> 32U ); - d2 += (uint64_t) acc2 + ( d1 >> 32U ); - d3 += (uint64_t) acc3 + ( d2 >> 32U ); + d1 += (uint64_t) acc1 + (d0 >> 32U); + d2 += (uint64_t) acc2 + (d1 >> 32U); + d3 += (uint64_t) acc3 + (d2 >> 32U); acc0 = (uint32_t) d0; acc1 = (uint32_t) d1; acc2 = (uint32_t) d2; acc3 = (uint32_t) d3; - acc4 += (uint32_t) ( d3 >> 32U ) + needs_padding; + acc4 += (uint32_t) (d3 >> 32U) + needs_padding; /* Compute: acc *= r */ - d0 = mul64( acc0, r0 ) + - mul64( acc1, rs3 ) + - mul64( acc2, rs2 ) + - mul64( acc3, rs1 ); - d1 = mul64( acc0, r1 ) + - mul64( acc1, r0 ) + - mul64( acc2, rs3 ) + - mul64( acc3, rs2 ) + - mul64( acc4, rs1 ); - d2 = mul64( acc0, r2 ) + - mul64( acc1, r1 ) + - mul64( acc2, r0 ) + - mul64( acc3, rs3 ) + - mul64( acc4, rs2 ); - d3 = mul64( acc0, r3 ) + - mul64( acc1, r2 ) + - mul64( acc2, r1 ) + - mul64( acc3, r0 ) + - mul64( acc4, rs3 ); + d0 = mul64(acc0, r0) + + mul64(acc1, rs3) + + mul64(acc2, rs2) + + mul64(acc3, rs1); + d1 = mul64(acc0, r1) + + mul64(acc1, r0) + + mul64(acc2, rs3) + + mul64(acc3, rs2) + + mul64(acc4, rs1); + d2 = mul64(acc0, r2) + + mul64(acc1, r1) + + mul64(acc2, r0) + + mul64(acc3, rs3) + + mul64(acc4, rs2); + d3 = mul64(acc0, r3) + + mul64(acc1, r2) + + mul64(acc2, r1) + + mul64(acc3, r0) + + mul64(acc4, rs3); acc4 *= r0; /* Compute: acc %= (2^130 - 5) (partial remainder) */ - d1 += ( d0 >> 32 ); - d2 += ( d1 >> 32 ); - d3 += ( d2 >> 32 ); + d1 += (d0 >> 32); + d2 += (d1 >> 32); + d3 += (d2 >> 32); acc0 = (uint32_t) d0; acc1 = (uint32_t) d1; acc2 = (uint32_t) d2; acc3 = (uint32_t) d3; - acc4 = (uint32_t) ( d3 >> 32 ) + acc4; + acc4 = (uint32_t) (d3 >> 32) + acc4; - d0 = (uint64_t) acc0 + ( acc4 >> 2 ) + ( acc4 & 0xFFFFFFFCU ); + d0 = (uint64_t) acc0 + (acc4 >> 2) + (acc4 & 0xFFFFFFFCU); acc4 &= 3U; acc0 = (uint32_t) d0; - d0 = (uint64_t) acc1 + ( d0 >> 32U ); + d0 = (uint64_t) acc1 + (d0 >> 32U); acc1 = (uint32_t) d0; - d0 = (uint64_t) acc2 + ( d0 >> 32U ); + d0 = (uint64_t) acc2 + (d0 >> 32U); acc2 = (uint32_t) d0; - d0 = (uint64_t) acc3 + ( d0 >> 32U ); + d0 = (uint64_t) acc3 + (d0 >> 32U); acc3 = (uint32_t) d0; - d0 = (uint64_t) acc4 + ( d0 >> 32U ); + d0 = (uint64_t) acc4 + (d0 >> 32U); acc4 = (uint32_t) d0; offset += POLY1305_BLOCK_SIZE_BYTES; @@ -187,8 +186,8 @@ static void poly1305_process( mbedtls_poly1305_context *ctx, * \param mac The buffer to where the MAC is written. Must be * big enough to contain the 16-byte MAC. */ -static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, - unsigned char mac[16] ) +static void poly1305_compute_mac(const mbedtls_poly1305_context *ctx, + unsigned char mac[16]) { uint64_t d; uint32_t g0, g1, g2, g3, g4; @@ -208,73 +207,74 @@ static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, */ /* Calculate acc + -(2^130 - 5) */ - d = ( (uint64_t) acc0 + 5U ); + d = ((uint64_t) acc0 + 5U); g0 = (uint32_t) d; - d = ( (uint64_t) acc1 + ( d >> 32 ) ); + d = ((uint64_t) acc1 + (d >> 32)); g1 = (uint32_t) d; - d = ( (uint64_t) acc2 + ( d >> 32 ) ); + d = ((uint64_t) acc2 + (d >> 32)); g2 = (uint32_t) d; - d = ( (uint64_t) acc3 + ( d >> 32 ) ); + d = ((uint64_t) acc3 + (d >> 32)); g3 = (uint32_t) d; - g4 = acc4 + (uint32_t) ( d >> 32U ); + g4 = acc4 + (uint32_t) (d >> 32U); /* mask == 0xFFFFFFFF if 131st bit is set, otherwise mask == 0 */ - mask = (uint32_t) 0U - ( g4 >> 2U ); + mask = (uint32_t) 0U - (g4 >> 2U); mask_inv = ~mask; /* If 131st bit is set then acc=g, otherwise, acc is unmodified */ - acc0 = ( acc0 & mask_inv ) | ( g0 & mask ); - acc1 = ( acc1 & mask_inv ) | ( g1 & mask ); - acc2 = ( acc2 & mask_inv ) | ( g2 & mask ); - acc3 = ( acc3 & mask_inv ) | ( g3 & mask ); + acc0 = (acc0 & mask_inv) | (g0 & mask); + acc1 = (acc1 & mask_inv) | (g1 & mask); + acc2 = (acc2 & mask_inv) | (g2 & mask); + acc3 = (acc3 & mask_inv) | (g3 & mask); /* Add 's' */ d = (uint64_t) acc0 + ctx->s[0]; acc0 = (uint32_t) d; - d = (uint64_t) acc1 + ctx->s[1] + ( d >> 32U ); + d = (uint64_t) acc1 + ctx->s[1] + (d >> 32U); acc1 = (uint32_t) d; - d = (uint64_t) acc2 + ctx->s[2] + ( d >> 32U ); + d = (uint64_t) acc2 + ctx->s[2] + (d >> 32U); acc2 = (uint32_t) d; - acc3 += ctx->s[3] + (uint32_t) ( d >> 32U ); + acc3 += ctx->s[3] + (uint32_t) (d >> 32U); /* Compute MAC (128 least significant bits of the accumulator) */ - MBEDTLS_PUT_UINT32_LE( acc0, mac, 0 ); - MBEDTLS_PUT_UINT32_LE( acc1, mac, 4 ); - MBEDTLS_PUT_UINT32_LE( acc2, mac, 8 ); - MBEDTLS_PUT_UINT32_LE( acc3, mac, 12 ); + MBEDTLS_PUT_UINT32_LE(acc0, mac, 0); + MBEDTLS_PUT_UINT32_LE(acc1, mac, 4); + MBEDTLS_PUT_UINT32_LE(acc2, mac, 8); + MBEDTLS_PUT_UINT32_LE(acc3, mac, 12); } -void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ) +void mbedtls_poly1305_init(mbedtls_poly1305_context *ctx) { - POLY1305_VALIDATE( ctx != NULL ); + POLY1305_VALIDATE(ctx != NULL); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_poly1305_context)); } -void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx ) +void mbedtls_poly1305_free(mbedtls_poly1305_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_poly1305_context)); } -int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, - const unsigned char key[32] ) +int mbedtls_poly1305_starts(mbedtls_poly1305_context *ctx, + const unsigned char key[32]) { - POLY1305_VALIDATE_RET( ctx != NULL ); - POLY1305_VALIDATE_RET( key != NULL ); + POLY1305_VALIDATE_RET(ctx != NULL); + POLY1305_VALIDATE_RET(key != NULL); /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */ - ctx->r[0] = MBEDTLS_GET_UINT32_LE( key, 0 ) & 0x0FFFFFFFU; - ctx->r[1] = MBEDTLS_GET_UINT32_LE( key, 4 ) & 0x0FFFFFFCU; - ctx->r[2] = MBEDTLS_GET_UINT32_LE( key, 8 ) & 0x0FFFFFFCU; - ctx->r[3] = MBEDTLS_GET_UINT32_LE( key, 12 ) & 0x0FFFFFFCU; + ctx->r[0] = MBEDTLS_GET_UINT32_LE(key, 0) & 0x0FFFFFFFU; + ctx->r[1] = MBEDTLS_GET_UINT32_LE(key, 4) & 0x0FFFFFFCU; + ctx->r[2] = MBEDTLS_GET_UINT32_LE(key, 8) & 0x0FFFFFFCU; + ctx->r[3] = MBEDTLS_GET_UINT32_LE(key, 12) & 0x0FFFFFFCU; - ctx->s[0] = MBEDTLS_GET_UINT32_LE( key, 16 ); - ctx->s[1] = MBEDTLS_GET_UINT32_LE( key, 20 ); - ctx->s[2] = MBEDTLS_GET_UINT32_LE( key, 24 ); - ctx->s[3] = MBEDTLS_GET_UINT32_LE( key, 28 ); + ctx->s[0] = MBEDTLS_GET_UINT32_LE(key, 16); + ctx->s[1] = MBEDTLS_GET_UINT32_LE(key, 20); + ctx->s[2] = MBEDTLS_GET_UINT32_LE(key, 24); + ctx->s[3] = MBEDTLS_GET_UINT32_LE(key, 28); /* Initial accumulator state */ ctx->acc[0] = 0U; @@ -284,129 +284,124 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, ctx->acc[4] = 0U; /* Queue initially empty */ - mbedtls_platform_zeroize( ctx->queue, sizeof( ctx->queue ) ); + mbedtls_platform_zeroize(ctx->queue, sizeof(ctx->queue)); ctx->queue_len = 0U; - return( 0 ); + return 0; } -int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_poly1305_update(mbedtls_poly1305_context *ctx, + const unsigned char *input, + size_t ilen) { size_t offset = 0U; size_t remaining = ilen; size_t queue_free_len; size_t nblocks; - POLY1305_VALIDATE_RET( ctx != NULL ); - POLY1305_VALIDATE_RET( ilen == 0 || input != NULL ); + POLY1305_VALIDATE_RET(ctx != NULL); + POLY1305_VALIDATE_RET(ilen == 0 || input != NULL); - if( ( remaining > 0U ) && ( ctx->queue_len > 0U ) ) - { - queue_free_len = ( POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len ); + if ((remaining > 0U) && (ctx->queue_len > 0U)) { + queue_free_len = (POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len); - if( ilen < queue_free_len ) - { + if (ilen < queue_free_len) { /* Not enough data to complete the block. * Store this data with the other leftovers. */ - memcpy( &ctx->queue[ctx->queue_len], - input, - ilen ); + memcpy(&ctx->queue[ctx->queue_len], + input, + ilen); ctx->queue_len += ilen; remaining = 0U; - } - else - { + } else { /* Enough data to produce a complete block */ - memcpy( &ctx->queue[ctx->queue_len], - input, - queue_free_len ); + memcpy(&ctx->queue[ctx->queue_len], + input, + queue_free_len); ctx->queue_len = 0U; - poly1305_process( ctx, 1U, ctx->queue, 1U ); /* add padding bit */ + poly1305_process(ctx, 1U, ctx->queue, 1U); /* add padding bit */ offset += queue_free_len; remaining -= queue_free_len; } } - if( remaining >= POLY1305_BLOCK_SIZE_BYTES ) - { + if (remaining >= POLY1305_BLOCK_SIZE_BYTES) { nblocks = remaining / POLY1305_BLOCK_SIZE_BYTES; - poly1305_process( ctx, nblocks, &input[offset], 1U ); + poly1305_process(ctx, nblocks, &input[offset], 1U); offset += nblocks * POLY1305_BLOCK_SIZE_BYTES; remaining %= POLY1305_BLOCK_SIZE_BYTES; } - if( remaining > 0U ) - { + if (remaining > 0U) { /* Store partial block */ ctx->queue_len = remaining; - memcpy( ctx->queue, &input[offset], remaining ); + memcpy(ctx->queue, &input[offset], remaining); } - return( 0 ); + return 0; } -int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, - unsigned char mac[16] ) +int mbedtls_poly1305_finish(mbedtls_poly1305_context *ctx, + unsigned char mac[16]) { - POLY1305_VALIDATE_RET( ctx != NULL ); - POLY1305_VALIDATE_RET( mac != NULL ); + POLY1305_VALIDATE_RET(ctx != NULL); + POLY1305_VALIDATE_RET(mac != NULL); /* Process any leftover data */ - if( ctx->queue_len > 0U ) - { + if (ctx->queue_len > 0U) { /* Add padding bit */ ctx->queue[ctx->queue_len] = 1U; ctx->queue_len++; /* Pad with zeroes */ - memset( &ctx->queue[ctx->queue_len], - 0, - POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len ); + memset(&ctx->queue[ctx->queue_len], + 0, + POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len); - poly1305_process( ctx, 1U, /* Process 1 block */ - ctx->queue, 0U ); /* Already padded above */ + poly1305_process(ctx, 1U, /* Process 1 block */ + ctx->queue, 0U); /* Already padded above */ } - poly1305_compute_mac( ctx, mac ); + poly1305_compute_mac(ctx, mac); - return( 0 ); + return 0; } -int mbedtls_poly1305_mac( const unsigned char key[32], - const unsigned char *input, - size_t ilen, - unsigned char mac[16] ) +int mbedtls_poly1305_mac(const unsigned char key[32], + const unsigned char *input, + size_t ilen, + unsigned char mac[16]) { mbedtls_poly1305_context ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - POLY1305_VALIDATE_RET( key != NULL ); - POLY1305_VALIDATE_RET( mac != NULL ); - POLY1305_VALIDATE_RET( ilen == 0 || input != NULL ); + POLY1305_VALIDATE_RET(key != NULL); + POLY1305_VALIDATE_RET(mac != NULL); + POLY1305_VALIDATE_RET(ilen == 0 || input != NULL); - mbedtls_poly1305_init( &ctx ); + mbedtls_poly1305_init(&ctx); - ret = mbedtls_poly1305_starts( &ctx, key ); - if( ret != 0 ) + ret = mbedtls_poly1305_starts(&ctx, key); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_poly1305_update( &ctx, input, ilen ); - if( ret != 0 ) + ret = mbedtls_poly1305_update(&ctx, input, ilen); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_poly1305_finish( &ctx, mac ); + ret = mbedtls_poly1305_finish(&ctx, mac); cleanup: - mbedtls_poly1305_free( &ctx ); - return( ret ); + mbedtls_poly1305_free(&ctx); + return ret; } #endif /* MBEDTLS_POLY1305_ALT */ @@ -479,46 +474,48 @@ static const unsigned char test_mac[2][16] = /* Make sure no other definition is already present. */ #undef ASSERT -#define ASSERT( cond, args ) \ +#define ASSERT(cond, args) \ do \ { \ - if( ! ( cond ) ) \ + if (!(cond)) \ { \ - if( verbose != 0 ) \ - mbedtls_printf args; \ + if (verbose != 0) \ + mbedtls_printf args; \ \ - return( -1 ); \ + return -1; \ } \ } \ - while( 0 ) + while (0) -int mbedtls_poly1305_self_test( int verbose ) +int mbedtls_poly1305_self_test(int verbose) { unsigned char mac[16]; unsigned i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - for( i = 0U; i < 2U; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " Poly1305 test %u ", i ); + for (i = 0U; i < 2U; i++) { + if (verbose != 0) { + mbedtls_printf(" Poly1305 test %u ", i); + } - ret = mbedtls_poly1305_mac( test_keys[i], - test_data[i], - test_data_len[i], - mac ); - ASSERT( 0 == ret, ( "error code: %i\n", ret ) ); + ret = mbedtls_poly1305_mac(test_keys[i], + test_data[i], + test_data_len[i], + mac); + ASSERT(0 == ret, ("error code: %i\n", ret)); - ASSERT( 0 == memcmp( mac, test_mac[i], 16U ), ( "failed (mac)\n" ) ); + ASSERT(0 == memcmp(mac, test_mac[i], 16U), ("failed (mac)\n")); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index f129733ce121..9976d72fef14 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -86,15 +86,15 @@ #include "mbedtls/sha512.h" #include "mbedtls/xtea.h" -#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) +#define ARRAY_LENGTH(array) (sizeof(array) / sizeof(*(array))) /****************************************************************/ /* Global data, support functions and library management */ /****************************************************************/ -static int key_type_is_raw_bytes( psa_key_type_t type ) +static int key_type_is_raw_bytes(psa_key_type_t type) { - return( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ); + return PSA_KEY_TYPE_IS_UNSTRUCTURED(type); } /* Values for psa_global_data_t::rng_state */ @@ -102,8 +102,7 @@ static int key_type_is_raw_bytes( psa_key_type_t type ) #define RNG_INITIALIZED 1 #define RNG_SEEDED 2 -typedef struct -{ +typedef struct { unsigned initialized : 1; unsigned rng_state : 2; mbedtls_psa_random_context_t rng; @@ -117,40 +116,39 @@ mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state = #endif #define GUARD_MODULE_INITIALIZED \ - if( global_data.initialized == 0 ) \ - return( PSA_ERROR_BAD_STATE ); + if (global_data.initialized == 0) \ + return PSA_ERROR_BAD_STATE; -psa_status_t mbedtls_to_psa_error( int ret ) +psa_status_t mbedtls_to_psa_error(int ret) { /* Mbed TLS error codes can combine a high-level error code and a * low-level error code. The low-level error usually reflects the * root cause better, so dispatch on that preferably. */ - int low_level_ret = - ( -ret & 0x007f ); - switch( low_level_ret != 0 ? low_level_ret : ret ) - { + int low_level_ret = -(-ret & 0x007f); + switch (low_level_ret != 0 ? low_level_ret : ret) { case 0: - return( PSA_SUCCESS ); + return PSA_SUCCESS; case MBEDTLS_ERR_AES_INVALID_KEY_LENGTH: case MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH: case MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_AES_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_ASN1_OUT_OF_DATA: case MBEDTLS_ERR_ASN1_UNEXPECTED_TAG: case MBEDTLS_ERR_ASN1_INVALID_LENGTH: case MBEDTLS_ERR_ASN1_LENGTH_MISMATCH: case MBEDTLS_ERR_ASN1_INVALID_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_ASN1_ALLOC_FAILED: - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL: - return( PSA_ERROR_BUFFER_TOO_SMALL ); + return PSA_ERROR_BUFFER_TOO_SMALL; #if defined(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA) case MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA: @@ -158,9 +156,9 @@ psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH: #endif case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; #if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA) case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA: @@ -168,209 +166,209 @@ psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH: #endif case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_CCM_BAD_INPUT: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_CCM_AUTH_FAILED: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_CCM_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_CHACHAPOLY_BAD_STATE: - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; case MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_CIPHER_ALLOC_FAILED: - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_CIPHER_INVALID_PADDING: - return( PSA_ERROR_INVALID_PADDING ); + return PSA_ERROR_INVALID_PADDING; case MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_CIPHER_AUTH_FAILED: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_CIPHER_INVALID_CONTEXT: - return( PSA_ERROR_CORRUPTION_DETECTED ); + return PSA_ERROR_CORRUPTION_DETECTED; case MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; -#if !( defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) || \ - defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) ) +#if !(defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) || \ + defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)) /* Only check CTR_DRBG error codes if underlying mbedtls_xxx * functions are passed a CTR_DRBG instance. */ case MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; case MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG: case MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; #endif case MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_DES_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED: case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE: case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; case MBEDTLS_ERR_GCM_AUTH_FAILED: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_GCM_BAD_INPUT: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_GCM_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; #if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \ - defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) + defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) /* Only check HMAC_DRBG error codes if underlying mbedtls_xxx * functions are passed a HMAC_DRBG instance. */ case MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; case MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG: case MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; #endif case MBEDTLS_ERR_MD2_HW_ACCEL_FAILED: case MBEDTLS_ERR_MD4_HW_ACCEL_FAILED: case MBEDTLS_ERR_MD5_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_MD_BAD_INPUT_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MD_ALLOC_FAILED: - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_MD_FILE_IO_ERROR: - return( PSA_ERROR_STORAGE_FAILURE ); + return PSA_ERROR_STORAGE_FAILURE; case MBEDTLS_ERR_MD_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_MPI_FILE_IO_ERROR: - return( PSA_ERROR_STORAGE_FAILURE ); + return PSA_ERROR_STORAGE_FAILURE; case MBEDTLS_ERR_MPI_BAD_INPUT_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MPI_INVALID_CHARACTER: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL: - return( PSA_ERROR_BUFFER_TOO_SMALL ); + return PSA_ERROR_BUFFER_TOO_SMALL; case MBEDTLS_ERR_MPI_NEGATIVE_VALUE: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MPI_DIVISION_BY_ZERO: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MPI_ALLOC_FAILED: - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_PK_ALLOC_FAILED: - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_PK_TYPE_MISMATCH: case MBEDTLS_ERR_PK_BAD_INPUT_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_PK_FILE_IO_ERROR: - return( PSA_ERROR_STORAGE_FAILURE ); + return PSA_ERROR_STORAGE_FAILURE; case MBEDTLS_ERR_PK_KEY_INVALID_VERSION: case MBEDTLS_ERR_PK_KEY_INVALID_FORMAT: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_PK_UNKNOWN_PK_ALG: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_PK_PASSWORD_REQUIRED: case MBEDTLS_ERR_PK_PASSWORD_MISMATCH: - return( PSA_ERROR_NOT_PERMITTED ); + return PSA_ERROR_NOT_PERMITTED; case MBEDTLS_ERR_PK_INVALID_PUBKEY: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_PK_INVALID_ALG: case MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE: case MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_PK_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_RSA_BAD_INPUT_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_RSA_INVALID_PADDING: - return( PSA_ERROR_INVALID_PADDING ); + return PSA_ERROR_INVALID_PADDING; case MBEDTLS_ERR_RSA_KEY_GEN_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_RSA_KEY_CHECK_FAILED: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_RSA_PUBLIC_FAILED: case MBEDTLS_ERR_RSA_PRIVATE_FAILED: - return( PSA_ERROR_CORRUPTION_DETECTED ); + return PSA_ERROR_CORRUPTION_DETECTED; case MBEDTLS_ERR_RSA_VERIFY_FAILED: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE: - return( PSA_ERROR_BUFFER_TOO_SMALL ); + return PSA_ERROR_BUFFER_TOO_SMALL; case MBEDTLS_ERR_RSA_RNG_FAILED: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; case MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_RSA_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED: case MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED: case MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_ECP_BAD_INPUT_DATA: case MBEDTLS_ERR_ECP_INVALID_KEY: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL: - return( PSA_ERROR_BUFFER_TOO_SMALL ); + return PSA_ERROR_BUFFER_TOO_SMALL; case MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH: case MBEDTLS_ERR_ECP_VERIFY_FAILED: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_ECP_ALLOC_FAILED: - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_ECP_RANDOM_FAILED: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; case MBEDTLS_ERR_ECP_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED: - return( PSA_ERROR_CORRUPTION_DETECTED ); + return PSA_ERROR_CORRUPTION_DETECTED; default: - return( PSA_ERROR_GENERIC_ERROR ); + return PSA_ERROR_GENERIC_ERROR; } } @@ -386,99 +384,96 @@ psa_status_t mbedtls_to_psa_error( int ret ) defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) -mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, - size_t bits, - int bits_is_sloppy ) +mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, + size_t bits, + int bits_is_sloppy) { - switch( curve ) - { + switch (curve) { case PSA_ECC_FAMILY_SECP_R1: - switch( bits ) - { + switch (bits) { #if defined(PSA_WANT_ECC_SECP_R1_192) case 192: - return( MBEDTLS_ECP_DP_SECP192R1 ); + return MBEDTLS_ECP_DP_SECP192R1; #endif #if defined(PSA_WANT_ECC_SECP_R1_224) case 224: - return( MBEDTLS_ECP_DP_SECP224R1 ); + return MBEDTLS_ECP_DP_SECP224R1; #endif #if defined(PSA_WANT_ECC_SECP_R1_256) case 256: - return( MBEDTLS_ECP_DP_SECP256R1 ); + return MBEDTLS_ECP_DP_SECP256R1; #endif #if defined(PSA_WANT_ECC_SECP_R1_384) case 384: - return( MBEDTLS_ECP_DP_SECP384R1 ); + return MBEDTLS_ECP_DP_SECP384R1; #endif #if defined(PSA_WANT_ECC_SECP_R1_521) case 521: - return( MBEDTLS_ECP_DP_SECP521R1 ); + return MBEDTLS_ECP_DP_SECP521R1; case 528: - if( bits_is_sloppy ) - return( MBEDTLS_ECP_DP_SECP521R1 ); + if (bits_is_sloppy) { + return MBEDTLS_ECP_DP_SECP521R1; + } break; #endif } break; case PSA_ECC_FAMILY_BRAINPOOL_P_R1: - switch( bits ) - { + switch (bits) { #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) case 256: - return( MBEDTLS_ECP_DP_BP256R1 ); + return MBEDTLS_ECP_DP_BP256R1; #endif #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) case 384: - return( MBEDTLS_ECP_DP_BP384R1 ); + return MBEDTLS_ECP_DP_BP384R1; #endif #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) case 512: - return( MBEDTLS_ECP_DP_BP512R1 ); + return MBEDTLS_ECP_DP_BP512R1; #endif } break; case PSA_ECC_FAMILY_MONTGOMERY: - switch( bits ) - { + switch (bits) { #if defined(PSA_WANT_ECC_MONTGOMERY_255) case 255: - return( MBEDTLS_ECP_DP_CURVE25519 ); + return MBEDTLS_ECP_DP_CURVE25519; case 256: - if( bits_is_sloppy ) - return( MBEDTLS_ECP_DP_CURVE25519 ); + if (bits_is_sloppy) { + return MBEDTLS_ECP_DP_CURVE25519; + } break; #endif #if defined(PSA_WANT_ECC_MONTGOMERY_448) case 448: - return( MBEDTLS_ECP_DP_CURVE448 ); + return MBEDTLS_ECP_DP_CURVE448; #endif } break; case PSA_ECC_FAMILY_SECP_K1: - switch( bits ) - { + switch (bits) { #if defined(PSA_WANT_ECC_SECP_K1_192) case 192: - return( MBEDTLS_ECP_DP_SECP192K1 ); + return MBEDTLS_ECP_DP_SECP192K1; #endif #if defined(PSA_WANT_ECC_SECP_K1_224) case 224: - return( MBEDTLS_ECP_DP_SECP224K1 ); + return MBEDTLS_ECP_DP_SECP224K1; #endif #if defined(PSA_WANT_ECC_SECP_K1_256) case 256: - return( MBEDTLS_ECP_DP_SECP256K1 ); + return MBEDTLS_ECP_DP_SECP256K1; #endif } break; } (void) bits_is_sloppy; - return( MBEDTLS_ECP_DP_NONE ); + return MBEDTLS_ECP_DP_NONE; } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || @@ -486,59 +481,65 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ -static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type, - size_t bits ) +static psa_status_t validate_unstructured_key_bit_size(psa_key_type_t type, + size_t bits) { /* Check that the bit size is acceptable for the key type */ - switch( type ) - { + switch (type) { case PSA_KEY_TYPE_RAW_DATA: case PSA_KEY_TYPE_HMAC: case PSA_KEY_TYPE_DERIVE: break; #if defined(PSA_WANT_KEY_TYPE_AES) case PSA_KEY_TYPE_AES: - if( bits != 128 && bits != 192 && bits != 256 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (bits != 128 && bits != 192 && bits != 256) { + return PSA_ERROR_INVALID_ARGUMENT; + } break; #endif #if defined(PSA_WANT_KEY_TYPE_ARIA) case PSA_KEY_TYPE_ARIA: - if( bits != 128 && bits != 192 && bits != 256 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (bits != 128 && bits != 192 && bits != 256) { + return PSA_ERROR_INVALID_ARGUMENT; + } break; #endif #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) case PSA_KEY_TYPE_CAMELLIA: - if( bits != 128 && bits != 192 && bits != 256 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (bits != 128 && bits != 192 && bits != 256) { + return PSA_ERROR_INVALID_ARGUMENT; + } break; #endif #if defined(PSA_WANT_KEY_TYPE_DES) case PSA_KEY_TYPE_DES: - if( bits != 64 && bits != 128 && bits != 192 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (bits != 64 && bits != 128 && bits != 192) { + return PSA_ERROR_INVALID_ARGUMENT; + } break; #endif #if defined(PSA_WANT_KEY_TYPE_ARC4) case PSA_KEY_TYPE_ARC4: - if( bits < 8 || bits > 2048 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (bits < 8 || bits > 2048) { + return PSA_ERROR_INVALID_ARGUMENT; + } break; #endif #if defined(PSA_WANT_KEY_TYPE_CHACHA20) case PSA_KEY_TYPE_CHACHA20: - if( bits != 256 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (bits != 256) { + return PSA_ERROR_INVALID_ARGUMENT; + } break; #endif default: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; + } + if (bits % 8 != 0) { + return PSA_ERROR_INVALID_ARGUMENT; } - if( bits % 8 != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** Check whether a given key type is valid for use with a given MAC algorithm @@ -557,124 +558,125 @@ static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type, */ MBEDTLS_STATIC_TESTABLE psa_status_t psa_mac_key_can_do( psa_algorithm_t algorithm, - psa_key_type_t key_type ) + psa_key_type_t key_type) { - if( PSA_ALG_IS_HMAC( algorithm ) ) - { - if( key_type == PSA_KEY_TYPE_HMAC ) - return( PSA_SUCCESS ); + if (PSA_ALG_IS_HMAC(algorithm)) { + if (key_type == PSA_KEY_TYPE_HMAC) { + return PSA_SUCCESS; + } } - if( PSA_ALG_IS_BLOCK_CIPHER_MAC( algorithm ) ) - { + if (PSA_ALG_IS_BLOCK_CIPHER_MAC(algorithm)) { /* Check that we're calling PSA_BLOCK_CIPHER_BLOCK_LENGTH with a cipher * key. */ - if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == - PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) - { + if ((key_type & PSA_KEY_TYPE_CATEGORY_MASK) == + PSA_KEY_TYPE_CATEGORY_SYMMETRIC) { /* PSA_BLOCK_CIPHER_BLOCK_LENGTH returns 1 for stream ciphers and * the block length (larger than 1) for block ciphers. */ - if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) > 1 ) - return( PSA_SUCCESS ); + if (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1) { + return PSA_SUCCESS; + } } } - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } -psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot, - size_t buffer_length ) +psa_status_t psa_allocate_buffer_to_slot(psa_key_slot_t *slot, + size_t buffer_length) { - if( slot->key.data != NULL ) - return( PSA_ERROR_ALREADY_EXISTS ); + if (slot->key.data != NULL) { + return PSA_ERROR_ALREADY_EXISTS; + } - slot->key.data = mbedtls_calloc( 1, buffer_length ); - if( slot->key.data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + slot->key.data = mbedtls_calloc(1, buffer_length); + if (slot->key.data == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } slot->key.bytes = buffer_length; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot, - const uint8_t* data, - size_t data_length ) +psa_status_t psa_copy_key_material_into_slot(psa_key_slot_t *slot, + const uint8_t *data, + size_t data_length) { - psa_status_t status = psa_allocate_buffer_to_slot( slot, - data_length ); - if( status != PSA_SUCCESS ) - return( status ); + psa_status_t status = psa_allocate_buffer_to_slot(slot, + data_length); + if (status != PSA_SUCCESS) { + return status; + } - memcpy( slot->key.data, data, data_length ); - return( PSA_SUCCESS ); + memcpy(slot->key.data, data, data_length); + return PSA_SUCCESS; } psa_status_t psa_import_key_into_slot( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) + size_t *key_buffer_length, size_t *bits) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t type = attributes->core.type; /* zero-length keys are never supported. */ - if( data_length == 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (data_length == 0) { + return PSA_ERROR_NOT_SUPPORTED; + } - if( key_type_is_raw_bytes( type ) ) - { - *bits = PSA_BYTES_TO_BITS( data_length ); + if (key_type_is_raw_bytes(type)) { + *bits = PSA_BYTES_TO_BITS(data_length); /* Ensure that the bytes-to-bits conversion hasn't overflown. */ - if( data_length > SIZE_MAX / 8 ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (data_length > SIZE_MAX / 8) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Enforce a size limit, and in particular ensure that the bit * size fits in its representation type. */ - if( ( *bits ) > PSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); + if ((*bits) > PSA_MAX_KEY_BITS) { + return PSA_ERROR_NOT_SUPPORTED; + } - status = validate_unstructured_key_bit_size( type, *bits ); - if( status != PSA_SUCCESS ) - return( status ); + status = validate_unstructured_key_bit_size(type, *bits); + if (status != PSA_SUCCESS) { + return status; + } /* Copy the key material. */ - memcpy( key_buffer, data, data_length ); + memcpy(key_buffer, data, data_length); *key_buffer_length = data_length; - (void)key_buffer_size; + (void) key_buffer_size; - return( PSA_SUCCESS ); - } - else if( PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ) - { + return PSA_SUCCESS; + } else if (PSA_KEY_TYPE_IS_ASYMMETRIC(type)) { #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_ECC( type ) ) - { - return( mbedtls_psa_ecp_import_key( attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, - bits ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + if (PSA_KEY_TYPE_IS_ECC(type)) { + return mbedtls_psa_ecp_import_key(attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, + bits); } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_RSA( type ) ) - { - return( mbedtls_psa_rsa_import_key( attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, - bits ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + if (PSA_KEY_TYPE_IS_RSA(type)) { + return mbedtls_psa_rsa_import_key(attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, + bits); } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ } - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } /** Calculate the intersection of two algorithm usage policies. @@ -684,63 +686,61 @@ psa_status_t psa_import_key_into_slot( static psa_algorithm_t psa_key_policy_algorithm_intersection( psa_key_type_t key_type, psa_algorithm_t alg1, - psa_algorithm_t alg2 ) + psa_algorithm_t alg2) { /* Common case: both sides actually specify the same policy. */ - if( alg1 == alg2 ) - return( alg1 ); + if (alg1 == alg2) { + return alg1; + } /* If the policies are from the same hash-and-sign family, check * if one is a wildcard. If so the other has the specific algorithm. */ - if( PSA_ALG_IS_SIGN_HASH( alg1 ) && - PSA_ALG_IS_SIGN_HASH( alg2 ) && - ( alg1 & ~PSA_ALG_HASH_MASK ) == ( alg2 & ~PSA_ALG_HASH_MASK ) ) - { - if( PSA_ALG_SIGN_GET_HASH( alg1 ) == PSA_ALG_ANY_HASH ) - return( alg2 ); - if( PSA_ALG_SIGN_GET_HASH( alg2 ) == PSA_ALG_ANY_HASH ) - return( alg1 ); + if (PSA_ALG_IS_SIGN_HASH(alg1) && + PSA_ALG_IS_SIGN_HASH(alg2) && + (alg1 & ~PSA_ALG_HASH_MASK) == (alg2 & ~PSA_ALG_HASH_MASK)) { + if (PSA_ALG_SIGN_GET_HASH(alg1) == PSA_ALG_ANY_HASH) { + return alg2; + } + if (PSA_ALG_SIGN_GET_HASH(alg2) == PSA_ALG_ANY_HASH) { + return alg1; + } } /* If the policies are from the same AEAD family, check whether * one of them is a minimum-tag-length wildcard. Calculate the most * restrictive tag length. */ - if( PSA_ALG_IS_AEAD( alg1 ) && PSA_ALG_IS_AEAD( alg2 ) && - ( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg1, 0 ) == - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg2, 0 ) ) ) - { - size_t alg1_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg1 ); - size_t alg2_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg2 ); + if (PSA_ALG_IS_AEAD(alg1) && PSA_ALG_IS_AEAD(alg2) && + (PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg1, 0) == + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg2, 0))) { + size_t alg1_len = PSA_ALG_AEAD_GET_TAG_LENGTH(alg1); + size_t alg2_len = PSA_ALG_AEAD_GET_TAG_LENGTH(alg2); size_t restricted_len = alg1_len > alg2_len ? alg1_len : alg2_len; /* If both are wildcards, return most restrictive wildcard */ - if( ( ( alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) && - ( ( alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) ) - { - return( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( - alg1, restricted_len ) ); + if (((alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0) && + ((alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0)) { + return PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( + alg1, restricted_len); } /* If only one is a wildcard, return specific algorithm if compatible. */ - if( ( ( alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) && - ( alg1_len <= alg2_len ) ) - { - return( alg2 ); + if (((alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0) && + (alg1_len <= alg2_len)) { + return alg2; } - if( ( ( alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) && - ( alg2_len <= alg1_len ) ) - { - return( alg1 ); + if (((alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0) && + (alg2_len <= alg1_len)) { + return alg1; } } /* If the policies are from the same MAC family, check whether one * of them is a minimum-MAC-length policy. Calculate the most * restrictive tag length. */ - if( PSA_ALG_IS_MAC( alg1 ) && PSA_ALG_IS_MAC( alg2 ) && - ( PSA_ALG_FULL_LENGTH_MAC( alg1 ) == - PSA_ALG_FULL_LENGTH_MAC( alg2 ) ) ) - { + if (PSA_ALG_IS_MAC(alg1) && PSA_ALG_IS_MAC(alg2) && + (PSA_ALG_FULL_LENGTH_MAC(alg1) == + PSA_ALG_FULL_LENGTH_MAC(alg2))) { /* Validate the combination of key type and algorithm. Since the base * algorithm of alg1 and alg2 are the same, we only need this once. */ - if( PSA_SUCCESS != psa_mac_key_can_do( alg1, key_type ) ) - return( 0 ); + if (PSA_SUCCESS != psa_mac_key_can_do(alg1, key_type)) { + return 0; + } /* Get the (exact or at-least) output lengths for both sides of the * requested intersection. None of the currently supported algorithms @@ -750,79 +750,76 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection( * Note that for at-least-this-length wildcard algorithms, the output * length is set to the shortest allowed length, which allows us to * calculate the most restrictive tag length for the intersection. */ - size_t alg1_len = PSA_MAC_LENGTH( key_type, 0, alg1 ); - size_t alg2_len = PSA_MAC_LENGTH( key_type, 0, alg2 ); + size_t alg1_len = PSA_MAC_LENGTH(key_type, 0, alg1); + size_t alg2_len = PSA_MAC_LENGTH(key_type, 0, alg2); size_t restricted_len = alg1_len > alg2_len ? alg1_len : alg2_len; /* If both are wildcards, return most restrictive wildcard */ - if( ( ( alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) && - ( ( alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) ) - { - return( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg1, restricted_len ) ); + if (((alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) && + ((alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0)) { + return PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg1, restricted_len); } /* If only one is an at-least-this-length policy, the intersection would * be the other (fixed-length) policy as long as said fixed length is * equal to or larger than the shortest allowed length. */ - if( ( alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) - { - return( ( alg1_len <= alg2_len ) ? alg2 : 0 ); + if ((alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) { + return (alg1_len <= alg2_len) ? alg2 : 0; } - if( ( alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) - { - return( ( alg2_len <= alg1_len ) ? alg1 : 0 ); + if ((alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) { + return (alg2_len <= alg1_len) ? alg1 : 0; } /* If none of them are wildcards, check whether they define the same tag * length. This is still possible here when one is default-length and * the other specific-length. Ensure to always return the * specific-length version for the intersection. */ - if( alg1_len == alg2_len ) - return( PSA_ALG_TRUNCATED_MAC( alg1, alg1_len ) ); + if (alg1_len == alg2_len) { + return PSA_ALG_TRUNCATED_MAC(alg1, alg1_len); + } } /* If the policies are incompatible, allow nothing. */ - return( 0 ); + return 0; } -static int psa_key_algorithm_permits( psa_key_type_t key_type, - psa_algorithm_t policy_alg, - psa_algorithm_t requested_alg ) +static int psa_key_algorithm_permits(psa_key_type_t key_type, + psa_algorithm_t policy_alg, + psa_algorithm_t requested_alg) { /* Common case: the policy only allows requested_alg. */ - if( requested_alg == policy_alg ) - return( 1 ); + if (requested_alg == policy_alg) { + return 1; + } /* If policy_alg is a hash-and-sign with a wildcard for the hash, * and requested_alg is the same hash-and-sign family with any hash, * then requested_alg is compliant with policy_alg. */ - if( PSA_ALG_IS_SIGN_HASH( requested_alg ) && - PSA_ALG_SIGN_GET_HASH( policy_alg ) == PSA_ALG_ANY_HASH ) - { - return( ( policy_alg & ~PSA_ALG_HASH_MASK ) == - ( requested_alg & ~PSA_ALG_HASH_MASK ) ); + if (PSA_ALG_IS_SIGN_HASH(requested_alg) && + PSA_ALG_SIGN_GET_HASH(policy_alg) == PSA_ALG_ANY_HASH) { + return (policy_alg & ~PSA_ALG_HASH_MASK) == + (requested_alg & ~PSA_ALG_HASH_MASK); } /* If policy_alg is a wildcard AEAD algorithm of the same base as * the requested algorithm, check the requested tag length to be * equal-length or longer than the wildcard-specified length. */ - if( PSA_ALG_IS_AEAD( policy_alg ) && - PSA_ALG_IS_AEAD( requested_alg ) && - ( PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, 0 ) == - PSA_ALG_AEAD_WITH_SHORTENED_TAG( requested_alg, 0 ) ) && - ( ( policy_alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) ) - { - return( PSA_ALG_AEAD_GET_TAG_LENGTH( policy_alg ) <= - PSA_ALG_AEAD_GET_TAG_LENGTH( requested_alg ) ); + if (PSA_ALG_IS_AEAD(policy_alg) && + PSA_ALG_IS_AEAD(requested_alg) && + (PSA_ALG_AEAD_WITH_SHORTENED_TAG(policy_alg, 0) == + PSA_ALG_AEAD_WITH_SHORTENED_TAG(requested_alg, 0)) && + ((policy_alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0)) { + return PSA_ALG_AEAD_GET_TAG_LENGTH(policy_alg) <= + PSA_ALG_AEAD_GET_TAG_LENGTH(requested_alg); } /* If policy_alg is a MAC algorithm of the same base as the requested * algorithm, check whether their MAC lengths are compatible. */ - if( PSA_ALG_IS_MAC( policy_alg ) && - PSA_ALG_IS_MAC( requested_alg ) && - ( PSA_ALG_FULL_LENGTH_MAC( policy_alg ) == - PSA_ALG_FULL_LENGTH_MAC( requested_alg ) ) ) - { + if (PSA_ALG_IS_MAC(policy_alg) && + PSA_ALG_IS_MAC(requested_alg) && + (PSA_ALG_FULL_LENGTH_MAC(policy_alg) == + PSA_ALG_FULL_LENGTH_MAC(requested_alg))) { /* Validate the combination of key type and algorithm. Since the policy * and requested algorithms are the same, we only need this once. */ - if( PSA_SUCCESS != psa_mac_key_can_do( policy_alg, key_type ) ) - return( 0 ); + if (PSA_SUCCESS != psa_mac_key_can_do(policy_alg, key_type)) { + return 0; + } /* Get both the requested output length for the algorithm which is to be * verified, and the default output length for the base algorithm. @@ -830,44 +827,42 @@ static int psa_key_algorithm_permits( psa_key_type_t key_type, * length dependent on actual key size, so setting it to a bogus value * of 0 is currently OK. */ size_t requested_output_length = PSA_MAC_LENGTH( - key_type, 0, requested_alg ); + key_type, 0, requested_alg); size_t default_output_length = PSA_MAC_LENGTH( - key_type, 0, - PSA_ALG_FULL_LENGTH_MAC( requested_alg ) ); + key_type, 0, + PSA_ALG_FULL_LENGTH_MAC(requested_alg)); /* If the policy is default-length, only allow an algorithm with * a declared exact-length matching the default. */ - if( PSA_MAC_TRUNCATED_LENGTH( policy_alg ) == 0 ) - return( requested_output_length == default_output_length ); + if (PSA_MAC_TRUNCATED_LENGTH(policy_alg) == 0) { + return requested_output_length == default_output_length; + } /* If the requested algorithm is default-length, allow it if the policy * length exactly matches the default length. */ - if( PSA_MAC_TRUNCATED_LENGTH( requested_alg ) == 0 && - PSA_MAC_TRUNCATED_LENGTH( policy_alg ) == default_output_length ) - { - return( 1 ); + if (PSA_MAC_TRUNCATED_LENGTH(requested_alg) == 0 && + PSA_MAC_TRUNCATED_LENGTH(policy_alg) == default_output_length) { + return 1; } /* If policy_alg is an at-least-this-length wildcard MAC algorithm, * check for the requested MAC length to be equal to or longer than the * minimum allowed length. */ - if( ( policy_alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) - { - return( PSA_MAC_TRUNCATED_LENGTH( policy_alg ) <= - requested_output_length ); + if ((policy_alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) { + return PSA_MAC_TRUNCATED_LENGTH(policy_alg) <= + requested_output_length; } } /* If policy_alg is a generic key agreement operation, then using it for * a key derivation with that key agreement should also be allowed. This * behaviour is expected to be defined in a future specification version. */ - if( PSA_ALG_IS_RAW_KEY_AGREEMENT( policy_alg ) && - PSA_ALG_IS_KEY_AGREEMENT( requested_alg ) ) - { - return( PSA_ALG_KEY_AGREEMENT_GET_BASE( requested_alg ) == - policy_alg ); + if (PSA_ALG_IS_RAW_KEY_AGREEMENT(policy_alg) && + PSA_ALG_IS_KEY_AGREEMENT(requested_alg)) { + return PSA_ALG_KEY_AGREEMENT_GET_BASE(requested_alg) == + policy_alg; } /* If it isn't explicitly permitted, it's forbidden. */ - return( 0 ); + return 0; } /** Test whether a policy permits an algorithm. @@ -885,23 +880,26 @@ static int psa_key_algorithm_permits( psa_key_type_t key_type, * \retval PSA_ERROR_NOT_PERMITTED When \p alg is a specific algorithm, but * the \p policy does not allow it. */ -static psa_status_t psa_key_policy_permits( const psa_key_policy_t *policy, - psa_key_type_t key_type, - psa_algorithm_t alg ) +static psa_status_t psa_key_policy_permits(const psa_key_policy_t *policy, + psa_key_type_t key_type, + psa_algorithm_t alg) { /* '0' is not a valid algorithm */ - if( alg == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (alg == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } /* A requested algorithm cannot be a wildcard. */ - if( PSA_ALG_IS_WILDCARD( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - if( psa_key_algorithm_permits( key_type, policy->alg, alg ) || - psa_key_algorithm_permits( key_type, policy->alg2, alg ) ) - return( PSA_SUCCESS ); - else - return( PSA_ERROR_NOT_PERMITTED ); + if (PSA_ALG_IS_WILDCARD(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + if (psa_key_algorithm_permits(key_type, policy->alg, alg) || + psa_key_algorithm_permits(key_type, policy->alg2, alg)) { + return PSA_SUCCESS; + } else { + return PSA_ERROR_NOT_PERMITTED; + } } /** Restrict a key policy based on a constraint. @@ -925,22 +923,24 @@ static psa_status_t psa_key_policy_permits( const psa_key_policy_t *policy, static psa_status_t psa_restrict_key_policy( psa_key_type_t key_type, psa_key_policy_t *policy, - const psa_key_policy_t *constraint ) + const psa_key_policy_t *constraint) { psa_algorithm_t intersection_alg = - psa_key_policy_algorithm_intersection( key_type, policy->alg, - constraint->alg ); + psa_key_policy_algorithm_intersection(key_type, policy->alg, + constraint->alg); psa_algorithm_t intersection_alg2 = - psa_key_policy_algorithm_intersection( key_type, policy->alg2, - constraint->alg2 ); - if( intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - if( intersection_alg2 == 0 && policy->alg2 != 0 && constraint->alg2 != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + psa_key_policy_algorithm_intersection(key_type, policy->alg2, + constraint->alg2); + if (intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } + if (intersection_alg2 == 0 && policy->alg2 != 0 && constraint->alg2 != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } policy->usage &= constraint->usage; policy->alg = intersection_alg; policy->alg2 = intersection_alg2; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** Get the description of a key given its identifier and policy constraints @@ -960,46 +960,47 @@ static psa_status_t psa_get_and_lock_key_slot_with_policy( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot, psa_key_usage_t usage, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - status = psa_get_and_lock_key_slot( key, p_slot ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_and_lock_key_slot(key, p_slot); + if (status != PSA_SUCCESS) { + return status; + } slot = *p_slot; /* Enforce that usage policy for the key slot contains all the flags * required by the usage parameter. There is one exception: public * keys can always be exported, so we treat public key objects as * if they had the export flag. */ - if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) ) + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type)) { usage &= ~PSA_KEY_USAGE_EXPORT; + } - if( ( slot->attr.policy.usage & usage ) != usage ) - { + if ((slot->attr.policy.usage & usage) != usage) { status = PSA_ERROR_NOT_PERMITTED; goto error; } /* Enforce that the usage policy permits the requested algorithm. */ - if( alg != 0 ) - { - status = psa_key_policy_permits( &slot->attr.policy, - slot->attr.type, - alg ); - if( status != PSA_SUCCESS ) + if (alg != 0) { + status = psa_key_policy_permits(&slot->attr.policy, + slot->attr.type, + alg); + if (status != PSA_SUCCESS) { goto error; + } } - return( PSA_SUCCESS ); + return PSA_SUCCESS; error: *p_slot = NULL; - psa_unlock_key_slot( slot ); + psa_unlock_key_slot(slot); - return( status ); + return status; } /** Get a key slot containing a transparent key and lock it. @@ -1019,42 +1020,43 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot, psa_key_usage_t usage, - psa_algorithm_t alg ) + psa_algorithm_t alg) { - psa_status_t status = psa_get_and_lock_key_slot_with_policy( key, p_slot, - usage, alg ); - if( status != PSA_SUCCESS ) - return( status ); + psa_status_t status = psa_get_and_lock_key_slot_with_policy(key, p_slot, + usage, alg); + if (status != PSA_SUCCESS) { + return status; + } - if( psa_key_lifetime_is_external( (*p_slot)->attr.lifetime ) ) - { - psa_unlock_key_slot( *p_slot ); + if (psa_key_lifetime_is_external((*p_slot)->attr.lifetime)) { + psa_unlock_key_slot(*p_slot); *p_slot = NULL; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) +psa_status_t psa_remove_key_data_from_memory(psa_key_slot_t *slot) { /* Data pointer will always be either a valid pointer or NULL in an * initialized slot, so we can just free it. */ - if( slot->key.data != NULL ) - mbedtls_platform_zeroize( slot->key.data, slot->key.bytes); + if (slot->key.data != NULL) { + mbedtls_platform_zeroize(slot->key.data, slot->key.bytes); + } - mbedtls_free( slot->key.data ); + mbedtls_free(slot->key.data); slot->key.data = NULL; slot->key.bytes = 0; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** Completely wipe a slot in memory, including its policy. * Persistent storage is not affected. */ -psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) +psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot) { - psa_status_t status = psa_remove_key_data_from_memory( slot ); + psa_status_t status = psa_remove_key_data_from_memory(slot); /* * As the return error code may not be handled in case of multiple errors, @@ -1063,10 +1065,9 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) * part of the execution of a test suite this will stop the test suite * execution). */ - if( slot->lock_count != 1 ) - { + if (slot->lock_count != 1) { #ifdef MBEDTLS_CHECK_PARAMS - MBEDTLS_PARAM_FAILED( slot->lock_count == 1 ); + MBEDTLS_PARAM_FAILED(slot->lock_count == 1); #endif status = PSA_ERROR_CORRUPTION_DETECTED; } @@ -1079,11 +1080,11 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) /* At this point, key material and other type-specific content has * been wiped. Clear remaining metadata. We can call memset and not * zeroize because the metadata is not particularly sensitive. */ - memset( slot, 0, sizeof( *slot ) ); - return( status ); + memset(slot, 0, sizeof(*slot)); + return status; } -psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) +psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key) { psa_key_slot_t *slot; psa_status_t status; /* status of the last operation */ @@ -1092,8 +1093,9 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) psa_se_drv_table_entry_t *driver; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( mbedtls_svc_key_id_is_null( key ) ) - return( PSA_SUCCESS ); + if (mbedtls_svc_key_id_is_null(key)) { + return PSA_SUCCESS; + } /* * Get the description of the key in a key slot. In case of a persistent @@ -1102,9 +1104,10 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) * the key is operated by an SE or not and this information is needed by * the current implementation. */ - status = psa_get_and_lock_key_slot( key, &slot ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_and_lock_key_slot(key, &slot); + if (status != PSA_SUCCESS) { + return status; + } /* * If the key slot containing the key description is under access by the @@ -1113,14 +1116,12 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) * implemented), the key should be destroyed when all accesses have * stopped. */ - if( slot->lock_count > 1 ) - { - psa_unlock_key_slot( slot ); - return( PSA_ERROR_GENERIC_ERROR ); + if (slot->lock_count > 1) { + psa_unlock_key_slot(slot); + return PSA_ERROR_GENERIC_ERROR; } - if( PSA_KEY_LIFETIME_IS_READ_ONLY( slot->attr.lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_READ_ONLY(slot->attr.lifetime)) { /* Refuse the destruction of a read-only key (which may or may not work * if we attempt it, depending on whether the key is merely read-only * by policy or actually physically read-only). @@ -1131,22 +1132,20 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - driver = psa_get_se_driver_entry( slot->attr.lifetime ); - if( driver != NULL ) - { + driver = psa_get_se_driver_entry(slot->attr.lifetime); + if (driver != NULL) { /* For a key in a secure element, we need to do three things: * remove the key file in internal storage, destroy the * key inside the secure element, and update the driver's * persistent data. Start a transaction that will encompass these * three actions. */ - psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_DESTROY_KEY ); + psa_crypto_prepare_transaction(PSA_CRYPTO_TRANSACTION_DESTROY_KEY); psa_crypto_transaction.key.lifetime = slot->attr.lifetime; - psa_crypto_transaction.key.slot = psa_key_slot_get_slot_number( slot ); + psa_crypto_transaction.key.slot = psa_key_slot_get_slot_number(slot); psa_crypto_transaction.key.id = slot->attr.id; - status = psa_crypto_save_transaction( ); - if( status != PSA_SUCCESS ) - { - (void) psa_crypto_stop_transaction( ); + status = psa_crypto_save_transaction(); + if (status != PSA_SUCCESS) { + (void) psa_crypto_stop_transaction(); /* We should still try to destroy the key in the secure * element and the key metadata in storage. This is especially * important if the error is that the storage is full. @@ -1158,19 +1157,20 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) goto exit; } - status = psa_destroy_se_key( driver, - psa_key_slot_get_slot_number( slot ) ); - if( overall_status == PSA_SUCCESS ) + status = psa_destroy_se_key(driver, + psa_key_slot_get_slot_number(slot)); + if (overall_status == PSA_SUCCESS) { overall_status = status; + } } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) - { - status = psa_destroy_persistent_key( slot->attr.id ); - if( overall_status == PSA_SUCCESS ) + if (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { + status = psa_destroy_persistent_key(slot->attr.id); + if (overall_status == PSA_SUCCESS) { overall_status = status; + } /* TODO: other slots may have a copy of the same key. We should * invalidate them. @@ -1180,96 +1180,100 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( driver != NULL ) - { - status = psa_save_se_persistent_data( driver ); - if( overall_status == PSA_SUCCESS ) + if (driver != NULL) { + status = psa_save_se_persistent_data(driver); + if (overall_status == PSA_SUCCESS) { overall_status = status; - status = psa_crypto_stop_transaction( ); - if( overall_status == PSA_SUCCESS ) + } + status = psa_crypto_stop_transaction(); + if (overall_status == PSA_SUCCESS) { overall_status = status; + } } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ exit: - status = psa_wipe_key_slot( slot ); + status = psa_wipe_key_slot(slot); /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */ - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { overall_status = status; - return( overall_status ); + } + return overall_status; } #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) static psa_status_t psa_get_rsa_public_exponent( const mbedtls_rsa_context *rsa, - psa_key_attributes_t *attributes ) + psa_key_attributes_t *attributes) { mbedtls_mpi mpi; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint8_t *buffer = NULL; size_t buflen; - mbedtls_mpi_init( &mpi ); + mbedtls_mpi_init(&mpi); - ret = mbedtls_rsa_export( rsa, NULL, NULL, NULL, NULL, &mpi ); - if( ret != 0 ) + ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &mpi); + if (ret != 0) { goto exit; - if( mbedtls_mpi_cmp_int( &mpi, 65537 ) == 0 ) - { + } + if (mbedtls_mpi_cmp_int(&mpi, 65537) == 0) { /* It's the default value, which is reported as an empty string, * so there's nothing to do. */ goto exit; } - buflen = mbedtls_mpi_size( &mpi ); - buffer = mbedtls_calloc( 1, buflen ); - if( buffer == NULL ) - { + buflen = mbedtls_mpi_size(&mpi); + buffer = mbedtls_calloc(1, buflen); + if (buffer == NULL) { ret = MBEDTLS_ERR_MPI_ALLOC_FAILED; goto exit; } - ret = mbedtls_mpi_write_binary( &mpi, buffer, buflen ); - if( ret != 0 ) + ret = mbedtls_mpi_write_binary(&mpi, buffer, buflen); + if (ret != 0) { goto exit; + } attributes->domain_parameters = buffer; attributes->domain_parameters_size = buflen; exit: - mbedtls_mpi_free( &mpi ); - if( ret != 0 ) - mbedtls_free( buffer ); - return( mbedtls_to_psa_error( ret ) ); + mbedtls_mpi_free(&mpi); + if (ret != 0) { + mbedtls_free(buffer); + } + return mbedtls_to_psa_error(ret); } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ /** Retrieve all the publicly-accessible attributes of a key. */ -psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, - psa_key_attributes_t *attributes ) +psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key, + psa_key_attributes_t *attributes) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - psa_reset_key_attributes( attributes ); + psa_reset_key_attributes(attributes); - status = psa_get_and_lock_key_slot_with_policy( key, &slot, 0, 0 ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_and_lock_key_slot_with_policy(key, &slot, 0, 0); + if (status != PSA_SUCCESS) { + return status; + } attributes->core = slot->attr; - attributes->core.flags &= ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY | - MBEDTLS_PSA_KA_MASK_DUAL_USE ); + attributes->core.flags &= (MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY | + MBEDTLS_PSA_KA_MASK_DUAL_USE); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( psa_get_se_driver_entry( slot->attr.lifetime ) != NULL ) - psa_set_key_slot_number( attributes, - psa_key_slot_get_slot_number( slot ) ); + if (psa_get_se_driver_entry(slot->attr.lifetime) != NULL) { + psa_set_key_slot_number(attributes, + psa_key_slot_get_slot_number(slot)); + } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - switch( slot->attr.type ) - { + switch (slot->attr.type) { #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) case PSA_KEY_TYPE_RSA_KEY_PAIR: @@ -1278,22 +1282,22 @@ psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, * is not yet implemented. * https://github.com/ARMmbed/mbed-crypto/issues/216 */ - if( ! psa_key_lifetime_is_external( slot->attr.lifetime ) ) - { + if (!psa_key_lifetime_is_external(slot->attr.lifetime)) { mbedtls_rsa_context *rsa = NULL; status = mbedtls_psa_rsa_load_representation( - slot->attr.type, - slot->key.data, - slot->key.bytes, - &rsa ); - if( status != PSA_SUCCESS ) + slot->attr.type, + slot->key.data, + slot->key.bytes, + &rsa); + if (status != PSA_SUCCESS) { break; + } - status = psa_get_rsa_public_exponent( rsa, - attributes ); - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + status = psa_get_rsa_public_exponent(rsa, + attributes); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); } break; #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || @@ -1303,72 +1307,70 @@ psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, break; } - if( status != PSA_SUCCESS ) - psa_reset_key_attributes( attributes ); + if (status != PSA_SUCCESS) { + psa_reset_key_attributes(attributes); + } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) psa_status_t psa_get_key_slot_number( const psa_key_attributes_t *attributes, - psa_key_slot_number_t *slot_number ) + psa_key_slot_number_t *slot_number) { - if( attributes->core.flags & MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER ) - { + if (attributes->core.flags & MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER) { *slot_number = attributes->slot_number; - return( PSA_SUCCESS ); + return PSA_SUCCESS; + } else { + return PSA_ERROR_INVALID_ARGUMENT; } - else - return( PSA_ERROR_INVALID_ARGUMENT ); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -static psa_status_t psa_export_key_buffer_internal( const uint8_t *key_buffer, - size_t key_buffer_size, - uint8_t *data, - size_t data_size, - size_t *data_length ) +static psa_status_t psa_export_key_buffer_internal(const uint8_t *key_buffer, + size_t key_buffer_size, + uint8_t *data, + size_t data_size, + size_t *data_length) { - if( key_buffer_size > data_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, key_buffer, key_buffer_size ); - memset( data + key_buffer_size, 0, - data_size - key_buffer_size ); + if (key_buffer_size > data_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(data, key_buffer, key_buffer_size); + memset(data + key_buffer_size, 0, + data_size - key_buffer_size); *data_length = key_buffer_size; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t psa_export_key_internal( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { psa_key_type_t type = attributes->core.type; - if( key_type_is_raw_bytes( type ) || - PSA_KEY_TYPE_IS_RSA( type ) || - PSA_KEY_TYPE_IS_ECC( type ) ) - { - return( psa_export_key_buffer_internal( - key_buffer, key_buffer_size, - data, data_size, data_length ) ); - } - else - { + if (key_type_is_raw_bytes(type) || + PSA_KEY_TYPE_IS_RSA(type) || + PSA_KEY_TYPE_IS_ECC(type)) { + return psa_export_key_buffer_internal( + key_buffer, key_buffer_size, + data, data_size, data_length); + } else { /* This shouldn't happen in the reference implementation, but it is valid for a special-purpose implementation to omit support for exporting certain key types. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } } -psa_status_t psa_export_key( mbedtls_svc_key_id_t key, - uint8_t *data, - size_t data_size, - size_t *data_length ) +psa_status_t psa_export_key(mbedtls_svc_key_id_t key, + uint8_t *data, + size_t data_size, + size_t *data_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -1377,8 +1379,9 @@ psa_status_t psa_export_key( mbedtls_svc_key_id_t key, /* Reject a zero-length output buffer now, since this can never be a * valid key representation. This way we know that data must be a valid * pointer and we can do things like memset(data, ..., data_size). */ - if( data_size == 0 ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (data_size == 0) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } /* Set the key to empty now, so that even when there are errors, we always * set data_length to a value between 0 and data_size. On error, setting @@ -1390,21 +1393,22 @@ psa_status_t psa_export_key( mbedtls_svc_key_id_t key, * which don't require any flag, but * psa_get_and_lock_key_slot_with_policy() takes care of this. */ - status = psa_get_and_lock_key_slot_with_policy( key, &slot, - PSA_KEY_USAGE_EXPORT, 0 ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_and_lock_key_slot_with_policy(key, &slot, + PSA_KEY_USAGE_EXPORT, 0); + if (status != PSA_SUCCESS) { + return status; + } psa_key_attributes_t attributes = { .core = slot->attr }; - status = psa_driver_wrapper_export_key( &attributes, - slot->key.data, slot->key.bytes, - data, data_size, data_length ); + status = psa_driver_wrapper_export_key(&attributes, + slot->key.data, slot->key.bytes, + data, data_size, data_length); - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } psa_status_t psa_export_public_key_internal( @@ -1413,66 +1417,59 @@ psa_status_t psa_export_public_key_internal( size_t key_buffer_size, uint8_t *data, size_t data_size, - size_t *data_length ) + size_t *data_length) { psa_key_type_t type = attributes->core.type; - if( PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) ) - { - if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) - { + if (PSA_KEY_TYPE_IS_RSA(type) || PSA_KEY_TYPE_IS_ECC(type)) { + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) { /* Exporting public -> public */ - return( psa_export_key_buffer_internal( - key_buffer, key_buffer_size, - data, data_size, data_length ) ); + return psa_export_key_buffer_internal( + key_buffer, key_buffer_size, + data, data_size, data_length); } - if( PSA_KEY_TYPE_IS_RSA( type ) ) - { + if (PSA_KEY_TYPE_IS_RSA(type)) { #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - return( mbedtls_psa_rsa_export_public_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return mbedtls_psa_rsa_export_public_key(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); #else /* We don't know how to convert a private RSA key to public. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ - } - else - { + } else { #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) - return( mbedtls_psa_ecp_export_public_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return mbedtls_psa_ecp_export_public_key(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); #else /* We don't know how to convert a private ECC key to public */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ } - } - else - { + } else { /* This shouldn't happen in the reference implementation, but it is valid for a special-purpose implementation to omit support for exporting certain key types. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } } -psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, - uint8_t *data, - size_t data_size, - size_t *data_length ) +psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key, + uint8_t *data, + size_t data_size, + size_t *data_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -1481,8 +1478,9 @@ psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, /* Reject a zero-length output buffer now, since this can never be a * valid key representation. This way we know that data must be a valid * pointer and we can do things like memset(data, ..., data_size). */ - if( data_size == 0 ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (data_size == 0) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } /* Set the key to empty now, so that even when there are errors, we always * set data_length to a value between 0 and data_size. On error, setting @@ -1491,14 +1489,14 @@ psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, *data_length = 0; /* Exporting a public key doesn't require a usage flag. */ - status = psa_get_and_lock_key_slot_with_policy( key, &slot, 0, 0 ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_and_lock_key_slot_with_policy(key, &slot, 0, 0); + if (status != PSA_SUCCESS) { + return status; + } - if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) ) - { - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; + if (!PSA_KEY_TYPE_IS_ASYMMETRIC(slot->attr.type)) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; } psa_key_attributes_t attributes = { @@ -1506,21 +1504,21 @@ psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, }; status = psa_driver_wrapper_export_public_key( &attributes, slot->key.data, slot->key.bytes, - data, data_size, data_length ); + data, data_size, data_length); exit: - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } #if defined(static_assert) -static_assert( ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0, - "One or more key attribute flag is listed as both external-only and dual-use" ); -static_assert( ( PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0, - "One or more key attribute flag is listed as both internal-only and dual-use" ); -static_assert( ( PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ) == 0, - "One or more key attribute flag is listed as both internal-only and external-only" ); +static_assert((MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE) == 0, + "One or more key attribute flag is listed as both external-only and dual-use"); +static_assert((PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE) == 0, + "One or more key attribute flag is listed as both internal-only and dual-use"); +static_assert((PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY) == 0, + "One or more key attribute flag is listed as both internal-only and external-only"); #endif /** Validate that a key policy is internally well-formed. @@ -1529,20 +1527,21 @@ static_assert( ( PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ) * consistency of the policy with respect to other attributes of the key * such as the key type. */ -static psa_status_t psa_validate_key_policy( const psa_key_policy_t *policy ) +static psa_status_t psa_validate_key_policy(const psa_key_policy_t *policy) { - if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | - PSA_KEY_USAGE_COPY | - PSA_KEY_USAGE_ENCRYPT | - PSA_KEY_USAGE_DECRYPT | - PSA_KEY_USAGE_SIGN_MESSAGE | - PSA_KEY_USAGE_VERIFY_MESSAGE | - PSA_KEY_USAGE_SIGN_HASH | - PSA_KEY_USAGE_VERIFY_HASH | - PSA_KEY_USAGE_DERIVE ) ) != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - return( PSA_SUCCESS ); + if ((policy->usage & ~(PSA_KEY_USAGE_EXPORT | + PSA_KEY_USAGE_COPY | + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_VERIFY_MESSAGE | + PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_DERIVE)) != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + return PSA_SUCCESS; } /** Validate the internal consistency of key attributes. @@ -1560,48 +1559,52 @@ static psa_status_t psa_validate_key_policy( const psa_key_policy_t *policy ) */ static psa_status_t psa_validate_key_attributes( const psa_key_attributes_t *attributes, - psa_se_drv_table_entry_t **p_drv ) + psa_se_drv_table_entry_t **p_drv) { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; - psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes ); - mbedtls_svc_key_id_t key = psa_get_key_id( attributes ); + psa_key_lifetime_t lifetime = psa_get_key_lifetime(attributes); + mbedtls_svc_key_id_t key = psa_get_key_id(attributes); - status = psa_validate_key_location( lifetime, p_drv ); - if( status != PSA_SUCCESS ) - return( status ); - - status = psa_validate_key_persistence( lifetime ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_validate_key_location(lifetime, p_drv); + if (status != PSA_SUCCESS) { + return status; + } - if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { - if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_validate_key_persistence(lifetime); + if (status != PSA_SUCCESS) { + return status; } - else - { - if( !psa_is_valid_key_id( psa_get_key_id( attributes ), 0 ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { + if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key) != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } + } else { + if (!psa_is_valid_key_id(psa_get_key_id(attributes), 0)) { + return PSA_ERROR_INVALID_ARGUMENT; + } } - status = psa_validate_key_policy( &attributes->core.policy ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_validate_key_policy(&attributes->core.policy); + if (status != PSA_SUCCESS) { + return status; + } /* Refuse to create overly large keys. * Note that this doesn't trigger on import if the attributes don't * explicitly specify a size (so psa_get_key_bits returns 0), so * psa_import_key() needs its own checks. */ - if( psa_get_key_bits( attributes ) > PSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (psa_get_key_bits(attributes) > PSA_MAX_KEY_BITS) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Reject invalid flags. These should not be reachable through the API. */ - if( attributes->core.flags & ~ ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY | - MBEDTLS_PSA_KA_MASK_DUAL_USE ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (attributes->core.flags & ~(MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY | + MBEDTLS_PSA_KA_MASK_DUAL_USE)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** Prepare a key slot to receive key material. @@ -1637,7 +1640,7 @@ static psa_status_t psa_start_key_creation( psa_key_creation_method_t method, const psa_key_attributes_t *attributes, psa_key_slot_t **p_slot, - psa_se_drv_table_entry_t **p_drv ) + psa_se_drv_table_entry_t **p_drv) { psa_status_t status; psa_key_id_t volatile_key_id; @@ -1646,13 +1649,15 @@ static psa_status_t psa_start_key_creation( (void) method; *p_drv = NULL; - status = psa_validate_key_attributes( attributes, p_drv ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_validate_key_attributes(attributes, p_drv); + if (status != PSA_SUCCESS) { + return status; + } - status = psa_get_empty_key_slot( &volatile_key_id, p_slot ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_empty_key_slot(&volatile_key_id, p_slot); + if (status != PSA_SUCCESS) { + return status; + } slot = *p_slot; /* We're storing the declared bit-size of the key. It's up to each @@ -1664,8 +1669,7 @@ static psa_status_t psa_start_key_creation( * definition. */ slot->attr = attributes->core; - if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) slot->attr.id = volatile_key_id; #else @@ -1698,40 +1702,37 @@ static psa_status_t psa_start_key_creation( * secure element driver updates its persistent state, but we do not yet * save the driver's persistent state, so that if the power fails, * we can roll back to a state where the key doesn't exist. */ - if( *p_drv != NULL ) - { + if (*p_drv != NULL) { psa_key_slot_number_t slot_number; - status = psa_find_se_slot_for_key( attributes, method, *p_drv, - &slot_number ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_find_se_slot_for_key(attributes, method, *p_drv, + &slot_number); + if (status != PSA_SUCCESS) { + return status; + } - if( ! PSA_KEY_LIFETIME_IS_VOLATILE( attributes->core.lifetime ) ) - { - psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY ); + if (!PSA_KEY_LIFETIME_IS_VOLATILE(attributes->core.lifetime)) { + psa_crypto_prepare_transaction(PSA_CRYPTO_TRANSACTION_CREATE_KEY); psa_crypto_transaction.key.lifetime = slot->attr.lifetime; psa_crypto_transaction.key.slot = slot_number; psa_crypto_transaction.key.id = slot->attr.id; - status = psa_crypto_save_transaction( ); - if( status != PSA_SUCCESS ) - { - (void) psa_crypto_stop_transaction( ); - return( status ); + status = psa_crypto_save_transaction(); + if (status != PSA_SUCCESS) { + (void) psa_crypto_stop_transaction(); + return status; } } status = psa_copy_key_material_into_slot( - slot, (uint8_t *)( &slot_number ), sizeof( slot_number ) ); + slot, (uint8_t *) (&slot_number), sizeof(slot_number)); } - if( *p_drv == NULL && method == PSA_KEY_CREATION_REGISTER ) - { + if (*p_drv == NULL && method == PSA_KEY_CREATION_REGISTER) { /* Key registration only makes sense with a secure element. */ - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** Finalize the creation of a key once its key material has been set. @@ -1774,33 +1775,30 @@ static psa_status_t psa_finish_key_creation( (void) driver; #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) - { + if (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( driver != NULL ) - { + if (driver != NULL) { psa_se_key_data_storage_t data; psa_key_slot_number_t slot_number = - psa_key_slot_get_slot_number( slot ) ; + psa_key_slot_get_slot_number(slot); #if defined(static_assert) - static_assert( sizeof( slot_number ) == - sizeof( data.slot_number ), - "Slot number size does not match psa_se_key_data_storage_t" ); + static_assert(sizeof(slot_number) == + sizeof(data.slot_number), + "Slot number size does not match psa_se_key_data_storage_t"); #endif - memcpy( &data.slot_number, &slot_number, sizeof( slot_number ) ); - status = psa_save_persistent_key( &slot->attr, - (uint8_t*) &data, - sizeof( data ) ); - } - else + memcpy(&data.slot_number, &slot_number, sizeof(slot_number)); + status = psa_save_persistent_key(&slot->attr, + (uint8_t *) &data, + sizeof(data)); + } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ { /* Key material is saved in export representation in the slot, so * just pass the slot buffer for storage. */ - status = psa_save_persistent_key( &slot->attr, - slot->key.data, - slot->key.bytes ); + status = psa_save_persistent_key(&slot->attr, + slot->key.data, + slot->key.bytes); } } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ @@ -1811,28 +1809,26 @@ static psa_status_t psa_finish_key_creation( * by checking whether a transaction is in progress (actual * creation of a persistent key in a secure element requires a transaction, * but registration or volatile key creation doesn't use one). */ - if( driver != NULL && - psa_crypto_transaction.unknown.type == PSA_CRYPTO_TRANSACTION_CREATE_KEY ) - { - status = psa_save_se_persistent_data( driver ); - if( status != PSA_SUCCESS ) - { - psa_destroy_persistent_key( slot->attr.id ); - return( status ); + if (driver != NULL && + psa_crypto_transaction.unknown.type == PSA_CRYPTO_TRANSACTION_CREATE_KEY) { + status = psa_save_se_persistent_data(driver); + if (status != PSA_SUCCESS) { + psa_destroy_persistent_key(slot->attr.id); + return status; } - status = psa_crypto_stop_transaction( ); + status = psa_crypto_stop_transaction(); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( status == PSA_SUCCESS ) - { + if (status == PSA_SUCCESS) { *key = slot->attr.id; - status = psa_unlock_key_slot( slot ); - if( status != PSA_SUCCESS ) + status = psa_unlock_key_slot(slot); + if (status != PSA_SUCCESS) { *key = MBEDTLS_SVC_KEY_ID_INIT; + } } - return( status ); + return status; } /** Abort the creation of a key. @@ -1847,13 +1843,14 @@ static psa_status_t psa_finish_key_creation( * \param[in] driver The secure element driver for the key, * or NULL for a transparent key. */ -static void psa_fail_key_creation( psa_key_slot_t *slot, - psa_se_drv_table_entry_t *driver ) +static void psa_fail_key_creation(psa_key_slot_t *slot, + psa_se_drv_table_entry_t *driver) { (void) driver; - if( slot == NULL ) + if (slot == NULL) { return; + } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* TODO: If the key has already been created in the secure @@ -1869,10 +1866,10 @@ static void psa_fail_key_creation( psa_key_slot_t *slot, * Earlier functions must already have done what it takes to undo any * partial creation. All that's left is to update the transaction data * itself. */ - (void) psa_crypto_stop_transaction( ); + (void) psa_crypto_stop_transaction(); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - psa_wipe_key_slot( slot ); + psa_wipe_key_slot(slot); } /** Validate optional attributes during key creation. @@ -1886,74 +1883,76 @@ static void psa_fail_key_creation( psa_key_slot_t *slot, */ static psa_status_t psa_validate_optional_attributes( const psa_key_slot_t *slot, - const psa_key_attributes_t *attributes ) + const psa_key_attributes_t *attributes) { - if( attributes->core.type != 0 ) - { - if( attributes->core.type != slot->attr.type ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (attributes->core.type != 0) { + if (attributes->core.type != slot->attr.type) { + return PSA_ERROR_INVALID_ARGUMENT; + } } - if( attributes->domain_parameters_size != 0 ) - { + if (attributes->domain_parameters_size != 0) { #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) - { + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + if (PSA_KEY_TYPE_IS_RSA(slot->attr.type)) { mbedtls_rsa_context *rsa = NULL; mbedtls_mpi actual, required; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_status_t status = mbedtls_psa_rsa_load_representation( - slot->attr.type, - slot->key.data, - slot->key.bytes, - &rsa ); - if( status != PSA_SUCCESS ) - return( status ); - - mbedtls_mpi_init( &actual ); - mbedtls_mpi_init( &required ); - ret = mbedtls_rsa_export( rsa, - NULL, NULL, NULL, NULL, &actual ); - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); - if( ret != 0 ) + slot->attr.type, + slot->key.data, + slot->key.bytes, + &rsa); + if (status != PSA_SUCCESS) { + return status; + } + + mbedtls_mpi_init(&actual); + mbedtls_mpi_init(&required); + ret = mbedtls_rsa_export(rsa, + NULL, NULL, NULL, NULL, &actual); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); + if (ret != 0) { goto rsa_exit; - ret = mbedtls_mpi_read_binary( &required, - attributes->domain_parameters, - attributes->domain_parameters_size ); - if( ret != 0 ) + } + ret = mbedtls_mpi_read_binary(&required, + attributes->domain_parameters, + attributes->domain_parameters_size); + if (ret != 0) { goto rsa_exit; - if( mbedtls_mpi_cmp_mpi( &actual, &required ) != 0 ) + } + if (mbedtls_mpi_cmp_mpi(&actual, &required) != 0) { ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; - rsa_exit: - mbedtls_mpi_free( &actual ); - mbedtls_mpi_free( &required ); - if( ret != 0) - return( mbedtls_to_psa_error( ret ) ); - } - else + } +rsa_exit: + mbedtls_mpi_free(&actual); + mbedtls_mpi_free(&required); + if (ret != 0) { + return mbedtls_to_psa_error(ret); + } + } else #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ { - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } - if( attributes->core.bits != 0 ) - { - if( attributes->core.bits != slot->attr.bits ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (attributes->core.bits != 0) { + if (attributes->core.bits != slot->attr.bits) { + return PSA_ERROR_INVALID_ARGUMENT; + } } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_import_key( const psa_key_attributes_t *attributes, - const uint8_t *data, - size_t data_length, - mbedtls_svc_key_id_t *key ) +psa_status_t psa_import_key(const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + mbedtls_svc_key_id_t *key) { psa_status_t status; psa_key_slot_t *slot = NULL; @@ -1965,57 +1964,61 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, /* Reject zero-length symmetric keys (including raw data key objects). * This also rejects any key which might be encoded as an empty string, * which is never valid. */ - if( data_length == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (data_length == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } - status = psa_start_key_creation( PSA_KEY_CREATION_IMPORT, attributes, - &slot, &driver ); - if( status != PSA_SUCCESS ) + status = psa_start_key_creation(PSA_KEY_CREATION_IMPORT, attributes, + &slot, &driver); + if (status != PSA_SUCCESS) { goto exit; + } /* In the case of a transparent key or an opaque key stored in local * storage (thus not in the case of generating a key in a secure element * or cryptoprocessor with storage), we have to allocate a buffer to * hold the generated key material. */ - if( slot->key.data == NULL ) - { - status = psa_allocate_buffer_to_slot( slot, data_length ); - if( status != PSA_SUCCESS ) + if (slot->key.data == NULL) { + status = psa_allocate_buffer_to_slot(slot, data_length); + if (status != PSA_SUCCESS) { goto exit; + } } bits = slot->attr.bits; - status = psa_driver_wrapper_import_key( attributes, - data, data_length, - slot->key.data, - slot->key.bytes, - &slot->key.bytes, &bits ); - if( status != PSA_SUCCESS ) + status = psa_driver_wrapper_import_key(attributes, + data, data_length, + slot->key.data, + slot->key.bytes, + &slot->key.bytes, &bits); + if (status != PSA_SUCCESS) { goto exit; + } - if( slot->attr.bits == 0 ) + if (slot->attr.bits == 0) { slot->attr.bits = (psa_key_bits_t) bits; - else if( bits != slot->attr.bits ) - { + } else if (bits != slot->attr.bits) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - status = psa_validate_optional_attributes( slot, attributes ); - if( status != PSA_SUCCESS ) + status = psa_validate_optional_attributes(slot, attributes); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_finish_key_creation( slot, driver, key ); + status = psa_finish_key_creation(slot, driver, key); exit: - if( status != PSA_SUCCESS ) - psa_fail_key_creation( slot, driver ); + if (status != PSA_SUCCESS) { + psa_fail_key_creation(slot, driver); + } - return( status ); + return status; } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) psa_status_t mbedtls_psa_register_se_key( - const psa_key_attributes_t *attributes ) + const psa_key_attributes_t *attributes) { psa_status_t status; psa_key_slot_t *slot = NULL; @@ -2026,46 +2029,51 @@ psa_status_t mbedtls_psa_register_se_key( * It could make sense to query the key type and size from the * secure element, but not all secure elements support this * and the driver HAL doesn't currently support it. */ - if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_NOT_SUPPORTED ); - if( psa_get_key_bits( attributes ) == 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); - - status = psa_start_key_creation( PSA_KEY_CREATION_REGISTER, attributes, - &slot, &driver ); - if( status != PSA_SUCCESS ) + if (psa_get_key_type(attributes) == PSA_KEY_TYPE_NONE) { + return PSA_ERROR_NOT_SUPPORTED; + } + if (psa_get_key_bits(attributes) == 0) { + return PSA_ERROR_NOT_SUPPORTED; + } + + status = psa_start_key_creation(PSA_KEY_CREATION_REGISTER, attributes, + &slot, &driver); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_finish_key_creation( slot, driver, &key ); + status = psa_finish_key_creation(slot, driver, &key); exit: - if( status != PSA_SUCCESS ) - psa_fail_key_creation( slot, driver ); + if (status != PSA_SUCCESS) { + psa_fail_key_creation(slot, driver); + } /* Registration doesn't keep the key in RAM. */ - psa_close_key( key ); - return( status ); + psa_close_key(key); + return status; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, - psa_key_slot_t *target ) +static psa_status_t psa_copy_key_material(const psa_key_slot_t *source, + psa_key_slot_t *target) { - psa_status_t status = psa_copy_key_material_into_slot( target, - source->key.data, - source->key.bytes ); - if( status != PSA_SUCCESS ) - return( status ); + psa_status_t status = psa_copy_key_material_into_slot(target, + source->key.data, + source->key.bytes); + if (status != PSA_SUCCESS) { + return status; + } target->attr.type = source->attr.type; target->attr.bits = source->attr.bits; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, - const psa_key_attributes_t *specified_attributes, - mbedtls_svc_key_id_t *target_key ) +psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key, + const psa_key_attributes_t *specified_attributes, + mbedtls_svc_key_id_t *target_key) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -2077,37 +2085,39 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, *target_key = MBEDTLS_SVC_KEY_ID_INIT; status = psa_get_and_lock_transparent_key_slot_with_policy( - source_key, &source_slot, PSA_KEY_USAGE_COPY, 0 ); - if( status != PSA_SUCCESS ) + source_key, &source_slot, PSA_KEY_USAGE_COPY, 0); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_validate_optional_attributes( source_slot, - specified_attributes ); - if( status != PSA_SUCCESS ) + status = psa_validate_optional_attributes(source_slot, + specified_attributes); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_restrict_key_policy( source_slot->attr.type, - &actual_attributes.core.policy, - &source_slot->attr.policy ); - if( status != PSA_SUCCESS ) + status = psa_restrict_key_policy(source_slot->attr.type, + &actual_attributes.core.policy, + &source_slot->attr.policy); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_start_key_creation( PSA_KEY_CREATION_COPY, &actual_attributes, - &target_slot, &driver ); - if( status != PSA_SUCCESS ) + status = psa_start_key_creation(PSA_KEY_CREATION_COPY, &actual_attributes, + &target_slot, &driver); + if (status != PSA_SUCCESS) { goto exit; + } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( driver != NULL ) - { + if (driver != NULL) { /* Copying to a secure element is not implemented yet. */ status = PSA_ERROR_NOT_SUPPORTED; goto exit; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( psa_key_lifetime_is_external( actual_attributes.core.lifetime ) ) - { + if (psa_key_lifetime_is_external(actual_attributes.core.lifetime)) { /* * Copying through an opaque driver is not implemented yet, consider * a lifetime with an external location as an invalid parameter for @@ -2117,18 +2127,20 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, goto exit; } - status = psa_copy_key_material( source_slot, target_slot ); - if( status != PSA_SUCCESS ) + status = psa_copy_key_material(source_slot, target_slot); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_finish_key_creation( target_slot, driver, target_key ); + status = psa_finish_key_creation(target_slot, driver, target_key); exit: - if( status != PSA_SUCCESS ) - psa_fail_key_creation( target_slot, driver ); + if (status != PSA_SUCCESS) { + psa_fail_key_creation(target_slot, driver); + } - unlock_status = psa_unlock_key_slot( source_slot ); + unlock_status = psa_unlock_key_slot(source_slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -2137,178 +2149,185 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, /* Message digests */ /****************************************************************/ -psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) +psa_status_t psa_hash_abort(psa_hash_operation_t *operation) { /* Aborting a non-active operation is allowed */ - if( operation->id == 0 ) - return( PSA_SUCCESS ); + if (operation->id == 0) { + return PSA_SUCCESS; + } - psa_status_t status = psa_driver_wrapper_hash_abort( operation ); + psa_status_t status = psa_driver_wrapper_hash_abort(operation); operation->id = 0; - return( status ); + return status; } -psa_status_t psa_hash_setup( psa_hash_operation_t *operation, - psa_algorithm_t alg ) +psa_status_t psa_hash_setup(psa_hash_operation_t *operation, + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) - { + if (operation->id != 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( !PSA_ALG_IS_HASH( alg ) ) - { + if (!PSA_ALG_IS_HASH(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } /* Ensure all of the context is zeroized, since PSA_HASH_OPERATION_INIT only * directly zeroes the int-sized dummy member of the context union. */ - memset( &operation->ctx, 0, sizeof( operation->ctx ) ); + memset(&operation->ctx, 0, sizeof(operation->ctx)); - status = psa_driver_wrapper_hash_setup( operation, alg ); + status = psa_driver_wrapper_hash_setup(operation, alg); exit: - if( status != PSA_SUCCESS ) - psa_hash_abort( operation ); + if (status != PSA_SUCCESS) { + psa_hash_abort(operation); + } return status; } -psa_status_t psa_hash_update( psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length ) +psa_status_t psa_hash_update(psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } /* Don't require hash implementations to behave correctly on a * zero-length input, which may have an invalid pointer. */ - if( input_length == 0 ) - return( PSA_SUCCESS ); + if (input_length == 0) { + return PSA_SUCCESS; + } - status = psa_driver_wrapper_hash_update( operation, input, input_length ); + status = psa_driver_wrapper_hash_update(operation, input, input_length); exit: - if( status != PSA_SUCCESS ) - psa_hash_abort( operation ); + if (status != PSA_SUCCESS) { + psa_hash_abort(operation); + } - return( status ); + return status; } -psa_status_t psa_hash_finish( psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length ) +psa_status_t psa_hash_finish(psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) { *hash_length = 0; - if( operation->id == 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->id == 0) { + return PSA_ERROR_BAD_STATE; + } psa_status_t status = psa_driver_wrapper_hash_finish( - operation, hash, hash_size, hash_length ); - psa_hash_abort( operation ); - return( status ); + operation, hash, hash_size, hash_length); + psa_hash_abort(operation); + return status; } -psa_status_t psa_hash_verify( psa_hash_operation_t *operation, - const uint8_t *hash, - size_t hash_length ) +psa_status_t psa_hash_verify(psa_hash_operation_t *operation, + const uint8_t *hash, + size_t hash_length) { uint8_t actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; psa_status_t status = psa_hash_finish( - operation, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ); + operation, + actual_hash, sizeof(actual_hash), + &actual_hash_length); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { goto exit; + } - if( actual_hash_length != hash_length ) - { + if (actual_hash_length != hash_length) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } - if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 ) + if (mbedtls_psa_safer_memcmp(hash, actual_hash, actual_hash_length) != 0) { status = PSA_ERROR_INVALID_SIGNATURE; + } exit: - mbedtls_platform_zeroize( actual_hash, sizeof( actual_hash ) ); - if( status != PSA_SUCCESS ) + mbedtls_platform_zeroize(actual_hash, sizeof(actual_hash)); + if (status != PSA_SUCCESS) { psa_hash_abort(operation); + } - return( status ); + return status; } -psa_status_t psa_hash_compute( psa_algorithm_t alg, - const uint8_t *input, size_t input_length, - uint8_t *hash, size_t hash_size, - size_t *hash_length ) +psa_status_t psa_hash_compute(psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + uint8_t *hash, size_t hash_size, + size_t *hash_length) { *hash_length = 0; - if( !PSA_ALG_IS_HASH( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_ALG_IS_HASH(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - return( psa_driver_wrapper_hash_compute( alg, input, input_length, - hash, hash_size, hash_length ) ); + return psa_driver_wrapper_hash_compute(alg, input, input_length, + hash, hash_size, hash_length); } -psa_status_t psa_hash_compare( psa_algorithm_t alg, - const uint8_t *input, size_t input_length, - const uint8_t *hash, size_t hash_length ) +psa_status_t psa_hash_compare(psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + const uint8_t *hash, size_t hash_length) { uint8_t actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; - if( !PSA_ALG_IS_HASH( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_ALG_IS_HASH(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } psa_status_t status = psa_driver_wrapper_hash_compute( - alg, input, input_length, - actual_hash, sizeof(actual_hash), - &actual_hash_length ); - if( status != PSA_SUCCESS ) + alg, input, input_length, + actual_hash, sizeof(actual_hash), + &actual_hash_length); + if (status != PSA_SUCCESS) { goto exit; - if( actual_hash_length != hash_length ) - { + } + if (actual_hash_length != hash_length) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } - if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 ) + if (mbedtls_psa_safer_memcmp(hash, actual_hash, actual_hash_length) != 0) { status = PSA_ERROR_INVALID_SIGNATURE; + } exit: - mbedtls_platform_zeroize( actual_hash, sizeof( actual_hash ) ); - return( status ); + mbedtls_platform_zeroize(actual_hash, sizeof(actual_hash)); + return status; } -psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, - psa_hash_operation_t *target_operation ) +psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, + psa_hash_operation_t *target_operation) { - if( source_operation->id == 0 || - target_operation->id != 0 ) - { - return( PSA_ERROR_BAD_STATE ); + if (source_operation->id == 0 || + target_operation->id != 0) { + return PSA_ERROR_BAD_STATE; } - psa_status_t status = psa_driver_wrapper_hash_clone( source_operation, - target_operation ); - if( status != PSA_SUCCESS ) - psa_hash_abort( target_operation ); + psa_status_t status = psa_driver_wrapper_hash_clone(source_operation, + target_operation); + if (status != PSA_SUCCESS) { + psa_hash_abort(target_operation); + } - return( status ); + return status; } @@ -2316,59 +2335,59 @@ psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, /* MAC */ /****************************************************************/ -psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) +psa_status_t psa_mac_abort(psa_mac_operation_t *operation) { /* Aborting a non-active operation is allowed */ - if( operation->id == 0 ) - return( PSA_SUCCESS ); + if (operation->id == 0) { + return PSA_SUCCESS; + } - psa_status_t status = psa_driver_wrapper_mac_abort( operation ); + psa_status_t status = psa_driver_wrapper_mac_abort(operation); operation->mac_size = 0; operation->is_sign = 0; operation->id = 0; - return( status ); + return status; } static psa_status_t psa_mac_finalize_alg_and_key_validation( psa_algorithm_t alg, const psa_key_attributes_t *attributes, - uint8_t *mac_size ) + uint8_t *mac_size) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_type_t key_type = psa_get_key_type( attributes ); - size_t key_bits = psa_get_key_bits( attributes ); + psa_key_type_t key_type = psa_get_key_type(attributes); + size_t key_bits = psa_get_key_bits(attributes); - if( ! PSA_ALG_IS_MAC( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_ALG_IS_MAC(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } /* Validate the combination of key type and algorithm */ - status = psa_mac_key_can_do( alg, key_type ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_mac_key_can_do(alg, key_type); + if (status != PSA_SUCCESS) { + return status; + } /* Get the output length for the algorithm and key combination */ - *mac_size = PSA_MAC_LENGTH( key_type, key_bits, alg ); + *mac_size = PSA_MAC_LENGTH(key_type, key_bits, alg); - if( *mac_size < 4 ) - { + if (*mac_size < 4) { /* A very short MAC is too short for security since it can be * brute-forced. Ancient protocols with 32-bit MACs do exist, * so we make this our minimum, even though 32 bits is still * too small for security. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - if( *mac_size > PSA_MAC_LENGTH( key_type, key_bits, - PSA_ALG_FULL_LENGTH_MAC( alg ) ) ) - { + if (*mac_size > PSA_MAC_LENGTH(key_type, key_bits, + PSA_ALG_FULL_LENGTH_MAC(alg))) { /* It's impossible to "truncate" to a larger length than the full length * of the algorithm. */ - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } - if( *mac_size > PSA_MAC_MAX_SIZE ) - { + if (*mac_size > PSA_MAC_MAX_SIZE) { /* PSA_MAC_LENGTH returns the correct length even for a MAC algorithm * that is disabled in the compile-time configuration. The result can * therefore be larger than PSA_MAC_MAX_SIZE, which does take the @@ -2378,144 +2397,142 @@ static psa_status_t psa_mac_finalize_alg_and_key_validation( * PSA_ERROR_BUFFER_TOO_SMALL for an unsupported algorithm whose MAC size * is larger than PSA_MAC_MAX_SIZE, which is misleading and which breaks * systematically generated tests. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - int is_sign ) +static psa_status_t psa_mac_setup(psa_mac_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + int is_sign) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot = NULL; /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) - { + if (operation->id != 0) { status = PSA_ERROR_BAD_STATE; goto exit; } status = psa_get_and_lock_key_slot_with_policy( - key, - &slot, - is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE, - alg ); - if( status != PSA_SUCCESS ) + key, + &slot, + is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE, + alg); + if (status != PSA_SUCCESS) { goto exit; + } psa_key_attributes_t attributes = { .core = slot->attr }; - status = psa_mac_finalize_alg_and_key_validation( alg, &attributes, - &operation->mac_size ); - if( status != PSA_SUCCESS ) + status = psa_mac_finalize_alg_and_key_validation(alg, &attributes, + &operation->mac_size); + if (status != PSA_SUCCESS) { goto exit; + } operation->is_sign = is_sign; /* Dispatch the MAC setup call with validated input */ - if( is_sign ) - { - status = psa_driver_wrapper_mac_sign_setup( operation, - &attributes, - slot->key.data, - slot->key.bytes, - alg ); - } - else - { - status = psa_driver_wrapper_mac_verify_setup( operation, - &attributes, - slot->key.data, - slot->key.bytes, - alg ); + if (is_sign) { + status = psa_driver_wrapper_mac_sign_setup(operation, + &attributes, + slot->key.data, + slot->key.bytes, + alg); + } else { + status = psa_driver_wrapper_mac_verify_setup(operation, + &attributes, + slot->key.data, + slot->key.bytes, + alg); } exit: - if( status != PSA_SUCCESS ) - psa_mac_abort( operation ); + if (status != PSA_SUCCESS) { + psa_mac_abort(operation); + } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg ) +psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg) { - return( psa_mac_setup( operation, key, alg, 1 ) ); + return psa_mac_setup(operation, key, alg, 1); } -psa_status_t psa_mac_verify_setup( psa_mac_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg ) +psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg) { - return( psa_mac_setup( operation, key, alg, 0 ) ); + return psa_mac_setup(operation, key, alg, 0); } -psa_status_t psa_mac_update( psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ) +psa_status_t psa_mac_update(psa_mac_operation_t *operation, + const uint8_t *input, + size_t input_length) { - if( operation->id == 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->id == 0) { + return PSA_ERROR_BAD_STATE; + } /* Don't require hash implementations to behave correctly on a * zero-length input, which may have an invalid pointer. */ - if( input_length == 0 ) - return( PSA_SUCCESS ); + if (input_length == 0) { + return PSA_SUCCESS; + } - psa_status_t status = psa_driver_wrapper_mac_update( operation, - input, input_length ); - if( status != PSA_SUCCESS ) - psa_mac_abort( operation ); + psa_status_t status = psa_driver_wrapper_mac_update(operation, + input, input_length); + if (status != PSA_SUCCESS) { + psa_mac_abort(operation); + } - return( status ); + return status; } -psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) +psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( ! operation->is_sign ) - { + if (!operation->is_sign) { status = PSA_ERROR_BAD_STATE; goto exit; } /* Sanity check. This will guarantee that mac_size != 0 (and so mac != NULL) * once all the error checks are done. */ - if( operation->mac_size == 0 ) - { + if (operation->mac_size == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( mac_size < operation->mac_size ) - { + if (mac_size < operation->mac_size) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } - status = psa_driver_wrapper_mac_sign_finish( operation, - mac, operation->mac_size, - mac_length ); + status = psa_driver_wrapper_mac_sign_finish(operation, + mac, operation->mac_size, + mac_length); exit: /* In case of success, set the potential excess room in the output buffer @@ -2524,63 +2541,60 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, * such that in case the caller misses an error check, the output would be * an unachievable MAC. */ - if( status != PSA_SUCCESS ) - { + if (status != PSA_SUCCESS) { *mac_length = mac_size; operation->mac_size = 0; } - if( mac_size > operation->mac_size ) - memset( &mac[operation->mac_size], '!', - mac_size - operation->mac_size ); + if (mac_size > operation->mac_size) { + memset(&mac[operation->mac_size], '!', + mac_size - operation->mac_size); + } - abort_status = psa_mac_abort( operation ); + abort_status = psa_mac_abort(operation); - return( status == PSA_SUCCESS ? abort_status : status ); + return status == PSA_SUCCESS ? abort_status : status; } -psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ) +psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->is_sign ) - { + if (operation->is_sign) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->mac_size != mac_length ) - { + if (operation->mac_size != mac_length) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } - status = psa_driver_wrapper_mac_verify_finish( operation, - mac, mac_length ); + status = psa_driver_wrapper_mac_verify_finish(operation, + mac, mac_length); exit: - abort_status = psa_mac_abort( operation ); + abort_status = psa_mac_abort(operation); - return( status == PSA_SUCCESS ? abort_status : status ); + return status == PSA_SUCCESS ? abort_status : status; } -static psa_status_t psa_mac_compute_internal( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length, - int is_sign ) +static psa_status_t psa_mac_compute_internal(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length, + int is_sign) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -2588,34 +2602,35 @@ static psa_status_t psa_mac_compute_internal( mbedtls_svc_key_id_t key, uint8_t operation_mac_size = 0; status = psa_get_and_lock_key_slot_with_policy( - key, - &slot, - is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE, - alg ); - if( status != PSA_SUCCESS ) + key, + &slot, + is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE, + alg); + if (status != PSA_SUCCESS) { goto exit; + } psa_key_attributes_t attributes = { .core = slot->attr }; - status = psa_mac_finalize_alg_and_key_validation( alg, &attributes, - &operation_mac_size ); - if( status != PSA_SUCCESS ) + status = psa_mac_finalize_alg_and_key_validation(alg, &attributes, + &operation_mac_size); + if (status != PSA_SUCCESS) { goto exit; + } - if( mac_size < operation_mac_size ) - { + if (mac_size < operation_mac_size) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } status = psa_driver_wrapper_mac_compute( - &attributes, - slot->key.data, slot->key.bytes, - alg, - input, input_length, - mac, operation_mac_size, mac_length ); + &attributes, + slot->key.data, slot->key.bytes, + alg, + input, input_length, + mac, operation_mac_size, mac_length); exit: /* In case of success, set the potential excess room in the output buffer @@ -2624,102 +2639,100 @@ static psa_status_t psa_mac_compute_internal( mbedtls_svc_key_id_t key, * such that in case the caller misses an error check, the output would be * an unachievable MAC. */ - if( status != PSA_SUCCESS ) - { + if (status != PSA_SUCCESS) { *mac_length = mac_size; operation_mac_size = 0; } - if( mac_size > operation_mac_size ) - memset( &mac[operation_mac_size], '!', mac_size - operation_mac_size ); - - unlock_status = psa_unlock_key_slot( slot ); + if (mac_size > operation_mac_size) { + memset(&mac[operation_mac_size], '!', mac_size - operation_mac_size); + } - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); -} + unlock_status = psa_unlock_key_slot(slot); -psa_status_t psa_mac_compute( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length) -{ - return( psa_mac_compute_internal( key, alg, - input, input_length, - mac, mac_size, mac_length, 1 ) ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -psa_status_t psa_mac_verify( mbedtls_svc_key_id_t key, +psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, - const uint8_t *mac, - size_t mac_length) + uint8_t *mac, + size_t mac_size, + size_t *mac_length) +{ + return psa_mac_compute_internal(key, alg, + input, input_length, + mac, mac_size, mac_length, 1); +} + +psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *mac, + size_t mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; uint8_t actual_mac[PSA_MAC_MAX_SIZE]; size_t actual_mac_length; - status = psa_mac_compute_internal( key, alg, - input, input_length, - actual_mac, sizeof( actual_mac ), - &actual_mac_length, 0 ); - if( status != PSA_SUCCESS ) + status = psa_mac_compute_internal(key, alg, + input, input_length, + actual_mac, sizeof(actual_mac), + &actual_mac_length, 0); + if (status != PSA_SUCCESS) { goto exit; + } - if( mac_length != actual_mac_length ) - { + if (mac_length != actual_mac_length) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } - if( mbedtls_psa_safer_memcmp( mac, actual_mac, actual_mac_length ) != 0 ) - { + if (mbedtls_psa_safer_memcmp(mac, actual_mac, actual_mac_length) != 0) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } exit: - mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) ); + mbedtls_platform_zeroize(actual_mac, sizeof(actual_mac)); - return ( status ); + return status; } /****************************************************************/ /* Asymmetric cryptography */ /****************************************************************/ -static psa_status_t psa_sign_verify_check_alg( int input_is_message, - psa_algorithm_t alg ) +static psa_status_t psa_sign_verify_check_alg(int input_is_message, + psa_algorithm_t alg) { - if( input_is_message ) - { - if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (input_is_message) { + if (!PSA_ALG_IS_SIGN_MESSAGE(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - if ( PSA_ALG_IS_SIGN_HASH( alg ) ) - { - if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (PSA_ALG_IS_SIGN_HASH(alg)) { + if (!PSA_ALG_IS_HASH(PSA_ALG_SIGN_GET_HASH(alg))) { + return PSA_ERROR_INVALID_ARGUMENT; + } + } + } else { + if (!PSA_ALG_IS_SIGN_HASH(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; } - } - else - { - if( ! PSA_ALG_IS_SIGN_HASH( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, - int input_is_message, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - uint8_t * signature, - size_t signature_size, - size_t * signature_length ) +static psa_status_t psa_sign_internal(mbedtls_svc_key_id_t key, + int input_is_message, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -2727,50 +2740,49 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, *signature_length = 0; - status = psa_sign_verify_check_alg( input_is_message, alg ); - if( status != PSA_SUCCESS ) + status = psa_sign_verify_check_alg(input_is_message, alg); + if (status != PSA_SUCCESS) { return status; + } /* Immediately reject a zero-length signature buffer. This guarantees * that signature must be a valid pointer. (On the other hand, the input * buffer can in principle be empty since it doesn't actually have * to be a hash.) */ - if( signature_size == 0 ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (signature_size == 0) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } status = psa_get_and_lock_key_slot_with_policy( - key, &slot, - input_is_message ? PSA_KEY_USAGE_SIGN_MESSAGE : - PSA_KEY_USAGE_SIGN_HASH, - alg ); + key, &slot, + input_is_message ? PSA_KEY_USAGE_SIGN_MESSAGE : + PSA_KEY_USAGE_SIGN_HASH, + alg); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { goto exit; + } - if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) - { + if (!PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } psa_key_attributes_t attributes = { - .core = slot->attr + .core = slot->attr }; - if( input_is_message ) - { + if (input_is_message) { status = psa_driver_wrapper_sign_message( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, - signature, signature_size, signature_length ); - } - else - { + signature, signature_size, signature_length); + } else { status = psa_driver_wrapper_sign_hash( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, - signature, signature_size, signature_length ); + signature, signature_size, signature_length); } @@ -2779,66 +2791,66 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, * the trailing part on success) with something that isn't a valid signature * (barring an attack on the signature and deliberately-crafted input), * in case the caller doesn't check the return status properly. */ - if( status == PSA_SUCCESS ) - memset( signature + *signature_length, '!', - signature_size - *signature_length ); - else - memset( signature, '!', signature_size ); + if (status == PSA_SUCCESS) { + memset(signature + *signature_length, '!', + signature_size - *signature_length); + } else { + memset(signature, '!', signature_size); + } /* If signature_size is 0 then we have nothing to do. We must not call * memset because signature may be NULL in this case. */ - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, - int input_is_message, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - const uint8_t * signature, - size_t signature_length ) +static psa_status_t psa_verify_internal(mbedtls_svc_key_id_t key, + int input_is_message, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - status = psa_sign_verify_check_alg( input_is_message, alg ); - if( status != PSA_SUCCESS ) + status = psa_sign_verify_check_alg(input_is_message, alg); + if (status != PSA_SUCCESS) { return status; + } status = psa_get_and_lock_key_slot_with_policy( - key, &slot, - input_is_message ? PSA_KEY_USAGE_VERIFY_MESSAGE : - PSA_KEY_USAGE_VERIFY_HASH, - alg ); + key, &slot, + input_is_message ? PSA_KEY_USAGE_VERIFY_MESSAGE : + PSA_KEY_USAGE_VERIFY_HASH, + alg); - if( status != PSA_SUCCESS ) - return( status ); + if (status != PSA_SUCCESS) { + return status; + } psa_key_attributes_t attributes = { - .core = slot->attr + .core = slot->attr }; - if( input_is_message ) - { + if (input_is_message) { status = psa_driver_wrapper_verify_message( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, - signature, signature_length ); - } - else - { + signature, signature_length); + } else { status = psa_driver_wrapper_verify_hash( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, - signature, signature_length ); + signature, signature_length); } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -2851,43 +2863,43 @@ psa_status_t psa_sign_message_builtin( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ) + size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if ( PSA_ALG_IS_SIGN_HASH( alg ) ) - { + if (PSA_ALG_IS_SIGN_HASH(alg)) { size_t hash_length; uint8_t hash[PSA_HASH_MAX_SIZE]; status = psa_driver_wrapper_hash_compute( - PSA_ALG_SIGN_GET_HASH( alg ), - input, input_length, - hash, sizeof( hash ), &hash_length ); + PSA_ALG_SIGN_GET_HASH(alg), + input, input_length, + hash, sizeof(hash), &hash_length); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { return status; + } return psa_driver_wrapper_sign_hash( - attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ); + attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); } - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } -psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - uint8_t * signature, - size_t signature_size, - size_t * signature_length ) +psa_status_t psa_sign_message(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) { return psa_sign_internal( key, 1, alg, input, input_length, - signature, signature_size, signature_length ); + signature, signature_size, signature_length); } psa_status_t psa_verify_message_builtin( @@ -2898,202 +2910,184 @@ psa_status_t psa_verify_message_builtin( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ) + size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if ( PSA_ALG_IS_SIGN_HASH( alg ) ) - { + if (PSA_ALG_IS_SIGN_HASH(alg)) { size_t hash_length; uint8_t hash[PSA_HASH_MAX_SIZE]; status = psa_driver_wrapper_hash_compute( - PSA_ALG_SIGN_GET_HASH( alg ), - input, input_length, - hash, sizeof( hash ), &hash_length ); + PSA_ALG_SIGN_GET_HASH(alg), + input, input_length, + hash, sizeof(hash), &hash_length); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { return status; + } return psa_driver_wrapper_verify_hash( - attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ); + attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); } - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } -psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - const uint8_t * signature, - size_t signature_length ) +psa_status_t psa_verify_message(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length) { return psa_verify_internal( key, 1, alg, input, input_length, - signature, signature_length ); + signature, signature_length); } psa_status_t psa_sign_hash_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + uint8_t *signature, size_t signature_size, size_t *signature_length) { - if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || - PSA_ALG_IS_RSA_PSS( alg) ) - { + if (attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR) { + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || + PSA_ALG_IS_RSA_PSS(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - return( mbedtls_psa_rsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return mbedtls_psa_rsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */ + } else { + return PSA_ERROR_INVALID_ARGUMENT; } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); - } - } - else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) - { - if( PSA_ALG_IS_ECDSA( alg ) ) - { + } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) { + if (PSA_ALG_IS_ECDSA(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - return( mbedtls_psa_ecdsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return mbedtls_psa_ecdsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ - } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); + } else { + return PSA_ERROR_INVALID_ARGUMENT; } } - (void)key_buffer; - (void)key_buffer_size; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_size; - (void)signature_length; + (void) key_buffer; + (void) key_buffer_size; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_size; + (void) signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } -psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length ) +psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) { return psa_sign_internal( key, 0, alg, hash, hash_length, - signature, signature_size, signature_length ); + signature, signature_size, signature_length); } psa_status_t psa_verify_hash_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) + const uint8_t *signature, size_t signature_length) { - if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) ) - { - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || - PSA_ALG_IS_RSA_PSS( alg) ) - { + if (PSA_KEY_TYPE_IS_RSA(attributes->core.type)) { + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || + PSA_ALG_IS_RSA_PSS(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - return( mbedtls_psa_rsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return mbedtls_psa_rsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */ + } else { + return PSA_ERROR_INVALID_ARGUMENT; } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); - } - } - else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) - { - if( PSA_ALG_IS_ECDSA( alg ) ) - { + } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) { + if (PSA_ALG_IS_ECDSA(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - return( mbedtls_psa_ecdsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return mbedtls_psa_ecdsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ - } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); + } else { + return PSA_ERROR_INVALID_ARGUMENT; } } - (void)key_buffer; - (void)key_buffer_size; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_length; + (void) key_buffer; + (void) key_buffer_size; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } -psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *signature, - size_t signature_length ) +psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) { return psa_verify_internal( key, 0, alg, hash, hash_length, - signature, signature_length ); + signature, signature_length); } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) -static void psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg, - mbedtls_rsa_context *rsa ) +static void psa_rsa_oaep_set_padding_mode(psa_algorithm_t alg, + mbedtls_rsa_context *rsa) { - psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH( alg ); - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); - mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info ); - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); + psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH(alg); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg); + mbedtls_md_type_t md_alg = mbedtls_md_get_type(md_info); + mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V21, md_alg); } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ -psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -3107,107 +3101,101 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, *output_length = 0; - if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_ALG_IS_RSA_OAEP(alg) && salt_length != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } status = psa_get_and_lock_transparent_key_slot_with_policy( - key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); - if( status != PSA_SUCCESS ) - return( status ); - if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) || - PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) ) - { + key, &slot, PSA_KEY_USAGE_ENCRYPT, alg); + if (status != PSA_SUCCESS) { + return status; + } + if (!(PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type) || + PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type))) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) - { + if (PSA_KEY_TYPE_IS_RSA(slot->attr.type)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) mbedtls_rsa_context *rsa = NULL; - status = mbedtls_psa_rsa_load_representation( slot->attr.type, - slot->key.data, - slot->key.bytes, - &rsa ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_rsa_load_representation(slot->attr.type, + slot->key.data, + slot->key.bytes, + &rsa); + if (status != PSA_SUCCESS) { goto rsa_exit; + } - if( output_size < mbedtls_rsa_get_len( rsa ) ) - { + if (output_size < mbedtls_rsa_get_len(rsa)) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto rsa_exit; } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ - if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) - { + if (alg == PSA_ALG_RSA_PKCS1V15_CRYPT) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) status = mbedtls_to_psa_error( - mbedtls_rsa_pkcs1_encrypt( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PUBLIC, - input_length, - input, - output ) ); + mbedtls_rsa_pkcs1_encrypt(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PUBLIC, + input_length, + input, + output)); #else status = PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ - } - else - if( PSA_ALG_IS_RSA_OAEP( alg ) ) - { + } else + if (PSA_ALG_IS_RSA_OAEP(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) - psa_rsa_oaep_set_padding_mode( alg, rsa ); + psa_rsa_oaep_set_padding_mode(alg, rsa); status = mbedtls_to_psa_error( - mbedtls_rsa_rsaes_oaep_encrypt( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PUBLIC, - salt, salt_length, - input_length, - input, - output ) ); + mbedtls_rsa_rsaes_oaep_encrypt(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PUBLIC, + salt, salt_length, + input_length, + input, + output)); #else status = PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ - } - else - { + } else { status = PSA_ERROR_INVALID_ARGUMENT; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) rsa_exit: - if( status == PSA_SUCCESS ) - *output_length = mbedtls_rsa_get_len( rsa ); + if (status == PSA_SUCCESS) { + *output_length = mbedtls_rsa_get_len(rsa); + } - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ - } - else - { + } else { status = PSA_ERROR_NOT_SUPPORTED; } exit: - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -3221,96 +3209,89 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, *output_length = 0; - if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_ALG_IS_RSA_OAEP(alg) && salt_length != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } status = psa_get_and_lock_transparent_key_slot_with_policy( - key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); - if( status != PSA_SUCCESS ) - return( status ); - if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) - { + key, &slot, PSA_KEY_USAGE_DECRYPT, alg); + if (status != PSA_SUCCESS) { + return status; + } + if (!PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { + if (slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) mbedtls_rsa_context *rsa = NULL; - status = mbedtls_psa_rsa_load_representation( slot->attr.type, - slot->key.data, - slot->key.bytes, - &rsa ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_rsa_load_representation(slot->attr.type, + slot->key.data, + slot->key.bytes, + &rsa); + if (status != PSA_SUCCESS) { goto exit; + } - if( input_length != mbedtls_rsa_get_len( rsa ) ) - { + if (input_length != mbedtls_rsa_get_len(rsa)) { status = PSA_ERROR_INVALID_ARGUMENT; goto rsa_exit; } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ - if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) - { + if (alg == PSA_ALG_RSA_PKCS1V15_CRYPT) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) status = mbedtls_to_psa_error( - mbedtls_rsa_pkcs1_decrypt( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PRIVATE, - output_length, - input, - output, - output_size ) ); + mbedtls_rsa_pkcs1_decrypt(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PRIVATE, + output_length, + input, + output, + output_size)); #else status = PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ - } - else - if( PSA_ALG_IS_RSA_OAEP( alg ) ) - { + } else + if (PSA_ALG_IS_RSA_OAEP(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) - psa_rsa_oaep_set_padding_mode( alg, rsa ); + psa_rsa_oaep_set_padding_mode(alg, rsa); status = mbedtls_to_psa_error( - mbedtls_rsa_rsaes_oaep_decrypt( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PRIVATE, - salt, salt_length, - output_length, - input, - output, - output_size ) ); + mbedtls_rsa_rsaes_oaep_decrypt(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PRIVATE, + salt, salt_length, + output_length, + input, + output, + output_size)); #else status = PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ - } - else - { + } else { status = PSA_ERROR_INVALID_ARGUMENT; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) rsa_exit: - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ - } - else - { + } else { status = PSA_ERROR_NOT_SUPPORTED; } exit: - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -3319,279 +3300,268 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, /* Symmetric cryptography */ /****************************************************************/ -static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - mbedtls_operation_t cipher_operation ) +static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + mbedtls_operation_t cipher_operation) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot = NULL; - psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ? - PSA_KEY_USAGE_ENCRYPT : - PSA_KEY_USAGE_DECRYPT ); + psa_key_usage_t usage = (cipher_operation == MBEDTLS_ENCRYPT ? + PSA_KEY_USAGE_ENCRYPT : + PSA_KEY_USAGE_DECRYPT); /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) - { + if (operation->id != 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( ! PSA_ALG_IS_CIPHER( alg ) ) - { + if (!PSA_ALG_IS_CIPHER(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - status = psa_get_and_lock_key_slot_with_policy( key, &slot, usage, alg ); - if( status != PSA_SUCCESS ) + status = psa_get_and_lock_key_slot_with_policy(key, &slot, usage, alg); + if (status != PSA_SUCCESS) { goto exit; + } /* Initialize the operation struct members, except for id. The id member * is used to indicate to psa_cipher_abort that there are resources to free, * so we only set it (in the driver wrapper) after resources have been * allocated/initialized. */ operation->iv_set = 0; - if( alg == PSA_ALG_ECB_NO_PADDING ) + if (alg == PSA_ALG_ECB_NO_PADDING) { operation->iv_required = 0; - else if( slot->attr.type == PSA_KEY_TYPE_ARC4 ) + } else if (slot->attr.type == PSA_KEY_TYPE_ARC4) { operation->iv_required = 0; - else + } else { operation->iv_required = 1; - operation->default_iv_length = PSA_CIPHER_IV_LENGTH( slot->attr.type, alg ); + } + operation->default_iv_length = PSA_CIPHER_IV_LENGTH(slot->attr.type, alg); psa_key_attributes_t attributes = { - .core = slot->attr + .core = slot->attr }; /* Try doing the operation through a driver before using software fallback. */ - if( cipher_operation == MBEDTLS_ENCRYPT ) - status = psa_driver_wrapper_cipher_encrypt_setup( operation, - &attributes, - slot->key.data, - slot->key.bytes, - alg ); - else - status = psa_driver_wrapper_cipher_decrypt_setup( operation, - &attributes, - slot->key.data, - slot->key.bytes, - alg ); + if (cipher_operation == MBEDTLS_ENCRYPT) { + status = psa_driver_wrapper_cipher_encrypt_setup(operation, + &attributes, + slot->key.data, + slot->key.bytes, + alg); + } else { + status = psa_driver_wrapper_cipher_decrypt_setup(operation, + &attributes, + slot->key.data, + slot->key.bytes, + alg); + } exit: - if( status != PSA_SUCCESS ) - psa_cipher_abort( operation ); + if (status != PSA_SUCCESS) { + psa_cipher_abort(operation); + } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg ) +psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg) { - return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) ); + return psa_cipher_setup(operation, key, alg, MBEDTLS_ENCRYPT); } -psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg ) +psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg) { - return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) ); + return psa_cipher_setup(operation, key, alg, MBEDTLS_DECRYPT); } -psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, - uint8_t *iv, - size_t iv_size, - size_t *iv_length ) +psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, + uint8_t *iv, + size_t iv_size, + size_t *iv_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE]; size_t default_iv_length; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->iv_set || ! operation->iv_required ) - { + if (operation->iv_set || !operation->iv_required) { status = PSA_ERROR_BAD_STATE; goto exit; } default_iv_length = operation->default_iv_length; - if( iv_size < default_iv_length ) - { + if (iv_size < default_iv_length) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } - if( default_iv_length > PSA_CIPHER_IV_MAX_SIZE ) - { + if (default_iv_length > PSA_CIPHER_IV_MAX_SIZE) { status = PSA_ERROR_GENERIC_ERROR; goto exit; } - status = psa_generate_random( local_iv, default_iv_length ); - if( status != PSA_SUCCESS ) + status = psa_generate_random(local_iv, default_iv_length); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_driver_wrapper_cipher_set_iv( operation, - local_iv, default_iv_length ); + status = psa_driver_wrapper_cipher_set_iv(operation, + local_iv, default_iv_length); exit: - if( status == PSA_SUCCESS ) - { - memcpy( iv, local_iv, default_iv_length ); + if (status == PSA_SUCCESS) { + memcpy(iv, local_iv, default_iv_length); *iv_length = default_iv_length; operation->iv_set = 1; - } - else - { + } else { *iv_length = 0; - psa_cipher_abort( operation ); + psa_cipher_abort(operation); } - return( status ); + return status; } -psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation, - const uint8_t *iv, - size_t iv_length ) +psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, + const uint8_t *iv, + size_t iv_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->iv_set || ! operation->iv_required ) - { + if (operation->iv_set || !operation->iv_required) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( iv_length > PSA_CIPHER_IV_MAX_SIZE ) - { + if (iv_length > PSA_CIPHER_IV_MAX_SIZE) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - status = psa_driver_wrapper_cipher_set_iv( operation, - iv, - iv_length ); + status = psa_driver_wrapper_cipher_set_iv(operation, + iv, + iv_length); exit: - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->iv_set = 1; - else - psa_cipher_abort( operation ); - return( status ); + } else { + psa_cipher_abort(operation); + } + return status; } -psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->iv_required && ! operation->iv_set ) - { + if (operation->iv_required && !operation->iv_set) { status = PSA_ERROR_BAD_STATE; goto exit; } - status = psa_driver_wrapper_cipher_update( operation, - input, - input_length, - output, - output_size, - output_length ); + status = psa_driver_wrapper_cipher_update(operation, + input, + input_length, + output, + output_size, + output_length); exit: - if( status != PSA_SUCCESS ) - psa_cipher_abort( operation ); + if (status != PSA_SUCCESS) { + psa_cipher_abort(operation); + } - return( status ); + return status; } -psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_GENERIC_ERROR; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->iv_required && ! operation->iv_set ) - { + if (operation->iv_required && !operation->iv_set) { status = PSA_ERROR_BAD_STATE; goto exit; } - status = psa_driver_wrapper_cipher_finish( operation, - output, - output_size, - output_length ); + status = psa_driver_wrapper_cipher_finish(operation, + output, + output_size, + output_length); exit: - if( status == PSA_SUCCESS ) - return( psa_cipher_abort( operation ) ); - else - { + if (status == PSA_SUCCESS) { + return psa_cipher_abort(operation); + } else { *output_length = 0; - (void) psa_cipher_abort( operation ); + (void) psa_cipher_abort(operation); - return( status ); + return status; } } -psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) +psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) { - if( operation->id == 0 ) - { + if (operation->id == 0) { /* The object has (apparently) been initialized but it is not (yet) * in use. It's ok to call abort on such an object, and there's * nothing to do. */ - return( PSA_SUCCESS ); + return PSA_SUCCESS; } - psa_driver_wrapper_cipher_abort( operation ); + psa_driver_wrapper_cipher_abort(operation); operation->id = 0; operation->iv_set = 0; operation->iv_required = 0; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -3599,95 +3569,93 @@ psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key, uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE]; size_t default_iv_length = 0; - if( ! PSA_ALG_IS_CIPHER( alg ) ) - { + if (!PSA_ALG_IS_CIPHER(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - status = psa_get_and_lock_key_slot_with_policy( key, &slot, - PSA_KEY_USAGE_ENCRYPT, - alg ); - if( status != PSA_SUCCESS ) + status = psa_get_and_lock_key_slot_with_policy(key, &slot, + PSA_KEY_USAGE_ENCRYPT, + alg); + if (status != PSA_SUCCESS) { goto exit; + } psa_key_attributes_t attributes = { - .core = slot->attr + .core = slot->attr }; - default_iv_length = PSA_CIPHER_IV_LENGTH( slot->attr.type, alg ); - if( default_iv_length > PSA_CIPHER_IV_MAX_SIZE ) - { + default_iv_length = PSA_CIPHER_IV_LENGTH(slot->attr.type, alg); + if (default_iv_length > PSA_CIPHER_IV_MAX_SIZE) { status = PSA_ERROR_GENERIC_ERROR; goto exit; } - if( default_iv_length > 0 ) - { - if( output_size < default_iv_length ) - { + if (default_iv_length > 0) { + if (output_size < default_iv_length) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } - status = psa_generate_random( local_iv, default_iv_length ); - if( status != PSA_SUCCESS ) + status = psa_generate_random(local_iv, default_iv_length); + if (status != PSA_SUCCESS) { goto exit; + } } status = psa_driver_wrapper_cipher_encrypt( &attributes, slot->key.data, slot->key.bytes, alg, local_iv, default_iv_length, input, input_length, - mbedtls_buffer_offset( output, default_iv_length ), - output_size - default_iv_length, output_length ); + mbedtls_buffer_offset(output, default_iv_length), + output_size - default_iv_length, output_length); exit: - unlock_status = psa_unlock_key_slot( slot ); - if( status == PSA_SUCCESS ) + unlock_status = psa_unlock_key_slot(slot); + if (status == PSA_SUCCESS) { status = unlock_status; + } - if( status == PSA_SUCCESS ) - { - if( default_iv_length > 0 ) - memcpy( output, local_iv, default_iv_length ); + if (status == PSA_SUCCESS) { + if (default_iv_length > 0) { + memcpy(output, local_iv, default_iv_length); + } *output_length += default_iv_length; - } - else + } else { *output_length = 0; + } - return( status ); + return status; } -psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot = NULL; - if( ! PSA_ALG_IS_CIPHER( alg ) ) - { + if (!PSA_ALG_IS_CIPHER(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - status = psa_get_and_lock_key_slot_with_policy( key, &slot, - PSA_KEY_USAGE_DECRYPT, - alg ); - if( status != PSA_SUCCESS ) + status = psa_get_and_lock_key_slot_with_policy(key, &slot, + PSA_KEY_USAGE_DECRYPT, + alg); + if (status != PSA_SUCCESS) { goto exit; + } psa_key_attributes_t attributes = { - .core = slot->attr + .core = slot->attr }; - if( input_length < PSA_CIPHER_IV_LENGTH( slot->attr.type, alg ) ) - { + if (input_length < PSA_CIPHER_IV_LENGTH(slot->attr.type, alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } @@ -3695,17 +3663,19 @@ psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, status = psa_driver_wrapper_cipher_decrypt( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, - output, output_size, output_length ); + output, output_size, output_length); exit: - unlock_status = psa_unlock_key_slot( slot ); - if( status == PSA_SUCCESS ) + unlock_status = psa_unlock_key_slot(slot); + if (status == PSA_SUCCESS) { status = unlock_status; + } - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { *output_length = 0; + } - return( status ); + return status; } @@ -3713,33 +3683,35 @@ psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, /* AEAD */ /****************************************************************/ -psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *plaintext, - size_t plaintext_length, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length ) +psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; *ciphertext_length = 0; - if( !PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_WILDCARD( alg ) ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (!PSA_ALG_IS_AEAD(alg) || PSA_ALG_IS_WILDCARD(alg)) { + return PSA_ERROR_NOT_SUPPORTED; + } status = psa_get_and_lock_key_slot_with_policy( - key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); - if( status != PSA_SUCCESS ) - return( status ); + key, &slot, PSA_KEY_USAGE_ENCRYPT, alg); + if (status != PSA_SUCCESS) { + return status; + } psa_key_attributes_t attributes = { - .core = slot->attr + .core = slot->attr }; status = psa_driver_wrapper_aead_encrypt( @@ -3748,43 +3720,46 @@ psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key, nonce, nonce_length, additional_data, additional_data_length, plaintext, plaintext_length, - ciphertext, ciphertext_size, ciphertext_length ); + ciphertext, ciphertext_size, ciphertext_length); - if( status != PSA_SUCCESS && ciphertext_size != 0 ) - memset( ciphertext, 0, ciphertext_size ); + if (status != PSA_SUCCESS && ciphertext_size != 0) { + memset(ciphertext, 0, ciphertext_size); + } - psa_unlock_key_slot( slot ); + psa_unlock_key_slot(slot); - return( status ); + return status; } -psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *ciphertext, - size_t ciphertext_length, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length ) +psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; *plaintext_length = 0; - if( !PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_WILDCARD( alg ) ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (!PSA_ALG_IS_AEAD(alg) || PSA_ALG_IS_WILDCARD(alg)) { + return PSA_ERROR_NOT_SUPPORTED; + } status = psa_get_and_lock_key_slot_with_policy( - key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); - if( status != PSA_SUCCESS ) - return( status ); + key, &slot, PSA_KEY_USAGE_DECRYPT, alg); + if (status != PSA_SUCCESS) { + return status; + } psa_key_attributes_t attributes = { - .core = slot->attr + .core = slot->attr }; status = psa_driver_wrapper_aead_decrypt( @@ -3793,14 +3768,15 @@ psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key, nonce, nonce_length, additional_data, additional_data_length, ciphertext, ciphertext_length, - plaintext, plaintext_size, plaintext_length ); + plaintext, plaintext_size, plaintext_length); - if( status != PSA_SUCCESS && plaintext_size != 0 ) - memset( plaintext, 0, plaintext_size ); + if (status != PSA_SUCCESS && plaintext_size != 0) { + memset(plaintext, 0, plaintext_size); + } - psa_unlock_key_slot( slot ); + psa_unlock_key_slot(slot); - return( status ); + return status; } /****************************************************************/ @@ -3820,24 +3796,24 @@ static psa_status_t psa_key_derivation_start_hmac( psa_mac_operation_t *operation, psa_algorithm_t hash_alg, const uint8_t *hmac_key, - size_t hmac_key_length ) + size_t hmac_key_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_type( &attributes, PSA_KEY_TYPE_HMAC ); - psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( hmac_key_length ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); + psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC); + psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(hmac_key_length)); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); operation->is_sign = 1; - operation->mac_size = PSA_HASH_LENGTH( hash_alg ); + operation->mac_size = PSA_HASH_LENGTH(hash_alg); - status = psa_driver_wrapper_mac_sign_setup( operation, - &attributes, - hmac_key, hmac_key_length, - PSA_ALG_HMAC( hash_alg ) ); + status = psa_driver_wrapper_mac_sign_setup(operation, + &attributes, + hmac_key, hmac_key_length, + PSA_ALG_HMAC(hash_alg)); - psa_reset_key_attributes( &attributes ); - return( status ); + psa_reset_key_attributes(&attributes); + return status; } #endif /* KDF algorithms reliant on HMAC */ @@ -3847,172 +3823,172 @@ static psa_status_t psa_key_derivation_start_hmac( #define HKDF_STATE_OUTPUT 3 /* output started */ static psa_algorithm_t psa_key_derivation_get_kdf_alg( - const psa_key_derivation_operation_t *operation ) + const psa_key_derivation_operation_t *operation) { - if ( PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) ) - return( PSA_ALG_KEY_AGREEMENT_GET_KDF( operation->alg ) ); - else - return( operation->alg ); + if (PSA_ALG_IS_KEY_AGREEMENT(operation->alg)) { + return PSA_ALG_KEY_AGREEMENT_GET_KDF(operation->alg); + } else { + return operation->alg; + } } -psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation ) +psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation) { psa_status_t status = PSA_SUCCESS; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); - if( kdf_alg == 0 ) - { + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation); + if (kdf_alg == 0) { /* The object has (apparently) been initialized but it is not * in use. It's ok to call abort on such an object, and there's * nothing to do. */ - } - else + } else #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) - if( PSA_ALG_IS_HKDF( kdf_alg ) ) - { - mbedtls_free( operation->ctx.hkdf.info ); - status = psa_mac_abort( &operation->ctx.hkdf.hmac ); - } - else + if (PSA_ALG_IS_HKDF(kdf_alg)) { + mbedtls_free(operation->ctx.hkdf.info); + status = psa_mac_abort(&operation->ctx.hkdf.hmac); + } else #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) - if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || - /* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */ - PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) - { - if( operation->ctx.tls12_prf.secret != NULL ) - { - mbedtls_platform_zeroize( operation->ctx.tls12_prf.secret, - operation->ctx.tls12_prf.secret_length ); - mbedtls_free( operation->ctx.tls12_prf.secret ); + if (PSA_ALG_IS_TLS12_PRF(kdf_alg) || + /* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */ + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + if (operation->ctx.tls12_prf.secret != NULL) { + mbedtls_platform_zeroize(operation->ctx.tls12_prf.secret, + operation->ctx.tls12_prf.secret_length); + mbedtls_free(operation->ctx.tls12_prf.secret); } - if( operation->ctx.tls12_prf.seed != NULL ) - { - mbedtls_platform_zeroize( operation->ctx.tls12_prf.seed, - operation->ctx.tls12_prf.seed_length ); - mbedtls_free( operation->ctx.tls12_prf.seed ); + if (operation->ctx.tls12_prf.seed != NULL) { + mbedtls_platform_zeroize(operation->ctx.tls12_prf.seed, + operation->ctx.tls12_prf.seed_length); + mbedtls_free(operation->ctx.tls12_prf.seed); } - if( operation->ctx.tls12_prf.label != NULL ) - { - mbedtls_platform_zeroize( operation->ctx.tls12_prf.label, - operation->ctx.tls12_prf.label_length ); - mbedtls_free( operation->ctx.tls12_prf.label ); + if (operation->ctx.tls12_prf.label != NULL) { + mbedtls_platform_zeroize(operation->ctx.tls12_prf.label, + operation->ctx.tls12_prf.label_length); + mbedtls_free(operation->ctx.tls12_prf.label); } status = PSA_SUCCESS; /* We leave the fields Ai and output_block to be erased safely by the * mbedtls_platform_zeroize() in the end of this function. */ - } - else + } else #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || * defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) */ { status = PSA_ERROR_BAD_STATE; } - mbedtls_platform_zeroize( operation, sizeof( *operation ) ); - return( status ); + mbedtls_platform_zeroize(operation, sizeof(*operation)); + return status; } psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation, - size_t *capacity) + size_t *capacity) { - if( operation->alg == 0 ) - { + if (operation->alg == 0) { /* This is a blank key derivation operation. */ - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } *capacity = operation->capacity; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_key_derivation_set_capacity( psa_key_derivation_operation_t *operation, - size_t capacity ) +psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *operation, + size_t capacity) { - if( operation->alg == 0 ) - return( PSA_ERROR_BAD_STATE ); - if( capacity > operation->capacity ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (operation->alg == 0) { + return PSA_ERROR_BAD_STATE; + } + if (capacity > operation->capacity) { + return PSA_ERROR_INVALID_ARGUMENT; + } operation->capacity = capacity; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) /* Read some bytes from an HKDF-based operation. This performs a chunk * of the expand phase of the HKDF algorithm. */ -static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkdf, - psa_algorithm_t hash_alg, - uint8_t *output, - size_t output_length ) +static psa_status_t psa_key_derivation_hkdf_read(psa_hkdf_key_derivation_t *hkdf, + psa_algorithm_t hash_alg, + uint8_t *output, + size_t output_length) { - uint8_t hash_length = PSA_HASH_LENGTH( hash_alg ); + uint8_t hash_length = PSA_HASH_LENGTH(hash_alg); size_t hmac_output_length; psa_status_t status; - if( hkdf->state < HKDF_STATE_KEYED || ! hkdf->info_set ) - return( PSA_ERROR_BAD_STATE ); + if (hkdf->state < HKDF_STATE_KEYED || !hkdf->info_set) { + return PSA_ERROR_BAD_STATE; + } hkdf->state = HKDF_STATE_OUTPUT; - while( output_length != 0 ) - { + while (output_length != 0) { /* Copy what remains of the current block */ uint8_t n = hash_length - hkdf->offset_in_block; - if( n > output_length ) + if (n > output_length) { n = (uint8_t) output_length; - memcpy( output, hkdf->output_block + hkdf->offset_in_block, n ); + } + memcpy(output, hkdf->output_block + hkdf->offset_in_block, n); output += n; output_length -= n; hkdf->offset_in_block += n; - if( output_length == 0 ) + if (output_length == 0) { break; + } /* We can't be wanting more output after block 0xff, otherwise * the capacity check in psa_key_derivation_output_bytes() would have * prevented this call. It could happen only if the operation * object was corrupted or if this function is called directly * inside the library. */ - if( hkdf->block_number == 0xff ) - return( PSA_ERROR_BAD_STATE ); + if (hkdf->block_number == 0xff) { + return PSA_ERROR_BAD_STATE; + } /* We need a new block */ ++hkdf->block_number; hkdf->offset_in_block = 0; - status = psa_key_derivation_start_hmac( &hkdf->hmac, - hash_alg, - hkdf->prk, - hash_length ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_key_derivation_start_hmac(&hkdf->hmac, + hash_alg, + hkdf->prk, + hash_length); + if (status != PSA_SUCCESS) { + return status; + } - if( hkdf->block_number != 1 ) - { - status = psa_mac_update( &hkdf->hmac, + if (hkdf->block_number != 1) { + status = psa_mac_update(&hkdf->hmac, + hkdf->output_block, + hash_length); + if (status != PSA_SUCCESS) { + return status; + } + } + status = psa_mac_update(&hkdf->hmac, + hkdf->info, + hkdf->info_length); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_mac_update(&hkdf->hmac, + &hkdf->block_number, 1); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_mac_sign_finish(&hkdf->hmac, hkdf->output_block, - hash_length ); - if( status != PSA_SUCCESS ) - return( status ); + sizeof(hkdf->output_block), + &hmac_output_length); + if (status != PSA_SUCCESS) { + return status; } - status = psa_mac_update( &hkdf->hmac, - hkdf->info, - hkdf->info_length ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_mac_update( &hkdf->hmac, - &hkdf->block_number, 1 ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_mac_sign_finish( &hkdf->hmac, - hkdf->output_block, - sizeof( hkdf->output_block ), - &hmac_output_length ); - if( status != PSA_SUCCESS ) - return( status ); - } - - return( PSA_SUCCESS ); + } + + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */ @@ -4020,10 +3996,10 @@ static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkd defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( psa_tls12_prf_key_derivation_t *tls12_prf, - psa_algorithm_t alg ) + psa_algorithm_t alg) { - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); - uint8_t hash_length = PSA_HASH_LENGTH( hash_alg ); + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(alg); + uint8_t hash_length = PSA_HASH_LENGTH(hash_alg); psa_mac_operation_t hmac = PSA_MAC_OPERATION_INIT; size_t hmac_output_length; psa_status_t status, cleanup_status; @@ -4033,8 +4009,9 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( * prevented this call. It could happen only if the operation * object was corrupted or if this function is called directly * inside the library. */ - if( tls12_prf->block_number == 0xff ) - return( PSA_ERROR_CORRUPTION_DETECTED ); + if (tls12_prf->block_number == 0xff) { + return PSA_ERROR_CORRUPTION_DETECTED; + } /* We need a new block */ ++tls12_prf->block_number; @@ -4057,125 +4034,133 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( * `block_number`. */ - status = psa_key_derivation_start_hmac( &hmac, - hash_alg, - tls12_prf->secret, - tls12_prf->secret_length ); - if( status != PSA_SUCCESS ) + status = psa_key_derivation_start_hmac(&hmac, + hash_alg, + tls12_prf->secret, + tls12_prf->secret_length); + if (status != PSA_SUCCESS) { goto cleanup; + } /* Calculate A(i) where i = tls12_prf->block_number. */ - if( tls12_prf->block_number == 1 ) - { + if (tls12_prf->block_number == 1) { /* A(1) = HMAC_hash(secret, A(0)), where A(0) = seed. (The RFC overloads * the variable seed and in this instance means it in the context of the * P_hash function, where seed = label + seed.) */ - status = psa_mac_update( &hmac, - tls12_prf->label, - tls12_prf->label_length ); - if( status != PSA_SUCCESS ) + status = psa_mac_update(&hmac, + tls12_prf->label, + tls12_prf->label_length); + if (status != PSA_SUCCESS) { goto cleanup; - status = psa_mac_update( &hmac, - tls12_prf->seed, - tls12_prf->seed_length ); - if( status != PSA_SUCCESS ) + } + status = psa_mac_update(&hmac, + tls12_prf->seed, + tls12_prf->seed_length); + if (status != PSA_SUCCESS) { goto cleanup; - } - else - { + } + } else { /* A(i) = HMAC_hash(secret, A(i-1)) */ - status = psa_mac_update( &hmac, tls12_prf->Ai, hash_length ); - if( status != PSA_SUCCESS ) + status = psa_mac_update(&hmac, tls12_prf->Ai, hash_length); + if (status != PSA_SUCCESS) { goto cleanup; + } } - status = psa_mac_sign_finish( &hmac, - tls12_prf->Ai, hash_length, - &hmac_output_length ); - if( hmac_output_length != hash_length ) + status = psa_mac_sign_finish(&hmac, + tls12_prf->Ai, hash_length, + &hmac_output_length); + if (hmac_output_length != hash_length) { status = PSA_ERROR_CORRUPTION_DETECTED; - if( status != PSA_SUCCESS ) + } + if (status != PSA_SUCCESS) { goto cleanup; + } /* Calculate HMAC_hash(secret, A(i) + label + seed). */ - status = psa_key_derivation_start_hmac( &hmac, - hash_alg, - tls12_prf->secret, - tls12_prf->secret_length ); - if( status != PSA_SUCCESS ) + status = psa_key_derivation_start_hmac(&hmac, + hash_alg, + tls12_prf->secret, + tls12_prf->secret_length); + if (status != PSA_SUCCESS) { goto cleanup; - status = psa_mac_update( &hmac, tls12_prf->Ai, hash_length ); - if( status != PSA_SUCCESS ) + } + status = psa_mac_update(&hmac, tls12_prf->Ai, hash_length); + if (status != PSA_SUCCESS) { goto cleanup; - status = psa_mac_update( &hmac, tls12_prf->label, tls12_prf->label_length ); - if( status != PSA_SUCCESS ) + } + status = psa_mac_update(&hmac, tls12_prf->label, tls12_prf->label_length); + if (status != PSA_SUCCESS) { goto cleanup; - status = psa_mac_update( &hmac, tls12_prf->seed, tls12_prf->seed_length ); - if( status != PSA_SUCCESS ) + } + status = psa_mac_update(&hmac, tls12_prf->seed, tls12_prf->seed_length); + if (status != PSA_SUCCESS) { goto cleanup; - status = psa_mac_sign_finish( &hmac, - tls12_prf->output_block, hash_length, - &hmac_output_length ); - if( status != PSA_SUCCESS ) + } + status = psa_mac_sign_finish(&hmac, + tls12_prf->output_block, hash_length, + &hmac_output_length); + if (status != PSA_SUCCESS) { goto cleanup; + } cleanup: - cleanup_status = psa_mac_abort( &hmac ); - if( status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS ) + cleanup_status = psa_mac_abort(&hmac); + if (status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS) { status = cleanup_status; + } - return( status ); + return status; } static psa_status_t psa_key_derivation_tls12_prf_read( psa_tls12_prf_key_derivation_t *tls12_prf, psa_algorithm_t alg, uint8_t *output, - size_t output_length ) + size_t output_length) { - psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg ); - uint8_t hash_length = PSA_HASH_LENGTH( hash_alg ); + psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH(alg); + uint8_t hash_length = PSA_HASH_LENGTH(hash_alg); psa_status_t status; uint8_t offset, length; - switch( tls12_prf->state ) - { + switch (tls12_prf->state) { case PSA_TLS12_PRF_STATE_LABEL_SET: tls12_prf->state = PSA_TLS12_PRF_STATE_OUTPUT; break; case PSA_TLS12_PRF_STATE_OUTPUT: break; default: - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } - while( output_length != 0 ) - { + while (output_length != 0) { /* Check if we have fully processed the current block. */ - if( tls12_prf->left_in_block == 0 ) - { - status = psa_key_derivation_tls12_prf_generate_next_block( tls12_prf, - alg ); - if( status != PSA_SUCCESS ) - return( status ); + if (tls12_prf->left_in_block == 0) { + status = psa_key_derivation_tls12_prf_generate_next_block(tls12_prf, + alg); + if (status != PSA_SUCCESS) { + return status; + } continue; } - if( tls12_prf->left_in_block > output_length ) + if (tls12_prf->left_in_block > output_length) { length = (uint8_t) output_length; - else + } else { length = tls12_prf->left_in_block; + } offset = hash_length - tls12_prf->left_in_block; - memcpy( output, tls12_prf->output_block + offset, length ); + memcpy(output, tls12_prf->output_block + offset, length); output += length; output_length -= length; tls12_prf->left_in_block -= length; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF || * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ @@ -4183,140 +4168,142 @@ static psa_status_t psa_key_derivation_tls12_prf_read( psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *operation, uint8_t *output, - size_t output_length ) + size_t output_length) { psa_status_t status; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation); - if( operation->alg == 0 ) - { + if (operation->alg == 0) { /* This is a blank operation. */ - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } - if( output_length > operation->capacity ) - { + if (output_length > operation->capacity) { operation->capacity = 0; /* Go through the error path to wipe all confidential data now * that the operation object is useless. */ status = PSA_ERROR_INSUFFICIENT_DATA; goto exit; } - if( output_length == 0 && operation->capacity == 0 ) - { + if (output_length == 0 && operation->capacity == 0) { /* Edge case: this is a finished operation, and 0 bytes * were requested. The right error in this case could * be either INSUFFICIENT_CAPACITY or BAD_STATE. Return * INSUFFICIENT_CAPACITY, which is right for a finished * operation, for consistency with the case when * output_length > 0. */ - return( PSA_ERROR_INSUFFICIENT_DATA ); + return PSA_ERROR_INSUFFICIENT_DATA; } operation->capacity -= output_length; #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) - if( PSA_ALG_IS_HKDF( kdf_alg ) ) - { - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg ); - status = psa_key_derivation_hkdf_read( &operation->ctx.hkdf, hash_alg, - output, output_length ); - } - else + if (PSA_ALG_IS_HKDF(kdf_alg)) { + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg); + status = psa_key_derivation_hkdf_read(&operation->ctx.hkdf, hash_alg, + output, output_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) - if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) - { - status = psa_key_derivation_tls12_prf_read( &operation->ctx.tls12_prf, - kdf_alg, output, - output_length ); - } - else + if (PSA_ALG_IS_TLS12_PRF(kdf_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + status = psa_key_derivation_tls12_prf_read(&operation->ctx.tls12_prf, + kdf_alg, output, + output_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF || * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ { (void) kdf_alg; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } exit: - if( status != PSA_SUCCESS ) - { + if (status != PSA_SUCCESS) { /* Preserve the algorithm upon errors, but clear all sensitive state. * This allows us to differentiate between exhausted operations and * blank operations, so we can return PSA_ERROR_BAD_STATE on blank * operations. */ psa_algorithm_t alg = operation->alg; - psa_key_derivation_abort( operation ); + psa_key_derivation_abort(operation); operation->alg = alg; - memset( output, '!', output_length ); + memset(output, '!', output_length); } - return( status ); + return status; } #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) -static void psa_des_set_key_parity( uint8_t *data, size_t data_size ) +static void psa_des_set_key_parity(uint8_t *data, size_t data_size) { - if( data_size >= 8 ) - mbedtls_des_key_set_parity( data ); - if( data_size >= 16 ) - mbedtls_des_key_set_parity( data + 8 ); - if( data_size >= 24 ) - mbedtls_des_key_set_parity( data + 16 ); + if (data_size >= 8) { + mbedtls_des_key_set_parity(data); + } + if (data_size >= 16) { + mbedtls_des_key_set_parity(data + 8); + } + if (data_size >= 24) { + mbedtls_des_key_set_parity(data + 16); + } } #endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */ static psa_status_t psa_generate_derived_key_internal( psa_key_slot_t *slot, size_t bits, - psa_key_derivation_operation_t *operation ) + psa_key_derivation_operation_t *operation) { uint8_t *data = NULL; - size_t bytes = PSA_BITS_TO_BYTES( bits ); + size_t bytes = PSA_BITS_TO_BYTES(bits); psa_status_t status; - if( ! key_type_is_raw_bytes( slot->attr.type ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - if( bits % 8 != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - data = mbedtls_calloc( 1, bytes ); - if( data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if (!key_type_is_raw_bytes(slot->attr.type)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + if (bits % 8 != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } + data = mbedtls_calloc(1, bytes); + if (data == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } - status = psa_key_derivation_output_bytes( operation, data, bytes ); - if( status != PSA_SUCCESS ) + status = psa_key_derivation_output_bytes(operation, data, bytes); + if (status != PSA_SUCCESS) { goto exit; + } #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) - if( slot->attr.type == PSA_KEY_TYPE_DES ) - psa_des_set_key_parity( data, bytes ); + if (slot->attr.type == PSA_KEY_TYPE_DES) { + psa_des_set_key_parity(data, bytes); + } #endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */ - status = psa_allocate_buffer_to_slot( slot, bytes ); - if( status != PSA_SUCCESS ) + status = psa_allocate_buffer_to_slot(slot, bytes); + if (status != PSA_SUCCESS) { goto exit; + } slot->attr.bits = (psa_key_bits_t) bits; psa_key_attributes_t attributes = { - .core = slot->attr + .core = slot->attr }; - status = psa_driver_wrapper_import_key( &attributes, - data, bytes, - slot->key.data, - slot->key.bytes, - &slot->key.bytes, &bits ); - if( bits != slot->attr.bits ) + status = psa_driver_wrapper_import_key(&attributes, + data, bytes, + slot->key.data, + slot->key.bytes, + &slot->key.bytes, &bits); + if (bits != slot->attr.bits) { status = PSA_ERROR_INVALID_ARGUMENT; + } exit: - mbedtls_free( data ); - return( status ); + mbedtls_free(data); + return status; } -psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attributes, - psa_key_derivation_operation_t *operation, - mbedtls_svc_key_id_t *key ) +psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes, + psa_key_derivation_operation_t *operation, + mbedtls_svc_key_id_t *key) { psa_status_t status; psa_key_slot_t *slot = NULL; @@ -4326,36 +4313,39 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut /* Reject any attempt to create a zero-length key so that we don't * risk tripping up later, e.g. on a malloc(0) that returns NULL. */ - if( psa_get_key_bits( attributes ) == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (psa_get_key_bits(attributes) == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } - if( operation->alg == PSA_ALG_NONE ) - return( PSA_ERROR_BAD_STATE ); + if (operation->alg == PSA_ALG_NONE) { + return PSA_ERROR_BAD_STATE; + } - if( ! operation->can_output_key ) - return( PSA_ERROR_NOT_PERMITTED ); + if (!operation->can_output_key) { + return PSA_ERROR_NOT_PERMITTED; + } - status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE, attributes, - &slot, &driver ); + status = psa_start_key_creation(PSA_KEY_CREATION_DERIVE, attributes, + &slot, &driver); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( driver != NULL ) - { + if (driver != NULL) { /* Deriving a key in a secure element is not implemented yet. */ status = PSA_ERROR_NOT_SUPPORTED; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( status == PSA_SUCCESS ) - { - status = psa_generate_derived_key_internal( slot, - attributes->core.bits, - operation ); + if (status == PSA_SUCCESS) { + status = psa_generate_derived_key_internal(slot, + attributes->core.bits, + operation); + } + if (status == PSA_SUCCESS) { + status = psa_finish_key_creation(slot, driver, key); + } + if (status != PSA_SUCCESS) { + psa_fail_key_creation(slot, driver); } - if( status == PSA_SUCCESS ) - status = psa_finish_key_creation( slot, driver, key ); - if( status != PSA_SUCCESS ) - psa_fail_key_creation( slot, driver ); - return( status ); + return status; } @@ -4365,272 +4355,284 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut /****************************************************************/ #if defined(AT_LEAST_ONE_BUILTIN_KDF) -static int is_kdf_alg_supported( psa_algorithm_t kdf_alg ) +static int is_kdf_alg_supported(psa_algorithm_t kdf_alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) - if( PSA_ALG_IS_HKDF( kdf_alg ) ) - return( 1 ); + if (PSA_ALG_IS_HKDF(kdf_alg)) { + return 1; + } #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) - if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ) - return( 1 ); + if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) { + return 1; + } #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) - if( PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) - return( 1 ); + if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + return 1; + } #endif - return( 0 ); + return 0; } -static psa_status_t psa_hash_try_support( psa_algorithm_t alg ) +static psa_status_t psa_hash_try_support(psa_algorithm_t alg) { psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - psa_status_t status = psa_hash_setup( &operation, alg ); - psa_hash_abort( &operation ); - return( status ); + psa_status_t status = psa_hash_setup(&operation, alg); + psa_hash_abort(&operation); + return status; } static psa_status_t psa_key_derivation_setup_kdf( psa_key_derivation_operation_t *operation, - psa_algorithm_t kdf_alg ) + psa_algorithm_t kdf_alg) { /* Make sure that operation->ctx is properly zero-initialised. (Macro * initialisers for this union leave some bytes unspecified.) */ - memset( &operation->ctx, 0, sizeof( operation->ctx ) ); + memset(&operation->ctx, 0, sizeof(operation->ctx)); /* Make sure that kdf_alg is a supported key derivation algorithm. */ - if( ! is_kdf_alg_supported( kdf_alg ) ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (!is_kdf_alg_supported(kdf_alg)) { + return PSA_ERROR_NOT_SUPPORTED; + } /* All currently supported key derivation algorithms are based on a * hash algorithm. */ - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg ); - size_t hash_size = PSA_HASH_LENGTH( hash_alg ); - if( hash_size == 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg); + size_t hash_size = PSA_HASH_LENGTH(hash_alg); + if (hash_size == 0) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Make sure that hash_alg is a supported hash algorithm. Otherwise * we might fail later, which is somewhat unfriendly and potentially * risk-prone. */ - psa_status_t status = psa_hash_try_support( hash_alg ); - if( status != PSA_SUCCESS ) - return( status ); + psa_status_t status = psa_hash_try_support(hash_alg); + if (status != PSA_SUCCESS) { + return status; + } - if( ( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) && - ! ( hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384 ) ) - { - return( PSA_ERROR_NOT_SUPPORTED ); + if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) && + !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { + return PSA_ERROR_NOT_SUPPORTED; } operation->capacity = 255 * hash_size; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t psa_key_agreement_try_support( psa_algorithm_t alg ) +static psa_status_t psa_key_agreement_try_support(psa_algorithm_t alg) { #if defined(PSA_WANT_ALG_ECDH) - if( alg == PSA_ALG_ECDH ) - return( PSA_SUCCESS ); + if (alg == PSA_ALG_ECDH) { + return PSA_SUCCESS; + } #endif (void) alg; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } #endif /* AT_LEAST_ONE_BUILTIN_KDF */ -psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *operation, - psa_algorithm_t alg ) +psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, + psa_algorithm_t alg) { psa_status_t status; - if( operation->alg != 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->alg != 0) { + return PSA_ERROR_BAD_STATE; + } - if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) - { + if (PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } else if (PSA_ALG_IS_KEY_AGREEMENT(alg)) { #if defined(AT_LEAST_ONE_BUILTIN_KDF) - psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ); - psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( alg ); - status = psa_key_agreement_try_support( ka_alg ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_key_derivation_setup_kdf( operation, kdf_alg ); + psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg); + psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(alg); + status = psa_key_agreement_try_support(ka_alg); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_key_derivation_setup_kdf(operation, kdf_alg); #else - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* AT_LEAST_ONE_BUILTIN_KDF */ - } - else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) - { + } else if (PSA_ALG_IS_KEY_DERIVATION(alg)) { #if defined(AT_LEAST_ONE_BUILTIN_KDF) - status = psa_key_derivation_setup_kdf( operation, alg ); + status = psa_key_derivation_setup_kdf(operation, alg); #else - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* AT_LEAST_ONE_BUILTIN_KDF */ + } else { + return PSA_ERROR_INVALID_ARGUMENT; } - else - return( PSA_ERROR_INVALID_ARGUMENT ); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->alg = alg; - return( status ); + } + return status; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) -static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf, - psa_algorithm_t hash_alg, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_hkdf_input(psa_hkdf_key_derivation_t *hkdf, + psa_algorithm_t hash_alg, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length) { psa_status_t status; - switch( step ) - { + switch (step) { case PSA_KEY_DERIVATION_INPUT_SALT: - if( hkdf->state != HKDF_STATE_INIT ) - return( PSA_ERROR_BAD_STATE ); - else - { - status = psa_key_derivation_start_hmac( &hkdf->hmac, - hash_alg, - data, data_length ); - if( status != PSA_SUCCESS ) - return( status ); + if (hkdf->state != HKDF_STATE_INIT) { + return PSA_ERROR_BAD_STATE; + } else { + status = psa_key_derivation_start_hmac(&hkdf->hmac, + hash_alg, + data, data_length); + if (status != PSA_SUCCESS) { + return status; + } hkdf->state = HKDF_STATE_STARTED; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } case PSA_KEY_DERIVATION_INPUT_SECRET: /* If no salt was provided, use an empty salt. */ - if( hkdf->state == HKDF_STATE_INIT ) - { - status = psa_key_derivation_start_hmac( &hkdf->hmac, - hash_alg, - NULL, 0 ); - if( status != PSA_SUCCESS ) - return( status ); + if (hkdf->state == HKDF_STATE_INIT) { + status = psa_key_derivation_start_hmac(&hkdf->hmac, + hash_alg, + NULL, 0); + if (status != PSA_SUCCESS) { + return status; + } hkdf->state = HKDF_STATE_STARTED; } - if( hkdf->state != HKDF_STATE_STARTED ) - return( PSA_ERROR_BAD_STATE ); - status = psa_mac_update( &hkdf->hmac, - data, data_length ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_mac_sign_finish( &hkdf->hmac, - hkdf->prk, - sizeof( hkdf->prk ), - &data_length ); - if( status != PSA_SUCCESS ) - return( status ); - hkdf->offset_in_block = PSA_HASH_LENGTH( hash_alg ); + if (hkdf->state != HKDF_STATE_STARTED) { + return PSA_ERROR_BAD_STATE; + } + status = psa_mac_update(&hkdf->hmac, + data, data_length); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_mac_sign_finish(&hkdf->hmac, + hkdf->prk, + sizeof(hkdf->prk), + &data_length); + if (status != PSA_SUCCESS) { + return status; + } + hkdf->offset_in_block = PSA_HASH_LENGTH(hash_alg); hkdf->block_number = 0; hkdf->state = HKDF_STATE_KEYED; - return( PSA_SUCCESS ); + return PSA_SUCCESS; case PSA_KEY_DERIVATION_INPUT_INFO: - if( hkdf->state == HKDF_STATE_OUTPUT ) - return( PSA_ERROR_BAD_STATE ); - if( hkdf->info_set ) - return( PSA_ERROR_BAD_STATE ); + if (hkdf->state == HKDF_STATE_OUTPUT) { + return PSA_ERROR_BAD_STATE; + } + if (hkdf->info_set) { + return PSA_ERROR_BAD_STATE; + } hkdf->info_length = data_length; - if( data_length != 0 ) - { - hkdf->info = mbedtls_calloc( 1, data_length ); - if( hkdf->info == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( hkdf->info, data, data_length ); + if (data_length != 0) { + hkdf->info = mbedtls_calloc(1, data_length); + if (hkdf->info == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } + memcpy(hkdf->info, data, data_length); } hkdf->info_set = 1; - return( PSA_SUCCESS ); + return PSA_SUCCESS; default: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) -static psa_status_t psa_tls12_prf_set_seed( psa_tls12_prf_key_derivation_t *prf, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_tls12_prf_set_seed(psa_tls12_prf_key_derivation_t *prf, + const uint8_t *data, + size_t data_length) { - if( prf->state != PSA_TLS12_PRF_STATE_INIT ) - return( PSA_ERROR_BAD_STATE ); + if (prf->state != PSA_TLS12_PRF_STATE_INIT) { + return PSA_ERROR_BAD_STATE; + } - if( data_length != 0 ) - { - prf->seed = mbedtls_calloc( 1, data_length ); - if( prf->seed == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if (data_length != 0) { + prf->seed = mbedtls_calloc(1, data_length); + if (prf->seed == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } - memcpy( prf->seed, data, data_length ); + memcpy(prf->seed, data, data_length); prf->seed_length = data_length; } prf->state = PSA_TLS12_PRF_STATE_SEED_SET; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t psa_tls12_prf_set_key( psa_tls12_prf_key_derivation_t *prf, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_tls12_prf_set_key(psa_tls12_prf_key_derivation_t *prf, + const uint8_t *data, + size_t data_length) { - if( prf->state != PSA_TLS12_PRF_STATE_SEED_SET ) - return( PSA_ERROR_BAD_STATE ); + if (prf->state != PSA_TLS12_PRF_STATE_SEED_SET) { + return PSA_ERROR_BAD_STATE; + } - if( data_length != 0 ) - { - prf->secret = mbedtls_calloc( 1, data_length ); - if( prf->secret == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if (data_length != 0) { + prf->secret = mbedtls_calloc(1, data_length); + if (prf->secret == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } - memcpy( prf->secret, data, data_length ); + memcpy(prf->secret, data, data_length); prf->secret_length = data_length; } prf->state = PSA_TLS12_PRF_STATE_KEY_SET; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t psa_tls12_prf_set_label( psa_tls12_prf_key_derivation_t *prf, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_tls12_prf_set_label(psa_tls12_prf_key_derivation_t *prf, + const uint8_t *data, + size_t data_length) { - if( prf->state != PSA_TLS12_PRF_STATE_KEY_SET ) - return( PSA_ERROR_BAD_STATE ); + if (prf->state != PSA_TLS12_PRF_STATE_KEY_SET) { + return PSA_ERROR_BAD_STATE; + } - if( data_length != 0 ) - { - prf->label = mbedtls_calloc( 1, data_length ); - if( prf->label == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if (data_length != 0) { + prf->label = mbedtls_calloc(1, data_length); + if (prf->label == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } - memcpy( prf->label, data, data_length ); + memcpy(prf->label, data, data_length); prf->label_length = data_length; } prf->state = PSA_TLS12_PRF_STATE_LABEL_SET; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_tls12_prf_input(psa_tls12_prf_key_derivation_t *prf, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length) { - switch( step ) - { + switch (step) { case PSA_KEY_DERIVATION_INPUT_SEED: - return( psa_tls12_prf_set_seed( prf, data, data_length ) ); + return psa_tls12_prf_set_seed(prf, data, data_length); case PSA_KEY_DERIVATION_INPUT_SECRET: - return( psa_tls12_prf_set_key( prf, data, data_length ) ); + return psa_tls12_prf_set_key(prf, data, data_length); case PSA_KEY_DERIVATION_INPUT_LABEL: - return( psa_tls12_prf_set_label( prf, data, data_length ) ); + return psa_tls12_prf_set_label(prf, data, data_length); default: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || @@ -4640,14 +4642,15 @@ static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, static psa_status_t psa_tls12_prf_psk_to_ms_set_key( psa_tls12_prf_key_derivation_t *prf, const uint8_t *data, - size_t data_length ) + size_t data_length) { psa_status_t status; - uint8_t pms[ 4 + 2 * PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE ]; + uint8_t pms[4 + 2 * PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE]; uint8_t *cur = pms; - if( data_length > PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (data_length > PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE) { + return PSA_ERROR_INVALID_ARGUMENT; + } /* Quoting RFC 4279, Section 2: * @@ -4656,34 +4659,33 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( * uint16 with the value N, and the PSK itself. */ - *cur++ = MBEDTLS_BYTE_1( data_length ); - *cur++ = MBEDTLS_BYTE_0( data_length ); - memset( cur, 0, data_length ); + *cur++ = MBEDTLS_BYTE_1(data_length); + *cur++ = MBEDTLS_BYTE_0(data_length); + memset(cur, 0, data_length); cur += data_length; *cur++ = pms[0]; *cur++ = pms[1]; - memcpy( cur, data, data_length ); + memcpy(cur, data, data_length); cur += data_length; - status = psa_tls12_prf_set_key( prf, pms, cur - pms ); + status = psa_tls12_prf_set_key(prf, pms, cur - pms); - mbedtls_platform_zeroize( pms, sizeof( pms ) ); - return( status ); + mbedtls_platform_zeroize(pms, sizeof(pms)); + return status; } static psa_status_t psa_tls12_prf_psk_to_ms_input( psa_tls12_prf_key_derivation_t *prf, psa_key_derivation_step_t step, const uint8_t *data, - size_t data_length ) + size_t data_length) { - if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) - { - return( psa_tls12_prf_psk_to_ms_set_key( prf, - data, data_length ) ); + if (step == PSA_KEY_DERIVATION_INPUT_SECRET) { + return psa_tls12_prf_psk_to_ms_set_key(prf, + data, data_length); } - return( psa_tls12_prf_input( prf, step, data, data_length ) ); + return psa_tls12_prf_input(prf, step, data, data_length); } #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ @@ -4698,27 +4700,30 @@ static psa_status_t psa_tls12_prf_psk_to_ms_input( */ static int psa_key_derivation_check_input_type( psa_key_derivation_step_t step, - psa_key_type_t key_type ) + psa_key_type_t key_type) { - switch( step ) - { + switch (step) { case PSA_KEY_DERIVATION_INPUT_SECRET: - if( key_type == PSA_KEY_TYPE_DERIVE ) - return( PSA_SUCCESS ); - if( key_type == PSA_KEY_TYPE_NONE ) - return( PSA_SUCCESS ); + if (key_type == PSA_KEY_TYPE_DERIVE) { + return PSA_SUCCESS; + } + if (key_type == PSA_KEY_TYPE_NONE) { + return PSA_SUCCESS; + } break; case PSA_KEY_DERIVATION_INPUT_LABEL: case PSA_KEY_DERIVATION_INPUT_SALT: case PSA_KEY_DERIVATION_INPUT_INFO: case PSA_KEY_DERIVATION_INPUT_SEED: - if( key_type == PSA_KEY_TYPE_RAW_DATA ) - return( PSA_SUCCESS ); - if( key_type == PSA_KEY_TYPE_NONE ) - return( PSA_SUCCESS ); + if (key_type == PSA_KEY_TYPE_RAW_DATA) { + return PSA_SUCCESS; + } + if (key_type == PSA_KEY_TYPE_NONE) { + return PSA_SUCCESS; + } break; } - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } static psa_status_t psa_key_derivation_input_internal( @@ -4726,95 +4731,91 @@ static psa_status_t psa_key_derivation_input_internal( psa_key_derivation_step_t step, psa_key_type_t key_type, const uint8_t *data, - size_t data_length ) + size_t data_length) { psa_status_t status; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation); - status = psa_key_derivation_check_input_type( step, key_type ); - if( status != PSA_SUCCESS ) + status = psa_key_derivation_check_input_type(step, key_type); + if (status != PSA_SUCCESS) { goto exit; + } #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) - if( PSA_ALG_IS_HKDF( kdf_alg ) ) - { - status = psa_hkdf_input( &operation->ctx.hkdf, - PSA_ALG_HKDF_GET_HASH( kdf_alg ), - step, data, data_length ); - } - else + if (PSA_ALG_IS_HKDF(kdf_alg)) { + status = psa_hkdf_input(&operation->ctx.hkdf, + PSA_ALG_HKDF_GET_HASH(kdf_alg), + step, data, data_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) - if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ) - { - status = psa_tls12_prf_input( &operation->ctx.tls12_prf, - step, data, data_length ); - } - else + if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) { + status = psa_tls12_prf_input(&operation->ctx.tls12_prf, + step, data, data_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) - if( PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) - { - status = psa_tls12_prf_psk_to_ms_input( &operation->ctx.tls12_prf, - step, data, data_length ); - } - else + if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + status = psa_tls12_prf_psk_to_ms_input(&operation->ctx.tls12_prf, + step, data, data_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ { /* This can't happen unless the operation object was not initialized */ (void) data; (void) data_length; (void) kdf_alg; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } exit: - if( status != PSA_SUCCESS ) - psa_key_derivation_abort( operation ); - return( status ); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(operation); + } + return status; } psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, const uint8_t *data, - size_t data_length ) + size_t data_length) { - return( psa_key_derivation_input_internal( operation, step, - PSA_KEY_TYPE_NONE, - data, data_length ) ); + return psa_key_derivation_input_internal(operation, step, + PSA_KEY_TYPE_NONE, + data, data_length); } psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, - mbedtls_svc_key_id_t key ) + mbedtls_svc_key_id_t key) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; status = psa_get_and_lock_transparent_key_slot_with_policy( - key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg ); - if( status != PSA_SUCCESS ) - { - psa_key_derivation_abort( operation ); - return( status ); + key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(operation); + return status; } /* Passing a key object as a SECRET input unlocks the permission * to output to a key object. */ - if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) + if (step == PSA_KEY_DERIVATION_INPUT_SECRET) { operation->can_output_key = 1; + } - status = psa_key_derivation_input_internal( operation, - step, slot->attr.type, - slot->key.data, - slot->key.bytes ); + status = psa_key_derivation_input_internal(operation, + step, slot->attr.type, + slot->key.data, + slot->key.bytes); - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -4824,92 +4825,99 @@ psa_status_t psa_key_derivation_input_key( /****************************************************************/ #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) -static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, - size_t peer_key_length, - const mbedtls_ecp_keypair *our_key, - uint8_t *shared_secret, - size_t shared_secret_size, - size_t *shared_secret_length ) +static psa_status_t psa_key_agreement_ecdh(const uint8_t *peer_key, + size_t peer_key_length, + const mbedtls_ecp_keypair *our_key, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length) { mbedtls_ecp_keypair *their_key = NULL; mbedtls_ecdh_context ecdh; psa_status_t status; size_t bits = 0; - psa_ecc_family_t curve = mbedtls_ecc_group_to_psa( our_key->grp.id, &bits ); - mbedtls_ecdh_init( &ecdh ); + psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(our_key->grp.id, &bits); + mbedtls_ecdh_init(&ecdh); status = mbedtls_psa_ecp_load_representation( - PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve), - bits, - peer_key, - peer_key_length, - &their_key ); - if( status != PSA_SUCCESS ) + PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve), + bits, + peer_key, + peer_key_length, + &their_key); + if (status != PSA_SUCCESS) { goto exit; + } status = mbedtls_to_psa_error( - mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecdh_get_params(&ecdh, their_key, MBEDTLS_ECDH_THEIRS)); + if (status != PSA_SUCCESS) { goto exit; + } status = mbedtls_to_psa_error( - mbedtls_ecdh_get_params( &ecdh, our_key, MBEDTLS_ECDH_OURS ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecdh_get_params(&ecdh, our_key, MBEDTLS_ECDH_OURS)); + if (status != PSA_SUCCESS) { goto exit; + } status = mbedtls_to_psa_error( - mbedtls_ecdh_calc_secret( &ecdh, - shared_secret_length, - shared_secret, shared_secret_size, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecdh_calc_secret(&ecdh, + shared_secret_length, + shared_secret, shared_secret_size, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE)); + if (status != PSA_SUCCESS) { goto exit; - if( PSA_BITS_TO_BYTES( bits ) != *shared_secret_length ) + } + if (PSA_BITS_TO_BYTES(bits) != *shared_secret_length) { status = PSA_ERROR_CORRUPTION_DETECTED; + } exit: - if( status != PSA_SUCCESS ) - mbedtls_platform_zeroize( shared_secret, shared_secret_size ); - mbedtls_ecdh_free( &ecdh ); - mbedtls_ecp_keypair_free( their_key ); - mbedtls_free( their_key ); + if (status != PSA_SUCCESS) { + mbedtls_platform_zeroize(shared_secret, shared_secret_size); + } + mbedtls_ecdh_free(&ecdh); + mbedtls_ecp_keypair_free(their_key); + mbedtls_free(their_key); - return( status ); + return status; } #endif /* MBEDTLS_PSA_BUILTIN_ALG_ECDH */ #define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES -static psa_status_t psa_key_agreement_raw_internal( psa_algorithm_t alg, - psa_key_slot_t *private_key, - const uint8_t *peer_key, - size_t peer_key_length, - uint8_t *shared_secret, - size_t shared_secret_size, - size_t *shared_secret_length ) +static psa_status_t psa_key_agreement_raw_internal(psa_algorithm_t alg, + psa_key_slot_t *private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length) { - switch( alg ) - { + switch (alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) case PSA_ALG_ECDH: - if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( private_key->attr.type ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_KEY_TYPE_IS_ECC_KEY_PAIR(private_key->attr.type)) { + return PSA_ERROR_INVALID_ARGUMENT; + } mbedtls_ecp_keypair *ecp = NULL; psa_status_t status = mbedtls_psa_ecp_load_representation( - private_key->attr.type, - private_key->attr.bits, - private_key->key.data, - private_key->key.bytes, - &ecp ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_key_agreement_ecdh( peer_key, peer_key_length, - ecp, - shared_secret, shared_secret_size, - shared_secret_length ); - mbedtls_ecp_keypair_free( ecp ); - mbedtls_free( ecp ); - return( status ); + private_key->attr.type, + private_key->attr.bits, + private_key->key.data, + private_key->key.bytes, + &ecp); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_key_agreement_ecdh(peer_key, peer_key_length, + ecp, + shared_secret, shared_secret_size, + shared_secret_length); + mbedtls_ecp_keypair_free(ecp); + mbedtls_free(ecp); + return status; #endif /* MBEDTLS_PSA_BUILTIN_ALG_ECDH */ default: (void) private_key; @@ -4918,102 +4926,105 @@ static psa_status_t psa_key_agreement_raw_internal( psa_algorithm_t alg, (void) shared_secret; (void) shared_secret_size; (void) shared_secret_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } } /* Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. */ -static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - psa_key_slot_t *private_key, - const uint8_t *peer_key, - size_t peer_key_length ) +static psa_status_t psa_key_agreement_internal(psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_slot_t *private_key, + const uint8_t *peer_key, + size_t peer_key_length) { psa_status_t status; uint8_t shared_secret[PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE]; size_t shared_secret_length = 0; - psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( operation->alg ); + psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(operation->alg); /* Step 1: run the secret agreement algorithm to generate the shared * secret. */ - status = psa_key_agreement_raw_internal( ka_alg, - private_key, - peer_key, peer_key_length, - shared_secret, - sizeof( shared_secret ), - &shared_secret_length ); - if( status != PSA_SUCCESS ) + status = psa_key_agreement_raw_internal(ka_alg, + private_key, + peer_key, peer_key_length, + shared_secret, + sizeof(shared_secret), + &shared_secret_length); + if (status != PSA_SUCCESS) { goto exit; + } /* Step 2: set up the key derivation to generate key material from * the shared secret. A shared secret is permitted wherever a key * of type DERIVE is permitted. */ - status = psa_key_derivation_input_internal( operation, step, - PSA_KEY_TYPE_DERIVE, - shared_secret, - shared_secret_length ); + status = psa_key_derivation_input_internal(operation, step, + PSA_KEY_TYPE_DERIVE, + shared_secret, + shared_secret_length); exit: - mbedtls_platform_zeroize( shared_secret, shared_secret_length ); - return( status ); + mbedtls_platform_zeroize(shared_secret, shared_secret_length); + return status; } -psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - mbedtls_svc_key_id_t private_key, - const uint8_t *peer_key, - size_t peer_key_length ) +psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + mbedtls_svc_key_id_t private_key, + const uint8_t *peer_key, + size_t peer_key_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - if( ! PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_ALG_IS_KEY_AGREEMENT(operation->alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } status = psa_get_and_lock_transparent_key_slot_with_policy( - private_key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_key_agreement_internal( operation, step, - slot, - peer_key, peer_key_length ); - if( status != PSA_SUCCESS ) - psa_key_derivation_abort( operation ); - else - { + private_key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_key_agreement_internal(operation, step, + slot, + peer_key, peer_key_length); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(operation); + } else { /* If a private key has been added as SECRET, we allow the derived * key material to be used as a key in PSA Crypto. */ - if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) + if (step == PSA_KEY_DERIVATION_INPUT_SECRET) { operation->can_output_key = 1; + } } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, - mbedtls_svc_key_id_t private_key, - const uint8_t *peer_key, - size_t peer_key_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, + mbedtls_svc_key_id_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot = NULL; - if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ) - { + if (!PSA_ALG_IS_KEY_AGREEMENT(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } status = psa_get_and_lock_transparent_key_slot_with_policy( - private_key, &slot, PSA_KEY_USAGE_DERIVE, alg ); - if( status != PSA_SUCCESS ) + private_key, &slot, PSA_KEY_USAGE_DERIVE, alg); + if (status != PSA_SUCCESS) { goto exit; + } /* PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() is in general an upper bound * for the output size. The PSA specification only guarantees that this @@ -5024,21 +5035,19 @@ psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, * If FFDH is implemented, PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() can easily * be exact for it as well. */ size_t expected_length = - PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( slot->attr.type, slot->attr.bits ); - if( output_size < expected_length ) - { + PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(slot->attr.type, slot->attr.bits); + if (output_size < expected_length) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } - status = psa_key_agreement_raw_internal( alg, slot, - peer_key, peer_key_length, - output, output_size, - output_length ); + status = psa_key_agreement_raw_internal(alg, slot, + peer_key, peer_key_length, + output, output_size, + output_length); exit: - if( status != PSA_SUCCESS ) - { + if (status != PSA_SUCCESS) { /* If an error happens and is not handled properly, the output * may be used as a key to protect sensitive data. Arrange for such * a key to be random, which is likely to result in decryption or @@ -5046,13 +5055,13 @@ psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, * some constant data such as zeros, which would result in the data * being protected with a reproducible, easily knowable key. */ - psa_generate_random( output, output_size ); + psa_generate_random(output, output_size); *output_length = output_size; } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -5063,97 +5072,101 @@ psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, /** Initialize the PSA random generator. */ -static void mbedtls_psa_random_init( mbedtls_psa_random_context_t *rng ) +static void mbedtls_psa_random_init(mbedtls_psa_random_context_t *rng) { #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - memset( rng, 0, sizeof( *rng ) ); + memset(rng, 0, sizeof(*rng)); #else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ /* Set default configuration if * mbedtls_psa_crypto_configure_entropy_sources() hasn't been called. */ - if( rng->entropy_init == NULL ) + if (rng->entropy_init == NULL) { rng->entropy_init = mbedtls_entropy_init; - if( rng->entropy_free == NULL ) + } + if (rng->entropy_free == NULL) { rng->entropy_free = mbedtls_entropy_free; + } - rng->entropy_init( &rng->entropy ); + rng->entropy_init(&rng->entropy); #if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \ defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) /* The PSA entropy injection feature depends on using NV seed as an entropy * source. Add NV seed as an entropy source for PSA entropy injection. */ - mbedtls_entropy_add_source( &rng->entropy, - mbedtls_nv_seed_poll, NULL, - MBEDTLS_ENTROPY_BLOCK_SIZE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + mbedtls_entropy_add_source(&rng->entropy, + mbedtls_nv_seed_poll, NULL, + MBEDTLS_ENTROPY_BLOCK_SIZE, + MBEDTLS_ENTROPY_SOURCE_STRONG); #endif - mbedtls_psa_drbg_init( MBEDTLS_PSA_RANDOM_STATE ); + mbedtls_psa_drbg_init(MBEDTLS_PSA_RANDOM_STATE); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ } /** Deinitialize the PSA random generator. */ -static void mbedtls_psa_random_free( mbedtls_psa_random_context_t *rng ) +static void mbedtls_psa_random_free(mbedtls_psa_random_context_t *rng) { #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - memset( rng, 0, sizeof( *rng ) ); + memset(rng, 0, sizeof(*rng)); #else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - mbedtls_psa_drbg_free( MBEDTLS_PSA_RANDOM_STATE ); - rng->entropy_free( &rng->entropy ); + mbedtls_psa_drbg_free(MBEDTLS_PSA_RANDOM_STATE); + rng->entropy_free(&rng->entropy); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ } /** Seed the PSA random generator. */ -static psa_status_t mbedtls_psa_random_seed( mbedtls_psa_random_context_t *rng ) +static psa_status_t mbedtls_psa_random_seed(mbedtls_psa_random_context_t *rng) { #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) /* Do nothing: the external RNG seeds itself. */ (void) rng; - return( PSA_SUCCESS ); + return PSA_SUCCESS; #else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ const unsigned char drbg_seed[] = "PSA"; - int ret = mbedtls_psa_drbg_seed( &rng->entropy, - drbg_seed, sizeof( drbg_seed ) - 1 ); - return mbedtls_to_psa_error( ret ); + int ret = mbedtls_psa_drbg_seed(&rng->entropy, + drbg_seed, sizeof(drbg_seed) - 1); + return mbedtls_to_psa_error(ret); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ } -psa_status_t psa_generate_random( uint8_t *output, - size_t output_size ) +psa_status_t psa_generate_random(uint8_t *output, + size_t output_size) { GUARD_MODULE_INITIALIZED; #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) size_t output_length = 0; - psa_status_t status = mbedtls_psa_external_get_random( &global_data.rng, - output, output_size, - &output_length ); - if( status != PSA_SUCCESS ) - return( status ); + psa_status_t status = mbedtls_psa_external_get_random(&global_data.rng, + output, output_size, + &output_length); + if (status != PSA_SUCCESS) { + return status; + } /* Breaking up a request into smaller chunks is currently not supported * for the external RNG interface. */ - if( output_length != output_size ) - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); - return( PSA_SUCCESS ); + if (output_length != output_size) { + return PSA_ERROR_INSUFFICIENT_ENTROPY; + } + return PSA_SUCCESS; #else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - while( output_size > 0 ) - { + while (output_size > 0) { size_t request_size = - ( output_size > MBEDTLS_PSA_RANDOM_MAX_REQUEST ? - MBEDTLS_PSA_RANDOM_MAX_REQUEST : - output_size ); - int ret = mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE, - output, request_size ); - if( ret != 0 ) - return( mbedtls_to_psa_error( ret ) ); + (output_size > MBEDTLS_PSA_RANDOM_MAX_REQUEST ? + MBEDTLS_PSA_RANDOM_MAX_REQUEST : + output_size); + int ret = mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, + output, request_size); + if (ret != 0) { + return mbedtls_to_psa_error(ret); + } output_size -= request_size; output += request_size; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ } @@ -5170,10 +5183,10 @@ psa_status_t psa_generate_random( uint8_t *output, * classic API, psa_crypto_random_impl.h defines `mbedtls_psa_get_random` * as a constant function pointer to `mbedtls_xxx_drbg_random`. */ -#if defined (MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) -int mbedtls_psa_get_random( void *p_rng, - unsigned char *output, - size_t output_size ) +#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) +int mbedtls_psa_get_random(void *p_rng, + unsigned char *output, + size_t output_size) { /* This function takes a pointer to the RNG state because that's what * classic mbedtls functions using an RNG expect. The PSA RNG manages @@ -5181,29 +5194,32 @@ int mbedtls_psa_get_random( void *p_rng, * So we just ignore the state parameter, and in practice we'll pass * NULL. */ (void) p_rng; - psa_status_t status = psa_generate_random( output, output_size ); - if( status == PSA_SUCCESS ) - return( 0 ); - else - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + psa_status_t status = psa_generate_random(output, output_size); + if (status == PSA_SUCCESS) { + return 0; + } else { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } } #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ #if defined(MBEDTLS_PSA_INJECT_ENTROPY) #include "mbedtls/entropy_poll.h" -psa_status_t mbedtls_psa_inject_entropy( const uint8_t *seed, - size_t seed_size ) +psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, + size_t seed_size) { - if( global_data.initialized ) - return( PSA_ERROR_NOT_PERMITTED ); + if (global_data.initialized) { + return PSA_ERROR_NOT_PERMITTED; + } - if( ( ( seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM ) || - ( seed_size < MBEDTLS_ENTROPY_BLOCK_SIZE ) ) || - ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (((seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM) || + (seed_size < MBEDTLS_ENTROPY_BLOCK_SIZE)) || + (seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - return( mbedtls_psa_storage_inject_entropy( seed, seed_size ) ); + return mbedtls_psa_storage_inject_entropy(seed, seed_size); } #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ @@ -5221,103 +5237,97 @@ psa_status_t mbedtls_psa_inject_entropy( const uint8_t *seed, * the two is not supported. */ static psa_status_t psa_validate_key_type_and_size_for_key_generation( - psa_key_type_t type, size_t bits ) + psa_key_type_t type, size_t bits) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( key_type_is_raw_bytes( type ) ) - { - status = validate_unstructured_key_bit_size( type, bits ); - if( status != PSA_SUCCESS ) - return( status ); - } - else + if (key_type_is_raw_bytes(type)) { + status = validate_unstructured_key_bit_size(type, bits); + if (status != PSA_SUCCESS) { + return status; + } + } else #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) - if( PSA_KEY_TYPE_IS_RSA( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) - { - if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (PSA_KEY_TYPE_IS_RSA(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { + if (bits > PSA_VENDOR_RSA_MAX_KEY_BITS) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Accept only byte-aligned keys, for the same reasons as * in psa_import_rsa_key(). */ - if( bits % 8 != 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); - } - else + if (bits % 8 != 0) { + return PSA_ERROR_NOT_SUPPORTED; + } + } else #endif /* defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) */ #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) - if( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) - { + if (PSA_KEY_TYPE_IS_ECC(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { /* To avoid empty block, return successfully here. */ - return( PSA_SUCCESS ); - } - else + return PSA_SUCCESS; + } else #endif /* defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) */ { - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t type = attributes->core.type; - if( ( attributes->domain_parameters == NULL ) && - ( attributes->domain_parameters_size != 0 ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if ((attributes->domain_parameters == NULL) && + (attributes->domain_parameters_size != 0)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - if( key_type_is_raw_bytes( type ) ) - { - status = psa_generate_random( key_buffer, key_buffer_size ); - if( status != PSA_SUCCESS ) - return( status ); + if (key_type_is_raw_bytes(type)) { + status = psa_generate_random(key_buffer, key_buffer_size); + if (status != PSA_SUCCESS) { + return status; + } #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) - if( type == PSA_KEY_TYPE_DES ) - psa_des_set_key_parity( key_buffer, key_buffer_size ); + if (type == PSA_KEY_TYPE_DES) { + psa_des_set_key_parity(key_buffer, key_buffer_size); + } #endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */ - } - else + } else #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ defined(MBEDTLS_GENPRIME) - if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { - return( mbedtls_psa_rsa_generate_key( attributes, - key_buffer, - key_buffer_size, - key_buffer_length ) ); - } - else + if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) { + return mbedtls_psa_rsa_generate_key(attributes, + key_buffer, + key_buffer_size, + key_buffer_length); + } else #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) * defined(MBEDTLS_GENPRIME) */ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) - if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) - { - return( mbedtls_psa_ecp_generate_key( attributes, - key_buffer, - key_buffer_size, - key_buffer_length ) ); - } - else + if (PSA_KEY_TYPE_IS_ECC(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { + return mbedtls_psa_ecp_generate_key(attributes, + key_buffer, + key_buffer_size, + key_buffer_length); + } else #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ { - (void)key_buffer_length; - return( PSA_ERROR_NOT_SUPPORTED ); + (void) key_buffer_length; + return PSA_ERROR_NOT_SUPPORTED; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, - mbedtls_svc_key_id_t *key ) +psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, + mbedtls_svc_key_id_t *key) { psa_status_t status; psa_key_slot_t *slot = NULL; @@ -5328,62 +5338,67 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, /* Reject any attempt to create a zero-length key so that we don't * risk tripping up later, e.g. on a malloc(0) that returns NULL. */ - if( psa_get_key_bits( attributes ) == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (psa_get_key_bits(attributes) == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } /* Reject any attempt to create a public key. */ - if( PSA_KEY_TYPE_IS_PUBLIC_KEY(attributes->core.type) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(attributes->core.type)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE, attributes, - &slot, &driver ); - if( status != PSA_SUCCESS ) + status = psa_start_key_creation(PSA_KEY_CREATION_GENERATE, attributes, + &slot, &driver); + if (status != PSA_SUCCESS) { goto exit; + } /* In the case of a transparent key or an opaque key stored in local * storage (thus not in the case of generating a key in a secure element * or cryptoprocessor with storage), we have to allocate a buffer to * hold the generated key material. */ - if( slot->key.data == NULL ) - { - if ( PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ) == - PSA_KEY_LOCATION_LOCAL_STORAGE ) - { + if (slot->key.data == NULL) { + if (PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime) == + PSA_KEY_LOCATION_LOCAL_STORAGE) { status = psa_validate_key_type_and_size_for_key_generation( - attributes->core.type, attributes->core.bits ); - if( status != PSA_SUCCESS ) + attributes->core.type, attributes->core.bits); + if (status != PSA_SUCCESS) { goto exit; + } key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE( - attributes->core.type, - attributes->core.bits ); - } - else - { + attributes->core.type, + attributes->core.bits); + } else { status = psa_driver_wrapper_get_key_buffer_size( - attributes, &key_buffer_size ); - if( status != PSA_SUCCESS ) + attributes, &key_buffer_size); + if (status != PSA_SUCCESS) { goto exit; + } } - status = psa_allocate_buffer_to_slot( slot, key_buffer_size ); - if( status != PSA_SUCCESS ) + status = psa_allocate_buffer_to_slot(slot, key_buffer_size); + if (status != PSA_SUCCESS) { goto exit; + } } - status = psa_driver_wrapper_generate_key( attributes, - slot->key.data, slot->key.bytes, &slot->key.bytes ); + status = psa_driver_wrapper_generate_key(attributes, + slot->key.data, slot->key.bytes, &slot->key.bytes); - if( status != PSA_SUCCESS ) - psa_remove_key_data_from_memory( slot ); + if (status != PSA_SUCCESS) { + psa_remove_key_data_from_memory(slot); + } exit: - if( status == PSA_SUCCESS ) - status = psa_finish_key_creation( slot, driver, key ); - if( status != PSA_SUCCESS ) - psa_fail_key_creation( slot, driver ); + if (status == PSA_SUCCESS) { + status = psa_finish_key_creation(slot, driver, key); + } + if (status != PSA_SUCCESS) { + psa_fail_key_creation(slot, driver); + } - return( status ); + return status; } /****************************************************************/ @@ -5392,31 +5407,31 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, #if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) psa_status_t mbedtls_psa_crypto_configure_entropy_sources( - void (* entropy_init )( mbedtls_entropy_context *ctx ), - void (* entropy_free )( mbedtls_entropy_context *ctx ) ) + void (* entropy_init)(mbedtls_entropy_context *ctx), + void (* entropy_free)(mbedtls_entropy_context *ctx)) { - if( global_data.rng_state != RNG_NOT_INITIALIZED ) - return( PSA_ERROR_BAD_STATE ); + if (global_data.rng_state != RNG_NOT_INITIALIZED) { + return PSA_ERROR_BAD_STATE; + } global_data.rng.entropy_init = entropy_init; global_data.rng.entropy_free = entropy_free; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */ -void mbedtls_psa_crypto_free( void ) +void mbedtls_psa_crypto_free(void) { - psa_wipe_all_key_slots( ); - if( global_data.rng_state != RNG_NOT_INITIALIZED ) - { - mbedtls_psa_random_free( &global_data.rng ); + psa_wipe_all_key_slots(); + if (global_data.rng_state != RNG_NOT_INITIALIZED) { + mbedtls_psa_random_free(&global_data.rng); } /* Wipe all remaining data, including configuration. * In particular, this sets all state indicator to the value * indicating "uninitialized". */ - mbedtls_platform_zeroize( &global_data, sizeof( global_data ) ); + mbedtls_platform_zeroize(&global_data, sizeof(global_data)); /* Terminate drivers */ - psa_driver_wrapper_free( ); + psa_driver_wrapper_free(); } #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) @@ -5427,60 +5442,61 @@ void mbedtls_psa_crypto_free( void ) * fails. */ static psa_status_t psa_crypto_recover_transaction( - const psa_crypto_transaction_t *transaction ) + const psa_crypto_transaction_t *transaction) { - switch( transaction->unknown.type ) - { + switch (transaction->unknown.type) { case PSA_CRYPTO_TRANSACTION_CREATE_KEY: case PSA_CRYPTO_TRANSACTION_DESTROY_KEY: - /* TODO - fall through to the failure case until this - * is implemented. - * https://github.com/ARMmbed/mbed-crypto/issues/218 - */ + /* TODO - fall through to the failure case until this + * is implemented. + * https://github.com/ARMmbed/mbed-crypto/issues/218 + */ default: /* We found an unsupported transaction in the storage. * We don't know what state the storage is in. Give up. */ - return( PSA_ERROR_DATA_INVALID ); + return PSA_ERROR_DATA_INVALID; } } #endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */ -psa_status_t psa_crypto_init( void ) +psa_status_t psa_crypto_init(void) { psa_status_t status; /* Double initialization is explicitly allowed. */ - if( global_data.initialized != 0 ) - return( PSA_SUCCESS ); + if (global_data.initialized != 0) { + return PSA_SUCCESS; + } /* Initialize and seed the random generator. */ - mbedtls_psa_random_init( &global_data.rng ); + mbedtls_psa_random_init(&global_data.rng); global_data.rng_state = RNG_INITIALIZED; - status = mbedtls_psa_random_seed( &global_data.rng ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_random_seed(&global_data.rng); + if (status != PSA_SUCCESS) { goto exit; + } global_data.rng_state = RNG_SEEDED; - status = psa_initialize_key_slots( ); - if( status != PSA_SUCCESS ) + status = psa_initialize_key_slots(); + if (status != PSA_SUCCESS) { goto exit; + } /* Init drivers */ - status = psa_driver_wrapper_init( ); - if( status != PSA_SUCCESS ) + status = psa_driver_wrapper_init(); + if (status != PSA_SUCCESS) { goto exit; + } #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) - status = psa_crypto_load_transaction( ); - if( status == PSA_SUCCESS ) - { - status = psa_crypto_recover_transaction( &psa_crypto_transaction ); - if( status != PSA_SUCCESS ) + status = psa_crypto_load_transaction(); + if (status == PSA_SUCCESS) { + status = psa_crypto_recover_transaction(&psa_crypto_transaction); + if (status != PSA_SUCCESS) { goto exit; - status = psa_crypto_stop_transaction( ); - } - else if( status == PSA_ERROR_DOES_NOT_EXIST ) - { + } + status = psa_crypto_stop_transaction(); + } else if (status == PSA_ERROR_DOES_NOT_EXIST) { /* There's no transaction to complete. It's all good. */ status = PSA_SUCCESS; } @@ -5490,9 +5506,10 @@ psa_status_t psa_crypto_init( void ) global_data.initialized = 1; exit: - if( status != PSA_SUCCESS ) - mbedtls_psa_crypto_free( ); - return( status ); + if (status != PSA_SUCCESS) { + mbedtls_psa_crypto_free(); + } + return status; } #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index 2b07a6871ec1..26ccc1cafcff 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -31,12 +31,10 @@ #include "mbedtls/cipher.h" #include "mbedtls/gcm.h" -typedef struct -{ +typedef struct { psa_algorithm_t core_alg; uint8_t tag_length; - union - { + union { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) mbedtls_ccm_context ccm; @@ -50,25 +48,24 @@ typedef struct } ctx; } aead_operation_t; -#define AEAD_OPERATION_INIT {0, 0, {0}} +#define AEAD_OPERATION_INIT { 0, 0, { 0 } } -static void psa_aead_abort_internal( aead_operation_t *operation ) +static void psa_aead_abort_internal(aead_operation_t *operation) { - switch( operation->core_alg ) - { + switch (operation->core_alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) case PSA_ALG_CCM: - mbedtls_ccm_free( &operation->ctx.ccm ); + mbedtls_ccm_free(&operation->ctx.ccm); break; #endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) case PSA_ALG_GCM: - mbedtls_gcm_free( &operation->ctx.gcm ); + mbedtls_gcm_free(&operation->ctx.gcm); break; #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) case PSA_ALG_CHACHA20_POLY1305: - mbedtls_chachapoly_free( &operation->ctx.chachapoly ); + mbedtls_chachapoly_free(&operation->ctx.chachapoly); break; #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ } @@ -78,7 +75,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t key_bits; @@ -88,85 +85,92 @@ static psa_status_t psa_aead_setup( key_bits = attributes->core.bits; - cipher_info = mbedtls_cipher_info_from_psa( alg, - attributes->core.type, key_bits, - &cipher_id ); - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + cipher_info = mbedtls_cipher_info_from_psa(alg, + attributes->core.type, key_bits, + &cipher_id); + if (cipher_info == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } - switch( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) ) - { + switch (PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) - case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ): + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0): operation->core_alg = PSA_ALG_CCM; full_tag_length = 16; /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16. * The call to mbedtls_ccm_encrypt_and_tag or * mbedtls_ccm_auth_decrypt will validate the tag length. */ - if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( attributes->core.type ) != 16 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (PSA_BLOCK_CIPHER_BLOCK_LENGTH(attributes->core.type) != 16) { + return PSA_ERROR_INVALID_ARGUMENT; + } - mbedtls_ccm_init( &operation->ctx.ccm ); + mbedtls_ccm_init(&operation->ctx.ccm); status = mbedtls_to_psa_error( - mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id, - key_buffer, (unsigned int) key_bits ) ); - if( status != PSA_SUCCESS ) - return( status ); + mbedtls_ccm_setkey(&operation->ctx.ccm, cipher_id, + key_buffer, (unsigned int) key_bits)); + if (status != PSA_SUCCESS) { + return status; + } break; #endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) - case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ): + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0): operation->core_alg = PSA_ALG_GCM; full_tag_length = 16; /* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16. * The call to mbedtls_gcm_crypt_and_tag or * mbedtls_gcm_auth_decrypt will validate the tag length. */ - if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( attributes->core.type ) != 16 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (PSA_BLOCK_CIPHER_BLOCK_LENGTH(attributes->core.type) != 16) { + return PSA_ERROR_INVALID_ARGUMENT; + } - mbedtls_gcm_init( &operation->ctx.gcm ); + mbedtls_gcm_init(&operation->ctx.gcm); status = mbedtls_to_psa_error( - mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id, - key_buffer, (unsigned int) key_bits ) ); - if( status != PSA_SUCCESS ) - return( status ); + mbedtls_gcm_setkey(&operation->ctx.gcm, cipher_id, + key_buffer, (unsigned int) key_bits)); + if (status != PSA_SUCCESS) { + return status; + } break; #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) - case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ): + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0): operation->core_alg = PSA_ALG_CHACHA20_POLY1305; full_tag_length = 16; /* We only support the default tag length. */ - if( alg != PSA_ALG_CHACHA20_POLY1305 ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (alg != PSA_ALG_CHACHA20_POLY1305) { + return PSA_ERROR_NOT_SUPPORTED; + } - mbedtls_chachapoly_init( &operation->ctx.chachapoly ); + mbedtls_chachapoly_init(&operation->ctx.chachapoly); status = mbedtls_to_psa_error( - mbedtls_chachapoly_setkey( &operation->ctx.chachapoly, - key_buffer ) ); - if( status != PSA_SUCCESS ) - return( status ); + mbedtls_chachapoly_setkey(&operation->ctx.chachapoly, + key_buffer)); + if (status != PSA_SUCCESS) { + return status; + } break; #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ default: (void) status; (void) key_buffer; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - if( PSA_AEAD_TAG_LENGTH( attributes->core.type, - key_bits, alg ) - > full_tag_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (PSA_AEAD_TAG_LENGTH(attributes->core.type, + key_bits, alg) + > full_tag_length) { + return PSA_ERROR_INVALID_ARGUMENT; + } - operation->tag_length = PSA_AEAD_TAG_LENGTH( attributes->core.type, - key_bits, - alg ); + operation->tag_length = PSA_AEAD_TAG_LENGTH(attributes->core.type, + key_bits, + alg); - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t mbedtls_psa_aead_encrypt( @@ -176,82 +180,75 @@ psa_status_t mbedtls_psa_aead_encrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ) + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; aead_operation_t operation = AEAD_OPERATION_INIT; uint8_t *tag; (void) key_buffer_size; - status = psa_aead_setup( &operation, attributes, key_buffer, alg ); - if( status != PSA_SUCCESS ) + status = psa_aead_setup(&operation, attributes, key_buffer, alg); + if (status != PSA_SUCCESS) { goto exit; + } /* For all currently supported modes, the tag is at the end of the * ciphertext. */ - if( ciphertext_size < ( plaintext_length + operation.tag_length ) ) - { + if (ciphertext_size < (plaintext_length + operation.tag_length)) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } tag = ciphertext + plaintext_length; #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) - if( operation.core_alg == PSA_ALG_CCM ) - { + if (operation.core_alg == PSA_ALG_CCM) { status = mbedtls_to_psa_error( - mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm, - plaintext_length, - nonce, nonce_length, - additional_data, - additional_data_length, - plaintext, ciphertext, - tag, operation.tag_length ) ); - } - else + mbedtls_ccm_encrypt_and_tag(&operation.ctx.ccm, + plaintext_length, + nonce, nonce_length, + additional_data, + additional_data_length, + plaintext, ciphertext, + tag, operation.tag_length)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) - if( operation.core_alg == PSA_ALG_GCM ) - { + if (operation.core_alg == PSA_ALG_GCM) { status = mbedtls_to_psa_error( - mbedtls_gcm_crypt_and_tag( &operation.ctx.gcm, - MBEDTLS_GCM_ENCRYPT, - plaintext_length, - nonce, nonce_length, - additional_data, additional_data_length, - plaintext, ciphertext, - operation.tag_length, tag ) ); - } - else + mbedtls_gcm_crypt_and_tag(&operation.ctx.gcm, + MBEDTLS_GCM_ENCRYPT, + plaintext_length, + nonce, nonce_length, + additional_data, additional_data_length, + plaintext, ciphertext, + operation.tag_length, tag)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) - if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 ) - { - if( nonce_length != 12 ) - { - if( nonce_length == 8 ) + if (operation.core_alg == PSA_ALG_CHACHA20_POLY1305) { + if (nonce_length != 12) { + if (nonce_length == 8) { status = PSA_ERROR_NOT_SUPPORTED; - else + } else { status = PSA_ERROR_INVALID_ARGUMENT; + } goto exit; } - if( operation.tag_length != 16 ) - { + if (operation.tag_length != 16) { status = PSA_ERROR_NOT_SUPPORTED; goto exit; } status = mbedtls_to_psa_error( - mbedtls_chachapoly_encrypt_and_tag( &operation.ctx.chachapoly, - plaintext_length, - nonce, - additional_data, - additional_data_length, - plaintext, - ciphertext, - tag ) ); - } - else + mbedtls_chachapoly_encrypt_and_tag(&operation.ctx.chachapoly, + plaintext_length, + nonce, + additional_data, + additional_data_length, + plaintext, + ciphertext, + tag)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ { (void) tag; @@ -260,16 +257,17 @@ psa_status_t mbedtls_psa_aead_encrypt( (void) additional_data; (void) additional_data_length; (void) plaintext; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { *ciphertext_length = plaintext_length + operation.tag_length; + } exit: - psa_aead_abort_internal( &operation ); + psa_aead_abort_internal(&operation); - return( status ); + return status; } /* Locate the tag in a ciphertext buffer containing the encrypted data @@ -277,20 +275,22 @@ psa_status_t mbedtls_psa_aead_encrypt( * *plaintext_length. This is the size of the plaintext in modes where * the encrypted data has the same size as the plaintext, such as * CCM and GCM. */ -static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length, - const uint8_t *ciphertext, - size_t ciphertext_length, - size_t plaintext_size, - const uint8_t **p_tag ) +static psa_status_t psa_aead_unpadded_locate_tag(size_t tag_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + size_t plaintext_size, + const uint8_t **p_tag) { size_t payload_length; - if( tag_length > ciphertext_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (tag_length > ciphertext_length) { + return PSA_ERROR_INVALID_ARGUMENT; + } payload_length = ciphertext_length - tag_length; - if( payload_length > plaintext_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (payload_length > plaintext_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } *p_tag = ciphertext + payload_length; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t mbedtls_psa_aead_decrypt( @@ -300,79 +300,74 @@ psa_status_t mbedtls_psa_aead_decrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ) + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; aead_operation_t operation = AEAD_OPERATION_INIT; const uint8_t *tag = NULL; (void) key_buffer_size; - status = psa_aead_setup( &operation, attributes, key_buffer, alg ); - if( status != PSA_SUCCESS ) + status = psa_aead_setup(&operation, attributes, key_buffer, alg); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_aead_unpadded_locate_tag( operation.tag_length, - ciphertext, ciphertext_length, - plaintext_size, &tag ); - if( status != PSA_SUCCESS ) + status = psa_aead_unpadded_locate_tag(operation.tag_length, + ciphertext, ciphertext_length, + plaintext_size, &tag); + if (status != PSA_SUCCESS) { goto exit; + } #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) - if( operation.core_alg == PSA_ALG_CCM ) - { + if (operation.core_alg == PSA_ALG_CCM) { status = mbedtls_to_psa_error( - mbedtls_ccm_auth_decrypt( &operation.ctx.ccm, - ciphertext_length - operation.tag_length, - nonce, nonce_length, - additional_data, - additional_data_length, - ciphertext, plaintext, - tag, operation.tag_length ) ); - } - else + mbedtls_ccm_auth_decrypt(&operation.ctx.ccm, + ciphertext_length - operation.tag_length, + nonce, nonce_length, + additional_data, + additional_data_length, + ciphertext, plaintext, + tag, operation.tag_length)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) - if( operation.core_alg == PSA_ALG_GCM ) - { + if (operation.core_alg == PSA_ALG_GCM) { status = mbedtls_to_psa_error( - mbedtls_gcm_auth_decrypt( &operation.ctx.gcm, - ciphertext_length - operation.tag_length, - nonce, nonce_length, - additional_data, - additional_data_length, - tag, operation.tag_length, - ciphertext, plaintext ) ); - } - else + mbedtls_gcm_auth_decrypt(&operation.ctx.gcm, + ciphertext_length - operation.tag_length, + nonce, nonce_length, + additional_data, + additional_data_length, + tag, operation.tag_length, + ciphertext, plaintext)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) - if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 ) - { - if( nonce_length != 12 ) - { - if( nonce_length == 8 ) + if (operation.core_alg == PSA_ALG_CHACHA20_POLY1305) { + if (nonce_length != 12) { + if (nonce_length == 8) { status = PSA_ERROR_NOT_SUPPORTED; - else + } else { status = PSA_ERROR_INVALID_ARGUMENT; + } goto exit; } - if( operation.tag_length != 16 ) - { + if (operation.tag_length != 16) { status = PSA_ERROR_NOT_SUPPORTED; goto exit; } status = mbedtls_to_psa_error( - mbedtls_chachapoly_auth_decrypt( &operation.ctx.chachapoly, - ciphertext_length - operation.tag_length, - nonce, - additional_data, - additional_data_length, - tag, - ciphertext, - plaintext ) ); - } - else + mbedtls_chachapoly_auth_decrypt(&operation.ctx.chachapoly, + ciphertext_length - operation.tag_length, + nonce, + additional_data, + additional_data_length, + tag, + ciphertext, + plaintext)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ { (void) nonce; @@ -380,19 +375,20 @@ psa_status_t mbedtls_psa_aead_decrypt( (void) additional_data; (void) additional_data_length; (void) plaintext; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { *plaintext_length = ciphertext_length - operation.tag_length; + } exit: - psa_aead_abort_internal( &operation ); + psa_aead_abort_internal(&operation); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { *plaintext_length = ciphertext_length - operation.tag_length; - return( status ); + } + return status; } #endif /* MBEDTLS_PSA_CRYPTO_C */ - diff --git a/library/psa_crypto_aead.h b/library/psa_crypto_aead.h index e18e85d1ca93..320f835e40d6 100644 --- a/library/psa_crypto_aead.h +++ b/library/psa_crypto_aead.h @@ -83,7 +83,7 @@ psa_status_t mbedtls_psa_aead_encrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ); + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length); /** * \brief Process an authenticated decryption operation. @@ -146,6 +146,6 @@ psa_status_t mbedtls_psa_aead_decrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ); + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length); #endif /* PSA_CRYPTO_AEAD_H */ diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 13006fa4aee4..d216339e6521 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -35,18 +35,17 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits, - mbedtls_cipher_id_t* cipher_id ) + mbedtls_cipher_id_t *cipher_id) { mbedtls_cipher_mode_t mode; mbedtls_cipher_id_t cipher_id_tmp; - if( PSA_ALG_IS_AEAD( alg ) ) - alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ); + if (PSA_ALG_IS_AEAD(alg)) { + alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0); + } - if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ) - { - switch( alg ) - { + if (PSA_ALG_IS_CIPHER(alg) || PSA_ALG_IS_AEAD(alg)) { + switch (alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) case PSA_ALG_STREAM_CIPHER: mode = MBEDTLS_MODE_STREAM; @@ -83,31 +82,30 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) - case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ): + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0): mode = MBEDTLS_MODE_CCM; break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) - case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ): + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0): mode = MBEDTLS_MODE_GCM; break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) - case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ): + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0): mode = MBEDTLS_MODE_CHACHAPOLY; break; #endif default: - return( NULL ); + return NULL; } - } - else if( alg == PSA_ALG_CMAC ) + } else if (alg == PSA_ALG_CMAC) { mode = MBEDTLS_MODE_ECB; - else - return( NULL ); + } else { + return NULL; + } - switch( key_type ) - { + switch (key_type) { #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES) case PSA_KEY_TYPE_AES: cipher_id_tmp = MBEDTLS_CIPHER_ID_AES; @@ -122,15 +120,17 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( case PSA_KEY_TYPE_DES: /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES, * and 192 for three-key Triple-DES. */ - if( key_bits == 64 ) + if (key_bits == 64) { cipher_id_tmp = MBEDTLS_CIPHER_ID_DES; - else + } else { cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES; + } /* mbedtls doesn't recognize two-key Triple-DES as an algorithm, * but two-key Triple-DES is functionally three-key Triple-DES * with K1=K3, so that's how we present it to mbedtls. */ - if( key_bits == 128 ) + if (key_bits == 128) { key_bits = 192; + } break; #endif #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA) @@ -149,13 +149,14 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( break; #endif default: - return( NULL ); + return NULL; } - if( cipher_id != NULL ) + if (cipher_id != NULL) { *cipher_id = cipher_id_tmp; + } - return( mbedtls_cipher_info_from_values( cipher_id_tmp, - (int) key_bits, mode ) ); + return mbedtls_cipher_info_from_values(cipher_id_tmp, + (int) key_bits, mode); } #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) @@ -165,110 +166,112 @@ static psa_status_t psa_cipher_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, - mbedtls_operation_t cipher_operation ) + mbedtls_operation_t cipher_operation) { int ret = 0; size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; psa_key_type_t key_type = attributes->core.type; - (void)key_buffer_size; + (void) key_buffer_size; - mbedtls_cipher_init( &operation->ctx.cipher ); + mbedtls_cipher_init(&operation->ctx.cipher); operation->alg = alg; key_bits = attributes->core.bits; - cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, - key_bits, NULL ); - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + cipher_info = mbedtls_cipher_info_from_psa(alg, key_type, + key_bits, NULL); + if (cipher_info == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } - ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info ); - if( ret != 0 ) + ret = mbedtls_cipher_setup(&operation->ctx.cipher, cipher_info); + if (ret != 0) { goto exit; + } #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) - if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 ) - { + if (key_type == PSA_KEY_TYPE_DES && key_bits == 128) { /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */ uint8_t keys[24]; - memcpy( keys, key_buffer, 16 ); - memcpy( keys + 16, key_buffer, 8 ); - ret = mbedtls_cipher_setkey( &operation->ctx.cipher, - keys, - 192, cipher_operation ); - } - else + memcpy(keys, key_buffer, 16); + memcpy(keys + 16, key_buffer, 8); + ret = mbedtls_cipher_setkey(&operation->ctx.cipher, + keys, + 192, cipher_operation); + } else #endif { - ret = mbedtls_cipher_setkey( &operation->ctx.cipher, key_buffer, - (int) key_bits, cipher_operation ); + ret = mbedtls_cipher_setkey(&operation->ctx.cipher, key_buffer, + (int) key_bits, cipher_operation); } - if( ret != 0 ) + if (ret != 0) { goto exit; + } #if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) - switch( alg ) - { + switch (alg) { case PSA_ALG_CBC_NO_PADDING: - ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, - MBEDTLS_PADDING_NONE ); + ret = mbedtls_cipher_set_padding_mode(&operation->ctx.cipher, + MBEDTLS_PADDING_NONE); break; case PSA_ALG_CBC_PKCS7: - ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, - MBEDTLS_PADDING_PKCS7 ); + ret = mbedtls_cipher_set_padding_mode(&operation->ctx.cipher, + MBEDTLS_PADDING_PKCS7); break; default: /* The algorithm doesn't involve padding. */ ret = 0; break; } - if( ret != 0 ) + if (ret != 0) { goto exit; + } #endif /* MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING || MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 */ - operation->block_length = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 : - PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); - operation->iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg ); + operation->block_length = (PSA_ALG_IS_STREAM_CIPHER(alg) ? 1 : + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type)); + operation->iv_length = PSA_CIPHER_IV_LENGTH(key_type, alg); exit: - return( mbedtls_to_psa_error( ret ) ); + return mbedtls_to_psa_error(ret); } psa_status_t mbedtls_psa_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { - return( psa_cipher_setup( operation, attributes, - key_buffer, key_buffer_size, - alg, MBEDTLS_ENCRYPT ) ); + return psa_cipher_setup(operation, attributes, + key_buffer, key_buffer_size, + alg, MBEDTLS_ENCRYPT); } psa_status_t mbedtls_psa_cipher_decrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { - return( psa_cipher_setup( operation, attributes, - key_buffer, key_buffer_size, - alg, MBEDTLS_DECRYPT ) ); + return psa_cipher_setup(operation, attributes, + key_buffer, key_buffer_size, + alg, MBEDTLS_DECRYPT); } psa_status_t mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, size_t iv_length ) + const uint8_t *iv, size_t iv_length) { - if( iv_length != operation->iv_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (iv_length != operation->iv_length) { + return PSA_ERROR_INVALID_ARGUMENT; + } - return( mbedtls_to_psa_error( - mbedtls_cipher_set_iv( &operation->ctx.cipher, - iv, iv_length ) ) ); + return mbedtls_to_psa_error( + mbedtls_cipher_set_iv(&operation->ctx.cipher, + iv, iv_length)); } #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) @@ -300,43 +303,42 @@ static psa_status_t psa_cipher_update_ecb( const uint8_t *input, size_t input_length, uint8_t *output, - size_t *output_length ) + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t block_size = ctx->cipher_info->block_size; size_t internal_output_length = 0; *output_length = 0; - if( input_length == 0 ) - { + if (input_length == 0) { status = PSA_SUCCESS; goto exit; } - if( ctx->unprocessed_len > 0 ) - { + if (ctx->unprocessed_len > 0) { /* Fill up to block size, and run the block if there's a full one. */ size_t bytes_to_copy = block_size - ctx->unprocessed_len; - if( input_length < bytes_to_copy ) + if (input_length < bytes_to_copy) { bytes_to_copy = input_length; + } - memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), - input, bytes_to_copy ); + memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), + input, bytes_to_copy); input_length -= bytes_to_copy; input += bytes_to_copy; ctx->unprocessed_len += bytes_to_copy; - if( ctx->unprocessed_len == block_size ) - { + if (ctx->unprocessed_len == block_size) { status = mbedtls_to_psa_error( - mbedtls_cipher_update( ctx, - ctx->unprocessed_data, - block_size, - output, &internal_output_length ) ); + mbedtls_cipher_update(ctx, + ctx->unprocessed_data, + block_size, + output, &internal_output_length)); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { goto exit; + } output += internal_output_length; *output_length += internal_output_length; @@ -344,16 +346,16 @@ static psa_status_t psa_cipher_update_ecb( } } - while( input_length >= block_size ) - { + while (input_length >= block_size) { /* Run all full blocks we have, one by one */ status = mbedtls_to_psa_error( - mbedtls_cipher_update( ctx, input, - block_size, - output, &internal_output_length ) ); + mbedtls_cipher_update(ctx, input, + block_size, + output, &internal_output_length)); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { goto exit; + } input_length -= block_size; input += block_size; @@ -362,174 +364,175 @@ static psa_status_t psa_cipher_update_ecb( *output_length += internal_output_length; } - if( input_length > 0 ) - { + if (input_length > 0) { /* Save unprocessed bytes for later processing */ - memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), - input, input_length ); + memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), + input, input_length); ctx->unprocessed_len += input_length; } status = PSA_SUCCESS; exit: - return( status ); + return status; } #endif /* MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING */ psa_status_t mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length ) + uint8_t *output, size_t output_size, size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t expected_output_size; - if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) - { + if (!PSA_ALG_IS_STREAM_CIPHER(operation->alg)) { /* Take the unprocessed partial block left over from previous * update calls, if any, plus the input to this call. Remove * the last partial block, if any. You get the data that will be * output in this call. */ expected_output_size = - ( operation->ctx.cipher.unprocessed_len + input_length ) + (operation->ctx.cipher.unprocessed_len + input_length) / operation->block_length * operation->block_length; - } - else - { + } else { expected_output_size = input_length; } - if( output_size < expected_output_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (output_size < expected_output_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) - if( operation->alg == PSA_ALG_ECB_NO_PADDING ) - { + if (operation->alg == PSA_ALG_ECB_NO_PADDING) { /* mbedtls_cipher_update has an API inconsistency: it will only - * process a single block at a time in ECB mode. Abstract away that - * inconsistency here to match the PSA API behaviour. */ - status = psa_cipher_update_ecb( &operation->ctx.cipher, - input, - input_length, - output, - output_length ); - } - else + * process a single block at a time in ECB mode. Abstract away that + * inconsistency here to match the PSA API behaviour. */ + status = psa_cipher_update_ecb(&operation->ctx.cipher, + input, + input_length, + output, + output_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING */ { status = mbedtls_to_psa_error( - mbedtls_cipher_update( &operation->ctx.cipher, input, - input_length, output, output_length ) ); + mbedtls_cipher_update(&operation->ctx.cipher, input, + input_length, output, output_length)); - if( *output_length > output_size ) - return( PSA_ERROR_CORRUPTION_DETECTED ); + if (*output_length > output_size) { + return PSA_ERROR_CORRUPTION_DETECTED; + } } - return( status ); + return status; } psa_status_t mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, size_t output_size, size_t *output_length ) + uint8_t *output, size_t output_size, size_t *output_length) { psa_status_t status = PSA_ERROR_GENERIC_ERROR; uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH]; - if( operation->ctx.cipher.unprocessed_len != 0 ) - { - if( operation->alg == PSA_ALG_ECB_NO_PADDING || - operation->alg == PSA_ALG_CBC_NO_PADDING ) - { + if (operation->ctx.cipher.unprocessed_len != 0) { + if (operation->alg == PSA_ALG_ECB_NO_PADDING || + operation->alg == PSA_ALG_CBC_NO_PADDING) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } } status = mbedtls_to_psa_error( - mbedtls_cipher_finish( &operation->ctx.cipher, - temp_output_buffer, - output_length ) ); - if( status != PSA_SUCCESS ) + mbedtls_cipher_finish(&operation->ctx.cipher, + temp_output_buffer, + output_length)); + if (status != PSA_SUCCESS) { goto exit; + } - if( *output_length == 0 ) + if (*output_length == 0) { ; /* Nothing to copy. Note that output may be NULL in this case. */ - else if( output_size >= *output_length ) - memcpy( output, temp_output_buffer, *output_length ); - else + } else if (output_size >= *output_length) { + memcpy(output, temp_output_buffer, *output_length); + } else { status = PSA_ERROR_BUFFER_TOO_SMALL; + } exit: - mbedtls_platform_zeroize( temp_output_buffer, - sizeof( temp_output_buffer ) ); + mbedtls_platform_zeroize(temp_output_buffer, + sizeof(temp_output_buffer)); - return( status ); + return status; } psa_status_t mbedtls_psa_cipher_abort( - mbedtls_psa_cipher_operation_t *operation ) + mbedtls_psa_cipher_operation_t *operation) { /* Sanity check (shouldn't happen: operation->alg should * always have been initialized to a valid value). */ - if( ! PSA_ALG_IS_CIPHER( operation->alg ) ) - return( PSA_ERROR_BAD_STATE ); + if (!PSA_ALG_IS_CIPHER(operation->alg)) { + return PSA_ERROR_BAD_STATE; + } - mbedtls_cipher_free( &operation->ctx.cipher ); + mbedtls_cipher_free(&operation->ctx.cipher); - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *iv, - size_t iv_length, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t mbedtls_psa_cipher_encrypt(const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *iv, + size_t iv_length, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; size_t update_output_length, finish_output_length; - status = mbedtls_psa_cipher_encrypt_setup( &operation, attributes, - key_buffer, key_buffer_size, - alg ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_cipher_encrypt_setup(&operation, attributes, + key_buffer, key_buffer_size, + alg); + if (status != PSA_SUCCESS) { goto exit; + } - if( iv_length > 0 ) - { - status = mbedtls_psa_cipher_set_iv( &operation, iv, iv_length ); - if( status != PSA_SUCCESS ) + if (iv_length > 0) { + status = mbedtls_psa_cipher_set_iv(&operation, iv, iv_length); + if (status != PSA_SUCCESS) { goto exit; + } } - status = mbedtls_psa_cipher_update( &operation, input, input_length, - output, output_size, &update_output_length ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_cipher_update(&operation, input, input_length, + output, output_size, &update_output_length); + if (status != PSA_SUCCESS) { goto exit; + } status = mbedtls_psa_cipher_finish( &operation, - mbedtls_buffer_offset( output, update_output_length ), - output_size - update_output_length, &finish_output_length ); - if( status != PSA_SUCCESS ) + mbedtls_buffer_offset(output, update_output_length), + output_size - update_output_length, &finish_output_length); + if (status != PSA_SUCCESS) { goto exit; + } *output_length = update_output_length + finish_output_length; exit: - if( status == PSA_SUCCESS ) - status = mbedtls_psa_cipher_abort( &operation ); - else - mbedtls_psa_cipher_abort( &operation ); + if (status == PSA_SUCCESS) { + status = mbedtls_psa_cipher_abort(&operation); + } else { + mbedtls_psa_cipher_abort(&operation); + } - return( status ); + return status; } psa_status_t mbedtls_psa_cipher_decrypt( @@ -541,52 +544,56 @@ psa_status_t mbedtls_psa_cipher_decrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; size_t olength, accumulated_length; - status = mbedtls_psa_cipher_decrypt_setup( &operation, attributes, - key_buffer, key_buffer_size, - alg ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_cipher_decrypt_setup(&operation, attributes, + key_buffer, key_buffer_size, + alg); + if (status != PSA_SUCCESS) { goto exit; + } - if( operation.iv_length > 0 ) - { - status = mbedtls_psa_cipher_set_iv( &operation, - input, operation.iv_length ); - if( status != PSA_SUCCESS ) + if (operation.iv_length > 0) { + status = mbedtls_psa_cipher_set_iv(&operation, + input, operation.iv_length); + if (status != PSA_SUCCESS) { goto exit; + } } status = mbedtls_psa_cipher_update( &operation, - mbedtls_buffer_offset_const( input, operation.iv_length ), + mbedtls_buffer_offset_const(input, operation.iv_length), input_length - operation.iv_length, - output, output_size, &olength ); - if( status != PSA_SUCCESS ) + output, output_size, &olength); + if (status != PSA_SUCCESS) { goto exit; + } accumulated_length = olength; status = mbedtls_psa_cipher_finish( &operation, - mbedtls_buffer_offset( output, accumulated_length ), - output_size - accumulated_length, &olength ); - if( status != PSA_SUCCESS ) + mbedtls_buffer_offset(output, accumulated_length), + output_size - accumulated_length, &olength); + if (status != PSA_SUCCESS) { goto exit; + } *output_length = accumulated_length + olength; exit: - if ( status == PSA_SUCCESS ) - status = mbedtls_psa_cipher_abort( &operation ); - else - mbedtls_psa_cipher_abort( &operation ); + if (status == PSA_SUCCESS) { + status = mbedtls_psa_cipher_abort(&operation); + } else { + mbedtls_psa_cipher_abort(&operation); + } - return( status ); + return status; } #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index 3bd5360cdac8..6cc6bf6145a3 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -38,7 +38,7 @@ */ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits, - mbedtls_cipher_id_t *cipher_id ); + mbedtls_cipher_id_t *cipher_id); /** * \brief Set the key for a multipart symmetric encryption operation. @@ -68,7 +68,7 @@ psa_status_t mbedtls_psa_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); /** * \brief Set the key for a multipart symmetric decryption operation. @@ -98,7 +98,7 @@ psa_status_t mbedtls_psa_cipher_decrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); /** Set the IV for a symmetric encryption or decryption operation. * @@ -124,7 +124,7 @@ psa_status_t mbedtls_psa_cipher_decrypt_setup( */ psa_status_t mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, size_t iv_length ); + const uint8_t *iv, size_t iv_length); /** Encrypt or decrypt a message fragment in an active cipher operation. * @@ -150,7 +150,7 @@ psa_status_t mbedtls_psa_cipher_set_iv( psa_status_t mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length ); + uint8_t *output, size_t output_size, size_t *output_length); /** Finish encrypting or decrypting a message in a cipher operation. * @@ -180,7 +180,7 @@ psa_status_t mbedtls_psa_cipher_update( */ psa_status_t mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, size_t output_size, size_t *output_length ); + uint8_t *output, size_t output_size, size_t *output_length); /** Abort a cipher operation. * @@ -197,7 +197,7 @@ psa_status_t mbedtls_psa_cipher_finish( * * \retval #PSA_SUCCESS */ -psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation ); +psa_status_t mbedtls_psa_cipher_abort(mbedtls_psa_cipher_operation_t *operation); /** Encrypt a message using a symmetric cipher. * @@ -241,17 +241,17 @@ psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation * This is a decryption operation for an algorithm that includes * padding, and the ciphertext does not contain valid padding. */ -psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *iv, - size_t iv_length, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ); +psa_status_t mbedtls_psa_cipher_encrypt(const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *iv, + size_t iv_length, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); /** Decrypt a message using a symmetric cipher. * @@ -292,14 +292,14 @@ psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, * This is a decryption operation for an algorithm that includes * padding, and the ciphertext does not contain valid padding. */ -psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ); +psa_status_t mbedtls_psa_cipher_decrypt(const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); #endif /* PSA_CRYPTO_CIPHER_H */ diff --git a/library/psa_crypto_client.c b/library/psa_crypto_client.c index ab79086346ca..c3234275ae37 100644 --- a/library/psa_crypto_client.c +++ b/library/psa_crypto_client.c @@ -26,32 +26,31 @@ #include #include "mbedtls/platform.h" -void psa_reset_key_attributes( psa_key_attributes_t *attributes ) +void psa_reset_key_attributes(psa_key_attributes_t *attributes) { - mbedtls_free( attributes->domain_parameters ); - memset( attributes, 0, sizeof( *attributes ) ); + mbedtls_free(attributes->domain_parameters); + memset(attributes, 0, sizeof(*attributes)); } -psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes, - psa_key_type_t type, - const uint8_t *data, - size_t data_length ) +psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, + psa_key_type_t type, + const uint8_t *data, + size_t data_length) { uint8_t *copy = NULL; - if( data_length != 0 ) - { - copy = mbedtls_calloc( 1, data_length ); - if( copy == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( copy, data, data_length ); + if (data_length != 0) { + copy = mbedtls_calloc(1, data_length); + if (copy == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } + memcpy(copy, data, data_length); } /* After this point, this function is guaranteed to succeed, so it * can start modifying `*attributes`. */ - if( attributes->domain_parameters != NULL ) - { - mbedtls_free( attributes->domain_parameters ); + if (attributes->domain_parameters != NULL) { + mbedtls_free(attributes->domain_parameters); attributes->domain_parameters = NULL; attributes->domain_parameters_size = 0; } @@ -59,20 +58,22 @@ psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes, attributes->domain_parameters = copy; attributes->domain_parameters_size = data_length; attributes->core.type = type; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t psa_get_key_domain_parameters( const psa_key_attributes_t *attributes, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { - if( attributes->domain_parameters_size > data_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (attributes->domain_parameters_size > data_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } *data_length = attributes->domain_parameters_size; - if( attributes->domain_parameters_size != 0 ) - memcpy( data, attributes->domain_parameters, - attributes->domain_parameters_size ); - return( PSA_SUCCESS ); + if (attributes->domain_parameters_size != 0) { + memcpy(data, attributes->domain_parameters, + attributes->domain_parameters_size); + } + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 0d8f71f9db7d..672fb5dbca90 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -39,22 +39,22 @@ * \return 0 if the buffer contents are equal, non-zero otherwise */ static inline int mbedtls_psa_safer_memcmp( - const uint8_t *a, const uint8_t *b, size_t n ) + const uint8_t *a, const uint8_t *b, size_t n) { size_t i; unsigned char diff = 0; - for( i = 0; i < n; i++ ) + for (i = 0; i < n; i++) { diff |= a[i] ^ b[i]; + } - return( diff ); + return diff; } /** The data structure representing a key slot, containing key material * and metadata for one key. */ -typedef struct -{ +typedef struct { psa_core_key_attributes_t attr; /* @@ -84,8 +84,7 @@ typedef struct /* Dynamically allocated key data buffer. * Format as specified in psa_export_key(). */ - struct key_data - { + struct key_data { uint8_t *data; size_t bytes; } key; @@ -94,7 +93,7 @@ typedef struct /* A mask of key attribute flags used only internally. * Currently there aren't any. */ #define PSA_KA_MASK_INTERNAL_ONLY ( \ - 0 ) + 0) /** Test whether a key slot is occupied. * @@ -105,9 +104,9 @@ typedef struct * * \return 1 if the slot is occupied, 0 otherwise. */ -static inline int psa_is_key_slot_occupied( const psa_key_slot_t *slot ) +static inline int psa_is_key_slot_occupied(const psa_key_slot_t *slot) { - return( slot->attr.type != 0 ); + return slot->attr.type != 0; } /** Test whether a key slot is locked. @@ -118,9 +117,9 @@ static inline int psa_is_key_slot_occupied( const psa_key_slot_t *slot ) * * \return 1 if the slot is locked, 0 otherwise. */ -static inline int psa_is_key_slot_locked( const psa_key_slot_t *slot ) +static inline int psa_is_key_slot_locked(const psa_key_slot_t *slot) { - return( slot->lock_count > 0 ); + return slot->lock_count > 0; } /** Retrieve flags from psa_key_slot_t::attr::core::flags. @@ -131,10 +130,10 @@ static inline int psa_is_key_slot_locked( const psa_key_slot_t *slot ) * \return The key attribute flags in the given slot, * bitwise-anded with \p mask. */ -static inline uint16_t psa_key_slot_get_flags( const psa_key_slot_t *slot, - uint16_t mask ) +static inline uint16_t psa_key_slot_get_flags(const psa_key_slot_t *slot, + uint16_t mask) { - return( slot->attr.flags & mask ); + return slot->attr.flags & mask; } /** Set flags in psa_key_slot_t::attr::core::flags. @@ -143,12 +142,12 @@ static inline uint16_t psa_key_slot_get_flags( const psa_key_slot_t *slot, * \param mask The mask of bits to modify. * \param value The new value of the selected bits. */ -static inline void psa_key_slot_set_flags( psa_key_slot_t *slot, - uint16_t mask, - uint16_t value ) +static inline void psa_key_slot_set_flags(psa_key_slot_t *slot, + uint16_t mask, + uint16_t value) { - slot->attr.flags = ( ( ~mask & slot->attr.flags ) | - ( mask & value ) ); + slot->attr.flags = ((~mask & slot->attr.flags) | + (mask & value)); } /** Turn on flags in psa_key_slot_t::attr::core::flags. @@ -156,8 +155,8 @@ static inline void psa_key_slot_set_flags( psa_key_slot_t *slot, * \param[in,out] slot The key slot to modify. * \param mask The mask of bits to set. */ -static inline void psa_key_slot_set_bits_in_flags( psa_key_slot_t *slot, - uint16_t mask ) +static inline void psa_key_slot_set_bits_in_flags(psa_key_slot_t *slot, + uint16_t mask) { slot->attr.flags |= mask; } @@ -167,8 +166,8 @@ static inline void psa_key_slot_set_bits_in_flags( psa_key_slot_t *slot, * \param[in,out] slot The key slot to modify. * \param mask The mask of bits to clear. */ -static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot, - uint16_t mask ) +static inline void psa_key_slot_clear_bits(psa_key_slot_t *slot, + uint16_t mask) { slot->attr.flags &= ~mask; } @@ -181,9 +180,9 @@ static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot, * secure element, otherwise the behaviour is undefined. */ static inline psa_key_slot_number_t psa_key_slot_get_slot_number( - const psa_key_slot_t *slot ) + const psa_key_slot_t *slot) { - return( *( (psa_key_slot_number_t *)( slot->key.data ) ) ); + return *((psa_key_slot_number_t *) (slot->key.data)); } #endif @@ -198,7 +197,7 @@ static inline psa_key_slot_number_t psa_key_slot_get_slot_number( * already fully wiped. * \retval #PSA_ERROR_CORRUPTION_DETECTED */ -psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); +psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot); /** Try to allocate a buffer to an empty key slot. * @@ -212,11 +211,11 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); * \retval #PSA_ERROR_ALREADY_EXISTS * Trying to allocate a buffer to a non-empty key slot. */ -psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot, - size_t buffer_length ); +psa_status_t psa_allocate_buffer_to_slot(psa_key_slot_t *slot, + size_t buffer_length); /** Wipe key data from a slot. Preserves metadata such as the policy. */ -psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ); +psa_status_t psa_remove_key_data_from_memory(psa_key_slot_t *slot); /** Copy key data (in export format) into an empty key slot. * @@ -235,9 +234,9 @@ psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ); * \retval #PSA_ERROR_ALREADY_EXISTS * There was other key material already present in the slot. */ -psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot, - const uint8_t *data, - size_t data_length ); +psa_status_t psa_copy_key_material_into_slot(psa_key_slot_t *slot, + const uint8_t *data, + size_t data_length); /** Convert an mbed TLS error code to a PSA error code * @@ -248,7 +247,7 @@ psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot, * * \return The corresponding PSA error code */ -psa_status_t mbedtls_to_psa_error( int ret ); +psa_status_t mbedtls_to_psa_error(int ret); /** Import a key in binary format. * @@ -280,7 +279,7 @@ psa_status_t psa_import_key_into_slot( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); + size_t *key_buffer_length, size_t *bits); /** Export a key in binary format * @@ -307,7 +306,7 @@ psa_status_t psa_import_key_into_slot( psa_status_t psa_export_key_internal( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); /** Export a public key or the public part of a key pair in binary format. * @@ -335,7 +334,7 @@ psa_status_t psa_export_key_internal( psa_status_t psa_export_public_key_internal( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); /** * \brief Generate a key. @@ -357,10 +356,10 @@ psa_status_t psa_export_public_key_internal( * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of \p key_buffer is too small. */ -psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, - size_t key_buffer_size, - size_t *key_buffer_length ); +psa_status_t psa_generate_key_internal(const psa_key_attributes_t *attributes, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length); /** Sign a message with a private key. For hash-and-sign algorithms, * this includes the hashing step. @@ -403,7 +402,7 @@ psa_status_t psa_sign_message_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); /** Verify the signature of a message with a public key, using * a hash-and-sign verification algorithm. @@ -440,7 +439,7 @@ psa_status_t psa_verify_message_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); /** Sign an already-calculated hash with a private key. * @@ -479,7 +478,7 @@ psa_status_t psa_sign_hash_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); /** * \brief Verify the signature a hash or short message using a public key. @@ -514,6 +513,6 @@ psa_status_t psa_verify_hash_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); #endif /* PSA_CRYPTO_CORE_H */ diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index c9b86fe81907..48ad6d5fbba0 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -66,41 +66,44 @@ #include "psa_crypto_se.h" #endif -psa_status_t psa_driver_wrapper_init( void ) +psa_status_t psa_driver_wrapper_init(void) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - status = psa_init_all_se_drivers( ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_init_all_se_drivers(); + if (status != PSA_SUCCESS) { + return status; + } #endif #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_test_transparent_init( ); - if( status != PSA_SUCCESS ) - return( status ); + status = mbedtls_test_transparent_init(); + if (status != PSA_SUCCESS) { + return status; + } - status = mbedtls_test_opaque_init( ); - if( status != PSA_SUCCESS ) - return( status ); + status = mbedtls_test_opaque_init(); + if (status != PSA_SUCCESS) { + return status; + } #endif (void) status; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -void psa_driver_wrapper_free( void ) +void psa_driver_wrapper_free(void) { #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Unregister all secure element drivers, so that we restart from * a pristine state. */ - psa_unregister_all_se_drivers( ); + psa_unregister_all_se_drivers(); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(PSA_CRYPTO_DRIVER_TEST) - mbedtls_test_transparent_free( ); - mbedtls_test_opaque_free( ); + mbedtls_test_transparent_free(); + mbedtls_test_opaque_free(); #endif } @@ -114,70 +117,71 @@ psa_status_t psa_driver_wrapper_sign_message( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ) + size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_signature_sign_message( - attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_size, - signature_length ); + attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_size, + signature_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ break; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = mbedtls_test_opaque_signature_sign_message( - attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_size, - signature_length ); - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_size, + signature_length); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } break; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; + (void) status; break; } - return( psa_sign_message_builtin( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_size, - signature_length ) ); + return psa_sign_message_builtin(attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_size, + signature_length); } psa_status_t psa_driver_wrapper_verify_message( @@ -188,150 +192,149 @@ psa_status_t psa_driver_wrapper_verify_message( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ) + size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_signature_verify_message( - attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_length ); + attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ break; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_signature_verify_message( - attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_length ) ); - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + return mbedtls_test_opaque_signature_verify_message( + attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_length); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } break; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; + (void) status; break; } - return( psa_verify_message_builtin( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_length ) ); + return psa_verify_message_builtin(attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_length); } psa_status_t psa_driver_wrapper_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + uint8_t *signature, size_t signature_size, size_t *signature_length) { /* Try dynamically-registered SE interface first */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( drv->asymmetric == NULL || - drv->asymmetric->p_sign == NULL ) - { + if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) { + if (drv->asymmetric == NULL || + drv->asymmetric->p_sign == NULL) { /* Key is defined in SE, but we have no way to exercise it */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - return( drv->asymmetric->p_sign( - drv_context, *( (psa_key_slot_number_t *)key_buffer ), - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + return drv->asymmetric->p_sign( + drv_context, *((psa_key_slot_number_t *) key_buffer), + alg, hash, hash_length, + signature, signature_size, signature_length); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_test_transparent_signature_sign_hash( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_size, - signature_length ); + status = mbedtls_test_transparent_signature_sign_hash(attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_size, + signature_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ - return( psa_sign_hash_builtin( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_size, - signature_length ) ); - - /* Add cases for opaque driver here */ + return psa_sign_hash_builtin(attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_size, + signature_length); + + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_signature_sign_hash( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_size, - signature_length ) ); + return mbedtls_test_opaque_signature_sign_hash(attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_size, + signature_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -339,81 +342,79 @@ psa_status_t psa_driver_wrapper_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) + const uint8_t *signature, size_t signature_length) { /* Try dynamically-registered SE interface first */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( drv->asymmetric == NULL || - drv->asymmetric->p_verify == NULL ) - { + if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) { + if (drv->asymmetric == NULL || + drv->asymmetric->p_verify == NULL) { /* Key is defined in SE, but we have no way to exercise it */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - return( drv->asymmetric->p_verify( - drv_context, *( (psa_key_slot_number_t *)key_buffer ), - alg, hash, hash_length, - signature, signature_length ) ); + return drv->asymmetric->p_verify( + drv_context, *((psa_key_slot_number_t *) key_buffer), + alg, hash, hash_length, + signature, signature_length); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_signature_verify_hash( - attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_length ); + attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ - return( psa_verify_hash_builtin( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_length ) ); + return psa_verify_hash_builtin(attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_length); - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_signature_verify_hash( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_length ) ); + return mbedtls_test_opaque_signature_verify_hash(attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -434,42 +435,40 @@ psa_status_t psa_driver_wrapper_verify_hash( */ psa_status_t psa_driver_wrapper_get_key_buffer_size( const psa_key_attributes_t *attributes, - size_t *key_buffer_size ) + size_t *key_buffer_size) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); psa_key_type_t key_type = attributes->core.type; size_t key_bits = attributes->core.bits; *key_buffer_size = 0; - switch( location ) - { + switch (location) { #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) /* Emulate property 'builtin_key_size' */ - if( psa_key_id_is_builtin( + if (psa_key_id_is_builtin( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( - psa_get_key_id( attributes ) ) ) ) - { - *key_buffer_size = sizeof( psa_drv_slot_number_t ); - return( PSA_SUCCESS ); + psa_get_key_id(attributes)))) { + *key_buffer_size = sizeof(psa_drv_slot_number_t); + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - *key_buffer_size = mbedtls_test_size_function( key_type, key_bits ); - return( ( *key_buffer_size != 0 ) ? - PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED ); + *key_buffer_size = mbedtls_test_size_function(key_type, key_bits); + return (*key_buffer_size != 0) ? + PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED; #endif /* PSA_CRYPTO_DRIVER_TEST */ default: - (void)key_type; - (void)key_bits; - return( PSA_ERROR_NOT_SUPPORTED ); + (void) key_type; + (void) key_bits; + return PSA_ERROR_NOT_SUPPORTED; } } psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = @@ -480,52 +479,49 @@ psa_status_t psa_driver_wrapper_generate_key( const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { + if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) { size_t pubkey_length = 0; /* We don't support this feature yet */ - if( drv->key_management == NULL || - drv->key_management->p_generate == NULL ) - { + if (drv->key_management == NULL || + drv->key_management->p_generate == NULL) { /* Key is defined as being in SE, but we have no way to generate it */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - return( drv->key_management->p_generate( + return drv->key_management->p_generate( drv_context, - *( (psa_key_slot_number_t *)key_buffer ), - attributes, NULL, 0, &pubkey_length ) ); + *((psa_key_slot_number_t *) key_buffer), + attributes, NULL, 0, &pubkey_length); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) /* Transparent drivers are limited to generating asymmetric keys */ - if( PSA_KEY_TYPE_IS_ASYMMETRIC( attributes->core.type ) ) - { - /* Cycle through all known transparent accelerators */ + if (PSA_KEY_TYPE_IS_ASYMMETRIC(attributes->core.type)) { + /* Cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_generate_key( attributes, key_buffer, key_buffer_size, - key_buffer_length ); + key_buffer_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) + if (status != PSA_ERROR_NOT_SUPPORTED) { break; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ } #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Software fallback */ status = psa_generate_key_internal( - attributes, key_buffer, key_buffer_size, key_buffer_length ); + attributes, key_buffer, key_buffer_size, key_buffer_length); break; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = mbedtls_test_opaque_generate_key( - attributes, key_buffer, key_buffer_size, key_buffer_length ); + attributes, key_buffer, key_buffer_size, key_buffer_length); break; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ @@ -536,7 +532,7 @@ psa_status_t psa_driver_wrapper_generate_key( break; } - return( status ); + return status; } psa_status_t psa_driver_wrapper_import_key( @@ -546,69 +542,71 @@ psa_status_t psa_driver_wrapper_import_key( uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length, - size_t *bits ) + size_t *bits) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( - psa_get_key_lifetime( attributes ) ); + psa_get_key_lifetime(attributes)); /* Try dynamically-registered SE interface first */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( drv->key_management == NULL || - drv->key_management->p_import == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) { + if (drv->key_management == NULL || + drv->key_management->p_import == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } /* The driver should set the number of key bits, however in * case it doesn't, we initialize bits to an invalid value. */ *bits = PSA_MAX_KEY_BITS + 1; status = drv->key_management->p_import( drv_context, - *( (psa_key_slot_number_t *)key_buffer ), - attributes, data, data_length, bits ); + *((psa_key_slot_number_t *) key_buffer), + attributes, data, data_length, bits); - if( status != PSA_SUCCESS ) - return( status ); + if (status != PSA_SUCCESS) { + return status; + } - if( (*bits) > PSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); + if ((*bits) > PSA_MAX_KEY_BITS) { + return PSA_ERROR_NOT_SUPPORTED; + } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_import_key( - attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ); + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ - return( psa_import_key_into_slot( attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); + return psa_import_key_into_slot(attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); default: /* Importing a key with external storage in not yet supported. * Return in error indicating that the lifetime is not valid. */ - (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -616,157 +614,151 @@ psa_status_t psa_driver_wrapper_import_key( psa_status_t psa_driver_wrapper_export_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( - psa_get_key_lifetime( attributes ) ); + psa_get_key_lifetime(attributes)); /* Try dynamically-registered SE interface first */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( ( drv->key_management == NULL ) || - ( drv->key_management->p_export == NULL ) ) - { - return( PSA_ERROR_NOT_SUPPORTED ); + if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) { + if ((drv->key_management == NULL) || + (drv->key_management->p_export == NULL)) { + return PSA_ERROR_NOT_SUPPORTED; } - return( drv->key_management->p_export( - drv_context, - *( (psa_key_slot_number_t *)key_buffer ), - data, data_size, data_length ) ); + return drv->key_management->p_export( + drv_context, + *((psa_key_slot_number_t *) key_buffer), + data, data_size, data_length); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: - return( psa_export_key_internal( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + return psa_export_key_internal(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_export_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + return mbedtls_test_opaque_export_key(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - return( status ); + return status; } } psa_status_t psa_driver_wrapper_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( - psa_get_key_lifetime( attributes ) ); + psa_get_key_lifetime(attributes)); /* Try dynamically-registered SE interface first */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( ( drv->key_management == NULL ) || - ( drv->key_management->p_export_public == NULL ) ) - { - return( PSA_ERROR_NOT_SUPPORTED ); + if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) { + if ((drv->key_management == NULL) || + (drv->key_management->p_export_public == NULL)) { + return PSA_ERROR_NOT_SUPPORTED; } - return( drv->key_management->p_export_public( - drv_context, - *( (psa_key_slot_number_t *)key_buffer ), - data, data_size, data_length ) ); + return drv->key_management->p_export_public( + drv_context, + *((psa_key_slot_number_t *) key_buffer), + data, data_size, data_length); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_export_public_key( - attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ); + attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ - return( psa_export_public_key_internal( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); - - /* Add cases for opaque driver here */ + return psa_export_public_key_internal(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); + + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_export_public_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + return mbedtls_test_opaque_export_public_key(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - return( status ); + return status; } } psa_status_t psa_driver_wrapper_get_builtin_key( psa_drv_slot_number_t slot_number, psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); - switch( location ) - { + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + switch (location) { #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_get_builtin_key( - slot_number, - attributes, - key_buffer, key_buffer_size, key_buffer_length ) ); + return mbedtls_test_opaque_get_builtin_key( + slot_number, + attributes, + key_buffer, key_buffer_size, key_buffer_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ default: (void) slot_number; (void) key_buffer; (void) key_buffer_size; (void) key_buffer_length; - return( PSA_ERROR_DOES_NOT_EXIST ); + return PSA_ERROR_DOES_NOT_EXIST; } } @@ -784,84 +776,84 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_test_transparent_cipher_encrypt( attributes, - key_buffer, - key_buffer_size, - alg, - iv, - iv_length, - input, - input_length, - output, - output_size, - output_length ); + status = mbedtls_test_transparent_cipher_encrypt(attributes, + key_buffer, + key_buffer_size, + alg, + iv, + iv_length, + input, + input_length, + output, + output_size, + output_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_encrypt( attributes, - key_buffer, - key_buffer_size, - alg, - iv, - iv_length, - input, - input_length, - output, - output_size, - output_length ) ); + return mbedtls_psa_cipher_encrypt(attributes, + key_buffer, + key_buffer_size, + alg, + iv, + iv_length, + input, + input_length, + output, + output_size, + output_length); #else - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_cipher_encrypt( attributes, - key_buffer, - key_buffer_size, - alg, - iv, - iv_length, - input, - input_length, - output, - output_size, - output_length ) ); + return mbedtls_test_opaque_cipher_encrypt(attributes, + key_buffer, + key_buffer_size, + alg, + iv, + iv_length, + input, + input_length, + output, + output_size, + output_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)iv; - (void)iv_length; - (void)input; - (void)input_length; - (void)output; - (void)output_size; - (void)output_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) iv; + (void) iv_length; + (void) input; + (void) input_length; + (void) output; + (void) output_size; + (void) output_length; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -874,76 +866,76 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_test_transparent_cipher_decrypt( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - output, - output_size, - output_length ); + status = mbedtls_test_transparent_cipher_decrypt(attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + output, + output_size, + output_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_decrypt( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - output, - output_size, - output_length ) ); + return mbedtls_psa_cipher_decrypt(attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + output, + output_size, + output_length); #else - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_cipher_decrypt( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - output, - output_size, - output_length ) ); + return mbedtls_test_opaque_cipher_decrypt(attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + output, + output_size, + output_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)input; - (void)input_length; - (void)output; - (void)output_size; - (void)output_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) input; + (void) input_length; + (void) output; + (void) output_size; + (void) output_length; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -951,14 +943,13 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -969,31 +960,35 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( attributes, key_buffer, key_buffer_size, - alg ); + alg); /* Declared with fallback == true */ - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) /* Fell through, meaning no accelerator supports this operation */ - status = mbedtls_psa_cipher_encrypt_setup( &operation->ctx.mbedtls_ctx, - attributes, - key_buffer, - key_buffer_size, - alg ); - if( status == PSA_SUCCESS ) + status = mbedtls_psa_cipher_encrypt_setup(&operation->ctx.mbedtls_ctx, + attributes, + key_buffer, + key_buffer_size, + alg); + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: @@ -1001,22 +996,23 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( &operation->ctx.opaque_test_driver_ctx, attributes, key_buffer, key_buffer_size, - alg ); + alg); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID; + } - return( status ); + return status; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - (void)operation; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + (void) operation; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -1024,14 +1020,13 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -1042,89 +1037,92 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( attributes, key_buffer, key_buffer_size, - alg ); + alg); /* Declared with fallback == true */ - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) /* Fell through, meaning no accelerator supports this operation */ - status = mbedtls_psa_cipher_decrypt_setup( &operation->ctx.mbedtls_ctx, - attributes, - key_buffer, - key_buffer_size, - alg ); - if( status == PSA_SUCCESS ) + status = mbedtls_psa_cipher_decrypt_setup(&operation->ctx.mbedtls_ctx, + attributes, + key_buffer, + key_buffer_size, + alg); + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + } - return( status ); + return status; #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = mbedtls_test_opaque_cipher_decrypt_setup( - &operation->ctx.opaque_test_driver_ctx, - attributes, - key_buffer, key_buffer_size, - alg ); + &operation->ctx.opaque_test_driver_ctx, + attributes, + key_buffer, key_buffer_size, + alg); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID; + } - return( status ); + return status; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - (void)operation; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + (void) operation; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + return PSA_ERROR_INVALID_ARGUMENT; } } psa_status_t psa_driver_wrapper_cipher_set_iv( psa_cipher_operation_t *operation, const uint8_t *iv, - size_t iv_length ) + size_t iv_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_cipher_set_iv( &operation->ctx.mbedtls_ctx, - iv, - iv_length ) ); + return mbedtls_psa_cipher_set_iv(&operation->ctx.mbedtls_ctx, + iv, + iv_length); #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_cipher_set_iv( - &operation->ctx.transparent_test_driver_ctx, - iv, iv_length ) ); + return mbedtls_test_transparent_cipher_set_iv( + &operation->ctx.transparent_test_driver_ctx, + iv, iv_length); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_cipher_set_iv( - &operation->ctx.opaque_test_driver_ctx, - iv, iv_length ) ); + return mbedtls_test_opaque_cipher_set_iv( + &operation->ctx.opaque_test_driver_ctx, + iv, iv_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ } - (void)iv; - (void)iv_length; + (void) iv; + (void) iv_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } psa_status_t psa_driver_wrapper_cipher_update( @@ -1133,119 +1131,116 @@ psa_status_t psa_driver_wrapper_cipher_update( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_cipher_update( &operation->ctx.mbedtls_ctx, - input, - input_length, - output, - output_size, - output_length ) ); + return mbedtls_psa_cipher_update(&operation->ctx.mbedtls_ctx, + input, + input_length, + output, + output_size, + output_length); #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_cipher_update( - &operation->ctx.transparent_test_driver_ctx, - input, input_length, - output, output_size, output_length ) ); + return mbedtls_test_transparent_cipher_update( + &operation->ctx.transparent_test_driver_ctx, + input, input_length, + output, output_size, output_length); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_cipher_update( - &operation->ctx.opaque_test_driver_ctx, - input, input_length, - output, output_size, output_length ) ); + return mbedtls_test_opaque_cipher_update( + &operation->ctx.opaque_test_driver_ctx, + input, input_length, + output, output_size, output_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ } - (void)input; - (void)input_length; - (void)output; - (void)output_size; - (void)output_length; + (void) input; + (void) input_length; + (void) output; + (void) output_size; + (void) output_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } psa_status_t psa_driver_wrapper_cipher_finish( psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_cipher_finish( &operation->ctx.mbedtls_ctx, - output, - output_size, - output_length ) ); + return mbedtls_psa_cipher_finish(&operation->ctx.mbedtls_ctx, + output, + output_size, + output_length); #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_cipher_finish( - &operation->ctx.transparent_test_driver_ctx, - output, output_size, output_length ) ); + return mbedtls_test_transparent_cipher_finish( + &operation->ctx.transparent_test_driver_ctx, + output, output_size, output_length); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_cipher_finish( - &operation->ctx.opaque_test_driver_ctx, - output, output_size, output_length ) ); + return mbedtls_test_opaque_cipher_finish( + &operation->ctx.opaque_test_driver_ctx, + output, output_size, output_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ } - (void)output; - (void)output_size; - (void)output_length; + (void) output; + (void) output_size; + (void) output_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } psa_status_t psa_driver_wrapper_cipher_abort( - psa_cipher_operation_t *operation ) + psa_cipher_operation_t *operation) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_cipher_abort( &operation->ctx.mbedtls_ctx ) ); + return mbedtls_psa_cipher_abort(&operation->ctx.mbedtls_ctx); #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: status = mbedtls_test_transparent_cipher_abort( - &operation->ctx.transparent_test_driver_ctx ); + &operation->ctx.transparent_test_driver_ctx); mbedtls_platform_zeroize( &operation->ctx.transparent_test_driver_ctx, - sizeof( operation->ctx.transparent_test_driver_ctx ) ); - return( status ); + sizeof(operation->ctx.transparent_test_driver_ctx)); + return status; case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: status = mbedtls_test_opaque_cipher_abort( - &operation->ctx.opaque_test_driver_ctx ); + &operation->ctx.opaque_test_driver_ctx); mbedtls_platform_zeroize( &operation->ctx.opaque_test_driver_ctx, - sizeof( operation->ctx.opaque_test_driver_ctx ) ); - return( status ); + sizeof(operation->ctx.opaque_test_driver_ctx)); + return status; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ } - (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + return PSA_ERROR_INVALID_ARGUMENT; } /* @@ -1264,17 +1259,19 @@ psa_status_t psa_driver_wrapper_hash_compute( /* Try accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_hash_compute( - alg, input, input_length, hash, hash_size, hash_length ); - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + alg, input, input_length, hash, hash_size, hash_length); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* If software fallback is compiled in, try fallback */ #if defined(MBEDTLS_PSA_BUILTIN_HASH) - status = mbedtls_psa_hash_compute( alg, input, input_length, - hash, hash_size, hash_length ); - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + status = mbedtls_psa_hash_compute(alg, input, input_length, + hash, hash_size, hash_length); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif (void) status; (void) alg; @@ -1284,89 +1281,91 @@ psa_status_t psa_driver_wrapper_hash_compute( (void) hash_size; (void) hash_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t psa_driver_wrapper_hash_setup( psa_hash_operation_t *operation, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* Try setup on accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_hash_setup( - &operation->ctx.test_driver_ctx, alg ); - if( status == PSA_SUCCESS ) + &operation->ctx.test_driver_ctx, alg); + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* If software fallback is compiled in, try fallback */ #if defined(MBEDTLS_PSA_BUILTIN_HASH) - status = mbedtls_psa_hash_setup( &operation->ctx.mbedtls_ctx, alg ); - if( status == PSA_SUCCESS ) + status = mbedtls_psa_hash_setup(&operation->ctx.mbedtls_ctx, alg); + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* Nothing left to try if we fall through here */ (void) status; (void) operation; (void) alg; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t psa_driver_wrapper_hash_clone( const psa_hash_operation_t *source_operation, - psa_hash_operation_t *target_operation ) + psa_hash_operation_t *target_operation) { - switch( source_operation->id ) - { + switch (source_operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; - return( mbedtls_psa_hash_clone( &source_operation->ctx.mbedtls_ctx, - &target_operation->ctx.mbedtls_ctx ) ); + return mbedtls_psa_hash_clone(&source_operation->ctx.mbedtls_ctx, + &target_operation->ctx.mbedtls_ctx); #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; - return( mbedtls_test_transparent_hash_clone( - &source_operation->ctx.test_driver_ctx, - &target_operation->ctx.test_driver_ctx ) ); + return mbedtls_test_transparent_hash_clone( + &source_operation->ctx.test_driver_ctx, + &target_operation->ctx.test_driver_ctx); #endif default: (void) target_operation; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } } psa_status_t psa_driver_wrapper_hash_update( psa_hash_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_hash_update( &operation->ctx.mbedtls_ctx, - input, input_length ) ); + return mbedtls_psa_hash_update(&operation->ctx.mbedtls_ctx, + input, input_length); #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_hash_update( - &operation->ctx.test_driver_ctx, - input, input_length ) ); + return mbedtls_test_transparent_hash_update( + &operation->ctx.test_driver_ctx, + input, input_length); #endif default: (void) input; (void) input_length; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } } @@ -1374,45 +1373,43 @@ psa_status_t psa_driver_wrapper_hash_finish( psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, - size_t *hash_length ) + size_t *hash_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_hash_finish( &operation->ctx.mbedtls_ctx, - hash, hash_size, hash_length ) ); + return mbedtls_psa_hash_finish(&operation->ctx.mbedtls_ctx, + hash, hash_size, hash_length); #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_hash_finish( - &operation->ctx.test_driver_ctx, - hash, hash_size, hash_length ) ); + return mbedtls_test_transparent_hash_finish( + &operation->ctx.test_driver_ctx, + hash, hash_size, hash_length); #endif default: (void) hash; (void) hash_size; (void) hash_length; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } } psa_status_t psa_driver_wrapper_hash_abort( - psa_hash_operation_t *operation ) + psa_hash_operation_t *operation) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) ); + return mbedtls_psa_hash_abort(&operation->ctx.mbedtls_ctx); #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_hash_abort( - &operation->ctx.test_driver_ctx ) ); + return mbedtls_test_transparent_hash_abort( + &operation->ctx.test_driver_ctx); #endif default: - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } } @@ -1423,14 +1420,13 @@ psa_status_t psa_driver_wrapper_aead_encrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ) + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -1438,33 +1434,34 @@ psa_status_t psa_driver_wrapper_aead_encrypt( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_aead_encrypt( - attributes, key_buffer, key_buffer_size, - alg, - nonce, nonce_length, - additional_data, additional_data_length, - plaintext, plaintext_length, - ciphertext, ciphertext_size, ciphertext_length ); + attributes, key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + plaintext, plaintext_length, + ciphertext, ciphertext_size, ciphertext_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ - return( mbedtls_psa_aead_encrypt( - attributes, key_buffer, key_buffer_size, - alg, - nonce, nonce_length, - additional_data, additional_data_length, - plaintext, plaintext_length, - ciphertext, ciphertext_size, ciphertext_length ) ); + return mbedtls_psa_aead_encrypt( + attributes, key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + plaintext, plaintext_length, + ciphertext, ciphertext_size, ciphertext_length); /* Add cases for opaque driver here */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -1475,14 +1472,13 @@ psa_status_t psa_driver_wrapper_aead_decrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ) + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -1490,33 +1486,34 @@ psa_status_t psa_driver_wrapper_aead_decrypt( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_aead_decrypt( - attributes, key_buffer, key_buffer_size, - alg, - nonce, nonce_length, - additional_data, additional_data_length, - ciphertext, ciphertext_length, - plaintext, plaintext_size, plaintext_length ); + attributes, key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + ciphertext, ciphertext_length, + plaintext, plaintext_size, plaintext_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ - return( mbedtls_psa_aead_decrypt( - attributes, key_buffer, key_buffer_size, - alg, - nonce, nonce_length, - additional_data, additional_data_length, - ciphertext, ciphertext_length, - plaintext, plaintext_size, plaintext_length ) ); + return mbedtls_psa_aead_decrypt( + attributes, key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + ciphertext, ciphertext_length, + plaintext, plaintext_size, plaintext_length); /* Add cases for opaque driver here */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -1533,14 +1530,13 @@ psa_status_t psa_driver_wrapper_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -1549,10 +1545,11 @@ psa_status_t psa_driver_wrapper_mac_compute( status = mbedtls_test_transparent_mac_compute( attributes, key_buffer, key_buffer_size, alg, input, input_length, - mac, mac_size, mac_length ); + mac, mac_size, mac_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_MAC) @@ -1560,21 +1557,22 @@ psa_status_t psa_driver_wrapper_mac_compute( status = mbedtls_psa_mac_compute( attributes, key_buffer, key_buffer_size, alg, input, input_length, - mac, mac_size, mac_length ); - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + mac, mac_size, mac_length); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* MBEDTLS_PSA_BUILTIN_MAC */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = mbedtls_test_opaque_mac_compute( attributes, key_buffer, key_buffer_size, alg, input, input_length, - mac, mac_size, mac_length ); - return( status ); + mac, mac_size, mac_length); + return status; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -1588,7 +1586,7 @@ psa_status_t psa_driver_wrapper_mac_compute( (void) mac_size; (void) mac_length; (void) status; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -1597,14 +1595,13 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -1614,30 +1611,34 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( &operation->ctx.transparent_test_driver_ctx, attributes, key_buffer, key_buffer_size, - alg ); + alg); /* Declared with fallback == true */ - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_MAC) /* Fell through, meaning no accelerator supports this operation */ - status = mbedtls_psa_mac_sign_setup( &operation->ctx.mbedtls_ctx, - attributes, - key_buffer, key_buffer_size, - alg ); - if( status == PSA_SUCCESS ) + status = mbedtls_psa_mac_sign_setup(&operation->ctx.mbedtls_ctx, + attributes, + key_buffer, key_buffer_size, + alg); + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* MBEDTLS_PSA_BUILTIN_MAC */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: @@ -1645,12 +1646,13 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( &operation->ctx.opaque_test_driver_ctx, attributes, key_buffer, key_buffer_size, - alg ); + alg); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID; + } - return( status ); + return status; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -1660,7 +1662,7 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( (void) key_buffer; (void) key_buffer_size; (void) alg; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -1669,14 +1671,13 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -1686,30 +1687,34 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( &operation->ctx.transparent_test_driver_ctx, attributes, key_buffer, key_buffer_size, - alg ); + alg); /* Declared with fallback == true */ - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_MAC) /* Fell through, meaning no accelerator supports this operation */ - status = mbedtls_psa_mac_verify_setup( &operation->ctx.mbedtls_ctx, - attributes, - key_buffer, key_buffer_size, - alg ); - if( status == PSA_SUCCESS ) + status = mbedtls_psa_mac_verify_setup(&operation->ctx.mbedtls_ctx, + attributes, + key_buffer, key_buffer_size, + alg); + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* MBEDTLS_PSA_BUILTIN_MAC */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: @@ -1717,12 +1722,13 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( &operation->ctx.opaque_test_driver_ctx, attributes, key_buffer, key_buffer_size, - alg ); + alg); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID; + } - return( status ); + return status; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -1732,40 +1738,39 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( (void) key_buffer; (void) key_buffer_size; (void) alg; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } psa_status_t psa_driver_wrapper_mac_update( psa_mac_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_MAC) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_mac_update( &operation->ctx.mbedtls_ctx, - input, input_length ) ); + return mbedtls_psa_mac_update(&operation->ctx.mbedtls_ctx, + input, input_length); #endif /* MBEDTLS_PSA_BUILTIN_MAC */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_mac_update( - &operation->ctx.transparent_test_driver_ctx, - input, input_length ) ); + return mbedtls_test_transparent_mac_update( + &operation->ctx.transparent_test_driver_ctx, + input, input_length); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_mac_update( - &operation->ctx.opaque_test_driver_ctx, - input, input_length ) ); + return mbedtls_test_opaque_mac_update( + &operation->ctx.opaque_test_driver_ctx, + input, input_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: (void) input; (void) input_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -1773,92 +1778,89 @@ psa_status_t psa_driver_wrapper_mac_sign_finish( psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_MAC) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_mac_sign_finish( &operation->ctx.mbedtls_ctx, - mac, mac_size, mac_length ) ); + return mbedtls_psa_mac_sign_finish(&operation->ctx.mbedtls_ctx, + mac, mac_size, mac_length); #endif /* MBEDTLS_PSA_BUILTIN_MAC */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_mac_sign_finish( - &operation->ctx.transparent_test_driver_ctx, - mac, mac_size, mac_length ) ); + return mbedtls_test_transparent_mac_sign_finish( + &operation->ctx.transparent_test_driver_ctx, + mac, mac_size, mac_length); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_mac_sign_finish( - &operation->ctx.opaque_test_driver_ctx, - mac, mac_size, mac_length ) ); + return mbedtls_test_opaque_mac_sign_finish( + &operation->ctx.opaque_test_driver_ctx, + mac, mac_size, mac_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: (void) mac; (void) mac_size; (void) mac_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } psa_status_t psa_driver_wrapper_mac_verify_finish( psa_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ) + size_t mac_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_MAC) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_mac_verify_finish( &operation->ctx.mbedtls_ctx, - mac, mac_length ) ); + return mbedtls_psa_mac_verify_finish(&operation->ctx.mbedtls_ctx, + mac, mac_length); #endif /* MBEDTLS_PSA_BUILTIN_MAC */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_mac_verify_finish( - &operation->ctx.transparent_test_driver_ctx, - mac, mac_length ) ); + return mbedtls_test_transparent_mac_verify_finish( + &operation->ctx.transparent_test_driver_ctx, + mac, mac_length); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_mac_verify_finish( - &operation->ctx.opaque_test_driver_ctx, - mac, mac_length ) ); + return mbedtls_test_opaque_mac_verify_finish( + &operation->ctx.opaque_test_driver_ctx, + mac, mac_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: (void) mac; (void) mac_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } psa_status_t psa_driver_wrapper_mac_abort( - psa_mac_operation_t *operation ) + psa_mac_operation_t *operation) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_MAC) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_mac_abort( &operation->ctx.mbedtls_ctx ) ); + return mbedtls_psa_mac_abort(&operation->ctx.mbedtls_ctx); #endif /* MBEDTLS_PSA_BUILTIN_MAC */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_mac_abort( - &operation->ctx.transparent_test_driver_ctx ) ); + return mbedtls_test_transparent_mac_abort( + &operation->ctx.transparent_test_driver_ctx); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_mac_abort( - &operation->ctx.opaque_test_driver_ctx ) ); + return mbedtls_test_opaque_mac_abort( + &operation->ctx.opaque_test_driver_ctx); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 7cb88a0b4ead..9471099de9de 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -28,8 +28,8 @@ /* * Initialization and termination functions */ -psa_status_t psa_driver_wrapper_init( void ); -void psa_driver_wrapper_free( void ); +psa_status_t psa_driver_wrapper_init(void); +void psa_driver_wrapper_free(void); /* * Signature functions @@ -43,7 +43,7 @@ psa_status_t psa_driver_wrapper_sign_message( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ); + size_t *signature_length); psa_status_t psa_driver_wrapper_verify_message( const psa_key_attributes_t *attributes, @@ -53,19 +53,19 @@ psa_status_t psa_driver_wrapper_verify_message( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ); + size_t signature_length); psa_status_t psa_driver_wrapper_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); psa_status_t psa_driver_wrapper_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); /* * Key handling functions @@ -75,30 +75,30 @@ psa_status_t psa_driver_wrapper_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); + size_t *key_buffer_length, size_t *bits); psa_status_t psa_driver_wrapper_export_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); psa_status_t psa_driver_wrapper_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); psa_status_t psa_driver_wrapper_get_key_buffer_size( const psa_key_attributes_t *attributes, - size_t *key_buffer_size ); + size_t *key_buffer_size); psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); psa_status_t psa_driver_wrapper_get_builtin_key( psa_drv_slot_number_t slot_number, psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); /* * Cipher functions @@ -114,7 +114,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ); + size_t *output_length); psa_status_t psa_driver_wrapper_cipher_decrypt( const psa_key_attributes_t *attributes, @@ -125,24 +125,24 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ); + size_t *output_length); psa_status_t psa_driver_wrapper_cipher_encrypt_setup( psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t psa_driver_wrapper_cipher_decrypt_setup( psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t psa_driver_wrapper_cipher_set_iv( psa_cipher_operation_t *operation, const uint8_t *iv, - size_t iv_length ); + size_t iv_length); psa_status_t psa_driver_wrapper_cipher_update( psa_cipher_operation_t *operation, @@ -150,16 +150,16 @@ psa_status_t psa_driver_wrapper_cipher_update( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ); + size_t *output_length); psa_status_t psa_driver_wrapper_cipher_finish( psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, - size_t *output_length ); + size_t *output_length); psa_status_t psa_driver_wrapper_cipher_abort( - psa_cipher_operation_t *operation ); + psa_cipher_operation_t *operation); /* * Hashing functions @@ -174,25 +174,25 @@ psa_status_t psa_driver_wrapper_hash_compute( psa_status_t psa_driver_wrapper_hash_setup( psa_hash_operation_t *operation, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t psa_driver_wrapper_hash_clone( const psa_hash_operation_t *source_operation, - psa_hash_operation_t *target_operation ); + psa_hash_operation_t *target_operation); psa_status_t psa_driver_wrapper_hash_update( psa_hash_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); psa_status_t psa_driver_wrapper_hash_finish( psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, - size_t *hash_length ); + size_t *hash_length); psa_status_t psa_driver_wrapper_hash_abort( - psa_hash_operation_t *operation ); + psa_hash_operation_t *operation); /* * AEAD functions @@ -205,7 +205,7 @@ psa_status_t psa_driver_wrapper_aead_encrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ); + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length); psa_status_t psa_driver_wrapper_aead_decrypt( const psa_key_attributes_t *attributes, @@ -214,7 +214,7 @@ psa_status_t psa_driver_wrapper_aead_decrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ); + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length); /* * MAC functions @@ -228,40 +228,40 @@ psa_status_t psa_driver_wrapper_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); psa_status_t psa_driver_wrapper_mac_sign_setup( psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t psa_driver_wrapper_mac_verify_setup( psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t psa_driver_wrapper_mac_update( psa_mac_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); psa_status_t psa_driver_wrapper_mac_sign_finish( psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); psa_status_t psa_driver_wrapper_mac_verify_finish( psa_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ); + size_t mac_length); psa_status_t psa_driver_wrapper_mac_abort( - psa_mac_operation_t *operation ); + psa_mac_operation_t *operation); #endif /* PSA_CRYPTO_DRIVER_WRAPPERS_H */ diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 144d7fd2442d..ea0eb1be382b 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -44,25 +44,25 @@ psa_status_t mbedtls_psa_ecp_load_representation( psa_key_type_t type, size_t curve_bits, const uint8_t *data, size_t data_length, - mbedtls_ecp_keypair **p_ecp ) + mbedtls_ecp_keypair **p_ecp) { mbedtls_ecp_group_id grp_id = MBEDTLS_ECP_DP_NONE; psa_status_t status; mbedtls_ecp_keypair *ecp = NULL; size_t curve_bytes = data_length; - int explicit_bits = ( curve_bits != 0 ); + int explicit_bits = (curve_bits != 0); - if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) && - PSA_KEY_TYPE_ECC_GET_FAMILY( type ) != PSA_ECC_FAMILY_MONTGOMERY ) - { + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) && + PSA_KEY_TYPE_ECC_GET_FAMILY(type) != PSA_ECC_FAMILY_MONTGOMERY) { /* A Weierstrass public key is represented as: * - The byte 0x04; * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; * - `y_P` as a `ceiling(m/8)`-byte string, big-endian. * So its data length is 2m+1 where m is the curve size in bits. */ - if( ( data_length & 1 ) == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if ((data_length & 1) == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } curve_bytes = data_length / 2; /* Montgomery public keys are represented in compressed format, meaning @@ -72,31 +72,29 @@ psa_status_t mbedtls_psa_ecp_load_representation( * format, meaning their curve_bytes is equal to the amount of input. */ } - if( explicit_bits ) - { + if (explicit_bits) { /* With an explicit bit-size, the data must have the matching length. */ - if( curve_bytes != PSA_BITS_TO_BYTES( curve_bits ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - } - else - { + if (curve_bytes != PSA_BITS_TO_BYTES(curve_bits)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + } else { /* We need to infer the bit-size from the data. Since the only * information we have is the length in bytes, the value of curve_bits * at this stage is rounded up to the nearest multiple of 8. */ - curve_bits = PSA_BYTES_TO_BITS( curve_bytes ); + curve_bits = PSA_BYTES_TO_BITS(curve_bytes); } /* Allocate and initialize a key representation. */ - ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); - if( ecp == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - mbedtls_ecp_keypair_init( ecp ); + ecp = mbedtls_calloc(1, sizeof(mbedtls_ecp_keypair)); + if (ecp == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } + mbedtls_ecp_keypair_init(ecp); /* Load the group. */ - grp_id = mbedtls_ecc_group_of_psa( PSA_KEY_TYPE_ECC_GET_FAMILY( type ), - curve_bits, !explicit_bits ); - if( grp_id == MBEDTLS_ECP_DP_NONE ) - { + grp_id = mbedtls_ecc_group_of_psa(PSA_KEY_TYPE_ECC_GET_FAMILY(type), + curve_bits, !explicit_bits); + if (grp_id == MBEDTLS_ECP_DP_NONE) { /* We can't distinguish between a nonsensical family/size combination * (which would warrant PSA_ERROR_INVALID_ARGUMENT) and a * well-regarded curve that Mbed TLS just doesn't know about (which @@ -108,48 +106,48 @@ psa_status_t mbedtls_psa_ecp_load_representation( } status = mbedtls_to_psa_error( - mbedtls_ecp_group_load( &ecp->grp, grp_id ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecp_group_load(&ecp->grp, grp_id)); + if (status != PSA_SUCCESS) { goto exit; + } /* Load the key material. */ - if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) - { + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) { /* Load the public value. */ status = mbedtls_to_psa_error( - mbedtls_ecp_point_read_binary( &ecp->grp, &ecp->Q, - data, - data_length ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecp_point_read_binary(&ecp->grp, &ecp->Q, + data, + data_length)); + if (status != PSA_SUCCESS) { goto exit; + } /* Check that the point is on the curve. */ status = mbedtls_to_psa_error( - mbedtls_ecp_check_pubkey( &ecp->grp, &ecp->Q ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecp_check_pubkey(&ecp->grp, &ecp->Q)); + if (status != PSA_SUCCESS) { goto exit; - } - else - { + } + } else { /* Load and validate the secret value. */ status = mbedtls_to_psa_error( - mbedtls_ecp_read_key( ecp->grp.id, - ecp, - data, - data_length ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecp_read_key(ecp->grp.id, + ecp, + data, + data_length)); + if (status != PSA_SUCCESS) { goto exit; + } } *p_ecp = ecp; exit: - if( status != PSA_SUCCESS ) - { - mbedtls_ecp_keypair_free( ecp ); - mbedtls_free( ecp ); + if (status != PSA_SUCCESS) { + mbedtls_ecp_keypair_free(ecp); + mbedtls_free(ecp); } - return( status ); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || @@ -164,116 +162,119 @@ psa_status_t mbedtls_psa_ecp_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) + size_t *key_buffer_length, size_t *bits) { psa_status_t status; mbedtls_ecp_keypair *ecp = NULL; /* Parse input */ - status = mbedtls_psa_ecp_load_representation( attributes->core.type, - attributes->core.bits, - data, - data_length, - &ecp ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_ecp_load_representation(attributes->core.type, + attributes->core.bits, + data, + data_length, + &ecp); + if (status != PSA_SUCCESS) { goto exit; + } - if( PSA_KEY_TYPE_ECC_GET_FAMILY( attributes->core.type ) == - PSA_ECC_FAMILY_MONTGOMERY ) + if (PSA_KEY_TYPE_ECC_GET_FAMILY(attributes->core.type) == + PSA_ECC_FAMILY_MONTGOMERY) { *bits = ecp->grp.nbits + 1; - else + } else { *bits = ecp->grp.nbits; + } /* Re-export the data to PSA export format. There is currently no support * for other input formats then the export format, so this is a 1-1 * copy operation. */ - status = mbedtls_psa_ecp_export_key( attributes->core.type, - ecp, - key_buffer, - key_buffer_size, - key_buffer_length ); + status = mbedtls_psa_ecp_export_key(attributes->core.type, + ecp, + key_buffer, + key_buffer_size, + key_buffer_length); exit: /* Always free the PK object (will also free contained ECP context) */ - mbedtls_ecp_keypair_free( ecp ); - mbedtls_free( ecp ); + mbedtls_ecp_keypair_free(ecp); + mbedtls_free(ecp); - return( status ); + return status; } -psa_status_t mbedtls_psa_ecp_export_key( psa_key_type_t type, - mbedtls_ecp_keypair *ecp, - uint8_t *data, - size_t data_size, - size_t *data_length ) +psa_status_t mbedtls_psa_ecp_export_key(psa_key_type_t type, + mbedtls_ecp_keypair *ecp, + uint8_t *data, + size_t data_size, + size_t *data_length) { psa_status_t status; - if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) - { + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) { /* Check whether the public part is loaded */ - if( mbedtls_ecp_is_zero( &ecp->Q ) ) - { + if (mbedtls_ecp_is_zero(&ecp->Q)) { /* Calculate the public key */ status = mbedtls_to_psa_error( - mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE ) ); - if( status != PSA_SUCCESS ) - return( status ); + mbedtls_ecp_mul(&ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE)); + if (status != PSA_SUCCESS) { + return status; + } } status = mbedtls_to_psa_error( - mbedtls_ecp_point_write_binary( &ecp->grp, &ecp->Q, - MBEDTLS_ECP_PF_UNCOMPRESSED, - data_length, - data, - data_size ) ); - if( status != PSA_SUCCESS ) - memset( data, 0, data_size ); - - return( status ); - } - else - { - if( data_size < PSA_BITS_TO_BYTES( ecp->grp.nbits ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + mbedtls_ecp_point_write_binary(&ecp->grp, &ecp->Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + data_length, + data, + data_size)); + if (status != PSA_SUCCESS) { + memset(data, 0, data_size); + } + + return status; + } else { + if (data_size < PSA_BITS_TO_BYTES(ecp->grp.nbits)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } status = mbedtls_to_psa_error( - mbedtls_ecp_write_key( ecp, - data, - PSA_BITS_TO_BYTES( ecp->grp.nbits ) ) ); - if( status == PSA_SUCCESS ) - *data_length = PSA_BITS_TO_BYTES( ecp->grp.nbits ); - else - memset( data, 0, data_size ); + mbedtls_ecp_write_key(ecp, + data, + PSA_BITS_TO_BYTES(ecp->grp.nbits))); + if (status == PSA_SUCCESS) { + *data_length = PSA_BITS_TO_BYTES(ecp->grp.nbits); + } else { + memset(data, 0, data_size); + } - return( status ); + return status; } } psa_status_t mbedtls_psa_ecp_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; status = mbedtls_psa_ecp_load_representation( attributes->core.type, attributes->core.bits, - key_buffer, key_buffer_size, &ecp ); - if( status != PSA_SUCCESS ) - return( status ); + key_buffer, key_buffer_size, &ecp); + if (status != PSA_SUCCESS) { + return status; + } status = mbedtls_psa_ecp_export_key( - PSA_KEY_TYPE_ECC_PUBLIC_KEY( - PSA_KEY_TYPE_ECC_GET_FAMILY( attributes->core.type ) ), - ecp, data, data_size, data_length ); + PSA_KEY_TYPE_ECC_PUBLIC_KEY( + PSA_KEY_TYPE_ECC_GET_FAMILY(attributes->core.type)), + ecp, data, data_size, data_length); - mbedtls_ecp_keypair_free( ecp ); - mbedtls_free( ecp ); + mbedtls_ecp_keypair_free(ecp); + mbedtls_free(ecp); - return( status ); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ @@ -281,45 +282,47 @@ psa_status_t mbedtls_psa_ecp_export_public_key( #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) psa_status_t mbedtls_psa_ecp_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( - attributes->core.type ); + attributes->core.type); mbedtls_ecp_group_id grp_id = - mbedtls_ecc_group_of_psa( curve, attributes->core.bits, 0 ); + mbedtls_ecc_group_of_psa(curve, attributes->core.bits, 0); const mbedtls_ecp_curve_info *curve_info = - mbedtls_ecp_curve_info_from_grp_id( grp_id ); + mbedtls_ecp_curve_info_from_grp_id(grp_id); mbedtls_ecp_keypair ecp; - if( attributes->domain_parameters_size != 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (attributes->domain_parameters_size != 0) { + return PSA_ERROR_NOT_SUPPORTED; + } - if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } - mbedtls_ecp_keypair_init( &ecp ); - ret = mbedtls_ecp_gen_key( grp_id, &ecp, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE ); - if( ret != 0 ) - { - mbedtls_ecp_keypair_free( &ecp ); - return( mbedtls_to_psa_error( ret ) ); + mbedtls_ecp_keypair_init(&ecp); + ret = mbedtls_ecp_gen_key(grp_id, &ecp, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE); + if (ret != 0) { + mbedtls_ecp_keypair_free(&ecp); + return mbedtls_to_psa_error(ret); } status = mbedtls_to_psa_error( - mbedtls_ecp_write_key( &ecp, key_buffer, key_buffer_size ) ); + mbedtls_ecp_write_key(&ecp, key_buffer, key_buffer_size)); - mbedtls_ecp_keypair_free( &ecp ); + mbedtls_ecp_keypair_free(&ecp); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { *key_buffer_length = key_buffer_size; + } - return( status ); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ @@ -333,7 +336,7 @@ psa_status_t mbedtls_psa_ecdsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + uint8_t *signature, size_t signature_size, size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; @@ -341,73 +344,71 @@ psa_status_t mbedtls_psa_ecdsa_sign_hash( size_t curve_bytes; mbedtls_mpi r, s; - status = mbedtls_psa_ecp_load_representation( attributes->core.type, - attributes->core.bits, - key_buffer, - key_buffer_size, - &ecp ); - if( status != PSA_SUCCESS ) - return( status ); + status = mbedtls_psa_ecp_load_representation(attributes->core.type, + attributes->core.bits, + key_buffer, + key_buffer_size, + &ecp); + if (status != PSA_SUCCESS) { + return status; + } - curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits ); - mbedtls_mpi_init( &r ); - mbedtls_mpi_init( &s ); + curve_bytes = PSA_BITS_TO_BYTES(ecp->grp.pbits); + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); - if( signature_size < 2 * curve_bytes ) - { + if (signature_size < 2 * curve_bytes) { ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; goto cleanup; } - if( PSA_ALG_ECDSA_IS_DETERMINISTIC( alg ) ) - { + if (PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); - mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info ); - MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det_ext( - &ecp->grp, &r, &s, - &ecp->d, hash, - hash_length, md_alg, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE ) ); + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg); + mbedtls_md_type_t md_alg = mbedtls_md_get_type(md_info); + MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_det_ext( + &ecp->grp, &r, &s, + &ecp->d, hash, + hash_length, md_alg, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE)); #else - ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; - goto cleanup; + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + goto cleanup; #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ - } - else - { + } else { (void) alg; - MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d, - hash, hash_length, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE ) ); + MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(&ecp->grp, &r, &s, &ecp->d, + hash, hash_length, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE)); } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r, - signature, - curve_bytes ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s, - signature + curve_bytes, - curve_bytes ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&r, + signature, + curve_bytes)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&s, + signature + curve_bytes, + curve_bytes)); cleanup: - mbedtls_mpi_free( &r ); - mbedtls_mpi_free( &s ); - if( ret == 0 ) + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); + if (ret == 0) { *signature_length = 2 * curve_bytes; + } - mbedtls_ecp_keypair_free( ecp ); - mbedtls_free( ecp ); + mbedtls_ecp_keypair_free(ecp); + mbedtls_free(ecp); - return( mbedtls_to_psa_error( ret ) ); + return mbedtls_to_psa_error(ret); } psa_status_t mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) + const uint8_t *signature, size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; @@ -415,51 +416,50 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( size_t curve_bytes; mbedtls_mpi r, s; - (void)alg; + (void) alg; - status = mbedtls_psa_ecp_load_representation( attributes->core.type, - attributes->core.bits, - key_buffer, - key_buffer_size, - &ecp ); - if( status != PSA_SUCCESS ) - return( status ); + status = mbedtls_psa_ecp_load_representation(attributes->core.type, + attributes->core.bits, + key_buffer, + key_buffer_size, + &ecp); + if (status != PSA_SUCCESS) { + return status; + } - curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits ); - mbedtls_mpi_init( &r ); - mbedtls_mpi_init( &s ); + curve_bytes = PSA_BITS_TO_BYTES(ecp->grp.pbits); + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); - if( signature_length != 2 * curve_bytes ) - { + if (signature_length != 2 * curve_bytes) { ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r, - signature, - curve_bytes ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s, - signature + curve_bytes, - curve_bytes ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&r, + signature, + curve_bytes)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&s, + signature + curve_bytes, + curve_bytes)); /* Check whether the public part is loaded. If not, load it. */ - if( mbedtls_ecp_is_zero( &ecp->Q ) ) - { + if (mbedtls_ecp_is_zero(&ecp->Q)) { MBEDTLS_MPI_CHK( - mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G, - mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE ) ); + mbedtls_ecp_mul(&ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G, + mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE)); } - ret = mbedtls_ecdsa_verify( &ecp->grp, hash, hash_length, - &ecp->Q, &r, &s ); + ret = mbedtls_ecdsa_verify(&ecp->grp, hash, hash_length, + &ecp->Q, &r, &s); cleanup: - mbedtls_mpi_free( &r ); - mbedtls_mpi_free( &s ); - mbedtls_ecp_keypair_free( ecp ); - mbedtls_free( ecp ); + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); + mbedtls_ecp_keypair_free(ecp); + mbedtls_free(ecp); - return( mbedtls_to_psa_error( ret ) ); + return mbedtls_to_psa_error(ret); } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h index feddd8a1ed0a..b6dc2473af9f 100644 --- a/library/psa_crypto_ecp.h +++ b/library/psa_crypto_ecp.h @@ -42,11 +42,11 @@ * contents of the context and the context itself * when done. */ -psa_status_t mbedtls_psa_ecp_load_representation( psa_key_type_t type, - size_t curve_bits, - const uint8_t *data, - size_t data_length, - mbedtls_ecp_keypair **p_ecp ); +psa_status_t mbedtls_psa_ecp_load_representation(psa_key_type_t type, + size_t curve_bits, + const uint8_t *data, + size_t data_length, + mbedtls_ecp_keypair **p_ecp); /** Import an ECP key in binary format. * @@ -78,7 +78,7 @@ psa_status_t mbedtls_psa_ecp_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); + size_t *key_buffer_length, size_t *bits); /** Export an ECP key to export representation * @@ -88,11 +88,11 @@ psa_status_t mbedtls_psa_ecp_import_key( * \param[in] data_size The length of the buffer to export to * \param[out] data_length The amount of bytes written to \p data */ -psa_status_t mbedtls_psa_ecp_export_key( psa_key_type_t type, - mbedtls_ecp_keypair *ecp, - uint8_t *data, - size_t data_size, - size_t *data_length ); +psa_status_t mbedtls_psa_ecp_export_key(psa_key_type_t type, + mbedtls_ecp_keypair *ecp, + uint8_t *data, + size_t data_size, + size_t *data_length); /** Export an ECP public key or the public part of an ECP key pair in binary * format. @@ -121,7 +121,7 @@ psa_status_t mbedtls_psa_ecp_export_key( psa_key_type_t type, psa_status_t mbedtls_psa_ecp_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); /** * \brief Generate an ECP key. @@ -144,7 +144,7 @@ psa_status_t mbedtls_psa_ecp_export_public_key( */ psa_status_t mbedtls_psa_ecp_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); /** Sign an already-calculated hash with ECDSA. * @@ -182,7 +182,7 @@ psa_status_t mbedtls_psa_ecdsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); /** * \brief Verify an ECDSA hash or short message signature. @@ -217,6 +217,6 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); #endif /* PSA_CRYPTO_ECP_H */ diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 337e557b078a..ef73320416e2 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -33,48 +33,47 @@ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) -const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) +const mbedtls_md_info_t *mbedtls_md_info_from_psa(psa_algorithm_t alg) { - switch( alg ) - { + switch (alg) { #if defined(MBEDTLS_MD2_C) case PSA_ALG_MD2: - return( &mbedtls_md2_info ); + return &mbedtls_md2_info; #endif #if defined(MBEDTLS_MD4_C) case PSA_ALG_MD4: - return( &mbedtls_md4_info ); + return &mbedtls_md4_info; #endif #if defined(MBEDTLS_MD5_C) case PSA_ALG_MD5: - return( &mbedtls_md5_info ); + return &mbedtls_md5_info; #endif #if defined(MBEDTLS_RIPEMD160_C) case PSA_ALG_RIPEMD160: - return( &mbedtls_ripemd160_info ); + return &mbedtls_ripemd160_info; #endif #if defined(MBEDTLS_SHA1_C) case PSA_ALG_SHA_1: - return( &mbedtls_sha1_info ); + return &mbedtls_sha1_info; #endif #if defined(MBEDTLS_SHA256_C) case PSA_ALG_SHA_224: - return( &mbedtls_sha224_info ); + return &mbedtls_sha224_info; #endif #if defined(MBEDTLS_SHA256_C) case PSA_ALG_SHA_256: - return( &mbedtls_sha256_info ); + return &mbedtls_sha256_info; #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) case PSA_ALG_SHA_384: - return( &mbedtls_sha384_info ); + return &mbedtls_sha384_info; #endif #if defined(MBEDTLS_SHA512_C) case PSA_ALG_SHA_512: - return( &mbedtls_sha512_info ); + return &mbedtls_sha512_info; #endif default: - return( NULL ); + return NULL; } } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || @@ -84,10 +83,9 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) #if defined(MBEDTLS_PSA_BUILTIN_HASH) psa_status_t mbedtls_psa_hash_abort( - mbedtls_psa_hash_operation_t *operation ) + mbedtls_psa_hash_operation_t *operation) { - switch( operation->alg ) - { + switch (operation->alg) { case 0: /* The object has (apparently) been initialized but it is not * in use. It's ok to call abort on such an object, and there's @@ -95,289 +93,286 @@ psa_status_t mbedtls_psa_hash_abort( break; #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: - mbedtls_md2_free( &operation->ctx.md2 ); + mbedtls_md2_free(&operation->ctx.md2); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: - mbedtls_md4_free( &operation->ctx.md4 ); + mbedtls_md4_free(&operation->ctx.md4); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: - mbedtls_md5_free( &operation->ctx.md5 ); + mbedtls_md5_free(&operation->ctx.md5); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - mbedtls_ripemd160_free( &operation->ctx.ripemd160 ); + mbedtls_ripemd160_free(&operation->ctx.ripemd160); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: - mbedtls_sha1_free( &operation->ctx.sha1 ); + mbedtls_sha1_free(&operation->ctx.sha1); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: - mbedtls_sha256_free( &operation->ctx.sha256 ); + mbedtls_sha256_free(&operation->ctx.sha256); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: - mbedtls_sha256_free( &operation->ctx.sha256 ); + mbedtls_sha256_free(&operation->ctx.sha256); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: - mbedtls_sha512_free( &operation->ctx.sha512 ); + mbedtls_sha512_free(&operation->ctx.sha512); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: - mbedtls_sha512_free( &operation->ctx.sha512 ); + mbedtls_sha512_free(&operation->ctx.sha512); break; #endif default: - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } operation->alg = 0; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t mbedtls_psa_hash_setup( mbedtls_psa_hash_operation_t *operation, - psa_algorithm_t alg ) + psa_algorithm_t alg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* A context must be freshly initialized before it can be set up. */ - if( operation->alg != 0 ) - { - return( PSA_ERROR_BAD_STATE ); + if (operation->alg != 0) { + return PSA_ERROR_BAD_STATE; } - switch( alg ) - { + switch (alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: - mbedtls_md2_init( &operation->ctx.md2 ); - ret = mbedtls_md2_starts_ret( &operation->ctx.md2 ); + mbedtls_md2_init(&operation->ctx.md2); + ret = mbedtls_md2_starts_ret(&operation->ctx.md2); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: - mbedtls_md4_init( &operation->ctx.md4 ); - ret = mbedtls_md4_starts_ret( &operation->ctx.md4 ); + mbedtls_md4_init(&operation->ctx.md4); + ret = mbedtls_md4_starts_ret(&operation->ctx.md4); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: - mbedtls_md5_init( &operation->ctx.md5 ); - ret = mbedtls_md5_starts_ret( &operation->ctx.md5 ); + mbedtls_md5_init(&operation->ctx.md5); + ret = mbedtls_md5_starts_ret(&operation->ctx.md5); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - mbedtls_ripemd160_init( &operation->ctx.ripemd160 ); - ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 ); + mbedtls_ripemd160_init(&operation->ctx.ripemd160); + ret = mbedtls_ripemd160_starts_ret(&operation->ctx.ripemd160); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: - mbedtls_sha1_init( &operation->ctx.sha1 ); - ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 ); + mbedtls_sha1_init(&operation->ctx.sha1); + ret = mbedtls_sha1_starts_ret(&operation->ctx.sha1); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: - mbedtls_sha256_init( &operation->ctx.sha256 ); - ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 ); + mbedtls_sha256_init(&operation->ctx.sha256); + ret = mbedtls_sha256_starts_ret(&operation->ctx.sha256, 1); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: - mbedtls_sha256_init( &operation->ctx.sha256 ); - ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 ); + mbedtls_sha256_init(&operation->ctx.sha256); + ret = mbedtls_sha256_starts_ret(&operation->ctx.sha256, 0); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: - mbedtls_sha512_init( &operation->ctx.sha512 ); - ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 ); + mbedtls_sha512_init(&operation->ctx.sha512); + ret = mbedtls_sha512_starts_ret(&operation->ctx.sha512, 1); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: - mbedtls_sha512_init( &operation->ctx.sha512 ); - ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 ); + mbedtls_sha512_init(&operation->ctx.sha512); + ret = mbedtls_sha512_starts_ret(&operation->ctx.sha512, 0); break; #endif default: - return( PSA_ALG_IS_HASH( alg ) ? - PSA_ERROR_NOT_SUPPORTED : - PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ALG_IS_HASH(alg) ? + PSA_ERROR_NOT_SUPPORTED : + PSA_ERROR_INVALID_ARGUMENT; } - if( ret == 0 ) + if (ret == 0) { operation->alg = alg; - else - mbedtls_psa_hash_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); + } else { + mbedtls_psa_hash_abort(operation); + } + return mbedtls_to_psa_error(ret); } psa_status_t mbedtls_psa_hash_clone( const mbedtls_psa_hash_operation_t *source_operation, - mbedtls_psa_hash_operation_t *target_operation ) + mbedtls_psa_hash_operation_t *target_operation) { - switch( source_operation->alg ) - { + switch (source_operation->alg) { case 0: - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: - mbedtls_md2_clone( &target_operation->ctx.md2, - &source_operation->ctx.md2 ); + mbedtls_md2_clone(&target_operation->ctx.md2, + &source_operation->ctx.md2); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: - mbedtls_md4_clone( &target_operation->ctx.md4, - &source_operation->ctx.md4 ); + mbedtls_md4_clone(&target_operation->ctx.md4, + &source_operation->ctx.md4); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: - mbedtls_md5_clone( &target_operation->ctx.md5, - &source_operation->ctx.md5 ); + mbedtls_md5_clone(&target_operation->ctx.md5, + &source_operation->ctx.md5); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160, - &source_operation->ctx.ripemd160 ); + mbedtls_ripemd160_clone(&target_operation->ctx.ripemd160, + &source_operation->ctx.ripemd160); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: - mbedtls_sha1_clone( &target_operation->ctx.sha1, - &source_operation->ctx.sha1 ); + mbedtls_sha1_clone(&target_operation->ctx.sha1, + &source_operation->ctx.sha1); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: - mbedtls_sha256_clone( &target_operation->ctx.sha256, - &source_operation->ctx.sha256 ); + mbedtls_sha256_clone(&target_operation->ctx.sha256, + &source_operation->ctx.sha256); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: - mbedtls_sha256_clone( &target_operation->ctx.sha256, - &source_operation->ctx.sha256 ); + mbedtls_sha256_clone(&target_operation->ctx.sha256, + &source_operation->ctx.sha256); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: - mbedtls_sha512_clone( &target_operation->ctx.sha512, - &source_operation->ctx.sha512 ); + mbedtls_sha512_clone(&target_operation->ctx.sha512, + &source_operation->ctx.sha512); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: - mbedtls_sha512_clone( &target_operation->ctx.sha512, - &source_operation->ctx.sha512 ); + mbedtls_sha512_clone(&target_operation->ctx.sha512, + &source_operation->ctx.sha512); break; #endif default: (void) source_operation; (void) target_operation; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } target_operation->alg = source_operation->alg; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t mbedtls_psa_hash_update( mbedtls_psa_hash_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - switch( operation->alg ) - { + switch (operation->alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: - ret = mbedtls_md2_update_ret( &operation->ctx.md2, - input, input_length ); + ret = mbedtls_md2_update_ret(&operation->ctx.md2, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: - ret = mbedtls_md4_update_ret( &operation->ctx.md4, - input, input_length ); + ret = mbedtls_md4_update_ret(&operation->ctx.md4, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: - ret = mbedtls_md5_update_ret( &operation->ctx.md5, - input, input_length ); + ret = mbedtls_md5_update_ret(&operation->ctx.md5, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160, - input, input_length ); + ret = mbedtls_ripemd160_update_ret(&operation->ctx.ripemd160, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: - ret = mbedtls_sha1_update_ret( &operation->ctx.sha1, - input, input_length ); + ret = mbedtls_sha1_update_ret(&operation->ctx.sha1, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: - ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, - input, input_length ); + ret = mbedtls_sha256_update_ret(&operation->ctx.sha256, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: - ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, - input, input_length ); + ret = mbedtls_sha256_update_ret(&operation->ctx.sha256, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: - ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, - input, input_length ); + ret = mbedtls_sha512_update_ret(&operation->ctx.sha512, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: - ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, - input, input_length ); + ret = mbedtls_sha512_update_ret(&operation->ctx.sha512, + input, input_length); break; #endif default: (void) input; (void) input_length; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } - return( mbedtls_to_psa_error( ret ) ); + return mbedtls_to_psa_error(ret); } psa_status_t mbedtls_psa_hash_finish( mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, - size_t *hash_length ) + size_t *hash_length) { psa_status_t status; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t actual_hash_length = PSA_HASH_LENGTH( operation->alg ); + size_t actual_hash_length = PSA_HASH_LENGTH(operation->alg); /* Fill the output buffer with something that isn't a valid hash * (barring an attack on the hash and deliberately-crafted input), @@ -385,72 +380,72 @@ psa_status_t mbedtls_psa_hash_finish( *hash_length = hash_size; /* If hash_size is 0 then hash may be NULL and then the * call to memset would have undefined behavior. */ - if( hash_size != 0 ) - memset( hash, '!', hash_size ); + if (hash_size != 0) { + memset(hash, '!', hash_size); + } - if( hash_size < actual_hash_length ) - { + if (hash_size < actual_hash_length) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } - switch( operation->alg ) - { + switch (operation->alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: - ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash ); + ret = mbedtls_md2_finish_ret(&operation->ctx.md2, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: - ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash ); + ret = mbedtls_md4_finish_ret(&operation->ctx.md4, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: - ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash ); + ret = mbedtls_md5_finish_ret(&operation->ctx.md5, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash ); + ret = mbedtls_ripemd160_finish_ret(&operation->ctx.ripemd160, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: - ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash ); + ret = mbedtls_sha1_finish_ret(&operation->ctx.sha1, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: - ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); + ret = mbedtls_sha256_finish_ret(&operation->ctx.sha256, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: - ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); + ret = mbedtls_sha256_finish_ret(&operation->ctx.sha256, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: - ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); + ret = mbedtls_sha512_finish_ret(&operation->ctx.sha512, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: - ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); + ret = mbedtls_sha512_finish_ret(&operation->ctx.sha512, hash); break; #endif default: (void) hash; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } - status = mbedtls_to_psa_error( ret ); + status = mbedtls_to_psa_error(ret); exit: - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { *hash_length = actual_hash_length; - return( status ); + } + return status; } psa_status_t mbedtls_psa_hash_compute( @@ -466,22 +461,26 @@ psa_status_t mbedtls_psa_hash_compute( psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; *hash_length = hash_size; - status = mbedtls_psa_hash_setup( &operation, alg ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_hash_setup(&operation, alg); + if (status != PSA_SUCCESS) { goto exit; - status = mbedtls_psa_hash_update( &operation, input, input_length ); - if( status != PSA_SUCCESS ) + } + status = mbedtls_psa_hash_update(&operation, input, input_length); + if (status != PSA_SUCCESS) { goto exit; - status = mbedtls_psa_hash_finish( &operation, hash, hash_size, hash_length ); - if( status != PSA_SUCCESS ) + } + status = mbedtls_psa_hash_finish(&operation, hash, hash_size, hash_length); + if (status != PSA_SUCCESS) { goto exit; + } exit: - abort_status = mbedtls_psa_hash_abort( &operation ); - if( status == PSA_SUCCESS ) - return( abort_status ); - else - return( status ); + abort_status = mbedtls_psa_hash_abort(&operation); + if (status == PSA_SUCCESS) { + return abort_status; + } else { + return status; + } } #endif /* MBEDTLS_PSA_BUILTIN_HASH */ diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index b99b94286df2..ab07231ed23a 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -32,7 +32,7 @@ * \return The Mbed TLS MD information of the hash algorithm. \c NULL if the * PSA hash algorithm is not supported. */ -const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ); +const mbedtls_md_info_t *mbedtls_md_info_from_psa(psa_algorithm_t alg); /** Calculate the hash (digest) of a message using Mbed TLS routines. * @@ -102,7 +102,7 @@ psa_status_t mbedtls_psa_hash_compute( */ psa_status_t mbedtls_psa_hash_setup( mbedtls_psa_hash_operation_t *operation, - psa_algorithm_t alg ); + psa_algorithm_t alg); /** Clone an Mbed TLS hash operation. * @@ -134,7 +134,7 @@ psa_status_t mbedtls_psa_hash_setup( */ psa_status_t mbedtls_psa_hash_clone( const mbedtls_psa_hash_operation_t *source_operation, - mbedtls_psa_hash_operation_t *target_operation ); + mbedtls_psa_hash_operation_t *target_operation); /** Add a message fragment to a multipart Mbed TLS hash operation. * @@ -162,7 +162,7 @@ psa_status_t mbedtls_psa_hash_clone( psa_status_t mbedtls_psa_hash_update( mbedtls_psa_hash_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); /** Finish the calculation of the Mbed TLS-calculated hash of a message. * @@ -202,7 +202,7 @@ psa_status_t mbedtls_psa_hash_finish( mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, - size_t *hash_length ); + size_t *hash_length); /** Abort an Mbed TLS hash operation. * @@ -229,6 +229,6 @@ psa_status_t mbedtls_psa_hash_finish( * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t mbedtls_psa_hash_abort( - mbedtls_psa_hash_operation_t *operation ); + mbedtls_psa_hash_operation_t *operation); #endif /* PSA_CRYPTO_HASH_H */ diff --git a/library/psa_crypto_invasive.h b/library/psa_crypto_invasive.h index 1e5a407118bf..58e357e3799c 100644 --- a/library/psa_crypto_invasive.h +++ b/library/psa_crypto_invasive.h @@ -73,14 +73,14 @@ * The library has already been initialized. */ psa_status_t mbedtls_psa_crypto_configure_entropy_sources( - void (* entropy_init )( mbedtls_entropy_context *ctx ), - void (* entropy_free )( mbedtls_entropy_context *ctx ) ); + void (* entropy_init)(mbedtls_entropy_context *ctx), + void (* entropy_free)(mbedtls_entropy_context *ctx)); #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */ #if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C) psa_status_t psa_mac_key_can_do( psa_algorithm_t algorithm, - psa_key_type_t key_type ); + psa_key_type_t key_type); #endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_PSA_CRYPTO_C */ #endif /* PSA_CRYPTO_INVASIVE_H */ diff --git a/library/psa_crypto_its.h b/library/psa_crypto_its.h index 90e761237eab..3ceee49bea94 100644 --- a/library/psa_crypto_its.h +++ b/library/psa_crypto_its.h @@ -45,8 +45,7 @@ typedef uint64_t psa_storage_uid_t; /** * \brief A container for metadata associated with a specific uid */ -struct psa_storage_info_t -{ +struct psa_storage_info_t { uint32_t size; /**< The size of the data associated with a uid **/ psa_storage_create_flags_t flags; /**< The flags set when the uid was created **/ }; @@ -104,7 +103,7 @@ psa_status_t psa_its_get(psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data, - size_t *p_data_length ); + size_t *p_data_length); /** * \brief Retrieve the metadata about the provided uid diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index d771e23e1b2d..07f123ee0551 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -33,22 +33,22 @@ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) static psa_status_t psa_hmac_abort_internal( - mbedtls_psa_hmac_operation_t *hmac ) + mbedtls_psa_hmac_operation_t *hmac) { - mbedtls_platform_zeroize( hmac->opad, sizeof( hmac->opad ) ); - return( psa_hash_abort( &hmac->hash_ctx ) ); + mbedtls_platform_zeroize(hmac->opad, sizeof(hmac->opad)); + return psa_hash_abort(&hmac->hash_ctx); } static psa_status_t psa_hmac_setup_internal( mbedtls_psa_hmac_operation_t *hmac, const uint8_t *key, size_t key_length, - psa_algorithm_t hash_alg ) + psa_algorithm_t hash_alg) { uint8_t ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; size_t i; - size_t hash_size = PSA_HASH_LENGTH( hash_alg ); - size_t block_size = PSA_HASH_BLOCK_LENGTH( hash_alg ); + size_t hash_size = PSA_HASH_LENGTH(hash_alg); + size_t block_size = PSA_HASH_BLOCK_LENGTH(hash_alg); psa_status_t status; hmac->alg = hash_alg; @@ -59,134 +59,149 @@ static psa_status_t psa_hmac_setup_internal( /* The size checks against the ipad and opad buffers cannot be written * `block_size > sizeof( ipad ) || block_size > sizeof( hmac->opad )` * because that triggers -Wlogical-op on GCC 7.3. */ - if( block_size > sizeof( ipad ) ) - return( PSA_ERROR_NOT_SUPPORTED ); - if( block_size > sizeof( hmac->opad ) ) - return( PSA_ERROR_NOT_SUPPORTED ); - if( block_size < hash_size ) - return( PSA_ERROR_NOT_SUPPORTED ); - - if( key_length > block_size ) - { - status = psa_hash_compute( hash_alg, key, key_length, - ipad, sizeof( ipad ), &key_length ); - if( status != PSA_SUCCESS ) + if (block_size > sizeof(ipad)) { + return PSA_ERROR_NOT_SUPPORTED; + } + if (block_size > sizeof(hmac->opad)) { + return PSA_ERROR_NOT_SUPPORTED; + } + if (block_size < hash_size) { + return PSA_ERROR_NOT_SUPPORTED; + } + + if (key_length > block_size) { + status = psa_hash_compute(hash_alg, key, key_length, + ipad, sizeof(ipad), &key_length); + if (status != PSA_SUCCESS) { goto cleanup; + } } /* A 0-length key is not commonly used in HMAC when used as a MAC, * but it is permitted. It is common when HMAC is used in HKDF, for * example. Don't call `memcpy` in the 0-length because `key` could be * an invalid pointer which would make the behavior undefined. */ - else if( key_length != 0 ) - memcpy( ipad, key, key_length ); + else if (key_length != 0) { + memcpy(ipad, key, key_length); + } /* ipad contains the key followed by garbage. Xor and fill with 0x36 * to create the ipad value. */ - for( i = 0; i < key_length; i++ ) + for (i = 0; i < key_length; i++) { ipad[i] ^= 0x36; - memset( ipad + key_length, 0x36, block_size - key_length ); + } + memset(ipad + key_length, 0x36, block_size - key_length); /* Copy the key material from ipad to opad, flipping the requisite bits, * and filling the rest of opad with the requisite constant. */ - for( i = 0; i < key_length; i++ ) + for (i = 0; i < key_length; i++) { hmac->opad[i] = ipad[i] ^ 0x36 ^ 0x5C; - memset( hmac->opad + key_length, 0x5C, block_size - key_length ); + } + memset(hmac->opad + key_length, 0x5C, block_size - key_length); - status = psa_hash_setup( &hmac->hash_ctx, hash_alg ); - if( status != PSA_SUCCESS ) + status = psa_hash_setup(&hmac->hash_ctx, hash_alg); + if (status != PSA_SUCCESS) { goto cleanup; + } - status = psa_hash_update( &hmac->hash_ctx, ipad, block_size ); + status = psa_hash_update(&hmac->hash_ctx, ipad, block_size); cleanup: - mbedtls_platform_zeroize( ipad, sizeof( ipad ) ); + mbedtls_platform_zeroize(ipad, sizeof(ipad)); - return( status ); + return status; } static psa_status_t psa_hmac_update_internal( mbedtls_psa_hmac_operation_t *hmac, const uint8_t *data, - size_t data_length ) + size_t data_length) { - return( psa_hash_update( &hmac->hash_ctx, data, data_length ) ); + return psa_hash_update(&hmac->hash_ctx, data, data_length); } static psa_status_t psa_hmac_finish_internal( mbedtls_psa_hmac_operation_t *hmac, uint8_t *mac, - size_t mac_size ) + size_t mac_size) { uint8_t tmp[PSA_HASH_MAX_SIZE]; psa_algorithm_t hash_alg = hmac->alg; size_t hash_size = 0; - size_t block_size = PSA_HASH_BLOCK_LENGTH( hash_alg ); + size_t block_size = PSA_HASH_BLOCK_LENGTH(hash_alg); psa_status_t status; - status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_hash_finish(&hmac->hash_ctx, tmp, sizeof(tmp), &hash_size); + if (status != PSA_SUCCESS) { + return status; + } /* From here on, tmp needs to be wiped. */ - status = psa_hash_setup( &hmac->hash_ctx, hash_alg ); - if( status != PSA_SUCCESS ) + status = psa_hash_setup(&hmac->hash_ctx, hash_alg); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_hash_update( &hmac->hash_ctx, hmac->opad, block_size ); - if( status != PSA_SUCCESS ) + status = psa_hash_update(&hmac->hash_ctx, hmac->opad, block_size); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_hash_update( &hmac->hash_ctx, tmp, hash_size ); - if( status != PSA_SUCCESS ) + status = psa_hash_update(&hmac->hash_ctx, tmp, hash_size); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size ); - if( status != PSA_SUCCESS ) + status = psa_hash_finish(&hmac->hash_ctx, tmp, sizeof(tmp), &hash_size); + if (status != PSA_SUCCESS) { goto exit; + } - memcpy( mac, tmp, mac_size ); + memcpy(mac, tmp, mac_size); exit: - mbedtls_platform_zeroize( tmp, hash_size ); - return( status ); + mbedtls_platform_zeroize(tmp, hash_size); + return status; } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) -static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer ) +static psa_status_t cmac_setup(mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(PSA_WANT_KEY_TYPE_DES) /* Mbed TLS CMAC does not accept 3DES with only two keys, nor does it accept * to do CMAC with pure DES, so return NOT_SUPPORTED here. */ - if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_DES && - ( psa_get_key_bits( attributes ) == 64 || - psa_get_key_bits( attributes ) == 128 ) ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (psa_get_key_type(attributes) == PSA_KEY_TYPE_DES && + (psa_get_key_bits(attributes) == 64 || + psa_get_key_bits(attributes) == 128)) { + return PSA_ERROR_NOT_SUPPORTED; + } #endif - const mbedtls_cipher_info_t * cipher_info = + const mbedtls_cipher_info_t *cipher_info = mbedtls_cipher_info_from_psa( PSA_ALG_CMAC, - psa_get_key_type( attributes ), - psa_get_key_bits( attributes ), - NULL ); + psa_get_key_type(attributes), + psa_get_key_bits(attributes), + NULL); - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (cipher_info == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } - ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info ); - if( ret != 0 ) + ret = mbedtls_cipher_setup(&operation->ctx.cmac, cipher_info); + if (ret != 0) { goto exit; + } - ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac, - key_buffer, - psa_get_key_bits( attributes ) ); + ret = mbedtls_cipher_cmac_starts(&operation->ctx.cmac, + key_buffer, + psa_get_key_bits(attributes)); exit: - return( mbedtls_to_psa_error( ret ) ); + return mbedtls_to_psa_error(ret); } #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ @@ -197,62 +212,53 @@ static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation, * called, mbedtls_psa_mac_abort can run and will do the right thing. */ static psa_status_t mac_init( mbedtls_psa_mac_operation_t *operation, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; operation->alg = alg; #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) - if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) - { - mbedtls_cipher_init( &operation->ctx.cmac ); + if (PSA_ALG_FULL_LENGTH_MAC(operation->alg) == PSA_ALG_CMAC) { + mbedtls_cipher_init(&operation->ctx.cmac); status = PSA_SUCCESS; - } - else + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) - if( PSA_ALG_IS_HMAC( operation->alg ) ) - { + if (PSA_ALG_IS_HMAC(operation->alg)) { /* We'll set up the hash operation later in psa_hmac_setup_internal. */ operation->ctx.hmac.alg = 0; status = PSA_SUCCESS; - } - else + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { (void) operation; status = PSA_ERROR_NOT_SUPPORTED; } - if( status != PSA_SUCCESS ) - memset( operation, 0, sizeof( *operation ) ); - return( status ); + if (status != PSA_SUCCESS) { + memset(operation, 0, sizeof(*operation)); + } + return status; } -psa_status_t mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation ) +psa_status_t mbedtls_psa_mac_abort(mbedtls_psa_mac_operation_t *operation) { - if( operation->alg == 0 ) - { + if (operation->alg == 0) { /* The object has (apparently) been initialized but it is not * in use. It's ok to call abort on such an object, and there's * nothing to do. */ - return( PSA_SUCCESS ); - } - else + return PSA_SUCCESS; + } else #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) - if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) - { - mbedtls_cipher_free( &operation->ctx.cmac ); - } - else + if (PSA_ALG_FULL_LENGTH_MAC(operation->alg) == PSA_ALG_CMAC) { + mbedtls_cipher_free(&operation->ctx.cmac); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) - if( PSA_ALG_IS_HMAC( operation->alg ) ) - { - psa_hmac_abort_internal( &operation->ctx.hmac ); - } - else + if (PSA_ALG_IS_HMAC(operation->alg)) { + psa_hmac_abort_internal(&operation->ctx.hmac); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { /* Sanity check (shouldn't happen: operation->alg should @@ -262,52 +268,50 @@ psa_status_t mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation ) operation->alg = 0; - return( PSA_SUCCESS ); + return PSA_SUCCESS; bad_state: /* If abort is called on an uninitialized object, we can't trust * anything. Wipe the object in case it contains confidential data. * This may result in a memory leak if a pointer gets overwritten, * but it's too late to do anything about this. */ - memset( operation, 0, sizeof( *operation ) ); - return( PSA_ERROR_BAD_STATE ); + memset(operation, 0, sizeof(*operation)); + return PSA_ERROR_BAD_STATE; } -static psa_status_t psa_mac_setup( mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) +static psa_status_t psa_mac_setup(mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* A context must be freshly initialized before it can be set up. */ - if( operation->alg != 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->alg != 0) { + return PSA_ERROR_BAD_STATE; + } - status = mac_init( operation, alg ); - if( status != PSA_SUCCESS ) - return( status ); + status = mac_init(operation, alg); + if (status != PSA_SUCCESS) { + return status; + } #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) - if( PSA_ALG_FULL_LENGTH_MAC( alg ) == PSA_ALG_CMAC ) - { + if (PSA_ALG_FULL_LENGTH_MAC(alg) == PSA_ALG_CMAC) { /* Key buffer size for CMAC is dictated by the key bits set on the * attributes, and previously validated by the core on key import. */ (void) key_buffer_size; - status = cmac_setup( operation, attributes, key_buffer ); - } - else + status = cmac_setup(operation, attributes, key_buffer); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) - if( PSA_ALG_IS_HMAC( alg ) ) - { - status = psa_hmac_setup_internal( &operation->ctx.hmac, - key_buffer, - key_buffer_size, - PSA_ALG_HMAC_GET_HASH( alg ) ); - } - else + if (PSA_ALG_IS_HMAC(alg)) { + status = psa_hmac_setup_internal(&operation->ctx.hmac, + key_buffer, + key_buffer_size, + PSA_ALG_HMAC_GET_HASH(alg)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { (void) attributes; @@ -316,10 +320,11 @@ static psa_status_t psa_mac_setup( mbedtls_psa_mac_operation_t *operation, status = PSA_ERROR_NOT_SUPPORTED; } - if( status != PSA_SUCCESS ) - mbedtls_psa_mac_abort( operation ); + if (status != PSA_SUCCESS) { + mbedtls_psa_mac_abort(operation); + } - return( status ); + return status; } psa_status_t mbedtls_psa_mac_sign_setup( @@ -327,10 +332,10 @@ psa_status_t mbedtls_psa_mac_sign_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { - return( psa_mac_setup( operation, attributes, - key_buffer, key_buffer_size, alg ) ); + return psa_mac_setup(operation, attributes, + key_buffer, key_buffer_size, alg); } psa_status_t mbedtls_psa_mac_verify_setup( @@ -338,69 +343,63 @@ psa_status_t mbedtls_psa_mac_verify_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { - return( psa_mac_setup( operation, attributes, - key_buffer, key_buffer_size, alg ) ); + return psa_mac_setup(operation, attributes, + key_buffer, key_buffer_size, alg); } psa_status_t mbedtls_psa_mac_update( mbedtls_psa_mac_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { - if( operation->alg == 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->alg == 0) { + return PSA_ERROR_BAD_STATE; + } #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) - if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) - { - return( mbedtls_to_psa_error( - mbedtls_cipher_cmac_update( &operation->ctx.cmac, - input, input_length ) ) ); - } - else + if (PSA_ALG_FULL_LENGTH_MAC(operation->alg) == PSA_ALG_CMAC) { + return mbedtls_to_psa_error( + mbedtls_cipher_cmac_update(&operation->ctx.cmac, + input, input_length)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) - if( PSA_ALG_IS_HMAC( operation->alg ) ) - { - return( psa_hmac_update_internal( &operation->ctx.hmac, - input, input_length ) ); - } - else + if (PSA_ALG_IS_HMAC(operation->alg)) { + return psa_hmac_update_internal(&operation->ctx.hmac, + input, input_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { /* This shouldn't happen if `operation` was initialized by * a setup function. */ (void) input; (void) input_length; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } } static psa_status_t psa_mac_finish_internal( mbedtls_psa_mac_operation_t *operation, - uint8_t *mac, size_t mac_size ) + uint8_t *mac, size_t mac_size) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) - if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) - { + if (PSA_ALG_FULL_LENGTH_MAC(operation->alg) == PSA_ALG_CMAC) { uint8_t tmp[PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE]; - int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp ); - if( ret == 0 ) - memcpy( mac, tmp, mac_size ); - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - return( mbedtls_to_psa_error( ret ) ); - } - else + int ret = mbedtls_cipher_cmac_finish(&operation->ctx.cmac, tmp); + if (ret == 0) { + memcpy(mac, tmp, mac_size); + } + mbedtls_platform_zeroize(tmp, sizeof(tmp)); + return mbedtls_to_psa_error(ret); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) - if( PSA_ALG_IS_HMAC( operation->alg ) ) - { - return( psa_hmac_finish_internal( &operation->ctx.hmac, - mac, mac_size ) ); - } - else + if (PSA_ALG_IS_HMAC(operation->alg)) { + return psa_hmac_finish_internal(&operation->ctx.hmac, + mac, mac_size); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { /* This shouldn't happen if `operation` was initialized by @@ -408,7 +407,7 @@ static psa_status_t psa_mac_finish_internal( (void) operation; (void) mac; (void) mac_size; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } } @@ -416,46 +415,52 @@ psa_status_t mbedtls_psa_mac_sign_finish( mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->alg == 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->alg == 0) { + return PSA_ERROR_BAD_STATE; + } - status = psa_mac_finish_internal( operation, mac, mac_size ); - if( status == PSA_SUCCESS ) + status = psa_mac_finish_internal(operation, mac, mac_size); + if (status == PSA_SUCCESS) { *mac_length = mac_size; + } - return( status ); + return status; } psa_status_t mbedtls_psa_mac_verify_finish( mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ) + size_t mac_length) { uint8_t actual_mac[PSA_MAC_MAX_SIZE]; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->alg == 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->alg == 0) { + return PSA_ERROR_BAD_STATE; + } /* Consistency check: requested MAC length fits our local buffer */ - if( mac_length > sizeof( actual_mac ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (mac_length > sizeof(actual_mac)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - status = psa_mac_finish_internal( operation, actual_mac, mac_length ); - if( status != PSA_SUCCESS ) + status = psa_mac_finish_internal(operation, actual_mac, mac_length); + if (status != PSA_SUCCESS) { goto cleanup; + } - if( mbedtls_psa_safer_memcmp( mac, actual_mac, mac_length ) != 0 ) + if (mbedtls_psa_safer_memcmp(mac, actual_mac, mac_length) != 0) { status = PSA_ERROR_INVALID_SIGNATURE; + } cleanup: - mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) ); + mbedtls_platform_zeroize(actual_mac, sizeof(actual_mac)); - return( status ); + return status; } psa_status_t mbedtls_psa_mac_compute( @@ -467,32 +472,34 @@ psa_status_t mbedtls_psa_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_mac_operation_t operation = MBEDTLS_PSA_MAC_OPERATION_INIT; - status = psa_mac_setup( &operation, - attributes, key_buffer, key_buffer_size, - alg ); - if( status != PSA_SUCCESS ) + status = psa_mac_setup(&operation, + attributes, key_buffer, key_buffer_size, + alg); + if (status != PSA_SUCCESS) { goto exit; + } - if( input_length > 0 ) - { - status = mbedtls_psa_mac_update( &operation, input, input_length ); - if( status != PSA_SUCCESS ) + if (input_length > 0) { + status = mbedtls_psa_mac_update(&operation, input, input_length); + if (status != PSA_SUCCESS) { goto exit; + } } - status = psa_mac_finish_internal( &operation, mac, mac_size ); - if( status == PSA_SUCCESS ) + status = psa_mac_finish_internal(&operation, mac, mac_size); + if (status == PSA_SUCCESS) { *mac_length = mac_size; + } exit: - mbedtls_psa_mac_abort( &operation ); + mbedtls_psa_mac_abort(&operation); - return( status ); + return status; } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC || MBEDTLS_PSA_BUILTIN_ALG_CMAC */ diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index a821e7411642..21c4de6362ce 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -164,7 +164,7 @@ psa_status_t mbedtls_psa_mac_verify_setup( psa_status_t mbedtls_psa_mac_update( mbedtls_psa_mac_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); /** Finish the calculation of the MAC of a message using Mbed TLS. * @@ -207,7 +207,7 @@ psa_status_t mbedtls_psa_mac_sign_finish( mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); /** Finish the calculation of the MAC of a message and compare it with * an expected value using Mbed TLS. @@ -247,7 +247,7 @@ psa_status_t mbedtls_psa_mac_sign_finish( psa_status_t mbedtls_psa_mac_verify_finish( mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ); + size_t mac_length); /** Abort a MAC operation using Mbed TLS. * @@ -271,6 +271,6 @@ psa_status_t mbedtls_psa_mac_verify_finish( * \retval #PSA_ERROR_CORRUPTION_DETECTED */ psa_status_t mbedtls_psa_mac_abort( - mbedtls_psa_mac_operation_t *operation ); + mbedtls_psa_mac_operation_t *operation); #endif /* PSA_CRYPTO_MAC_H */ diff --git a/library/psa_crypto_random_impl.h b/library/psa_crypto_random_impl.h index 3c4c09a28426..f1a2af11d989 100644 --- a/library/psa_crypto_random_impl.h +++ b/library/psa_crypto_random_impl.h @@ -41,9 +41,9 @@ typedef mbedtls_psa_external_random_context_t mbedtls_psa_random_context_t; /* Trivial wrapper around psa_generate_random(). */ -int mbedtls_psa_get_random( void *p_rng, - unsigned char *output, - size_t output_size ); +int mbedtls_psa_get_random(void *p_rng, + unsigned char *output, + size_t output_size); /* The PSA RNG API doesn't need any externally maintained state. */ #define MBEDTLS_PSA_RANDOM_STATE NULL @@ -89,12 +89,12 @@ int mbedtls_psa_get_random( void *p_rng, * * \param p_rng Pointer to the Mbed TLS DRBG state. */ -static inline void mbedtls_psa_drbg_init( mbedtls_psa_drbg_context_t *p_rng ) +static inline void mbedtls_psa_drbg_init(mbedtls_psa_drbg_context_t *p_rng) { #if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_init( p_rng ); + mbedtls_ctr_drbg_init(p_rng); #elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_init( p_rng ); + mbedtls_hmac_drbg_init(p_rng); #endif } @@ -102,12 +102,12 @@ static inline void mbedtls_psa_drbg_init( mbedtls_psa_drbg_context_t *p_rng ) * * \param p_rng Pointer to the Mbed TLS DRBG state. */ -static inline void mbedtls_psa_drbg_free( mbedtls_psa_drbg_context_t *p_rng ) +static inline void mbedtls_psa_drbg_free(mbedtls_psa_drbg_context_t *p_rng) { #if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_free( p_rng ); + mbedtls_ctr_drbg_free(p_rng); #elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_free( p_rng ); + mbedtls_hmac_drbg_free(p_rng); #endif } @@ -116,10 +116,9 @@ static inline void mbedtls_psa_drbg_free( mbedtls_psa_drbg_context_t *p_rng ) * The random generator context is composed of an entropy context and * a DRBG context. */ -typedef struct -{ - void (* entropy_init )( mbedtls_entropy_context *ctx ); - void (* entropy_free )( mbedtls_entropy_context *ctx ); +typedef struct { + void (* entropy_init)(mbedtls_entropy_context *ctx); + void (* entropy_free)(mbedtls_entropy_context *ctx); mbedtls_entropy_context entropy; mbedtls_psa_drbg_context_t drbg; } mbedtls_psa_random_context_t; @@ -182,21 +181,21 @@ extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state; */ static inline int mbedtls_psa_drbg_seed( mbedtls_entropy_context *entropy, - const unsigned char *custom, size_t len ) + const unsigned char *custom, size_t len) { #if defined(MBEDTLS_CTR_DRBG_C) - return( mbedtls_ctr_drbg_seed( MBEDTLS_PSA_RANDOM_STATE, - mbedtls_entropy_func, - entropy, - custom, len ) ); + return mbedtls_ctr_drbg_seed(MBEDTLS_PSA_RANDOM_STATE, + mbedtls_entropy_func, + entropy, + custom, len); #elif defined(MBEDTLS_HMAC_DRBG_C) const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type( MBEDTLS_PSA_HMAC_DRBG_MD_TYPE ); - return( mbedtls_hmac_drbg_seed( MBEDTLS_PSA_RANDOM_STATE, - md_info, - mbedtls_entropy_func, - entropy, - custom, len ) ); + mbedtls_md_info_from_type(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE); + return mbedtls_hmac_drbg_seed(MBEDTLS_PSA_RANDOM_STATE, + md_info, + mbedtls_entropy_func, + entropy, + custom, len); #endif } diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index d07cdcea15f7..853a0443c84d 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -50,45 +50,46 @@ * way to return the exact bit size of a key. * To keep things simple, reject non-byte-aligned key sizes. */ static psa_status_t psa_check_rsa_key_byte_aligned( - const mbedtls_rsa_context *rsa ) + const mbedtls_rsa_context *rsa) { mbedtls_mpi n; psa_status_t status; - mbedtls_mpi_init( &n ); + mbedtls_mpi_init(&n); status = mbedtls_to_psa_error( - mbedtls_rsa_export( rsa, &n, NULL, NULL, NULL, NULL ) ); - if( status == PSA_SUCCESS ) - { - if( mbedtls_mpi_bitlen( &n ) % 8 != 0 ) + mbedtls_rsa_export(rsa, &n, NULL, NULL, NULL, NULL)); + if (status == PSA_SUCCESS) { + if (mbedtls_mpi_bitlen(&n) % 8 != 0) { status = PSA_ERROR_NOT_SUPPORTED; + } } - mbedtls_mpi_free( &n ); - return( status ); + mbedtls_mpi_free(&n); + return status; } psa_status_t mbedtls_psa_rsa_load_representation( psa_key_type_t type, const uint8_t *data, size_t data_length, - mbedtls_rsa_context **p_rsa ) + mbedtls_rsa_context **p_rsa) { psa_status_t status; mbedtls_pk_context ctx; size_t bits; - mbedtls_pk_init( &ctx ); + mbedtls_pk_init(&ctx); /* Parse the data. */ - if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) + if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) { status = mbedtls_to_psa_error( - mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0 ) ); - else + mbedtls_pk_parse_key(&ctx, data, data_length, NULL, 0)); + } else { status = mbedtls_to_psa_error( - mbedtls_pk_parse_public_key( &ctx, data, data_length ) ); - if( status != PSA_SUCCESS ) + mbedtls_pk_parse_public_key(&ctx, data, data_length)); + } + if (status != PSA_SUCCESS) { goto exit; + } /* We have something that the pkparse module recognizes. If it is a * valid RSA key, store it. */ - if( mbedtls_pk_get_type( &ctx ) != MBEDTLS_PK_RSA ) - { + if (mbedtls_pk_get_type(&ctx) != MBEDTLS_PK_RSA) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } @@ -96,24 +97,24 @@ psa_status_t mbedtls_psa_rsa_load_representation( /* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS * supports non-byte-aligned key sizes, but not well. For example, * mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */ - bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( mbedtls_pk_rsa( ctx ) ) ); - if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) - { + bits = PSA_BYTES_TO_BITS(mbedtls_rsa_get_len(mbedtls_pk_rsa(ctx))); + if (bits > PSA_VENDOR_RSA_MAX_KEY_BITS) { status = PSA_ERROR_NOT_SUPPORTED; goto exit; } - status = psa_check_rsa_key_byte_aligned( mbedtls_pk_rsa( ctx ) ); - if( status != PSA_SUCCESS ) + status = psa_check_rsa_key_byte_aligned(mbedtls_pk_rsa(ctx)); + if (status != PSA_SUCCESS) { goto exit; + } /* Copy out the pointer to the RSA context, and reset the PK context * such that pk_free doesn't free the RSA context we just grabbed. */ - *p_rsa = mbedtls_pk_rsa( ctx ); + *p_rsa = mbedtls_pk_rsa(ctx); ctx.pk_info = NULL; exit: - mbedtls_pk_free( &ctx ); - return( status ); + mbedtls_pk_free(&ctx); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || @@ -129,179 +130,182 @@ psa_status_t mbedtls_psa_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) + size_t *key_buffer_length, size_t *bits) { psa_status_t status; mbedtls_rsa_context *rsa = NULL; /* Parse input */ - status = mbedtls_psa_rsa_load_representation( attributes->core.type, - data, - data_length, - &rsa ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_rsa_load_representation(attributes->core.type, + data, + data_length, + &rsa); + if (status != PSA_SUCCESS) { goto exit; + } - *bits = (psa_key_bits_t) PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) ); + *bits = (psa_key_bits_t) PSA_BYTES_TO_BITS(mbedtls_rsa_get_len(rsa)); /* Re-export the data to PSA export format, such that we can store export * representation in the key slot. Export representation in case of RSA is * the smallest representation that's allowed as input, so a straight-up * allocation of the same size as the input buffer will be large enough. */ - status = mbedtls_psa_rsa_export_key( attributes->core.type, - rsa, - key_buffer, - key_buffer_size, - key_buffer_length ); + status = mbedtls_psa_rsa_export_key(attributes->core.type, + rsa, + key_buffer, + key_buffer_size, + key_buffer_length); exit: /* Always free the RSA object */ - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); - return( status ); + return status; } -psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type, - mbedtls_rsa_context *rsa, - uint8_t *data, - size_t data_size, - size_t *data_length ) +psa_status_t mbedtls_psa_rsa_export_key(psa_key_type_t type, + mbedtls_rsa_context *rsa, + uint8_t *data, + size_t data_size, + size_t *data_length) { #if defined(MBEDTLS_PK_WRITE_C) int ret; mbedtls_pk_context pk; uint8_t *pos = data + data_size; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); pk.pk_info = &mbedtls_rsa_info; pk.pk_ctx = rsa; /* PSA Crypto API defines the format of an RSA key as a DER-encoded * representation of the non-encrypted PKCS#1 RSAPrivateKey for a * private key and of the RFC3279 RSAPublicKey for a public key. */ - if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) - ret = mbedtls_pk_write_key_der( &pk, data, data_size ); - else - ret = mbedtls_pk_write_pubkey( &pos, data, &pk ); + if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) { + ret = mbedtls_pk_write_key_der(&pk, data, data_size); + } else { + ret = mbedtls_pk_write_pubkey(&pos, data, &pk); + } - if( ret < 0 ) - { + if (ret < 0) { /* Clean up in case pk_write failed halfway through. */ - memset( data, 0, data_size ); - return( mbedtls_to_psa_error( ret ) ); + memset(data, 0, data_size); + return mbedtls_to_psa_error(ret); } /* The mbedtls_pk_xxx functions write to the end of the buffer. * Move the data to the beginning and erase remaining data * at the original location. */ - if( 2 * (size_t) ret <= data_size ) - { - memcpy( data, data + data_size - ret, ret ); - memset( data + data_size - ret, 0, ret ); - } - else if( (size_t) ret < data_size ) - { - memmove( data, data + data_size - ret, ret ); - memset( data + ret, 0, data_size - ret ); + if (2 * (size_t) ret <= data_size) { + memcpy(data, data + data_size - ret, ret); + memset(data + data_size - ret, 0, ret); + } else if ((size_t) ret < data_size) { + memmove(data, data + data_size - ret, ret); + memset(data + ret, 0, data_size - ret); } *data_length = ret; - return( PSA_SUCCESS ); + return PSA_SUCCESS; #else (void) type; (void) rsa; (void) data; (void) data_size; (void) data_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PK_WRITE_C */ } psa_status_t mbedtls_psa_rsa_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_rsa_context *rsa = NULL; status = mbedtls_psa_rsa_load_representation( - attributes->core.type, key_buffer, key_buffer_size, &rsa ); - if( status != PSA_SUCCESS ) - return( status ); + attributes->core.type, key_buffer, key_buffer_size, &rsa); + if (status != PSA_SUCCESS) { + return status; + } - status = mbedtls_psa_rsa_export_key( PSA_KEY_TYPE_RSA_PUBLIC_KEY, - rsa, - data, - data_size, - data_length ); + status = mbedtls_psa_rsa_export_key(PSA_KEY_TYPE_RSA_PUBLIC_KEY, + rsa, + data, + data_size, + data_length); - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); - return( status ); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ defined(MBEDTLS_GENPRIME) -static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters, - size_t domain_parameters_size, - int *exponent ) +static psa_status_t psa_rsa_read_exponent(const uint8_t *domain_parameters, + size_t domain_parameters_size, + int *exponent) { size_t i; uint32_t acc = 0; - if( domain_parameters_size == 0 ) - { + if (domain_parameters_size == 0) { *exponent = 65537; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /* Mbed TLS encodes the public exponent as an int. For simplicity, only * support values that fit in a 32-bit integer, which is larger than * int on just about every platform anyway. */ - if( domain_parameters_size > sizeof( acc ) ) - return( PSA_ERROR_NOT_SUPPORTED ); - for( i = 0; i < domain_parameters_size; i++ ) - acc = ( acc << 8 ) | domain_parameters[i]; - if( acc > INT_MAX ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (domain_parameters_size > sizeof(acc)) { + return PSA_ERROR_NOT_SUPPORTED; + } + for (i = 0; i < domain_parameters_size; i++) { + acc = (acc << 8) | domain_parameters[i]; + } + if (acc > INT_MAX) { + return PSA_ERROR_NOT_SUPPORTED; + } *exponent = acc; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t mbedtls_psa_rsa_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { psa_status_t status; mbedtls_rsa_context rsa; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int exponent; - status = psa_rsa_read_exponent( attributes->domain_parameters, - attributes->domain_parameters_size, - &exponent ); - if( status != PSA_SUCCESS ) - return( status ); - - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); - ret = mbedtls_rsa_gen_key( &rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - (unsigned int)attributes->core.bits, - exponent ); - if( ret != 0 ) - return( mbedtls_to_psa_error( ret ) ); - - status = mbedtls_psa_rsa_export_key( attributes->core.type, - &rsa, key_buffer, key_buffer_size, - key_buffer_length ); - mbedtls_rsa_free( &rsa ); - - return( status ); + status = psa_rsa_read_exponent(attributes->domain_parameters, + attributes->domain_parameters_size, + &exponent); + if (status != PSA_SUCCESS) { + return status; + } + + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE); + ret = mbedtls_rsa_gen_key(&rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + (unsigned int) attributes->core.bits, + exponent); + if (ret != 0) { + return mbedtls_to_psa_error(ret); + } + + status = mbedtls_psa_rsa_export_key(attributes->core.type, + &rsa, key_buffer, key_buffer_size, + key_buffer_length); + mbedtls_rsa_free(&rsa); + + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) * defined(MBEDTLS_GENPRIME) */ @@ -315,127 +319,129 @@ psa_status_t mbedtls_psa_rsa_generate_key( /* Decode the hash algorithm from alg and store the mbedtls encoding in * md_alg. Verify that the hash length is acceptable. */ -static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, - size_t hash_length, - mbedtls_md_type_t *md_alg ) +static psa_status_t psa_rsa_decode_md_type(psa_algorithm_t alg, + size_t hash_length, + mbedtls_md_type_t *md_alg) { - psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); - *md_alg = mbedtls_md_get_type( md_info ); + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg); + *md_alg = mbedtls_md_get_type(md_info); /* The Mbed TLS RSA module uses an unsigned int for hash length * parameters. Validate that it fits so that we don't risk an * overflow later. */ #if SIZE_MAX > UINT_MAX - if( hash_length > UINT_MAX ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (hash_length > UINT_MAX) { + return PSA_ERROR_INVALID_ARGUMENT; + } #endif /* For signatures using a hash, the hash length must be correct. */ - if( alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW ) - { - if( md_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - if( mbedtls_md_get_size( md_info ) != hash_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW) { + if (md_info == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } + if (mbedtls_md_get_size(md_info) != hash_length) { + return PSA_ERROR_INVALID_ARGUMENT; + } } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t mbedtls_psa_rsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + uint8_t *signature, size_t signature_size, size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_rsa_context *rsa = NULL; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md_type_t md_alg; - status = mbedtls_psa_rsa_load_representation( attributes->core.type, - key_buffer, - key_buffer_size, - &rsa ); - if( status != PSA_SUCCESS ) - return( status ); + status = mbedtls_psa_rsa_load_representation(attributes->core.type, + key_buffer, + key_buffer_size, + &rsa); + if (status != PSA_SUCCESS) { + return status; + } - status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); - if( status != PSA_SUCCESS ) + status = psa_rsa_decode_md_type(alg, hash_length, &md_alg); + if (status != PSA_SUCCESS) { goto exit; + } - if( signature_size < mbedtls_rsa_get_len( rsa ) ) - { + if (signature_size < mbedtls_rsa_get_len(rsa)) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) - { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, - MBEDTLS_MD_NONE ); - ret = mbedtls_rsa_pkcs1_sign( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PRIVATE, - md_alg, - (unsigned int) hash_length, - hash, - signature ); - } - else + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) { + mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V15, + MBEDTLS_MD_NONE); + ret = mbedtls_rsa_pkcs1_sign(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PRIVATE, + md_alg, + (unsigned int) hash_length, + hash, + signature); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - if( PSA_ALG_IS_RSA_PSS( alg ) ) - { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); - ret = mbedtls_rsa_rsassa_pss_sign( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PRIVATE, - MBEDTLS_MD_NONE, - (unsigned int) hash_length, - hash, - signature ); - } - else + if (PSA_ALG_IS_RSA_PSS(alg)) { + mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V21, md_alg); + ret = mbedtls_rsa_rsassa_pss_sign(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PRIVATE, + MBEDTLS_MD_NONE, + (unsigned int) hash_length, + hash, + signature); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */ { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - if( ret == 0 ) - *signature_length = mbedtls_rsa_get_len( rsa ); - status = mbedtls_to_psa_error( ret ); + if (ret == 0) { + *signature_length = mbedtls_rsa_get_len(rsa); + } + status = mbedtls_to_psa_error(ret); exit: - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); - return( status ); + return status; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) -static int rsa_pss_expected_salt_len( psa_algorithm_t alg, - const mbedtls_rsa_context *rsa, - size_t hash_length ) +static int rsa_pss_expected_salt_len(psa_algorithm_t alg, + const mbedtls_rsa_context *rsa, + size_t hash_length) { - if( PSA_ALG_IS_RSA_PSS_ANY_SALT( alg ) ) - return( MBEDTLS_RSA_SALT_LEN_ANY ); + if (PSA_ALG_IS_RSA_PSS_ANY_SALT(alg)) { + return MBEDTLS_RSA_SALT_LEN_ANY; + } /* Otherwise: standard salt length, i.e. largest possible salt length * up to the hash length. */ - int klen = (int) mbedtls_rsa_get_len( rsa ); // known to fit + int klen = (int) mbedtls_rsa_get_len(rsa); // known to fit int hlen = (int) hash_length; // known to fit int room = klen - 2 - hlen; - if( room < 0 ) - return( 0 ); // there is no valid signature in this case anyway - else if( room > hlen ) - return( hlen ); - else - return( room ); + if (room < 0) { + return 0; // there is no valid signature in this case anyway + } else if (room > hlen) { + return hlen; + } else { + return room; + } } #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */ @@ -443,63 +449,60 @@ psa_status_t mbedtls_psa_rsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) + const uint8_t *signature, size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_rsa_context *rsa = NULL; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md_type_t md_alg; - status = mbedtls_psa_rsa_load_representation( attributes->core.type, - key_buffer, - key_buffer_size, - &rsa ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_rsa_load_representation(attributes->core.type, + key_buffer, + key_buffer_size, + &rsa); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); - if( status != PSA_SUCCESS ) + status = psa_rsa_decode_md_type(alg, hash_length, &md_alg); + if (status != PSA_SUCCESS) { goto exit; + } - if( signature_length != mbedtls_rsa_get_len( rsa ) ) - { + if (signature_length != mbedtls_rsa_get_len(rsa)) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) - { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, - MBEDTLS_MD_NONE ); - ret = mbedtls_rsa_pkcs1_verify( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PUBLIC, - md_alg, - (unsigned int) hash_length, - hash, - signature ); - } - else + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) { + mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V15, + MBEDTLS_MD_NONE); + ret = mbedtls_rsa_pkcs1_verify(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PUBLIC, + md_alg, + (unsigned int) hash_length, + hash, + signature); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - if( PSA_ALG_IS_RSA_PSS( alg ) ) - { - int slen = rsa_pss_expected_salt_len( alg, rsa, hash_length ); - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); - ret = mbedtls_rsa_rsassa_pss_verify_ext( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PUBLIC, - md_alg, - (unsigned int) hash_length, - hash, - md_alg, - slen, - signature ); - } - else + if (PSA_ALG_IS_RSA_PSS(alg)) { + int slen = rsa_pss_expected_salt_len(alg, rsa, hash_length); + mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V21, md_alg); + ret = mbedtls_rsa_rsassa_pss_verify_ext(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PUBLIC, + md_alg, + (unsigned int) hash_length, + hash, + md_alg, + slen, + signature); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */ { status = PSA_ERROR_INVALID_ARGUMENT; @@ -509,15 +512,15 @@ psa_status_t mbedtls_psa_rsa_verify_hash( /* Mbed TLS distinguishes "invalid padding" from "valid padding but * the rest of the signature is invalid". This has little use in * practice and PSA doesn't report this distinction. */ - status = ( ret == MBEDTLS_ERR_RSA_INVALID_PADDING ) ? + status = (ret == MBEDTLS_ERR_RSA_INVALID_PADDING) ? PSA_ERROR_INVALID_SIGNATURE : - mbedtls_to_psa_error( ret ); + mbedtls_to_psa_error(ret); exit: - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); - return( status ); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || diff --git a/library/psa_crypto_rsa.h b/library/psa_crypto_rsa.h index b76613e6c17f..cee2f524c074 100644 --- a/library/psa_crypto_rsa.h +++ b/library/psa_crypto_rsa.h @@ -34,10 +34,10 @@ * contents of the context and the context itself * when done. */ -psa_status_t mbedtls_psa_rsa_load_representation( psa_key_type_t type, - const uint8_t *data, - size_t data_length, - mbedtls_rsa_context **p_rsa ); +psa_status_t mbedtls_psa_rsa_load_representation(psa_key_type_t type, + const uint8_t *data, + size_t data_length, + mbedtls_rsa_context **p_rsa); /** Import an RSA key in binary format. * @@ -69,7 +69,7 @@ psa_status_t mbedtls_psa_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); + size_t *key_buffer_length, size_t *bits); /** Export an RSA key to export representation * @@ -79,11 +79,11 @@ psa_status_t mbedtls_psa_rsa_import_key( * \param[in] data_size The length of the buffer to export to * \param[out] data_length The amount of bytes written to \p data */ -psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type, - mbedtls_rsa_context *rsa, - uint8_t *data, - size_t data_size, - size_t *data_length ); +psa_status_t mbedtls_psa_rsa_export_key(psa_key_type_t type, + mbedtls_rsa_context *rsa, + uint8_t *data, + size_t data_size, + size_t *data_length); /** Export a public RSA key or the public part of an RSA key pair in binary * format. @@ -112,7 +112,7 @@ psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type, psa_status_t mbedtls_psa_rsa_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); /** * \brief Generate an RSA key. @@ -135,7 +135,7 @@ psa_status_t mbedtls_psa_rsa_export_public_key( */ psa_status_t mbedtls_psa_rsa_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); /** Sign an already-calculated hash with an RSA private key. * @@ -174,7 +174,7 @@ psa_status_t mbedtls_psa_rsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); /** * \brief Verify the signature a hash or short message using a public RSA key. @@ -210,6 +210,6 @@ psa_status_t mbedtls_psa_rsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); #endif /* PSA_CRYPTO_RSA_H */ diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 87d2634e7382..b660393640d5 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -48,19 +48,16 @@ /* This structure is identical to psa_drv_se_context_t declared in * `crypto_se_driver.h`, except that some parts are writable here * (non-const, or pointer to non-const). */ -typedef struct -{ +typedef struct { void *persistent_data; size_t persistent_data_size; uintptr_t transient_data; } psa_drv_se_internal_context_t; -struct psa_se_drv_table_entry_s -{ +struct psa_se_drv_table_entry_s { psa_key_location_t location; const psa_drv_se_t *methods; - union - { + union { psa_drv_se_internal_context_t internal; psa_drv_se_context_t context; } u; @@ -69,46 +66,49 @@ struct psa_se_drv_table_entry_s static psa_se_drv_table_entry_t driver_table[PSA_MAX_SE_DRIVERS]; psa_se_drv_table_entry_t *psa_get_se_driver_entry( - psa_key_lifetime_t lifetime ) + psa_key_lifetime_t lifetime) { size_t i; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); /* In the driver table, location=0 means an entry that isn't used. * No driver has a location of 0 because it's a reserved value * (which designates transparent keys). Make sure we never return * a driver entry for location 0. */ - if( location == 0 ) - return( NULL ); - for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) - { - if( driver_table[i].location == location ) - return( &driver_table[i] ); + if (location == 0) { + return NULL; + } + for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) { + if (driver_table[i].location == location) { + return &driver_table[i]; + } } - return( NULL ); + return NULL; } const psa_drv_se_t *psa_get_se_driver_methods( - const psa_se_drv_table_entry_t *driver ) + const psa_se_drv_table_entry_t *driver) { - return( driver->methods ); + return driver->methods; } psa_drv_se_context_t *psa_get_se_driver_context( - psa_se_drv_table_entry_t *driver ) + psa_se_drv_table_entry_t *driver) { - return( &driver->u.context ); + return &driver->u.context; } -int psa_get_se_driver( psa_key_lifetime_t lifetime, - const psa_drv_se_t **p_methods, - psa_drv_se_context_t **p_drv_context) +int psa_get_se_driver(psa_key_lifetime_t lifetime, + const psa_drv_se_t **p_methods, + psa_drv_se_context_t **p_drv_context) { - psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry( lifetime ); - if( p_methods != NULL ) - *p_methods = ( driver ? driver->methods : NULL ); - if( p_drv_context != NULL ) - *p_drv_context = ( driver ? &driver->u.context : NULL ); - return( driver != NULL ); + psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry(lifetime); + if (p_methods != NULL) { + *p_methods = (driver ? driver->methods : NULL); + } + if (p_drv_context != NULL) { + *p_drv_context = (driver ? &driver->u.context : NULL); + } + return driver != NULL; } @@ -119,32 +119,35 @@ int psa_get_se_driver( psa_key_lifetime_t lifetime, static psa_status_t psa_get_se_driver_its_file_uid( const psa_se_drv_table_entry_t *driver, - psa_storage_uid_t *uid ) + psa_storage_uid_t *uid) { - if( driver->location > PSA_MAX_SE_LOCATION ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (driver->location > PSA_MAX_SE_LOCATION) { + return PSA_ERROR_NOT_SUPPORTED; + } #if SIZE_MAX > UINT32_MAX /* ITS file sizes are limited to 32 bits. */ - if( driver->u.internal.persistent_data_size > UINT32_MAX ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (driver->u.internal.persistent_data_size > UINT32_MAX) { + return PSA_ERROR_NOT_SUPPORTED; + } #endif /* See the documentation of PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE. */ *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->location; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t psa_load_se_persistent_data( - const psa_se_drv_table_entry_t *driver ) + const psa_se_drv_table_entry_t *driver) { psa_status_t status; psa_storage_uid_t uid; size_t length; - status = psa_get_se_driver_its_file_uid( driver, &uid ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_se_driver_its_file_uid(driver, &uid); + if (status != PSA_SUCCESS) { + return status; + } /* Read the amount of persistent data that the driver requests. * If the data in storage is larger, it is truncated. If the data @@ -153,97 +156,98 @@ psa_status_t psa_load_se_persistent_data( /* psa_get_se_driver_its_file_uid ensures that the size_t * persistent_data_size is in range, but compilers don't know that, * so cast to reassure them. */ - return( psa_its_get( uid, 0, - (uint32_t) driver->u.internal.persistent_data_size, - driver->u.internal.persistent_data, - &length ) ); + return psa_its_get(uid, 0, + (uint32_t) driver->u.internal.persistent_data_size, + driver->u.internal.persistent_data, + &length); } psa_status_t psa_save_se_persistent_data( - const psa_se_drv_table_entry_t *driver ) + const psa_se_drv_table_entry_t *driver) { psa_status_t status; psa_storage_uid_t uid; - status = psa_get_se_driver_its_file_uid( driver, &uid ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_se_driver_its_file_uid(driver, &uid); + if (status != PSA_SUCCESS) { + return status; + } /* psa_get_se_driver_its_file_uid ensures that the size_t * persistent_data_size is in range, but compilers don't know that, * so cast to reassure them. */ - return( psa_its_set( uid, - (uint32_t) driver->u.internal.persistent_data_size, - driver->u.internal.persistent_data, - 0 ) ); + return psa_its_set(uid, + (uint32_t) driver->u.internal.persistent_data_size, + driver->u.internal.persistent_data, + 0); } -psa_status_t psa_destroy_se_persistent_data( psa_key_location_t location ) +psa_status_t psa_destroy_se_persistent_data(psa_key_location_t location) { psa_storage_uid_t uid; - if( location > PSA_MAX_SE_LOCATION ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (location > PSA_MAX_SE_LOCATION) { + return PSA_ERROR_NOT_SUPPORTED; + } uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + location; - return( psa_its_remove( uid ) ); + return psa_its_remove(uid); } psa_status_t psa_find_se_slot_for_key( const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_se_drv_table_entry_t *driver, - psa_key_slot_number_t *slot_number ) + psa_key_slot_number_t *slot_number) { psa_status_t status; psa_key_location_t key_location = - PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime( attributes ) ); + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); /* If the location is wrong, it's a bug in the library. */ - if( driver->location != key_location ) - return( PSA_ERROR_CORRUPTION_DETECTED ); + if (driver->location != key_location) { + return PSA_ERROR_CORRUPTION_DETECTED; + } /* If the driver doesn't support key creation in any way, give up now. */ - if( driver->methods->key_management == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (driver->methods->key_management == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } - if( psa_get_key_slot_number( attributes, slot_number ) == PSA_SUCCESS ) - { + if (psa_get_key_slot_number(attributes, slot_number) == PSA_SUCCESS) { /* The application wants to use a specific slot. Allow it if * the driver supports it. On a system with isolation, * the crypto service must check that the application is * permitted to request this slot. */ psa_drv_se_validate_slot_number_t p_validate_slot_number = driver->methods->key_management->p_validate_slot_number; - if( p_validate_slot_number == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - status = p_validate_slot_number( &driver->u.context, - driver->u.internal.persistent_data, - attributes, method, - *slot_number ); - } - else if( method == PSA_KEY_CREATION_REGISTER ) - { + if (p_validate_slot_number == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } + status = p_validate_slot_number(&driver->u.context, + driver->u.internal.persistent_data, + attributes, method, + *slot_number); + } else if (method == PSA_KEY_CREATION_REGISTER) { /* The application didn't specify a slot number. This doesn't * make sense when registering a slot. */ - return( PSA_ERROR_INVALID_ARGUMENT ); - } - else - { + return PSA_ERROR_INVALID_ARGUMENT; + } else { /* The application didn't tell us which slot to use. Let the driver * choose. This is the normal case. */ psa_drv_se_allocate_key_t p_allocate = driver->methods->key_management->p_allocate; - if( p_allocate == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - status = p_allocate( &driver->u.context, - driver->u.internal.persistent_data, - attributes, method, - slot_number ); + if (p_allocate == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } + status = p_allocate(&driver->u.context, + driver->u.internal.persistent_data, + attributes, method, + slot_number); } - return( status ); + return status; } -psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, - psa_key_slot_number_t slot_number ) +psa_status_t psa_destroy_se_key(psa_se_drv_table_entry_t *driver, + psa_key_slot_number_t slot_number) { psa_status_t status; psa_status_t storage_status; @@ -255,40 +259,42 @@ psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, * locked in a read-only state: we can use the keys but not * destroy them. Hence, if the driver doesn't support destroying * keys, it's really a lack of permission. */ - if( driver->methods->key_management == NULL || - driver->methods->key_management->p_destroy == NULL ) - return( PSA_ERROR_NOT_PERMITTED ); + if (driver->methods->key_management == NULL || + driver->methods->key_management->p_destroy == NULL) { + return PSA_ERROR_NOT_PERMITTED; + } status = driver->methods->key_management->p_destroy( &driver->u.context, driver->u.internal.persistent_data, - slot_number ); - storage_status = psa_save_se_persistent_data( driver ); - return( status == PSA_SUCCESS ? storage_status : status ); + slot_number); + storage_status = psa_save_se_persistent_data(driver); + return status == PSA_SUCCESS ? storage_status : status; } -psa_status_t psa_init_all_se_drivers( void ) +psa_status_t psa_init_all_se_drivers(void) { size_t i; - for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) - { + for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) { psa_se_drv_table_entry_t *driver = &driver_table[i]; - if( driver->location == 0 ) + if (driver->location == 0) { continue; /* skipping unused entry */ - const psa_drv_se_t *methods = psa_get_se_driver_methods( driver ); - if( methods->p_init != NULL ) - { + } + const psa_drv_se_t *methods = psa_get_se_driver_methods(driver); + if (methods->p_init != NULL) { psa_status_t status = methods->p_init( &driver->u.context, driver->u.internal.persistent_data, - driver->location ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_save_se_persistent_data( driver ); - if( status != PSA_SUCCESS ) - return( status ); + driver->location); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_save_se_persistent_data(driver); + if (status != PSA_SUCCESS) { + return status; + } } } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } @@ -304,70 +310,74 @@ psa_status_t psa_register_se_driver( size_t i; psa_status_t status; - if( methods->hal_version != PSA_DRV_SE_HAL_VERSION ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (methods->hal_version != PSA_DRV_SE_HAL_VERSION) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Driver table entries are 0-initialized. 0 is not a valid driver * location because it means a transparent key. */ #if defined(static_assert) - static_assert( PSA_KEY_LOCATION_LOCAL_STORAGE == 0, - "Secure element support requires 0 to mean a local key" ); + static_assert(PSA_KEY_LOCATION_LOCAL_STORAGE == 0, + "Secure element support requires 0 to mean a local key"); #endif - if( location == PSA_KEY_LOCATION_LOCAL_STORAGE ) - return( PSA_ERROR_INVALID_ARGUMENT ); - if( location > PSA_MAX_SE_LOCATION ) - return( PSA_ERROR_NOT_SUPPORTED ); - - for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) - { - if( driver_table[i].location == 0 ) + if (location == PSA_KEY_LOCATION_LOCAL_STORAGE) { + return PSA_ERROR_INVALID_ARGUMENT; + } + if (location > PSA_MAX_SE_LOCATION) { + return PSA_ERROR_NOT_SUPPORTED; + } + + for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) { + if (driver_table[i].location == 0) { break; + } /* Check that location isn't already in use up to the first free * entry. Since entries are created in order and never deleted, * there can't be a used entry after the first free entry. */ - if( driver_table[i].location == location ) - return( PSA_ERROR_ALREADY_EXISTS ); + if (driver_table[i].location == location) { + return PSA_ERROR_ALREADY_EXISTS; + } + } + if (i == PSA_MAX_SE_DRIVERS) { + return PSA_ERROR_INSUFFICIENT_MEMORY; } - if( i == PSA_MAX_SE_DRIVERS ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); driver_table[i].location = location; driver_table[i].methods = methods; driver_table[i].u.internal.persistent_data_size = methods->persistent_data_size; - if( methods->persistent_data_size != 0 ) - { + if (methods->persistent_data_size != 0) { driver_table[i].u.internal.persistent_data = - mbedtls_calloc( 1, methods->persistent_data_size ); - if( driver_table[i].u.internal.persistent_data == NULL ) - { + mbedtls_calloc(1, methods->persistent_data_size); + if (driver_table[i].u.internal.persistent_data == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; goto error; } /* Load the driver's persistent data. On first use, the persistent * data does not exist in storage, and is initialized to * all-bits-zero by the calloc call just above. */ - status = psa_load_se_persistent_data( &driver_table[i] ); - if( status != PSA_SUCCESS && status != PSA_ERROR_DOES_NOT_EXIST ) + status = psa_load_se_persistent_data(&driver_table[i]); + if (status != PSA_SUCCESS && status != PSA_ERROR_DOES_NOT_EXIST) { goto error; + } } - return( PSA_SUCCESS ); + return PSA_SUCCESS; error: - memset( &driver_table[i], 0, sizeof( driver_table[i] ) ); - return( status ); + memset(&driver_table[i], 0, sizeof(driver_table[i])); + return status; } -void psa_unregister_all_se_drivers( void ) +void psa_unregister_all_se_drivers(void) { size_t i; - for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) - { - if( driver_table[i].u.internal.persistent_data != NULL ) - mbedtls_free( driver_table[i].u.internal.persistent_data ); + for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) { + if (driver_table[i].u.internal.persistent_data != NULL) { + mbedtls_free(driver_table[i].u.internal.persistent_data); + } } - memset( driver_table, 0, sizeof( driver_table ) ); + memset(driver_table, 0, sizeof(driver_table)); } diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index 6d965ee10cf9..373852dfcc6a 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -51,7 +51,7 @@ * actually not used since it corresponds to #PSA_KEY_LOCATION_LOCAL_STORAGE * which doesn't have a driver. */ -#define PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE ( (psa_key_id_t) 0xfffffe00 ) +#define PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE ((psa_key_id_t) 0xfffffe00) /** The maximum number of registered secure element driver locations. */ #define PSA_MAX_SE_DRIVERS 4 @@ -62,13 +62,13 @@ * state. This function is only intended to be called at the end * of mbedtls_psa_crypto_free(). */ -void psa_unregister_all_se_drivers( void ); +void psa_unregister_all_se_drivers(void); /** Initialize all secure element drivers. * * Called from psa_crypto_init(). */ -psa_status_t psa_init_all_se_drivers( void ); +psa_status_t psa_init_all_se_drivers(void); /** A structure that describes a registered secure element driver. * @@ -93,9 +93,9 @@ typedef struct psa_se_drv_table_entry_s psa_se_drv_table_entry_t; * \retval 0 * \p lifetime does not correspond to a registered driver. */ -int psa_get_se_driver( psa_key_lifetime_t lifetime, - const psa_drv_se_t **p_methods, - psa_drv_se_context_t **p_drv_context); +int psa_get_se_driver(psa_key_lifetime_t lifetime, + const psa_drv_se_t **p_methods, + psa_drv_se_context_t **p_drv_context); /** Return the secure element driver table entry for a lifetime value. * @@ -105,7 +105,7 @@ int psa_get_se_driver( psa_key_lifetime_t lifetime, * \p NULL if \p lifetime does not correspond to a registered driver. */ psa_se_drv_table_entry_t *psa_get_se_driver_entry( - psa_key_lifetime_t lifetime ); + psa_key_lifetime_t lifetime); /** Return the method table for a secure element driver. * @@ -115,7 +115,7 @@ psa_se_drv_table_entry_t *psa_get_se_driver_entry( * \c NULL if \p driver is \c NULL. */ const psa_drv_se_t *psa_get_se_driver_methods( - const psa_se_drv_table_entry_t *driver ); + const psa_se_drv_table_entry_t *driver); /** Return the context of a secure element driver. * @@ -125,7 +125,7 @@ const psa_drv_se_t *psa_get_se_driver_methods( * \c NULL if \p driver is \c NULL. */ psa_drv_se_context_t *psa_get_se_driver_context( - psa_se_drv_table_entry_t *driver ); + psa_se_drv_table_entry_t *driver); /** Find a free slot for a key that is to be created. * @@ -141,15 +141,15 @@ psa_status_t psa_find_se_slot_for_key( const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_se_drv_table_entry_t *driver, - psa_key_slot_number_t *slot_number ); + psa_key_slot_number_t *slot_number); /** Destroy a key in a secure element. * * This function calls the relevant driver method to destroy a key * and updates the driver's persistent data. */ -psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, - psa_key_slot_number_t slot_number ); +psa_status_t psa_destroy_se_key(psa_se_drv_table_entry_t *driver, + psa_key_slot_number_t slot_number); /** Load the persistent data of a secure element driver. * @@ -164,7 +164,7 @@ psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, * \return #PSA_ERROR_INVALID_ARGUMENT */ psa_status_t psa_load_se_persistent_data( - const psa_se_drv_table_entry_t *driver ); + const psa_se_drv_table_entry_t *driver); /** Save the persistent data of a secure element driver. * @@ -180,7 +180,7 @@ psa_status_t psa_load_se_persistent_data( * \return #PSA_ERROR_INVALID_ARGUMENT */ psa_status_t psa_save_se_persistent_data( - const psa_se_drv_table_entry_t *driver ); + const psa_se_drv_table_entry_t *driver); /** Destroy the persistent data of a secure element driver. * @@ -189,14 +189,13 @@ psa_status_t psa_save_se_persistent_data( * \param[in] location The location identifier for the driver whose * persistent data is to be erased. */ -psa_status_t psa_destroy_se_persistent_data( psa_key_location_t location ); +psa_status_t psa_destroy_se_persistent_data(psa_key_location_t location); /** The storage representation of a key whose data is in a secure element. */ -typedef struct -{ - uint8_t slot_number[sizeof( psa_key_slot_number_t )]; +typedef struct { + uint8_t slot_number[sizeof(psa_key_slot_number_t)]; } psa_se_key_data_storage_t; #endif /* PSA_CRYPTO_SE_H */ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 3fba73640144..2d2790208579 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -36,30 +36,31 @@ #include #include "mbedtls/platform.h" -#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) +#define ARRAY_LENGTH(array) (sizeof(array) / sizeof(*(array))) -typedef struct -{ +typedef struct { psa_key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT]; unsigned key_slots_initialized : 1; } psa_global_data_t; static psa_global_data_t global_data; -int psa_is_valid_key_id( mbedtls_svc_key_id_t key, int vendor_ok ) +int psa_is_valid_key_id(mbedtls_svc_key_id_t key, int vendor_ok) { - psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); + psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key); - if( ( PSA_KEY_ID_USER_MIN <= key_id ) && - ( key_id <= PSA_KEY_ID_USER_MAX ) ) - return( 1 ); + if ((PSA_KEY_ID_USER_MIN <= key_id) && + (key_id <= PSA_KEY_ID_USER_MAX)) { + return 1; + } - if( vendor_ok && - ( PSA_KEY_ID_VENDOR_MIN <= key_id ) && - ( key_id <= PSA_KEY_ID_VENDOR_MAX ) ) - return( 1 ); + if (vendor_ok && + (PSA_KEY_ID_VENDOR_MIN <= key_id) && + (key_id <= PSA_KEY_ID_VENDOR_MAX)) { + return 1; + } - return( 0 ); + return 0; } /** Get the description in memory of a key given its identifier and lock it. @@ -94,16 +95,15 @@ int psa_is_valid_key_id( mbedtls_svc_key_id_t key, int vendor_ok ) * There is no key with key identifier \p key in the key slots. */ static psa_status_t psa_get_and_lock_key_slot_in_memory( - mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot ) + mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); + psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key); size_t slot_idx; psa_key_slot_t *slot = NULL; - if( psa_key_id_is_volatile( key_id ) ) - { - slot = &global_data.key_slots[ key_id - PSA_KEY_ID_VOLATILE_MIN ]; + if (psa_key_id_is_volatile(key_id)) { + slot = &global_data.key_slots[key_id - PSA_KEY_ID_VOLATILE_MIN]; /* * Check if both the PSA key identifier key_id and the owner @@ -113,83 +113,79 @@ static psa_status_t psa_get_and_lock_key_slot_in_memory( * is equal to zero. This is an invalid value for a PSA key identifier * and thus cannot be equal to the valid PSA key identifier key_id. */ - status = mbedtls_svc_key_id_equal( key, slot->attr.id ) ? + status = mbedtls_svc_key_id_equal(key, slot->attr.id) ? PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST; - } - else - { - if ( !psa_is_valid_key_id( key, 1 ) ) - return( PSA_ERROR_INVALID_HANDLE ); + } else { + if (!psa_is_valid_key_id(key, 1)) { + return PSA_ERROR_INVALID_HANDLE; + } - for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ ) - { - slot = &global_data.key_slots[ slot_idx ]; - if( mbedtls_svc_key_id_equal( key, slot->attr.id ) ) + for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) { + slot = &global_data.key_slots[slot_idx]; + if (mbedtls_svc_key_id_equal(key, slot->attr.id)) { break; + } } - status = ( slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT ) ? + status = (slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT) ? PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST; } - if( status == PSA_SUCCESS ) - { - status = psa_lock_key_slot( slot ); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { + status = psa_lock_key_slot(slot); + if (status == PSA_SUCCESS) { *p_slot = slot; + } } - return( status ); + return status; } -psa_status_t psa_initialize_key_slots( void ) +psa_status_t psa_initialize_key_slots(void) { /* Nothing to do: program startup and psa_wipe_all_key_slots() both * guarantee that the key slots are initialized to all-zero, which * means that all the key slots are in a valid, empty state. */ global_data.key_slots_initialized = 1; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -void psa_wipe_all_key_slots( void ) +void psa_wipe_all_key_slots(void) { size_t slot_idx; - for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ ) - { - psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; + for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) { + psa_key_slot_t *slot = &global_data.key_slots[slot_idx]; slot->lock_count = 1; - (void) psa_wipe_key_slot( slot ); + (void) psa_wipe_key_slot(slot); } global_data.key_slots_initialized = 0; } -psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, - psa_key_slot_t **p_slot ) +psa_status_t psa_get_empty_key_slot(psa_key_id_t *volatile_key_id, + psa_key_slot_t **p_slot) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t slot_idx; psa_key_slot_t *selected_slot, *unlocked_persistent_key_slot; - if( ! global_data.key_slots_initialized ) - { + if (!global_data.key_slots_initialized) { status = PSA_ERROR_BAD_STATE; goto error; } selected_slot = unlocked_persistent_key_slot = NULL; - for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ ) - { - psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; - if( ! psa_is_key_slot_occupied( slot ) ) - { + for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) { + psa_key_slot_t *slot = &global_data.key_slots[slot_idx]; + if (!psa_is_key_slot_occupied(slot)) { selected_slot = slot; break; } - if( ( unlocked_persistent_key_slot == NULL ) && - ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) && - ( ! psa_is_key_slot_locked( slot ) ) ) + if ((unlocked_persistent_key_slot == NULL) && + (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) && + (!psa_is_key_slot_locked(slot))) { unlocked_persistent_key_slot = slot; + } } /* @@ -199,25 +195,24 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, * persistent key we are evicting now, we will reload its description from * storage. */ - if( ( selected_slot == NULL ) && - ( unlocked_persistent_key_slot != NULL ) ) - { + if ((selected_slot == NULL) && + (unlocked_persistent_key_slot != NULL)) { selected_slot = unlocked_persistent_key_slot; selected_slot->lock_count = 1; - psa_wipe_key_slot( selected_slot ); + psa_wipe_key_slot(selected_slot); } - if( selected_slot != NULL ) - { - status = psa_lock_key_slot( selected_slot ); - if( status != PSA_SUCCESS ) - goto error; + if (selected_slot != NULL) { + status = psa_lock_key_slot(selected_slot); + if (status != PSA_SUCCESS) { + goto error; + } *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + - ( (psa_key_id_t)( selected_slot - global_data.key_slots ) ); + ((psa_key_id_t) (selected_slot - global_data.key_slots)); *p_slot = selected_slot; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } status = PSA_ERROR_INSUFFICIENT_MEMORY; @@ -225,53 +220,52 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, *p_slot = NULL; *volatile_key_id = 0; - return( status ); + return status; } #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) -static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *slot ) +static psa_status_t psa_load_persistent_key_into_slot(psa_key_slot_t *slot) { psa_status_t status = PSA_SUCCESS; uint8_t *key_data = NULL; size_t key_data_length = 0; - status = psa_load_persistent_key( &slot->attr, - &key_data, &key_data_length ); - if( status != PSA_SUCCESS ) + status = psa_load_persistent_key(&slot->attr, + &key_data, &key_data_length); + if (status != PSA_SUCCESS) { goto exit; + } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Special handling is required for loading keys associated with a * dynamically registered SE interface. */ const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) ) - { + if (psa_get_se_driver(slot->attr.lifetime, &drv, &drv_context)) { psa_se_key_data_storage_t *data; - if( key_data_length != sizeof( *data ) ) - { + if (key_data_length != sizeof(*data)) { status = PSA_ERROR_DATA_INVALID; goto exit; } data = (psa_se_key_data_storage_t *) key_data; status = psa_copy_key_material_into_slot( - slot, data->slot_number, sizeof( data->slot_number ) ); + slot, data->slot_number, sizeof(data->slot_number)); goto exit; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - status = psa_copy_key_material_into_slot( slot, key_data, key_data_length ); + status = psa_copy_key_material_into_slot(slot, key_data, key_data_length); exit: - psa_free_persistent_key_data( key_data, key_data_length ); - return( status ); + psa_free_persistent_key_data(key_data, key_data_length); + return status; } #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) -static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) +static psa_status_t psa_load_builtin_key_into_slot(psa_key_slot_t *slot) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -280,91 +274,98 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) size_t key_buffer_size = 0; size_t key_buffer_length = 0; - if( ! psa_key_id_is_builtin( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ) ) ) - { - return( PSA_ERROR_DOES_NOT_EXIST ); + if (!psa_key_id_is_builtin( + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(slot->attr.id))) { + return PSA_ERROR_DOES_NOT_EXIST; } /* Check the platform function to see whether this key actually exists */ status = mbedtls_psa_platform_get_builtin_key( - slot->attr.id, &lifetime, &slot_number ); - if( status != PSA_SUCCESS ) - return( status ); + slot->attr.id, &lifetime, &slot_number); + if (status != PSA_SUCCESS) { + return status; + } /* Set required key attributes to ensure get_builtin_key can retrieve the * full attributes. */ - psa_set_key_id( &attributes, slot->attr.id ); - psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_id(&attributes, slot->attr.id); + psa_set_key_lifetime(&attributes, lifetime); /* Get the full key attributes from the driver in order to be able to * calculate the required buffer size. */ status = psa_driver_wrapper_get_builtin_key( - slot_number, &attributes, - NULL, 0, NULL ); - if( status != PSA_ERROR_BUFFER_TOO_SMALL ) - { + slot_number, &attributes, + NULL, 0, NULL); + if (status != PSA_ERROR_BUFFER_TOO_SMALL) { /* Builtin keys cannot be defined by the attributes alone */ - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { status = PSA_ERROR_CORRUPTION_DETECTED; - return( status ); + } + return status; } /* If the key should exist according to the platform, then ask the driver * what its expected size is. */ - status = psa_driver_wrapper_get_key_buffer_size( &attributes, - &key_buffer_size ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_driver_wrapper_get_key_buffer_size(&attributes, + &key_buffer_size); + if (status != PSA_SUCCESS) { + return status; + } /* Allocate a buffer of the required size and load the builtin key directly * into the (now properly sized) slot buffer. */ - status = psa_allocate_buffer_to_slot( slot, key_buffer_size ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_allocate_buffer_to_slot(slot, key_buffer_size); + if (status != PSA_SUCCESS) { + return status; + } status = psa_driver_wrapper_get_builtin_key( - slot_number, &attributes, - slot->key.data, slot->key.bytes, &key_buffer_length ); - if( status != PSA_SUCCESS ) + slot_number, &attributes, + slot->key.data, slot->key.bytes, &key_buffer_length); + if (status != PSA_SUCCESS) { goto exit; + } /* Copy actual key length and core attributes into the slot on success */ slot->key.bytes = key_buffer_length; slot->attr = attributes.core; exit: - if( status != PSA_SUCCESS ) - psa_remove_key_data_from_memory( slot ); - return( status ); + if (status != PSA_SUCCESS) { + psa_remove_key_data_from_memory(slot); + } + return status; } #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ -psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, - psa_key_slot_t **p_slot ) +psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, + psa_key_slot_t **p_slot) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; *p_slot = NULL; - if( ! global_data.key_slots_initialized ) - return( PSA_ERROR_BAD_STATE ); + if (!global_data.key_slots_initialized) { + return PSA_ERROR_BAD_STATE; + } /* * On success, the pointer to the slot is passed directly to the caller * thus no need to unlock the key slot here. */ - status = psa_get_and_lock_key_slot_in_memory( key, p_slot ); - if( status != PSA_ERROR_DOES_NOT_EXIST ) - return( status ); + status = psa_get_and_lock_key_slot_in_memory(key, p_slot); + if (status != PSA_ERROR_DOES_NOT_EXIST) { + return status; + } /* Loading keys from storage requires support for such a mechanism */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || \ defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) psa_key_id_t volatile_key_id; - status = psa_get_empty_key_slot( &volatile_key_id, p_slot ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_empty_key_slot(&volatile_key_id, p_slot); + if (status != PSA_SUCCESS) { + return status; + } (*p_slot)->attr.id = key; (*p_slot)->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT; @@ -372,39 +373,40 @@ psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, status = PSA_ERROR_DOES_NOT_EXIST; #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) /* Load keys in the 'builtin' range through their own interface */ - status = psa_load_builtin_key_into_slot( *p_slot ); + status = psa_load_builtin_key_into_slot(*p_slot); #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( status == PSA_ERROR_DOES_NOT_EXIST ) - status = psa_load_persistent_key_into_slot( *p_slot ); + if (status == PSA_ERROR_DOES_NOT_EXIST) { + status = psa_load_persistent_key_into_slot(*p_slot); + } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ - if( status != PSA_SUCCESS ) - { - psa_wipe_key_slot( *p_slot ); - if( status == PSA_ERROR_DOES_NOT_EXIST ) + if (status != PSA_SUCCESS) { + psa_wipe_key_slot(*p_slot); + if (status == PSA_ERROR_DOES_NOT_EXIST) { status = PSA_ERROR_INVALID_HANDLE; - } - else + } + } else { /* Add implicit usage flags. */ - psa_extend_key_usage_flags( &(*p_slot)->attr.policy.usage ); + psa_extend_key_usage_flags(&(*p_slot)->attr.policy.usage); + } - return( status ); + return status; #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - return( PSA_ERROR_INVALID_HANDLE ); + return PSA_ERROR_INVALID_HANDLE; #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ } -psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) +psa_status_t psa_unlock_key_slot(psa_key_slot_t *slot) { - if( slot == NULL ) - return( PSA_SUCCESS ); + if (slot == NULL) { + return PSA_SUCCESS; + } - if( slot->lock_count > 0 ) - { + if (slot->lock_count > 0) { slot->lock_count--; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /* @@ -415,25 +417,24 @@ psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) * test suite execution). */ #ifdef MBEDTLS_CHECK_PARAMS - MBEDTLS_PARAM_FAILED( slot->lock_count > 0 ); + MBEDTLS_PARAM_FAILED(slot->lock_count > 0); #endif - return( PSA_ERROR_CORRUPTION_DETECTED ); + return PSA_ERROR_CORRUPTION_DETECTED; } -psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime, - psa_se_drv_table_entry_t **p_drv ) +psa_status_t psa_validate_key_location(psa_key_lifetime_t lifetime, + psa_se_drv_table_entry_t **p_drv) { - if ( psa_key_lifetime_is_external( lifetime ) ) - { + if (psa_key_lifetime_is_external(lifetime)) { #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Check whether a driver is registered against this lifetime */ - psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry( lifetime ); - if( driver != NULL ) - { - if (p_drv != NULL) + psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry(lifetime); + if (driver != NULL) { + if (p_drv != NULL) { *p_drv = driver; - return( PSA_SUCCESS ); + } + return PSA_SUCCESS; } #else /* MBEDTLS_PSA_CRYPTO_SE_C */ (void) p_drv; @@ -441,139 +442,138 @@ psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime, #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) /* Key location for external keys gets checked by the wrapper */ - return( PSA_SUCCESS ); + return PSA_SUCCESS; #else /* MBEDTLS_PSA_CRYPTO_DRIVERS */ /* No support for external lifetimes at all, or dynamic interface * did not find driver for requested lifetime. */ - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ - } - else + } else { /* Local/internal keys are always valid */ - return( PSA_SUCCESS ); + return PSA_SUCCESS; + } } -psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ) +psa_status_t psa_validate_key_persistence(psa_key_lifetime_t lifetime) { - if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { /* Volatile keys are always supported */ - return( PSA_SUCCESS ); - } - else - { + return PSA_SUCCESS; + } else { /* Persistent keys require storage support */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( PSA_KEY_LIFETIME_IS_READ_ONLY( lifetime ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - else - return( PSA_SUCCESS ); + if (PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime)) { + return PSA_ERROR_INVALID_ARGUMENT; + } else { + return PSA_SUCCESS; + } #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ } } -psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle ) +psa_status_t psa_open_key(mbedtls_svc_key_id_t key, psa_key_handle_t *handle) { #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || \ defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) psa_status_t status; psa_key_slot_t *slot; - status = psa_get_and_lock_key_slot( key, &slot ); - if( status != PSA_SUCCESS ) - { + status = psa_get_and_lock_key_slot(key, &slot); + if (status != PSA_SUCCESS) { *handle = PSA_KEY_HANDLE_INIT; - if( status == PSA_ERROR_INVALID_HANDLE ) + if (status == PSA_ERROR_INVALID_HANDLE) { status = PSA_ERROR_DOES_NOT_EXIST; + } - return( status ); + return status; } *handle = key; - return( psa_unlock_key_slot( slot ) ); + return psa_unlock_key_slot(slot); #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ (void) key; *handle = PSA_KEY_HANDLE_INIT; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ } -psa_status_t psa_close_key( psa_key_handle_t handle ) +psa_status_t psa_close_key(psa_key_handle_t handle) { psa_status_t status; psa_key_slot_t *slot; - if( psa_key_handle_is_null( handle ) ) - return( PSA_SUCCESS ); + if (psa_key_handle_is_null(handle)) { + return PSA_SUCCESS; + } - status = psa_get_and_lock_key_slot_in_memory( handle, &slot ); - if( status != PSA_SUCCESS ) - { - if( status == PSA_ERROR_DOES_NOT_EXIST ) + status = psa_get_and_lock_key_slot_in_memory(handle, &slot); + if (status != PSA_SUCCESS) { + if (status == PSA_ERROR_DOES_NOT_EXIST) { status = PSA_ERROR_INVALID_HANDLE; + } - return( status ); + return status; + } + if (slot->lock_count <= 1) { + return psa_wipe_key_slot(slot); + } else { + return psa_unlock_key_slot(slot); } - if( slot->lock_count <= 1 ) - return( psa_wipe_key_slot( slot ) ); - else - return( psa_unlock_key_slot( slot ) ); } -psa_status_t psa_purge_key( mbedtls_svc_key_id_t key ) +psa_status_t psa_purge_key(mbedtls_svc_key_id_t key) { psa_status_t status; psa_key_slot_t *slot; - status = psa_get_and_lock_key_slot_in_memory( key, &slot ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_and_lock_key_slot_in_memory(key, &slot); + if (status != PSA_SUCCESS) { + return status; + } - if( ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) && - ( slot->lock_count <= 1 ) ) - return( psa_wipe_key_slot( slot ) ); - else - return( psa_unlock_key_slot( slot ) ); + if ((!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) && + (slot->lock_count <= 1)) { + return psa_wipe_key_slot(slot); + } else { + return psa_unlock_key_slot(slot); + } } -void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) +void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats) { size_t slot_idx; - memset( stats, 0, sizeof( *stats ) ); + memset(stats, 0, sizeof(*stats)); - for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ ) - { - const psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; - if( psa_is_key_slot_locked( slot ) ) - { + for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) { + const psa_key_slot_t *slot = &global_data.key_slots[slot_idx]; + if (psa_is_key_slot_locked(slot)) { ++stats->locked_slots; } - if( ! psa_is_key_slot_occupied( slot ) ) - { + if (!psa_is_key_slot_occupied(slot)) { ++stats->empty_slots; continue; } - if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) + if (PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { ++stats->volatile_slots; - else - { - psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ); + } else { + psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(slot->attr.id); ++stats->persistent_slots; - if( id > stats->max_open_internal_key_id ) + if (id > stats->max_open_internal_key_id) { stats->max_open_internal_key_id = id; + } } - if( PSA_KEY_LIFETIME_GET_LOCATION( slot->attr.lifetime ) != - PSA_KEY_LOCATION_LOCAL_STORAGE ) - { - psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ); + if (PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime) != + PSA_KEY_LOCATION_LOCAL_STORAGE) { + psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(slot->attr.id); ++stats->external_slots; - if( id > stats->max_open_external_key_id ) + if (id > stats->max_open_external_key_id) { stats->max_open_external_key_id = id; + } } } } diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index d539bdd86613..ff8ccdeae515 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -35,8 +35,8 @@ /** The minimum value for a volatile key identifier. */ -#define PSA_KEY_ID_VOLATILE_MIN ( PSA_KEY_ID_VENDOR_MAX - \ - MBEDTLS_PSA_KEY_SLOT_COUNT + 1 ) +#define PSA_KEY_ID_VOLATILE_MIN (PSA_KEY_ID_VENDOR_MAX - \ + MBEDTLS_PSA_KEY_SLOT_COUNT + 1) /** The maximum value for a volatile key identifier. */ @@ -51,10 +51,10 @@ * \retval 0 * The key identifier is not a volatile key identifier. */ -static inline int psa_key_id_is_volatile( psa_key_id_t key_id ) +static inline int psa_key_id_is_volatile(psa_key_id_t key_id) { - return( ( key_id >= PSA_KEY_ID_VOLATILE_MIN ) && - ( key_id <= PSA_KEY_ID_VOLATILE_MAX ) ); + return (key_id >= PSA_KEY_ID_VOLATILE_MIN) && + (key_id <= PSA_KEY_ID_VOLATILE_MAX); } /** Get the description of a key given its identifier and lock it. @@ -92,20 +92,20 @@ static inline int psa_key_id_is_volatile( psa_key_id_t key_id ) * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_DATA_CORRUPT */ -psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, - psa_key_slot_t **p_slot ); +psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, + psa_key_slot_t **p_slot); /** Initialize the key slot structures. * * \retval #PSA_SUCCESS * Currently this function always succeeds. */ -psa_status_t psa_initialize_key_slots( void ); +psa_status_t psa_initialize_key_slots(void); /** Delete all data from key slots in memory. * * This does not affect persistent storage. */ -void psa_wipe_all_key_slots( void ); +void psa_wipe_all_key_slots(void); /** Find a free key slot. * @@ -122,8 +122,8 @@ void psa_wipe_all_key_slots( void ); * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BAD_STATE */ -psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, - psa_key_slot_t **p_slot ); +psa_status_t psa_get_empty_key_slot(psa_key_id_t *volatile_key_id, + psa_key_slot_t **p_slot); /** Lock a key slot. * @@ -137,14 +137,15 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, * The lock counter already reached its maximum value and was not * increased. */ -static inline psa_status_t psa_lock_key_slot( psa_key_slot_t *slot ) +static inline psa_status_t psa_lock_key_slot(psa_key_slot_t *slot) { - if( slot->lock_count >= SIZE_MAX ) - return( PSA_ERROR_CORRUPTION_DETECTED ); + if (slot->lock_count >= SIZE_MAX) { + return PSA_ERROR_CORRUPTION_DETECTED; + } slot->lock_count++; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** Unlock a key slot. @@ -163,7 +164,7 @@ static inline psa_status_t psa_lock_key_slot( psa_key_slot_t *slot ) * The lock counter was equal to 0. * */ -psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ); +psa_status_t psa_unlock_key_slot(psa_key_slot_t *slot); /** Test whether a lifetime designates a key in an external cryptoprocessor. * @@ -177,10 +178,10 @@ psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ); * The lifetime designates a key that is volatile or in internal * storage. */ -static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime ) +static inline int psa_key_lifetime_is_external(psa_key_lifetime_t lifetime) { - return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) - != PSA_KEY_LOCATION_LOCAL_STORAGE ); + return PSA_KEY_LIFETIME_GET_LOCATION(lifetime) + != PSA_KEY_LOCATION_LOCAL_STORAGE; } /** Validate a key's location. @@ -197,8 +198,8 @@ static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime ) * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_ARGUMENT */ -psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime, - psa_se_drv_table_entry_t **p_drv ); +psa_status_t psa_validate_key_location(psa_key_lifetime_t lifetime, + psa_se_drv_table_entry_t **p_drv); /** Validate the persistence of a key. * @@ -208,7 +209,7 @@ psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime, * \retval #PSA_ERROR_NOT_SUPPORTED The key is persistent but persistent keys * are not supported. */ -psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ); +psa_status_t psa_validate_key_persistence(psa_key_lifetime_t lifetime); /** Validate a key identifier. * @@ -219,6 +220,6 @@ psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ); * * \retval <> 0 if the key identifier is valid, 0 otherwise. */ -int psa_is_valid_key_id( mbedtls_svc_key_id_t key, int vendor_ok ); +int psa_is_valid_key_id(mbedtls_svc_key_id_t key, int vendor_ok); #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */ diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 24bfdae127be..037a32611ba0 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -47,22 +47,22 @@ * other than storing a key. Currently, the only such file is the random seed * file whose name is PSA_CRYPTO_ITS_RANDOM_SEED_UID and whose value is * 0xFFFFFF52. */ -static psa_storage_uid_t psa_its_identifier_of_slot( mbedtls_svc_key_id_t key ) +static psa_storage_uid_t psa_its_identifier_of_slot(mbedtls_svc_key_id_t key) { #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) /* Encode the owner in the upper 32 bits. This means that if * owner values are nonzero (as they are on a PSA platform), * no key file will ever have a value less than 0x100000000, so * the whole range 0..0xffffffff is available for non-key files. */ - uint32_t unsigned_owner_id = MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( key ); - return( ( (uint64_t) unsigned_owner_id << 32 ) | - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) ); + uint32_t unsigned_owner_id = MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key); + return ((uint64_t) unsigned_owner_id << 32) | + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key); #else /* Use the key id directly as a file name. * psa_is_key_id_valid() in psa_crypto_slot_management.c * is responsible for ensuring that key identifiers do not have a * value that is reserved for non-key files. */ - return( key ); + return key; #endif } @@ -84,35 +84,38 @@ static psa_storage_uid_t psa_its_identifier_of_slot( mbedtls_svc_key_id_t key ) * \retval #PSA_ERROR_DOES_NOT_EXIST */ static psa_status_t psa_crypto_storage_load( - const mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size ) + const mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size) { psa_status_t status; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key); struct psa_storage_info_t data_identifier_info; size_t data_length = 0; - status = psa_its_get_info( data_identifier, &data_identifier_info ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_its_get_info(data_identifier, &data_identifier_info); + if (status != PSA_SUCCESS) { + return status; + } - status = psa_its_get( data_identifier, 0, (uint32_t) data_size, data, &data_length ); - if( data_size != data_length ) - return( PSA_ERROR_DATA_INVALID ); + status = psa_its_get(data_identifier, 0, (uint32_t) data_size, data, &data_length); + if (data_size != data_length) { + return PSA_ERROR_DATA_INVALID; + } - return( status ); + return status; } -int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key ) +int psa_is_key_present_in_storage(const mbedtls_svc_key_id_t key) { psa_status_t ret; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key); struct psa_storage_info_t data_identifier_info; - ret = psa_its_get_info( data_identifier, &data_identifier_info ); + ret = psa_its_get_info(data_identifier, &data_identifier_info); - if( ret == PSA_ERROR_DOES_NOT_EXIST ) - return( 0 ); - return( 1 ); + if (ret == PSA_ERROR_DOES_NOT_EXIST) { + return 0; + } + return 1; } /** @@ -132,65 +135,65 @@ int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key ) * \retval #PSA_ERROR_STORAGE_FAILURE * \retval #PSA_ERROR_DATA_INVALID */ -static psa_status_t psa_crypto_storage_store( const mbedtls_svc_key_id_t key, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_crypto_storage_store(const mbedtls_svc_key_id_t key, + const uint8_t *data, + size_t data_length) { psa_status_t status; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key); struct psa_storage_info_t data_identifier_info; - if( psa_is_key_present_in_storage( key ) == 1 ) - return( PSA_ERROR_ALREADY_EXISTS ); + if (psa_is_key_present_in_storage(key) == 1) { + return PSA_ERROR_ALREADY_EXISTS; + } - status = psa_its_set( data_identifier, (uint32_t) data_length, data, 0 ); - if( status != PSA_SUCCESS ) - { - return( PSA_ERROR_DATA_INVALID ); + status = psa_its_set(data_identifier, (uint32_t) data_length, data, 0); + if (status != PSA_SUCCESS) { + return PSA_ERROR_DATA_INVALID; } - status = psa_its_get_info( data_identifier, &data_identifier_info ); - if( status != PSA_SUCCESS ) - { + status = psa_its_get_info(data_identifier, &data_identifier_info); + if (status != PSA_SUCCESS) { goto exit; } - if( data_identifier_info.size != data_length ) - { + if (data_identifier_info.size != data_length) { status = PSA_ERROR_DATA_INVALID; goto exit; } exit: - if( status != PSA_SUCCESS ) - { + if (status != PSA_SUCCESS) { /* Remove the file in case we managed to create it but something * went wrong. It's ok if the file doesn't exist. If the file exists * but the removal fails, we're already reporting an error so there's * nothing else we can do. */ - (void) psa_its_remove( data_identifier ); + (void) psa_its_remove(data_identifier); } - return( status ); + return status; } -psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key ) +psa_status_t psa_destroy_persistent_key(const mbedtls_svc_key_id_t key) { psa_status_t ret; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key); struct psa_storage_info_t data_identifier_info; - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret == PSA_ERROR_DOES_NOT_EXIST ) - return( PSA_SUCCESS ); + ret = psa_its_get_info(data_identifier, &data_identifier_info); + if (ret == PSA_ERROR_DOES_NOT_EXIST) { + return PSA_SUCCESS; + } - if( psa_its_remove( data_identifier ) != PSA_SUCCESS ) - return( PSA_ERROR_DATA_INVALID ); + if (psa_its_remove(data_identifier) != PSA_SUCCESS) { + return PSA_ERROR_DATA_INVALID; + } - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret != PSA_ERROR_DOES_NOT_EXIST ) - return( PSA_ERROR_DATA_INVALID ); + ret = psa_its_get_info(data_identifier, &data_identifier_info); + if (ret != PSA_ERROR_DOES_NOT_EXIST) { + return PSA_ERROR_DATA_INVALID; + } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** @@ -207,189 +210,200 @@ psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key ) */ static psa_status_t psa_crypto_storage_get_data_length( const mbedtls_svc_key_id_t key, - size_t *data_length ) + size_t *data_length) { psa_status_t status; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key); struct psa_storage_info_t data_identifier_info; - status = psa_its_get_info( data_identifier, &data_identifier_info ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_its_get_info(data_identifier, &data_identifier_info); + if (status != PSA_SUCCESS) { + return status; + } *data_length = (size_t) data_identifier_info.size; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** * Persistent key storage magic header. */ #define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY" -#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ( sizeof( PSA_KEY_STORAGE_MAGIC_HEADER ) ) +#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH (sizeof(PSA_KEY_STORAGE_MAGIC_HEADER)) typedef struct { uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH]; uint8_t version[4]; - uint8_t lifetime[sizeof( psa_key_lifetime_t )]; + uint8_t lifetime[sizeof(psa_key_lifetime_t)]; uint8_t type[2]; uint8_t bits[2]; - uint8_t policy[sizeof( psa_key_policy_t )]; + uint8_t policy[sizeof(psa_key_policy_t)]; uint8_t data_len[4]; uint8_t key_data[]; } psa_persistent_key_storage_format; -void psa_format_key_data_for_storage( const uint8_t *data, - const size_t data_length, - const psa_core_key_attributes_t *attr, - uint8_t *storage_data ) +void psa_format_key_data_for_storage(const uint8_t *data, + const size_t data_length, + const psa_core_key_attributes_t *attr, + uint8_t *storage_data) { psa_persistent_key_storage_format *storage_format = (psa_persistent_key_storage_format *) storage_data; - memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); - MBEDTLS_PUT_UINT32_LE( 0, storage_format->version, 0 ); - MBEDTLS_PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - MBEDTLS_PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 ); - MBEDTLS_PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 ); - MBEDTLS_PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); - MBEDTLS_PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); - MBEDTLS_PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); - MBEDTLS_PUT_UINT32_LE( data_length, storage_format->data_len, 0 ); - memcpy( storage_format->key_data, data, data_length ); + memcpy(storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, + PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH); + MBEDTLS_PUT_UINT32_LE(0, storage_format->version, 0); + MBEDTLS_PUT_UINT32_LE(attr->lifetime, storage_format->lifetime, 0); + MBEDTLS_PUT_UINT16_LE((uint16_t) attr->type, storage_format->type, 0); + MBEDTLS_PUT_UINT16_LE((uint16_t) attr->bits, storage_format->bits, 0); + MBEDTLS_PUT_UINT32_LE(attr->policy.usage, storage_format->policy, 0); + MBEDTLS_PUT_UINT32_LE(attr->policy.alg, storage_format->policy, sizeof(uint32_t)); + MBEDTLS_PUT_UINT32_LE(attr->policy.alg2, storage_format->policy, 2 * sizeof(uint32_t)); + MBEDTLS_PUT_UINT32_LE(data_length, storage_format->data_len, 0); + memcpy(storage_format->key_data, data, data_length); } -static psa_status_t check_magic_header( const uint8_t *data ) +static psa_status_t check_magic_header(const uint8_t *data) { - if( memcmp( data, PSA_KEY_STORAGE_MAGIC_HEADER, - PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ) != 0 ) - return( PSA_ERROR_DATA_INVALID ); - return( PSA_SUCCESS ); + if (memcmp(data, PSA_KEY_STORAGE_MAGIC_HEADER, + PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH) != 0) { + return PSA_ERROR_DATA_INVALID; + } + return PSA_SUCCESS; } -psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, - size_t storage_data_length, - uint8_t **key_data, - size_t *key_data_length, - psa_core_key_attributes_t *attr ) +psa_status_t psa_parse_key_data_from_storage(const uint8_t *storage_data, + size_t storage_data_length, + uint8_t **key_data, + size_t *key_data_length, + psa_core_key_attributes_t *attr) { psa_status_t status; const psa_persistent_key_storage_format *storage_format = - (const psa_persistent_key_storage_format *)storage_data; + (const psa_persistent_key_storage_format *) storage_data; uint32_t version; - if( storage_data_length < sizeof(*storage_format) ) - return( PSA_ERROR_DATA_INVALID ); + if (storage_data_length < sizeof(*storage_format)) { + return PSA_ERROR_DATA_INVALID; + } - status = check_magic_header( storage_data ); - if( status != PSA_SUCCESS ) - return( status ); + status = check_magic_header(storage_data); + if (status != PSA_SUCCESS) { + return status; + } - version = MBEDTLS_GET_UINT32_LE( storage_format->version, 0 ); - if( version != 0 ) - return( PSA_ERROR_DATA_INVALID ); + version = MBEDTLS_GET_UINT32_LE(storage_format->version, 0); + if (version != 0) { + return PSA_ERROR_DATA_INVALID; + } - *key_data_length = MBEDTLS_GET_UINT32_LE( storage_format->data_len, 0 ); - if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) || - *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) - return( PSA_ERROR_DATA_INVALID ); + *key_data_length = MBEDTLS_GET_UINT32_LE(storage_format->data_len, 0); + if (*key_data_length > (storage_data_length - sizeof(*storage_format)) || + *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE) { + return PSA_ERROR_DATA_INVALID; + } - if( *key_data_length == 0 ) - { + if (*key_data_length == 0) { *key_data = NULL; - } - else - { - *key_data = mbedtls_calloc( 1, *key_data_length ); - if( *key_data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( *key_data, storage_format->key_data, *key_data_length ); + } else { + *key_data = mbedtls_calloc(1, *key_data_length); + if (*key_data == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } + memcpy(*key_data, storage_format->key_data, *key_data_length); } - attr->lifetime = MBEDTLS_GET_UINT32_LE( storage_format->lifetime, 0 ); - attr->type = MBEDTLS_GET_UINT16_LE( storage_format->type, 0 ); - attr->bits = MBEDTLS_GET_UINT16_LE( storage_format->bits, 0 ); - attr->policy.usage = MBEDTLS_GET_UINT32_LE( storage_format->policy, 0 ); - attr->policy.alg = MBEDTLS_GET_UINT32_LE( storage_format->policy, sizeof( uint32_t ) ); - attr->policy.alg2 = MBEDTLS_GET_UINT32_LE( storage_format->policy, 2 * sizeof( uint32_t ) ); + attr->lifetime = MBEDTLS_GET_UINT32_LE(storage_format->lifetime, 0); + attr->type = MBEDTLS_GET_UINT16_LE(storage_format->type, 0); + attr->bits = MBEDTLS_GET_UINT16_LE(storage_format->bits, 0); + attr->policy.usage = MBEDTLS_GET_UINT32_LE(storage_format->policy, 0); + attr->policy.alg = MBEDTLS_GET_UINT32_LE(storage_format->policy, sizeof(uint32_t)); + attr->policy.alg2 = MBEDTLS_GET_UINT32_LE(storage_format->policy, 2 * sizeof(uint32_t)); - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr, - const uint8_t *data, - const size_t data_length ) +psa_status_t psa_save_persistent_key(const psa_core_key_attributes_t *attr, + const uint8_t *data, + const size_t data_length) { size_t storage_data_length; uint8_t *storage_data; psa_status_t status; /* All keys saved to persistent storage always have a key context */ - if( data == NULL || data_length == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (data == NULL || data_length == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } - if( data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) - return( PSA_ERROR_INSUFFICIENT_STORAGE ); - storage_data_length = data_length + sizeof( psa_persistent_key_storage_format ); + if (data_length > PSA_CRYPTO_MAX_STORAGE_SIZE) { + return PSA_ERROR_INSUFFICIENT_STORAGE; + } + storage_data_length = data_length + sizeof(psa_persistent_key_storage_format); - storage_data = mbedtls_calloc( 1, storage_data_length ); - if( storage_data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + storage_data = mbedtls_calloc(1, storage_data_length); + if (storage_data == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } - psa_format_key_data_for_storage( data, data_length, attr, storage_data ); + psa_format_key_data_for_storage(data, data_length, attr, storage_data); - status = psa_crypto_storage_store( attr->id, - storage_data, storage_data_length ); + status = psa_crypto_storage_store(attr->id, + storage_data, storage_data_length); - mbedtls_platform_zeroize( storage_data, storage_data_length ); - mbedtls_free( storage_data ); + mbedtls_platform_zeroize(storage_data, storage_data_length); + mbedtls_free(storage_data); - return( status ); + return status; } -void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ) +void psa_free_persistent_key_data(uint8_t *key_data, size_t key_data_length) { - if( key_data != NULL ) - { - mbedtls_platform_zeroize( key_data, key_data_length ); + if (key_data != NULL) { + mbedtls_platform_zeroize(key_data, key_data_length); } - mbedtls_free( key_data ); + mbedtls_free(key_data); } -psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, - uint8_t **data, - size_t *data_length ) +psa_status_t psa_load_persistent_key(psa_core_key_attributes_t *attr, + uint8_t **data, + size_t *data_length) { psa_status_t status = PSA_SUCCESS; uint8_t *loaded_data; size_t storage_data_length = 0; mbedtls_svc_key_id_t key = attr->id; - status = psa_crypto_storage_get_data_length( key, &storage_data_length ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_crypto_storage_get_data_length(key, &storage_data_length); + if (status != PSA_SUCCESS) { + return status; + } - loaded_data = mbedtls_calloc( 1, storage_data_length ); + loaded_data = mbedtls_calloc(1, storage_data_length); - if( loaded_data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if (loaded_data == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } - status = psa_crypto_storage_load( key, loaded_data, storage_data_length ); - if( status != PSA_SUCCESS ) + status = psa_crypto_storage_load(key, loaded_data, storage_data_length); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_parse_key_data_from_storage( loaded_data, storage_data_length, - data, data_length, attr ); + status = psa_parse_key_data_from_storage(loaded_data, storage_data_length, + data, data_length, attr); /* All keys saved to persistent storage always have a key context */ - if( status == PSA_SUCCESS && - ( *data == NULL || *data_length == 0 ) ) + if (status == PSA_SUCCESS && + (*data == NULL || *data_length == 0)) { status = PSA_ERROR_STORAGE_FAILURE; + } exit: - mbedtls_platform_zeroize( loaded_data, storage_data_length ); - mbedtls_free( loaded_data ); - return( status ); + mbedtls_platform_zeroize(loaded_data, storage_data_length); + mbedtls_free(loaded_data); + return status; } @@ -402,47 +416,48 @@ psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, psa_crypto_transaction_t psa_crypto_transaction; -psa_status_t psa_crypto_save_transaction( void ) +psa_status_t psa_crypto_save_transaction(void) { struct psa_storage_info_t p_info; psa_status_t status; - status = psa_its_get_info( PSA_CRYPTO_ITS_TRANSACTION_UID, &p_info ); - if( status == PSA_SUCCESS ) - { + status = psa_its_get_info(PSA_CRYPTO_ITS_TRANSACTION_UID, &p_info); + if (status == PSA_SUCCESS) { /* This shouldn't happen: we're trying to start a transaction while * there is still a transaction that hasn't been replayed. */ - return( PSA_ERROR_CORRUPTION_DETECTED ); + return PSA_ERROR_CORRUPTION_DETECTED; + } else if (status != PSA_ERROR_DOES_NOT_EXIST) { + return status; } - else if( status != PSA_ERROR_DOES_NOT_EXIST ) - return( status ); - return( psa_its_set( PSA_CRYPTO_ITS_TRANSACTION_UID, - sizeof( psa_crypto_transaction ), - &psa_crypto_transaction, - 0 ) ); + return psa_its_set(PSA_CRYPTO_ITS_TRANSACTION_UID, + sizeof(psa_crypto_transaction), + &psa_crypto_transaction, + 0); } -psa_status_t psa_crypto_load_transaction( void ) +psa_status_t psa_crypto_load_transaction(void) { psa_status_t status; size_t length; - status = psa_its_get( PSA_CRYPTO_ITS_TRANSACTION_UID, 0, - sizeof( psa_crypto_transaction ), - &psa_crypto_transaction, &length ); - if( status != PSA_SUCCESS ) - return( status ); - if( length != sizeof( psa_crypto_transaction ) ) - return( PSA_ERROR_DATA_INVALID ); - return( PSA_SUCCESS ); + status = psa_its_get(PSA_CRYPTO_ITS_TRANSACTION_UID, 0, + sizeof(psa_crypto_transaction), + &psa_crypto_transaction, &length); + if (status != PSA_SUCCESS) { + return status; + } + if (length != sizeof(psa_crypto_transaction)) { + return PSA_ERROR_DATA_INVALID; + } + return PSA_SUCCESS; } -psa_status_t psa_crypto_stop_transaction( void ) +psa_status_t psa_crypto_stop_transaction(void) { - psa_status_t status = psa_its_remove( PSA_CRYPTO_ITS_TRANSACTION_UID ); + psa_status_t status = psa_its_remove(PSA_CRYPTO_ITS_TRANSACTION_UID); /* Whether or not updating the storage succeeded, the transaction is * finished now. It's too late to go back, so zero out the in-memory * data. */ - memset( &psa_crypto_transaction, 0, sizeof( psa_crypto_transaction ) ); - return( status ); + memset(&psa_crypto_transaction, 0, sizeof(psa_crypto_transaction)); + return status; } #endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */ @@ -454,24 +469,21 @@ psa_status_t psa_crypto_stop_transaction( void ) /****************************************************************/ #if defined(MBEDTLS_PSA_INJECT_ENTROPY) -psa_status_t mbedtls_psa_storage_inject_entropy( const unsigned char *seed, - size_t seed_size ) +psa_status_t mbedtls_psa_storage_inject_entropy(const unsigned char *seed, + size_t seed_size) { psa_status_t status; struct psa_storage_info_t p_info; - status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); + status = psa_its_get_info(PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info); - if( PSA_ERROR_DOES_NOT_EXIST == status ) /* No seed exists */ - { - status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 ); - } - else if( PSA_SUCCESS == status ) - { + if (PSA_ERROR_DOES_NOT_EXIST == status) { /* No seed exists */ + status = psa_its_set(PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0); + } else if (PSA_SUCCESS == status) { /* You should not be here. Seed needs to be injected only once */ status = PSA_ERROR_NOT_PERMITTED; } - return( status ); + return status; } #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 970e1083a703..8e108c56844b 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -35,7 +35,7 @@ extern "C" { /* Limit the maximum key size in storage. This should have no effect * since the key size is limited in memory. */ -#define PSA_CRYPTO_MAX_STORAGE_SIZE ( PSA_BITS_TO_BYTES( PSA_MAX_KEY_BITS ) ) +#define PSA_CRYPTO_MAX_STORAGE_SIZE (PSA_BITS_TO_BYTES(PSA_MAX_KEY_BITS)) /* Sanity check: a file size must fit in 32 bits. Allow a generous * 64kB of metadata. */ #if PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000 @@ -72,7 +72,7 @@ extern "C" { * \retval 1 * Persistent data present for slot number */ -int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key ); +int psa_is_key_present_in_storage(const mbedtls_svc_key_id_t key); /** * \brief Format key data and metadata and save to a location for given key @@ -105,9 +105,9 @@ int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key ); * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_DATA_CORRUPT */ -psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr, - const uint8_t *data, - const size_t data_length ); +psa_status_t psa_save_persistent_key(const psa_core_key_attributes_t *attr, + const uint8_t *data, + const size_t data_length); /** * \brief Parses key data and metadata and load persistent key for given @@ -135,9 +135,9 @@ psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr, * \retval #PSA_ERROR_DATA_CORRUPT * \retval #PSA_ERROR_DOES_NOT_EXIST */ -psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, - uint8_t **data, - size_t *data_length ); +psa_status_t psa_load_persistent_key(psa_core_key_attributes_t *attr, + uint8_t **data, + size_t *data_length); /** * \brief Remove persistent data for the given key slot number. @@ -150,7 +150,7 @@ psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, * or the key did not exist. * \retval #PSA_ERROR_DATA_INVALID */ -psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key ); +psa_status_t psa_destroy_persistent_key(const mbedtls_svc_key_id_t key); /** * \brief Free the temporary buffer allocated by psa_load_persistent_key(). @@ -162,7 +162,7 @@ psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key ); * \param key_data_length Size of the key data buffer. * */ -void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ); +void psa_free_persistent_key_data(uint8_t *key_data, size_t key_data_length); /** * \brief Formats key data and metadata for persistent storage @@ -173,10 +173,10 @@ void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ); * \param[out] storage_data Output buffer for the formatted data. * */ -void psa_format_key_data_for_storage( const uint8_t *data, - const size_t data_length, - const psa_core_key_attributes_t *attr, - uint8_t *storage_data ); +void psa_format_key_data_for_storage(const uint8_t *data, + const size_t data_length, + const psa_core_key_attributes_t *attr, + uint8_t *storage_data); /** * \brief Parses persistent storage data into key data and metadata @@ -194,11 +194,11 @@ void psa_format_key_data_for_storage( const uint8_t *data, * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_DATA_INVALID */ -psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, - size_t storage_data_length, - uint8_t **key_data, - size_t *key_data_length, - psa_core_key_attributes_t *attr ); +psa_status_t psa_parse_key_data_from_storage(const uint8_t *storage_data, + size_t storage_data_length, + uint8_t **key_data, + size_t *key_data_length, + psa_core_key_attributes_t *attr); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /** This symbol is defined if transaction support is required. */ @@ -220,7 +220,7 @@ typedef uint16_t psa_crypto_transaction_type_t; * This has the value 0, so zero-initialization sets a transaction's type to * this value. */ -#define PSA_CRYPTO_TRANSACTION_NONE ( (psa_crypto_transaction_type_t) 0x0000 ) +#define PSA_CRYPTO_TRANSACTION_NONE ((psa_crypto_transaction_type_t) 0x0000) /** A key creation transaction. * @@ -228,7 +228,7 @@ typedef uint16_t psa_crypto_transaction_type_t; * Keys in RAM or in internal storage are created atomically in storage * (simple file creation), so they do not need a transaction mechanism. */ -#define PSA_CRYPTO_TRANSACTION_CREATE_KEY ( (psa_crypto_transaction_type_t) 0x0001 ) +#define PSA_CRYPTO_TRANSACTION_CREATE_KEY ((psa_crypto_transaction_type_t) 0x0001) /** A key destruction transaction. * @@ -236,7 +236,7 @@ typedef uint16_t psa_crypto_transaction_type_t; * Keys in RAM or in internal storage are destroyed atomically in storage * (simple file deletion), so they do not need a transaction mechanism. */ -#define PSA_CRYPTO_TRANSACTION_DESTROY_KEY ( (psa_crypto_transaction_type_t) 0x0002 ) +#define PSA_CRYPTO_TRANSACTION_DESTROY_KEY ((psa_crypto_transaction_type_t) 0x0002) /** Transaction data. * @@ -274,8 +274,7 @@ typedef uint16_t psa_crypto_transaction_type_t; * in psa_crypto.c. If you add a new type of transaction, be * sure to add code for it in psa_crypto_recover_transaction(). */ -typedef union -{ +typedef union { /* Each element of this union must have the following properties * to facilitate serialization and deserialization: * @@ -284,8 +283,7 @@ typedef union * - Elements of the struct are arranged such a way that there is * no padding. */ - struct psa_crypto_transaction_unknown_s - { + struct psa_crypto_transaction_unknown_s { psa_crypto_transaction_type_t type; uint16_t unused1; uint32_t unused2; @@ -294,8 +292,7 @@ typedef union } unknown; /* ::type is #PSA_CRYPTO_TRANSACTION_CREATE_KEY or * #PSA_CRYPTO_TRANSACTION_DESTROY_KEY. */ - struct psa_crypto_transaction_key_s - { + struct psa_crypto_transaction_key_s { psa_crypto_transaction_type_t type; uint16_t unused1; psa_key_lifetime_t lifetime; @@ -315,7 +312,7 @@ extern psa_crypto_transaction_t psa_crypto_transaction; * \param type The type of transaction to start. */ static inline void psa_crypto_prepare_transaction( - psa_crypto_transaction_type_t type ) + psa_crypto_transaction_type_t type) { psa_crypto_transaction.unknown.type = type; } @@ -330,7 +327,7 @@ static inline void psa_crypto_prepare_transaction( * \retval #PSA_ERROR_INSUFFICIENT_STORAGE * \retval #PSA_ERROR_STORAGE_FAILURE */ -psa_status_t psa_crypto_save_transaction( void ); +psa_status_t psa_crypto_save_transaction(void); /** Load the transaction data from storage, if any. * @@ -346,7 +343,7 @@ psa_status_t psa_crypto_save_transaction( void ); * \retval #PSA_ERROR_DATA_INVALID * \retval #PSA_ERROR_DATA_CORRUPT */ -psa_status_t psa_crypto_load_transaction( void ); +psa_status_t psa_crypto_load_transaction(void); /** Indicate that the current transaction is finished. * @@ -366,13 +363,13 @@ psa_status_t psa_crypto_load_transaction( void ); * It was impossible to determine whether there was transaction data * in storage, or the transaction data could not be erased. */ -psa_status_t psa_crypto_stop_transaction( void ); +psa_status_t psa_crypto_stop_transaction(void); /** The ITS file identifier for the transaction data. * * 0xffffffNN = special file; 0x74 = 't' for transaction. */ -#define PSA_CRYPTO_ITS_TRANSACTION_UID ( (psa_key_id_t) 0xffffff74 ) +#define PSA_CRYPTO_ITS_TRANSACTION_UID ((psa_key_id_t) 0xffffff74) #endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */ @@ -388,8 +385,8 @@ psa_status_t psa_crypto_stop_transaction( void ); * \retval #PSA_ERROR_NOT_PERMITTED * The entropy seed file already exists. */ -psa_status_t mbedtls_psa_storage_inject_entropy( const unsigned char *seed, - size_t seed_size ); +psa_status_t mbedtls_psa_storage_inject_entropy(const unsigned char *seed, + size_t seed_size); #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ #ifdef __cplusplus diff --git a/library/psa_its_file.c b/library/psa_its_file.c index ddd9fa977d88..be3c2d58a3fb 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -42,10 +42,10 @@ #define PSA_ITS_STORAGE_FILENAME_PATTERN "%08x%08x" #define PSA_ITS_STORAGE_SUFFIX ".psa_its" #define PSA_ITS_STORAGE_FILENAME_LENGTH \ - ( sizeof( PSA_ITS_STORAGE_PREFIX ) - 1 + /*prefix without terminating 0*/ \ - 16 + /*UID (64-bit number in hex)*/ \ - sizeof( PSA_ITS_STORAGE_SUFFIX ) - 1 + /*suffix without terminating 0*/ \ - 1 /*terminating null byte*/ ) + (sizeof(PSA_ITS_STORAGE_PREFIX) - 1 + /*prefix without terminating 0*/ \ + 16 + /*UID (64-bit number in hex)*/ \ + sizeof(PSA_ITS_STORAGE_SUFFIX) - 1 + /*suffix without terminating 0*/ \ + 1 /*terminating null byte*/) #define PSA_ITS_STORAGE_TEMP \ PSA_ITS_STORAGE_PREFIX "tempfile" PSA_ITS_STORAGE_SUFFIX @@ -59,130 +59,140 @@ * use MoveFileExA with the MOVEFILE_REPLACE_EXISTING flag instead. * Returns 0 on success, nonzero on failure. */ #if defined(_WIN32) -#define rename_replace_existing( oldpath, newpath ) \ - ( ! MoveFileExA( oldpath, newpath, MOVEFILE_REPLACE_EXISTING ) ) +#define rename_replace_existing(oldpath, newpath) \ + (!MoveFileExA(oldpath, newpath, MOVEFILE_REPLACE_EXISTING)) #else -#define rename_replace_existing( oldpath, newpath ) rename( oldpath, newpath ) +#define rename_replace_existing(oldpath, newpath) rename(oldpath, newpath) #endif -typedef struct -{ +typedef struct { uint8_t magic[PSA_ITS_MAGIC_LENGTH]; - uint8_t size[sizeof( uint32_t )]; - uint8_t flags[sizeof( psa_storage_create_flags_t )]; + uint8_t size[sizeof(uint32_t)]; + uint8_t flags[sizeof(psa_storage_create_flags_t)]; } psa_its_file_header_t; -static void psa_its_fill_filename( psa_storage_uid_t uid, char *filename ) +static void psa_its_fill_filename(psa_storage_uid_t uid, char *filename) { /* Break up the UID into two 32-bit pieces so as not to rely on * long long support in snprintf. */ - mbedtls_snprintf( filename, PSA_ITS_STORAGE_FILENAME_LENGTH, - "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s", - PSA_ITS_STORAGE_PREFIX, - (unsigned) ( uid >> 32 ), - (unsigned) ( uid & 0xffffffff ), - PSA_ITS_STORAGE_SUFFIX ); + mbedtls_snprintf(filename, PSA_ITS_STORAGE_FILENAME_LENGTH, + "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s", + PSA_ITS_STORAGE_PREFIX, + (unsigned) (uid >> 32), + (unsigned) (uid & 0xffffffff), + PSA_ITS_STORAGE_SUFFIX); } -static psa_status_t psa_its_read_file( psa_storage_uid_t uid, - struct psa_storage_info_t *p_info, - FILE **p_stream ) +static psa_status_t psa_its_read_file(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info, + FILE **p_stream) { char filename[PSA_ITS_STORAGE_FILENAME_LENGTH]; psa_its_file_header_t header; size_t n; *p_stream = NULL; - psa_its_fill_filename( uid, filename ); - *p_stream = fopen( filename, "rb" ); - if( *p_stream == NULL ) - return( PSA_ERROR_DOES_NOT_EXIST ); - - n = fread( &header, 1, sizeof( header ), *p_stream ); - if( n != sizeof( header ) ) - return( PSA_ERROR_DATA_CORRUPT ); - if( memcmp( header.magic, PSA_ITS_MAGIC_STRING, - PSA_ITS_MAGIC_LENGTH ) != 0 ) - return( PSA_ERROR_DATA_CORRUPT ); - - p_info->size = ( header.size[0] | - header.size[1] << 8 | - header.size[2] << 16 | - header.size[3] << 24 ); - p_info->flags = ( header.flags[0] | - header.flags[1] << 8 | - header.flags[2] << 16 | - header.flags[3] << 24 ); - return( PSA_SUCCESS ); + psa_its_fill_filename(uid, filename); + *p_stream = fopen(filename, "rb"); + if (*p_stream == NULL) { + return PSA_ERROR_DOES_NOT_EXIST; + } + + n = fread(&header, 1, sizeof(header), *p_stream); + if (n != sizeof(header)) { + return PSA_ERROR_DATA_CORRUPT; + } + if (memcmp(header.magic, PSA_ITS_MAGIC_STRING, + PSA_ITS_MAGIC_LENGTH) != 0) { + return PSA_ERROR_DATA_CORRUPT; + } + + p_info->size = (header.size[0] | + header.size[1] << 8 | + header.size[2] << 16 | + header.size[3] << 24); + p_info->flags = (header.flags[0] | + header.flags[1] << 8 | + header.flags[2] << 16 | + header.flags[3] << 24); + return PSA_SUCCESS; } -psa_status_t psa_its_get_info( psa_storage_uid_t uid, - struct psa_storage_info_t *p_info ) +psa_status_t psa_its_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info) { psa_status_t status; FILE *stream = NULL; - status = psa_its_read_file( uid, p_info, &stream ); - if( stream != NULL ) - fclose( stream ); - return( status ); + status = psa_its_read_file(uid, p_info, &stream); + if (stream != NULL) { + fclose(stream); + } + return status; } -psa_status_t psa_its_get( psa_storage_uid_t uid, - uint32_t data_offset, - uint32_t data_length, - void *p_data, - size_t *p_data_length ) +psa_status_t psa_its_get(psa_storage_uid_t uid, + uint32_t data_offset, + uint32_t data_length, + void *p_data, + size_t *p_data_length) { psa_status_t status; FILE *stream = NULL; size_t n; struct psa_storage_info_t info; - status = psa_its_read_file( uid, &info, &stream ); - if( status != PSA_SUCCESS ) + status = psa_its_read_file(uid, &info, &stream); + if (status != PSA_SUCCESS) { goto exit; + } status = PSA_ERROR_INVALID_ARGUMENT; - if( data_offset + data_length < data_offset ) + if (data_offset + data_length < data_offset) { goto exit; + } #if SIZE_MAX < 0xffffffff - if( data_offset + data_length > SIZE_MAX ) + if (data_offset + data_length > SIZE_MAX) { goto exit; + } #endif - if( data_offset + data_length > info.size ) + if (data_offset + data_length > info.size) { goto exit; + } status = PSA_ERROR_STORAGE_FAILURE; #if LONG_MAX < 0xffffffff - while( data_offset > LONG_MAX ) - { - if( fseek( stream, LONG_MAX, SEEK_CUR ) != 0 ) + while (data_offset > LONG_MAX) { + if (fseek(stream, LONG_MAX, SEEK_CUR) != 0) { goto exit; + } data_offset -= LONG_MAX; } #endif - if( fseek( stream, data_offset, SEEK_CUR ) != 0 ) + if (fseek(stream, data_offset, SEEK_CUR) != 0) { goto exit; - n = fread( p_data, 1, data_length, stream ); - if( n != data_length ) + } + n = fread(p_data, 1, data_length, stream); + if (n != data_length) { goto exit; + } status = PSA_SUCCESS; - if( p_data_length != NULL ) + if (p_data_length != NULL) { *p_data_length = n; + } exit: - if( stream != NULL ) - fclose( stream ); - return( status ); + if (stream != NULL) { + fclose(stream); + } + return status; } -psa_status_t psa_its_set( psa_storage_uid_t uid, - uint32_t data_length, - const void *p_data, - psa_storage_create_flags_t create_flags ) +psa_status_t psa_its_set(psa_storage_uid_t uid, + uint32_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags) { - if( uid == 0 ) - { - return( PSA_ERROR_INVALID_HANDLE ); + if (uid == 0) { + return PSA_ERROR_INVALID_HANDLE; } psa_status_t status = PSA_ERROR_STORAGE_FAILURE; @@ -191,60 +201,64 @@ psa_status_t psa_its_set( psa_storage_uid_t uid, psa_its_file_header_t header; size_t n; - memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); - MBEDTLS_PUT_UINT32_LE( data_length, header.size, 0 ); - MBEDTLS_PUT_UINT32_LE( create_flags, header.flags, 0 ); + memcpy(header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH); + MBEDTLS_PUT_UINT32_LE(data_length, header.size, 0); + MBEDTLS_PUT_UINT32_LE(create_flags, header.flags, 0); - psa_its_fill_filename( uid, filename ); - stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); - if( stream == NULL ) + psa_its_fill_filename(uid, filename); + stream = fopen(PSA_ITS_STORAGE_TEMP, "wb"); + if (stream == NULL) { goto exit; + } status = PSA_ERROR_INSUFFICIENT_STORAGE; - n = fwrite( &header, 1, sizeof( header ), stream ); - if( n != sizeof( header ) ) + n = fwrite(&header, 1, sizeof(header), stream); + if (n != sizeof(header)) { goto exit; - if( data_length != 0 ) - { - n = fwrite( p_data, 1, data_length, stream ); - if( n != data_length ) + } + if (data_length != 0) { + n = fwrite(p_data, 1, data_length, stream); + if (n != data_length) { goto exit; + } } status = PSA_SUCCESS; exit: - if( stream != NULL ) - { - int ret = fclose( stream ); - if( status == PSA_SUCCESS && ret != 0 ) + if (stream != NULL) { + int ret = fclose(stream); + if (status == PSA_SUCCESS && ret != 0) { status = PSA_ERROR_INSUFFICIENT_STORAGE; + } } - if( status == PSA_SUCCESS ) - { - if( rename_replace_existing( PSA_ITS_STORAGE_TEMP, filename ) != 0 ) + if (status == PSA_SUCCESS) { + if (rename_replace_existing(PSA_ITS_STORAGE_TEMP, filename) != 0) { status = PSA_ERROR_STORAGE_FAILURE; + } } /* The temporary file may still exist, but only in failure cases where * we're already reporting an error. So there's nothing we can do on * failure. If the function succeeded, and in some error cases, the * temporary file doesn't exist and so remove() is expected to fail. * Thus we just ignore the return status of remove(). */ - (void) remove( PSA_ITS_STORAGE_TEMP ); - return( status ); + (void) remove(PSA_ITS_STORAGE_TEMP); + return status; } -psa_status_t psa_its_remove( psa_storage_uid_t uid ) +psa_status_t psa_its_remove(psa_storage_uid_t uid) { char filename[PSA_ITS_STORAGE_FILENAME_LENGTH]; FILE *stream; - psa_its_fill_filename( uid, filename ); - stream = fopen( filename, "rb" ); - if( stream == NULL ) - return( PSA_ERROR_DOES_NOT_EXIST ); - fclose( stream ); - if( remove( filename ) != 0 ) - return( PSA_ERROR_STORAGE_FAILURE ); - return( PSA_SUCCESS ); + psa_its_fill_filename(uid, filename); + stream = fopen(filename, "rb"); + if (stream == NULL) { + return PSA_ERROR_DOES_NOT_EXIST; + } + fclose(stream); + if (remove(filename) != 0) { + return PSA_ERROR_STORAGE_FAILURE; + } + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_ITS_FILE_C */ diff --git a/library/ripemd160.c b/library/ripemd160.c index 55e259e1926f..f5dc5f59e838 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -37,21 +37,22 @@ #if !defined(MBEDTLS_RIPEMD160_ALT) -void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx ) +void mbedtls_ripemd160_init(mbedtls_ripemd160_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_ripemd160_context ) ); + memset(ctx, 0, sizeof(mbedtls_ripemd160_context)); } -void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx ) +void mbedtls_ripemd160_free(mbedtls_ripemd160_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ripemd160_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ripemd160_context)); } -void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, - const mbedtls_ripemd160_context *src ) +void mbedtls_ripemd160_clone(mbedtls_ripemd160_context *dst, + const mbedtls_ripemd160_context *src) { *dst = *src; } @@ -59,7 +60,7 @@ void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, /* * RIPEMD-160 context setup */ -int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx ) +int mbedtls_ripemd160_starts_ret(mbedtls_ripemd160_context *ctx) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -70,13 +71,13 @@ int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx ) ctx->state[3] = 0x10325476; ctx->state[4] = 0xC3D2E1F0; - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx ) +void mbedtls_ripemd160_starts(mbedtls_ripemd160_context *ctx) { - mbedtls_ripemd160_starts_ret( ctx ); + mbedtls_ripemd160_starts_ret(ctx); } #endif @@ -84,30 +85,29 @@ void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx ) /* * Process one block */ -int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, - const unsigned char data[64] ) +int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx, + const unsigned char data[64]) { - struct - { + struct { uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16]; } local; - local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 ); - local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 ); - local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 ); - local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 ); - local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 ); - local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 ); - local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 ); - local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 ); - local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 ); - local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 ); - local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 ); - local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 ); - local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 ); - local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 ); - local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 ); - local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 ); + local.X[0] = MBEDTLS_GET_UINT32_LE(data, 0); + local.X[1] = MBEDTLS_GET_UINT32_LE(data, 4); + local.X[2] = MBEDTLS_GET_UINT32_LE(data, 8); + local.X[3] = MBEDTLS_GET_UINT32_LE(data, 12); + local.X[4] = MBEDTLS_GET_UINT32_LE(data, 16); + local.X[5] = MBEDTLS_GET_UINT32_LE(data, 20); + local.X[6] = MBEDTLS_GET_UINT32_LE(data, 24); + local.X[7] = MBEDTLS_GET_UINT32_LE(data, 28); + local.X[8] = MBEDTLS_GET_UINT32_LE(data, 32); + local.X[9] = MBEDTLS_GET_UINT32_LE(data, 36); + local.X[10] = MBEDTLS_GET_UINT32_LE(data, 40); + local.X[11] = MBEDTLS_GET_UINT32_LE(data, 44); + local.X[12] = MBEDTLS_GET_UINT32_LE(data, 48); + local.X[13] = MBEDTLS_GET_UINT32_LE(data, 52); + local.X[14] = MBEDTLS_GET_UINT32_LE(data, 56); + local.X[15] = MBEDTLS_GET_UINT32_LE(data, 60); local.A = local.Ap = ctx->state[0]; local.B = local.Bp = ctx->state[1]; @@ -115,50 +115,50 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, local.D = local.Dp = ctx->state[3]; local.E = local.Ep = ctx->state[4]; -#define F1( x, y, z ) ( (x) ^ (y) ^ (z) ) -#define F2( x, y, z ) ( ( (x) & (y) ) | ( ~(x) & (z) ) ) -#define F3( x, y, z ) ( ( (x) | ~(y) ) ^ (z) ) -#define F4( x, y, z ) ( ( (x) & (z) ) | ( (y) & ~(z) ) ) -#define F5( x, y, z ) ( (x) ^ ( (y) | ~(z) ) ) +#define F1(x, y, z) ((x) ^ (y) ^ (z)) +#define F2(x, y, z) (((x) & (y)) | (~(x) & (z))) +#define F3(x, y, z) (((x) | ~(y)) ^ (z)) +#define F4(x, y, z) (((x) & (z)) | ((y) & ~(z))) +#define F5(x, y, z) ((x) ^ ((y) | ~(z))) -#define S( x, n ) ( ( (x) << (n) ) | ( (x) >> (32 - (n)) ) ) +#define S(x, n) (((x) << (n)) | ((x) >> (32 - (n)))) -#define P( a, b, c, d, e, r, s, f, k ) \ +#define P(a, b, c, d, e, r, s, f, k) \ do \ { \ - (a) += f( (b), (c), (d) ) + local.X[r] + (k); \ - (a) = S( (a), (s) ) + (e); \ - (c) = S( (c), 10 ); \ - } while( 0 ) + (a) += f((b), (c), (d)) + local.X[r] + (k); \ + (a) = S((a), (s)) + (e); \ + (c) = S((c), 10); \ + } while (0) -#define P2( a, b, c, d, e, r, s, rp, sp ) \ +#define P2(a, b, c, d, e, r, s, rp, sp) \ do \ { \ - P( (a), (b), (c), (d), (e), (r), (s), F, K ); \ - P( a ## p, b ## p, c ## p, d ## p, e ## p, \ - (rp), (sp), Fp, Kp ); \ - } while( 0 ) + P((a), (b), (c), (d), (e), (r), (s), F, K); \ + P(a ## p, b ## p, c ## p, d ## p, e ## p, \ + (rp), (sp), Fp, Kp); \ + } while (0) #define F F1 #define K 0x00000000 #define Fp F5 #define Kp 0x50A28BE6 - P2( local.A, local.B, local.C, local.D, local.E, 0, 11, 5, 8 ); - P2( local.E, local.A, local.B, local.C, local.D, 1, 14, 14, 9 ); - P2( local.D, local.E, local.A, local.B, local.C, 2, 15, 7, 9 ); - P2( local.C, local.D, local.E, local.A, local.B, 3, 12, 0, 11 ); - P2( local.B, local.C, local.D, local.E, local.A, 4, 5, 9, 13 ); - P2( local.A, local.B, local.C, local.D, local.E, 5, 8, 2, 15 ); - P2( local.E, local.A, local.B, local.C, local.D, 6, 7, 11, 15 ); - P2( local.D, local.E, local.A, local.B, local.C, 7, 9, 4, 5 ); - P2( local.C, local.D, local.E, local.A, local.B, 8, 11, 13, 7 ); - P2( local.B, local.C, local.D, local.E, local.A, 9, 13, 6, 7 ); - P2( local.A, local.B, local.C, local.D, local.E, 10, 14, 15, 8 ); - P2( local.E, local.A, local.B, local.C, local.D, 11, 15, 8, 11 ); - P2( local.D, local.E, local.A, local.B, local.C, 12, 6, 1, 14 ); - P2( local.C, local.D, local.E, local.A, local.B, 13, 7, 10, 14 ); - P2( local.B, local.C, local.D, local.E, local.A, 14, 9, 3, 12 ); - P2( local.A, local.B, local.C, local.D, local.E, 15, 8, 12, 6 ); + P2(local.A, local.B, local.C, local.D, local.E, 0, 11, 5, 8); + P2(local.E, local.A, local.B, local.C, local.D, 1, 14, 14, 9); + P2(local.D, local.E, local.A, local.B, local.C, 2, 15, 7, 9); + P2(local.C, local.D, local.E, local.A, local.B, 3, 12, 0, 11); + P2(local.B, local.C, local.D, local.E, local.A, 4, 5, 9, 13); + P2(local.A, local.B, local.C, local.D, local.E, 5, 8, 2, 15); + P2(local.E, local.A, local.B, local.C, local.D, 6, 7, 11, 15); + P2(local.D, local.E, local.A, local.B, local.C, 7, 9, 4, 5); + P2(local.C, local.D, local.E, local.A, local.B, 8, 11, 13, 7); + P2(local.B, local.C, local.D, local.E, local.A, 9, 13, 6, 7); + P2(local.A, local.B, local.C, local.D, local.E, 10, 14, 15, 8); + P2(local.E, local.A, local.B, local.C, local.D, 11, 15, 8, 11); + P2(local.D, local.E, local.A, local.B, local.C, 12, 6, 1, 14); + P2(local.C, local.D, local.E, local.A, local.B, 13, 7, 10, 14); + P2(local.B, local.C, local.D, local.E, local.A, 14, 9, 3, 12); + P2(local.A, local.B, local.C, local.D, local.E, 15, 8, 12, 6); #undef F #undef K #undef Fp @@ -168,22 +168,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, #define K 0x5A827999 #define Fp F4 #define Kp 0x5C4DD124 - P2( local.E, local.A, local.B, local.C, local.D, 7, 7, 6, 9 ); - P2( local.D, local.E, local.A, local.B, local.C, 4, 6, 11, 13 ); - P2( local.C, local.D, local.E, local.A, local.B, 13, 8, 3, 15 ); - P2( local.B, local.C, local.D, local.E, local.A, 1, 13, 7, 7 ); - P2( local.A, local.B, local.C, local.D, local.E, 10, 11, 0, 12 ); - P2( local.E, local.A, local.B, local.C, local.D, 6, 9, 13, 8 ); - P2( local.D, local.E, local.A, local.B, local.C, 15, 7, 5, 9 ); - P2( local.C, local.D, local.E, local.A, local.B, 3, 15, 10, 11 ); - P2( local.B, local.C, local.D, local.E, local.A, 12, 7, 14, 7 ); - P2( local.A, local.B, local.C, local.D, local.E, 0, 12, 15, 7 ); - P2( local.E, local.A, local.B, local.C, local.D, 9, 15, 8, 12 ); - P2( local.D, local.E, local.A, local.B, local.C, 5, 9, 12, 7 ); - P2( local.C, local.D, local.E, local.A, local.B, 2, 11, 4, 6 ); - P2( local.B, local.C, local.D, local.E, local.A, 14, 7, 9, 15 ); - P2( local.A, local.B, local.C, local.D, local.E, 11, 13, 1, 13 ); - P2( local.E, local.A, local.B, local.C, local.D, 8, 12, 2, 11 ); + P2(local.E, local.A, local.B, local.C, local.D, 7, 7, 6, 9); + P2(local.D, local.E, local.A, local.B, local.C, 4, 6, 11, 13); + P2(local.C, local.D, local.E, local.A, local.B, 13, 8, 3, 15); + P2(local.B, local.C, local.D, local.E, local.A, 1, 13, 7, 7); + P2(local.A, local.B, local.C, local.D, local.E, 10, 11, 0, 12); + P2(local.E, local.A, local.B, local.C, local.D, 6, 9, 13, 8); + P2(local.D, local.E, local.A, local.B, local.C, 15, 7, 5, 9); + P2(local.C, local.D, local.E, local.A, local.B, 3, 15, 10, 11); + P2(local.B, local.C, local.D, local.E, local.A, 12, 7, 14, 7); + P2(local.A, local.B, local.C, local.D, local.E, 0, 12, 15, 7); + P2(local.E, local.A, local.B, local.C, local.D, 9, 15, 8, 12); + P2(local.D, local.E, local.A, local.B, local.C, 5, 9, 12, 7); + P2(local.C, local.D, local.E, local.A, local.B, 2, 11, 4, 6); + P2(local.B, local.C, local.D, local.E, local.A, 14, 7, 9, 15); + P2(local.A, local.B, local.C, local.D, local.E, 11, 13, 1, 13); + P2(local.E, local.A, local.B, local.C, local.D, 8, 12, 2, 11); #undef F #undef K #undef Fp @@ -193,22 +193,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, #define K 0x6ED9EBA1 #define Fp F3 #define Kp 0x6D703EF3 - P2( local.D, local.E, local.A, local.B, local.C, 3, 11, 15, 9 ); - P2( local.C, local.D, local.E, local.A, local.B, 10, 13, 5, 7 ); - P2( local.B, local.C, local.D, local.E, local.A, 14, 6, 1, 15 ); - P2( local.A, local.B, local.C, local.D, local.E, 4, 7, 3, 11 ); - P2( local.E, local.A, local.B, local.C, local.D, 9, 14, 7, 8 ); - P2( local.D, local.E, local.A, local.B, local.C, 15, 9, 14, 6 ); - P2( local.C, local.D, local.E, local.A, local.B, 8, 13, 6, 6 ); - P2( local.B, local.C, local.D, local.E, local.A, 1, 15, 9, 14 ); - P2( local.A, local.B, local.C, local.D, local.E, 2, 14, 11, 12 ); - P2( local.E, local.A, local.B, local.C, local.D, 7, 8, 8, 13 ); - P2( local.D, local.E, local.A, local.B, local.C, 0, 13, 12, 5 ); - P2( local.C, local.D, local.E, local.A, local.B, 6, 6, 2, 14 ); - P2( local.B, local.C, local.D, local.E, local.A, 13, 5, 10, 13 ); - P2( local.A, local.B, local.C, local.D, local.E, 11, 12, 0, 13 ); - P2( local.E, local.A, local.B, local.C, local.D, 5, 7, 4, 7 ); - P2( local.D, local.E, local.A, local.B, local.C, 12, 5, 13, 5 ); + P2(local.D, local.E, local.A, local.B, local.C, 3, 11, 15, 9); + P2(local.C, local.D, local.E, local.A, local.B, 10, 13, 5, 7); + P2(local.B, local.C, local.D, local.E, local.A, 14, 6, 1, 15); + P2(local.A, local.B, local.C, local.D, local.E, 4, 7, 3, 11); + P2(local.E, local.A, local.B, local.C, local.D, 9, 14, 7, 8); + P2(local.D, local.E, local.A, local.B, local.C, 15, 9, 14, 6); + P2(local.C, local.D, local.E, local.A, local.B, 8, 13, 6, 6); + P2(local.B, local.C, local.D, local.E, local.A, 1, 15, 9, 14); + P2(local.A, local.B, local.C, local.D, local.E, 2, 14, 11, 12); + P2(local.E, local.A, local.B, local.C, local.D, 7, 8, 8, 13); + P2(local.D, local.E, local.A, local.B, local.C, 0, 13, 12, 5); + P2(local.C, local.D, local.E, local.A, local.B, 6, 6, 2, 14); + P2(local.B, local.C, local.D, local.E, local.A, 13, 5, 10, 13); + P2(local.A, local.B, local.C, local.D, local.E, 11, 12, 0, 13); + P2(local.E, local.A, local.B, local.C, local.D, 5, 7, 4, 7); + P2(local.D, local.E, local.A, local.B, local.C, 12, 5, 13, 5); #undef F #undef K #undef Fp @@ -218,22 +218,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, #define K 0x8F1BBCDC #define Fp F2 #define Kp 0x7A6D76E9 - P2( local.C, local.D, local.E, local.A, local.B, 1, 11, 8, 15 ); - P2( local.B, local.C, local.D, local.E, local.A, 9, 12, 6, 5 ); - P2( local.A, local.B, local.C, local.D, local.E, 11, 14, 4, 8 ); - P2( local.E, local.A, local.B, local.C, local.D, 10, 15, 1, 11 ); - P2( local.D, local.E, local.A, local.B, local.C, 0, 14, 3, 14 ); - P2( local.C, local.D, local.E, local.A, local.B, 8, 15, 11, 14 ); - P2( local.B, local.C, local.D, local.E, local.A, 12, 9, 15, 6 ); - P2( local.A, local.B, local.C, local.D, local.E, 4, 8, 0, 14 ); - P2( local.E, local.A, local.B, local.C, local.D, 13, 9, 5, 6 ); - P2( local.D, local.E, local.A, local.B, local.C, 3, 14, 12, 9 ); - P2( local.C, local.D, local.E, local.A, local.B, 7, 5, 2, 12 ); - P2( local.B, local.C, local.D, local.E, local.A, 15, 6, 13, 9 ); - P2( local.A, local.B, local.C, local.D, local.E, 14, 8, 9, 12 ); - P2( local.E, local.A, local.B, local.C, local.D, 5, 6, 7, 5 ); - P2( local.D, local.E, local.A, local.B, local.C, 6, 5, 10, 15 ); - P2( local.C, local.D, local.E, local.A, local.B, 2, 12, 14, 8 ); + P2(local.C, local.D, local.E, local.A, local.B, 1, 11, 8, 15); + P2(local.B, local.C, local.D, local.E, local.A, 9, 12, 6, 5); + P2(local.A, local.B, local.C, local.D, local.E, 11, 14, 4, 8); + P2(local.E, local.A, local.B, local.C, local.D, 10, 15, 1, 11); + P2(local.D, local.E, local.A, local.B, local.C, 0, 14, 3, 14); + P2(local.C, local.D, local.E, local.A, local.B, 8, 15, 11, 14); + P2(local.B, local.C, local.D, local.E, local.A, 12, 9, 15, 6); + P2(local.A, local.B, local.C, local.D, local.E, 4, 8, 0, 14); + P2(local.E, local.A, local.B, local.C, local.D, 13, 9, 5, 6); + P2(local.D, local.E, local.A, local.B, local.C, 3, 14, 12, 9); + P2(local.C, local.D, local.E, local.A, local.B, 7, 5, 2, 12); + P2(local.B, local.C, local.D, local.E, local.A, 15, 6, 13, 9); + P2(local.A, local.B, local.C, local.D, local.E, 14, 8, 9, 12); + P2(local.E, local.A, local.B, local.C, local.D, 5, 6, 7, 5); + P2(local.D, local.E, local.A, local.B, local.C, 6, 5, 10, 15); + P2(local.C, local.D, local.E, local.A, local.B, 2, 12, 14, 8); #undef F #undef K #undef Fp @@ -243,22 +243,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, #define K 0xA953FD4E #define Fp F1 #define Kp 0x00000000 - P2( local.B, local.C, local.D, local.E, local.A, 4, 9, 12, 8 ); - P2( local.A, local.B, local.C, local.D, local.E, 0, 15, 15, 5 ); - P2( local.E, local.A, local.B, local.C, local.D, 5, 5, 10, 12 ); - P2( local.D, local.E, local.A, local.B, local.C, 9, 11, 4, 9 ); - P2( local.C, local.D, local.E, local.A, local.B, 7, 6, 1, 12 ); - P2( local.B, local.C, local.D, local.E, local.A, 12, 8, 5, 5 ); - P2( local.A, local.B, local.C, local.D, local.E, 2, 13, 8, 14 ); - P2( local.E, local.A, local.B, local.C, local.D, 10, 12, 7, 6 ); - P2( local.D, local.E, local.A, local.B, local.C, 14, 5, 6, 8 ); - P2( local.C, local.D, local.E, local.A, local.B, 1, 12, 2, 13 ); - P2( local.B, local.C, local.D, local.E, local.A, 3, 13, 13, 6 ); - P2( local.A, local.B, local.C, local.D, local.E, 8, 14, 14, 5 ); - P2( local.E, local.A, local.B, local.C, local.D, 11, 11, 0, 15 ); - P2( local.D, local.E, local.A, local.B, local.C, 6, 8, 3, 13 ); - P2( local.C, local.D, local.E, local.A, local.B, 15, 5, 9, 11 ); - P2( local.B, local.C, local.D, local.E, local.A, 13, 6, 11, 11 ); + P2(local.B, local.C, local.D, local.E, local.A, 4, 9, 12, 8); + P2(local.A, local.B, local.C, local.D, local.E, 0, 15, 15, 5); + P2(local.E, local.A, local.B, local.C, local.D, 5, 5, 10, 12); + P2(local.D, local.E, local.A, local.B, local.C, 9, 11, 4, 9); + P2(local.C, local.D, local.E, local.A, local.B, 7, 6, 1, 12); + P2(local.B, local.C, local.D, local.E, local.A, 12, 8, 5, 5); + P2(local.A, local.B, local.C, local.D, local.E, 2, 13, 8, 14); + P2(local.E, local.A, local.B, local.C, local.D, 10, 12, 7, 6); + P2(local.D, local.E, local.A, local.B, local.C, 14, 5, 6, 8); + P2(local.C, local.D, local.E, local.A, local.B, 1, 12, 2, 13); + P2(local.B, local.C, local.D, local.E, local.A, 3, 13, 13, 6); + P2(local.A, local.B, local.C, local.D, local.E, 8, 14, 14, 5); + P2(local.E, local.A, local.B, local.C, local.D, 11, 11, 0, 15); + P2(local.D, local.E, local.A, local.B, local.C, 6, 8, 3, 13); + P2(local.C, local.D, local.E, local.A, local.B, 15, 5, 9, 11); + P2(local.B, local.C, local.D, local.E, local.A, 13, 6, 11, 11); #undef F #undef K #undef Fp @@ -272,16 +272,16 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, ctx->state[0] = local.C; /* Zeroise variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); + mbedtls_platform_zeroize(&local, sizeof(local)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ripemd160_process( mbedtls_ripemd160_context *ctx, - const unsigned char data[64] ) +void mbedtls_ripemd160_process(mbedtls_ripemd160_context *ctx, + const unsigned char data[64]) { - mbedtls_internal_ripemd160_process( ctx, data ); + mbedtls_internal_ripemd160_process(ctx, data); } #endif #endif /* !MBEDTLS_RIPEMD160_PROCESS_ALT */ @@ -289,16 +289,17 @@ void mbedtls_ripemd160_process( mbedtls_ripemd160_context *ctx, /* * RIPEMD-160 process buffer */ -int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_ripemd160_update_ret(mbedtls_ripemd160_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; - if( ilen == 0 ) - return( 0 ); + if (ilen == 0) { + return 0; + } left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -306,50 +307,50 @@ int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, ctx->total[0] += (uint32_t) ilen; ctx->total[0] &= 0xFFFFFFFF; - if( ctx->total[0] < (uint32_t) ilen ) + if (ctx->total[0] < (uint32_t) ilen) { ctx->total[1]++; + } - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); + if (left && ilen >= fill) { + memcpy((void *) (ctx->buffer + left), input, fill); - if( ( ret = mbedtls_internal_ripemd160_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_ripemd160_process(ctx, ctx->buffer)) != 0) { + return ret; + } input += fill; ilen -= fill; left = 0; } - while( ilen >= 64 ) - { - if( ( ret = mbedtls_internal_ripemd160_process( ctx, input ) ) != 0 ) - return( ret ); + while (ilen >= 64) { + if ((ret = mbedtls_internal_ripemd160_process(ctx, input)) != 0) { + return ret; + } input += 64; ilen -= 64; } - if( ilen > 0 ) - { - memcpy( (void *) (ctx->buffer + left), input, ilen ); + if (ilen > 0) { + memcpy((void *) (ctx->buffer + left), input, ilen); } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_ripemd160_update(mbedtls_ripemd160_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_ripemd160_update_ret( ctx, input, ilen ); + mbedtls_ripemd160_update_ret(ctx, input, ilen); } #endif static const unsigned char ripemd160_padding[64] = { - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 @@ -358,46 +359,48 @@ static const unsigned char ripemd160_padding[64] = /* * RIPEMD-160 final digest */ -int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx, - unsigned char output[20] ) +int mbedtls_ripemd160_finish_ret(mbedtls_ripemd160_context *ctx, + unsigned char output[20]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t last, padn; uint32_t high, low; unsigned char msglen[8]; - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); + high = (ctx->total[0] >> 29) + | (ctx->total[1] << 3); + low = (ctx->total[0] << 3); - MBEDTLS_PUT_UINT32_LE( low, msglen, 0 ); - MBEDTLS_PUT_UINT32_LE( high, msglen, 4 ); + MBEDTLS_PUT_UINT32_LE(low, msglen, 0); + MBEDTLS_PUT_UINT32_LE(high, msglen, 4); last = ctx->total[0] & 0x3F; - padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); + padn = (last < 56) ? (56 - last) : (120 - last); - ret = mbedtls_ripemd160_update_ret( ctx, ripemd160_padding, padn ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_ripemd160_update_ret(ctx, ripemd160_padding, padn); + if (ret != 0) { + return ret; + } - ret = mbedtls_ripemd160_update_ret( ctx, msglen, 8 ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_ripemd160_update_ret(ctx, msglen, 8); + if (ret != 0) { + return ret; + } - MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_LE(ctx->state[0], output, 0); + MBEDTLS_PUT_UINT32_LE(ctx->state[1], output, 4); + MBEDTLS_PUT_UINT32_LE(ctx->state[2], output, 8); + MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12); + MBEDTLS_PUT_UINT32_LE(ctx->state[4], output, 16); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, - unsigned char output[20] ) +void mbedtls_ripemd160_finish(mbedtls_ripemd160_context *ctx, + unsigned char output[20]) { - mbedtls_ripemd160_finish_ret( ctx, output ); + mbedtls_ripemd160_finish_ret(ctx, output); } #endif @@ -406,36 +409,39 @@ void mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, /* * output = RIPEMD-160( input buffer ) */ -int mbedtls_ripemd160_ret( const unsigned char *input, - size_t ilen, - unsigned char output[20] ) +int mbedtls_ripemd160_ret(const unsigned char *input, + size_t ilen, + unsigned char output[20]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ripemd160_context ctx; - mbedtls_ripemd160_init( &ctx ); + mbedtls_ripemd160_init(&ctx); - if( ( ret = mbedtls_ripemd160_starts_ret( &ctx ) ) != 0 ) + if ((ret = mbedtls_ripemd160_starts_ret(&ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_ripemd160_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_ripemd160_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_ripemd160_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_ripemd160_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_ripemd160_free( &ctx ); + mbedtls_ripemd160_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ripemd160( const unsigned char *input, - size_t ilen, - unsigned char output[20] ) +void mbedtls_ripemd160(const unsigned char *input, + size_t ilen, + unsigned char output[20]) { - mbedtls_ripemd160_ret( input, ilen, output ); + mbedtls_ripemd160_ret(input, ilen, output); } #endif @@ -485,43 +491,46 @@ static const unsigned char ripemd160_test_md[TESTS][20] = /* * Checkup routine */ -int mbedtls_ripemd160_self_test( int verbose ) +int mbedtls_ripemd160_self_test(int verbose) { int i, ret = 0; unsigned char output[20]; - memset( output, 0, sizeof output ); + memset(output, 0, sizeof output); - for( i = 0; i < TESTS; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " RIPEMD-160 test #%d: ", i + 1 ); + for (i = 0; i < TESTS; i++) { + if (verbose != 0) { + mbedtls_printf(" RIPEMD-160 test #%d: ", i + 1); + } - ret = mbedtls_ripemd160_ret( ripemd160_test_str[i], - ripemd160_test_strlen[i], output ); - if( ret != 0 ) + ret = mbedtls_ripemd160_ret(ripemd160_test_str[i], + ripemd160_test_strlen[i], output); + if (ret != 0) { goto fail; + } - if( memcmp( output, ripemd160_test_md[i], 20 ) != 0 ) - { + if (memcmp(output, ripemd160_test_md[i], 20) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/rsa.c b/library/rsa.c index 9c39fa5d9148..f44b2c38b88c 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -62,68 +62,72 @@ #if !defined(MBEDTLS_RSA_ALT) /* Parameter validation macros */ -#define RSA_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) -#define RSA_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) - -int mbedtls_rsa_import( mbedtls_rsa_context *ctx, - const mbedtls_mpi *N, - const mbedtls_mpi *P, const mbedtls_mpi *Q, - const mbedtls_mpi *D, const mbedtls_mpi *E ) +#define RSA_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_RSA_BAD_INPUT_DATA) +#define RSA_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) + +int mbedtls_rsa_import(mbedtls_rsa_context *ctx, + const mbedtls_mpi *N, + const mbedtls_mpi *P, const mbedtls_mpi *Q, + const mbedtls_mpi *D, const mbedtls_mpi *E) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); - if( ( N != NULL && ( ret = mbedtls_mpi_copy( &ctx->N, N ) ) != 0 ) || - ( P != NULL && ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ) || - ( Q != NULL && ( ret = mbedtls_mpi_copy( &ctx->Q, Q ) ) != 0 ) || - ( D != NULL && ( ret = mbedtls_mpi_copy( &ctx->D, D ) ) != 0 ) || - ( E != NULL && ( ret = mbedtls_mpi_copy( &ctx->E, E ) ) != 0 ) ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if ((N != NULL && (ret = mbedtls_mpi_copy(&ctx->N, N)) != 0) || + (P != NULL && (ret = mbedtls_mpi_copy(&ctx->P, P)) != 0) || + (Q != NULL && (ret = mbedtls_mpi_copy(&ctx->Q, Q)) != 0) || + (D != NULL && (ret = mbedtls_mpi_copy(&ctx->D, D)) != 0) || + (E != NULL && (ret = mbedtls_mpi_copy(&ctx->E, E)) != 0)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); } - if( N != NULL ) - ctx->len = mbedtls_mpi_size( &ctx->N ); + if (N != NULL) { + ctx->len = mbedtls_mpi_size(&ctx->N); + } - return( 0 ); + return 0; } -int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, - unsigned char const *N, size_t N_len, - unsigned char const *P, size_t P_len, - unsigned char const *Q, size_t Q_len, - unsigned char const *D, size_t D_len, - unsigned char const *E, size_t E_len ) +int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx, + unsigned char const *N, size_t N_len, + unsigned char const *P, size_t P_len, + unsigned char const *Q, size_t Q_len, + unsigned char const *D, size_t D_len, + unsigned char const *E, size_t E_len) { int ret = 0; - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); - if( N != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->N, N, N_len ) ); - ctx->len = mbedtls_mpi_size( &ctx->N ); + if (N != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->N, N, N_len)); + ctx->len = mbedtls_mpi_size(&ctx->N); } - if( P != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->P, P, P_len ) ); + if (P != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->P, P, P_len)); + } - if( Q != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->Q, Q, Q_len ) ); + if (Q != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->Q, Q, Q_len)); + } - if( D != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->D, D, D_len ) ); + if (D != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->D, D, D_len)); + } - if( E != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->E, E, E_len ) ); + if (E != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->E, E, E_len)); + } cleanup: - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); + } - return( 0 ); + return 0; } /* @@ -131,8 +135,8 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, * that the RSA primitives will be able to execute without error. * It does *not* make guarantees for consistency of the parameters. */ -static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, - int blinding_needed ) +static int rsa_check_context(mbedtls_rsa_context const *ctx, int is_priv, + int blinding_needed) { #if !defined(MBEDTLS_RSA_NO_CRT) /* blinding_needed is only used for NO_CRT to decide whether @@ -140,10 +144,9 @@ static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, ((void) blinding_needed); #endif - if( ctx->len != mbedtls_mpi_size( &ctx->N ) || - ctx->len > MBEDTLS_MPI_MAX_SIZE ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ctx->len != mbedtls_mpi_size(&ctx->N) || + ctx->len > MBEDTLS_MPI_MAX_SIZE) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } /* @@ -152,23 +155,21 @@ static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, /* Modular exponentiation wrt. N is always used for * RSA public key operations. */ - if( mbedtls_mpi_cmp_int( &ctx->N, 0 ) <= 0 || - mbedtls_mpi_get_bit( &ctx->N, 0 ) == 0 ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mbedtls_mpi_cmp_int(&ctx->N, 0) <= 0 || + mbedtls_mpi_get_bit(&ctx->N, 0) == 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } #if !defined(MBEDTLS_RSA_NO_CRT) /* Modular exponentiation for P and Q is only * used for private key operations and if CRT * is used. */ - if( is_priv && - ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) <= 0 || - mbedtls_mpi_get_bit( &ctx->P, 0 ) == 0 || - mbedtls_mpi_cmp_int( &ctx->Q, 0 ) <= 0 || - mbedtls_mpi_get_bit( &ctx->Q, 0 ) == 0 ) ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (is_priv && + (mbedtls_mpi_cmp_int(&ctx->P, 0) <= 0 || + mbedtls_mpi_get_bit(&ctx->P, 0) == 0 || + mbedtls_mpi_cmp_int(&ctx->Q, 0) <= 0 || + mbedtls_mpi_get_bit(&ctx->Q, 0) == 0)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } #endif /* !MBEDTLS_RSA_NO_CRT */ @@ -177,20 +178,21 @@ static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, */ /* Always need E for public key operations */ - if( mbedtls_mpi_cmp_int( &ctx->E, 0 ) <= 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mbedtls_mpi_cmp_int(&ctx->E, 0) <= 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } #if defined(MBEDTLS_RSA_NO_CRT) /* For private key operations, use D or DP & DQ * as (unblinded) exponents. */ - if( is_priv && mbedtls_mpi_cmp_int( &ctx->D, 0 ) <= 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (is_priv && mbedtls_mpi_cmp_int(&ctx->D, 0) <= 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } #else - if( is_priv && - ( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) <= 0 || - mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) <= 0 ) ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (is_priv && + (mbedtls_mpi_cmp_int(&ctx->DP, 0) <= 0 || + mbedtls_mpi_cmp_int(&ctx->DQ, 0) <= 0)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } #endif /* MBEDTLS_RSA_NO_CRT */ @@ -198,28 +200,26 @@ static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, * so check that P, Q >= 1 if that hasn't yet been * done as part of 1. */ #if defined(MBEDTLS_RSA_NO_CRT) - if( is_priv && blinding_needed && - ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) <= 0 || - mbedtls_mpi_cmp_int( &ctx->Q, 0 ) <= 0 ) ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (is_priv && blinding_needed && + (mbedtls_mpi_cmp_int(&ctx->P, 0) <= 0 || + mbedtls_mpi_cmp_int(&ctx->Q, 0) <= 0)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } #endif /* It wouldn't lead to an error if it wasn't satisfied, * but check for QP >= 1 nonetheless. */ #if !defined(MBEDTLS_RSA_NO_CRT) - if( is_priv && - mbedtls_mpi_cmp_int( &ctx->QP, 0 ) <= 0 ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (is_priv && + mbedtls_mpi_cmp_int(&ctx->QP, 0) <= 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } #endif - return( 0 ); + return 0; } -int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) +int mbedtls_rsa_complete(mbedtls_rsa_context *ctx) { int ret = 0; int have_N, have_P, have_Q, have_D, have_E; @@ -228,18 +228,18 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) #endif int n_missing, pq_missing, d_missing, is_pub, is_priv; - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); - have_N = ( mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 ); - have_P = ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 ); - have_Q = ( mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 ); - have_D = ( mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 ); - have_E = ( mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0 ); + have_N = (mbedtls_mpi_cmp_int(&ctx->N, 0) != 0); + have_P = (mbedtls_mpi_cmp_int(&ctx->P, 0) != 0); + have_Q = (mbedtls_mpi_cmp_int(&ctx->Q, 0) != 0); + have_D = (mbedtls_mpi_cmp_int(&ctx->D, 0) != 0); + have_E = (mbedtls_mpi_cmp_int(&ctx->E, 0) != 0); #if !defined(MBEDTLS_RSA_NO_CRT) - have_DP = ( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) != 0 ); - have_DQ = ( mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) != 0 ); - have_QP = ( mbedtls_mpi_cmp_int( &ctx->QP, 0 ) != 0 ); + have_DP = (mbedtls_mpi_cmp_int(&ctx->DP, 0) != 0); + have_DQ = (mbedtls_mpi_cmp_int(&ctx->DQ, 0) != 0); + have_QP = (mbedtls_mpi_cmp_int(&ctx->QP, 0) != 0); #endif /* @@ -260,44 +260,40 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) /* These three alternatives are mutually exclusive */ is_priv = n_missing || pq_missing || d_missing; - if( !is_priv && !is_pub ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (!is_priv && !is_pub) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* * Step 1: Deduce N if P, Q are provided. */ - if( !have_N && have_P && have_Q ) - { - if( ( ret = mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, - &ctx->Q ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if (!have_N && have_P && have_Q) { + if ((ret = mbedtls_mpi_mul_mpi(&ctx->N, &ctx->P, + &ctx->Q)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); } - ctx->len = mbedtls_mpi_size( &ctx->N ); + ctx->len = mbedtls_mpi_size(&ctx->N); } /* * Step 2: Deduce and verify all remaining core parameters. */ - if( pq_missing ) - { - ret = mbedtls_rsa_deduce_primes( &ctx->N, &ctx->E, &ctx->D, - &ctx->P, &ctx->Q ); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); - - } - else if( d_missing ) - { - if( ( ret = mbedtls_rsa_deduce_private_exponent( &ctx->P, - &ctx->Q, - &ctx->E, - &ctx->D ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if (pq_missing) { + ret = mbedtls_rsa_deduce_primes(&ctx->N, &ctx->E, &ctx->D, + &ctx->P, &ctx->Q); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); + } + + } else if (d_missing) { + if ((ret = mbedtls_rsa_deduce_private_exponent(&ctx->P, + &ctx->Q, + &ctx->E, + &ctx->D)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); } } @@ -307,12 +303,12 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) */ #if !defined(MBEDTLS_RSA_NO_CRT) - if( is_priv && ! ( have_DP && have_DQ && have_QP ) ) - { - ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, - &ctx->DP, &ctx->DQ, &ctx->QP ); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if (is_priv && !(have_DP && have_DQ && have_QP)) { + ret = mbedtls_rsa_deduce_crt(&ctx->P, &ctx->Q, &ctx->D, + &ctx->DP, &ctx->DQ, &ctx->QP); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); + } } #endif /* MBEDTLS_RSA_NO_CRT */ @@ -320,94 +316,98 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) * Step 3: Basic sanity checks */ - return( rsa_check_context( ctx, is_priv, 1 ) ); + return rsa_check_context(ctx, is_priv, 1); } -int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx, - unsigned char *N, size_t N_len, - unsigned char *P, size_t P_len, - unsigned char *Q, size_t Q_len, - unsigned char *D, size_t D_len, - unsigned char *E, size_t E_len ) +int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx, + unsigned char *N, size_t N_len, + unsigned char *P, size_t P_len, + unsigned char *Q, size_t Q_len, + unsigned char *D, size_t D_len, + unsigned char *E, size_t E_len) { int ret = 0; int is_priv; - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); /* Check if key is private or public */ is_priv = - mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0; - - if( !is_priv ) - { + mbedtls_mpi_cmp_int(&ctx->N, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->P, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->Q, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->D, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->E, 0) != 0; + + if (!is_priv) { /* If we're trying to export private parameters for a public key, * something must be wrong. */ - if( P != NULL || Q != NULL || D != NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (P != NULL || Q != NULL || D != NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } } - if( N != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->N, N, N_len ) ); + if (N != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->N, N, N_len)); + } - if( P != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->P, P, P_len ) ); + if (P != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->P, P, P_len)); + } - if( Q != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->Q, Q, Q_len ) ); + if (Q != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->Q, Q, Q_len)); + } - if( D != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->D, D, D_len ) ); + if (D != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->D, D, D_len)); + } - if( E != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->E, E, E_len ) ); + if (E != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->E, E, E_len)); + } cleanup: - return( ret ); + return ret; } -int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, - mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, - mbedtls_mpi *D, mbedtls_mpi *E ) +int mbedtls_rsa_export(const mbedtls_rsa_context *ctx, + mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, + mbedtls_mpi *D, mbedtls_mpi *E) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int is_priv; - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); /* Check if key is private or public */ is_priv = - mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0; - - if( !is_priv ) - { + mbedtls_mpi_cmp_int(&ctx->N, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->P, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->Q, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->D, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->E, 0) != 0; + + if (!is_priv) { /* If we're trying to export private parameters for a public key, * something must be wrong. */ - if( P != NULL || Q != NULL || D != NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (P != NULL || Q != NULL || D != NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } } /* Export all requested core parameters. */ - if( ( N != NULL && ( ret = mbedtls_mpi_copy( N, &ctx->N ) ) != 0 ) || - ( P != NULL && ( ret = mbedtls_mpi_copy( P, &ctx->P ) ) != 0 ) || - ( Q != NULL && ( ret = mbedtls_mpi_copy( Q, &ctx->Q ) ) != 0 ) || - ( D != NULL && ( ret = mbedtls_mpi_copy( D, &ctx->D ) ) != 0 ) || - ( E != NULL && ( ret = mbedtls_mpi_copy( E, &ctx->E ) ) != 0 ) ) - { - return( ret ); + if ((N != NULL && (ret = mbedtls_mpi_copy(N, &ctx->N)) != 0) || + (P != NULL && (ret = mbedtls_mpi_copy(P, &ctx->P)) != 0) || + (Q != NULL && (ret = mbedtls_mpi_copy(Q, &ctx->Q)) != 0) || + (D != NULL && (ret = mbedtls_mpi_copy(D, &ctx->D)) != 0) || + (E != NULL && (ret = mbedtls_mpi_copy(E, &ctx->E)) != 0)) { + return ret; } - return( 0 ); + return 0; } /* @@ -416,75 +416,74 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, * write DER encoded RSA keys. The helper function mbedtls_rsa_deduce_crt * can be used in this case. */ -int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, - mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP ) +int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx, + mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int is_priv; - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); /* Check if key is private or public */ is_priv = - mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0; + mbedtls_mpi_cmp_int(&ctx->N, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->P, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->Q, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->D, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->E, 0) != 0; - if( !is_priv ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (!is_priv) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } #if !defined(MBEDTLS_RSA_NO_CRT) /* Export all requested blinding parameters. */ - if( ( DP != NULL && ( ret = mbedtls_mpi_copy( DP, &ctx->DP ) ) != 0 ) || - ( DQ != NULL && ( ret = mbedtls_mpi_copy( DQ, &ctx->DQ ) ) != 0 ) || - ( QP != NULL && ( ret = mbedtls_mpi_copy( QP, &ctx->QP ) ) != 0 ) ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if ((DP != NULL && (ret = mbedtls_mpi_copy(DP, &ctx->DP)) != 0) || + (DQ != NULL && (ret = mbedtls_mpi_copy(DQ, &ctx->DQ)) != 0) || + (QP != NULL && (ret = mbedtls_mpi_copy(QP, &ctx->QP)) != 0)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); } #else - if( ( ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, - DP, DQ, QP ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if ((ret = mbedtls_rsa_deduce_crt(&ctx->P, &ctx->Q, &ctx->D, + DP, DQ, QP)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); } #endif - return( 0 ); + return 0; } /* * Initialize an RSA context */ -void mbedtls_rsa_init( mbedtls_rsa_context *ctx, - int padding, - int hash_id ) +void mbedtls_rsa_init(mbedtls_rsa_context *ctx, + int padding, + int hash_id) { - RSA_VALIDATE( ctx != NULL ); - RSA_VALIDATE( padding == MBEDTLS_RSA_PKCS_V15 || - padding == MBEDTLS_RSA_PKCS_V21 ); + RSA_VALIDATE(ctx != NULL); + RSA_VALIDATE(padding == MBEDTLS_RSA_PKCS_V15 || + padding == MBEDTLS_RSA_PKCS_V21); - memset( ctx, 0, sizeof( mbedtls_rsa_context ) ); + memset(ctx, 0, sizeof(mbedtls_rsa_context)); - mbedtls_rsa_set_padding( ctx, padding, hash_id ); + mbedtls_rsa_set_padding(ctx, padding, hash_id); #if defined(MBEDTLS_THREADING_C) /* Set ctx->ver to nonzero to indicate that the mutex has been * initialized and will need to be freed. */ ctx->ver = 1; - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif } /* * Set padding for an existing RSA context */ -void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, - int hash_id ) +void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, + int hash_id) { - RSA_VALIDATE( ctx != NULL ); - RSA_VALIDATE( padding == MBEDTLS_RSA_PKCS_V15 || - padding == MBEDTLS_RSA_PKCS_V21 ); + RSA_VALIDATE(ctx != NULL); + RSA_VALIDATE(padding == MBEDTLS_RSA_PKCS_V15 || + padding == MBEDTLS_RSA_PKCS_V21); ctx->padding = padding; ctx->hash_id = hash_id; @@ -494,9 +493,9 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, * Get length in bytes of RSA modulus */ -size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ) +size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx) { - return( ctx->len ); + return ctx->len; } @@ -508,31 +507,31 @@ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ) * This generation method follows the RSA key pair generation procedure of * FIPS 186-4 if 2^16 < exponent < 2^256 and nbits = 2048 or nbits = 3072. */ -int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - unsigned int nbits, int exponent ) +int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + unsigned int nbits, int exponent) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi H, G, L; int prime_quality = 0; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( f_rng != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(f_rng != NULL); /* * If the modulus is 1024 bit long or shorter, then the security strength of * the RSA algorithm is less than or equal to 80 bits and therefore an error * rate of 2^-80 is sufficient. */ - if( nbits > 1024 ) + if (nbits > 1024) { prime_quality = MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR; + } - mbedtls_mpi_init( &H ); - mbedtls_mpi_init( &G ); - mbedtls_mpi_init( &L ); + mbedtls_mpi_init(&H); + mbedtls_mpi_init(&G); + mbedtls_mpi_init(&L); - if( nbits < 128 || exponent < 3 || nbits % 2 != 0 ) - { + if (nbits < 128 || exponent < 3 || nbits % 2 != 0) { ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; goto cleanup; } @@ -543,54 +542,56 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, * 2. GCD( E, (P-1)*(Q-1) ) == 1 * 3. E^-1 mod LCM(P-1, Q-1) > 2^( nbits / 2 ) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->E, exponent ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&ctx->E, exponent)); - do - { - MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, nbits >> 1, - prime_quality, f_rng, p_rng ) ); + do { + MBEDTLS_MPI_CHK(mbedtls_mpi_gen_prime(&ctx->P, nbits >> 1, + prime_quality, f_rng, p_rng)); - MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, - prime_quality, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_gen_prime(&ctx->Q, nbits >> 1, + prime_quality, f_rng, p_rng)); /* make sure the difference between p and q is not too small (FIPS 186-4 §B.3.3 step 5.4) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &H, &ctx->P, &ctx->Q ) ); - if( mbedtls_mpi_bitlen( &H ) <= ( ( nbits >= 200 ) ? ( ( nbits >> 1 ) - 99 ) : 0 ) ) + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&H, &ctx->P, &ctx->Q)); + if (mbedtls_mpi_bitlen(&H) <= ((nbits >= 200) ? ((nbits >> 1) - 99) : 0)) { continue; + } /* not required by any standards, but some users rely on the fact that P > Q */ - if( H.s < 0 ) - mbedtls_mpi_swap( &ctx->P, &ctx->Q ); + if (H.s < 0) { + mbedtls_mpi_swap(&ctx->P, &ctx->Q); + } /* Temporarily replace P,Q by P-1, Q-1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &ctx->P, &ctx->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &ctx->Q, &ctx->Q, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &ctx->P, &ctx->Q ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&ctx->P, &ctx->P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&ctx->Q, &ctx->Q, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&H, &ctx->P, &ctx->Q)); /* check GCD( E, (P-1)*(Q-1) ) == 1 (FIPS 186-4 §B.3.1 criterion 2(a)) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, &ctx->E, &H ) ); - if( mbedtls_mpi_cmp_int( &G, 1 ) != 0 ) + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(&G, &ctx->E, &H)); + if (mbedtls_mpi_cmp_int(&G, 1) != 0) { continue; + } /* compute smallest possible D = E^-1 mod LCM(P-1, Q-1) (FIPS 186-4 §B.3.1 criterion 3(b)) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, &ctx->P, &ctx->Q ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &L, NULL, &H, &G ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->D, &ctx->E, &L ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(&G, &ctx->P, &ctx->Q)); + MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(&L, NULL, &H, &G)); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&ctx->D, &ctx->E, &L)); - if( mbedtls_mpi_bitlen( &ctx->D ) <= ( ( nbits + 1 ) / 2 ) ) // (FIPS 186-4 §B.3.1 criterion 3(a)) + if (mbedtls_mpi_bitlen(&ctx->D) <= ((nbits + 1) / 2)) { // (FIPS 186-4 §B.3.1 criterion 3(a)) continue; + } break; - } - while( 1 ); + } while (1); /* Restore P,Q */ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &ctx->P, &ctx->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &ctx->Q, &ctx->Q, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&ctx->P, &ctx->P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&ctx->Q, &ctx->Q, 1)); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, &ctx->Q ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->N, &ctx->P, &ctx->Q)); - ctx->len = mbedtls_mpi_size( &ctx->N ); + ctx->len = mbedtls_mpi_size(&ctx->N); #if !defined(MBEDTLS_RSA_NO_CRT) /* @@ -598,29 +599,29 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, * DQ = D mod (Q - 1) * QP = Q^-1 mod P */ - MBEDTLS_MPI_CHK( mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, - &ctx->DP, &ctx->DQ, &ctx->QP ) ); + MBEDTLS_MPI_CHK(mbedtls_rsa_deduce_crt(&ctx->P, &ctx->Q, &ctx->D, + &ctx->DP, &ctx->DQ, &ctx->QP)); #endif /* MBEDTLS_RSA_NO_CRT */ /* Double-check */ - MBEDTLS_MPI_CHK( mbedtls_rsa_check_privkey( ctx ) ); + MBEDTLS_MPI_CHK(mbedtls_rsa_check_privkey(ctx)); cleanup: - mbedtls_mpi_free( &H ); - mbedtls_mpi_free( &G ); - mbedtls_mpi_free( &L ); + mbedtls_mpi_free(&H); + mbedtls_mpi_free(&G); + mbedtls_mpi_free(&L); - if( ret != 0 ) - { - mbedtls_rsa_free( ctx ); + if (ret != 0) { + mbedtls_rsa_free(ctx); - if( ( -ret & ~0x7f ) == 0 ) - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret ); - return( ret ); + if ((-ret & ~0x7f) == 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret); + } + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_GENPRIME */ @@ -628,130 +629,127 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, /* * Check a public RSA key */ -int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ) +int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx) { - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); - if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) != 0 ) - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (rsa_check_context(ctx, 0 /* public */, 0 /* no blinding */) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; + } - if( mbedtls_mpi_bitlen( &ctx->N ) < 128 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (mbedtls_mpi_bitlen(&ctx->N) < 128) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - if( mbedtls_mpi_get_bit( &ctx->E, 0 ) == 0 || - mbedtls_mpi_bitlen( &ctx->E ) < 2 || - mbedtls_mpi_cmp_mpi( &ctx->E, &ctx->N ) >= 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (mbedtls_mpi_get_bit(&ctx->E, 0) == 0 || + mbedtls_mpi_bitlen(&ctx->E) < 2 || + mbedtls_mpi_cmp_mpi(&ctx->E, &ctx->N) >= 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - return( 0 ); + return 0; } /* * Check for the consistency of all fields in an RSA private key context */ -int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ) +int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx) { - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); - if( mbedtls_rsa_check_pubkey( ctx ) != 0 || - rsa_check_context( ctx, 1 /* private */, 1 /* blinding */ ) != 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (mbedtls_rsa_check_pubkey(ctx) != 0 || + rsa_check_context(ctx, 1 /* private */, 1 /* blinding */) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - if( mbedtls_rsa_validate_params( &ctx->N, &ctx->P, &ctx->Q, - &ctx->D, &ctx->E, NULL, NULL ) != 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (mbedtls_rsa_validate_params(&ctx->N, &ctx->P, &ctx->Q, + &ctx->D, &ctx->E, NULL, NULL) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } #if !defined(MBEDTLS_RSA_NO_CRT) - else if( mbedtls_rsa_validate_crt( &ctx->P, &ctx->Q, &ctx->D, - &ctx->DP, &ctx->DQ, &ctx->QP ) != 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + else if (mbedtls_rsa_validate_crt(&ctx->P, &ctx->Q, &ctx->D, + &ctx->DP, &ctx->DQ, &ctx->QP) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } #endif - return( 0 ); + return 0; } /* * Check if contexts holding a public and private key match */ -int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, - const mbedtls_rsa_context *prv ) +int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub, + const mbedtls_rsa_context *prv) { - RSA_VALIDATE_RET( pub != NULL ); - RSA_VALIDATE_RET( prv != NULL ); + RSA_VALIDATE_RET(pub != NULL); + RSA_VALIDATE_RET(prv != NULL); - if( mbedtls_rsa_check_pubkey( pub ) != 0 || - mbedtls_rsa_check_privkey( prv ) != 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (mbedtls_rsa_check_pubkey(pub) != 0 || + mbedtls_rsa_check_privkey(prv) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - if( mbedtls_mpi_cmp_mpi( &pub->N, &prv->N ) != 0 || - mbedtls_mpi_cmp_mpi( &pub->E, &prv->E ) != 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (mbedtls_mpi_cmp_mpi(&pub->N, &prv->N) != 0 || + mbedtls_mpi_cmp_mpi(&pub->E, &prv->E) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - return( 0 ); + return 0; } /* * Do an RSA public key operation */ -int mbedtls_rsa_public( mbedtls_rsa_context *ctx, - const unsigned char *input, - unsigned char *output ) +int mbedtls_rsa_public(mbedtls_rsa_context *ctx, + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen; mbedtls_mpi T; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( input != NULL ); - RSA_VALIDATE_RET( output != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(input != NULL); + RSA_VALIDATE_RET(output != NULL); - if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (rsa_check_context(ctx, 0 /* public */, 0 /* no blinding */)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &T, input, ctx->len ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&T, input, ctx->len)); - if( mbedtls_mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) - { + if (mbedtls_mpi_cmp_mpi(&T, &ctx->N) >= 0) { ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; goto cleanup; } olen = ctx->len; - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, &ctx->E, &ctx->N, &ctx->RN ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &T, output, olen ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&T, &T, &ctx->E, &ctx->N, &ctx->RN)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&T, output, olen)); cleanup: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - mbedtls_mpi_free( &T ); + mbedtls_mpi_free(&T); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret ) ); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret); + } - return( 0 ); + return 0; } /* @@ -760,63 +758,62 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx, * DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer * Berlin Heidelberg, 1996. p. 104-113. */ -static int rsa_prepare_blinding( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int rsa_prepare_blinding(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret, count = 0; mbedtls_mpi R; - mbedtls_mpi_init( &R ); + mbedtls_mpi_init(&R); - if( ctx->Vf.p != NULL ) - { + if (ctx->Vf.p != NULL) { /* We already have blinding values, just update them by squaring */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vi, &ctx->Vi, &ctx->Vi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vi, &ctx->Vi, &ctx->N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vf, &ctx->Vf, &ctx->Vf)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vf, &ctx->Vf, &ctx->N)); goto cleanup; } /* Unblinding value: Vf = random number, invertible mod N */ do { - if( count++ > 10 ) - { + if (count++ > 10) { ret = MBEDTLS_ERR_RSA_RNG_FAILED; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->Vf, ctx->len - 1, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&ctx->Vf, ctx->len - 1, f_rng, p_rng)); /* Compute Vf^-1 as R * (R Vf)^-1 to avoid leaks from inv_mod. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, ctx->len - 1, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vf, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&R, ctx->len - 1, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vi, &ctx->Vf, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vi, &ctx->Vi, &ctx->N)); /* At this point, Vi is invertible mod N if and only if both Vf and R * are invertible mod N. If one of them isn't, we don't need to know * which one, we just loop and choose new values for both of them. * (Each iteration succeeds with overwhelming probability.) */ - ret = mbedtls_mpi_inv_mod( &ctx->Vi, &ctx->Vi, &ctx->N ); - if( ret != 0 && ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + ret = mbedtls_mpi_inv_mod(&ctx->Vi, &ctx->Vi, &ctx->N); + if (ret != 0 && ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) { goto cleanup; + } - } while( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); + } while (ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE); /* Finish the computation of Vf^-1 = R * (R Vf)^-1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vi, &ctx->Vi, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vi, &ctx->Vi, &ctx->N)); /* Blinding value: Vi = Vf^(-e) mod N * (Vi already contains Vf^-1 at this point) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vi, &ctx->Vi, &ctx->E, &ctx->N, &ctx->RN ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->Vi, &ctx->Vi, &ctx->E, &ctx->N, &ctx->RN)); cleanup: - mbedtls_mpi_free( &R ); + mbedtls_mpi_free(&R); - return( ret ); + return ret; } /* @@ -843,11 +840,11 @@ static int rsa_prepare_blinding( mbedtls_rsa_context *ctx, /* * Do an RSA private key operation */ -int mbedtls_rsa_private( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - const unsigned char *input, - unsigned char *output ) +int mbedtls_rsa_private(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen; @@ -884,110 +881,107 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * checked result; should be the same in the end. */ mbedtls_mpi I, C; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( input != NULL ); - RSA_VALIDATE_RET( output != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(input != NULL); + RSA_VALIDATE_RET(output != NULL); - if( rsa_check_context( ctx, 1 /* private key checks */, - f_rng != NULL /* blinding y/n */ ) != 0 ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (rsa_check_context(ctx, 1 /* private key checks */, + f_rng != NULL /* blinding y/n */) != 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif /* MPI Initialization */ - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); - mbedtls_mpi_init( &P1 ); - mbedtls_mpi_init( &Q1 ); - mbedtls_mpi_init( &R ); + mbedtls_mpi_init(&P1); + mbedtls_mpi_init(&Q1); + mbedtls_mpi_init(&R); - if( f_rng != NULL ) - { + if (f_rng != NULL) { #if defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_init( &D_blind ); + mbedtls_mpi_init(&D_blind); #else - mbedtls_mpi_init( &DP_blind ); - mbedtls_mpi_init( &DQ_blind ); + mbedtls_mpi_init(&DP_blind); + mbedtls_mpi_init(&DQ_blind); #endif } #if !defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_init( &TP ); mbedtls_mpi_init( &TQ ); + mbedtls_mpi_init(&TP); mbedtls_mpi_init(&TQ); #endif - mbedtls_mpi_init( &I ); - mbedtls_mpi_init( &C ); + mbedtls_mpi_init(&I); + mbedtls_mpi_init(&C); /* End of MPI initialization */ - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &T, input, ctx->len ) ); - if( mbedtls_mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&T, input, ctx->len)); + if (mbedtls_mpi_cmp_mpi(&T, &ctx->N) >= 0) { ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &I, &T ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&I, &T)); - if( f_rng != NULL ) - { + if (f_rng != NULL) { /* * Blinding * T = T * Vi mod N */ - MBEDTLS_MPI_CHK( rsa_prepare_blinding( ctx, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) ); + MBEDTLS_MPI_CHK(rsa_prepare_blinding(ctx, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, &T, &ctx->Vi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&T, &T, &ctx->N)); /* * Exponent blinding */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&P1, &ctx->P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&Q1, &ctx->Q, 1)); #if defined(MBEDTLS_RSA_NO_CRT) /* * D_blind = ( P - 1 ) * ( Q - 1 ) * R + D */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &P1, &Q1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &D_blind, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &D_blind, &D_blind, &ctx->D ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&R, RSA_EXPONENT_BLINDING, + f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&D_blind, &P1, &Q1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&D_blind, &D_blind, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&D_blind, &D_blind, &ctx->D)); D = &D_blind; #else /* * DP_blind = ( P - 1 ) * R + DP */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DP_blind, &P1, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DP_blind, &DP_blind, - &ctx->DP ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&R, RSA_EXPONENT_BLINDING, + f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&DP_blind, &P1, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&DP_blind, &DP_blind, + &ctx->DP)); DP = &DP_blind; /* * DQ_blind = ( Q - 1 ) * R + DQ */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DQ_blind, &Q1, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DQ_blind, &DQ_blind, - &ctx->DQ ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&R, RSA_EXPONENT_BLINDING, + f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&DQ_blind, &Q1, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&DQ_blind, &DQ_blind, + &ctx->DQ)); DQ = &DQ_blind; #endif /* MBEDTLS_RSA_NO_CRT */ } #if defined(MBEDTLS_RSA_NO_CRT) - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, D, &ctx->N, &ctx->RN ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&T, &T, D, &ctx->N, &ctx->RN)); #else /* * Faster decryption using the CRT @@ -996,78 +990,77 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * TQ = input ^ dQ mod Q */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &TP, &T, DP, &ctx->P, &ctx->RP ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &TQ, &T, DQ, &ctx->Q, &ctx->RQ ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&TP, &T, DP, &ctx->P, &ctx->RP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&TQ, &T, DQ, &ctx->Q, &ctx->RQ)); /* * T = (TP - TQ) * (Q^-1 mod P) mod P */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T, &TP, &TQ ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &TP, &T, &ctx->QP ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &TP, &ctx->P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&T, &TP, &TQ)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&TP, &T, &ctx->QP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&T, &TP, &ctx->P)); /* * T = TQ + T * Q */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &TP, &T, &ctx->Q ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &T, &TQ, &TP ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&TP, &T, &ctx->Q)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&T, &TQ, &TP)); #endif /* MBEDTLS_RSA_NO_CRT */ - if( f_rng != NULL ) - { + if (f_rng != NULL) { /* * Unblind * T = T * Vf mod N */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vf ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, &T, &ctx->Vf)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&T, &T, &ctx->N)); } /* Verify the result to prevent glitching attacks. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &C, &T, &ctx->E, - &ctx->N, &ctx->RN ) ); - if( mbedtls_mpi_cmp_mpi( &C, &I ) != 0 ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&C, &T, &ctx->E, + &ctx->N, &ctx->RN)); + if (mbedtls_mpi_cmp_mpi(&C, &I) != 0) { ret = MBEDTLS_ERR_RSA_VERIFY_FAILED; goto cleanup; } olen = ctx->len; - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &T, output, olen ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&T, output, olen)); cleanup: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - mbedtls_mpi_free( &P1 ); - mbedtls_mpi_free( &Q1 ); - mbedtls_mpi_free( &R ); + mbedtls_mpi_free(&P1); + mbedtls_mpi_free(&Q1); + mbedtls_mpi_free(&R); - if( f_rng != NULL ) - { + if (f_rng != NULL) { #if defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_free( &D_blind ); + mbedtls_mpi_free(&D_blind); #else - mbedtls_mpi_free( &DP_blind ); - mbedtls_mpi_free( &DQ_blind ); + mbedtls_mpi_free(&DP_blind); + mbedtls_mpi_free(&DQ_blind); #endif } - mbedtls_mpi_free( &T ); + mbedtls_mpi_free(&T); #if !defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_free( &TP ); mbedtls_mpi_free( &TQ ); + mbedtls_mpi_free(&TP); mbedtls_mpi_free(&TQ); #endif - mbedtls_mpi_free( &C ); - mbedtls_mpi_free( &I ); + mbedtls_mpi_free(&C); + mbedtls_mpi_free(&I); - if( ret != 0 && ret >= -0x007f ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret ) ); + if (ret != 0 && ret >= -0x007f) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret); + } - return( ret ); + return ret; } #if defined(MBEDTLS_PKCS1_V21) @@ -1080,8 +1073,8 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * \param slen length of the source buffer * \param md_ctx message digest context to use */ -static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, - size_t slen, mbedtls_md_context_t *md_ctx ) +static int mgf_mask(unsigned char *dst, size_t dlen, unsigned char *src, + size_t slen, mbedtls_md_context_t *md_ctx) { unsigned char mask[MBEDTLS_MD_MAX_SIZE]; unsigned char counter[4]; @@ -1090,31 +1083,36 @@ static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, size_t i, use_len; int ret = 0; - memset( mask, 0, MBEDTLS_MD_MAX_SIZE ); - memset( counter, 0, 4 ); + memset(mask, 0, MBEDTLS_MD_MAX_SIZE); + memset(counter, 0, 4); - hlen = mbedtls_md_get_size( md_ctx->md_info ); + hlen = mbedtls_md_get_size(md_ctx->md_info); /* Generate and apply dbMask */ p = dst; - while( dlen > 0 ) - { + while (dlen > 0) { use_len = hlen; - if( dlen < hlen ) + if (dlen < hlen) { use_len = dlen; + } - if( ( ret = mbedtls_md_starts( md_ctx ) ) != 0 ) + if ((ret = mbedtls_md_starts(md_ctx)) != 0) { goto exit; - if( ( ret = mbedtls_md_update( md_ctx, src, slen ) ) != 0 ) + } + if ((ret = mbedtls_md_update(md_ctx, src, slen)) != 0) { goto exit; - if( ( ret = mbedtls_md_update( md_ctx, counter, 4 ) ) != 0 ) + } + if ((ret = mbedtls_md_update(md_ctx, counter, 4)) != 0) { goto exit; - if( ( ret = mbedtls_md_finish( md_ctx, mask ) ) != 0 ) + } + if ((ret = mbedtls_md_finish(md_ctx, mask)) != 0) { goto exit; + } - for( i = 0; i < use_len; ++i ) + for (i = 0; i < use_len; ++i) { *p++ ^= mask[i]; + } counter[3]++; @@ -1122,9 +1120,9 @@ static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, } exit: - mbedtls_platform_zeroize( mask, sizeof( mask ) ); + mbedtls_platform_zeroize(mask, sizeof(mask)); - return( ret ); + return ret; } #endif /* MBEDTLS_PKCS1_V21 */ @@ -1132,14 +1130,14 @@ static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, /* * Implementation of the PKCS#1 v2.1 RSAES-OAEP-ENCRYPT function */ -int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - const unsigned char *label, size_t label_len, - size_t ilen, - const unsigned char *input, - unsigned char *output ) +int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + const unsigned char *label, size_t label_len, + size_t ilen, + const unsigned char *input, + unsigned char *output) { size_t olen; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -1148,72 +1146,83 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( output != NULL ); - RSA_VALIDATE_RET( ilen == 0 || input != NULL ); - RSA_VALIDATE_RET( label_len == 0 || label != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(output != NULL); + RSA_VALIDATE_RET(ilen == 0 || input != NULL); + RSA_VALIDATE_RET(label_len == 0 || label != NULL); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( f_rng == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (f_rng == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) ctx->hash_id); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } olen = ctx->len; - hlen = mbedtls_md_get_size( md_info ); + hlen = mbedtls_md_get_size(md_info); /* first comparison checks for overflow */ - if( ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - memset( output, 0, olen ); + memset(output, 0, olen); *p++ = 0; /* Generate a random octet string seed */ - if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); + if ((ret = f_rng(p_rng, p, hlen)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_RNG_FAILED, ret); + } p += hlen; /* Construct DB */ - if( ( ret = mbedtls_md( md_info, label, label_len, p ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_md(md_info, label, label_len, p)) != 0) { + return ret; + } p += hlen; p += olen - 2 * hlen - 2 - ilen; *p++ = 1; - if( ilen != 0 ) - memcpy( p, input, ilen ); + if (ilen != 0) { + memcpy(p, input, ilen); + } - mbedtls_md_init( &md_ctx ); - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) + mbedtls_md_init(&md_ctx); + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) { goto exit; + } /* maskedDB: Apply dbMask to DB */ - if( ( ret = mgf_mask( output + hlen + 1, olen - hlen - 1, output + 1, hlen, - &md_ctx ) ) != 0 ) + if ((ret = mgf_mask(output + hlen + 1, olen - hlen - 1, output + 1, hlen, + &md_ctx)) != 0) { goto exit; + } /* maskedSeed: Apply seedMask to seed */ - if( ( ret = mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1, - &md_ctx ) ) != 0 ) + if ((ret = mgf_mask(output + 1, hlen, output + hlen + 1, olen - hlen - 1, + &md_ctx)) != 0) { goto exit; + } exit: - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - if( ret != 0 ) - return( ret ); + if (ret != 0) { + return ret; + } - return( ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, output, output ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) ); + return (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, output, output) + : mbedtls_rsa_private(ctx, f_rng, p_rng, output, output); } #endif /* MBEDTLS_PKCS1_V21 */ @@ -1221,107 +1230,108 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, /* * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-ENCRYPT function */ -int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t ilen, - const unsigned char *input, - unsigned char *output ) +int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output) { size_t nb_pad, olen; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = output; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( output != NULL ); - RSA_VALIDATE_RET( ilen == 0 || input != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(output != NULL); + RSA_VALIDATE_RET(ilen == 0 || input != NULL); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } olen = ctx->len; /* first comparison checks for overflow */ - if( ilen + 11 < ilen || olen < ilen + 11 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ilen + 11 < ilen || olen < ilen + 11) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } nb_pad = olen - 3 - ilen; *p++ = 0; - if( mode == MBEDTLS_RSA_PUBLIC ) - { - if( f_rng == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PUBLIC) { + if (f_rng == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } *p++ = MBEDTLS_RSA_CRYPT; - while( nb_pad-- > 0 ) - { + while (nb_pad-- > 0) { int rng_dl = 100; do { - ret = f_rng( p_rng, p, 1 ); - } while( *p == 0 && --rng_dl && ret == 0 ); + ret = f_rng(p_rng, p, 1); + } while (*p == 0 && --rng_dl && ret == 0); /* Check if RNG failed to generate data */ - if( rng_dl == 0 || ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); + if (rng_dl == 0 || ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_RNG_FAILED, ret); + } p++; } - } - else - { + } else { *p++ = MBEDTLS_RSA_SIGN; - while( nb_pad-- > 0 ) + while (nb_pad-- > 0) { *p++ = 0xFF; + } } *p++ = 0; - if( ilen != 0 ) - memcpy( p, input, ilen ); + if (ilen != 0) { + memcpy(p, input, ilen); + } - return( ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, output, output ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) ); + return (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, output, output) + : mbedtls_rsa_private(ctx, f_rng, p_rng, output, output); } #endif /* MBEDTLS_PKCS1_V15 */ /* * Add the message padding, then do an RSA operation */ -int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t ilen, - const unsigned char *input, - unsigned char *output ) +int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output) { - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( output != NULL ); - RSA_VALIDATE_RET( ilen == 0 || input != NULL ); - - switch( ctx->padding ) - { + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(output != NULL); + RSA_VALIDATE_RET(ilen == 0 || input != NULL); + + switch (ctx->padding) { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, mode, ilen, - input, output ); + return mbedtls_rsa_rsaes_pkcs1_v15_encrypt(ctx, f_rng, p_rng, mode, ilen, + input, output); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, mode, NULL, 0, - ilen, input, output ); + return mbedtls_rsa_rsaes_oaep_encrypt(ctx, f_rng, p_rng, mode, NULL, 0, + ilen, input, output); #endif default: - return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + return MBEDTLS_ERR_RSA_INVALID_PADDING; } } @@ -1329,15 +1339,15 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, /* * Implementation of the PKCS#1 v2.1 RSAES-OAEP-DECRYPT function */ -int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - const unsigned char *label, size_t label_len, - size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ) +int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + const unsigned char *label, size_t label_len, + size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t ilen, i, pad_len; @@ -1348,71 +1358,75 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( output_max_len == 0 || output != NULL ); - RSA_VALIDATE_RET( label_len == 0 || label != NULL ); - RSA_VALIDATE_RET( input != NULL ); - RSA_VALIDATE_RET( olen != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(output_max_len == 0 || output != NULL); + RSA_VALIDATE_RET(label_len == 0 || label != NULL); + RSA_VALIDATE_RET(input != NULL); + RSA_VALIDATE_RET(olen != NULL); /* * Parameters sanity checks */ - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } ilen = ctx->len; - if( ilen < 16 || ilen > sizeof( buf ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ilen < 16 || ilen > sizeof(buf)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) ctx->hash_id); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hlen = mbedtls_md_get_size( md_info ); + hlen = mbedtls_md_get_size(md_info); // checking for integer underflow - if( 2 * hlen + 2 > ilen ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (2 * hlen + 2 > ilen) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* * RSA operation */ - ret = ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, input, buf ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf ); + ret = (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, input, buf) + : mbedtls_rsa_private(ctx, f_rng, p_rng, input, buf); - if( ret != 0 ) + if (ret != 0) { goto cleanup; + } /* * Unmask data and generate lHash */ - mbedtls_md_init( &md_ctx ); - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) - { - mbedtls_md_free( &md_ctx ); + mbedtls_md_init(&md_ctx); + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) { + mbedtls_md_free(&md_ctx); goto cleanup; } /* seed: Apply seedMask to maskedSeed */ - if( ( ret = mgf_mask( buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1, - &md_ctx ) ) != 0 || - /* DB: Apply dbMask to maskedDB */ - ( ret = mgf_mask( buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen, - &md_ctx ) ) != 0 ) - { - mbedtls_md_free( &md_ctx ); + if ((ret = mgf_mask(buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1, + &md_ctx)) != 0 || + /* DB: Apply dbMask to maskedDB */ + (ret = mgf_mask(buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen, + &md_ctx)) != 0) { + mbedtls_md_free(&md_ctx); goto cleanup; } - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); /* Generate lHash */ - if( ( ret = mbedtls_md( md_info, label, label_len, lhash ) ) != 0 ) + if ((ret = mbedtls_md(md_info, label, label_len, lhash)) != 0) { goto cleanup; + } /* * Check contents, in "constant-time" @@ -1425,17 +1439,17 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, p += hlen; /* Skip seed */ /* Check lHash */ - for( i = 0; i < hlen; i++ ) + for (i = 0; i < hlen; i++) { bad |= lhash[i] ^ *p++; + } /* Get zero-padding len, but always read till end of buffer * (minus one, for the 01 byte) */ pad_len = 0; pad_done = 0; - for( i = 0; i < ilen - 2 * hlen - 2; i++ ) - { + for (i = 0; i < ilen - 2 * hlen - 2; i++) { pad_done |= p[i]; - pad_len += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1; + pad_len += ((pad_done | (unsigned char) -pad_done) >> 7) ^ 1; } p += pad_len; @@ -1447,28 +1461,27 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, * recommendations in PKCS#1 v2.2: an opponent cannot distinguish between * the different error conditions. */ - if( bad != 0 ) - { + if (bad != 0) { ret = MBEDTLS_ERR_RSA_INVALID_PADDING; goto cleanup; } - if( ilen - ( p - buf ) > output_max_len ) - { + if (ilen - (p - buf) > output_max_len) { ret = MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE; goto cleanup; } *olen = ilen - (p - buf); - if( *olen != 0 ) - memcpy( output, p, *olen ); + if (*olen != 0) { + memcpy(output, p, *olen); + } ret = 0; cleanup: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - mbedtls_platform_zeroize( lhash, sizeof( lhash ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); + mbedtls_platform_zeroize(lhash, sizeof(lhash)); - return( ret ); + return ret; } #endif /* MBEDTLS_PKCS1_V21 */ @@ -1476,99 +1489,101 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, /* * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-DECRYPT function */ -int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ) +int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t ilen; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( output_max_len == 0 || output != NULL ); - RSA_VALIDATE_RET( input != NULL ); - RSA_VALIDATE_RET( olen != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(output_max_len == 0 || output != NULL); + RSA_VALIDATE_RET(input != NULL); + RSA_VALIDATE_RET(olen != NULL); ilen = ctx->len; - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( ilen < 16 || ilen > sizeof( buf ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ilen < 16 || ilen > sizeof(buf)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - ret = ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, input, buf ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf ); + ret = (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, input, buf) + : mbedtls_rsa_private(ctx, f_rng, p_rng, input, buf); - if( ret != 0 ) + if (ret != 0) { goto cleanup; + } - ret = mbedtls_ct_rsaes_pkcs1_v15_unpadding( mode, buf, ilen, - output, output_max_len, olen ); + ret = mbedtls_ct_rsaes_pkcs1_v15_unpadding(mode, buf, ilen, + output, output_max_len, olen); cleanup: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); - return( ret ); + return ret; } #endif /* MBEDTLS_PKCS1_V15 */ /* * Do an RSA operation, then remove the message padding */ -int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len) +int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len) { - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( output_max_len == 0 || output != NULL ); - RSA_VALIDATE_RET( input != NULL ); - RSA_VALIDATE_RET( olen != NULL ); - - switch( ctx->padding ) - { + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(output_max_len == 0 || output != NULL); + RSA_VALIDATE_RET(input != NULL); + RSA_VALIDATE_RET(olen != NULL); + + switch (ctx->padding) { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, mode, olen, - input, output, output_max_len ); + return mbedtls_rsa_rsaes_pkcs1_v15_decrypt(ctx, f_rng, p_rng, mode, olen, + input, output, output_max_len); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, mode, NULL, 0, - olen, input, output, - output_max_len ); + return mbedtls_rsa_rsaes_oaep_decrypt(ctx, f_rng, p_rng, mode, NULL, 0, + olen, input, output, + output_max_len); #endif default: - return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + return MBEDTLS_ERR_RSA_INVALID_PADDING; } } #if defined(MBEDTLS_PKCS1_V21) -static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - int saltlen, - unsigned char *sig ) +static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + int saltlen, + unsigned char *sig) { size_t olen; unsigned char *p = sig; @@ -1578,152 +1593,161 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, size_t msb; const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); - RSA_VALIDATE_RET( sig != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); + RSA_VALIDATE_RET(sig != NULL); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( f_rng == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (f_rng == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } olen = ctx->len; - if( md_alg != MBEDTLS_MD_NONE ) - { + if (md_alg != MBEDTLS_MD_NONE) { /* Gather length of hash to sign */ - md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type(md_alg); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hashlen = mbedtls_md_get_size( md_info ); + hashlen = mbedtls_md_get_size(md_info); } - md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) ctx->hash_id); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hlen = mbedtls_md_get_size( md_info ); + hlen = mbedtls_md_get_size(md_info); - if (saltlen == MBEDTLS_RSA_SALT_LEN_ANY) - { - /* Calculate the largest possible salt length, up to the hash size. - * Normally this is the hash length, which is the maximum salt length - * according to FIPS 185-4 §5.5 (e) and common practice. If there is not - * enough room, use the maximum salt length that fits. The constraint is - * that the hash length plus the salt length plus 2 bytes must be at most - * the key length. This complies with FIPS 186-4 §5.5 (e) and RFC 8017 - * (PKCS#1 v2.2) §9.1.1 step 3. */ + if (saltlen == MBEDTLS_RSA_SALT_LEN_ANY) { + /* Calculate the largest possible salt length, up to the hash size. + * Normally this is the hash length, which is the maximum salt length + * according to FIPS 185-4 §5.5 (e) and common practice. If there is not + * enough room, use the maximum salt length that fits. The constraint is + * that the hash length plus the salt length plus 2 bytes must be at most + * the key length. This complies with FIPS 186-4 §5.5 (e) and RFC 8017 + * (PKCS#1 v2.2) §9.1.1 step 3. */ min_slen = hlen - 2; - if( olen < hlen + min_slen + 2 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - else if( olen >= hlen + hlen + 2 ) + if (olen < hlen + min_slen + 2) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } else if (olen >= hlen + hlen + 2) { slen = hlen; - else + } else { slen = olen - hlen - 2; - } - else if ( (saltlen < 0) || (saltlen + hlen + 2 > olen) ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - } - else - { + } + } else if ((saltlen < 0) || (saltlen + hlen + 2 > olen)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } else { slen = (size_t) saltlen; } - memset( sig, 0, olen ); + memset(sig, 0, olen); /* Note: EMSA-PSS encoding is over the length of N - 1 bits */ - msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; + msb = mbedtls_mpi_bitlen(&ctx->N) - 1; p += olen - hlen - slen - 2; *p++ = 0x01; /* Generate salt of length slen in place in the encoded message */ salt = p; - if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); + if ((ret = f_rng(p_rng, salt, slen)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_RNG_FAILED, ret); + } p += slen; - mbedtls_md_init( &md_ctx ); - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) + mbedtls_md_init(&md_ctx); + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) { goto exit; + } /* Generate H = Hash( M' ) */ - if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 ) + if ((ret = mbedtls_md_starts(&md_ctx)) != 0) { goto exit; - if( ( ret = mbedtls_md_update( &md_ctx, p, 8 ) ) != 0 ) + } + if ((ret = mbedtls_md_update(&md_ctx, p, 8)) != 0) { goto exit; - if( ( ret = mbedtls_md_update( &md_ctx, hash, hashlen ) ) != 0 ) + } + if ((ret = mbedtls_md_update(&md_ctx, hash, hashlen)) != 0) { goto exit; - if( ( ret = mbedtls_md_update( &md_ctx, salt, slen ) ) != 0 ) + } + if ((ret = mbedtls_md_update(&md_ctx, salt, slen)) != 0) { goto exit; - if( ( ret = mbedtls_md_finish( &md_ctx, p ) ) != 0 ) + } + if ((ret = mbedtls_md_finish(&md_ctx, p)) != 0) { goto exit; + } /* Compensate for boundary condition when applying mask */ - if( msb % 8 == 0 ) + if (msb % 8 == 0) { offset = 1; + } /* maskedDB: Apply dbMask to DB */ - if( ( ret = mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen, - &md_ctx ) ) != 0 ) + if ((ret = mgf_mask(sig + offset, olen - hlen - 1 - offset, p, hlen, + &md_ctx)) != 0) { goto exit; + } - msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; - sig[0] &= 0xFF >> ( olen * 8 - msb ); + msb = mbedtls_mpi_bitlen(&ctx->N) - 1; + sig[0] &= 0xFF >> (olen * 8 - msb); p += hlen; *p++ = 0xBC; exit: - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - if( ret != 0 ) - return( ret ); + if (ret != 0) { + return ret; + } - return( ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, sig, sig ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig ) ); + return (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, sig, sig) + : mbedtls_rsa_private(ctx, f_rng, p_rng, sig, sig); } /* * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function with * the option to pass in the salt length. */ -int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - int saltlen, - unsigned char *sig ) +int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + int saltlen, + unsigned char *sig) { - return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg, - hashlen, hash, saltlen, sig ); + return rsa_rsassa_pss_sign(ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg, + hashlen, hash, saltlen, sig); } /* * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function */ -int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ) +int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig) { - return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg, - hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig ); + return rsa_rsassa_pss_sign(ctx, f_rng, p_rng, mode, md_alg, + hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig); } #endif /* MBEDTLS_PKCS1_V21 */ @@ -1750,11 +1774,11 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * - dst points to a buffer of size at least dst_len. * */ -static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - size_t dst_len, - unsigned char *dst ) +static int rsa_rsassa_pkcs1_v15_encode(mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + size_t dst_len, + unsigned char *dst) { size_t oid_size = 0; size_t nb_pad = dst_len; @@ -1762,23 +1786,25 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, const char *oid = NULL; /* Are we signing hashed or raw data? */ - if( md_alg != MBEDTLS_MD_NONE ) - { - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (md_alg != MBEDTLS_MD_NONE) { + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_alg); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mbedtls_oid_get_oid_by_md(md_alg, &oid, &oid_size) != 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hashlen = mbedtls_md_get_size( md_info ); + hashlen = mbedtls_md_get_size(md_info); /* Double-check that 8 + hashlen + oid_size can be used as a * 1-byte ASN.1 length encoding and that there's no overflow. */ - if( 8 + hashlen + oid_size >= 0x80 || + if (8 + hashlen + oid_size >= 0x80 || 10 + hashlen < hashlen || - 10 + hashlen + oid_size < 10 + hashlen ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + 10 + hashlen + oid_size < 10 + hashlen) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* * Static bounds check: @@ -1788,22 +1814,23 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, * - Need hashlen bytes for hash * - Need oid_size bytes for hash alg OID. */ - if( nb_pad < 10 + hashlen + oid_size ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (nb_pad < 10 + hashlen + oid_size) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } nb_pad -= 10 + hashlen + oid_size; - } - else - { - if( nb_pad < hashlen ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + } else { + if (nb_pad < hashlen) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } nb_pad -= hashlen; } /* Need space for signature header and padding delimiter (3 bytes), * and 8 bytes for the minimal padding */ - if( nb_pad < 3 + 8 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (nb_pad < 3 + 8) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } nb_pad -= 3; /* Now nb_pad is the amount of memory to be filled @@ -1812,15 +1839,14 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, /* Write signature header and padding */ *p++ = 0; *p++ = MBEDTLS_RSA_SIGN; - memset( p, 0xFF, nb_pad ); + memset(p, 0xFF, nb_pad); p += nb_pad; *p++ = 0; /* Are we signing raw data? */ - if( md_alg == MBEDTLS_MD_NONE ) - { - memcpy( p, hash, hashlen ); - return( 0 ); + if (md_alg == MBEDTLS_MD_NONE) { + memcpy(p, hash, hashlen); + return 0; } /* Signing hashed data, add corresponding ASN.1 structure @@ -1837,73 +1863,73 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, * TAG-OCTET + LEN [ HASH ] ] */ *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; - *p++ = (unsigned char)( 0x08 + oid_size + hashlen ); + *p++ = (unsigned char) (0x08 + oid_size + hashlen); *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; - *p++ = (unsigned char)( 0x04 + oid_size ); + *p++ = (unsigned char) (0x04 + oid_size); *p++ = MBEDTLS_ASN1_OID; *p++ = (unsigned char) oid_size; - memcpy( p, oid, oid_size ); + memcpy(p, oid, oid_size); p += oid_size; *p++ = MBEDTLS_ASN1_NULL; *p++ = 0x00; *p++ = MBEDTLS_ASN1_OCTET_STRING; *p++ = (unsigned char) hashlen; - memcpy( p, hash, hashlen ); + memcpy(p, hash, hashlen); p += hashlen; /* Just a sanity-check, should be automatic * after the initial bounds check. */ - if( p != dst + dst_len ) - { - mbedtls_platform_zeroize( dst, dst_len ); - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (p != dst + dst_len) { + mbedtls_platform_zeroize(dst, dst_len); + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - return( 0 ); + return 0; } /* * Do an RSA operation to sign the message digest */ -int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ) +int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *sig_try = NULL, *verif = NULL; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); - RSA_VALIDATE_RET( sig != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); + RSA_VALIDATE_RET(sig != NULL); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* * Prepare PKCS1-v1.5 encoding (padding and hash identifier) */ - if( ( ret = rsa_rsassa_pkcs1_v15_encode( md_alg, hashlen, hash, - ctx->len, sig ) ) != 0 ) - return( ret ); + if ((ret = rsa_rsassa_pkcs1_v15_encode(md_alg, hashlen, hash, + ctx->len, sig)) != 0) { + return ret; + } /* * Call respective RSA primitive */ - if( mode == MBEDTLS_RSA_PUBLIC ) - { + if (mode == MBEDTLS_RSA_PUBLIC) { /* Skip verification on a public key operation */ - return( mbedtls_rsa_public( ctx, sig, sig ) ); + return mbedtls_rsa_public(ctx, sig, sig); } /* Private key operation @@ -1912,76 +1938,75 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, * temporary buffer and check it before returning it. */ - sig_try = mbedtls_calloc( 1, ctx->len ); - if( sig_try == NULL ) - return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + sig_try = mbedtls_calloc(1, ctx->len); + if (sig_try == NULL) { + return MBEDTLS_ERR_MPI_ALLOC_FAILED; + } - verif = mbedtls_calloc( 1, ctx->len ); - if( verif == NULL ) - { - mbedtls_free( sig_try ); - return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + verif = mbedtls_calloc(1, ctx->len); + if (verif == NULL) { + mbedtls_free(sig_try); + return MBEDTLS_ERR_MPI_ALLOC_FAILED; } - MBEDTLS_MPI_CHK( mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig_try ) ); - MBEDTLS_MPI_CHK( mbedtls_rsa_public( ctx, sig_try, verif ) ); + MBEDTLS_MPI_CHK(mbedtls_rsa_private(ctx, f_rng, p_rng, sig, sig_try)); + MBEDTLS_MPI_CHK(mbedtls_rsa_public(ctx, sig_try, verif)); - if( mbedtls_ct_memcmp( verif, sig, ctx->len ) != 0 ) - { + if (mbedtls_ct_memcmp(verif, sig, ctx->len) != 0) { ret = MBEDTLS_ERR_RSA_PRIVATE_FAILED; goto cleanup; } - memcpy( sig, sig_try, ctx->len ); + memcpy(sig, sig_try, ctx->len); cleanup: - mbedtls_platform_zeroize( sig_try, ctx->len ); - mbedtls_platform_zeroize( verif, ctx->len ); - mbedtls_free( sig_try ); - mbedtls_free( verif ); - - if( ret != 0 ) - memset( sig, '!', ctx->len ); - return( ret ); + mbedtls_platform_zeroize(sig_try, ctx->len); + mbedtls_platform_zeroize(verif, ctx->len); + mbedtls_free(sig_try); + mbedtls_free(verif); + + if (ret != 0) { + memset(sig, '!', ctx->len); + } + return ret; } #endif /* MBEDTLS_PKCS1_V15 */ /* * Do an RSA operation to sign the message digest */ -int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ) +int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig) { - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); - RSA_VALIDATE_RET( sig != NULL ); - - switch( ctx->padding ) - { + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); + RSA_VALIDATE_RET(sig != NULL); + + switch (ctx->padding) { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng, mode, md_alg, - hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx, f_rng, p_rng, mode, md_alg, + hashlen, hash, sig); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg, - hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pss_sign(ctx, f_rng, p_rng, mode, md_alg, + hashlen, hash, sig); #endif default: - return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + return MBEDTLS_ERR_RSA_INVALID_PADDING; } } @@ -1989,16 +2014,16 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, /* * Implementation of the PKCS#1 v2.1 RSASSA-PSS-VERIFY function */ -int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - mbedtls_md_type_t mgf1_hash_id, - int expected_salt_len, - const unsigned char *sig ) +int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + mbedtls_md_type_t mgf1_hash_id, + int expected_salt_len, + const unsigned char *sig) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t siglen; @@ -2012,95 +2037,102 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, mbedtls_md_context_t md_ctx; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( sig != NULL ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(sig != NULL); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } siglen = ctx->len; - if( siglen < 16 || siglen > sizeof( buf ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (siglen < 16 || siglen > sizeof(buf)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - ret = ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, sig, buf ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, buf ); + ret = (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, sig, buf) + : mbedtls_rsa_private(ctx, f_rng, p_rng, sig, buf); - if( ret != 0 ) - return( ret ); + if (ret != 0) { + return ret; + } p = buf; - if( buf[siglen - 1] != 0xBC ) - return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + if (buf[siglen - 1] != 0xBC) { + return MBEDTLS_ERR_RSA_INVALID_PADDING; + } - if( md_alg != MBEDTLS_MD_NONE ) - { + if (md_alg != MBEDTLS_MD_NONE) { /* Gather length of hash to sign */ - md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type(md_alg); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hashlen = mbedtls_md_get_size( md_info ); + hashlen = mbedtls_md_get_size(md_info); } - md_info = mbedtls_md_info_from_type( mgf1_hash_id ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type(mgf1_hash_id); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hlen = mbedtls_md_get_size( md_info ); + hlen = mbedtls_md_get_size(md_info); - memset( zeros, 0, 8 ); + memset(zeros, 0, 8); /* * Note: EMSA-PSS verification is over the length of N - 1 bits */ - msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; + msb = mbedtls_mpi_bitlen(&ctx->N) - 1; - if( buf[0] >> ( 8 - siglen * 8 + msb ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (buf[0] >> (8 - siglen * 8 + msb)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* Compensate for boundary condition when applying mask */ - if( msb % 8 == 0 ) - { + if (msb % 8 == 0) { p++; siglen -= 1; } - if( siglen < hlen + 2 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (siglen < hlen + 2) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } hash_start = p + siglen - hlen - 1; - mbedtls_md_init( &md_ctx ); - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) + mbedtls_md_init(&md_ctx); + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) { goto exit; + } - ret = mgf_mask( p, siglen - hlen - 1, hash_start, hlen, &md_ctx ); - if( ret != 0 ) + ret = mgf_mask(p, siglen - hlen - 1, hash_start, hlen, &md_ctx); + if (ret != 0) { goto exit; + } - buf[0] &= 0xFF >> ( siglen * 8 - msb ); + buf[0] &= 0xFF >> (siglen * 8 - msb); - while( p < hash_start - 1 && *p == 0 ) + while (p < hash_start - 1 && *p == 0) { p++; + } - if( *p++ != 0x01 ) - { + if (*p++ != 0x01) { ret = MBEDTLS_ERR_RSA_INVALID_PADDING; goto exit; } observed_salt_len = hash_start - p; - if( expected_salt_len != MBEDTLS_RSA_SALT_LEN_ANY && - observed_salt_len != (size_t) expected_salt_len ) - { + if (expected_salt_len != MBEDTLS_RSA_SALT_LEN_ANY && + observed_salt_len != (size_t) expected_salt_len) { ret = MBEDTLS_ERR_RSA_INVALID_PADDING; goto exit; } @@ -2108,63 +2140,67 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, /* * Generate H = Hash( M' ) */ - ret = mbedtls_md_starts( &md_ctx ); - if ( ret != 0 ) + ret = mbedtls_md_starts(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_update( &md_ctx, zeros, 8 ); - if ( ret != 0 ) + } + ret = mbedtls_md_update(&md_ctx, zeros, 8); + if (ret != 0) { goto exit; - ret = mbedtls_md_update( &md_ctx, hash, hashlen ); - if ( ret != 0 ) + } + ret = mbedtls_md_update(&md_ctx, hash, hashlen); + if (ret != 0) { goto exit; - ret = mbedtls_md_update( &md_ctx, p, observed_salt_len ); - if ( ret != 0 ) + } + ret = mbedtls_md_update(&md_ctx, p, observed_salt_len); + if (ret != 0) { goto exit; - ret = mbedtls_md_finish( &md_ctx, result ); - if ( ret != 0 ) + } + ret = mbedtls_md_finish(&md_ctx, result); + if (ret != 0) { goto exit; + } - if( memcmp( hash_start, result, hlen ) != 0 ) - { + if (memcmp(hash_start, result, hlen) != 0) { ret = MBEDTLS_ERR_RSA_VERIFY_FAILED; goto exit; } exit: - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - return( ret ); + return ret; } /* * Simplified PKCS#1 v2.1 RSASSA-PSS-VERIFY function */ -int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ) +int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig) { mbedtls_md_type_t mgf1_hash_id; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( sig != NULL ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); - - mgf1_hash_id = ( ctx->hash_id != MBEDTLS_MD_NONE ) + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(sig != NULL); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); + + mgf1_hash_id = (ctx->hash_id != MBEDTLS_MD_NONE) ? (mbedtls_md_type_t) ctx->hash_id : md_alg; - return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, f_rng, p_rng, mode, - md_alg, hashlen, hash, - mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY, - sig ) ); + return mbedtls_rsa_rsassa_pss_verify_ext(ctx, f_rng, p_rng, mode, + md_alg, hashlen, hash, + mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY, + sig); } #endif /* MBEDTLS_PKCS1_V21 */ @@ -2173,196 +2209,195 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, /* * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-v1_5-VERIFY function */ -int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ) +int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig) { int ret = 0; size_t sig_len; unsigned char *encoded = NULL, *encoded_expected = NULL; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( sig != NULL ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(sig != NULL); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); sig_len = ctx->len; - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* * Prepare expected PKCS1 v1.5 encoding of hash. */ - if( ( encoded = mbedtls_calloc( 1, sig_len ) ) == NULL || - ( encoded_expected = mbedtls_calloc( 1, sig_len ) ) == NULL ) - { + if ((encoded = mbedtls_calloc(1, sig_len)) == NULL || + (encoded_expected = mbedtls_calloc(1, sig_len)) == NULL) { ret = MBEDTLS_ERR_MPI_ALLOC_FAILED; goto cleanup; } - if( ( ret = rsa_rsassa_pkcs1_v15_encode( md_alg, hashlen, hash, sig_len, - encoded_expected ) ) != 0 ) + if ((ret = rsa_rsassa_pkcs1_v15_encode(md_alg, hashlen, hash, sig_len, + encoded_expected)) != 0) { goto cleanup; + } /* * Apply RSA primitive to get what should be PKCS1 encoded hash. */ - ret = ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, sig, encoded ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, encoded ); - if( ret != 0 ) + ret = (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, sig, encoded) + : mbedtls_rsa_private(ctx, f_rng, p_rng, sig, encoded); + if (ret != 0) { goto cleanup; + } /* * Compare */ - if( ( ret = mbedtls_ct_memcmp( encoded, encoded_expected, - sig_len ) ) != 0 ) - { + if ((ret = mbedtls_ct_memcmp(encoded, encoded_expected, + sig_len)) != 0) { ret = MBEDTLS_ERR_RSA_VERIFY_FAILED; goto cleanup; } cleanup: - if( encoded != NULL ) - { - mbedtls_platform_zeroize( encoded, sig_len ); - mbedtls_free( encoded ); + if (encoded != NULL) { + mbedtls_platform_zeroize(encoded, sig_len); + mbedtls_free(encoded); } - if( encoded_expected != NULL ) - { - mbedtls_platform_zeroize( encoded_expected, sig_len ); - mbedtls_free( encoded_expected ); + if (encoded_expected != NULL) { + mbedtls_platform_zeroize(encoded_expected, sig_len); + mbedtls_free(encoded_expected); } - return( ret ); + return ret; } #endif /* MBEDTLS_PKCS1_V15 */ /* * Do an RSA operation and check the message digest */ -int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ) +int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig) { - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( sig != NULL ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); - - switch( ctx->padding ) - { + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(sig != NULL); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); + + switch (ctx->padding) { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, f_rng, p_rng, mode, md_alg, - hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pkcs1_v15_verify(ctx, f_rng, p_rng, mode, md_alg, + hashlen, hash, sig); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_verify( ctx, f_rng, p_rng, mode, md_alg, - hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pss_verify(ctx, f_rng, p_rng, mode, md_alg, + hashlen, hash, sig); #endif default: - return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + return MBEDTLS_ERR_RSA_INVALID_PADDING; } } /* * Copy the components of an RSA key */ -int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ) +int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - RSA_VALIDATE_RET( dst != NULL ); - RSA_VALIDATE_RET( src != NULL ); + RSA_VALIDATE_RET(dst != NULL); + RSA_VALIDATE_RET(src != NULL); dst->len = src->len; - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->N, &src->N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->E, &src->E ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->N, &src->N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->E, &src->E)); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->D, &src->D ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->P, &src->P ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Q, &src->Q ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->D, &src->D)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->P, &src->P)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->Q, &src->Q)); #if !defined(MBEDTLS_RSA_NO_CRT) - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->DP, &src->DP ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->DQ, &src->DQ ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->QP, &src->QP ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RP, &src->RP ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RQ, &src->RQ ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->DP, &src->DP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->DQ, &src->DQ)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->QP, &src->QP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->RP, &src->RP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->RQ, &src->RQ)); #endif - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RN, &src->RN ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->RN, &src->RN)); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Vi, &src->Vi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Vf, &src->Vf ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->Vi, &src->Vi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->Vf, &src->Vf)); dst->padding = src->padding; dst->hash_id = src->hash_id; cleanup: - if( ret != 0 ) - mbedtls_rsa_free( dst ); + if (ret != 0) { + mbedtls_rsa_free(dst); + } - return( ret ); + return ret; } /* * Free the components of an RSA key */ -void mbedtls_rsa_free( mbedtls_rsa_context *ctx ) +void mbedtls_rsa_free(mbedtls_rsa_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_mpi_free( &ctx->Vi ); - mbedtls_mpi_free( &ctx->Vf ); - mbedtls_mpi_free( &ctx->RN ); - mbedtls_mpi_free( &ctx->D ); - mbedtls_mpi_free( &ctx->Q ); - mbedtls_mpi_free( &ctx->P ); - mbedtls_mpi_free( &ctx->E ); - mbedtls_mpi_free( &ctx->N ); + mbedtls_mpi_free(&ctx->Vi); + mbedtls_mpi_free(&ctx->Vf); + mbedtls_mpi_free(&ctx->RN); + mbedtls_mpi_free(&ctx->D); + mbedtls_mpi_free(&ctx->Q); + mbedtls_mpi_free(&ctx->P); + mbedtls_mpi_free(&ctx->E); + mbedtls_mpi_free(&ctx->N); #if !defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_free( &ctx->RQ ); - mbedtls_mpi_free( &ctx->RP ); - mbedtls_mpi_free( &ctx->QP ); - mbedtls_mpi_free( &ctx->DQ ); - mbedtls_mpi_free( &ctx->DP ); + mbedtls_mpi_free(&ctx->RQ); + mbedtls_mpi_free(&ctx->RP); + mbedtls_mpi_free(&ctx->QP); + mbedtls_mpi_free(&ctx->DQ); + mbedtls_mpi_free(&ctx->DP); #endif /* MBEDTLS_RSA_NO_CRT */ #if defined(MBEDTLS_THREADING_C) /* Free the mutex, but only if it hasn't been freed already. */ - if( ctx->ver != 0 ) - { - mbedtls_mutex_free( &ctx->mutex ); + if (ctx->ver != 0) { + mbedtls_mutex_free(&ctx->mutex); ctx->ver = 0; } #endif @@ -2414,31 +2449,34 @@ void mbedtls_rsa_free( mbedtls_rsa_context *ctx ) "\x11\x22\x33\x0A\x0B\x0C\xCC\xDD\xDD\xDD\xDD\xDD" #if defined(MBEDTLS_PKCS1_V15) -static int myrand( void *rng_state, unsigned char *output, size_t len ) +static int myrand(void *rng_state, unsigned char *output, size_t len) { #if !defined(__OpenBSD__) && !defined(__NetBSD__) size_t i; - if( rng_state != NULL ) + if (rng_state != NULL) { rng_state = NULL; + } - for( i = 0; i < len; ++i ) + for (i = 0; i < len; ++i) { output[i] = rand(); + } #else - if( rng_state != NULL ) + if (rng_state != NULL) { rng_state = NULL; + } - arc4random_buf( output, len ); + arc4random_buf(output, len); #endif /* !OpenBSD && !NetBSD */ - return( 0 ); + return 0; } #endif /* MBEDTLS_PKCS1_V15 */ /* * Checkup routine */ -int mbedtls_rsa_self_test( int verbose ) +int mbedtls_rsa_self_test(int verbose) { int ret = 0; #if defined(MBEDTLS_PKCS1_V15) @@ -2453,128 +2491,136 @@ int mbedtls_rsa_self_test( int verbose ) mbedtls_mpi K; - mbedtls_mpi_init( &K ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_mpi_init(&K); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_N ) ); - MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, &K, NULL, NULL, NULL, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_P ) ); - MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, &K, NULL, NULL, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_Q ) ); - MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, NULL, &K, NULL, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_D ) ); - MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, NULL, NULL, &K, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_E ) ); - MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, NULL, NULL, NULL, &K ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_N)); + MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, &K, NULL, NULL, NULL, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_P)); + MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, NULL, &K, NULL, NULL, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_Q)); + MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, NULL, NULL, &K, NULL, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_D)); + MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, NULL, NULL, NULL, &K, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_E)); + MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, NULL, NULL, NULL, NULL, &K)); - MBEDTLS_MPI_CHK( mbedtls_rsa_complete( &rsa ) ); + MBEDTLS_MPI_CHK(mbedtls_rsa_complete(&rsa)); - if( verbose != 0 ) - mbedtls_printf( " RSA key validation: " ); + if (verbose != 0) { + mbedtls_printf(" RSA key validation: "); + } - if( mbedtls_rsa_check_pubkey( &rsa ) != 0 || - mbedtls_rsa_check_privkey( &rsa ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_rsa_check_pubkey(&rsa) != 0 || + mbedtls_rsa_check_privkey(&rsa) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n PKCS#1 encryption : " ); + if (verbose != 0) { + mbedtls_printf("passed\n PKCS#1 encryption : "); + } - memcpy( rsa_plaintext, RSA_PT, PT_LEN ); + memcpy(rsa_plaintext, RSA_PT, PT_LEN); - if( mbedtls_rsa_pkcs1_encrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PUBLIC, - PT_LEN, rsa_plaintext, - rsa_ciphertext ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_rsa_pkcs1_encrypt(&rsa, myrand, NULL, MBEDTLS_RSA_PUBLIC, + PT_LEN, rsa_plaintext, + rsa_ciphertext) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n PKCS#1 decryption : " ); + if (verbose != 0) { + mbedtls_printf("passed\n PKCS#1 decryption : "); + } - if( mbedtls_rsa_pkcs1_decrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PRIVATE, - &len, rsa_ciphertext, rsa_decrypted, - sizeof(rsa_decrypted) ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_rsa_pkcs1_decrypt(&rsa, myrand, NULL, MBEDTLS_RSA_PRIVATE, + &len, rsa_ciphertext, rsa_decrypted, + sizeof(rsa_decrypted)) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( memcmp( rsa_decrypted, rsa_plaintext, len ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (memcmp(rsa_decrypted, rsa_plaintext, len) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } #if defined(MBEDTLS_SHA1_C) - if( verbose != 0 ) - mbedtls_printf( " PKCS#1 data sign : " ); + if (verbose != 0) { + mbedtls_printf(" PKCS#1 data sign : "); + } - if( mbedtls_sha1_ret( rsa_plaintext, PT_LEN, sha1sum ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_sha1_ret(rsa_plaintext, PT_LEN, sha1sum) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( 1 ); + return 1; } - if( mbedtls_rsa_pkcs1_sign( &rsa, myrand, NULL, - MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0, - sha1sum, rsa_ciphertext ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_rsa_pkcs1_sign(&rsa, myrand, NULL, + MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0, + sha1sum, rsa_ciphertext) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n PKCS#1 sig. verify: " ); + if (verbose != 0) { + mbedtls_printf("passed\n PKCS#1 sig. verify: "); + } - if( mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, - MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, - sha1sum, rsa_ciphertext ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_rsa_pkcs1_verify(&rsa, NULL, NULL, + MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, + sha1sum, rsa_ciphertext) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } #endif /* MBEDTLS_SHA1_C */ - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } cleanup: - mbedtls_mpi_free( &K ); - mbedtls_rsa_free( &rsa ); + mbedtls_mpi_free(&K); + mbedtls_rsa_free(&rsa); #else /* MBEDTLS_PKCS1_V15 */ ((void) verbose); #endif /* MBEDTLS_PKCS1_V15 */ - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/rsa_internal.c b/library/rsa_internal.c index d6ba97a14baf..2ff51c34b71b 100644 --- a/library/rsa_internal.c +++ b/library/rsa_internal.c @@ -59,9 +59,9 @@ * of (a) and (b) above to attempt to factor N. * */ -int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, - mbedtls_mpi const *E, mbedtls_mpi const *D, - mbedtls_mpi *P, mbedtls_mpi *Q ) +int mbedtls_rsa_deduce_primes(mbedtls_mpi const *N, + mbedtls_mpi const *E, mbedtls_mpi const *D, + mbedtls_mpi *P, mbedtls_mpi *Q) { int ret = 0; @@ -74,48 +74,46 @@ int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, mbedtls_mpi K; /* Temporary holding the current candidate */ const unsigned char primes[] = { 2, - 3, 5, 7, 11, 13, 17, 19, 23, - 29, 31, 37, 41, 43, 47, 53, 59, - 61, 67, 71, 73, 79, 83, 89, 97, - 101, 103, 107, 109, 113, 127, 131, 137, - 139, 149, 151, 157, 163, 167, 173, 179, - 181, 191, 193, 197, 199, 211, 223, 227, - 229, 233, 239, 241, 251 - }; - - const size_t num_primes = sizeof( primes ) / sizeof( *primes ); - - if( P == NULL || Q == NULL || P->p != NULL || Q->p != NULL ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - - if( mbedtls_mpi_cmp_int( N, 0 ) <= 0 || - mbedtls_mpi_cmp_int( D, 1 ) <= 0 || - mbedtls_mpi_cmp_mpi( D, N ) >= 0 || - mbedtls_mpi_cmp_int( E, 1 ) <= 0 || - mbedtls_mpi_cmp_mpi( E, N ) >= 0 ) - { - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + 3, 5, 7, 11, 13, 17, 19, 23, + 29, 31, 37, 41, 43, 47, 53, 59, + 61, 67, 71, 73, 79, 83, 89, 97, + 101, 103, 107, 109, 113, 127, 131, 137, + 139, 149, 151, 157, 163, 167, 173, 179, + 181, 191, 193, 197, 199, 211, 223, 227, + 229, 233, 239, 241, 251 }; + + const size_t num_primes = sizeof(primes) / sizeof(*primes); + + if (P == NULL || Q == NULL || P->p != NULL || Q->p != NULL) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } + + if (mbedtls_mpi_cmp_int(N, 0) <= 0 || + mbedtls_mpi_cmp_int(D, 1) <= 0 || + mbedtls_mpi_cmp_mpi(D, N) >= 0 || + mbedtls_mpi_cmp_int(E, 1) <= 0 || + mbedtls_mpi_cmp_mpi(E, N) >= 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } /* * Initializations and temporary changes */ - mbedtls_mpi_init( &K ); - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&K); + mbedtls_mpi_init(&T); /* T := DE - 1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, D, E ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &T, &T, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, D, E)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&T, &T, 1)); - if( ( order = (uint16_t) mbedtls_mpi_lsb( &T ) ) == 0 ) - { + if ((order = (uint16_t) mbedtls_mpi_lsb(&T)) == 0) { ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; goto cleanup; } /* After this operation, T holds the largest odd divisor of DE - 1. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &T, order ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&T, order)); /* * Actual work @@ -123,49 +121,49 @@ int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, /* Skip trying 2 if N == 1 mod 8 */ attempt = 0; - if( N->p[0] % 8 == 1 ) + if (N->p[0] % 8 == 1) { attempt = 1; + } - for( ; attempt < num_primes; ++attempt ) - { - mbedtls_mpi_lset( &K, primes[attempt] ); + for (; attempt < num_primes; ++attempt) { + mbedtls_mpi_lset(&K, primes[attempt]); /* Check if gcd(K,N) = 1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( P, &K, N ) ); - if( mbedtls_mpi_cmp_int( P, 1 ) != 0 ) + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(P, &K, N)); + if (mbedtls_mpi_cmp_int(P, 1) != 0) { continue; + } /* Go through K^T + 1, K^(2T) + 1, K^(4T) + 1, ... * and check whether they have nontrivial GCD with N. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &K, &K, &T, N, - Q /* temporarily use Q for storing Montgomery - * multiplication helper values */ ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&K, &K, &T, N, + Q /* temporarily use Q for storing Montgomery + * multiplication helper values */)); - for( iter = 1; iter <= order; ++iter ) - { + for (iter = 1; iter <= order; ++iter) { /* If we reach 1 prematurely, there's no point * in continuing to square K */ - if( mbedtls_mpi_cmp_int( &K, 1 ) == 0 ) + if (mbedtls_mpi_cmp_int(&K, 1) == 0) { break; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &K, &K, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( P, &K, N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&K, &K, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(P, &K, N)); - if( mbedtls_mpi_cmp_int( P, 1 ) == 1 && - mbedtls_mpi_cmp_mpi( P, N ) == -1 ) - { + if (mbedtls_mpi_cmp_int(P, 1) == 1 && + mbedtls_mpi_cmp_mpi(P, N) == -1) { /* * Have found a nontrivial divisor P of N. * Set Q := N / P. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( Q, NULL, N, P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(Q, NULL, N, P)); goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, &K, &K ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, &K, &K)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&K, &K, N)); } /* @@ -175,8 +173,7 @@ int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, * Check if that's the case and abort if not, to avoid very long, * yet eventually failing, computations if N,D,E were not sane. */ - if( mbedtls_mpi_cmp_int( &K, 1 ) != 0 ) - { + if (mbedtls_mpi_cmp_int(&K, 1) != 0) { break; } } @@ -185,125 +182,116 @@ int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, cleanup: - mbedtls_mpi_free( &K ); - mbedtls_mpi_free( &T ); - return( ret ); + mbedtls_mpi_free(&K); + mbedtls_mpi_free(&T); + return ret; } /* * Given P, Q and the public exponent E, deduce D. * This is essentially a modular inversion. */ -int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P, - mbedtls_mpi const *Q, - mbedtls_mpi const *E, - mbedtls_mpi *D ) +int mbedtls_rsa_deduce_private_exponent(mbedtls_mpi const *P, + mbedtls_mpi const *Q, + mbedtls_mpi const *E, + mbedtls_mpi *D) { int ret = 0; mbedtls_mpi K, L; - if( D == NULL || mbedtls_mpi_cmp_int( D, 0 ) != 0 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (D == NULL || mbedtls_mpi_cmp_int(D, 0) != 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - if( mbedtls_mpi_cmp_int( P, 1 ) <= 0 || - mbedtls_mpi_cmp_int( Q, 1 ) <= 0 || - mbedtls_mpi_cmp_int( E, 0 ) == 0 ) - { - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (mbedtls_mpi_cmp_int(P, 1) <= 0 || + mbedtls_mpi_cmp_int(Q, 1) <= 0 || + mbedtls_mpi_cmp_int(E, 0) == 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } - mbedtls_mpi_init( &K ); - mbedtls_mpi_init( &L ); + mbedtls_mpi_init(&K); + mbedtls_mpi_init(&L); /* Temporarily put K := P-1 and L := Q-1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, Q, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&L, Q, 1)); /* Temporarily put D := gcd(P-1, Q-1) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( D, &K, &L ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(D, &K, &L)); /* K := LCM(P-1, Q-1) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, &K, &L ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &K, NULL, &K, D ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, &K, &L)); + MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(&K, NULL, &K, D)); /* Compute modular inverse of E in LCM(P-1, Q-1) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( D, E, &K ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(D, E, &K)); cleanup: - mbedtls_mpi_free( &K ); - mbedtls_mpi_free( &L ); + mbedtls_mpi_free(&K); + mbedtls_mpi_free(&L); - return( ret ); + return ret; } /* * Check that RSA CRT parameters are in accordance with core parameters. */ -int mbedtls_rsa_validate_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q, - const mbedtls_mpi *D, const mbedtls_mpi *DP, - const mbedtls_mpi *DQ, const mbedtls_mpi *QP ) +int mbedtls_rsa_validate_crt(const mbedtls_mpi *P, const mbedtls_mpi *Q, + const mbedtls_mpi *D, const mbedtls_mpi *DP, + const mbedtls_mpi *DQ, const mbedtls_mpi *QP) { int ret = 0; mbedtls_mpi K, L; - mbedtls_mpi_init( &K ); - mbedtls_mpi_init( &L ); + mbedtls_mpi_init(&K); + mbedtls_mpi_init(&L); /* Check that DP - D == 0 mod P - 1 */ - if( DP != NULL ) - { - if( P == NULL ) - { + if (DP != NULL) { + if (P == NULL) { ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &L, DP, D ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &L, &L, &K ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&L, DP, D)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&L, &L, &K)); - if( mbedtls_mpi_cmp_int( &L, 0 ) != 0 ) - { + if (mbedtls_mpi_cmp_int(&L, 0) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } } /* Check that DQ - D == 0 mod Q - 1 */ - if( DQ != NULL ) - { - if( Q == NULL ) - { + if (DQ != NULL) { + if (Q == NULL) { ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, Q, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &L, DQ, D ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &L, &L, &K ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, Q, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&L, DQ, D)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&L, &L, &K)); - if( mbedtls_mpi_cmp_int( &L, 0 ) != 0 ) - { + if (mbedtls_mpi_cmp_int(&L, 0) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } } /* Check that QP * Q - 1 == 0 mod P */ - if( QP != NULL ) - { - if( P == NULL || Q == NULL ) - { + if (QP != NULL) { + if (P == NULL || Q == NULL) { ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, QP, Q ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, P ) ); - if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, QP, Q)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&K, &K, P)); + if (mbedtls_mpi_cmp_int(&K, 0) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } @@ -312,33 +300,32 @@ int mbedtls_rsa_validate_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q, cleanup: /* Wrap MPI error codes by RSA check failure error code */ - if( ret != 0 && + if (ret != 0 && ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED && - ret != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) - { + ret != MBEDTLS_ERR_RSA_BAD_INPUT_DATA) { ret += MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - mbedtls_mpi_free( &K ); - mbedtls_mpi_free( &L ); + mbedtls_mpi_free(&K); + mbedtls_mpi_free(&L); - return( ret ); + return ret; } /* * Check that core RSA parameters are sane. */ -int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, - const mbedtls_mpi *Q, const mbedtls_mpi *D, - const mbedtls_mpi *E, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_rsa_validate_params(const mbedtls_mpi *N, const mbedtls_mpi *P, + const mbedtls_mpi *Q, const mbedtls_mpi *D, + const mbedtls_mpi *E, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = 0; mbedtls_mpi K, L; - mbedtls_mpi_init( &K ); - mbedtls_mpi_init( &L ); + mbedtls_mpi_init(&K); + mbedtls_mpi_init(&L); /* * Step 1: If PRNG provided, check that P and Q are prime @@ -350,16 +337,14 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, * rate of at most 2^-100 and we are aiming for the same certainty here as * well. */ - if( f_rng != NULL && P != NULL && - ( ret = mbedtls_mpi_is_prime_ext( P, 50, f_rng, p_rng ) ) != 0 ) - { + if (f_rng != NULL && P != NULL && + (ret = mbedtls_mpi_is_prime_ext(P, 50, f_rng, p_rng)) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } - if( f_rng != NULL && Q != NULL && - ( ret = mbedtls_mpi_is_prime_ext( Q, 50, f_rng, p_rng ) ) != 0 ) - { + if (f_rng != NULL && Q != NULL && + (ret = mbedtls_mpi_is_prime_ext(Q, 50, f_rng, p_rng)) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } @@ -372,12 +357,10 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, * Step 2: Check that 1 < N = P * Q */ - if( P != NULL && Q != NULL && N != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, P, Q ) ); - if( mbedtls_mpi_cmp_int( N, 1 ) <= 0 || - mbedtls_mpi_cmp_mpi( &K, N ) != 0 ) - { + if (P != NULL && Q != NULL && N != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, P, Q)); + if (mbedtls_mpi_cmp_int(N, 1) <= 0 || + mbedtls_mpi_cmp_mpi(&K, N) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } @@ -387,13 +370,11 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, * Step 3: Check and 1 < D, E < N if present. */ - if( N != NULL && D != NULL && E != NULL ) - { - if ( mbedtls_mpi_cmp_int( D, 1 ) <= 0 || - mbedtls_mpi_cmp_int( E, 1 ) <= 0 || - mbedtls_mpi_cmp_mpi( D, N ) >= 0 || - mbedtls_mpi_cmp_mpi( E, N ) >= 0 ) - { + if (N != NULL && D != NULL && E != NULL) { + if (mbedtls_mpi_cmp_int(D, 1) <= 0 || + mbedtls_mpi_cmp_int(E, 1) <= 0 || + mbedtls_mpi_cmp_mpi(D, N) >= 0 || + mbedtls_mpi_cmp_mpi(E, N) >= 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } @@ -403,33 +384,29 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, * Step 4: Check that D, E are inverse modulo P-1 and Q-1 */ - if( P != NULL && Q != NULL && D != NULL && E != NULL ) - { - if( mbedtls_mpi_cmp_int( P, 1 ) <= 0 || - mbedtls_mpi_cmp_int( Q, 1 ) <= 0 ) - { + if (P != NULL && Q != NULL && D != NULL && E != NULL) { + if (mbedtls_mpi_cmp_int(P, 1) <= 0 || + mbedtls_mpi_cmp_int(Q, 1) <= 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } /* Compute DE-1 mod P-1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, D, E ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, &L ) ); - if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, D, E)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&L, P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&K, &K, &L)); + if (mbedtls_mpi_cmp_int(&K, 0) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } /* Compute DE-1 mod Q-1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, D, E ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, Q, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, &L ) ); - if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, D, E)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&L, Q, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&K, &K, &L)); + if (mbedtls_mpi_cmp_int(&K, 0) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } @@ -437,50 +414,46 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, cleanup: - mbedtls_mpi_free( &K ); - mbedtls_mpi_free( &L ); + mbedtls_mpi_free(&K); + mbedtls_mpi_free(&L); /* Wrap MPI error codes by RSA check failure error code */ - if( ret != 0 && ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ) - { + if (ret != 0 && ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED) { ret += MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - return( ret ); + return ret; } -int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q, - const mbedtls_mpi *D, mbedtls_mpi *DP, - mbedtls_mpi *DQ, mbedtls_mpi *QP ) +int mbedtls_rsa_deduce_crt(const mbedtls_mpi *P, const mbedtls_mpi *Q, + const mbedtls_mpi *D, mbedtls_mpi *DP, + mbedtls_mpi *DQ, mbedtls_mpi *QP) { int ret = 0; mbedtls_mpi K; - mbedtls_mpi_init( &K ); + mbedtls_mpi_init(&K); /* DP = D mod P-1 */ - if( DP != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( DP, D, &K ) ); + if (DP != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(DP, D, &K)); } /* DQ = D mod Q-1 */ - if( DQ != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, Q, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( DQ, D, &K ) ); + if (DQ != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, Q, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(DQ, D, &K)); } /* QP = Q^{-1} mod P */ - if( QP != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( QP, Q, P ) ); + if (QP != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(QP, Q, P)); } cleanup: - mbedtls_mpi_free( &K ); + mbedtls_mpi_free(&K); - return( ret ); + return ret; } #endif /* MBEDTLS_RSA_C */ diff --git a/library/sha1.c b/library/sha1.c index 7f0c8757dbe2..6da641427c70 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -35,32 +35,33 @@ #include "mbedtls/platform.h" #define SHA1_VALIDATE_RET(cond) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA1_BAD_INPUT_DATA ) + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_SHA1_BAD_INPUT_DATA) -#define SHA1_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond ) +#define SHA1_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE(cond) #if !defined(MBEDTLS_SHA1_ALT) -void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) +void mbedtls_sha1_init(mbedtls_sha1_context *ctx) { - SHA1_VALIDATE( ctx != NULL ); + SHA1_VALIDATE(ctx != NULL); - memset( ctx, 0, sizeof( mbedtls_sha1_context ) ); + memset(ctx, 0, sizeof(mbedtls_sha1_context)); } -void mbedtls_sha1_free( mbedtls_sha1_context *ctx ) +void mbedtls_sha1_free(mbedtls_sha1_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha1_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha1_context)); } -void mbedtls_sha1_clone( mbedtls_sha1_context *dst, - const mbedtls_sha1_context *src ) +void mbedtls_sha1_clone(mbedtls_sha1_context *dst, + const mbedtls_sha1_context *src) { - SHA1_VALIDATE( dst != NULL ); - SHA1_VALIDATE( src != NULL ); + SHA1_VALIDATE(dst != NULL); + SHA1_VALIDATE(src != NULL); *dst = *src; } @@ -68,9 +69,9 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst, /* * SHA-1 context setup */ -int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ) +int mbedtls_sha1_starts_ret(mbedtls_sha1_context *ctx) { - SHA1_VALIDATE_RET( ctx != NULL ); + SHA1_VALIDATE_RET(ctx != NULL); ctx->total[0] = 0; ctx->total[1] = 0; @@ -81,62 +82,61 @@ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ) ctx->state[3] = 0x10325476; ctx->state[4] = 0xC3D2E1F0; - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ) +void mbedtls_sha1_starts(mbedtls_sha1_context *ctx) { - mbedtls_sha1_starts_ret( ctx ); + mbedtls_sha1_starts_ret(ctx); } #endif #if !defined(MBEDTLS_SHA1_PROCESS_ALT) -int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, - const unsigned char data[64] ) +int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, + const unsigned char data[64]) { - struct - { + struct { uint32_t temp, W[16], A, B, C, D, E; } local; - SHA1_VALIDATE_RET( ctx != NULL ); - SHA1_VALIDATE_RET( (const unsigned char *)data != NULL ); - - local.W[ 0] = MBEDTLS_GET_UINT32_BE( data, 0 ); - local.W[ 1] = MBEDTLS_GET_UINT32_BE( data, 4 ); - local.W[ 2] = MBEDTLS_GET_UINT32_BE( data, 8 ); - local.W[ 3] = MBEDTLS_GET_UINT32_BE( data, 12 ); - local.W[ 4] = MBEDTLS_GET_UINT32_BE( data, 16 ); - local.W[ 5] = MBEDTLS_GET_UINT32_BE( data, 20 ); - local.W[ 6] = MBEDTLS_GET_UINT32_BE( data, 24 ); - local.W[ 7] = MBEDTLS_GET_UINT32_BE( data, 28 ); - local.W[ 8] = MBEDTLS_GET_UINT32_BE( data, 32 ); - local.W[ 9] = MBEDTLS_GET_UINT32_BE( data, 36 ); - local.W[10] = MBEDTLS_GET_UINT32_BE( data, 40 ); - local.W[11] = MBEDTLS_GET_UINT32_BE( data, 44 ); - local.W[12] = MBEDTLS_GET_UINT32_BE( data, 48 ); - local.W[13] = MBEDTLS_GET_UINT32_BE( data, 52 ); - local.W[14] = MBEDTLS_GET_UINT32_BE( data, 56 ); - local.W[15] = MBEDTLS_GET_UINT32_BE( data, 60 ); - -#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) + SHA1_VALIDATE_RET(ctx != NULL); + SHA1_VALIDATE_RET((const unsigned char *) data != NULL); + + local.W[0] = MBEDTLS_GET_UINT32_BE(data, 0); + local.W[1] = MBEDTLS_GET_UINT32_BE(data, 4); + local.W[2] = MBEDTLS_GET_UINT32_BE(data, 8); + local.W[3] = MBEDTLS_GET_UINT32_BE(data, 12); + local.W[4] = MBEDTLS_GET_UINT32_BE(data, 16); + local.W[5] = MBEDTLS_GET_UINT32_BE(data, 20); + local.W[6] = MBEDTLS_GET_UINT32_BE(data, 24); + local.W[7] = MBEDTLS_GET_UINT32_BE(data, 28); + local.W[8] = MBEDTLS_GET_UINT32_BE(data, 32); + local.W[9] = MBEDTLS_GET_UINT32_BE(data, 36); + local.W[10] = MBEDTLS_GET_UINT32_BE(data, 40); + local.W[11] = MBEDTLS_GET_UINT32_BE(data, 44); + local.W[12] = MBEDTLS_GET_UINT32_BE(data, 48); + local.W[13] = MBEDTLS_GET_UINT32_BE(data, 52); + local.W[14] = MBEDTLS_GET_UINT32_BE(data, 56); + local.W[15] = MBEDTLS_GET_UINT32_BE(data, 60); + +#define S(x, n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) #define R(t) \ ( \ - local.temp = local.W[( (t) - 3 ) & 0x0F] ^ \ - local.W[( (t) - 8 ) & 0x0F] ^ \ - local.W[( (t) - 14 ) & 0x0F] ^ \ - local.W[ (t) & 0x0F], \ - ( local.W[(t) & 0x0F] = S(local.temp,1) ) \ + local.temp = local.W[((t) - 3) & 0x0F] ^ \ + local.W[((t) - 8) & 0x0F] ^ \ + local.W[((t) - 14) & 0x0F] ^ \ + local.W[(t) & 0x0F], \ + (local.W[(t) & 0x0F] = S(local.temp, 1)) \ ) -#define P(a,b,c,d,e,x) \ +#define P(a, b, c, d, e, x) \ do \ { \ - (e) += S((a),5) + F((b),(c),(d)) + K + (x); \ - (b) = S((b),30); \ - } while( 0 ) + (e) += S((a), 5) + F((b), (c), (d)) + K + (x); \ + (b) = S((b), 30); \ + } while (0) local.A = ctx->state[0]; local.B = ctx->state[1]; @@ -144,110 +144,110 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, local.D = ctx->state[3]; local.E = ctx->state[4]; -#define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) +#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) #define K 0x5A827999 - P( local.A, local.B, local.C, local.D, local.E, local.W[0] ); - P( local.E, local.A, local.B, local.C, local.D, local.W[1] ); - P( local.D, local.E, local.A, local.B, local.C, local.W[2] ); - P( local.C, local.D, local.E, local.A, local.B, local.W[3] ); - P( local.B, local.C, local.D, local.E, local.A, local.W[4] ); - P( local.A, local.B, local.C, local.D, local.E, local.W[5] ); - P( local.E, local.A, local.B, local.C, local.D, local.W[6] ); - P( local.D, local.E, local.A, local.B, local.C, local.W[7] ); - P( local.C, local.D, local.E, local.A, local.B, local.W[8] ); - P( local.B, local.C, local.D, local.E, local.A, local.W[9] ); - P( local.A, local.B, local.C, local.D, local.E, local.W[10] ); - P( local.E, local.A, local.B, local.C, local.D, local.W[11] ); - P( local.D, local.E, local.A, local.B, local.C, local.W[12] ); - P( local.C, local.D, local.E, local.A, local.B, local.W[13] ); - P( local.B, local.C, local.D, local.E, local.A, local.W[14] ); - P( local.A, local.B, local.C, local.D, local.E, local.W[15] ); - P( local.E, local.A, local.B, local.C, local.D, R(16) ); - P( local.D, local.E, local.A, local.B, local.C, R(17) ); - P( local.C, local.D, local.E, local.A, local.B, R(18) ); - P( local.B, local.C, local.D, local.E, local.A, R(19) ); + P(local.A, local.B, local.C, local.D, local.E, local.W[0]); + P(local.E, local.A, local.B, local.C, local.D, local.W[1]); + P(local.D, local.E, local.A, local.B, local.C, local.W[2]); + P(local.C, local.D, local.E, local.A, local.B, local.W[3]); + P(local.B, local.C, local.D, local.E, local.A, local.W[4]); + P(local.A, local.B, local.C, local.D, local.E, local.W[5]); + P(local.E, local.A, local.B, local.C, local.D, local.W[6]); + P(local.D, local.E, local.A, local.B, local.C, local.W[7]); + P(local.C, local.D, local.E, local.A, local.B, local.W[8]); + P(local.B, local.C, local.D, local.E, local.A, local.W[9]); + P(local.A, local.B, local.C, local.D, local.E, local.W[10]); + P(local.E, local.A, local.B, local.C, local.D, local.W[11]); + P(local.D, local.E, local.A, local.B, local.C, local.W[12]); + P(local.C, local.D, local.E, local.A, local.B, local.W[13]); + P(local.B, local.C, local.D, local.E, local.A, local.W[14]); + P(local.A, local.B, local.C, local.D, local.E, local.W[15]); + P(local.E, local.A, local.B, local.C, local.D, R(16)); + P(local.D, local.E, local.A, local.B, local.C, R(17)); + P(local.C, local.D, local.E, local.A, local.B, R(18)); + P(local.B, local.C, local.D, local.E, local.A, R(19)); #undef K #undef F -#define F(x,y,z) ((x) ^ (y) ^ (z)) +#define F(x, y, z) ((x) ^ (y) ^ (z)) #define K 0x6ED9EBA1 - P( local.A, local.B, local.C, local.D, local.E, R(20) ); - P( local.E, local.A, local.B, local.C, local.D, R(21) ); - P( local.D, local.E, local.A, local.B, local.C, R(22) ); - P( local.C, local.D, local.E, local.A, local.B, R(23) ); - P( local.B, local.C, local.D, local.E, local.A, R(24) ); - P( local.A, local.B, local.C, local.D, local.E, R(25) ); - P( local.E, local.A, local.B, local.C, local.D, R(26) ); - P( local.D, local.E, local.A, local.B, local.C, R(27) ); - P( local.C, local.D, local.E, local.A, local.B, R(28) ); - P( local.B, local.C, local.D, local.E, local.A, R(29) ); - P( local.A, local.B, local.C, local.D, local.E, R(30) ); - P( local.E, local.A, local.B, local.C, local.D, R(31) ); - P( local.D, local.E, local.A, local.B, local.C, R(32) ); - P( local.C, local.D, local.E, local.A, local.B, R(33) ); - P( local.B, local.C, local.D, local.E, local.A, R(34) ); - P( local.A, local.B, local.C, local.D, local.E, R(35) ); - P( local.E, local.A, local.B, local.C, local.D, R(36) ); - P( local.D, local.E, local.A, local.B, local.C, R(37) ); - P( local.C, local.D, local.E, local.A, local.B, R(38) ); - P( local.B, local.C, local.D, local.E, local.A, R(39) ); + P(local.A, local.B, local.C, local.D, local.E, R(20)); + P(local.E, local.A, local.B, local.C, local.D, R(21)); + P(local.D, local.E, local.A, local.B, local.C, R(22)); + P(local.C, local.D, local.E, local.A, local.B, R(23)); + P(local.B, local.C, local.D, local.E, local.A, R(24)); + P(local.A, local.B, local.C, local.D, local.E, R(25)); + P(local.E, local.A, local.B, local.C, local.D, R(26)); + P(local.D, local.E, local.A, local.B, local.C, R(27)); + P(local.C, local.D, local.E, local.A, local.B, R(28)); + P(local.B, local.C, local.D, local.E, local.A, R(29)); + P(local.A, local.B, local.C, local.D, local.E, R(30)); + P(local.E, local.A, local.B, local.C, local.D, R(31)); + P(local.D, local.E, local.A, local.B, local.C, R(32)); + P(local.C, local.D, local.E, local.A, local.B, R(33)); + P(local.B, local.C, local.D, local.E, local.A, R(34)); + P(local.A, local.B, local.C, local.D, local.E, R(35)); + P(local.E, local.A, local.B, local.C, local.D, R(36)); + P(local.D, local.E, local.A, local.B, local.C, R(37)); + P(local.C, local.D, local.E, local.A, local.B, R(38)); + P(local.B, local.C, local.D, local.E, local.A, R(39)); #undef K #undef F -#define F(x,y,z) (((x) & (y)) | ((z) & ((x) | (y)))) +#define F(x, y, z) (((x) & (y)) | ((z) & ((x) | (y)))) #define K 0x8F1BBCDC - P( local.A, local.B, local.C, local.D, local.E, R(40) ); - P( local.E, local.A, local.B, local.C, local.D, R(41) ); - P( local.D, local.E, local.A, local.B, local.C, R(42) ); - P( local.C, local.D, local.E, local.A, local.B, R(43) ); - P( local.B, local.C, local.D, local.E, local.A, R(44) ); - P( local.A, local.B, local.C, local.D, local.E, R(45) ); - P( local.E, local.A, local.B, local.C, local.D, R(46) ); - P( local.D, local.E, local.A, local.B, local.C, R(47) ); - P( local.C, local.D, local.E, local.A, local.B, R(48) ); - P( local.B, local.C, local.D, local.E, local.A, R(49) ); - P( local.A, local.B, local.C, local.D, local.E, R(50) ); - P( local.E, local.A, local.B, local.C, local.D, R(51) ); - P( local.D, local.E, local.A, local.B, local.C, R(52) ); - P( local.C, local.D, local.E, local.A, local.B, R(53) ); - P( local.B, local.C, local.D, local.E, local.A, R(54) ); - P( local.A, local.B, local.C, local.D, local.E, R(55) ); - P( local.E, local.A, local.B, local.C, local.D, R(56) ); - P( local.D, local.E, local.A, local.B, local.C, R(57) ); - P( local.C, local.D, local.E, local.A, local.B, R(58) ); - P( local.B, local.C, local.D, local.E, local.A, R(59) ); + P(local.A, local.B, local.C, local.D, local.E, R(40)); + P(local.E, local.A, local.B, local.C, local.D, R(41)); + P(local.D, local.E, local.A, local.B, local.C, R(42)); + P(local.C, local.D, local.E, local.A, local.B, R(43)); + P(local.B, local.C, local.D, local.E, local.A, R(44)); + P(local.A, local.B, local.C, local.D, local.E, R(45)); + P(local.E, local.A, local.B, local.C, local.D, R(46)); + P(local.D, local.E, local.A, local.B, local.C, R(47)); + P(local.C, local.D, local.E, local.A, local.B, R(48)); + P(local.B, local.C, local.D, local.E, local.A, R(49)); + P(local.A, local.B, local.C, local.D, local.E, R(50)); + P(local.E, local.A, local.B, local.C, local.D, R(51)); + P(local.D, local.E, local.A, local.B, local.C, R(52)); + P(local.C, local.D, local.E, local.A, local.B, R(53)); + P(local.B, local.C, local.D, local.E, local.A, R(54)); + P(local.A, local.B, local.C, local.D, local.E, R(55)); + P(local.E, local.A, local.B, local.C, local.D, R(56)); + P(local.D, local.E, local.A, local.B, local.C, R(57)); + P(local.C, local.D, local.E, local.A, local.B, R(58)); + P(local.B, local.C, local.D, local.E, local.A, R(59)); #undef K #undef F -#define F(x,y,z) ((x) ^ (y) ^ (z)) +#define F(x, y, z) ((x) ^ (y) ^ (z)) #define K 0xCA62C1D6 - P( local.A, local.B, local.C, local.D, local.E, R(60) ); - P( local.E, local.A, local.B, local.C, local.D, R(61) ); - P( local.D, local.E, local.A, local.B, local.C, R(62) ); - P( local.C, local.D, local.E, local.A, local.B, R(63) ); - P( local.B, local.C, local.D, local.E, local.A, R(64) ); - P( local.A, local.B, local.C, local.D, local.E, R(65) ); - P( local.E, local.A, local.B, local.C, local.D, R(66) ); - P( local.D, local.E, local.A, local.B, local.C, R(67) ); - P( local.C, local.D, local.E, local.A, local.B, R(68) ); - P( local.B, local.C, local.D, local.E, local.A, R(69) ); - P( local.A, local.B, local.C, local.D, local.E, R(70) ); - P( local.E, local.A, local.B, local.C, local.D, R(71) ); - P( local.D, local.E, local.A, local.B, local.C, R(72) ); - P( local.C, local.D, local.E, local.A, local.B, R(73) ); - P( local.B, local.C, local.D, local.E, local.A, R(74) ); - P( local.A, local.B, local.C, local.D, local.E, R(75) ); - P( local.E, local.A, local.B, local.C, local.D, R(76) ); - P( local.D, local.E, local.A, local.B, local.C, R(77) ); - P( local.C, local.D, local.E, local.A, local.B, R(78) ); - P( local.B, local.C, local.D, local.E, local.A, R(79) ); + P(local.A, local.B, local.C, local.D, local.E, R(60)); + P(local.E, local.A, local.B, local.C, local.D, R(61)); + P(local.D, local.E, local.A, local.B, local.C, R(62)); + P(local.C, local.D, local.E, local.A, local.B, R(63)); + P(local.B, local.C, local.D, local.E, local.A, R(64)); + P(local.A, local.B, local.C, local.D, local.E, R(65)); + P(local.E, local.A, local.B, local.C, local.D, R(66)); + P(local.D, local.E, local.A, local.B, local.C, R(67)); + P(local.C, local.D, local.E, local.A, local.B, R(68)); + P(local.B, local.C, local.D, local.E, local.A, R(69)); + P(local.A, local.B, local.C, local.D, local.E, R(70)); + P(local.E, local.A, local.B, local.C, local.D, R(71)); + P(local.D, local.E, local.A, local.B, local.C, R(72)); + P(local.C, local.D, local.E, local.A, local.B, R(73)); + P(local.B, local.C, local.D, local.E, local.A, R(74)); + P(local.A, local.B, local.C, local.D, local.E, R(75)); + P(local.E, local.A, local.B, local.C, local.D, R(76)); + P(local.D, local.E, local.A, local.B, local.C, R(77)); + P(local.C, local.D, local.E, local.A, local.B, R(78)); + P(local.B, local.C, local.D, local.E, local.A, R(79)); #undef K #undef F @@ -259,16 +259,16 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, ctx->state[4] += local.E; /* Zeroise buffers and variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); + mbedtls_platform_zeroize(&local, sizeof(local)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1_process( mbedtls_sha1_context *ctx, - const unsigned char data[64] ) +void mbedtls_sha1_process(mbedtls_sha1_context *ctx, + const unsigned char data[64]) { - mbedtls_internal_sha1_process( ctx, data ); + mbedtls_internal_sha1_process(ctx, data); } #endif #endif /* !MBEDTLS_SHA1_PROCESS_ALT */ @@ -276,19 +276,20 @@ void mbedtls_sha1_process( mbedtls_sha1_context *ctx, /* * SHA-1 process buffer */ -int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_sha1_update_ret(mbedtls_sha1_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; - SHA1_VALIDATE_RET( ctx != NULL ); - SHA1_VALIDATE_RET( ilen == 0 || input != NULL ); + SHA1_VALIDATE_RET(ctx != NULL); + SHA1_VALIDATE_RET(ilen == 0 || input != NULL); - if( ilen == 0 ) - return( 0 ); + if (ilen == 0) { + return 0; + } left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -296,57 +297,59 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, ctx->total[0] += (uint32_t) ilen; ctx->total[0] &= 0xFFFFFFFF; - if( ctx->total[0] < (uint32_t) ilen ) + if (ctx->total[0] < (uint32_t) ilen) { ctx->total[1]++; + } - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); + if (left && ilen >= fill) { + memcpy((void *) (ctx->buffer + left), input, fill); - if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) { + return ret; + } input += fill; ilen -= fill; left = 0; } - while( ilen >= 64 ) - { - if( ( ret = mbedtls_internal_sha1_process( ctx, input ) ) != 0 ) - return( ret ); + while (ilen >= 64) { + if ((ret = mbedtls_internal_sha1_process(ctx, input)) != 0) { + return ret; + } input += 64; ilen -= 64; } - if( ilen > 0 ) - memcpy( (void *) (ctx->buffer + left), input, ilen ); + if (ilen > 0) { + memcpy((void *) (ctx->buffer + left), input, ilen); + } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1_update( mbedtls_sha1_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_sha1_update(mbedtls_sha1_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_sha1_update_ret( ctx, input, ilen ); + mbedtls_sha1_update_ret(ctx, input, ilen); } #endif /* * SHA-1 final digest */ -int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, - unsigned char output[20] ) +int mbedtls_sha1_finish_ret(mbedtls_sha1_context *ctx, + unsigned char output[20]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; uint32_t high, low; - SHA1_VALIDATE_RET( ctx != NULL ); - SHA1_VALIDATE_RET( (unsigned char *)output != NULL ); + SHA1_VALIDATE_RET(ctx != NULL); + SHA1_VALIDATE_RET((unsigned char *) output != NULL); /* * Add padding: 0x80 then 0x00 until 8 bytes remain for the length @@ -355,52 +358,51 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, ctx->buffer[used++] = 0x80; - if( used <= 56 ) - { + if (used <= 56) { /* Enough room for padding + length in current block */ - memset( ctx->buffer + used, 0, 56 - used ); - } - else - { + memset(ctx->buffer + used, 0, 56 - used); + } else { /* We'll need an extra block */ - memset( ctx->buffer + used, 0, 64 - used ); + memset(ctx->buffer + used, 0, 64 - used); - if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) { + return ret; + } - memset( ctx->buffer, 0, 56 ); + memset(ctx->buffer, 0, 56); } /* * Add message length */ - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); + high = (ctx->total[0] >> 29) + | (ctx->total[1] << 3); + low = (ctx->total[0] << 3); - MBEDTLS_PUT_UINT32_BE( high, ctx->buffer, 56 ); - MBEDTLS_PUT_UINT32_BE( low, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_BE(high, ctx->buffer, 56); + MBEDTLS_PUT_UINT32_BE(low, ctx->buffer, 60); - if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) { + return ret; + } /* * Output final state */ - MBEDTLS_PUT_UINT32_BE( ctx->state[0], output, 0 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[1], output, 4 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[2], output, 8 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[3], output, 12 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_BE(ctx->state[0], output, 0); + MBEDTLS_PUT_UINT32_BE(ctx->state[1], output, 4); + MBEDTLS_PUT_UINT32_BE(ctx->state[2], output, 8); + MBEDTLS_PUT_UINT32_BE(ctx->state[3], output, 12); + MBEDTLS_PUT_UINT32_BE(ctx->state[4], output, 16); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, - unsigned char output[20] ) +void mbedtls_sha1_finish(mbedtls_sha1_context *ctx, + unsigned char output[20]) { - mbedtls_sha1_finish_ret( ctx, output ); + mbedtls_sha1_finish_ret(ctx, output); } #endif @@ -409,39 +411,42 @@ void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, /* * output = SHA-1( input buffer ) */ -int mbedtls_sha1_ret( const unsigned char *input, - size_t ilen, - unsigned char output[20] ) +int mbedtls_sha1_ret(const unsigned char *input, + size_t ilen, + unsigned char output[20]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha1_context ctx; - SHA1_VALIDATE_RET( ilen == 0 || input != NULL ); - SHA1_VALIDATE_RET( (unsigned char *)output != NULL ); + SHA1_VALIDATE_RET(ilen == 0 || input != NULL); + SHA1_VALIDATE_RET((unsigned char *) output != NULL); - mbedtls_sha1_init( &ctx ); + mbedtls_sha1_init(&ctx); - if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 ) + if ((ret = mbedtls_sha1_starts_ret(&ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_sha1_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_sha1_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_sha1_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_sha1_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_sha1_free( &ctx ); + mbedtls_sha1_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1( const unsigned char *input, - size_t ilen, - unsigned char output[20] ) +void mbedtls_sha1(const unsigned char *input, + size_t ilen, + unsigned char output[20]) { - mbedtls_sha1_ret( input, ilen, output ); + mbedtls_sha1_ret(input, ilen, output); } #endif @@ -474,71 +479,73 @@ static const unsigned char sha1_test_sum[3][20] = /* * Checkup routine */ -int mbedtls_sha1_self_test( int verbose ) +int mbedtls_sha1_self_test(int verbose) { int i, j, buflen, ret = 0; unsigned char buf[1024]; unsigned char sha1sum[20]; mbedtls_sha1_context ctx; - mbedtls_sha1_init( &ctx ); + mbedtls_sha1_init(&ctx); /* * SHA-1 */ - for( i = 0; i < 3; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " SHA-1 test #%d: ", i + 1 ); + for (i = 0; i < 3; i++) { + if (verbose != 0) { + mbedtls_printf(" SHA-1 test #%d: ", i + 1); + } - if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 ) + if ((ret = mbedtls_sha1_starts_ret(&ctx)) != 0) { goto fail; + } - if( i == 2 ) - { - memset( buf, 'a', buflen = 1000 ); + if (i == 2) { + memset(buf, 'a', buflen = 1000); - for( j = 0; j < 1000; j++ ) - { - ret = mbedtls_sha1_update_ret( &ctx, buf, buflen ); - if( ret != 0 ) + for (j = 0; j < 1000; j++) { + ret = mbedtls_sha1_update_ret(&ctx, buf, buflen); + if (ret != 0) { goto fail; + } } - } - else - { - ret = mbedtls_sha1_update_ret( &ctx, sha1_test_buf[i], - sha1_test_buflen[i] ); - if( ret != 0 ) + } else { + ret = mbedtls_sha1_update_ret(&ctx, sha1_test_buf[i], + sha1_test_buflen[i]); + if (ret != 0) { goto fail; + } } - if( ( ret = mbedtls_sha1_finish_ret( &ctx, sha1sum ) ) != 0 ) + if ((ret = mbedtls_sha1_finish_ret(&ctx, sha1sum)) != 0) { goto fail; + } - if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 ) - { + if (memcmp(sha1sum, sha1_test_sum[i], 20) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } goto exit; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } exit: - mbedtls_sha1_free( &ctx ); + mbedtls_sha1_free(&ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/sha256.c b/library/sha256.c index 6f1306ee6606..f7090396d262 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -35,31 +35,32 @@ #include "mbedtls/platform.h" #define SHA256_VALIDATE_RET(cond) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA256_BAD_INPUT_DATA ) -#define SHA256_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond ) + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_SHA256_BAD_INPUT_DATA) +#define SHA256_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE(cond) #if !defined(MBEDTLS_SHA256_ALT) -void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) +void mbedtls_sha256_init(mbedtls_sha256_context *ctx) { - SHA256_VALIDATE( ctx != NULL ); + SHA256_VALIDATE(ctx != NULL); - memset( ctx, 0, sizeof( mbedtls_sha256_context ) ); + memset(ctx, 0, sizeof(mbedtls_sha256_context)); } -void mbedtls_sha256_free( mbedtls_sha256_context *ctx ) +void mbedtls_sha256_free(mbedtls_sha256_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha256_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha256_context)); } -void mbedtls_sha256_clone( mbedtls_sha256_context *dst, - const mbedtls_sha256_context *src ) +void mbedtls_sha256_clone(mbedtls_sha256_context *dst, + const mbedtls_sha256_context *src) { - SHA256_VALIDATE( dst != NULL ); - SHA256_VALIDATE( src != NULL ); + SHA256_VALIDATE(dst != NULL); + SHA256_VALIDATE(src != NULL); *dst = *src; } @@ -67,16 +68,15 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, /* * SHA-256 context setup */ -int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) +int mbedtls_sha256_starts_ret(mbedtls_sha256_context *ctx, int is224) { - SHA256_VALIDATE_RET( ctx != NULL ); - SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); + SHA256_VALIDATE_RET(ctx != NULL); + SHA256_VALIDATE_RET(is224 == 0 || is224 == 1); ctx->total[0] = 0; ctx->total[1] = 0; - if( is224 == 0 ) - { + if (is224 == 0) { /* SHA-256 */ ctx->state[0] = 0x6A09E667; ctx->state[1] = 0xBB67AE85; @@ -86,9 +86,7 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) ctx->state[5] = 0x9B05688C; ctx->state[6] = 0x1F83D9AB; ctx->state[7] = 0x5BE0CD19; - } - else - { + } else { /* SHA-224 */ ctx->state[0] = 0xC1059ED8; ctx->state[1] = 0x367CD507; @@ -102,14 +100,14 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) ctx->is224 = is224; - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, - int is224 ) +void mbedtls_sha256_starts(mbedtls_sha256_context *ctx, + int is224) { - mbedtls_sha256_starts_ret( ctx, is224 ); + mbedtls_sha256_starts_ret(ctx, is224); } #endif @@ -134,17 +132,17 @@ static const uint32_t K[] = 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2, }; -#define SHR(x,n) (((x) & 0xFFFFFFFF) >> (n)) -#define ROTR(x,n) (SHR(x,n) | ((x) << (32 - (n)))) +#define SHR(x, n) (((x) & 0xFFFFFFFF) >> (n)) +#define ROTR(x, n) (SHR(x, n) | ((x) << (32 - (n)))) -#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3)) -#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10)) +#define S0(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ SHR(x, 3)) +#define S1(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ SHR(x, 10)) -#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22)) -#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25)) +#define S2(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22)) +#define S3(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25)) -#define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y)))) -#define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) +#define F0(x, y, z) (((x) & (y)) | ((z) & ((x) | (y)))) +#define F1(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) #define R(t) \ ( \ @@ -152,41 +150,41 @@ static const uint32_t K[] = S0(local.W[(t) - 15]) + local.W[(t) - 16] \ ) -#define P(a,b,c,d,e,f,g,h,x,K) \ +#define P(a, b, c, d, e, f, g, h, x, K) \ do \ { \ - local.temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \ - local.temp2 = S2(a) + F0((a),(b),(c)); \ + local.temp1 = (h) + S3(e) + F1((e), (f), (g)) + (K) + (x); \ + local.temp2 = S2(a) + F0((a), (b), (c)); \ (d) += local.temp1; (h) = local.temp1 + local.temp2; \ - } while( 0 ) + } while (0) -int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, - const unsigned char data[64] ) +int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, + const unsigned char data[64]) { - struct - { + struct { uint32_t temp1, temp2, W[64]; uint32_t A[8]; } local; unsigned int i; - SHA256_VALIDATE_RET( ctx != NULL ); - SHA256_VALIDATE_RET( (const unsigned char *)data != NULL ); + SHA256_VALIDATE_RET(ctx != NULL); + SHA256_VALIDATE_RET((const unsigned char *) data != NULL); - for( i = 0; i < 8; i++ ) + for (i = 0; i < 8; i++) { local.A[i] = ctx->state[i]; + } #if defined(MBEDTLS_SHA256_SMALLER) - for( i = 0; i < 64; i++ ) - { - if( i < 16 ) - local.W[i] = MBEDTLS_GET_UINT32_BE( data, 4 * i ); - else - R( i ); + for (i = 0; i < 64; i++) { + if (i < 16) { + local.W[i] = MBEDTLS_GET_UINT32_BE(data, 4 * i); + } else { + R(i); + } - P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], - local.A[5], local.A[6], local.A[7], local.W[i], K[i] ); + P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], + local.A[5], local.A[6], local.A[7], local.W[i], K[i]); local.temp1 = local.A[7]; local.A[7] = local.A[6]; local.A[6] = local.A[5]; local.A[5] = local.A[4]; @@ -195,64 +193,64 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, local.A[0] = local.temp1; } #else /* MBEDTLS_SHA256_SMALLER */ - for( i = 0; i < 16; i++ ) - local.W[i] = MBEDTLS_GET_UINT32_BE( data, 4 * i ); - - for( i = 0; i < 16; i += 8 ) - { - P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], - local.A[5], local.A[6], local.A[7], local.W[i+0], K[i+0] ); - P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3], - local.A[4], local.A[5], local.A[6], local.W[i+1], K[i+1] ); - P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2], - local.A[3], local.A[4], local.A[5], local.W[i+2], K[i+2] ); - P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1], - local.A[2], local.A[3], local.A[4], local.W[i+3], K[i+3] ); - P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0], - local.A[1], local.A[2], local.A[3], local.W[i+4], K[i+4] ); - P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7], - local.A[0], local.A[1], local.A[2], local.W[i+5], K[i+5] ); - P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6], - local.A[7], local.A[0], local.A[1], local.W[i+6], K[i+6] ); - P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5], - local.A[6], local.A[7], local.A[0], local.W[i+7], K[i+7] ); + for (i = 0; i < 16; i++) { + local.W[i] = MBEDTLS_GET_UINT32_BE(data, 4 * i); } - for( i = 16; i < 64; i += 8 ) - { - P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], - local.A[5], local.A[6], local.A[7], R(i+0), K[i+0] ); - P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3], - local.A[4], local.A[5], local.A[6], R(i+1), K[i+1] ); - P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2], - local.A[3], local.A[4], local.A[5], R(i+2), K[i+2] ); - P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1], - local.A[2], local.A[3], local.A[4], R(i+3), K[i+3] ); - P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0], - local.A[1], local.A[2], local.A[3], R(i+4), K[i+4] ); - P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7], - local.A[0], local.A[1], local.A[2], R(i+5), K[i+5] ); - P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6], - local.A[7], local.A[0], local.A[1], R(i+6), K[i+6] ); - P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5], - local.A[6], local.A[7], local.A[0], R(i+7), K[i+7] ); + for (i = 0; i < 16; i += 8) { + P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], + local.A[5], local.A[6], local.A[7], local.W[i+0], K[i+0]); + P(local.A[7], local.A[0], local.A[1], local.A[2], local.A[3], + local.A[4], local.A[5], local.A[6], local.W[i+1], K[i+1]); + P(local.A[6], local.A[7], local.A[0], local.A[1], local.A[2], + local.A[3], local.A[4], local.A[5], local.W[i+2], K[i+2]); + P(local.A[5], local.A[6], local.A[7], local.A[0], local.A[1], + local.A[2], local.A[3], local.A[4], local.W[i+3], K[i+3]); + P(local.A[4], local.A[5], local.A[6], local.A[7], local.A[0], + local.A[1], local.A[2], local.A[3], local.W[i+4], K[i+4]); + P(local.A[3], local.A[4], local.A[5], local.A[6], local.A[7], + local.A[0], local.A[1], local.A[2], local.W[i+5], K[i+5]); + P(local.A[2], local.A[3], local.A[4], local.A[5], local.A[6], + local.A[7], local.A[0], local.A[1], local.W[i+6], K[i+6]); + P(local.A[1], local.A[2], local.A[3], local.A[4], local.A[5], + local.A[6], local.A[7], local.A[0], local.W[i+7], K[i+7]); + } + + for (i = 16; i < 64; i += 8) { + P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], + local.A[5], local.A[6], local.A[7], R(i+0), K[i+0]); + P(local.A[7], local.A[0], local.A[1], local.A[2], local.A[3], + local.A[4], local.A[5], local.A[6], R(i+1), K[i+1]); + P(local.A[6], local.A[7], local.A[0], local.A[1], local.A[2], + local.A[3], local.A[4], local.A[5], R(i+2), K[i+2]); + P(local.A[5], local.A[6], local.A[7], local.A[0], local.A[1], + local.A[2], local.A[3], local.A[4], R(i+3), K[i+3]); + P(local.A[4], local.A[5], local.A[6], local.A[7], local.A[0], + local.A[1], local.A[2], local.A[3], R(i+4), K[i+4]); + P(local.A[3], local.A[4], local.A[5], local.A[6], local.A[7], + local.A[0], local.A[1], local.A[2], R(i+5), K[i+5]); + P(local.A[2], local.A[3], local.A[4], local.A[5], local.A[6], + local.A[7], local.A[0], local.A[1], R(i+6), K[i+6]); + P(local.A[1], local.A[2], local.A[3], local.A[4], local.A[5], + local.A[6], local.A[7], local.A[0], R(i+7), K[i+7]); } #endif /* MBEDTLS_SHA256_SMALLER */ - for( i = 0; i < 8; i++ ) + for (i = 0; i < 8; i++) { ctx->state[i] += local.A[i]; + } /* Zeroise buffers and variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); + mbedtls_platform_zeroize(&local, sizeof(local)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256_process( mbedtls_sha256_context *ctx, - const unsigned char data[64] ) +void mbedtls_sha256_process(mbedtls_sha256_context *ctx, + const unsigned char data[64]) { - mbedtls_internal_sha256_process( ctx, data ); + mbedtls_internal_sha256_process(ctx, data); } #endif #endif /* !MBEDTLS_SHA256_PROCESS_ALT */ @@ -260,19 +258,20 @@ void mbedtls_sha256_process( mbedtls_sha256_context *ctx, /* * SHA-256 process buffer */ -int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_sha256_update_ret(mbedtls_sha256_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; - SHA256_VALIDATE_RET( ctx != NULL ); - SHA256_VALIDATE_RET( ilen == 0 || input != NULL ); + SHA256_VALIDATE_RET(ctx != NULL); + SHA256_VALIDATE_RET(ilen == 0 || input != NULL); - if( ilen == 0 ) - return( 0 ); + if (ilen == 0) { + return 0; + } left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -280,57 +279,59 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, ctx->total[0] += (uint32_t) ilen; ctx->total[0] &= 0xFFFFFFFF; - if( ctx->total[0] < (uint32_t) ilen ) + if (ctx->total[0] < (uint32_t) ilen) { ctx->total[1]++; + } - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); + if (left && ilen >= fill) { + memcpy((void *) (ctx->buffer + left), input, fill); - if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha256_process(ctx, ctx->buffer)) != 0) { + return ret; + } input += fill; ilen -= fill; left = 0; } - while( ilen >= 64 ) - { - if( ( ret = mbedtls_internal_sha256_process( ctx, input ) ) != 0 ) - return( ret ); + while (ilen >= 64) { + if ((ret = mbedtls_internal_sha256_process(ctx, input)) != 0) { + return ret; + } input += 64; ilen -= 64; } - if( ilen > 0 ) - memcpy( (void *) (ctx->buffer + left), input, ilen ); + if (ilen > 0) { + memcpy((void *) (ctx->buffer + left), input, ilen); + } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256_update( mbedtls_sha256_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_sha256_update(mbedtls_sha256_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_sha256_update_ret( ctx, input, ilen ); + mbedtls_sha256_update_ret(ctx, input, ilen); } #endif /* * SHA-256 final digest */ -int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, - unsigned char output[32] ) +int mbedtls_sha256_finish_ret(mbedtls_sha256_context *ctx, + unsigned char output[32]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; uint32_t high, low; - SHA256_VALIDATE_RET( ctx != NULL ); - SHA256_VALIDATE_RET( (unsigned char *)output != NULL ); + SHA256_VALIDATE_RET(ctx != NULL); + SHA256_VALIDATE_RET((unsigned char *) output != NULL); /* * Add padding: 0x80 then 0x00 until 8 bytes remain for the length @@ -339,57 +340,57 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, ctx->buffer[used++] = 0x80; - if( used <= 56 ) - { + if (used <= 56) { /* Enough room for padding + length in current block */ - memset( ctx->buffer + used, 0, 56 - used ); - } - else - { + memset(ctx->buffer + used, 0, 56 - used); + } else { /* We'll need an extra block */ - memset( ctx->buffer + used, 0, 64 - used ); + memset(ctx->buffer + used, 0, 64 - used); - if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha256_process(ctx, ctx->buffer)) != 0) { + return ret; + } - memset( ctx->buffer, 0, 56 ); + memset(ctx->buffer, 0, 56); } /* * Add message length */ - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); + high = (ctx->total[0] >> 29) + | (ctx->total[1] << 3); + low = (ctx->total[0] << 3); - MBEDTLS_PUT_UINT32_BE( high, ctx->buffer, 56 ); - MBEDTLS_PUT_UINT32_BE( low, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_BE(high, ctx->buffer, 56); + MBEDTLS_PUT_UINT32_BE(low, ctx->buffer, 60); - if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha256_process(ctx, ctx->buffer)) != 0) { + return ret; + } /* * Output final state */ - MBEDTLS_PUT_UINT32_BE( ctx->state[0], output, 0 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[1], output, 4 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[2], output, 8 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[3], output, 12 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[4], output, 16 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[5], output, 20 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[6], output, 24 ); - - if( ctx->is224 == 0 ) - MBEDTLS_PUT_UINT32_BE( ctx->state[7], output, 28 ); - - return( 0 ); + MBEDTLS_PUT_UINT32_BE(ctx->state[0], output, 0); + MBEDTLS_PUT_UINT32_BE(ctx->state[1], output, 4); + MBEDTLS_PUT_UINT32_BE(ctx->state[2], output, 8); + MBEDTLS_PUT_UINT32_BE(ctx->state[3], output, 12); + MBEDTLS_PUT_UINT32_BE(ctx->state[4], output, 16); + MBEDTLS_PUT_UINT32_BE(ctx->state[5], output, 20); + MBEDTLS_PUT_UINT32_BE(ctx->state[6], output, 24); + + if (ctx->is224 == 0) { + MBEDTLS_PUT_UINT32_BE(ctx->state[7], output, 28); + } + + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, - unsigned char output[32] ) +void mbedtls_sha256_finish(mbedtls_sha256_context *ctx, + unsigned char output[32]) { - mbedtls_sha256_finish_ret( ctx, output ); + mbedtls_sha256_finish_ret(ctx, output); } #endif @@ -398,42 +399,45 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, /* * output = SHA-256( input buffer ) */ -int mbedtls_sha256_ret( const unsigned char *input, - size_t ilen, - unsigned char output[32], - int is224 ) +int mbedtls_sha256_ret(const unsigned char *input, + size_t ilen, + unsigned char output[32], + int is224) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha256_context ctx; - SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); - SHA256_VALIDATE_RET( ilen == 0 || input != NULL ); - SHA256_VALIDATE_RET( (unsigned char *)output != NULL ); + SHA256_VALIDATE_RET(is224 == 0 || is224 == 1); + SHA256_VALIDATE_RET(ilen == 0 || input != NULL); + SHA256_VALIDATE_RET((unsigned char *) output != NULL); - mbedtls_sha256_init( &ctx ); + mbedtls_sha256_init(&ctx); - if( ( ret = mbedtls_sha256_starts_ret( &ctx, is224 ) ) != 0 ) + if ((ret = mbedtls_sha256_starts_ret(&ctx, is224)) != 0) { goto exit; + } - if( ( ret = mbedtls_sha256_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_sha256_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_sha256_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_sha256_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_sha256_free( &ctx ); + mbedtls_sha256_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256( const unsigned char *input, - size_t ilen, - unsigned char output[32], - int is224 ) +void mbedtls_sha256(const unsigned char *input, + size_t ilen, + unsigned char output[32], + int is224) { - mbedtls_sha256_ret( input, ilen, output, is224 ); + mbedtls_sha256_ret(input, ilen, output, is224); } #endif @@ -491,83 +495,85 @@ static const unsigned char sha256_test_sum[6][32] = /* * Checkup routine */ -int mbedtls_sha256_self_test( int verbose ) +int mbedtls_sha256_self_test(int verbose) { int i, j, k, buflen, ret = 0; unsigned char *buf; unsigned char sha256sum[32]; mbedtls_sha256_context ctx; - buf = mbedtls_calloc( 1024, sizeof(unsigned char) ); - if( NULL == buf ) - { - if( verbose != 0 ) - mbedtls_printf( "Buffer allocation failed\n" ); + buf = mbedtls_calloc(1024, sizeof(unsigned char)); + if (NULL == buf) { + if (verbose != 0) { + mbedtls_printf("Buffer allocation failed\n"); + } - return( 1 ); + return 1; } - mbedtls_sha256_init( &ctx ); + mbedtls_sha256_init(&ctx); - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { j = i % 3; k = i < 3; - if( verbose != 0 ) - mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 ); + if (verbose != 0) { + mbedtls_printf(" SHA-%d test #%d: ", 256 - k * 32, j + 1); + } - if( ( ret = mbedtls_sha256_starts_ret( &ctx, k ) ) != 0 ) + if ((ret = mbedtls_sha256_starts_ret(&ctx, k)) != 0) { goto fail; + } - if( j == 2 ) - { - memset( buf, 'a', buflen = 1000 ); + if (j == 2) { + memset(buf, 'a', buflen = 1000); - for( j = 0; j < 1000; j++ ) - { - ret = mbedtls_sha256_update_ret( &ctx, buf, buflen ); - if( ret != 0 ) + for (j = 0; j < 1000; j++) { + ret = mbedtls_sha256_update_ret(&ctx, buf, buflen); + if (ret != 0) { goto fail; + } } - } - else - { - ret = mbedtls_sha256_update_ret( &ctx, sha256_test_buf[j], - sha256_test_buflen[j] ); - if( ret != 0 ) - goto fail; + } else { + ret = mbedtls_sha256_update_ret(&ctx, sha256_test_buf[j], + sha256_test_buflen[j]); + if (ret != 0) { + goto fail; + } } - if( ( ret = mbedtls_sha256_finish_ret( &ctx, sha256sum ) ) != 0 ) + if ((ret = mbedtls_sha256_finish_ret(&ctx, sha256sum)) != 0) { goto fail; + } - if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 ) - { + if (memcmp(sha256sum, sha256_test_sum[i], 32 - k * 4) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } goto exit; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } exit: - mbedtls_sha256_free( &ctx ); - mbedtls_free( buf ); + mbedtls_sha256_free(&ctx); + mbedtls_free(buf); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/sha512.c b/library/sha512.c index 1a6872c8aabe..f6b7c1fbf1ea 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -41,13 +41,13 @@ #include "mbedtls/platform.h" #define SHA512_VALIDATE_RET(cond) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA512_BAD_INPUT_DATA ) -#define SHA512_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond ) + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_SHA512_BAD_INPUT_DATA) +#define SHA512_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE(cond) #if !defined(MBEDTLS_SHA512_ALT) #if defined(MBEDTLS_SHA512_SMALLER) -static void sha512_put_uint64_be( uint64_t n, unsigned char *b, uint8_t i ) +static void sha512_put_uint64_be(uint64_t n, unsigned char *b, uint8_t i) { MBEDTLS_PUT_UINT64_BE(n, b, i); } @@ -55,26 +55,27 @@ static void sha512_put_uint64_be( uint64_t n, unsigned char *b, uint8_t i ) #define sha512_put_uint64_be MBEDTLS_PUT_UINT64_BE #endif /* MBEDTLS_SHA512_SMALLER */ -void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) +void mbedtls_sha512_init(mbedtls_sha512_context *ctx) { - SHA512_VALIDATE( ctx != NULL ); + SHA512_VALIDATE(ctx != NULL); - memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); + memset(ctx, 0, sizeof(mbedtls_sha512_context)); } -void mbedtls_sha512_free( mbedtls_sha512_context *ctx ) +void mbedtls_sha512_free(mbedtls_sha512_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha512_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha512_context)); } -void mbedtls_sha512_clone( mbedtls_sha512_context *dst, - const mbedtls_sha512_context *src ) +void mbedtls_sha512_clone(mbedtls_sha512_context *dst, + const mbedtls_sha512_context *src) { - SHA512_VALIDATE( dst != NULL ); - SHA512_VALIDATE( src != NULL ); + SHA512_VALIDATE(dst != NULL); + SHA512_VALIDATE(src != NULL); *dst = *src; } @@ -82,20 +83,19 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, /* * SHA-512 context setup */ -int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) +int mbedtls_sha512_starts_ret(mbedtls_sha512_context *ctx, int is384) { - SHA512_VALIDATE_RET( ctx != NULL ); + SHA512_VALIDATE_RET(ctx != NULL); #if !defined(MBEDTLS_SHA512_NO_SHA384) - SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); + SHA512_VALIDATE_RET(is384 == 0 || is384 == 1); #else - SHA512_VALIDATE_RET( is384 == 0 ); + SHA512_VALIDATE_RET(is384 == 0); #endif ctx->total[0] = 0; ctx->total[1] = 0; - if( is384 == 0 ) - { + if (is384 == 0) { /* SHA-512 */ ctx->state[0] = UL64(0x6A09E667F3BCC908); ctx->state[1] = UL64(0xBB67AE8584CAA73B); @@ -105,11 +105,9 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) ctx->state[5] = UL64(0x9B05688C2B3E6C1F); ctx->state[6] = UL64(0x1F83D9ABFB41BD6B); ctx->state[7] = UL64(0x5BE0CD19137E2179); - } - else - { + } else { #if defined(MBEDTLS_SHA512_NO_SHA384) - return( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA ); + return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; #else /* SHA-384 */ ctx->state[0] = UL64(0xCBBB9D5DC1059ED8); @@ -127,14 +125,14 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) ctx->is384 = is384; #endif - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, - int is384 ) +void mbedtls_sha512_starts(mbedtls_sha512_context *ctx, + int is384) { - mbedtls_sha512_starts_ret( ctx, is384 ); + mbedtls_sha512_starts_ret(ctx, is384); } #endif @@ -187,57 +185,53 @@ static const uint64_t K[80] = UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817) }; -int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, - const unsigned char data[128] ) +int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, + const unsigned char data[128]) { int i; - struct - { + struct { uint64_t temp1, temp2, W[80]; uint64_t A[8]; } local; - SHA512_VALIDATE_RET( ctx != NULL ); - SHA512_VALIDATE_RET( (const unsigned char *)data != NULL ); + SHA512_VALIDATE_RET(ctx != NULL); + SHA512_VALIDATE_RET((const unsigned char *) data != NULL); -#define SHR(x,n) ((x) >> (n)) -#define ROTR(x,n) (SHR((x),(n)) | ((x) << (64 - (n)))) +#define SHR(x, n) ((x) >> (n)) +#define ROTR(x, n) (SHR((x), (n)) | ((x) << (64 - (n)))) #define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7)) -#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x, 6)) +#define S1(x) (ROTR(x, 19) ^ ROTR(x, 61) ^ SHR(x, 6)) -#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39)) -#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41)) +#define S2(x) (ROTR(x, 28) ^ ROTR(x, 34) ^ ROTR(x, 39)) +#define S3(x) (ROTR(x, 14) ^ ROTR(x, 18) ^ ROTR(x, 41)) -#define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y)))) -#define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) +#define F0(x, y, z) (((x) & (y)) | ((z) & ((x) | (y)))) +#define F1(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) -#define P(a,b,c,d,e,f,g,h,x,K) \ +#define P(a, b, c, d, e, f, g, h, x, K) \ do \ { \ - local.temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \ - local.temp2 = S2(a) + F0((a),(b),(c)); \ + local.temp1 = (h) + S3(e) + F1((e), (f), (g)) + (K) + (x); \ + local.temp2 = S2(a) + F0((a), (b), (c)); \ (d) += local.temp1; (h) = local.temp1 + local.temp2; \ - } while( 0 ) + } while (0) - for( i = 0; i < 8; i++ ) + for (i = 0; i < 8; i++) { local.A[i] = ctx->state[i]; + } #if defined(MBEDTLS_SHA512_SMALLER) - for( i = 0; i < 80; i++ ) - { - if( i < 16 ) - { - local.W[i] = MBEDTLS_GET_UINT64_BE( data, i << 3 ); - } - else - { + for (i = 0; i < 80; i++) { + if (i < 16) { + local.W[i] = MBEDTLS_GET_UINT64_BE(data, i << 3); + } else { local.W[i] = S1(local.W[i - 2]) + local.W[i - 7] + - S0(local.W[i - 15]) + local.W[i - 16]; + S0(local.W[i - 15]) + local.W[i - 16]; } - P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], - local.A[5], local.A[6], local.A[7], local.W[i], K[i] ); + P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], + local.A[5], local.A[6], local.A[7], local.W[i], K[i]); local.temp1 = local.A[7]; local.A[7] = local.A[6]; local.A[6] = local.A[5]; local.A[5] = local.A[4]; @@ -246,54 +240,51 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, local.A[0] = local.temp1; } #else /* MBEDTLS_SHA512_SMALLER */ - for( i = 0; i < 16; i++ ) - { - local.W[i] = MBEDTLS_GET_UINT64_BE( data, i << 3 ); + for (i = 0; i < 16; i++) { + local.W[i] = MBEDTLS_GET_UINT64_BE(data, i << 3); } - for( ; i < 80; i++ ) - { + for (; i < 80; i++) { local.W[i] = S1(local.W[i - 2]) + local.W[i - 7] + - S0(local.W[i - 15]) + local.W[i - 16]; + S0(local.W[i - 15]) + local.W[i - 16]; } i = 0; - do - { - P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], - local.A[5], local.A[6], local.A[7], local.W[i], K[i] ); i++; - P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3], - local.A[4], local.A[5], local.A[6], local.W[i], K[i] ); i++; - P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2], - local.A[3], local.A[4], local.A[5], local.W[i], K[i] ); i++; - P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1], - local.A[2], local.A[3], local.A[4], local.W[i], K[i] ); i++; - P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0], - local.A[1], local.A[2], local.A[3], local.W[i], K[i] ); i++; - P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7], - local.A[0], local.A[1], local.A[2], local.W[i], K[i] ); i++; - P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6], - local.A[7], local.A[0], local.A[1], local.W[i], K[i] ); i++; - P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5], - local.A[6], local.A[7], local.A[0], local.W[i], K[i] ); i++; - } - while( i < 80 ); + do { + P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], + local.A[5], local.A[6], local.A[7], local.W[i], K[i]); i++; + P(local.A[7], local.A[0], local.A[1], local.A[2], local.A[3], + local.A[4], local.A[5], local.A[6], local.W[i], K[i]); i++; + P(local.A[6], local.A[7], local.A[0], local.A[1], local.A[2], + local.A[3], local.A[4], local.A[5], local.W[i], K[i]); i++; + P(local.A[5], local.A[6], local.A[7], local.A[0], local.A[1], + local.A[2], local.A[3], local.A[4], local.W[i], K[i]); i++; + P(local.A[4], local.A[5], local.A[6], local.A[7], local.A[0], + local.A[1], local.A[2], local.A[3], local.W[i], K[i]); i++; + P(local.A[3], local.A[4], local.A[5], local.A[6], local.A[7], + local.A[0], local.A[1], local.A[2], local.W[i], K[i]); i++; + P(local.A[2], local.A[3], local.A[4], local.A[5], local.A[6], + local.A[7], local.A[0], local.A[1], local.W[i], K[i]); i++; + P(local.A[1], local.A[2], local.A[3], local.A[4], local.A[5], + local.A[6], local.A[7], local.A[0], local.W[i], K[i]); i++; + } while (i < 80); #endif /* MBEDTLS_SHA512_SMALLER */ - for( i = 0; i < 8; i++ ) + for (i = 0; i < 8; i++) { ctx->state[i] += local.A[i]; + } /* Zeroise buffers and variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); + mbedtls_platform_zeroize(&local, sizeof(local)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512_process( mbedtls_sha512_context *ctx, - const unsigned char data[128] ) +void mbedtls_sha512_process(mbedtls_sha512_context *ctx, + const unsigned char data[128]) { - mbedtls_internal_sha512_process( ctx, data ); + mbedtls_internal_sha512_process(ctx, data); } #endif #endif /* !MBEDTLS_SHA512_PROCESS_ALT */ @@ -301,76 +292,79 @@ void mbedtls_sha512_process( mbedtls_sha512_context *ctx, /* * SHA-512 process buffer */ -int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_sha512_update_ret(mbedtls_sha512_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; unsigned int left; - SHA512_VALIDATE_RET( ctx != NULL ); - SHA512_VALIDATE_RET( ilen == 0 || input != NULL ); + SHA512_VALIDATE_RET(ctx != NULL); + SHA512_VALIDATE_RET(ilen == 0 || input != NULL); - if( ilen == 0 ) - return( 0 ); + if (ilen == 0) { + return 0; + } left = (unsigned int) (ctx->total[0] & 0x7F); fill = 128 - left; ctx->total[0] += (uint64_t) ilen; - if( ctx->total[0] < (uint64_t) ilen ) + if (ctx->total[0] < (uint64_t) ilen) { ctx->total[1]++; + } - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); + if (left && ilen >= fill) { + memcpy((void *) (ctx->buffer + left), input, fill); - if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha512_process(ctx, ctx->buffer)) != 0) { + return ret; + } input += fill; ilen -= fill; left = 0; } - while( ilen >= 128 ) - { - if( ( ret = mbedtls_internal_sha512_process( ctx, input ) ) != 0 ) - return( ret ); + while (ilen >= 128) { + if ((ret = mbedtls_internal_sha512_process(ctx, input)) != 0) { + return ret; + } input += 128; ilen -= 128; } - if( ilen > 0 ) - memcpy( (void *) (ctx->buffer + left), input, ilen ); + if (ilen > 0) { + memcpy((void *) (ctx->buffer + left), input, ilen); + } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512_update( mbedtls_sha512_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_sha512_update(mbedtls_sha512_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_sha512_update_ret( ctx, input, ilen ); + mbedtls_sha512_update_ret(ctx, input, ilen); } #endif /* * SHA-512 final digest */ -int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, - unsigned char output[64] ) +int mbedtls_sha512_finish_ret(mbedtls_sha512_context *ctx, + unsigned char output[64]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned used; uint64_t high, low; - SHA512_VALIDATE_RET( ctx != NULL ); - SHA512_VALIDATE_RET( (unsigned char *)output != NULL ); + SHA512_VALIDATE_RET(ctx != NULL); + SHA512_VALIDATE_RET((unsigned char *) output != NULL); /* * Add padding: 0x80 then 0x00 until 16 bytes remain for the length @@ -379,63 +373,61 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, ctx->buffer[used++] = 0x80; - if( used <= 112 ) - { + if (used <= 112) { /* Enough room for padding + length in current block */ - memset( ctx->buffer + used, 0, 112 - used ); - } - else - { + memset(ctx->buffer + used, 0, 112 - used); + } else { /* We'll need an extra block */ - memset( ctx->buffer + used, 0, 128 - used ); + memset(ctx->buffer + used, 0, 128 - used); - if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha512_process(ctx, ctx->buffer)) != 0) { + return ret; + } - memset( ctx->buffer, 0, 112 ); + memset(ctx->buffer, 0, 112); } /* * Add message length */ - high = ( ctx->total[0] >> 61 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); + high = (ctx->total[0] >> 61) + | (ctx->total[1] << 3); + low = (ctx->total[0] << 3); - sha512_put_uint64_be( high, ctx->buffer, 112 ); - sha512_put_uint64_be( low, ctx->buffer, 120 ); + sha512_put_uint64_be(high, ctx->buffer, 112); + sha512_put_uint64_be(low, ctx->buffer, 120); - if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha512_process(ctx, ctx->buffer)) != 0) { + return ret; + } /* * Output final state */ - sha512_put_uint64_be( ctx->state[0], output, 0 ); - sha512_put_uint64_be( ctx->state[1], output, 8 ); - sha512_put_uint64_be( ctx->state[2], output, 16 ); - sha512_put_uint64_be( ctx->state[3], output, 24 ); - sha512_put_uint64_be( ctx->state[4], output, 32 ); - sha512_put_uint64_be( ctx->state[5], output, 40 ); + sha512_put_uint64_be(ctx->state[0], output, 0); + sha512_put_uint64_be(ctx->state[1], output, 8); + sha512_put_uint64_be(ctx->state[2], output, 16); + sha512_put_uint64_be(ctx->state[3], output, 24); + sha512_put_uint64_be(ctx->state[4], output, 32); + sha512_put_uint64_be(ctx->state[5], output, 40); int truncated = 0; #if !defined(MBEDTLS_SHA512_NO_SHA384) truncated = ctx->is384; #endif - if( !truncated ) - { - sha512_put_uint64_be( ctx->state[6], output, 48 ); - sha512_put_uint64_be( ctx->state[7], output, 56 ); + if (!truncated) { + sha512_put_uint64_be(ctx->state[6], output, 48); + sha512_put_uint64_be(ctx->state[7], output, 56); } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, - unsigned char output[64] ) +void mbedtls_sha512_finish(mbedtls_sha512_context *ctx, + unsigned char output[64]) { - mbedtls_sha512_finish_ret( ctx, output ); + mbedtls_sha512_finish_ret(ctx, output); } #endif @@ -444,46 +436,49 @@ void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, /* * output = SHA-512( input buffer ) */ -int mbedtls_sha512_ret( const unsigned char *input, - size_t ilen, - unsigned char output[64], - int is384 ) +int mbedtls_sha512_ret(const unsigned char *input, + size_t ilen, + unsigned char output[64], + int is384) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha512_context ctx; #if !defined(MBEDTLS_SHA512_NO_SHA384) - SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); + SHA512_VALIDATE_RET(is384 == 0 || is384 == 1); #else - SHA512_VALIDATE_RET( is384 == 0 ); + SHA512_VALIDATE_RET(is384 == 0); #endif - SHA512_VALIDATE_RET( ilen == 0 || input != NULL ); - SHA512_VALIDATE_RET( (unsigned char *)output != NULL ); + SHA512_VALIDATE_RET(ilen == 0 || input != NULL); + SHA512_VALIDATE_RET((unsigned char *) output != NULL); - mbedtls_sha512_init( &ctx ); + mbedtls_sha512_init(&ctx); - if( ( ret = mbedtls_sha512_starts_ret( &ctx, is384 ) ) != 0 ) + if ((ret = mbedtls_sha512_starts_ret(&ctx, is384)) != 0) { goto exit; + } - if( ( ret = mbedtls_sha512_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_sha512_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_sha512_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_sha512_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_sha512_free( &ctx ); + mbedtls_sha512_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512( const unsigned char *input, - size_t ilen, - unsigned char output[64], - int is384 ) +void mbedtls_sha512(const unsigned char *input, + size_t ilen, + unsigned char output[64], + int is384) { - mbedtls_sha512_ret( input, ilen, output, is384 ); + mbedtls_sha512_ret(input, ilen, output, is384); } #endif @@ -495,7 +490,9 @@ void mbedtls_sha512( const unsigned char *input, static const unsigned char sha512_test_buf[3][113] = { { "abc" }, - { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" }, + { + "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" + }, { "" } }; @@ -559,31 +556,30 @@ static const unsigned char sha512_test_sum[][64] = 0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B } }; -#define ARRAY_LENGTH( a ) ( sizeof( a ) / sizeof( ( a )[0] ) ) +#define ARRAY_LENGTH(a) (sizeof(a) / sizeof((a)[0])) /* * Checkup routine */ -int mbedtls_sha512_self_test( int verbose ) +int mbedtls_sha512_self_test(int verbose) { int i, j, k, buflen, ret = 0; unsigned char *buf; unsigned char sha512sum[64]; mbedtls_sha512_context ctx; - buf = mbedtls_calloc( 1024, sizeof(unsigned char) ); - if( NULL == buf ) - { - if( verbose != 0 ) - mbedtls_printf( "Buffer allocation failed\n" ); + buf = mbedtls_calloc(1024, sizeof(unsigned char)); + if (NULL == buf) { + if (verbose != 0) { + mbedtls_printf("Buffer allocation failed\n"); + } - return( 1 ); + return 1; } - mbedtls_sha512_init( &ctx ); + mbedtls_sha512_init(&ctx); - for( i = 0; i < (int) ARRAY_LENGTH(sha512_test_sum); i++ ) - { + for (i = 0; i < (int) ARRAY_LENGTH(sha512_test_sum); i++) { j = i % 3; #if !defined(MBEDTLS_SHA512_NO_SHA384) k = i < 3; @@ -591,58 +587,61 @@ int mbedtls_sha512_self_test( int verbose ) k = 0; #endif - if( verbose != 0 ) - mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); + if (verbose != 0) { + mbedtls_printf(" SHA-%d test #%d: ", 512 - k * 128, j + 1); + } - if( ( ret = mbedtls_sha512_starts_ret( &ctx, k ) ) != 0 ) + if ((ret = mbedtls_sha512_starts_ret(&ctx, k)) != 0) { goto fail; + } - if( j == 2 ) - { - memset( buf, 'a', buflen = 1000 ); + if (j == 2) { + memset(buf, 'a', buflen = 1000); - for( j = 0; j < 1000; j++ ) - { - ret = mbedtls_sha512_update_ret( &ctx, buf, buflen ); - if( ret != 0 ) + for (j = 0; j < 1000; j++) { + ret = mbedtls_sha512_update_ret(&ctx, buf, buflen); + if (ret != 0) { goto fail; + } } - } - else - { - ret = mbedtls_sha512_update_ret( &ctx, sha512_test_buf[j], - sha512_test_buflen[j] ); - if( ret != 0 ) + } else { + ret = mbedtls_sha512_update_ret(&ctx, sha512_test_buf[j], + sha512_test_buflen[j]); + if (ret != 0) { goto fail; + } } - if( ( ret = mbedtls_sha512_finish_ret( &ctx, sha512sum ) ) != 0 ) + if ((ret = mbedtls_sha512_finish_ret(&ctx, sha512sum)) != 0) { goto fail; + } - if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 ) - { + if (memcmp(sha512sum, sha512_test_sum[i], 64 - k * 16) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } goto exit; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } exit: - mbedtls_sha512_free( &ctx ); - mbedtls_free( buf ); + mbedtls_sha512_free(&ctx); + mbedtls_free(buf); - return( ret ); + return ret; } #undef ARRAY_LENGTH diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 7a600cad1808..0f0e61077c38 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -32,83 +32,79 @@ #include -void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ) +void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache) { - memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) ); + memset(cache, 0, sizeof(mbedtls_ssl_cache_context)); cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT; cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES; #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &cache->mutex ); + mbedtls_mutex_init(&cache->mutex); #endif } -int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) +int mbedtls_ssl_cache_get(void *data, mbedtls_ssl_session *session) { int ret = 1; #if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t t = mbedtls_time( NULL ); + mbedtls_time_t t = mbedtls_time(NULL); #endif mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; mbedtls_ssl_cache_entry *cur, *entry; #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_lock( &cache->mutex ) != 0 ) - return( 1 ); + if (mbedtls_mutex_lock(&cache->mutex) != 0) { + return 1; + } #endif cur = cache->chain; entry = NULL; - while( cur != NULL ) - { + while (cur != NULL) { entry = cur; cur = cur->next; #if defined(MBEDTLS_HAVE_TIME) - if( cache->timeout != 0 && - (int) ( t - entry->timestamp ) > cache->timeout ) + if (cache->timeout != 0 && + (int) (t - entry->timestamp) > cache->timeout) { continue; + } #endif - if( session->id_len != entry->session.id_len || - memcmp( session->id, entry->session.id, - entry->session.id_len ) != 0 ) - { + if (session->id_len != entry->session.id_len || + memcmp(session->id, entry->session.id, + entry->session.id_len) != 0) { continue; } - ret = mbedtls_ssl_session_copy( session, &entry->session ); - if( ret != 0 ) - { + ret = mbedtls_ssl_session_copy(session, &entry->session); + if (ret != 0) { ret = 1; goto exit; } #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* * Restore peer certificate (without rest of the original chain) */ - if( entry->peer_cert.p != NULL ) - { + if (entry->peer_cert.p != NULL) { /* `session->peer_cert` is NULL after the call to * mbedtls_ssl_session_copy(), because cache entries * have the `peer_cert` field set to NULL. */ - if( ( session->peer_cert = mbedtls_calloc( 1, - sizeof(mbedtls_x509_crt) ) ) == NULL ) - { + if ((session->peer_cert = mbedtls_calloc(1, + sizeof(mbedtls_x509_crt))) == NULL) { ret = 1; goto exit; } - mbedtls_x509_crt_init( session->peer_cert ); - if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p, - entry->peer_cert.len ) != 0 ) - { - mbedtls_free( session->peer_cert ); + mbedtls_x509_crt_init(session->peer_cert); + if (mbedtls_x509_crt_parse(session->peer_cert, entry->peer_cert.p, + entry->peer_cert.len) != 0) { + mbedtls_free(session->peer_cert); session->peer_cert = NULL; ret = 1; goto exit; @@ -122,18 +118,19 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) exit: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) + if (mbedtls_mutex_unlock(&cache->mutex) != 0) { ret = 1; + } #endif - return( ret ); + return ret; } -int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) +int mbedtls_ssl_cache_set(void *data, const mbedtls_ssl_session *session) { int ret = 1; #if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t t = mbedtls_time( NULL ), oldest = 0; + mbedtls_time_t t = mbedtls_time(NULL), oldest = 0; mbedtls_ssl_cache_entry *old = NULL; #endif mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; @@ -141,32 +138,31 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) int count = 0; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&cache->mutex)) != 0) { + return ret; + } #endif cur = cache->chain; prv = NULL; - while( cur != NULL ) - { + while (cur != NULL) { count++; #if defined(MBEDTLS_HAVE_TIME) - if( cache->timeout != 0 && - (int) ( t - cur->timestamp ) > cache->timeout ) - { + if (cache->timeout != 0 && + (int) (t - cur->timestamp) > cache->timeout) { cur->timestamp = t; break; /* expired, reuse this slot, update timestamp */ } #endif - if( memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 ) + if (memcmp(session->id, cur->session.id, cur->session.id_len) == 0) { break; /* client reconnected, keep timestamp for session id */ + } #if defined(MBEDTLS_HAVE_TIME) - if( oldest == 0 || cur->timestamp < oldest ) - { + if (oldest == 0 || cur->timestamp < oldest) { oldest = cur->timestamp; old = cur; } @@ -176,16 +172,13 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) cur = cur->next; } - if( cur == NULL ) - { + if (cur == NULL) { #if defined(MBEDTLS_HAVE_TIME) /* * Reuse oldest entry if max_entries reached */ - if( count >= cache->max_entries ) - { - if( old == NULL ) - { + if (count >= cache->max_entries) { + if (old == NULL) { ret = 1; goto exit; } @@ -197,10 +190,8 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) * Reuse first entry in chain if max_entries reached, * but move to last place */ - if( count >= cache->max_entries ) - { - if( cache->chain == NULL ) - { + if (count >= cache->max_entries) { + if (cache->chain == NULL) { ret = 1; goto exit; } @@ -211,22 +202,21 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) prv->next = cur; } #endif /* MBEDTLS_HAVE_TIME */ - else - { + else { /* * max_entries not reached, create new entry */ - cur = mbedtls_calloc( 1, sizeof(mbedtls_ssl_cache_entry) ); - if( cur == NULL ) - { + cur = mbedtls_calloc(1, sizeof(mbedtls_ssl_cache_entry)); + if (cur == NULL) { ret = 1; goto exit; } - if( prv == NULL ) + if (prv == NULL) { cache->chain = cur; - else + } else { prv->next = cur; + } } #if defined(MBEDTLS_HAVE_TIME) @@ -239,10 +229,9 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) /* * If we're reusing an entry, free its certificate first */ - if( cur->peer_cert.p != NULL ) - { - mbedtls_free( cur->peer_cert.p ); - memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); + if (cur->peer_cert.p != NULL) { + mbedtls_free(cur->peer_cert.p); + memset(&cur->peer_cert, 0, sizeof(mbedtls_x509_buf)); } #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ @@ -251,9 +240,8 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) * This inefficiency will go away as soon as we implement on-demand * parsing of CRTs, in which case there's no need for the `peer_cert` * field anymore in the first place, and we're done after this call. */ - ret = mbedtls_ssl_session_copy( &cur->session, session ); - if( ret != 0 ) - { + ret = mbedtls_ssl_session_copy(&cur->session, session); + if (ret != 0) { ret = 1; goto exit; } @@ -261,23 +249,21 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* If present, free the X.509 structure and only store the raw CRT data. */ - if( cur->session.peer_cert != NULL ) - { + if (cur->session.peer_cert != NULL) { cur->peer_cert.p = - mbedtls_calloc( 1, cur->session.peer_cert->raw.len ); - if( cur->peer_cert.p == NULL ) - { + mbedtls_calloc(1, cur->session.peer_cert->raw.len); + if (cur->peer_cert.p == NULL) { ret = 1; goto exit; } - memcpy( cur->peer_cert.p, - cur->session.peer_cert->raw.p, - cur->session.peer_cert->raw.len ); + memcpy(cur->peer_cert.p, + cur->session.peer_cert->raw.p, + cur->session.peer_cert->raw.len); cur->peer_cert.len = session->peer_cert->raw.len; - mbedtls_x509_crt_free( cur->session.peer_cert ); - mbedtls_free( cur->session.peer_cert ); + mbedtls_x509_crt_free(cur->session.peer_cert); + mbedtls_free(cur->session.peer_cert); cur->session.peer_cert = NULL; } #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ @@ -286,52 +272,56 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) exit: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) + if (mbedtls_mutex_unlock(&cache->mutex) != 0) { ret = 1; + } #endif - return( ret ); + return ret; } #if defined(MBEDTLS_HAVE_TIME) -void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ) +void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout) { - if( timeout < 0 ) timeout = 0; + if (timeout < 0) { + timeout = 0; + } cache->timeout = timeout; } #endif /* MBEDTLS_HAVE_TIME */ -void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ) +void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max) { - if( max < 0 ) max = 0; + if (max < 0) { + max = 0; + } cache->max_entries = max; } -void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ) +void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache) { mbedtls_ssl_cache_entry *cur, *prv; cur = cache->chain; - while( cur != NULL ) - { + while (cur != NULL) { prv = cur; cur = cur->next; - mbedtls_ssl_session_free( &prv->session ); + mbedtls_ssl_session_free(&prv->session); #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_free( prv->peer_cert.p ); + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + mbedtls_free(prv->peer_cert.p); #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - mbedtls_free( prv ); + mbedtls_free(prv); } #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &cache->mutex ); + mbedtls_mutex_free(&cache->mutex); #endif cache->chain = NULL; } diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 2bc8a9bba053..b37921a1eb78 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -455,14 +455,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -472,14 +474,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, + "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, + "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -574,14 +578,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, + "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -591,14 +597,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, + "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, + "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -982,14 +990,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, + "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, + "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -999,14 +1009,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, + "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, + "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1101,14 +1113,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1118,14 +1132,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, + "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, + "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1478,7 +1494,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", + { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, + "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1486,7 +1503,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", + { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, + "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1808,7 +1826,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-RSA-WITH-ARIA-256-GCM-SHA384", + "TLS-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1816,7 +1834,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-RSA-WITH-ARIA-256-CBC-SHA384", + "TLS-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1824,7 +1842,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-RSA-WITH-ARIA-128-GCM-SHA256", + "TLS-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1832,7 +1850,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-RSA-WITH-ARIA-128-CBC-SHA256", + "TLS-RSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1845,7 +1863,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, - "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", + "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1853,7 +1871,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", + "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1861,7 +1879,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, - "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256", + "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1869,7 +1887,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256", + "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1882,15 +1900,15 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, - "TLS-PSK-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK, + "TLS-PSK-WITH-ARIA-256-GCM-SHA384", + MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-PSK-WITH-ARIA-256-CBC-SHA384", + "TLS-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1898,7 +1916,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, - "TLS-PSK-WITH-ARIA-128-GCM-SHA256", + "TLS-PSK-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1906,7 +1924,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-PSK-WITH-ARIA-128-CBC-SHA256", + "TLS-PSK-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1919,7 +1937,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", + "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1927,7 +1945,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", + "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1935,7 +1953,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", + "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1943,7 +1961,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", + "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1956,7 +1974,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", + "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1964,7 +1982,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", + "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1972,7 +1990,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", + "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1980,7 +1998,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", + "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1993,7 +2011,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", + "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2001,7 +2019,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", + "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2014,7 +2032,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", + "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2022,7 +2040,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", + "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2030,7 +2048,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", + "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2038,7 +2056,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", + "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2051,7 +2069,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", + "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2059,7 +2077,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", + "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2067,7 +2085,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", + "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2075,7 +2093,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", + "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2088,7 +2106,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", + "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2096,7 +2114,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", + "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2104,7 +2122,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", + "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2112,7 +2130,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", + "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2125,7 +2143,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, - "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", + "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2133,7 +2151,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", + "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2141,7 +2159,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, - "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", + "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2149,7 +2167,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", + "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2167,56 +2185,53 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = }; #if defined(MBEDTLS_SSL_CIPHERSUITES) -const int *mbedtls_ssl_list_ciphersuites( void ) +const int *mbedtls_ssl_list_ciphersuites(void) { - return( ciphersuite_preference ); + return ciphersuite_preference; } #else -#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \ - sizeof( ciphersuite_definitions[0] ) +#define MAX_CIPHERSUITES sizeof(ciphersuite_definitions) / \ + sizeof(ciphersuite_definitions[0]) static int supported_ciphersuites[MAX_CIPHERSUITES]; static int supported_init = 0; MBEDTLS_CHECK_RETURN_CRITICAL -static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info ) +static int ciphersuite_is_removed(const mbedtls_ssl_ciphersuite_t *cs_info) { - (void)cs_info; + (void) cs_info; #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) - if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - return( 1 ); + if (cs_info->cipher == MBEDTLS_CIPHER_ARC4_128) { + return 1; + } #endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) - if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB || - cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC ) - { - return( 1 ); + if (cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB || + cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC) { + return 1; } #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ - return( 0 ); + return 0; } -const int *mbedtls_ssl_list_ciphersuites( void ) +const int *mbedtls_ssl_list_ciphersuites(void) { /* * On initial call filter out all ciphersuites not supported by current * build based on presence in the ciphersuite_definitions. */ - if( supported_init == 0 ) - { + if (supported_init == 0) { const int *p; int *q; - for( p = ciphersuite_preference, q = supported_ciphersuites; + for (p = ciphersuite_preference, q = supported_ciphersuites; *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; - p++ ) - { + p++) { const mbedtls_ssl_ciphersuite_t *cs_info; - if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL && - !ciphersuite_is_removed( cs_info ) ) - { + if ((cs_info = mbedtls_ssl_ciphersuite_from_id(*p)) != NULL && + !ciphersuite_is_removed(cs_info)) { *(q++) = *p; } } @@ -2225,105 +2240,106 @@ const int *mbedtls_ssl_list_ciphersuites( void ) supported_init = 1; } - return( supported_ciphersuites ); + return supported_ciphersuites; } #endif /* MBEDTLS_SSL_CIPHERSUITES */ const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( - const char *ciphersuite_name ) + const char *ciphersuite_name) { const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; - if( NULL == ciphersuite_name ) - return( NULL ); + if (NULL == ciphersuite_name) { + return NULL; + } - while( cur->id != 0 ) - { - if( 0 == strcmp( cur->name, ciphersuite_name ) ) - return( cur ); + while (cur->id != 0) { + if (0 == strcmp(cur->name, ciphersuite_name)) { + return cur; + } cur++; } - return( NULL ); + return NULL; } -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite ) +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite) { const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; - while( cur->id != 0 ) - { - if( cur->id == ciphersuite ) - return( cur ); + while (cur->id != 0) { + if (cur->id == ciphersuite) { + return cur; + } cur++; } - return( NULL ); + return NULL; } -const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ) +const char *mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id) { const mbedtls_ssl_ciphersuite_t *cur; - cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); + cur = mbedtls_ssl_ciphersuite_from_id(ciphersuite_id); - if( cur == NULL ) - return( "unknown" ); + if (cur == NULL) { + return "unknown"; + } - return( cur->name ); + return cur->name; } -int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) +int mbedtls_ssl_get_ciphersuite_id(const char *ciphersuite_name) { const mbedtls_ssl_ciphersuite_t *cur; - cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name ); + cur = mbedtls_ssl_ciphersuite_from_string(ciphersuite_name); - if( cur == NULL ) - return( 0 ); + if (cur == NULL) { + return 0; + } - return( cur->id ); + return cur->id; } #if defined(MBEDTLS_PK_C) -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ) +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - return( MBEDTLS_PK_RSA ); + return MBEDTLS_PK_RSA; case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( MBEDTLS_PK_ECDSA ); + return MBEDTLS_PK_ECDSA; case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - return( MBEDTLS_PK_ECKEY ); + return MBEDTLS_PK_ECKEY; default: - return( MBEDTLS_PK_NONE ); + return MBEDTLS_PK_NONE; } } -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ) +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - return( MBEDTLS_PK_RSA ); + return MBEDTLS_PK_RSA; case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( MBEDTLS_PK_ECDSA ); + return MBEDTLS_PK_ECDSA; default: - return( MBEDTLS_PK_NONE ); + return MBEDTLS_PK_NONE; } } @@ -2331,37 +2347,35 @@ mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphers #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ) +int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ) +int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_PSK: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: case MBEDTLS_KEY_EXCHANGE_DHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index b40ddb70b4e7..b693d53031b2 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -48,39 +48,40 @@ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_conf_has_static_psk( mbedtls_ssl_config const *conf ) +static int ssl_conf_has_static_psk(mbedtls_ssl_config const *conf) { - if( conf->psk_identity == NULL || - conf->psk_identity_len == 0 ) - { - return( 0 ); + if (conf->psk_identity == NULL || + conf->psk_identity_len == 0) { + return 0; } - if( conf->psk != NULL && conf->psk_len != 0 ) - return( 1 ); + if (conf->psk != NULL && conf->psk_len != 0) { + return 1; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) ) - return( 1 ); + if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) { + return 1; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - return( 0 ); + return 0; } #if defined(MBEDTLS_USE_PSA_CRYPTO) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_conf_has_static_raw_psk( mbedtls_ssl_config const *conf ) +static int ssl_conf_has_static_raw_psk(mbedtls_ssl_config const *conf) { - if( conf->psk_identity == NULL || - conf->psk_identity_len == 0 ) - { - return( 0 ); + if (conf->psk_identity == NULL || + conf->psk_identity_len == 0) { + return 0; } - if( conf->psk != NULL && conf->psk_len != 0 ) - return( 1 ); + if (conf->psk != NULL && conf->psk_len != 0) { + return 1; + } - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -88,26 +89,27 @@ static int ssl_conf_has_static_raw_psk( mbedtls_ssl_config const *conf ) #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_hostname_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; size_t hostname_len; *olen = 0; - if( ssl->hostname == NULL ) - return( 0 ); + if (ssl->hostname == NULL) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding server name extension: %s", - ssl->hostname ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding server name extension: %s", + ssl->hostname)); - hostname_len = strlen( ssl->hostname ); + hostname_len = strlen(ssl->hostname); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, hostname_len + 9 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, hostname_len + 9); /* * Sect. 3, RFC 6066 (TLS Extensions Definitions) @@ -135,34 +137,34 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * } ServerNameList; * */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SERVERNAME, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SERVERNAME, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( hostname_len + 5, p, 0 ); + MBEDTLS_PUT_UINT16_BE(hostname_len + 5, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( hostname_len + 3, p, 0 ); + MBEDTLS_PUT_UINT16_BE(hostname_len + 3, p, 0); p += 2; - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); + *p++ = MBEDTLS_BYTE_0(MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME); - MBEDTLS_PUT_UINT16_BE( hostname_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(hostname_len, p, 0); p += 2; - memcpy( p, ssl->hostname, hostname_len ); + memcpy(p, ssl->hostname, hostname_len); *olen = hostname_len + 9; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_SSL_RENEGOTIATION) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_renegotiation_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; @@ -171,29 +173,30 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, /* We're always including a TLS_EMPTY_RENEGOTIATION_INFO_SCSV in the * initial ClientHello, in which case also adding the renegotiation * info extension is NOT RECOMMENDED as per RFC 5746 Section 3.4. */ - if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - return( 0 ); + if (ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding renegotiation extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding renegotiation extension")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 + ssl->verify_data_len ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 5 + ssl->verify_data_len); /* * Secure renegotiation */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0); p += 2; *p++ = 0x00; - *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len + 1 ); - *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len ); + *p++ = MBEDTLS_BYTE_0(ssl->verify_data_len + 1); + *p++ = MBEDTLS_BYTE_0(ssl->verify_data_len); - memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); + memcpy(p, ssl->own_verify_data, ssl->verify_data_len); *olen = 5 + ssl->verify_data_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ @@ -203,10 +206,10 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_signature_algorithms_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; size_t sig_alg_len = 0; @@ -218,50 +221,50 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, *olen = 0; - if( ssl->conf->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - return( 0 ); + if (ssl->conf->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding signature_algorithms extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding signature_algorithms extension")); - if( ssl->conf->sig_hashes == NULL ) - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + if (ssl->conf->sig_hashes == NULL) { + return MBEDTLS_ERR_SSL_BAD_CONFIG; + } - for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ ) - { + for (md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++) { #if defined(MBEDTLS_ECDSA_C) sig_alg_len += 2; #endif #if defined(MBEDTLS_RSA_C) sig_alg_len += 2; #endif - if( sig_alg_len > MBEDTLS_SSL_MAX_SIG_HASH_ALG_LIST_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "length in bytes of sig-hash-alg extension too big" ) ); - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + if (sig_alg_len > MBEDTLS_SSL_MAX_SIG_HASH_ALG_LIST_LEN) { + MBEDTLS_SSL_DEBUG_MSG(3, + ("length in bytes of sig-hash-alg extension too big")); + return MBEDTLS_ERR_SSL_BAD_CONFIG; } } /* Empty signature algorithms list, this is a configuration error. */ - if( sig_alg_len == 0 ) - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + if (sig_alg_len == 0) { + return MBEDTLS_ERR_SSL_BAD_CONFIG; + } - MBEDTLS_SSL_CHK_BUF_PTR( p, end, sig_alg_len + 6 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, sig_alg_len + 6); /* * Prepare signature_algorithms extension (TLS 1.2) */ sig_alg_len = 0; - for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ ) - { + for (md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++) { #if defined(MBEDTLS_ECDSA_C) - sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md ); + sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg(*md); sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA; #endif #if defined(MBEDTLS_RSA_C) - sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md ); + sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg(*md); sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA; #endif } @@ -283,18 +286,18 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SIG_ALG, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SIG_ALG, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( sig_alg_len + 2, p, 0 ); + MBEDTLS_PUT_UINT16_BE(sig_alg_len + 2, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( sig_alg_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(sig_alg_len, p, 0); p += 2; *olen = 6 + sig_alg_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ @@ -302,10 +305,10 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_supported_elliptic_curves_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; unsigned char *elliptic_curve_list = p + 6; @@ -315,80 +318,78 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, *olen = 0; - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding supported_elliptic_curves extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding supported_elliptic_curves extension")); - if( ssl->conf->curve_list == NULL ) - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + if (ssl->conf->curve_list == NULL) { + return MBEDTLS_ERR_SSL_BAD_CONFIG; + } - for( grp_id = ssl->conf->curve_list; + for (grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; - grp_id++ ) - { - info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); - if( info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "invalid curve in ssl configuration" ) ); - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + grp_id++) { + info = mbedtls_ecp_curve_info_from_grp_id(*grp_id); + if (info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("invalid curve in ssl configuration")); + return MBEDTLS_ERR_SSL_BAD_CONFIG; } elliptic_curve_len += 2; - if( elliptic_curve_len > MBEDTLS_SSL_MAX_CURVE_LIST_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "malformed supported_elliptic_curves extension in config" ) ); - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + if (elliptic_curve_len > MBEDTLS_SSL_MAX_CURVE_LIST_LEN) { + MBEDTLS_SSL_DEBUG_MSG(3, + ("malformed supported_elliptic_curves extension in config")); + return MBEDTLS_ERR_SSL_BAD_CONFIG; } } /* Empty elliptic curve list, this is a configuration error. */ - if( elliptic_curve_len == 0 ) - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + if (elliptic_curve_len == 0) { + return MBEDTLS_ERR_SSL_BAD_CONFIG; + } - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + elliptic_curve_len ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6 + elliptic_curve_len); elliptic_curve_len = 0; - for( grp_id = ssl->conf->curve_list; + for (grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; - grp_id++ ) - { - info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); - elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_1( info->tls_id ); - elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_0( info->tls_id ); + grp_id++) { + info = mbedtls_ecp_curve_info_from_grp_id(*grp_id); + elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_1(info->tls_id); + elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_0(info->tls_id); } - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( elliptic_curve_len + 2, p, 0 ); + MBEDTLS_PUT_UINT16_BE(elliptic_curve_len + 2, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( elliptic_curve_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(elliptic_curve_len, p, 0); p += 2; *olen = 6 + elliptic_curve_len; - return( 0 ); + return 0; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_supported_point_formats_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; (void) ssl; /* ssl used for debugging only */ *olen = 0; - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding supported_point_formats extension" ) ); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding supported_point_formats extension")); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0); p += 2; *p++ = 0x00; @@ -399,17 +400,17 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, *olen = 6; - return( 0 ); + return 0; } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = buf; @@ -418,15 +419,16 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, *olen = 0; /* Skip costly extension if we can't use EC J-PAKE anyway */ - if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) - return( 0 ); + if (mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding ecjpake_kkpp extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding ecjpake_kkpp extension")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0); p += 2; /* @@ -434,56 +436,51 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, * We don't want to compute fresh values every time (both for performance * and consistency reasons), so cache the extension content. */ - if( ssl->handshake->ecjpake_cache == NULL || - ssl->handshake->ecjpake_cache_len == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "generating new ecjpake parameters" ) ); - - ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, - p + 2, end - p - 2, &kkpp_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1 , - "mbedtls_ecjpake_write_round_one", ret ); - return( ret ); + if (ssl->handshake->ecjpake_cache == NULL || + ssl->handshake->ecjpake_cache_len == 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("generating new ecjpake parameters")); + + ret = mbedtls_ecjpake_write_round_one(&ssl->handshake->ecjpake_ctx, + p + 2, end - p - 2, &kkpp_len, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, + "mbedtls_ecjpake_write_round_one", ret); + return ret; } - ssl->handshake->ecjpake_cache = mbedtls_calloc( 1, kkpp_len ); - if( ssl->handshake->ecjpake_cache == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "allocation failed" ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + ssl->handshake->ecjpake_cache = mbedtls_calloc(1, kkpp_len); + if (ssl->handshake->ecjpake_cache == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("allocation failed")); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } - memcpy( ssl->handshake->ecjpake_cache, p + 2, kkpp_len ); + memcpy(ssl->handshake->ecjpake_cache, p + 2, kkpp_len); ssl->handshake->ecjpake_cache_len = kkpp_len; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "re-using cached ecjpake parameters" ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(3, ("re-using cached ecjpake parameters")); kkpp_len = ssl->handshake->ecjpake_cache_len; - MBEDTLS_SSL_CHK_BUF_PTR( p + 2, end, kkpp_len ); + MBEDTLS_SSL_CHK_BUF_PTR(p + 2, end, kkpp_len); - memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); + memcpy(p + 2, ssl->handshake->ecjpake_cache, kkpp_len); } - MBEDTLS_PUT_UINT16_BE( kkpp_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(kkpp_len, p, 0); p += 2; *olen = kkpp_len + 4; - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_cid_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; size_t ext_len; @@ -495,56 +492,56 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, * struct { * opaque cid<0..2^8-1>; * } ConnectionId; - */ + */ *olen = 0; - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || - ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED ) - { - return( 0 ); + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || + ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) { + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding CID extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, adding CID extension")); /* ssl->own_cid_len is at most MBEDTLS_SSL_CID_IN_LEN_MAX * which is at most 255, so the increment cannot overflow. */ - MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, (unsigned) (ssl->own_cid_len + 5)); /* Add extension ID + size */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_CID, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_CID, p, 0); p += 2; ext_len = (size_t) ssl->own_cid_len + 1; - MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(ext_len, p, 0); p += 2; *p++ = (uint8_t) ssl->own_cid_len; - memcpy( p, ssl->own_cid, ssl->own_cid_len ); + memcpy(p, ssl->own_cid, ssl->own_cid_len); *olen = ssl->own_cid_len + 5; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_max_fragment_length_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; *olen = 0; - if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) - return( 0 ); + if (ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding max_fragment_length extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding max_fragment_length extension")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 5); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0); p += 2; *p++ = 0x00; @@ -554,30 +551,31 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, *olen = 5; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_truncated_hmac_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; *olen = 0; - if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) - return( 0 ); + if (ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding truncated_hmac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding truncated_hmac extension")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_TRUNCATED_HMAC, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_TRUNCATED_HMAC, p, 0); p += 2; *p++ = 0x00; @@ -585,31 +583,32 @@ static int ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, *olen = 4; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_encrypt_then_mac_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; *olen = 0; - if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || - ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - return( 0 ); + if (ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || + ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding encrypt_then_mac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding encrypt_then_mac extension")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0); p += 2; *p++ = 0x00; @@ -617,31 +616,32 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, *olen = 4; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_extended_ms_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; *olen = 0; - if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || - ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - return( 0 ); + if (ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding extended_master_secret extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding extended_master_secret extension")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0); p += 2; *p++ = 0x00; @@ -649,59 +649,61 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, *olen = 4; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_session_ticket_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; size_t tlen = ssl->session_negotiate->ticket_len; *olen = 0; - if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED ) - return( 0 ); + if (ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding session ticket extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding session ticket extension")); /* The addition is safe here since the ticket length is 16 bit. */ - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4 + tlen); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( tlen, p, 0 ); + MBEDTLS_PUT_UINT16_BE(tlen, p, 0); p += 2; *olen = 4; - if( ssl->session_negotiate->ticket == NULL || tlen == 0 ) - return( 0 ); + if (ssl->session_negotiate->ticket == NULL || tlen == 0) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "sending session ticket of length %" MBEDTLS_PRINTF_SIZET, tlen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("sending session ticket of length %" MBEDTLS_PRINTF_SIZET, tlen)); - memcpy( p, ssl->session_negotiate->ticket, tlen ); + memcpy(p, ssl->session_negotiate->ticket, tlen); *olen += tlen; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_ALPN) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_alpn_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; size_t alpnlen = 0; @@ -709,17 +711,19 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = 0; - if( ssl->conf->alpn_list == NULL ) - return( 0 ); + if (ssl->conf->alpn_list == NULL) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, adding alpn extension")); - for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) - alpnlen += strlen( *cur ) + 1; + for (cur = ssl->conf->alpn_list; *cur != NULL; cur++) { + alpnlen += strlen(*cur) + 1; + } - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6 + alpnlen); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ALPN, p, 0); p += 2; /* @@ -733,35 +737,34 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, /* Skip writing extension and list length for now */ p += 4; - for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) - { + for (cur = ssl->conf->alpn_list; *cur != NULL; cur++) { /* * mbedtls_ssl_conf_set_alpn_protocols() checked that the length of * protocol names is less than 255. */ - *p = (unsigned char)strlen( *cur ); - memcpy( p + 1, *cur, *p ); + *p = (unsigned char) strlen(*cur); + memcpy(p + 1, *cur, *p); p += 1 + *p; } *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); + MBEDTLS_PUT_UINT16_BE(*olen - 6, buf, 4); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); + MBEDTLS_PUT_UINT16_BE(*olen - 4, buf, 2); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +static int ssl_write_use_srtp_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; size_t protection_profiles_index = 0, ext_len = 0; @@ -769,11 +772,10 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, *olen = 0; - if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) || - ( ssl->conf->dtls_srtp_profile_list == NULL ) || - ( ssl->conf->dtls_srtp_profile_list_len == 0 ) ) - { - return( 0 ); + if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) || + (ssl->conf->dtls_srtp_profile_list == NULL) || + (ssl->conf->dtls_srtp_profile_list_len == 0)) { + return 0; } /* RFC 5764 section 4.1.1 @@ -785,28 +787,27 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * } UseSRTPData; * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>; */ - if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED ) - { + if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED) { mki_len = ssl->dtls_srtp_info.mki_len; } /* Extension length = 2 bytes for profiles length, * ssl->conf->dtls_srtp_profile_list_len * 2 (each profile is 2 bytes length ), * 1 byte for srtp_mki vector length and the mki_len value */ - ext_len = 2 + 2 * ( ssl->conf->dtls_srtp_profile_list_len ) + 1 + mki_len; + ext_len = 2 + 2 * (ssl->conf->dtls_srtp_profile_list_len) + 1 + mki_len; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding use_srtp extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, adding use_srtp extension")); /* Check there is room in the buffer for the extension + 4 bytes * - the extension tag (2 bytes) * - the extension length (2 bytes) */ - MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, ext_len + 4); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_USE_SRTP, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(ext_len, p, 0); p += 2; /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ @@ -818,47 +819,42 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * >> 8 ) & 0xFF ); */ *p++ = 0; - *p++ = MBEDTLS_BYTE_0( 2 * ssl->conf->dtls_srtp_profile_list_len ); + *p++ = MBEDTLS_BYTE_0(2 * ssl->conf->dtls_srtp_profile_list_len); - for( protection_profiles_index=0; + for (protection_profiles_index = 0; protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len; - protection_profiles_index++ ) - { + protection_profiles_index++) { profile_value = mbedtls_ssl_check_srtp_profile_value - ( ssl->conf->dtls_srtp_profile_list[protection_profiles_index] ); - if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_write_use_srtp_ext, add profile: %04x", - profile_value ) ); - MBEDTLS_PUT_UINT16_BE( profile_value, p, 0 ); + (ssl->conf->dtls_srtp_profile_list[protection_profiles_index]); + if (profile_value != MBEDTLS_TLS_SRTP_UNSET) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_write_use_srtp_ext, add profile: %04x", + profile_value)); + MBEDTLS_PUT_UINT16_BE(profile_value, p, 0); p += 2; - } - else - { + } else { /* * Note: we shall never arrive here as protection profiles * is checked by mbedtls_ssl_conf_dtls_srtp_protection_profiles function */ - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, " - "illegal DTLS-SRTP protection profile %d", - ssl->conf->dtls_srtp_profile_list[protection_profiles_index] - ) ); - return( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, " + "illegal DTLS-SRTP protection profile %d", + ssl->conf->dtls_srtp_profile_list[protection_profiles_index] + )); + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; } } *p++ = mki_len & 0xFF; - if( mki_len != 0 ) - { - memcpy( p, ssl->dtls_srtp_info.mki_value, mki_len ); + if (mki_len != 0) { + memcpy(p, ssl->dtls_srtp_info.mki_value, mki_len); /* * Increment p to point to the current position. */ p += mki_len; - MBEDTLS_SSL_DEBUG_BUF( 3, "sending mki", ssl->dtls_srtp_info.mki_value, - ssl->dtls_srtp_info.mki_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "sending mki", ssl->dtls_srtp_info.mki_value, + ssl->dtls_srtp_info.mki_len); } /* @@ -871,7 +867,7 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, */ *olen = p - buf; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ @@ -879,7 +875,7 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * Generate random bytes for ClientHello */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_generate_random( mbedtls_ssl_context *ssl ) +static int ssl_generate_random(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = ssl->handshake->randbytes; @@ -891,31 +887,32 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) * When responding to a verify request, MUST reuse random (RFC 6347 4.2.1) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->verify_cookie != NULL ) - { - return( 0 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->verify_cookie != NULL) { + return 0; } #endif #if defined(MBEDTLS_HAVE_TIME) - t = mbedtls_time( NULL ); - MBEDTLS_PUT_UINT32_BE( t, p, 0 ); + t = mbedtls_time(NULL); + MBEDTLS_PUT_UINT32_BE(t, p, 0); p += 4; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %" MBEDTLS_PRINTF_LONGLONG, - (long long) t ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, current time: %" MBEDTLS_PRINTF_LONGLONG, + (long long) t)); #else - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 ) - return( ret ); + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 4)) != 0) { + return ret; + } p += 4; #endif /* MBEDTLS_HAVE_TIME */ - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 ) - return( ret ); + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 28)) != 0) { + return ret; + } - return( 0 ); + return 0; } /** @@ -930,50 +927,54 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) */ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_validate_ciphersuite( - const mbedtls_ssl_ciphersuite_t * suite_info, - const mbedtls_ssl_context * ssl, - int min_minor_ver, int max_minor_ver ) + const mbedtls_ssl_ciphersuite_t *suite_info, + const mbedtls_ssl_context *ssl, + int min_minor_ver, int max_minor_ver) { (void) ssl; - if( suite_info == NULL ) - return( 1 ); + if (suite_info == NULL) { + return 1; + } - if( suite_info->min_minor_ver > max_minor_ver || - suite_info->max_minor_ver < min_minor_ver ) - return( 1 ); + if (suite_info->min_minor_ver > max_minor_ver || + suite_info->max_minor_ver < min_minor_ver) { + return 1; + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) ) - return( 1 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS)) { + return 1; + } #endif #if defined(MBEDTLS_ARC4_C) - if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && - suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - return( 1 ); + if (ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && + suite_info->cipher == MBEDTLS_CIPHER_ARC4_128) { + return 1; + } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && - mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) - return( 1 ); + if (suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && + mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0) { + return 1; + } #endif /* Don't suggest PSK-based ciphersuite if no PSK is available. */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && - ssl_conf_has_static_psk( ssl->conf ) == 0 ) - { - return( 1 ); + if (mbedtls_ssl_ciphersuite_uses_psk(suite_info) && + ssl_conf_has_static_psk(ssl->conf) == 0) { + return 1; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ - return( 0 ); + return 0; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) +static int ssl_write_client_hello(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, n, olen, ext_len = 0; @@ -990,30 +991,29 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) int uses_ec = 0; #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write client hello")); - if( ssl->conf->f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") ); - return( MBEDTLS_ERR_SSL_NO_RNG ); + if (ssl->conf->f_rng == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided")); + return MBEDTLS_ERR_SSL_NO_RNG; } int renegotiating = 0; #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { renegotiating = 1; + } #endif - if( !renegotiating ) - { + if (!renegotiating) { ssl->major_ver = ssl->conf->min_major_ver; ssl->minor_ver = ssl->conf->min_minor_ver; } - if( ssl->conf->max_major_ver == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "configured max major version is invalid, consider using mbedtls_ssl_config_defaults()" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->max_major_ver == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "configured max major version is invalid, consider using mbedtls_ssl_config_defaults()")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } buf = ssl->out_msg; @@ -1027,7 +1027,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) * Use static upper bounds instead of the actual values * to allow the compiler to optimize this away. */ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 38 + 1 + 32 ); + MBEDTLS_SSL_CHK_BUF_PTR(buf, end, 38 + 1 + 32); /* * The 38 first bytes of the ClientHello: @@ -1043,22 +1043,21 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) */ p = buf + 4; - mbedtls_ssl_write_version( ssl->conf->max_major_ver, - ssl->conf->max_minor_ver, - ssl->conf->transport, p ); + mbedtls_ssl_write_version(ssl->conf->max_major_ver, + ssl->conf->max_minor_ver, + ssl->conf->transport, p); p += 2; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, max version: [%d:%d]", - buf[4], buf[5] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, max version: [%d:%d]", + buf[4], buf[5])); - if( ( ret = ssl_generate_random( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); - return( ret ); + if ((ret = ssl_generate_random(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_generate_random", ret); + return ret; } - memcpy( p, ssl->handshake->randbytes, 32 ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", p, 32 ); + memcpy(p, ssl->handshake->randbytes, 32); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, random bytes", p, 32); p += 32; /* @@ -1075,12 +1074,11 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) */ n = ssl->session_negotiate->id_len; - if( n < 16 || n > 32 || + if (n < 16 || n > 32 || #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE || #endif - ssl->handshake->resume == 0 ) - { + ssl->handshake->resume == 0) { n = 0; } @@ -1089,16 +1087,15 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) * RFC 5077 section 3.4: "When presenting a ticket, the client MAY * generate and include a Session ID in the TLS ClientHello." */ - if( !renegotiating ) - { - if( ssl->session_negotiate->ticket != NULL && - ssl->session_negotiate->ticket_len != 0 ) - { - ret = ssl->conf->f_rng( ssl->conf->p_rng, - ssl->session_negotiate->id, 32 ); - - if( ret != 0 ) - return( ret ); + if (!renegotiating) { + if (ssl->session_negotiate->ticket != NULL && + ssl->session_negotiate->ticket_len != 0) { + ret = ssl->conf->f_rng(ssl->conf->p_rng, + ssl->session_negotiate->id, 32); + + if (ret != 0) { + return ret; + } ssl->session_negotiate->id_len = n = 32; } @@ -1113,11 +1110,12 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) */ *p++ = (unsigned char) n; - for( i = 0; i < n; i++ ) + for (i = 0; i < n; i++) { *p++ = ssl->session_negotiate->id[i]; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 39, n ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n)); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, session id", buf + 39, n); /* * With 'n' being the length of the session identifier @@ -1136,27 +1134,23 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) * DTLS cookie */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 1 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 1); - if( ssl->handshake->verify_cookie == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "no verify cookie to send" ) ); + if (ssl->handshake->verify_cookie == NULL) { + MBEDTLS_SSL_DEBUG_MSG(3, ("no verify cookie to send")); *p++ = 0; - } - else - { - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", - ssl->handshake->verify_cookie, - ssl->handshake->verify_cookie_len ); + } else { + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, cookie", + ssl->handshake->verify_cookie, + ssl->handshake->verify_cookie_len); *p++ = ssl->handshake->verify_cookie_len; - MBEDTLS_SSL_CHK_BUF_PTR( p, end, - ssl->handshake->verify_cookie_len ); - memcpy( p, ssl->handshake->verify_cookie, - ssl->handshake->verify_cookie_len ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, + ssl->handshake->verify_cookie_len); + memcpy(p, ssl->handshake->verify_cookie, + ssl->handshake->verify_cookie_len); p += ssl->handshake->verify_cookie_len; } } @@ -1171,63 +1165,62 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) n = 0; q = p; - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); p += 2; - for( i = 0; ciphersuites[i] != 0; i++ ) - { - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); + for (i = 0; ciphersuites[i] != 0; i++) { + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuites[i]); - if( ssl_validate_ciphersuite( ciphersuite_info, ssl, - ssl->conf->min_minor_ver, - ssl->conf->max_minor_ver ) != 0 ) + if (ssl_validate_ciphersuite(ciphersuite_info, ssl, + ssl->conf->min_minor_ver, + ssl->conf->max_minor_ver) != 0) { continue; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %#04x (%s)", - (unsigned int)ciphersuites[i], ciphersuite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, add ciphersuite: %#04x (%s)", + (unsigned int) ciphersuites[i], ciphersuite_info->name)); #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - uses_ec |= mbedtls_ssl_ciphersuite_uses_ec( ciphersuite_info ); + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + uses_ec |= mbedtls_ssl_ciphersuite_uses_ec(ciphersuite_info); #endif - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); n++; - MBEDTLS_PUT_UINT16_BE( ciphersuites[i], p, 0 ); + MBEDTLS_PUT_UINT16_BE(ciphersuites[i], p, 0); p += 2; } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites (excluding SCSVs)", n ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, got %" MBEDTLS_PRINTF_SIZET + " ciphersuites (excluding SCSVs)", n)); /* * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV */ - if( !renegotiating ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) ); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO, p, 0 ); + if (!renegotiating) { + MBEDTLS_SSL_DEBUG_MSG(3, ("adding EMPTY_RENEGOTIATION_INFO_SCSV")); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO, p, 0); p += 2; n++; } /* Some versions of OpenSSL don't handle it correctly if not at end */ #if defined(MBEDTLS_SSL_FALLBACK_SCSV) - if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) ); + if (ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK) { + MBEDTLS_SSL_DEBUG_MSG(3, ("adding FALLBACK_SCSV")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_SSL_FALLBACK_SCSV_VALUE, p, 0 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_FALLBACK_SCSV_VALUE, p, 0); p += 2; n++; } #endif - *q++ = (unsigned char)( n >> 7 ); - *q++ = (unsigned char)( n << 1 ); + *q++ = (unsigned char) (n >> 7); + *q++ = (unsigned char) (n << 1); #if defined(MBEDTLS_ZLIB_SUPPORT) offer_compress = 1; @@ -1242,43 +1235,40 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) * an actual need for it. */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { offer_compress = 0; + } #endif - if( offer_compress ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 2 ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d %d", - MBEDTLS_SSL_COMPRESS_DEFLATE, - MBEDTLS_SSL_COMPRESS_NULL ) ); + if (offer_compress) { + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, compress len.: %d", 2)); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, compress alg.: %d %d", + MBEDTLS_SSL_COMPRESS_DEFLATE, + MBEDTLS_SSL_COMPRESS_NULL)); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 3 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 3); *p++ = 2; *p++ = MBEDTLS_SSL_COMPRESS_DEFLATE; *p++ = MBEDTLS_SSL_COMPRESS_NULL; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 1 ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d", - MBEDTLS_SSL_COMPRESS_NULL ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, compress len.: %d", 1)); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, compress alg.: %d", + MBEDTLS_SSL_COMPRESS_NULL)); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); *p++ = 1; *p++ = MBEDTLS_SSL_COMPRESS_NULL; } /* First write extensions, then the total length */ - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ( ret = ssl_write_hostname_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_hostname_ext", ret ); - return( ret ); + if ((ret = ssl_write_hostname_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_hostname_ext", ret); + return ret; } ext_len += olen; #endif @@ -1286,133 +1276,119 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) /* Note that TLS_EMPTY_RENEGOTIATION_INFO_SCSV is always added * even if MBEDTLS_SSL_RENEGOTIATION is not defined. */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ( ret = ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_renegotiation_ext", ret ); - return( ret ); + if ((ret = ssl_write_renegotiation_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_renegotiation_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - if( ( ret = ssl_write_signature_algorithms_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_signature_algorithms_ext", ret ); - return( ret ); + if ((ret = ssl_write_signature_algorithms_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_signature_algorithms_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( uses_ec ) - { - if( ( ret = ssl_write_supported_elliptic_curves_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_supported_elliptic_curves_ext", ret ); - return( ret ); + if (uses_ec) { + if ((ret = ssl_write_supported_elliptic_curves_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_supported_elliptic_curves_ext", ret); + return ret; } ext_len += olen; - if( ( ret = ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_supported_point_formats_ext", ret ); - return( ret ); + if ((ret = ssl_write_supported_point_formats_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_supported_point_formats_ext", ret); + return ret; } ext_len += olen; } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ( ret = ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_ecjpake_kkpp_ext", ret ); - return( ret ); + if ((ret = ssl_write_ecjpake_kkpp_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_ecjpake_kkpp_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( ( ret = ssl_write_cid_ext( ssl, p + 2 + ext_len, end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_cid_ext", ret ); - return( ret ); + if ((ret = ssl_write_cid_ext(ssl, p + 2 + ext_len, end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_cid_ext", ret); + return ret; } ext_len += olen; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( ( ret = ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_max_fragment_length_ext", ret ); - return( ret ); + if ((ret = ssl_write_max_fragment_length_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_max_fragment_length_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( ( ret = ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_truncated_hmac_ext", ret ); - return( ret ); + if ((ret = ssl_write_truncated_hmac_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_truncated_hmac_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( ( ret = ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_encrypt_then_mac_ext", ret ); - return( ret ); + if ((ret = ssl_write_encrypt_then_mac_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_encrypt_then_mac_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( ( ret = ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_extended_ms_ext", ret ); - return( ret ); + if ((ret = ssl_write_extended_ms_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_extended_ms_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_ALPN) - if( ( ret = ssl_write_alpn_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_alpn_ext", ret ); - return( ret ); + if ((ret = ssl_write_alpn_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_alpn_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) - if( ( ret = ssl_write_use_srtp_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_use_srtp_ext", ret ); - return( ret ); + if ((ret = ssl_write_use_srtp_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_use_srtp_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( ( ret = ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_session_ticket_ext", ret ); - return( ret ); + if ((ret = ssl_write_session_ticket_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_session_ticket_ext", ret); + return ret; } ext_len += olen; #endif @@ -1420,14 +1396,13 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) /* olen unused if all extensions are disabled */ ((void) olen); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %" MBEDTLS_PRINTF_SIZET, - ext_len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, total extension length: %" MBEDTLS_PRINTF_SIZET, + ext_len)); - if( ext_len > 0 ) - { + if (ext_len > 0) { /* No need to check for space here, because the extension * writing functions already took care of that. */ - MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(ext_len, p, 0); p += 2 + ext_len; } @@ -1438,363 +1413,343 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) ssl->state++; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_send_flight_completed( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_send_flight_completed(ssl); + } #endif - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flight_transmit", ret); + return ret; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write client hello")); - return( 0 ); + return 0; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_renegotiation_info(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { /* Check verify-data in constant-time. The length OTOH is no secret */ - if( len != 1 + ssl->verify_data_len * 2 || + if (len != 1 + ssl->verify_data_len * 2 || buf[0] != ssl->verify_data_len * 2 || - mbedtls_ct_memcmp( buf + 1, - ssl->own_verify_data, ssl->verify_data_len ) != 0 || - mbedtls_ct_memcmp( buf + 1 + ssl->verify_data_len, - ssl->peer_verify_data, ssl->verify_data_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); + mbedtls_ct_memcmp(buf + 1, + ssl->own_verify_data, ssl->verify_data_len) != 0 || + mbedtls_ct_memcmp(buf + 1 + ssl->verify_data_len, + ssl->peer_verify_data, ssl->verify_data_len) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("non-matching renegotiation info")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - } - else + } else #endif /* MBEDTLS_SSL_RENEGOTIATION */ { - if( len != 1 || buf[0] != 0x00 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-zero length renegotiation info" ) ); + if (len != 1 || buf[0] != 0x00) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-zero length renegotiation info")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; } - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_max_fragment_length_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { /* * server should use the extension only if we did, * and if so the server's value should match ours (and len is always 1) */ - if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE || + if (ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE || len != 1 || - buf[0] != ssl->conf->mfl_code ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-matching max fragment length extension" ) ); + buf[0] != ssl->conf->mfl_code) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-matching max fragment length extension")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_truncated_hmac_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-matching truncated HMAC extension" ) ); + if (ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED || + len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-matching truncated HMAC extension")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ((void) buf); ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_cid_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { size_t peer_cid_len; - if( /* CID extension only makes sense in DTLS */ + if ( /* CID extension only makes sense in DTLS */ ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || /* The server must only send the CID extension if we have offered it. */ - ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension unexpected" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) { + MBEDTLS_SSL_DEBUG_MSG(1, ("CID extension unexpected")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - if( len == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (len == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("CID extension invalid")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } peer_cid_len = *buf++; len--; - if( peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX) { + MBEDTLS_SSL_DEBUG_MSG(1, ("CID extension invalid")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - if( len != peer_cid_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (len != peer_cid_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("CID extension invalid")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len; - memcpy( ssl->handshake->peer_cid, buf, peer_cid_len ); + memcpy(ssl->handshake->peer_cid, buf, peer_cid_len); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use of CID extension negotiated" ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Server CID", buf, peer_cid_len ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Use of CID extension negotiated")); + MBEDTLS_SSL_DEBUG_BUF(3, "Server CID", buf, peer_cid_len); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_encrypt_then_mac_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || + if (ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-matching encrypt-then-MAC extension" ) ); + len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-matching encrypt-then-MAC extension")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ((void) buf); ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_extended_ms_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + if (ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-matching extended master secret extension" ) ); + len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-matching extended master secret extension")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ((void) buf); ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_session_ticket_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-matching session ticket extension" ) ); + if (ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED || + len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-matching session ticket extension")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ((void) buf); ssl->handshake->new_session_ticket = 1; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_supported_point_formats_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { size_t list_size; const unsigned char *p; - if( len == 0 || (size_t)( buf[0] + 1 ) != len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (len == 0 || (size_t) (buf[0] + 1) != len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } list_size = buf[0]; p = buf + 1; - while( list_size > 0 ) - { - if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || - p[0] == MBEDTLS_ECP_PF_COMPRESSED ) - { + while (list_size > 0) { + if (p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || + p[0] == MBEDTLS_ECP_PF_COMPRESSED) { #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ssl->handshake->ecdh_ctx.point_format = p[0]; #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) ssl->handshake->ecjpake_ctx.point_format = p[0]; #endif - MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(4, ("point format selected: %d", p[0])); + return 0; } list_size--; p++; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no point format in common" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG(1, ("no point format in common")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_ecjpake_kkpp(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ssl->handshake->ciphersuite_info->key_exchange != - MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) ); - return( 0 ); + if (ssl->handshake->ciphersuite_info->key_exchange != + MBEDTLS_KEY_EXCHANGE_ECJPAKE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("skip ecjpake kkpp extension")); + return 0; } /* If we got here, we no longer need our cached extension */ - mbedtls_free( ssl->handshake->ecjpake_cache ); + mbedtls_free(ssl->handshake->ecjpake_cache); ssl->handshake->ecjpake_cache = NULL; ssl->handshake->ecjpake_cache_len = 0; - if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx, - buf, len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret ); + if ((ret = mbedtls_ecjpake_read_round_one(&ssl->handshake->ecjpake_ctx, + buf, len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_one", ret); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( ret ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_ALPN) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +static int ssl_parse_alpn_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { size_t list_len, name_len; const char **p; /* If we didn't send it, the server shouldn't send it */ - if( ssl->conf->alpn_list == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching ALPN extension" ) ); + if (ssl->conf->alpn_list == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("non-matching ALPN extension")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } /* @@ -1808,62 +1763,58 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, */ /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */ - if( len < 4 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (len < 4) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - list_len = ( buf[0] << 8 ) | buf[1]; - if( list_len != len - 2 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + list_len = (buf[0] << 8) | buf[1]; + if (list_len != len - 2) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } name_len = buf[2]; - if( name_len != list_len - 1 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (name_len != list_len - 1) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } /* Check that the server chosen protocol was in our list and save it */ - for( p = ssl->conf->alpn_list; *p != NULL; p++ ) - { - if( name_len == strlen( *p ) && - memcmp( buf + 3, *p, name_len ) == 0 ) - { + for (p = ssl->conf->alpn_list; *p != NULL; p++) { + if (name_len == strlen(*p) && + memcmp(buf + 3, *p, name_len) == 0) { ssl->alpn_chosen = *p; - return( 0 ); + return 0; } } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ALPN extension: no matching protocol" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG(1, ("ALPN extension: no matching protocol")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_use_srtp_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { mbedtls_ssl_srtp_profile server_protection = MBEDTLS_TLS_SRTP_UNSET; size_t i, mki_len = 0; uint16_t server_protection_profile_value = 0; /* If use_srtp is not configured, just ignore the extension */ - if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) || - ( ssl->conf->dtls_srtp_profile_list == NULL ) || - ( ssl->conf->dtls_srtp_profile_list_len == 0 ) ) - return( 0 ); + if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) || + (ssl->conf->dtls_srtp_profile_list == NULL) || + (ssl->conf->dtls_srtp_profile_list_len == 0)) { + return 0; + } /* RFC 5764 section 4.1.1 * uint8 SRTPProtectionProfile[2]; @@ -1876,8 +1827,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>; * */ - if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED ) - { + if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED) { mki_len = ssl->dtls_srtp_info.mki_len; } @@ -1887,8 +1837,9 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * + mki_len(1 byte) * and optional srtp_mki */ - if( ( len < 5 ) || ( len != ( buf[4] + 5u ) ) ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if ((len < 5) || (len != (buf[4] + 5u))) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; + } /* * get the server protection profile @@ -1898,17 +1849,17 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * protection profile length must be 0x0002 as we must have only * one protection profile in server Hello */ - if( ( buf[0] != 0 ) || ( buf[1] != 2 ) ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if ((buf[0] != 0) || (buf[1] != 2)) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; + } - server_protection_profile_value = ( buf[2] << 8 ) | buf[3]; + server_protection_profile_value = (buf[2] << 8) | buf[3]; server_protection = mbedtls_ssl_check_srtp_profile_value( - server_protection_profile_value ); - if( server_protection != MBEDTLS_TLS_SRTP_UNSET ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s", - mbedtls_ssl_get_srtp_profile_as_string( - server_protection ) ) ); + server_protection_profile_value); + if (server_protection != MBEDTLS_TLS_SRTP_UNSET) { + MBEDTLS_SSL_DEBUG_MSG(3, ("found srtp profile: %s", + mbedtls_ssl_get_srtp_profile_as_string( + server_protection))); } ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET; @@ -1916,30 +1867,26 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, /* * Check we have the server profile in our list */ - for( i=0; i < ssl->conf->dtls_srtp_profile_list_len; i++) - { - if( server_protection == ssl->conf->dtls_srtp_profile_list[i] ) - { + for (i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++) { + if (server_protection == ssl->conf->dtls_srtp_profile_list[i]) { ssl->dtls_srtp_info.chosen_dtls_srtp_profile = ssl->conf->dtls_srtp_profile_list[i]; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected srtp profile: %s", + MBEDTLS_SSL_DEBUG_MSG(3, ("selected srtp profile: %s", mbedtls_ssl_get_srtp_profile_as_string( - server_protection ) ) ); + server_protection))); break; } } /* If no match was found : server problem, it shall never answer with incompatible profile */ - if( ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } /* If server does not use mki in its reply, make sure the client won't keep * one as negotiated */ - if( len == 5 ) - { + if (len == 5) { ssl->dtls_srtp_info.mki_len = 0; } @@ -1949,21 +1896,19 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * that is different than the one the client offered, then the client * MUST abort the handshake and SHOULD send an invalid_parameter alert. */ - if( len > 5 && ( buf[4] != mki_len || - ( memcmp( ssl->dtls_srtp_info.mki_value, &buf[5], mki_len ) ) ) ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (len > 5 && (buf[4] != mki_len || + (memcmp(ssl->dtls_srtp_info.mki_value, &buf[5], mki_len)))) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } -#if defined (MBEDTLS_DEBUG_C) - if( len > 5 ) - { - MBEDTLS_SSL_DEBUG_BUF( 3, "received mki", ssl->dtls_srtp_info.mki_value, - ssl->dtls_srtp_info.mki_len ); +#if defined(MBEDTLS_DEBUG_C) + if (len > 5) { + MBEDTLS_SSL_DEBUG_BUF(3, "received mki", ssl->dtls_srtp_info.mki_value, + ssl->dtls_srtp_info.mki_len); } #endif - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ @@ -1972,25 +1917,24 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, */ #if defined(MBEDTLS_SSL_PROTO_DTLS) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) +static int ssl_parse_hello_verify_request(mbedtls_ssl_context *ssl) { - const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); int major_ver, minor_ver; unsigned char cookie_len; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse hello verify request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse hello verify request")); /* Check that there is enough room for: * - 2 bytes of version * - 1 byte of cookie_len */ - if( mbedtls_ssl_hs_hdr_len( ssl ) + 3 > ssl->in_msglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "incoming HelloVerifyRequest message is too short" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (mbedtls_ssl_hs_hdr_len(ssl) + 3 > ssl->in_msglen) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("incoming HelloVerifyRequest message is too short")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } /* @@ -1999,63 +1943,60 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) * opaque cookie<0..2^8-1>; * } HelloVerifyRequest; */ - MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 ); - mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, p ); + MBEDTLS_SSL_DEBUG_BUF(3, "server version", p, 2); + mbedtls_ssl_read_version(&major_ver, &minor_ver, ssl->conf->transport, p); p += 2; /* * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1) * even is lower than our min version. */ - if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || + if (major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 || major_ver > ssl->conf->max_major_ver || - minor_ver > ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server version" ) ); + minor_ver > ssl->conf->max_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server version")); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + return MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; } cookie_len = *p++; - if( ( ssl->in_msg + ssl->in_msglen ) - p < cookie_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "cookie length does not match incoming message size" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if ((ssl->in_msg + ssl->in_msglen) - p < cookie_len) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("cookie length does not match incoming message size")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 3, "cookie", p, cookie_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "cookie", p, cookie_len); - mbedtls_free( ssl->handshake->verify_cookie ); + mbedtls_free(ssl->handshake->verify_cookie); - ssl->handshake->verify_cookie = mbedtls_calloc( 1, cookie_len ); - if( ssl->handshake->verify_cookie == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed (%d bytes)", cookie_len ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + ssl->handshake->verify_cookie = mbedtls_calloc(1, cookie_len); + if (ssl->handshake->verify_cookie == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc failed (%d bytes)", cookie_len)); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } - memcpy( ssl->handshake->verify_cookie, p, cookie_len ); + memcpy(ssl->handshake->verify_cookie, p, cookie_len); ssl->handshake->verify_cookie_len = cookie_len; /* Start over at ClientHello */ ssl->state = MBEDTLS_SSL_CLIENT_HELLO; - mbedtls_ssl_reset_checksum( ssl ); + mbedtls_ssl_reset_checksum(ssl); - mbedtls_ssl_recv_flight_completed( ssl ); + mbedtls_ssl_recv_flight_completed(ssl); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse hello verify request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse hello verify request")); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -static int is_compression_bad( mbedtls_ssl_context *ssl, unsigned char comp ) +static int is_compression_bad(mbedtls_ssl_context *ssl, unsigned char comp) { int bad_comp = 0; @@ -2064,23 +2005,26 @@ static int is_compression_bad( mbedtls_ssl_context *ssl, unsigned char comp ) #if defined(MBEDTLS_ZLIB_SUPPORT) /* See comments in ssl_write_client_hello() */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - comp != MBEDTLS_SSL_COMPRESS_NULL ) + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + comp != MBEDTLS_SSL_COMPRESS_NULL) { bad_comp = 1; + } #endif - if( comp != MBEDTLS_SSL_COMPRESS_NULL && - comp != MBEDTLS_SSL_COMPRESS_DEFLATE ) + if (comp != MBEDTLS_SSL_COMPRESS_NULL && + comp != MBEDTLS_SSL_COMPRESS_DEFLATE) { bad_comp = 1; + } #else /* MBEDTLS_ZLIB_SUPPORT */ - if( comp != MBEDTLS_SSL_COMPRESS_NULL ) + if (comp != MBEDTLS_SSL_COMPRESS_NULL) { bad_comp = 1; -#endif/* MBEDTLS_ZLIB_SUPPORT */ + } +#endif /* MBEDTLS_ZLIB_SUPPORT */ return bad_comp; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) +static int ssl_parse_server_hello(mbedtls_ssl_context *ssl) { int ret, i; size_t n; @@ -2093,74 +2037,65 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) int handshake_failure = 0; const mbedtls_ssl_ciphersuite_t *suite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse server hello")); - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { /* No alert on a read error. */ - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } buf = ssl->in_msg; - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { + if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { ssl->renego_records_seen++; - if( ssl->conf->renego_max_records >= 0 && - ssl->renego_records_seen > ssl->conf->renego_max_records ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "renegotiation requested, but not honored by server" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + if (ssl->conf->renego_max_records >= 0 && + ssl->renego_records_seen > ssl->conf->renego_max_records) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("renegotiation requested, but not honored by server")); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-handshake message during renegotiation" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-handshake message during renegotiation")); ssl->keep_current_message = 1; - return( MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ); + return MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( buf[0] == MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received hello verify request" ) ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); - return( ssl_parse_hello_verify_request( ssl ) ); - } - else - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if (buf[0] == MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST) { + MBEDTLS_SSL_DEBUG_MSG(2, ("received hello verify request")); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse server hello")); + return ssl_parse_hello_verify_request(ssl); + } else { /* We made it through the verification process */ - mbedtls_free( ssl->handshake->verify_cookie ); + mbedtls_free(ssl->handshake->verify_cookie); ssl->handshake->verify_cookie = NULL; ssl->handshake->verify_cookie_len = 0; } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( ssl->in_hslen < 38 + mbedtls_ssl_hs_hdr_len( ssl ) || - buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (ssl->in_hslen < 38 + mbedtls_ssl_hs_hdr_len(ssl) || + buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } /* @@ -2174,389 +2109,363 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) * 38+n . 39+n extensions length (optional) * 40+n . .. extensions */ - buf += mbedtls_ssl_hs_hdr_len( ssl ); + buf += mbedtls_ssl_hs_hdr_len(ssl); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 ); - mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, - ssl->conf->transport, buf + 0 ); + MBEDTLS_SSL_DEBUG_BUF(3, "server hello, version", buf + 0, 2); + mbedtls_ssl_read_version(&ssl->major_ver, &ssl->minor_ver, + ssl->conf->transport, buf + 0); - if( ssl->major_ver < ssl->conf->min_major_ver || + if (ssl->major_ver < ssl->conf->min_major_ver || ssl->minor_ver < ssl->conf->min_minor_ver || ssl->major_ver > ssl->conf->max_major_ver || - ssl->minor_ver > ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "server version out of bounds - min: [%d:%d], server: [%d:%d], max: [%d:%d]", - ssl->conf->min_major_ver, - ssl->conf->min_minor_ver, - ssl->major_ver, ssl->minor_ver, - ssl->conf->max_major_ver, - ssl->conf->max_minor_ver ) ); + ssl->minor_ver > ssl->conf->max_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "server version out of bounds - min: [%d:%d], server: [%d:%d], max: [%d:%d]", + ssl->conf->min_major_ver, + ssl->conf->min_minor_ver, + ssl->major_ver, ssl->minor_ver, + ssl->conf->max_major_ver, + ssl->conf->max_minor_ver)); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + return MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", - ( (unsigned long) buf[2] << 24 ) | - ( (unsigned long) buf[3] << 16 ) | - ( (unsigned long) buf[4] << 8 ) | - ( (unsigned long) buf[5] ) ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, current time: %lu", + ((unsigned long) buf[2] << 24) | + ((unsigned long) buf[3] << 16) | + ((unsigned long) buf[4] << 8) | + ((unsigned long) buf[5]))); - memcpy( ssl->handshake->randbytes + 32, buf + 2, 32 ); + memcpy(ssl->handshake->randbytes + 32, buf + 2, 32); n = buf[34]; - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 2, 32 ); + MBEDTLS_SSL_DEBUG_BUF(3, "server hello, random bytes", buf + 2, 32); - if( n > 32 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (n > 32) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - if( ssl->in_hslen > mbedtls_ssl_hs_hdr_len( ssl ) + 39 + n ) - { - ext_len = ( ( buf[38 + n] << 8 ) - | ( buf[39 + n] ) ); + if (ssl->in_hslen > mbedtls_ssl_hs_hdr_len(ssl) + 39 + n) { + ext_len = ((buf[38 + n] << 8) + | (buf[39 + n])); - if( ( ext_len > 0 && ext_len < 4 ) || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 40 + n + ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + if ((ext_len > 0 && ext_len < 4) || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + 40 + n + ext_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - } - else if( ssl->in_hslen == mbedtls_ssl_hs_hdr_len( ssl ) + 38 + n ) - { + } else if (ssl->in_hslen == mbedtls_ssl_hs_hdr_len(ssl) + 38 + n) { ext_len = 0; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } else { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } /* ciphersuite (used later) */ - i = ( buf[35 + n] << 8 ) | buf[36 + n]; + i = (buf[35 + n] << 8) | buf[36 + n]; /* * Read and check compression */ comp = buf[37 + n]; - if( is_compression_bad( ssl, comp ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "server hello, bad compression: %d", comp ) ); + if (is_compression_bad(ssl, comp)) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("server hello, bad compression: %d", comp)); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } /* * Initialize update checksum functions */ - ssl->handshake->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i ); - if( ssl->handshake->ciphersuite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "ciphersuite info for %04x not found", (unsigned int)i ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + ssl->handshake->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(i); + if (ssl->handshake->ciphersuite_info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("ciphersuite info for %04x not found", (unsigned int) i)); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - mbedtls_ssl_optimize_checksum( ssl, ssl->handshake->ciphersuite_info ); + mbedtls_ssl_optimize_checksum(ssl, ssl->handshake->ciphersuite_info); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 35, n ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n)); + MBEDTLS_SSL_DEBUG_BUF(3, "server hello, session id", buf + 35, n); /* * Check if the session can be resumed */ - if( ssl->handshake->resume == 0 || n == 0 || + if (ssl->handshake->resume == 0 || n == 0 || #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE || #endif ssl->session_negotiate->ciphersuite != i || ssl->session_negotiate->compression != comp || ssl->session_negotiate->id_len != n || - memcmp( ssl->session_negotiate->id, buf + 35, n ) != 0 ) - { + memcmp(ssl->session_negotiate->id, buf + 35, n) != 0) { ssl->state++; ssl->handshake->resume = 0; #if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = mbedtls_time( NULL ); + ssl->session_negotiate->start = mbedtls_time(NULL); #endif ssl->session_negotiate->ciphersuite = i; ssl->session_negotiate->compression = comp; ssl->session_negotiate->id_len = n; - memcpy( ssl->session_negotiate->id, buf + 35, n ); - } - else - { + memcpy(ssl->session_negotiate->id, buf + 35, n); + } else { ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", - ssl->handshake->resume ? "a" : "no" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("%s session has been resumed", + ssl->handshake->resume ? "a" : "no")); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %04x", (unsigned) i ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", - buf[37 + n] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, chosen ciphersuite: %04x", (unsigned) i)); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, compress alg.: %d", + buf[37 + n])); /* * Perform cipher suite validation in same way as in ssl_write_client_hello. */ i = 0; - while( 1 ) - { - if( ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + while (1) { + if (ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - if( ssl->conf->ciphersuite_list[ssl->minor_ver][i++] == - ssl->session_negotiate->ciphersuite ) - { + if (ssl->conf->ciphersuite_list[ssl->minor_ver][i++] == + ssl->session_negotiate->ciphersuite) { break; } } suite_info = mbedtls_ssl_ciphersuite_from_id( - ssl->session_negotiate->ciphersuite ); - if( ssl_validate_ciphersuite( suite_info, ssl, ssl->minor_ver, - ssl->minor_ver ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + ssl->session_negotiate->ciphersuite); + if (ssl_validate_ciphersuite(suite_info, ssl, ssl->minor_ver, + ssl->minor_ver) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "server hello, chosen ciphersuite: %s", suite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("server hello, chosen ciphersuite: %s", suite_info->name)); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA && - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { ssl->handshake->ecrs_enabled = 1; } #endif - if( comp != MBEDTLS_SSL_COMPRESS_NULL + if (comp != MBEDTLS_SSL_COMPRESS_NULL #if defined(MBEDTLS_ZLIB_SUPPORT) && comp != MBEDTLS_SSL_COMPRESS_DEFLATE #endif - ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + ) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ssl->session_negotiate->compression = comp; ext = buf + 40 + n; - MBEDTLS_SSL_DEBUG_MSG( 2, - ( "server hello, total extension length: %" MBEDTLS_PRINTF_SIZET, ext_len ) ); + MBEDTLS_SSL_DEBUG_MSG(2, + ("server hello, total extension length: %" MBEDTLS_PRINTF_SIZET, + ext_len)); - while( ext_len ) - { - unsigned int ext_id = ( ( ext[0] << 8 ) - | ( ext[1] ) ); - unsigned int ext_size = ( ( ext[2] << 8 ) - | ( ext[3] ) ); + while (ext_len) { + unsigned int ext_id = ((ext[0] << 8) + | (ext[1])); + unsigned int ext_size = ((ext[2] << 8) + | (ext[3])); - if( ext_size + 4 > ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + if (ext_size + 4 > ext_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - switch( ext_id ) - { - case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); + switch (ext_id) { + case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: + MBEDTLS_SSL_DEBUG_MSG(3, ("found renegotiation extension")); #if defined(MBEDTLS_SSL_RENEGOTIATION) - renegotiation_info_seen = 1; + renegotiation_info_seen = 1; #endif - if( ( ret = ssl_parse_renegotiation_info( ssl, ext + 4, - ext_size ) ) != 0 ) - return( ret ); + if ((ret = ssl_parse_renegotiation_info(ssl, ext + 4, + ext_size)) != 0) { + return ret; + } - break; + break; #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "found max_fragment_length extension" ) ); - - if( ( ret = ssl_parse_max_fragment_length_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: + MBEDTLS_SSL_DEBUG_MSG(3, + ("found max_fragment_length extension")); - break; + if ((ret = ssl_parse_max_fragment_length_ext(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } + + break; #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated_hmac extension" ) ); + case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: + MBEDTLS_SSL_DEBUG_MSG(3, ("found truncated_hmac extension")); - if( ( ret = ssl_parse_truncated_hmac_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + if ((ret = ssl_parse_truncated_hmac_ext(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } - break; + break; #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - case MBEDTLS_TLS_EXT_CID: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); - - if( ( ret = ssl_parse_cid_ext( ssl, - ext + 4, - ext_size ) ) != 0 ) - { - return( ret ); - } + case MBEDTLS_TLS_EXT_CID: + MBEDTLS_SSL_DEBUG_MSG(3, ("found CID extension")); - break; + if ((ret = ssl_parse_cid_ext(ssl, + ext + 4, + ext_size)) != 0) { + return ret; + } + + break; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt_then_mac extension" ) ); + case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: + MBEDTLS_SSL_DEBUG_MSG(3, ("found encrypt_then_mac extension")); - if( ( ret = ssl_parse_encrypt_then_mac_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + if ((ret = ssl_parse_encrypt_then_mac_ext(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } - break; + break; #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "found extended_master_secret extension" ) ); - - if( ( ret = ssl_parse_extended_ms_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: + MBEDTLS_SSL_DEBUG_MSG(3, + ("found extended_master_secret extension")); - break; + if ((ret = ssl_parse_extended_ms_ext(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } + + break; #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) - case MBEDTLS_TLS_EXT_SESSION_TICKET: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session_ticket extension" ) ); + case MBEDTLS_TLS_EXT_SESSION_TICKET: + MBEDTLS_SSL_DEBUG_MSG(3, ("found session_ticket extension")); - if( ( ret = ssl_parse_session_ticket_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + if ((ret = ssl_parse_session_ticket_ext(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } - break; + break; #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "found supported_point_formats extension" ) ); - - if( ( ret = ssl_parse_supported_point_formats_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: + MBEDTLS_SSL_DEBUG_MSG(3, + ("found supported_point_formats extension")); - break; + if ((ret = ssl_parse_supported_point_formats_ext(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } + + break; #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - case MBEDTLS_TLS_EXT_ECJPAKE_KKPP: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake_kkpp extension" ) ); + case MBEDTLS_TLS_EXT_ECJPAKE_KKPP: + MBEDTLS_SSL_DEBUG_MSG(3, ("found ecjpake_kkpp extension")); - if( ( ret = ssl_parse_ecjpake_kkpp( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + if ((ret = ssl_parse_ecjpake_kkpp(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } - break; + break; #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_ALPN) - case MBEDTLS_TLS_EXT_ALPN: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); + case MBEDTLS_TLS_EXT_ALPN: + MBEDTLS_SSL_DEBUG_MSG(3, ("found alpn extension")); - if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ) ) != 0 ) - return( ret ); + if ((ret = ssl_parse_alpn_ext(ssl, ext + 4, ext_size)) != 0) { + return ret; + } - break; + break; #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) - case MBEDTLS_TLS_EXT_USE_SRTP: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found use_srtp extension" ) ); + case MBEDTLS_TLS_EXT_USE_SRTP: + MBEDTLS_SSL_DEBUG_MSG(3, ("found use_srtp extension")); - if( ( ret = ssl_parse_use_srtp_ext( ssl, ext + 4, ext_size ) ) != 0 ) - return( ret ); + if ((ret = ssl_parse_use_srtp_ext(ssl, ext + 4, ext_size)) != 0) { + return ret; + } - break; + break; #endif /* MBEDTLS_SSL_DTLS_SRTP */ - default: - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "unknown extension found: %u (ignoring)", ext_id ) ); + default: + MBEDTLS_SSL_DEBUG_MSG(3, + ("unknown extension found: %u (ignoring)", ext_id)); } ext_len -= 4 + ext_size; ext += 4 + ext_size; - if( ext_len > 0 && ext_len < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (ext_len > 0 && ext_len < 4) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } } @@ -2565,77 +2474,68 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) * extensions. It sets the transform data for the resumed session which in * case of DTLS includes the server CID extracted from the CID extension. */ - if( ssl->handshake->resume ) - { - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); + if (ssl->handshake->resume) { + if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( ret ); + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + return ret; } } /* * Renegotiation security checks */ - if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + if (ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && ssl->conf->allow_legacy_renegotiation == - MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "legacy renegotiation, breaking off handshake" ) ); + MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("legacy renegotiation, breaking off handshake")); handshake_failure = 1; } #if defined(MBEDTLS_SSL_RENEGOTIATION) - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && - renegotiation_info_seen == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "renegotiation_info extension missing (secure)" ) ); + renegotiation_info_seen == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("renegotiation_info extension missing (secure)")); handshake_failure = 1; - } - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == - MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); + } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == + MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION) { + MBEDTLS_SSL_DEBUG_MSG(1, ("legacy renegotiation not allowed")); handshake_failure = 1; - } - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - renegotiation_info_seen == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "renegotiation_info extension present (legacy)" ) ); + } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + renegotiation_info_seen == 1) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("renegotiation_info extension present (legacy)")); handshake_failure = 1; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ - if( handshake_failure == 1 ) - { + if (handshake_failure == 1) { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse server hello")); - return( 0 ); + return 0; } #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end ) +static int ssl_parse_server_dh_params(mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t dhm_actual_bitlen; @@ -2649,27 +2549,25 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, * opaque dh_Ys<1..2^16-1>; * } ServerDHParams; */ - if( ( ret = mbedtls_dhm_read_params( &ssl->handshake->dhm_ctx, - p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 2, ( "mbedtls_dhm_read_params" ), ret ); - return( ret ); + if ((ret = mbedtls_dhm_read_params(&ssl->handshake->dhm_ctx, + p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(2, ("mbedtls_dhm_read_params"), ret); + return ret; } - dhm_actual_bitlen = mbedtls_mpi_bitlen( &ssl->handshake->dhm_ctx.P ); - if( dhm_actual_bitlen < ssl->conf->dhm_min_bitlen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %" MBEDTLS_PRINTF_SIZET " < %u", - dhm_actual_bitlen, - ssl->conf->dhm_min_bitlen ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + dhm_actual_bitlen = mbedtls_mpi_bitlen(&ssl->handshake->dhm_ctx.P); + if (dhm_actual_bitlen < ssl->conf->dhm_min_bitlen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("DHM prime too short: %" MBEDTLS_PRINTF_SIZET " < %u", + dhm_actual_bitlen, + ssl->conf->dhm_min_bitlen)); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: P ", &ssl->handshake->dhm_ctx.P); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: G ", &ssl->handshake->dhm_ctx.G); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GY", &ssl->handshake->dhm_ctx.GY); - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ @@ -2680,7 +2578,7 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) +static int ssl_check_server_ecdh_params(const mbedtls_ssl_context *ssl) { const mbedtls_ecp_curve_info *curve_info; mbedtls_ecp_group_id grp_id; @@ -2690,28 +2588,29 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) grp_id = ssl->handshake->ecdh_ctx.grp_id; #endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */ - curve_info = mbedtls_ecp_curve_info_from_grp_id( grp_id ); - if( curve_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + curve_info = mbedtls_ecp_curve_info_from_grp_id(grp_id); + if (curve_info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("ECDH curve: %s", curve_info->name)); #if defined(MBEDTLS_ECP_C) - if( mbedtls_ssl_check_curve( ssl, grp_id ) != 0 ) - return( -1 ); + if (mbedtls_ssl_check_curve(ssl, grp_id) != 0) { + return -1; + } #else - if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || - ssl->handshake->ecdh_ctx.grp.nbits > 521 ) - return( -1 ); + if (ssl->handshake->ecdh_ctx.grp.nbits < 163 || + ssl->handshake->ecdh_ctx.grp.nbits > 521) { + return -1; + } #endif /* MBEDTLS_ECP_C */ - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_QP ); + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_QP); - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || @@ -2720,12 +2619,12 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ) + (defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end ) +static int ssl_parse_server_ecdh_params_psa(mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end) { uint16_t tls_id; size_t ecdh_bits = 0; @@ -2736,12 +2635,14 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, * Parse ECC group */ - if( end - *p < 4 ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (end - *p < 4) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; + } /* First byte is curve_type; only named_curve is handled */ - if( *(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (*(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; + } /* Next two bytes are the namedcurve value */ tls_id = *(*p)++; @@ -2749,17 +2650,18 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, tls_id |= *(*p)++; /* Check it's a curve we offered */ - if( mbedtls_ssl_check_curve_tls_id( ssl, tls_id ) != 0 ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (mbedtls_ssl_check_curve_tls_id(ssl, tls_id) != 0) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; + } /* Convert EC group to PSA key type. */ - if( ( handshake->ecdh_psa_type = - mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 ) - { - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if ((handshake->ecdh_psa_type = + mbedtls_psa_parse_tls_ecc_group(tls_id, &ecdh_bits)) == 0) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; + } + if (ecdh_bits > 0xffff) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - if( ecdh_bits > 0xffff ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); handshake->ecdh_bits = (uint16_t) ecdh_bits; /* @@ -2767,20 +2669,20 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, */ ecpoint_len = *(*p)++; - if( (size_t)( end - *p ) < ecpoint_len ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - - if( mbedtls_psa_tls_ecpoint_to_psa_ec( - *p, ecpoint_len, - handshake->ecdh_psa_peerkey, - sizeof( handshake->ecdh_psa_peerkey ), - &handshake->ecdh_psa_peerkey_len ) != 0 ) - { - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + if ((size_t) (end - *p) < ecpoint_len) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; + } + + if (mbedtls_psa_tls_ecpoint_to_psa_ec( + *p, ecpoint_len, + handshake->ecdh_psa_peerkey, + sizeof(handshake->ecdh_psa_peerkey), + &handshake->ecdh_psa_peerkey_len) != 0) { + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } *p += ecpoint_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO && ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || @@ -2790,9 +2692,9 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end ) +static int ssl_parse_server_ecdh_params(mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; @@ -2804,25 +2706,24 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, * ECPoint public; * } ServerECDHParams; */ - if( ( ret = mbedtls_ecdh_read_params( &ssl->handshake->ecdh_ctx, - (const unsigned char **) p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_read_params" ), ret ); + if ((ret = mbedtls_ecdh_read_params(&ssl->handshake->ecdh_ctx, + (const unsigned char **) p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecdh_read_params"), ret); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; + } #endif - return( ret ); + return ret; } - if( ssl_check_server_ecdh_params( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "bad server key exchange message (ECDHE curve)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (ssl_check_server_ecdh_params(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("bad server key exchange message (ECDHE curve)")); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || @@ -2830,9 +2731,9 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end ) +static int ssl_parse_server_psk_hint(mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; uint16_t len; @@ -2843,20 +2744,18 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, * * opaque psk_identity_hint<0..2^16-1>; */ - if( end - (*p) < 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "bad server key exchange message (psk_identity_hint length)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (end - (*p) < 2) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("bad server key exchange message (psk_identity_hint length)")); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } len = (*p)[0] << 8 | (*p)[1]; *p += 2; - if( end - (*p) < len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "bad server key exchange message (psk_identity_hint length)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (end - (*p) < len) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("bad server key exchange message (psk_identity_hint length)")); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } /* @@ -2867,7 +2766,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, *p += len; ret = 0; - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ @@ -2877,19 +2776,18 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, * Generate a pre-master secret and encrypt it with the server's RSA key */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, - size_t offset, size_t *olen, - size_t pms_offset ) +static int ssl_write_encrypted_pms(mbedtls_ssl_context *ssl, + size_t offset, size_t *olen, + size_t pms_offset) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len_bytes = ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2; unsigned char *p = ssl->handshake->premaster + pms_offset; - mbedtls_pk_context * peer_pk; + mbedtls_pk_context *peer_pk; - if( offset + len_bytes > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small for encrypted pms" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (offset + len_bytes > MBEDTLS_SSL_OUT_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small for encrypted pms")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } /* @@ -2899,14 +2797,13 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, * opaque random[46]; * } PreMasterSecret; */ - mbedtls_ssl_write_version( ssl->conf->max_major_ver, - ssl->conf->max_minor_ver, - ssl->conf->transport, p ); + mbedtls_ssl_write_version(ssl->conf->max_major_ver, + ssl->conf->max_minor_ver, + ssl->conf->transport, p); - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p + 2, 46 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "f_rng", ret ); - return( ret ); + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p + 2, 46)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "f_rng", ret); + return ret; } ssl->handshake->pmslen = 48; @@ -2914,11 +2811,10 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) peer_pk = &ssl->handshake->peer_pubkey; #else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert == NULL ) - { + if (ssl->session_negotiate->peer_cert == NULL) { /* Should never happen */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } peer_pk = &ssl->session_negotiate->peer_cert->pk; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ @@ -2926,36 +2822,33 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, /* * Now write it out, encrypted */ - if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_RSA ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) ); - return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); + if (!mbedtls_pk_can_do(peer_pk, MBEDTLS_PK_RSA)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("certificate key type mismatch")); + return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } - if( ( ret = mbedtls_pk_encrypt( peer_pk, - p, ssl->handshake->pmslen, - ssl->out_msg + offset + len_bytes, olen, - MBEDTLS_SSL_OUT_CONTENT_LEN - offset - len_bytes, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_rsa_pkcs1_encrypt", ret ); - return( ret ); + if ((ret = mbedtls_pk_encrypt(peer_pk, + p, ssl->handshake->pmslen, + ssl->out_msg + offset + len_bytes, olen, + MBEDTLS_SSL_OUT_CONTENT_LEN - offset - len_bytes, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_rsa_pkcs1_encrypt", ret); + return ret; } #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( len_bytes == 2 ) - { - MBEDTLS_PUT_UINT16_BE( *olen, ssl->out_msg, offset ); + if (len_bytes == 2) { + MBEDTLS_PUT_UINT16_BE(*olen, ssl->out_msg, offset); *olen += 2; } #endif #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* We don't need the peer's public key anymore. Free it. */ - mbedtls_pk_free( peer_pk ); + mbedtls_pk_free(peer_pk); #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ @@ -2965,64 +2858,61 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end, - mbedtls_md_type_t *md_alg, - mbedtls_pk_type_t *pk_alg ) +static int ssl_parse_signature_algorithm(mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end, + mbedtls_md_type_t *md_alg, + mbedtls_pk_type_t *pk_alg) { ((void) ssl); *md_alg = MBEDTLS_MD_NONE; *pk_alg = MBEDTLS_PK_NONE; /* Only in TLS 1.2 */ - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - return( 0 ); + if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) { + return 0; } - if( (*p) + 2 > end ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if ((*p) + 2 > end) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; + } /* * Get hash algorithm */ - if( ( *md_alg = mbedtls_ssl_md_alg_from_hash( (*p)[0] ) ) - == MBEDTLS_MD_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "Server used unsupported HashAlgorithm %d", *(p)[0] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if ((*md_alg = mbedtls_ssl_md_alg_from_hash((*p)[0])) + == MBEDTLS_MD_NONE) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("Server used unsupported HashAlgorithm %d", *(p)[0])); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } /* * Get signature algorithm */ - if( ( *pk_alg = mbedtls_ssl_pk_alg_from_sig( (*p)[1] ) ) - == MBEDTLS_PK_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "server used unsupported SignatureAlgorithm %d", (*p)[1] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if ((*pk_alg = mbedtls_ssl_pk_alg_from_sig((*p)[1])) + == MBEDTLS_PK_NONE) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("server used unsupported SignatureAlgorithm %d", (*p)[1])); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } /* * Check if the hash is acceptable */ - if( mbedtls_ssl_check_sig_hash( ssl, *md_alg ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "server used HashAlgorithm %d that was not offered", *(p)[0] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (mbedtls_ssl_check_sig_hash(ssl, *md_alg) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("server used HashAlgorithm %d that was not offered", *(p)[0])); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d", - (*p)[1] ) ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used HashAlgorithm %d", - (*p)[0] ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Server used SignatureAlgorithm %d", + (*p)[1])); + MBEDTLS_SSL_DEBUG_MSG(2, ("Server used HashAlgorithm %d", + (*p)[0])); *p += 2; - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || @@ -3032,75 +2922,70 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) +static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_ecp_keypair *peer_key; - mbedtls_pk_context * peer_pk; + mbedtls_pk_context *peer_pk; #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) peer_pk = &ssl->handshake->peer_pubkey; #else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert == NULL ) - { + if (ssl->session_negotiate->peer_cert == NULL) { /* Should never happen */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } peer_pk = &ssl->session_negotiate->peer_cert->pk; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /* This is a public key, so it can't be opaque, so can_do() is a good * enough check to ensure pk_ec() is safe to use below. */ - if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECKEY ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); - return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); + if (!mbedtls_pk_can_do(peer_pk, MBEDTLS_PK_ECKEY)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("server key not ECDH capable")); + return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } - peer_key = mbedtls_pk_ec( *peer_pk ); + peer_key = mbedtls_pk_ec(*peer_pk); - if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, peer_key, - MBEDTLS_ECDH_THEIRS ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret ); - return( ret ); + if ((ret = mbedtls_ecdh_get_params(&ssl->handshake->ecdh_ctx, peer_key, + MBEDTLS_ECDH_THEIRS)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecdh_get_params"), ret); + return ret; } - if( ssl_check_server_ecdh_params( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server certificate (ECDH curve)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + if (ssl_check_server_ecdh_params(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server certificate (ECDH curve)")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* We don't need the peer's public key anymore. Free it, * so that more RAM is available for upcoming expensive * operations like ECDHE. */ - mbedtls_pk_free( peer_pk ); + mbedtls_pk_free(peer_pk); #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) +static int ssl_parse_server_key_exchange(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; unsigned char *p = NULL, *end = NULL; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse server key exchange")); #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse server key exchange")); ssl->state++; - return( 0 ); + return 0; } ((void) p); ((void) end); @@ -3108,22 +2993,20 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) - { - if( ( ret = ssl_get_ecdh_params_from_cert( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_ecdh_params_from_cert", ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA) { + if ((ret = ssl_get_ecdh_params_from_cert(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_get_ecdh_params_from_cert", ret); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( ret ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse server key exchange")); ssl->state++; - return( 0 ); + return 0; } ((void) p); ((void) end); @@ -3131,174 +3014,155 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled && - ssl->handshake->ecrs_state == ssl_ecrs_ske_start_processing ) - { + if (ssl->handshake->ecrs_enabled && + ssl->handshake->ecrs_state == ssl_ecrs_ske_start_processing) { goto start_processing; } #endif - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } /* * ServerKeyExchange may be skipped with PSK and RSA-PSK when the server * doesn't use a psk_identity_hint */ - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE ) - { - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { + if (ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE) { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { /* Current message is probably either * CertificateRequest or ServerHelloDone */ ssl->keep_current_message = 1; goto exit; } - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "server key exchange message must not be skipped" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, + ("server key exchange message must not be skipped")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled ) + if (ssl->handshake->ecrs_enabled) { ssl->handshake->ecrs_state = ssl_ecrs_ske_start_processing; + } start_processing: #endif - p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); end = ssl->in_msg + ssl->in_hslen; - MBEDTLS_SSL_DEBUG_BUF( 3, "server key exchange", p, end - p ); + MBEDTLS_SSL_DEBUG_BUF(3, "server key exchange", p, end - p); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { - if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) { + if (ssl_parse_server_psk_hint(ssl, &p, end) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } } /* FALLTHROUGH */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { ; /* nothing more to do */ - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED || MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) - { - if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) { + if (ssl_parse_server_dh_params(ssl, &p, end) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { - if( ssl_parse_server_ecdh_params_psa( ssl, &p, end ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + (defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)) + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA) { + if (ssl_parse_server_ecdh_params_psa(ssl, &p, end) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO && ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { - if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA) { + if (ssl_parse_server_ecdh_params(ssl, &p, end) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { - ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, - p, end - p ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) { + ret = mbedtls_ecjpake_read_round_two(&ssl->handshake->ecjpake_ctx, + p, end - p); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_two", ret); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) ) - { + if (mbedtls_ssl_ciphersuite_uses_server_signature(ciphersuite_info)) { size_t sig_len, hashlen; #if defined(MBEDTLS_USE_PSA_CRYPTO) unsigned char hash[PSA_HASH_MAX_SIZE]; @@ -3307,133 +3171,123 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) #endif mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; - unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); size_t params_len = p - params; void *rs_ctx = NULL; - mbedtls_pk_context * peer_pk; + mbedtls_pk_context *peer_pk; /* * Handle the digitally-signed structure */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - if( ssl_parse_signature_algorithm( ssl, &p, end, - &md_alg, &pk_alg ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "bad server key exchange message" ) ); + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { + if (ssl_parse_signature_algorithm(ssl, &p, end, + &md_alg, &pk_alg) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - if( pk_alg != - mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "bad server key exchange message" ) ); + if (pk_alg != + mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) - { - pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if (ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) { + pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info); /* Default hash for ECDSA is SHA-1 */ - if( pk_alg == MBEDTLS_PK_ECDSA && md_alg == MBEDTLS_MD_NONE ) + if (pk_alg == MBEDTLS_PK_ECDSA && md_alg == MBEDTLS_MD_NONE) { md_alg = MBEDTLS_MD_SHA1; - } - else + } + } else #endif { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* * Read signature */ - if( p > end - 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + if (p > end - 2) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - sig_len = ( p[0] << 8 ) | p[1]; + sig_len = (p[0] << 8) | p[1]; p += 2; - if( p != end - sig_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + if (p != end - sig_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - MBEDTLS_SSL_DEBUG_BUF( 3, "signature", p, sig_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "signature", p, sig_len); /* * Compute the hash that has been signed */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( md_alg == MBEDTLS_MD_NONE ) - { + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if (md_alg == MBEDTLS_MD_NONE) { hashlen = 36; - ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, params, - params_len ); - if( ret != 0 ) - return( ret ); - } - else + ret = mbedtls_ssl_get_key_exchange_md_ssl_tls(ssl, hash, params, + params_len); + if (ret != 0) { + return ret; + } + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( md_alg != MBEDTLS_MD_NONE ) - { - ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen, - params, params_len, - md_alg ); - if( ret != 0 ) - return( ret ); - } - else + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (md_alg != MBEDTLS_MD_NONE) { + ret = mbedtls_ssl_get_key_exchange_md_tls1_2(ssl, hash, &hashlen, + params, params_len, + md_alg); + if (ret != 0) { + return ret; + } + } else #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen ); + MBEDTLS_SSL_DEBUG_BUF(3, "parameters hash", hash, hashlen); #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) peer_pk = &ssl->handshake->peer_pubkey; #else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert == NULL ) - { + if (ssl->session_negotiate->peer_cert == NULL) { /* Should never happen */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } peer_pk = &ssl->session_negotiate->peer_cert->pk; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ @@ -3441,44 +3295,42 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) /* * Verify signature */ - if( !mbedtls_pk_can_do( peer_pk, pk_alg ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + if (!mbedtls_pk_can_do(peer_pk, pk_alg)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled ) + if (ssl->handshake->ecrs_enabled) { rs_ctx = &ssl->handshake->ecrs_ctx.pk; + } #endif /* MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED */ - if( ( ret = mbedtls_pk_verify_restartable( peer_pk, - md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 ) - { + if ((ret = mbedtls_pk_verify_restartable(peer_pk, + md_alg, hash, hashlen, p, sig_len, rs_ctx)) != 0) { #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); - return( MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ); + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_verify", ret); + return MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; } #endif /* MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED */ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR ); - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); - return( ret ); + MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_verify", ret); + return ret; } #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* We don't need the peer's public key anymore. Free it, * so that more RAM is available for upcoming expensive * operations like ECDHE. */ - mbedtls_pk_free( peer_pk ); + mbedtls_pk_free(peer_pk); #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ @@ -3486,33 +3338,32 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) exit: ssl->state++; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse server key exchange")); - return( 0 ); + return 0; } -#if ! defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) +#if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) +static int ssl_parse_certificate_request(mbedtls_ssl_context *ssl) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate request")); - if( ! mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate request")); ssl->state++; - return( 0 ); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #else /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) +static int ssl_parse_certificate_request(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *buf; @@ -3521,39 +3372,35 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate request")); - if( ! mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate request")); ssl->state++; - return( 0 ); + return 0; } - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } ssl->state++; - ssl->client_auth = ( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST ); + ssl->client_auth = (ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "got %s certificate request", - ssl->client_auth ? "a" : "no" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("got %s certificate request", + ssl->client_auth ? "a" : "no")); - if( ssl->client_auth == 0 ) - { + if (ssl->client_auth == 0) { /* Current message is probably the ServerHelloDone */ ssl->keep_current_message = 1; goto exit; @@ -3586,14 +3433,13 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) buf = ssl->in_msg; /* certificate_types */ - if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + if (ssl->in_hslen <= mbedtls_ssl_hs_hdr_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST; } - cert_type_len = buf[mbedtls_ssl_hs_hdr_len( ssl )]; + cert_type_len = buf[mbedtls_ssl_hs_hdr_len(ssl)]; n = cert_type_len; /* @@ -3606,23 +3452,21 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) * therefore the buffer length at this point must be greater than that * regardless of the actual code path. */ - if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + if (ssl->in_hslen <= mbedtls_ssl_hs_hdr_len(ssl) + 2 + n) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST; } /* supported_signature_algorithms */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { size_t sig_alg_len = - ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 ) - | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) ); + ((buf[mbedtls_ssl_hs_hdr_len(ssl) + 1 + n] << 8) + | (buf[mbedtls_ssl_hs_hdr_len(ssl) + 2 + n])); #if defined(MBEDTLS_DEBUG_C) - unsigned char* sig_alg; + unsigned char *sig_alg; size_t i; #endif @@ -3638,24 +3482,22 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) * buf[...hdr_len + 3 + n + sig_alg_len], * which is one less than we need the buf to be. */ - if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) - + 3 + n + sig_alg_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + if (ssl->in_hslen <= mbedtls_ssl_hs_hdr_len(ssl) + + 3 + n + sig_alg_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST; } #if defined(MBEDTLS_DEBUG_C) - sig_alg = buf + mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n; - for( i = 0; i < sig_alg_len; i += 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "Supported Signature Algorithm found: %d,%d", - sig_alg[i], sig_alg[i + 1] ) ); + sig_alg = buf + mbedtls_ssl_hs_hdr_len(ssl) + 3 + n; + for (i = 0; i < sig_alg_len; i += 2) { + MBEDTLS_SSL_DEBUG_MSG(3, + ("Supported Signature Algorithm found: %d,%d", + sig_alg[i], sig_alg[i + 1])); } #endif @@ -3664,67 +3506,64 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ /* certificate_authorities */ - dn_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 ) - | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) ); + dn_len = ((buf[mbedtls_ssl_hs_hdr_len(ssl) + 1 + n] << 8) + | (buf[mbedtls_ssl_hs_hdr_len(ssl) + 2 + n])); n += dn_len; - if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + if (ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + 3 + n) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST; } exit: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate request")); - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl ) +static int ssl_parse_server_hello_done(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello done" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse server hello done")); - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello done message")); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } - if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) || - ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO_DONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE ); + if (ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) || + ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO_DONE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello done message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE; } ssl->state++; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_recv_flight_completed( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_recv_flight_completed(ssl); + } #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello done" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse server hello done")); - return( 0 ); + return 0; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) +static int ssl_write_client_key_exchange(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -3733,52 +3572,47 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write client key exchange")); #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA) { /* * DHM key exchange -- send G^X mod P */ content_len = ssl->handshake->dhm_ctx.len; - MBEDTLS_PUT_UINT16_BE( content_len, ssl->out_msg, 4 ); + MBEDTLS_PUT_UINT16_BE(content_len, ssl->out_msg, 4); header_len = 6; - ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, - (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), - &ssl->out_msg[header_len], content_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); - return( ret ); + ret = mbedtls_dhm_make_public(&ssl->handshake->dhm_ctx, + (int) mbedtls_mpi_size(&ssl->handshake->dhm_ctx.P), + &ssl->out_msg[header_len], content_len, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_make_public", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: X ", &ssl->handshake->dhm_ctx.X); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GX", &ssl->handshake->dhm_ctx.GX); - if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, - ssl->handshake->premaster, - MBEDTLS_PREMASTER_SIZE, - &ssl->handshake->pmslen, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); - return( ret ); + if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx, + ssl->handshake->premaster, + MBEDTLS_PREMASTER_SIZE, + &ssl->handshake->pmslen, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); - } - else + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K); + } else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { + (defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)) + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t destruction_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t key_attributes; @@ -3792,7 +3626,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) header_len = 4; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("Perform PSA-based ECDH computation.")); /* * Generate EC private key for ECDHE exchange. @@ -3806,63 +3640,62 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) * For the time being, we therefore need to split the computation * of the ECDH secret and the application of the TLS 1.2 PRF. */ key_attributes = psa_key_attributes_init(); - psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &key_attributes, PSA_ALG_ECDH ); - psa_set_key_type( &key_attributes, handshake->ecdh_psa_type ); - psa_set_key_bits( &key_attributes, handshake->ecdh_bits ); + psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH); + psa_set_key_type(&key_attributes, handshake->ecdh_psa_type); + psa_set_key_bits(&key_attributes, handshake->ecdh_bits); /* Generate ECDH private key. */ - status = psa_generate_key( &key_attributes, - &handshake->ecdh_psa_privkey ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = psa_generate_key(&key_attributes, + &handshake->ecdh_psa_privkey); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } /* Export the public part of the ECDH private key from PSA * and convert it to ECPoint format used in ClientKeyExchange. */ - status = psa_export_public_key( handshake->ecdh_psa_privkey, - own_pubkey, sizeof( own_pubkey ), - &own_pubkey_len ); - if( status != PSA_SUCCESS ) - { - psa_destroy_key( handshake->ecdh_psa_privkey ); + status = psa_export_public_key(handshake->ecdh_psa_privkey, + own_pubkey, sizeof(own_pubkey), + &own_pubkey_len); + if (status != PSA_SUCCESS) { + psa_destroy_key(handshake->ecdh_psa_privkey); handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - if( mbedtls_psa_tls_psa_ec_to_ecpoint( own_pubkey, - own_pubkey_len, - &own_pubkey_ecpoint, - &own_pubkey_ecpoint_len ) != 0 ) - { - psa_destroy_key( handshake->ecdh_psa_privkey ); + if (mbedtls_psa_tls_psa_ec_to_ecpoint(own_pubkey, + own_pubkey_len, + &own_pubkey_ecpoint, + &own_pubkey_ecpoint_len) != 0) { + psa_destroy_key(handshake->ecdh_psa_privkey); handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } /* Copy ECPoint structure to outgoing message buffer. */ ssl->out_msg[header_len] = (unsigned char) own_pubkey_ecpoint_len; - memcpy( ssl->out_msg + header_len + 1, - own_pubkey_ecpoint, own_pubkey_ecpoint_len ); + memcpy(ssl->out_msg + header_len + 1, + own_pubkey_ecpoint, own_pubkey_ecpoint_len); content_len = own_pubkey_ecpoint_len + 1; /* The ECDH secret is the premaster secret used for key derivation. */ /* Compute ECDH shared secret. */ - status = psa_raw_key_agreement( PSA_ALG_ECDH, - handshake->ecdh_psa_privkey, - handshake->ecdh_psa_peerkey, - handshake->ecdh_psa_peerkey_len, - ssl->handshake->premaster, - sizeof( ssl->handshake->premaster ), - &ssl->handshake->pmslen ); - - destruction_status = psa_destroy_key( handshake->ecdh_psa_privkey ); + status = psa_raw_key_agreement(PSA_ALG_ECDH, + handshake->ecdh_psa_privkey, + handshake->ecdh_psa_peerkey, + handshake->ecdh_psa_peerkey_len, + ssl->handshake->premaster, + sizeof(ssl->handshake->premaster), + &ssl->handshake->pmslen); + + destruction_status = psa_destroy_key(handshake->ecdh_psa_privkey); handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; - if( status != PSA_SUCCESS || destruction_status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - else + if (status != PSA_SUCCESS || destruction_status != PSA_SUCCESS) { + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } + } else #endif /* MBEDTLS_USE_PSA_CRYPTO && ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ @@ -3870,142 +3703,131 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) - { + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA) { /* * ECDH key exchange -- send client public value */ header_len = 4; #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled ) - { - if( ssl->handshake->ecrs_state == ssl_ecrs_cke_ecdh_calc_secret ) + if (ssl->handshake->ecrs_enabled) { + if (ssl->handshake->ecrs_state == ssl_ecrs_cke_ecdh_calc_secret) { goto ecdh_calc_secret; + } - mbedtls_ecdh_enable_restart( &ssl->handshake->ecdh_ctx ); + mbedtls_ecdh_enable_restart(&ssl->handshake->ecdh_ctx); } #endif - ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, - &content_len, - &ssl->out_msg[header_len], 1000, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); + ret = mbedtls_ecdh_make_public(&ssl->handshake->ecdh_ctx, + &content_len, + &ssl->out_msg[header_len], 1000, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_make_public", ret); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; + } #endif - return( ret ); + return ret; } - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Q ); + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Q); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled ) - { + if (ssl->handshake->ecrs_enabled) { ssl->handshake->ecrs_n = content_len; ssl->handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret; } ecdh_calc_secret: - if( ssl->handshake->ecrs_enabled ) + if (ssl->handshake->ecrs_enabled) { content_len = ssl->handshake->ecrs_n; + } #endif - if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, - &ssl->handshake->pmslen, - ssl->handshake->premaster, - MBEDTLS_MPI_MAX_SIZE, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); + if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, + &ssl->handshake->pmslen, + ssl->handshake->premaster, + MBEDTLS_MPI_MAX_SIZE, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_calc_secret", ret); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; + } #endif - return( ret ); + return ret; } - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Z ); - } - else + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Z); + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_psk( ciphersuite_info ) ) - { + if (mbedtls_ssl_ciphersuite_uses_psk(ciphersuite_info)) { /* * opaque psk_identity<0..2^16-1>; */ - if( ssl_conf_has_static_psk( ssl->conf ) == 0 ) - { + if (ssl_conf_has_static_psk(ssl->conf) == 0) { /* We don't offer PSK suites if we don't have a PSK, * and we check that the server's choice is among the * ciphersuites we offered, so this should never happen. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } header_len = 4; content_len = ssl->conf->psk_identity_len; - if( header_len + 2 + content_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "psk identity too long or SSL buffer too short" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (header_len + 2 + content_len > MBEDTLS_SSL_OUT_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("psk identity too long or SSL buffer too short")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } - ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len ); - ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_1(content_len); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_0(content_len); - memcpy( ssl->out_msg + header_len, - ssl->conf->psk_identity, - ssl->conf->psk_identity_len ); + memcpy(ssl->out_msg + header_len, + ssl->conf->psk_identity, + ssl->conf->psk_identity_len); header_len += ssl->conf->psk_identity_len; #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK) { content_len = 0; - } - else + } else #endif #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only suites. */ - if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "opaque PSK not supported with RSA-PSK" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl_conf_has_static_raw_psk(ssl->conf) == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with RSA-PSK")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = ssl_write_encrypted_pms( ssl, header_len, - &content_len, 2 ) ) != 0 ) - return( ret ); - } - else + if ((ret = ssl_write_encrypted_pms(ssl, header_len, + &content_len, 2)) != 0) { + return ret; + } + } else #endif #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) { #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only suites. */ - if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "opaque PSK not supported with DHE-PSK" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl_conf_has_static_raw_psk(ssl->conf) == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with DHE-PSK")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -4014,128 +3836,112 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) */ content_len = ssl->handshake->dhm_ctx.len; - if( header_len + 2 + content_len > - MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "psk identity or DHM size too long or SSL buffer too short" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (header_len + 2 + content_len > + MBEDTLS_SSL_OUT_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("psk identity or DHM size too long or SSL buffer too short")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } - ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len ); - ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len ); - - ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, - (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), - &ssl->out_msg[header_len], content_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); - return( ret ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_1(content_len); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_0(content_len); + + ret = mbedtls_dhm_make_public(&ssl->handshake->dhm_ctx, + (int) mbedtls_mpi_size(&ssl->handshake->dhm_ctx.P), + &ssl->out_msg[header_len], content_len, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_make_public", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) { #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only suites. */ - if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "opaque PSK not supported with ECDHE-PSK" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl_conf_has_static_raw_psk(ssl->conf) == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with ECDHE-PSK")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* * ClientECDiffieHellmanPublic public; */ - ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, - &content_len, - &ssl->out_msg[header_len], - MBEDTLS_SSL_OUT_CONTENT_LEN - header_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); - return( ret ); + ret = mbedtls_ecdh_make_public(&ssl->handshake->ecdh_ctx, + &content_len, + &ssl->out_msg[header_len], + MBEDTLS_SSL_OUT_CONTENT_LEN - header_len, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_make_public", ret); + return ret; } - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Q ); - } - else + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Q); + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && + defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && - ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "skip PMS generation for opaque PSK" ) ); - } - else + ssl_conf_has_static_raw_psk(ssl->conf) == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("skip PMS generation for opaque PSK")); + } else #endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, - "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); + if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, + ciphersuite_info->key_exchange)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, + "mbedtls_ssl_psk_derive_premaster", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) { header_len = 4; - if( ( ret = ssl_write_encrypted_pms( ssl, header_len, - &content_len, 0 ) ) != 0 ) - return( ret ); - } - else + if ((ret = ssl_write_encrypted_pms(ssl, header_len, + &content_len, 0)) != 0) { + return ret; + } + } else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) { header_len = 4; - ret = mbedtls_ecjpake_write_round_two( &ssl->handshake->ecjpake_ctx, - ssl->out_msg + header_len, - MBEDTLS_SSL_OUT_CONTENT_LEN - header_len, - &content_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_write_round_two", ret ); - return( ret ); + ret = mbedtls_ecjpake_write_round_two(&ssl->handshake->ecjpake_ctx, + ssl->out_msg + header_len, + MBEDTLS_SSL_OUT_CONTENT_LEN - header_len, + &content_len, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_write_round_two", ret); + return ret; } - ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, - ssl->handshake->premaster, 32, &ssl->handshake->pmslen, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret ); - return( ret ); + ret = mbedtls_ecjpake_derive_secret(&ssl->handshake->ecjpake_ctx, + ssl->handshake->premaster, 32, &ssl->handshake->pmslen, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_derive_secret", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ { ((void) ciphersuite_info); - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } ssl->out_msglen = header_len + content_len; @@ -4144,46 +3950,43 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write client key exchange")); - return( 0 ); + return 0; } #if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) +static int ssl_write_certificate_verify(mbedtls_ssl_context *ssl) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify")); - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - return( ret ); + if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret); + return ret; } - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate verify")); ssl->state++; - return( 0 ); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) +static int ssl_write_certificate_verify(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = @@ -4195,58 +3998,53 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) size_t hashlen; void *rs_ctx = NULL; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify")); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled && - ssl->handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign ) - { + if (ssl->handshake->ecrs_enabled && + ssl->handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign) { goto sign; } #endif - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - return( ret ); + if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret); + return ret; } - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate verify")); ssl->state++; - return( 0 ); + return 0; } - if( ssl->client_auth == 0 || mbedtls_ssl_own_cert( ssl ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + if (ssl->client_auth == 0 || mbedtls_ssl_own_cert(ssl) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate verify")); ssl->state++; - return( 0 ); + return 0; } - if( mbedtls_ssl_own_key( ssl ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key for certificate" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + if (mbedtls_ssl_own_key(ssl) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no private key for certificate")); + return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED; } /* * Make a signature of the handshake digests */ #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled ) + if (ssl->handshake->ecrs_enabled) { ssl->handshake->ecrs_state = ssl_ecrs_crt_vrfy_sign; + } sign: #endif - ssl->handshake->calc_verify( ssl, hash, &hashlen ); + ssl->handshake->calc_verify(ssl, hash, &hashlen); #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) { /* * digitally-signed struct { * opaque md5_hash[16]; @@ -4264,19 +4062,16 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) /* * For ECDSA, default hash is SHA-1 only */ - if( mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECDSA ) ) - { + if (mbedtls_pk_can_do(mbedtls_ssl_own_key(ssl), MBEDTLS_PK_ECDSA)) { hash_start += 16; hashlen -= 16; md_alg = MBEDTLS_MD_SHA1; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { /* * digitally-signed struct { * opaque handshake_messages[handshake_messages_length]; @@ -4293,48 +4088,45 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) * SHA224 in order to satisfy 'weird' needs from the server * side. */ - if( ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) - { + if (ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384) { md_alg = MBEDTLS_MD_SHA384; ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA384; - } - else - { + } else { md_alg = MBEDTLS_MD_SHA256; ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA256; } - ssl->out_msg[5] = mbedtls_ssl_sig_from_pk( mbedtls_ssl_own_key( ssl ) ); + ssl->out_msg[5] = mbedtls_ssl_sig_from_pk(mbedtls_ssl_own_key(ssl)); /* Info from md_alg will be used instead */ hashlen = 0; offset = 2; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled ) + if (ssl->handshake->ecrs_enabled) { rs_ctx = &ssl->handshake->ecrs_ctx.pk; + } #endif - if( ( ret = mbedtls_pk_sign_restartable( mbedtls_ssl_own_key( ssl ), - md_alg, hash_start, hashlen, - ssl->out_msg + 6 + offset, &n, - ssl->conf->f_rng, ssl->conf->p_rng, rs_ctx ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); + if ((ret = mbedtls_pk_sign_restartable(mbedtls_ssl_own_key(ssl), + md_alg, hash_start, hashlen, + ssl->out_msg + 6 + offset, &n, + ssl->conf->f_rng, ssl->conf->p_rng, rs_ctx)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_sign", ret); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; + } #endif - return( ret ); + return ret; } - MBEDTLS_PUT_UINT16_BE( n, ssl->out_msg, offset + 4 ); + MBEDTLS_PUT_UINT16_BE(n, ssl->out_msg, offset + 4); ssl->out_msglen = 6 + n + offset; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; @@ -4342,21 +4134,20 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write certificate verify")); - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) +static int ssl_parse_new_session_ticket(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t lifetime; @@ -4364,22 +4155,20 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) unsigned char *ticket; const unsigned char *msg; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse new session ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse new session ticket")); - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad new session ticket message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } /* @@ -4392,31 +4181,29 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) * 4 . 5 ticket_len (n) * 6 . 5+n ticket content */ - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET || - ssl->in_hslen < 6 + mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); + if (ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET || + ssl->in_hslen < 6 + mbedtls_ssl_hs_hdr_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad new session ticket message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET; } - msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); - lifetime = ( ((uint32_t) msg[0]) << 24 ) | ( msg[1] << 16 ) | - ( msg[2] << 8 ) | ( msg[3] ); + lifetime = (((uint32_t) msg[0]) << 24) | (msg[1] << 16) | + (msg[2] << 8) | (msg[3]); - ticket_len = ( msg[4] << 8 ) | ( msg[5] ); + ticket_len = (msg[4] << 8) | (msg[5]); - if( ticket_len + 6 + mbedtls_ssl_hs_hdr_len( ssl ) != ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); + if (ticket_len + 6 + mbedtls_ssl_hs_hdr_len(ssl) != ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad new session ticket message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %" MBEDTLS_PRINTF_SIZET, ticket_len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket length: %" MBEDTLS_PRINTF_SIZET, ticket_len)); /* We're not waiting for a NewSessionTicket message any more */ ssl->handshake->new_session_ticket = 0; @@ -4426,33 +4213,32 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) * Zero-length ticket means the server changed his mind and doesn't want * to send a ticket after all, so just forget it */ - if( ticket_len == 0 ) - return( 0 ); + if (ticket_len == 0) { + return 0; + } - if( ssl->session != NULL && ssl->session->ticket != NULL ) - { - mbedtls_platform_zeroize( ssl->session->ticket, - ssl->session->ticket_len ); - mbedtls_free( ssl->session->ticket ); + if (ssl->session != NULL && ssl->session->ticket != NULL) { + mbedtls_platform_zeroize(ssl->session->ticket, + ssl->session->ticket_len); + mbedtls_free(ssl->session->ticket); ssl->session->ticket = NULL; ssl->session->ticket_len = 0; } - mbedtls_platform_zeroize( ssl->session_negotiate->ticket, - ssl->session_negotiate->ticket_len ); - mbedtls_free( ssl->session_negotiate->ticket ); + mbedtls_platform_zeroize(ssl->session_negotiate->ticket, + ssl->session_negotiate->ticket_len); + mbedtls_free(ssl->session_negotiate->ticket); ssl->session_negotiate->ticket = NULL; ssl->session_negotiate->ticket_len = 0; - if( ( ticket = mbedtls_calloc( 1, ticket_len ) ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ticket alloc failed" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if ((ticket = mbedtls_calloc(1, ticket_len)) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("ticket alloc failed")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } - memcpy( ticket, msg + 6, ticket_len ); + memcpy(ticket, msg + 6, ticket_len); ssl->session_negotiate->ticket = ticket; ssl->session_negotiate->ticket_len = ticket_len; @@ -4463,149 +4249,149 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) * "If the client receives a session ticket from the server, then it * discards any Session ID that was sent in the ServerHello." */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket in use, discarding session id" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket in use, discarding session id")); ssl->session_negotiate->id_len = 0; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse new session ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse new session ticket")); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ /* * SSL handshake -- client side -- single step */ -int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_handshake_client_step(mbedtls_ssl_context *ssl) { int ret = 0; - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("client state: %d", ssl->state)); - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + return ret; + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) { + if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + return ret; + } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* Change state now, so that it is right in mbedtls_ssl_read_record(), used * by DTLS for dropping out-of-sequence ChangeCipherSpec records */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC && - ssl->handshake->new_session_ticket != 0 ) - { + if (ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC && + ssl->handshake->new_session_ticket != 0) { ssl->state = MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET; } #endif - switch( ssl->state ) - { + switch (ssl->state) { case MBEDTLS_SSL_HELLO_REQUEST: ssl->state = MBEDTLS_SSL_CLIENT_HELLO; break; - /* - * ==> ClientHello - */ - case MBEDTLS_SSL_CLIENT_HELLO: - ret = ssl_write_client_hello( ssl ); - break; - - /* - * <== ServerHello - * Certificate - * ( ServerKeyExchange ) - * ( CertificateRequest ) - * ServerHelloDone - */ - case MBEDTLS_SSL_SERVER_HELLO: - ret = ssl_parse_server_hello( ssl ); - break; - - case MBEDTLS_SSL_SERVER_CERTIFICATE: - ret = mbedtls_ssl_parse_certificate( ssl ); - break; - - case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: - ret = ssl_parse_server_key_exchange( ssl ); - break; - - case MBEDTLS_SSL_CERTIFICATE_REQUEST: - ret = ssl_parse_certificate_request( ssl ); - break; - - case MBEDTLS_SSL_SERVER_HELLO_DONE: - ret = ssl_parse_server_hello_done( ssl ); - break; - - /* - * ==> ( Certificate/Alert ) - * ClientKeyExchange - * ( CertificateVerify ) - * ChangeCipherSpec - * Finished - */ - case MBEDTLS_SSL_CLIENT_CERTIFICATE: - ret = mbedtls_ssl_write_certificate( ssl ); - break; - - case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: - ret = ssl_write_client_key_exchange( ssl ); - break; - - case MBEDTLS_SSL_CERTIFICATE_VERIFY: - ret = ssl_write_certificate_verify( ssl ); - break; - - case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: - ret = mbedtls_ssl_write_change_cipher_spec( ssl ); - break; - - case MBEDTLS_SSL_CLIENT_FINISHED: - ret = mbedtls_ssl_write_finished( ssl ); - break; - - /* - * <== ( NewSessionTicket ) - * ChangeCipherSpec - * Finished - */ + /* + * ==> ClientHello + */ + case MBEDTLS_SSL_CLIENT_HELLO: + ret = ssl_write_client_hello(ssl); + break; + + /* + * <== ServerHello + * Certificate + * ( ServerKeyExchange ) + * ( CertificateRequest ) + * ServerHelloDone + */ + case MBEDTLS_SSL_SERVER_HELLO: + ret = ssl_parse_server_hello(ssl); + break; + + case MBEDTLS_SSL_SERVER_CERTIFICATE: + ret = mbedtls_ssl_parse_certificate(ssl); + break; + + case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: + ret = ssl_parse_server_key_exchange(ssl); + break; + + case MBEDTLS_SSL_CERTIFICATE_REQUEST: + ret = ssl_parse_certificate_request(ssl); + break; + + case MBEDTLS_SSL_SERVER_HELLO_DONE: + ret = ssl_parse_server_hello_done(ssl); + break; + + /* + * ==> ( Certificate/Alert ) + * ClientKeyExchange + * ( CertificateVerify ) + * ChangeCipherSpec + * Finished + */ + case MBEDTLS_SSL_CLIENT_CERTIFICATE: + ret = mbedtls_ssl_write_certificate(ssl); + break; + + case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: + ret = ssl_write_client_key_exchange(ssl); + break; + + case MBEDTLS_SSL_CERTIFICATE_VERIFY: + ret = ssl_write_certificate_verify(ssl); + break; + + case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: + ret = mbedtls_ssl_write_change_cipher_spec(ssl); + break; + + case MBEDTLS_SSL_CLIENT_FINISHED: + ret = mbedtls_ssl_write_finished(ssl); + break; + + /* + * <== ( NewSessionTicket ) + * ChangeCipherSpec + * Finished + */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) - case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET: - ret = ssl_parse_new_session_ticket( ssl ); - break; + case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET: + ret = ssl_parse_new_session_ticket(ssl); + break; #endif - case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: - ret = mbedtls_ssl_parse_change_cipher_spec( ssl ); - break; + case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: + ret = mbedtls_ssl_parse_change_cipher_spec(ssl); + break; - case MBEDTLS_SSL_SERVER_FINISHED: - ret = mbedtls_ssl_parse_finished( ssl ); - break; + case MBEDTLS_SSL_SERVER_FINISHED: + ret = mbedtls_ssl_parse_finished(ssl); + break; - case MBEDTLS_SSL_FLUSH_BUFFERS: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); - ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; - break; + case MBEDTLS_SSL_FLUSH_BUFFERS: + MBEDTLS_SSL_DEBUG_MSG(2, ("handshake: done")); + ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; + break; - case MBEDTLS_SSL_HANDSHAKE_WRAPUP: - mbedtls_ssl_handshake_wrapup( ssl ); - break; + case MBEDTLS_SSL_HANDSHAKE_WRAPUP: + mbedtls_ssl_handshake_wrapup(ssl); + break; - default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } + default: + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid state %d", ssl->state)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_CLI_C */ diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index f12f28e849f3..1ac9c41760d8 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -60,105 +60,108 @@ * Cookies are formed of a 4-bytes timestamp (or serial number) and * an HMAC of timestamp and client ID. */ -#define COOKIE_LEN ( 4 + COOKIE_HMAC_LEN ) +#define COOKIE_LEN (4 + COOKIE_HMAC_LEN) -void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ) +void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx) { - mbedtls_md_init( &ctx->hmac_ctx ); + mbedtls_md_init(&ctx->hmac_ctx); #if !defined(MBEDTLS_HAVE_TIME) ctx->serial = 0; #endif ctx->timeout = MBEDTLS_SSL_COOKIE_TIMEOUT; #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif } -void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ) +void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay) { ctx->timeout = delay; } -void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ) +void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx) { - mbedtls_md_free( &ctx->hmac_ctx ); + mbedtls_md_free(&ctx->hmac_ctx); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &ctx->mutex ); + mbedtls_mutex_free(&ctx->mutex); #endif - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ssl_cookie_ctx ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ssl_cookie_ctx)); } -int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char key[COOKIE_MD_OUTLEN]; - if( ( ret = f_rng( p_rng, key, sizeof( key ) ) ) != 0 ) - return( ret ); + if ((ret = f_rng(p_rng, key, sizeof(key))) != 0) { + return ret; + } - ret = mbedtls_md_setup( &ctx->hmac_ctx, mbedtls_md_info_from_type( COOKIE_MD ), 1 ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_md_setup(&ctx->hmac_ctx, mbedtls_md_info_from_type(COOKIE_MD), 1); + if (ret != 0) { + return ret; + } - ret = mbedtls_md_hmac_starts( &ctx->hmac_ctx, key, sizeof( key ) ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_md_hmac_starts(&ctx->hmac_ctx, key, sizeof(key)); + if (ret != 0) { + return ret; + } - mbedtls_platform_zeroize( key, sizeof( key ) ); + mbedtls_platform_zeroize(key, sizeof(key)); - return( 0 ); + return 0; } /* * Generate the HMAC part of a cookie */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_cookie_hmac( mbedtls_md_context_t *hmac_ctx, - const unsigned char time[4], - unsigned char **p, unsigned char *end, - const unsigned char *cli_id, size_t cli_id_len ) +static int ssl_cookie_hmac(mbedtls_md_context_t *hmac_ctx, + const unsigned char time[4], + unsigned char **p, unsigned char *end, + const unsigned char *cli_id, size_t cli_id_len) { unsigned char hmac_out[COOKIE_MD_OUTLEN]; - MBEDTLS_SSL_CHK_BUF_PTR( *p, end, COOKIE_HMAC_LEN ); + MBEDTLS_SSL_CHK_BUF_PTR(*p, end, COOKIE_HMAC_LEN); - if( mbedtls_md_hmac_reset( hmac_ctx ) != 0 || - mbedtls_md_hmac_update( hmac_ctx, time, 4 ) != 0 || - mbedtls_md_hmac_update( hmac_ctx, cli_id, cli_id_len ) != 0 || - mbedtls_md_hmac_finish( hmac_ctx, hmac_out ) != 0 ) - { - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (mbedtls_md_hmac_reset(hmac_ctx) != 0 || + mbedtls_md_hmac_update(hmac_ctx, time, 4) != 0 || + mbedtls_md_hmac_update(hmac_ctx, cli_id, cli_id_len) != 0 || + mbedtls_md_hmac_finish(hmac_ctx, hmac_out) != 0) { + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - memcpy( *p, hmac_out, COOKIE_HMAC_LEN ); + memcpy(*p, hmac_out, COOKIE_HMAC_LEN); *p += COOKIE_HMAC_LEN; - return( 0 ); + return 0; } /* * Generate cookie for DTLS ClientHello verification */ -int mbedtls_ssl_cookie_write( void *p_ctx, - unsigned char **p, unsigned char *end, - const unsigned char *cli_id, size_t cli_id_len ) +int mbedtls_ssl_cookie_write(void *p_ctx, + unsigned char **p, unsigned char *end, + const unsigned char *cli_id, size_t cli_id_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx; unsigned long t; - if( ctx == NULL || cli_id == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ctx == NULL || cli_id == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_SSL_CHK_BUF_PTR( *p, end, COOKIE_LEN ); + MBEDTLS_SSL_CHK_BUF_PTR(*p, end, COOKIE_LEN); #if defined(MBEDTLS_HAVE_TIME) - t = (unsigned long) mbedtls_time( NULL ); + t = (unsigned long) mbedtls_time(NULL); #else t = ctx->serial++; #endif @@ -167,28 +170,30 @@ int mbedtls_ssl_cookie_write( void *p_ctx, *p += 4; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret ) ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret); + } #endif - ret = ssl_cookie_hmac( &ctx->hmac_ctx, *p - 4, - p, end, cli_id, cli_id_len ); + ret = ssl_cookie_hmac(&ctx->hmac_ctx, *p - 4, + p, end, cli_id, cli_id_len); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, - MBEDTLS_ERR_THREADING_MUTEX_ERROR ) ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR, + MBEDTLS_ERR_THREADING_MUTEX_ERROR); + } #endif - return( ret ); + return ret; } /* * Check a cookie */ -int mbedtls_ssl_cookie_check( void *p_ctx, - const unsigned char *cookie, size_t cookie_len, - const unsigned char *cli_id, size_t cli_id_len ) +int mbedtls_ssl_cookie_check(void *p_ctx, + const unsigned char *cookie, size_t cookie_len, + const unsigned char *cli_id, size_t cli_id_len) { unsigned char ref_hmac[COOKIE_HMAC_LEN]; int ret = 0; @@ -196,58 +201,60 @@ int mbedtls_ssl_cookie_check( void *p_ctx, mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx; unsigned long cur_time, cookie_time; - if( ctx == NULL || cli_id == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ctx == NULL || cli_id == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( cookie_len != COOKIE_LEN ) - return( -1 ); + if (cookie_len != COOKIE_LEN) { + return -1; + } #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret ) ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret); + } #endif - if( ssl_cookie_hmac( &ctx->hmac_ctx, cookie, - &p, p + sizeof( ref_hmac ), - cli_id, cli_id_len ) != 0 ) + if (ssl_cookie_hmac(&ctx->hmac_ctx, cookie, + &p, p + sizeof(ref_hmac), + cli_id, cli_id_len) != 0) { ret = -1; + } #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, - MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR, + MBEDTLS_ERR_THREADING_MUTEX_ERROR); } #endif - if( ret != 0 ) + if (ret != 0) { goto exit; + } - if( mbedtls_ct_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 ) - { + if (mbedtls_ct_memcmp(cookie + 4, ref_hmac, sizeof(ref_hmac)) != 0) { ret = -1; goto exit; } #if defined(MBEDTLS_HAVE_TIME) - cur_time = (unsigned long) mbedtls_time( NULL ); + cur_time = (unsigned long) mbedtls_time(NULL); #else cur_time = ctx->serial; #endif - cookie_time = ( (unsigned long) cookie[0] << 24 ) | - ( (unsigned long) cookie[1] << 16 ) | - ( (unsigned long) cookie[2] << 8 ) | - ( (unsigned long) cookie[3] ); + cookie_time = ((unsigned long) cookie[0] << 24) | + ((unsigned long) cookie[1] << 16) | + ((unsigned long) cookie[2] << 8) | + ((unsigned long) cookie[3]); - if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout ) - { + if (ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout) { ret = -1; goto exit; } exit: - mbedtls_platform_zeroize( ref_hmac, sizeof( ref_hmac ) ); - return( ret ); + mbedtls_platform_zeroize(ref_hmac, sizeof(ref_hmac)); + return ret; } #endif /* MBEDTLS_SSL_COOKIE_C */ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index d7bebe04d656..a38e76440344 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -52,81 +52,77 @@ #include "mbedtls/oid.h" #endif -static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ); +static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl); /* * Start a timer. * Passing millisecs = 0 cancels a running timer. */ -void mbedtls_ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs ) +void mbedtls_ssl_set_timer(mbedtls_ssl_context *ssl, uint32_t millisecs) { - if( ssl->f_set_timer == NULL ) + if (ssl->f_set_timer == NULL) { return; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "set_timer to %d ms", (int) millisecs ) ); - ssl->f_set_timer( ssl->p_timer, millisecs / 4, millisecs ); + MBEDTLS_SSL_DEBUG_MSG(3, ("set_timer to %d ms", (int) millisecs)); + ssl->f_set_timer(ssl->p_timer, millisecs / 4, millisecs); } /* * Return -1 is timer is expired, 0 if it isn't. */ -int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_check_timer(mbedtls_ssl_context *ssl) { - if( ssl->f_get_timer == NULL ) - return( 0 ); + if (ssl->f_get_timer == NULL) { + return 0; + } - if( ssl->f_get_timer( ssl->p_timer ) == 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "timer expired" ) ); - return( -1 ); + if (ssl->f_get_timer(ssl->p_timer) == 2) { + MBEDTLS_SSL_DEBUG_MSG(3, ("timer expired")); + return -1; } - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_RECORD_CHECKING) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, - unsigned char *buf, - size_t len, - mbedtls_record *rec ); - -int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, - unsigned char *buf, - size_t buflen ) +static int ssl_parse_record_header(mbedtls_ssl_context const *ssl, + unsigned char *buf, + size_t len, + mbedtls_record *rec); + +int mbedtls_ssl_check_record(mbedtls_ssl_context const *ssl, + unsigned char *buf, + size_t buflen) { int ret = 0; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "=> mbedtls_ssl_check_record" ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "record buffer", buf, buflen ); + MBEDTLS_SSL_DEBUG_MSG(1, ("=> mbedtls_ssl_check_record")); + MBEDTLS_SSL_DEBUG_BUF(3, "record buffer", buf, buflen); /* We don't support record checking in TLS because * (a) there doesn't seem to be a usecase for it, and * (b) In SSLv3 and TLS 1.0, CBC record decryption has state * and we'd need to backup the transform here. */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM) { ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; goto exit; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - else - { + else { mbedtls_record rec; - ret = ssl_parse_record_header( ssl, buf, buflen, &rec ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 3, "ssl_parse_record_header", ret ); + ret = ssl_parse_record_header(ssl, buf, buflen, &rec); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(3, "ssl_parse_record_header", ret); goto exit; } - if( ssl->transform_in != NULL ) - { - ret = mbedtls_ssl_decrypt_buf( ssl, ssl->transform_in, &rec ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 3, "mbedtls_ssl_decrypt_buf", ret ); + if (ssl->transform_in != NULL) { + ret = mbedtls_ssl_decrypt_buf(ssl, ssl->transform_in, &rec); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(3, "mbedtls_ssl_decrypt_buf", ret); goto exit; } } @@ -136,18 +132,17 @@ int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, exit: /* On success, we have decrypted the buffer in-place, so make * sure we don't leak any plaintext data. */ - mbedtls_platform_zeroize( buf, buflen ); + mbedtls_platform_zeroize(buf, buflen); /* For the purpose of this API, treat messages with unexpected CID * as well as such from future epochs as unexpected. */ - if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID || - ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) - { + if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID || + ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE) { ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "<= mbedtls_ssl_check_record" ) ); - return( ret ); + MBEDTLS_SSL_DEBUG_MSG(1, ("<= mbedtls_ssl_check_record")); + return ret; } #endif /* MBEDTLS_SSL_RECORD_CHECKING */ @@ -157,65 +152,66 @@ int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, #if defined(MBEDTLS_SSL_PROTO_DTLS) /* Forward declarations for functions related to message buffering. */ -static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, - uint8_t slot ); -static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ); +static void ssl_buffering_free_slot(mbedtls_ssl_context *ssl, + uint8_t slot); +static void ssl_free_buffered_record(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ); +static int ssl_load_buffered_message(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ); +static int ssl_load_buffered_record(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_buffer_message( mbedtls_ssl_context *ssl ); +static int ssl_buffer_message(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_buffer_future_record( mbedtls_ssl_context *ssl, - mbedtls_record const *rec ); +static int ssl_buffer_future_record(mbedtls_ssl_context *ssl, + mbedtls_record const *rec); MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ); +static int ssl_next_record_is_in_datagram(mbedtls_ssl_context *ssl); -static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl ) +static size_t ssl_get_maximum_datagram_size(mbedtls_ssl_context const *ssl) { - size_t mtu = mbedtls_ssl_get_current_mtu( ssl ); + size_t mtu = mbedtls_ssl_get_current_mtu(ssl); #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) size_t out_buf_len = ssl->out_buf_len; #else size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN; #endif - if( mtu != 0 && mtu < out_buf_len ) - return( mtu ); + if (mtu != 0 && mtu < out_buf_len) { + return mtu; + } - return( out_buf_len ); + return out_buf_len; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl ) +static int ssl_get_remaining_space_in_datagram(mbedtls_ssl_context const *ssl) { size_t const bytes_written = ssl->out_left; - size_t const mtu = ssl_get_maximum_datagram_size( ssl ); + size_t const mtu = ssl_get_maximum_datagram_size(ssl); /* Double-check that the write-index hasn't gone * past what we can transmit in a single datagram. */ - if( bytes_written > mtu ) - { + if (bytes_written > mtu) { /* Should never happen... */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - return( (int) ( mtu - bytes_written ) ); + return (int) (mtu - bytes_written); } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl ) +static int ssl_get_remaining_payload_in_datagram(mbedtls_ssl_context const *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t remaining, expansion; size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - const size_t mfl = mbedtls_ssl_get_output_max_frag_len( ssl ); + const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl); - if( max_len > mfl ) + if (max_len > mfl) { max_len = mfl; + } /* By the standard (RFC 6066 Sect. 4), the MFL extension * only limits the maximum record payload size, so in theory @@ -226,30 +222,35 @@ static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl * The following reduction of max_len makes sure that we never * write datagrams larger than MFL + Record Expansion Overhead. */ - if( max_len <= ssl->out_left ) - return( 0 ); + if (max_len <= ssl->out_left) { + return 0; + } max_len -= ssl->out_left; #endif - ret = ssl_get_remaining_space_in_datagram( ssl ); - if( ret < 0 ) - return( ret ); + ret = ssl_get_remaining_space_in_datagram(ssl); + if (ret < 0) { + return ret; + } remaining = (size_t) ret; - ret = mbedtls_ssl_get_record_expansion( ssl ); - if( ret < 0 ) - return( ret ); + ret = mbedtls_ssl_get_record_expansion(ssl); + if (ret < 0) { + return ret; + } expansion = (size_t) ret; - if( remaining <= expansion ) - return( 0 ); + if (remaining <= expansion) { + return 0; + } remaining -= expansion; - if( remaining >= max_len ) + if (remaining >= max_len) { remaining = max_len; + } - return( (int) remaining ); + return (int) remaining; } /* @@ -257,12 +258,13 @@ static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl * returning -1 if the maximum value has already been reached. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl ) +static int ssl_double_retransmit_timeout(mbedtls_ssl_context *ssl) { uint32_t new_timeout; - if( ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max ) - return( -1 ); + if (ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max) { + return -1; + } /* Implement the final paragraph of RFC 6347 section 4.1.1.1 * in the following way: after the initial transmission and a first @@ -270,49 +272,47 @@ static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl ) * This value is guaranteed to be deliverable (if not guaranteed to be * delivered) of any compliant IPv4 (and IPv6) network, and should work * on most non-IP stacks too. */ - if( ssl->handshake->retransmit_timeout != ssl->conf->hs_timeout_min ) - { + if (ssl->handshake->retransmit_timeout != ssl->conf->hs_timeout_min) { ssl->handshake->mtu = 508; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "mtu autoreduction to %d bytes", ssl->handshake->mtu ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("mtu autoreduction to %d bytes", ssl->handshake->mtu)); } new_timeout = 2 * ssl->handshake->retransmit_timeout; /* Avoid arithmetic overflow and range overflow */ - if( new_timeout < ssl->handshake->retransmit_timeout || - new_timeout > ssl->conf->hs_timeout_max ) - { + if (new_timeout < ssl->handshake->retransmit_timeout || + new_timeout > ssl->conf->hs_timeout_max) { new_timeout = ssl->conf->hs_timeout_max; } ssl->handshake->retransmit_timeout = new_timeout; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %lu millisecs", - (unsigned long) ssl->handshake->retransmit_timeout ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("update timeout value to %lu millisecs", + (unsigned long) ssl->handshake->retransmit_timeout)); - return( 0 ); + return 0; } -static void ssl_reset_retransmit_timeout( mbedtls_ssl_context *ssl ) +static void ssl_reset_retransmit_timeout(mbedtls_ssl_context *ssl) { ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %lu millisecs", - (unsigned long) ssl->handshake->retransmit_timeout ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("update timeout value to %lu millisecs", + (unsigned long) ssl->handshake->retransmit_timeout)); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) -int (*mbedtls_ssl_hw_record_init)( mbedtls_ssl_context *ssl, - const unsigned char *key_enc, const unsigned char *key_dec, - size_t keylen, - const unsigned char *iv_enc, const unsigned char *iv_dec, - size_t ivlen, - const unsigned char *mac_enc, const unsigned char *mac_dec, - size_t maclen ) = NULL; -int (*mbedtls_ssl_hw_record_activate)( mbedtls_ssl_context *ssl, int direction) = NULL; -int (*mbedtls_ssl_hw_record_reset)( mbedtls_ssl_context *ssl ) = NULL; -int (*mbedtls_ssl_hw_record_write)( mbedtls_ssl_context *ssl ) = NULL; -int (*mbedtls_ssl_hw_record_read)( mbedtls_ssl_context *ssl ) = NULL; -int (*mbedtls_ssl_hw_record_finish)( mbedtls_ssl_context *ssl ) = NULL; +int (*mbedtls_ssl_hw_record_init)(mbedtls_ssl_context *ssl, + const unsigned char *key_enc, const unsigned char *key_dec, + size_t keylen, + const unsigned char *iv_enc, const unsigned char *iv_dec, + size_t ivlen, + const unsigned char *mac_enc, const unsigned char *mac_dec, + size_t maclen) = NULL; +int (*mbedtls_ssl_hw_record_activate)(mbedtls_ssl_context *ssl, int direction) = NULL; +int (*mbedtls_ssl_hw_record_reset)(mbedtls_ssl_context *ssl) = NULL; +int (*mbedtls_ssl_hw_record_write)(mbedtls_ssl_context *ssl) = NULL; +int (*mbedtls_ssl_hw_record_read)(mbedtls_ssl_context *ssl) = NULL; +int (*mbedtls_ssl_hw_record_finish)(mbedtls_ssl_context *ssl) = NULL; #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ /* @@ -322,10 +322,10 @@ int (*mbedtls_ssl_hw_record_finish)( mbedtls_ssl_context *ssl ) = NULL; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) || \ defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) -static size_t ssl_compute_padding_length( size_t len, - size_t granularity ) +static size_t ssl_compute_padding_length(size_t len, + size_t granularity) { - return( ( granularity - ( len + 1 ) % granularity ) % granularity ); + return (granularity - (len + 1) % granularity) % granularity; } /* This functions transforms a (D)TLS plaintext fragment and a record content @@ -357,62 +357,64 @@ static size_t ssl_compute_padding_length( size_t len, * for the expansion. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_build_inner_plaintext( unsigned char *content, - size_t *content_size, - size_t remaining, - uint8_t rec_type, - size_t pad ) +static int ssl_build_inner_plaintext(unsigned char *content, + size_t *content_size, + size_t remaining, + uint8_t rec_type, + size_t pad) { size_t len = *content_size; /* Write real content type */ - if( remaining == 0 ) - return( -1 ); - content[ len ] = rec_type; + if (remaining == 0) { + return -1; + } + content[len] = rec_type; len++; remaining--; - if( remaining < pad ) - return( -1 ); - memset( content + len, 0, pad ); + if (remaining < pad) { + return -1; + } + memset(content + len, 0, pad); len += pad; remaining -= pad; *content_size = len; - return( 0 ); + return 0; } /* This function parses a (D)TLSInnerPlaintext structure. * See ssl_build_inner_plaintext() for details. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_inner_plaintext( unsigned char const *content, - size_t *content_size, - uint8_t *rec_type ) +static int ssl_parse_inner_plaintext(unsigned char const *content, + size_t *content_size, + uint8_t *rec_type) { size_t remaining = *content_size; /* Determine length of padding by skipping zeroes from the back. */ - do - { - if( remaining == 0 ) - return( -1 ); + do { + if (remaining == 0) { + return -1; + } remaining--; - } while( content[ remaining ] == 0 ); + } while (content[remaining] == 0); *content_size = remaining; - *rec_type = content[ remaining ]; + *rec_type = content[remaining]; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID || MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ /* `add_data` must have size 13 Bytes if the CID extension is disabled, * and 13 + 1 + CID-length Bytes if the CID extension is enabled. */ -static void ssl_extract_add_data_from_record( unsigned char* add_data, - size_t *add_data_len, - mbedtls_record *rec, - unsigned minor_ver ) +static void ssl_extract_add_data_from_record(unsigned char *add_data, + size_t *add_data_len, + mbedtls_record *rec, + unsigned minor_ver) { /* Quoting RFC 5246 (TLS 1.2): * @@ -437,38 +439,36 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, int is_tls13 = 0; #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) { is_tls13 = 1; + } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ - if( !is_tls13 ) - { + if (!is_tls13) { ((void) minor_ver); - memcpy( cur, rec->ctr, sizeof( rec->ctr ) ); - cur += sizeof( rec->ctr ); + memcpy(cur, rec->ctr, sizeof(rec->ctr)); + cur += sizeof(rec->ctr); } *cur = rec->type; cur++; - memcpy( cur, rec->ver, sizeof( rec->ver ) ); - cur += sizeof( rec->ver ); + memcpy(cur, rec->ver, sizeof(rec->ver)); + cur += sizeof(rec->ver); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( rec->cid_len != 0 ) - { - memcpy( cur, rec->cid, rec->cid_len ); + if (rec->cid_len != 0) { + memcpy(cur, rec->cid, rec->cid_len); cur += rec->cid_len; *cur = rec->cid_len; cur++; - MBEDTLS_PUT_UINT16_BE( rec->data_len, cur, 0 ); + MBEDTLS_PUT_UINT16_BE(rec->data_len, cur, 0); cur += 2; - } - else + } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - MBEDTLS_PUT_UINT16_BE( rec->data_len, cur, 0 ); + MBEDTLS_PUT_UINT16_BE(rec->data_len, cur, 0); cur += 2; } @@ -483,67 +483,79 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, * SSLv3.0 MAC functions */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_mac( mbedtls_md_context_t *md_ctx, - const unsigned char *secret, - const unsigned char *buf, size_t len, - const unsigned char *ctr, int type, - unsigned char out[SSL3_MAC_MAX_BYTES] ) +static int ssl_mac(mbedtls_md_context_t *md_ctx, + const unsigned char *secret, + const unsigned char *buf, size_t len, + const unsigned char *ctr, int type, + unsigned char out[SSL3_MAC_MAX_BYTES]) { unsigned char header[11]; unsigned char padding[48]; int padlen; - int md_size = mbedtls_md_get_size( md_ctx->md_info ); - int md_type = mbedtls_md_get_type( md_ctx->md_info ); + int md_size = mbedtls_md_get_size(md_ctx->md_info); + int md_type = mbedtls_md_get_type(md_ctx->md_info); int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Only MD5 and SHA-1 supported */ - if( md_type == MBEDTLS_MD_MD5 ) + if (md_type == MBEDTLS_MD_MD5) { padlen = 48; - else + } else { padlen = 40; + } - memcpy( header, ctr, 8 ); + memcpy(header, ctr, 8); header[8] = (unsigned char) type; - MBEDTLS_PUT_UINT16_BE( len, header, 9); - - memset( padding, 0x36, padlen ); - ret = mbedtls_md_starts( md_ctx ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, secret, md_size ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, padding, padlen ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, header, 11 ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, buf, len ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_finish( md_ctx, out ); - if( ret != 0 ) - return( ret ); - - memset( padding, 0x5C, padlen ); - ret = mbedtls_md_starts( md_ctx ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, secret, md_size ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, padding, padlen ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, out, md_size ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_finish( md_ctx, out ); - if( ret != 0 ) - return( ret ); - - return( 0 ); + MBEDTLS_PUT_UINT16_BE(len, header, 9); + + memset(padding, 0x36, padlen); + ret = mbedtls_md_starts(md_ctx); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, secret, md_size); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, padding, padlen); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, header, 11); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, buf, len); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_finish(md_ctx, out); + if (ret != 0) { + return ret; + } + + memset(padding, 0x5C, padlen); + ret = mbedtls_md_starts(md_ctx); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, secret, md_size); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, padding, padlen); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, out, md_size); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_finish(md_ctx, out); + if (ret != 0) { + return ret; + } + + return 0; } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ @@ -552,9 +564,9 @@ static int ssl_mac( mbedtls_md_context_t *md_ctx, defined(MBEDTLS_CHACHAPOLY_C) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_transform_aead_dynamic_iv_is_explicit( - mbedtls_ssl_transform const *transform ) + mbedtls_ssl_transform const *transform) { - return( transform->ivlen != transform->fixed_ivlen ); + return transform->ivlen != transform->fixed_ivlen; } /* Compute IV := ( fixed_iv || 0 ) XOR ( 0 || dynamic_IV ) @@ -580,35 +592,36 @@ static int ssl_transform_aead_dynamic_iv_is_explicit( * which has to be ensured by the caller. If this precondition * violated, the behavior of this function is undefined. */ -static void ssl_build_record_nonce( unsigned char *dst_iv, - size_t dst_iv_len, - unsigned char const *fixed_iv, - size_t fixed_iv_len, - unsigned char const *dynamic_iv, - size_t dynamic_iv_len ) +static void ssl_build_record_nonce(unsigned char *dst_iv, + size_t dst_iv_len, + unsigned char const *fixed_iv, + size_t fixed_iv_len, + unsigned char const *dynamic_iv, + size_t dynamic_iv_len) { size_t i; /* Start with Fixed IV || 0 */ - memset( dst_iv, 0, dst_iv_len ); - memcpy( dst_iv, fixed_iv, fixed_iv_len ); + memset(dst_iv, 0, dst_iv_len); + memcpy(dst_iv, fixed_iv, fixed_iv_len); dst_iv += dst_iv_len - dynamic_iv_len; - for( i = 0; i < dynamic_iv_len; i++ ) + for (i = 0; i < dynamic_iv_len; i++) { dst_iv[i] ^= dynamic_iv[i]; + } } #endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ -int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, - mbedtls_ssl_transform *transform, - mbedtls_record *rec, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform, + mbedtls_record *rec, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { mbedtls_cipher_mode_t mode; int auth_done = 0; - unsigned char * data; - unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_OUT_LEN_MAX ]; + unsigned char *data; + unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_OUT_LEN_MAX]; size_t add_data_len; size_t post_avail; @@ -620,46 +633,43 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, /* The PRNG is used for dynamic IV generation that's used * for CBC transformations in TLS 1.1 and TLS 1.2. */ -#if !( defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \ - ( defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) ) ) +#if !(defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \ + (defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2))) ((void) f_rng); ((void) p_rng); #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> encrypt buf")); - if( transform == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no transform provided to encrypt_buf" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (transform == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("no transform provided to encrypt_buf")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - if( rec == NULL + if (rec == NULL || rec->buf == NULL || rec->buf_len < rec->data_offset || rec->buf_len - rec->data_offset < rec->data_len #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) || rec->cid_len != 0 #endif - ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad record structure provided to encrypt_buf" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + ) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad record structure provided to encrypt_buf")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } data = rec->buf + rec->data_offset; - post_avail = rec->buf_len - ( rec->data_len + rec->data_offset ); - MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload", - data, rec->data_len ); + post_avail = rec->buf_len - (rec->data_len + rec->data_offset); + MBEDTLS_SSL_DEBUG_BUF(4, "before encrypt: output payload", + data, rec->data_len); - mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ); + mode = mbedtls_cipher_get_cipher_mode(&transform->cipher_ctx_enc); - if( rec->data_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record content %" MBEDTLS_PRINTF_SIZET - " too large, maximum %" MBEDTLS_PRINTF_SIZET, - rec->data_len, - (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (rec->data_len > MBEDTLS_SSL_OUT_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Record content %" MBEDTLS_PRINTF_SIZET + " too large, maximum %" MBEDTLS_PRINTF_SIZET, + rec->data_len, + (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* The following two code paths implement the (D)TLSInnerPlaintext @@ -675,18 +685,16 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * is hence no risk of double-addition of the inner plaintext. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) { size_t padding = - ssl_compute_padding_length( rec->data_len, - MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY ); - if( ssl_build_inner_plaintext( data, - &rec->data_len, - post_avail, - rec->type, - padding ) != 0 ) - { - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + ssl_compute_padding_length(rec->data_len, + MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY); + if (ssl_build_inner_plaintext(data, + &rec->data_len, + post_avail, + rec->type, + padding) != 0) { + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } rec->type = MBEDTLS_SSL_MSG_APPLICATION_DATA; @@ -698,14 +706,13 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * Add CID information */ rec->cid_len = transform->out_cid_len; - memcpy( rec->cid, transform->out_cid, transform->out_cid_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "CID", rec->cid, rec->cid_len ); + memcpy(rec->cid, transform->out_cid, transform->out_cid_len); + MBEDTLS_SSL_DEBUG_BUF(3, "CID", rec->cid, rec->cid_len); - if( rec->cid_len != 0 ) - { + if (rec->cid_len != 0) { size_t padding = - ssl_compute_padding_length( rec->data_len, - MBEDTLS_SSL_CID_PADDING_GRANULARITY ); + ssl_compute_padding_length(rec->data_len, + MBEDTLS_SSL_CID_PADDING_GRANULARITY); /* * Wrap plaintext into DTLSInnerPlaintext structure. * See ssl_build_inner_plaintext() for more information. @@ -713,100 +720,96 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * Note that this changes `rec->data_len`, and hence * `post_avail` needs to be recalculated afterwards. */ - if( ssl_build_inner_plaintext( data, - &rec->data_len, - post_avail, - rec->type, - padding ) != 0 ) - { - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (ssl_build_inner_plaintext(data, + &rec->data_len, + post_avail, + rec->type, + padding) != 0) { + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } rec->type = MBEDTLS_SSL_MSG_CID; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - post_avail = rec->buf_len - ( rec->data_len + rec->data_offset ); + post_avail = rec->buf_len - (rec->data_len + rec->data_offset); /* * Add MAC before if needed */ #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - if( mode == MBEDTLS_MODE_STREAM || - ( mode == MBEDTLS_MODE_CBC + if (mode == MBEDTLS_MODE_STREAM || + (mode == MBEDTLS_MODE_CBC #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - && transform->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED + && transform->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED #endif - ) ) - { - if( post_avail < transform->maclen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + )) { + if (post_avail < transform->maclen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { unsigned char mac[SSL3_MAC_MAX_BYTES]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ret = ssl_mac( &transform->md_ctx_enc, transform->mac_enc, - data, rec->data_len, rec->ctr, rec->type, mac ); - if( ret == 0 ) - memcpy( data + rec->data_len, mac, transform->maclen ); - mbedtls_platform_zeroize( mac, transform->maclen ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_mac", ret ); - return( ret ); + ret = ssl_mac(&transform->md_ctx_enc, transform->mac_enc, + data, rec->data_len, rec->ctr, rec->type, mac); + if (ret == 0) { + memcpy(data + rec->data_len, mac, transform->maclen); } - } - else + mbedtls_platform_zeroize(mac, transform->maclen); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_mac", ret); + return ret; + } + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) - { + if (transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1) { unsigned char mac[MBEDTLS_SSL_MAC_ADD]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + ssl_extract_add_data_from_record(add_data, &add_data_len, rec, + transform->minor_ver); - ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, - add_data, add_data_len ); - if( ret != 0 ) + ret = mbedtls_md_hmac_update(&transform->md_ctx_enc, + add_data, add_data_len); + if (ret != 0) { goto hmac_failed_etm_disabled; - ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, - data, rec->data_len ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&transform->md_ctx_enc, + data, rec->data_len); + if (ret != 0) { goto hmac_failed_etm_disabled; - ret = mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&transform->md_ctx_enc, mac); + if (ret != 0) { goto hmac_failed_etm_disabled; - ret = mbedtls_md_hmac_reset( &transform->md_ctx_enc ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_reset(&transform->md_ctx_enc); + if (ret != 0) { goto hmac_failed_etm_disabled; + } - memcpy( data + rec->data_len, mac, transform->maclen ); + memcpy(data + rec->data_len, mac, transform->maclen); - hmac_failed_etm_disabled: - mbedtls_platform_zeroize( mac, transform->maclen ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_hmac_xxx", ret ); - return( ret ); +hmac_failed_etm_disabled: + mbedtls_platform_zeroize(mac, transform->maclen); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_hmac_xxx", ret); + return ret; } - } - else + } else #endif { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_BUF( 4, "computed mac", data + rec->data_len, - transform->maclen ); + MBEDTLS_SSL_DEBUG_BUF(4, "computed mac", data + rec->data_len, + transform->maclen); rec->data_len += transform->maclen; post_avail -= transform->maclen; @@ -818,51 +821,45 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * Encrypt */ #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) - if( mode == MBEDTLS_MODE_STREAM ) - { + if (mode == MBEDTLS_MODE_STREAM) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " - "including %d bytes of padding", - rec->data_len, 0 ) ); - - if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc, - transform->iv_enc, transform->ivlen, - data, rec->data_len, - data, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_MSG(3, ("before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " + "including %d bytes of padding", + rec->data_len, 0)); + + if ((ret = mbedtls_cipher_crypt(&transform->cipher_ctx_enc, + transform->iv_enc, transform->ivlen, + data, rec->data_len, + data, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_crypt", ret); + return ret; } - if( rec->data_len != olen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (rec->data_len != olen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - } - else + } else #endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */ #if defined(MBEDTLS_GCM_C) || \ defined(MBEDTLS_CCM_C) || \ defined(MBEDTLS_CHACHAPOLY_C) - if( mode == MBEDTLS_MODE_GCM || + if (mode == MBEDTLS_MODE_GCM || mode == MBEDTLS_MODE_CCM || - mode == MBEDTLS_MODE_CHACHAPOLY ) - { + mode == MBEDTLS_MODE_CHACHAPOLY) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char iv[12]; unsigned char *dynamic_iv; size_t dynamic_iv_len; int dynamic_iv_is_explicit = - ssl_transform_aead_dynamic_iv_is_explicit( transform ); + ssl_transform_aead_dynamic_iv_is_explicit(transform); /* Check that there's space for the authentication tag. */ - if( post_avail < transform->taglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (post_avail < transform->taglen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } /* @@ -878,95 +875,91 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * record sequence number here in all cases. */ dynamic_iv = rec->ctr; - dynamic_iv_len = sizeof( rec->ctr ); + dynamic_iv_len = sizeof(rec->ctr); - ssl_build_record_nonce( iv, sizeof( iv ), - transform->iv_enc, - transform->fixed_ivlen, - dynamic_iv, - dynamic_iv_len ); + ssl_build_record_nonce(iv, sizeof(iv), + transform->iv_enc, + transform->fixed_ivlen, + dynamic_iv, + dynamic_iv_len); /* * Build additional data for AEAD encryption. * This depends on the TLS version. */ - ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); - - MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (internal)", - iv, transform->ivlen ); - MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (transmitted)", - dynamic_iv, - dynamic_iv_is_explicit ? dynamic_iv_len : 0 ); - MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD", - add_data, add_data_len ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " - "including 0 bytes of padding", - rec->data_len ) ); + ssl_extract_add_data_from_record(add_data, &add_data_len, rec, + transform->minor_ver); + + MBEDTLS_SSL_DEBUG_BUF(4, "IV used (internal)", + iv, transform->ivlen); + MBEDTLS_SSL_DEBUG_BUF(4, "IV used (transmitted)", + dynamic_iv, + dynamic_iv_is_explicit ? dynamic_iv_len : 0); + MBEDTLS_SSL_DEBUG_BUF(4, "additional data used for AEAD", + add_data, add_data_len); + MBEDTLS_SSL_DEBUG_MSG(3, ("before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " + "including 0 bytes of padding", + rec->data_len)); /* * Encrypt and authenticate */ - if( ( ret = mbedtls_cipher_auth_encrypt_ext( &transform->cipher_ctx_enc, - iv, transform->ivlen, - add_data, add_data_len, - data, rec->data_len, /* src */ - data, rec->buf_len - (data - rec->buf), /* dst */ - &rec->data_len, - transform->taglen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret ); - return( ret ); - } - MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag", - data + rec->data_len - transform->taglen, - transform->taglen ); + if ((ret = mbedtls_cipher_auth_encrypt_ext(&transform->cipher_ctx_enc, + iv, transform->ivlen, + add_data, add_data_len, + data, rec->data_len, /* src */ + data, rec->buf_len - (data - rec->buf), /* dst */ + &rec->data_len, + transform->taglen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_auth_encrypt", ret); + return ret; + } + MBEDTLS_SSL_DEBUG_BUF(4, "after encrypt: tag", + data + rec->data_len - transform->taglen, + transform->taglen); /* Account for authentication tag. */ post_avail -= transform->taglen; /* * Prefix record content with dynamic IV in case it is explicit. */ - if( dynamic_iv_is_explicit != 0 ) - { - if( rec->data_offset < dynamic_iv_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (dynamic_iv_is_explicit != 0) { + if (rec->data_offset < dynamic_iv_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } - memcpy( data - dynamic_iv_len, dynamic_iv, dynamic_iv_len ); + memcpy(data - dynamic_iv_len, dynamic_iv, dynamic_iv_len); rec->data_offset -= dynamic_iv_len; rec->data_len += dynamic_iv_len; } auth_done++; - } - else + } else #endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) - if( mode == MBEDTLS_MODE_CBC ) - { + if (mode == MBEDTLS_MODE_CBC) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t padlen, i; size_t olen; /* Currently we're always using minimal padding * (up to 255 bytes would be allowed). */ - padlen = transform->ivlen - ( rec->data_len + 1 ) % transform->ivlen; - if( padlen == transform->ivlen ) + padlen = transform->ivlen - (rec->data_len + 1) % transform->ivlen; + if (padlen == transform->ivlen) { padlen = 0; + } /* Check there's enough space in the buffer for the padding. */ - if( post_avail < padlen + 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (post_avail < padlen + 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } - for( i = 0; i <= padlen; i++ ) + for (i = 0; i <= padlen; i++) { data[rec->data_len + i] = (unsigned char) padlen; + } rec->data_len += padlen + 1; post_avail -= padlen + 1; @@ -976,65 +969,60 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * Prepend per-record IV for block cipher in TLS v1.1 and up as per * Method 1 (6.2.3.2. in RFC4346 and RFC5246) */ - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { - if( f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "No PRNG provided to encrypt_record routine" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2) { + if (f_rng == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("No PRNG provided to encrypt_record routine")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - if( rec->data_offset < transform->ivlen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (rec->data_offset < transform->ivlen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } /* * Generate IV */ - ret = f_rng( p_rng, transform->iv_enc, transform->ivlen ); - if( ret != 0 ) - return( ret ); + ret = f_rng(p_rng, transform->iv_enc, transform->ivlen); + if (ret != 0) { + return ret; + } - memcpy( data - transform->ivlen, transform->iv_enc, - transform->ivlen ); + memcpy(data - transform->ivlen, transform->iv_enc, + transform->ivlen); } #endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " - "including %" MBEDTLS_PRINTF_SIZET - " bytes of IV and %" MBEDTLS_PRINTF_SIZET " bytes of padding", - rec->data_len, transform->ivlen, - padlen + 1 ) ); - - if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc, - transform->iv_enc, - transform->ivlen, - data, rec->data_len, - data, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_MSG(3, ("before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " + "including %" + MBEDTLS_PRINTF_SIZET + " bytes of IV and %" MBEDTLS_PRINTF_SIZET " bytes of padding", + rec->data_len, transform->ivlen, + padlen + 1)); + + if ((ret = mbedtls_cipher_crypt(&transform->cipher_ctx_enc, + transform->iv_enc, + transform->ivlen, + data, rec->data_len, + data, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_crypt", ret); + return ret; } - if( rec->data_len != olen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (rec->data_len != olen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) - if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) - { + if (transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2) { /* * Save IV in SSL3 and TLS1 */ - memcpy( transform->iv_enc, transform->cipher_ctx_enc.iv, - transform->ivlen ); - } - else + memcpy(transform->iv_enc, transform->cipher_ctx_enc.iv, + transform->ivlen); + } else #endif { data -= transform->ivlen; @@ -1043,8 +1031,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( auth_done == 0 ) - { + if (auth_done == 0) { unsigned char mac[MBEDTLS_SSL_MAC_ADD]; /* @@ -1056,72 +1043,72 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * ENC(content + padding + padding_length)); */ - if( post_avail < transform->maclen) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (post_avail < transform->maclen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } - ssl_extract_add_data_from_record( add_data, &add_data_len, - rec, transform->minor_ver ); + ssl_extract_add_data_from_record(add_data, &add_data_len, + rec, transform->minor_ver); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); - MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data, - add_data_len ); + MBEDTLS_SSL_DEBUG_MSG(3, ("using encrypt then mac")); + MBEDTLS_SSL_DEBUG_BUF(4, "MAC'd meta-data", add_data, + add_data_len); - ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data, - add_data_len ); - if( ret != 0 ) + ret = mbedtls_md_hmac_update(&transform->md_ctx_enc, add_data, + add_data_len); + if (ret != 0) { goto hmac_failed_etm_enabled; - ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, - data, rec->data_len ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&transform->md_ctx_enc, + data, rec->data_len); + if (ret != 0) { goto hmac_failed_etm_enabled; - ret = mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&transform->md_ctx_enc, mac); + if (ret != 0) { goto hmac_failed_etm_enabled; - ret = mbedtls_md_hmac_reset( &transform->md_ctx_enc ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_reset(&transform->md_ctx_enc); + if (ret != 0) { goto hmac_failed_etm_enabled; + } - memcpy( data + rec->data_len, mac, transform->maclen ); + memcpy(data + rec->data_len, mac, transform->maclen); rec->data_len += transform->maclen; post_avail -= transform->maclen; auth_done++; - hmac_failed_etm_enabled: - mbedtls_platform_zeroize( mac, transform->maclen ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "HMAC calculation failed", ret ); - return( ret ); +hmac_failed_etm_enabled: + mbedtls_platform_zeroize(mac, transform->maclen); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "HMAC calculation failed", ret); + return ret; } } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - } - else + } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC) */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* Make extra sure authentication was performed, exactly once */ - if( auth_done != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (auth_done != 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= encrypt buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= encrypt buf")); - return( 0 ); + return 0; } -int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, - mbedtls_ssl_transform *transform, - mbedtls_record *rec ) +int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, + mbedtls_ssl_transform *transform, + mbedtls_record *rec) { size_t olen; mbedtls_cipher_mode_t mode; @@ -1129,8 +1116,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) size_t padlen = 0, correct = 1; #endif - unsigned char* data; - unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_IN_LEN_MAX ]; + unsigned char *data; + unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_IN_LEN_MAX]; size_t add_data_len; #if !defined(MBEDTLS_DEBUG_C) @@ -1138,59 +1125,52 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, ((void) ssl); #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) ); - if( rec == NULL || + MBEDTLS_SSL_DEBUG_MSG(2, ("=> decrypt buf")); + if (rec == NULL || rec->buf == NULL || rec->buf_len < rec->data_offset || - rec->buf_len - rec->data_offset < rec->data_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad record structure provided to decrypt_buf" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + rec->buf_len - rec->data_offset < rec->data_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad record structure provided to decrypt_buf")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } data = rec->buf + rec->data_offset; - mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_dec ); + mode = mbedtls_cipher_get_cipher_mode(&transform->cipher_ctx_dec); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) /* * Match record's CID with incoming CID. */ - if( rec->cid_len != transform->in_cid_len || - memcmp( rec->cid, transform->in_cid, rec->cid_len ) != 0 ) - { - return( MBEDTLS_ERR_SSL_UNEXPECTED_CID ); + if (rec->cid_len != transform->in_cid_len || + memcmp(rec->cid, transform->in_cid, rec->cid_len) != 0) { + return MBEDTLS_ERR_SSL_UNEXPECTED_CID; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) - if( mode == MBEDTLS_MODE_STREAM ) - { + if (mode == MBEDTLS_MODE_STREAM) { padlen = 0; - if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec, - transform->iv_dec, - transform->ivlen, - data, rec->data_len, - data, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); - return( ret ); + if ((ret = mbedtls_cipher_crypt(&transform->cipher_ctx_dec, + transform->iv_dec, + transform->ivlen, + data, rec->data_len, + data, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_crypt", ret); + return ret; } - if( rec->data_len != olen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (rec->data_len != olen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - } - else + } else #endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */ #if defined(MBEDTLS_GCM_C) || \ defined(MBEDTLS_CCM_C) || \ defined(MBEDTLS_CHACHAPOLY_C) - if( mode == MBEDTLS_MODE_GCM || + if (mode == MBEDTLS_MODE_GCM || mode == MBEDTLS_MODE_CCM || - mode == MBEDTLS_MODE_CHACHAPOLY ) - { + mode == MBEDTLS_MODE_CHACHAPOLY) { unsigned char iv[12]; unsigned char *dynamic_iv; size_t dynamic_iv_len; @@ -1203,56 +1183,51 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * can be chosen freely - in particular, it need not * agree with the record sequence number. */ - dynamic_iv_len = sizeof( rec->ctr ); - if( ssl_transform_aead_dynamic_iv_is_explicit( transform ) == 1 ) - { - if( rec->data_len < dynamic_iv_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET - " ) < explicit_iv_len (%" MBEDTLS_PRINTF_SIZET ") ", - rec->data_len, - dynamic_iv_len ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + dynamic_iv_len = sizeof(rec->ctr); + if (ssl_transform_aead_dynamic_iv_is_explicit(transform) == 1) { + if (rec->data_len < dynamic_iv_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET + " ) < explicit_iv_len (%" MBEDTLS_PRINTF_SIZET ") ", + rec->data_len, + dynamic_iv_len)); + return MBEDTLS_ERR_SSL_INVALID_MAC; } dynamic_iv = data; data += dynamic_iv_len; rec->data_offset += dynamic_iv_len; rec->data_len -= dynamic_iv_len; - } - else - { + } else { dynamic_iv = rec->ctr; } /* Check that there's space for the authentication tag. */ - if( rec->data_len < transform->taglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET - ") < taglen (%" MBEDTLS_PRINTF_SIZET ") ", - rec->data_len, - transform->taglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + if (rec->data_len < transform->taglen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET + ") < taglen (%" MBEDTLS_PRINTF_SIZET ") ", + rec->data_len, + transform->taglen)); + return MBEDTLS_ERR_SSL_INVALID_MAC; } rec->data_len -= transform->taglen; /* * Prepare nonce from dynamic and static parts. */ - ssl_build_record_nonce( iv, sizeof( iv ), - transform->iv_dec, - transform->fixed_ivlen, - dynamic_iv, - dynamic_iv_len ); + ssl_build_record_nonce(iv, sizeof(iv), + transform->iv_dec, + transform->fixed_ivlen, + dynamic_iv, + dynamic_iv_len); /* * Build additional data for AEAD encryption. * This depends on the TLS version. */ - ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); - MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD", - add_data, add_data_len ); + ssl_extract_add_data_from_record(add_data, &add_data_len, rec, + transform->minor_ver); + MBEDTLS_SSL_DEBUG_BUF(4, "additional data used for AEAD", + add_data, add_data_len); /* Because of the check above, we know that there are * explicit_iv_len Bytes preceding data, and taglen @@ -1260,49 +1235,45 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * the debug message and the invocation of * mbedtls_cipher_auth_decrypt() below. */ - MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", iv, transform->ivlen ); - MBEDTLS_SSL_DEBUG_BUF( 4, "TAG used", data + rec->data_len, - transform->taglen ); + MBEDTLS_SSL_DEBUG_BUF(4, "IV used", iv, transform->ivlen); + MBEDTLS_SSL_DEBUG_BUF(4, "TAG used", data + rec->data_len, + transform->taglen); /* * Decrypt and authenticate */ - if( ( ret = mbedtls_cipher_auth_decrypt_ext( &transform->cipher_ctx_dec, - iv, transform->ivlen, - add_data, add_data_len, - data, rec->data_len + transform->taglen, /* src */ - data, rec->buf_len - (data - rec->buf), &olen, /* dst */ - transform->taglen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret ); - - if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + if ((ret = mbedtls_cipher_auth_decrypt_ext(&transform->cipher_ctx_dec, + iv, transform->ivlen, + add_data, add_data_len, + data, rec->data_len + transform->taglen, /* src */ + data, rec->buf_len - (data - rec->buf), &olen, /* dst */ + transform->taglen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_auth_decrypt", ret); + + if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) { + return MBEDTLS_ERR_SSL_INVALID_MAC; + } - return( ret ); + return ret; } auth_done++; /* Double-check that AEAD decryption doesn't change content length. */ - if( olen != rec->data_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (olen != rec->data_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - } - else + } else #endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) - if( mode == MBEDTLS_MODE_CBC ) - { + if (mode == MBEDTLS_MODE_CBC) { size_t minlen = 0; /* * Check immediate ciphertext sanity */ #if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { + if (transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2) { /* The ciphertext is prefixed with the CBC IV. */ minlen += transform->ivlen; } @@ -1329,27 +1300,26 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * lower bound minlen + maclen + 1 on the record size, which * we test for in the second check below. */ - if( rec->data_len < minlen + transform->ivlen || - rec->data_len < minlen + transform->maclen + 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET - ") < max( ivlen(%" MBEDTLS_PRINTF_SIZET - "), maclen (%" MBEDTLS_PRINTF_SIZET ") " - "+ 1 ) ( + expl IV )", rec->data_len, - transform->ivlen, - transform->maclen ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + if (rec->data_len < minlen + transform->ivlen || + rec->data_len < minlen + transform->maclen + 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET + ") < max( ivlen(%" MBEDTLS_PRINTF_SIZET + "), maclen (%" MBEDTLS_PRINTF_SIZET ") " + "+ 1 ) ( + expl IV )", + rec->data_len, + transform->ivlen, + transform->maclen)); + return MBEDTLS_ERR_SSL_INVALID_MAC; } /* * Authenticate before decrypt if enabled */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( transform->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED ) - { + if (transform->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED) { unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD]; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("using encrypt then mac")); /* Update data_len in tandem with add_data. * @@ -1362,49 +1332,52 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * * Further, we still know that data_len > minlen */ rec->data_len -= transform->maclen; - ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + ssl_extract_add_data_from_record(add_data, &add_data_len, rec, + transform->minor_ver); /* Calculate expected MAC. */ - MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data, - add_data_len ); - ret = mbedtls_md_hmac_update( &transform->md_ctx_dec, add_data, - add_data_len ); - if( ret != 0 ) + MBEDTLS_SSL_DEBUG_BUF(4, "MAC'd meta-data", add_data, + add_data_len); + ret = mbedtls_md_hmac_update(&transform->md_ctx_dec, add_data, + add_data_len); + if (ret != 0) { goto hmac_failed_etm_enabled; - ret = mbedtls_md_hmac_update( &transform->md_ctx_dec, - data, rec->data_len ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&transform->md_ctx_dec, + data, rec->data_len); + if (ret != 0) { goto hmac_failed_etm_enabled; - ret = mbedtls_md_hmac_finish( &transform->md_ctx_dec, mac_expect ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&transform->md_ctx_dec, mac_expect); + if (ret != 0) { goto hmac_failed_etm_enabled; - ret = mbedtls_md_hmac_reset( &transform->md_ctx_dec ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_reset(&transform->md_ctx_dec); + if (ret != 0) { goto hmac_failed_etm_enabled; + } - MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", data + rec->data_len, - transform->maclen ); - MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect, - transform->maclen ); + MBEDTLS_SSL_DEBUG_BUF(4, "message mac", data + rec->data_len, + transform->maclen); + MBEDTLS_SSL_DEBUG_BUF(4, "expected mac", mac_expect, + transform->maclen); /* Compare expected MAC with MAC at the end of the record. */ - if( mbedtls_ct_memcmp( data + rec->data_len, mac_expect, - transform->maclen ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); + if (mbedtls_ct_memcmp(data + rec->data_len, mac_expect, + transform->maclen) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("message mac does not match")); ret = MBEDTLS_ERR_SSL_INVALID_MAC; goto hmac_failed_etm_enabled; } auth_done++; - hmac_failed_etm_enabled: - mbedtls_platform_zeroize( mac_expect, transform->maclen ); - if( ret != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_INVALID_MAC ) - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_hmac_xxx", ret ); - return( ret ); +hmac_failed_etm_enabled: + mbedtls_platform_zeroize(mac_expect, transform->maclen); + if (ret != 0) { + if (ret != MBEDTLS_ERR_SSL_INVALID_MAC) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_hmac_xxx", ret); + } + return ret; } } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ @@ -1416,22 +1389,20 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, /* We know from above that data_len > minlen >= 0, * so the following check in particular implies that * data_len >= minlen + ivlen ( = minlen or 2 * minlen ). */ - if( rec->data_len % transform->ivlen != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET - ") %% ivlen (%" MBEDTLS_PRINTF_SIZET ") != 0", - rec->data_len, transform->ivlen ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + if (rec->data_len % transform->ivlen != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET + ") %% ivlen (%" MBEDTLS_PRINTF_SIZET ") != 0", + rec->data_len, transform->ivlen)); + return MBEDTLS_ERR_SSL_INVALID_MAC; } #if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) /* * Initialize for prepended IV for block cipher in TLS v1.1 and up */ - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { + if (transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2) { /* Safe because data_len >= minlen + ivlen = 2 * ivlen. */ - memcpy( transform->iv_dec, data, transform->ivlen ); + memcpy(transform->iv_dec, data, transform->ivlen); data += transform->ivlen; rec->data_offset += transform->ivlen; @@ -1441,32 +1412,29 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, /* We still have data_len % ivlen == 0 and data_len >= ivlen here. */ - if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec, - transform->iv_dec, transform->ivlen, - data, rec->data_len, data, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); - return( ret ); + if ((ret = mbedtls_cipher_crypt(&transform->cipher_ctx_dec, + transform->iv_dec, transform->ivlen, + data, rec->data_len, data, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_crypt", ret); + return ret; } /* Double-check that length hasn't changed during decryption. */ - if( rec->data_len != olen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (rec->data_len != olen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) - if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) - { + if (transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2) { /* * Save IV in SSL3 and TLS1, where CBC decryption of consecutive * records is equivalent to CBC decryption of the concatenation * of the records; in other words, IVs are maintained across * record decryptions. */ - memcpy( transform->iv_dec, transform->cipher_ctx_dec.iv, - transform->ivlen ); + memcpy(transform->iv_dec, transform->cipher_ctx_dec.iv, + transform->ivlen); } #endif @@ -1476,31 +1444,27 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * >= ivlen ). */ padlen = data[rec->data_len - 1]; - if( auth_done == 1 ) - { + if (auth_done == 1) { const size_t mask = mbedtls_ct_size_mask_ge( - rec->data_len, - padlen + 1 ); + rec->data_len, + padlen + 1); correct &= mask; padlen &= mask; - } - else - { + } else { #if defined(MBEDTLS_SSL_DEBUG_ALL) - if( rec->data_len < transform->maclen + padlen + 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET - ") < maclen (%" MBEDTLS_PRINTF_SIZET - ") + padlen (%" MBEDTLS_PRINTF_SIZET ")", - rec->data_len, - transform->maclen, - padlen + 1 ) ); + if (rec->data_len < transform->maclen + padlen + 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET + ") < maclen (%" MBEDTLS_PRINTF_SIZET + ") + padlen (%" MBEDTLS_PRINTF_SIZET ")", + rec->data_len, + transform->maclen, + padlen + 1)); } #endif const size_t mask = mbedtls_ct_size_mask_ge( - rec->data_len, - transform->maclen + padlen + 1 ); + rec->data_len, + transform->maclen + padlen + 1); correct &= mask; padlen &= mask; } @@ -1511,28 +1475,25 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * we have data_len >= padlen here. */ #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { /* This is the SSL 3.0 path, we don't have to worry about Lucky * 13, because there's a strictly worse padding attack built in * the protocol (known as part of POODLE), so we don't care if the * code is not constant-time, in particular branches are OK. */ - if( padlen > transform->ivlen ) - { + if (padlen > transform->ivlen) { #if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding length: is %" MBEDTLS_PRINTF_SIZET ", " - "should be no more than %" MBEDTLS_PRINTF_SIZET, - padlen, transform->ivlen ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("bad padding length: is %" MBEDTLS_PRINTF_SIZET ", " + "should be no more than %" + MBEDTLS_PRINTF_SIZET, + padlen, transform->ivlen)); #endif correct = 0; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 ) - { + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0) { /* The padding check involves a series of up to 256 * consecutive memory reads at the end of the record * plaintext buffer. In order to hide the length and @@ -1540,7 +1501,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * `min(256,plaintext_len)` reads (but take into account * only the last `padlen` bytes for the padding check). */ size_t pad_count = 0; - volatile unsigned char* const check = data; + volatile unsigned char * const check = data; /* Index of first padding byte; it has been ensured above * that the subtraction is safe. */ @@ -1549,30 +1510,29 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, size_t const start_idx = rec->data_len - num_checks; size_t idx; - for( idx = start_idx; idx < rec->data_len; idx++ ) - { + for (idx = start_idx; idx < rec->data_len; idx++) { /* pad_count += (idx >= padding_idx) && * (check[idx] == padlen - 1); */ - const size_t mask = mbedtls_ct_size_mask_ge( idx, padding_idx ); - const size_t equal = mbedtls_ct_size_bool_eq( check[idx], - padlen - 1 ); + const size_t mask = mbedtls_ct_size_mask_ge(idx, padding_idx); + const size_t equal = mbedtls_ct_size_bool_eq(check[idx], + padlen - 1); pad_count += mask & equal; } - correct &= mbedtls_ct_size_bool_eq( pad_count, padlen ); + correct &= mbedtls_ct_size_bool_eq(pad_count, padlen); #if defined(MBEDTLS_SSL_DEBUG_ALL) - if( padlen > 0 && correct == 0 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) ); + if (padlen > 0 && correct == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad padding byte detected")); + } #endif - padlen &= mbedtls_ct_size_mask( correct ); - } - else + padlen &= mbedtls_ct_size_mask(correct); + } else #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* If the padding was found to be invalid, padlen == 0 @@ -1580,17 +1540,16 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * padlen hasn't been changed and the previous assertion * data_len >= padlen still holds. */ rec->data_len -= padlen; - } - else + } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_BUF( 4, "raw buffer after decryption", - data, rec->data_len ); + MBEDTLS_SSL_DEBUG_BUF(4, "raw buffer after decryption", + data, rec->data_len); #endif /* @@ -1598,8 +1557,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * Compute the MAC regardless of the padding result (RFC4346, CBCTIME). */ #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - if( auth_done == 0 ) - { + if (auth_done == 0) { unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD] = { 0 }; unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD] = { 0 }; @@ -1617,30 +1575,26 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * hence data_len >= maclen in any case. */ rec->data_len -= transform->maclen; - ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + ssl_extract_add_data_from_record(add_data, &add_data_len, rec, + transform->minor_ver); #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - ret = ssl_mac( &transform->md_ctx_dec, - transform->mac_dec, - data, rec->data_len, - rec->ctr, rec->type, - mac_expect ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_mac", ret ); + if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { + ret = ssl_mac(&transform->md_ctx_dec, + transform->mac_dec, + data, rec->data_len, + rec->ctr, rec->type, + mac_expect); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_mac", ret); goto hmac_failed_etm_disabled; } - memcpy( mac_peer, data + rec->data_len, transform->maclen ); - } - else + memcpy(mac_peer, data + rec->data_len, transform->maclen); + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0) { /* * The next two sizes are the minimum and maximum values of * data_len over all padlen values. @@ -1652,92 +1606,90 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * length, as we previously did in_msglen -= maclen too. */ const size_t max_len = rec->data_len + padlen; - const size_t min_len = ( max_len > 256 ) ? max_len - 256 : 0; - - ret = mbedtls_ct_hmac( &transform->md_ctx_dec, - add_data, add_data_len, - data, rec->data_len, min_len, max_len, - mac_expect ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ct_hmac", ret ); + const size_t min_len = (max_len > 256) ? max_len - 256 : 0; + + ret = mbedtls_ct_hmac(&transform->md_ctx_dec, + add_data, add_data_len, + data, rec->data_len, min_len, max_len, + mac_expect); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ct_hmac", ret); goto hmac_failed_etm_disabled; } - mbedtls_ct_memcpy_offset( mac_peer, data, - rec->data_len, - min_len, max_len, - transform->maclen ); - } - else + mbedtls_ct_memcpy_offset(mac_peer, data, + rec->data_len, + min_len, max_len, + transform->maclen); + } else #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect, transform->maclen ); - MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", mac_peer, transform->maclen ); + MBEDTLS_SSL_DEBUG_BUF(4, "expected mac", mac_expect, transform->maclen); + MBEDTLS_SSL_DEBUG_BUF(4, "message mac", mac_peer, transform->maclen); #endif - if( mbedtls_ct_memcmp( mac_peer, mac_expect, - transform->maclen ) != 0 ) - { + if (mbedtls_ct_memcmp(mac_peer, mac_expect, + transform->maclen) != 0) { #if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("message mac does not match")); #endif correct = 0; } auth_done++; - hmac_failed_etm_disabled: - mbedtls_platform_zeroize( mac_peer, transform->maclen ); - mbedtls_platform_zeroize( mac_expect, transform->maclen ); - if( ret != 0 ) - return( ret ); +hmac_failed_etm_disabled: + mbedtls_platform_zeroize(mac_peer, transform->maclen); + mbedtls_platform_zeroize(mac_expect, transform->maclen); + if (ret != 0) { + return ret; + } } /* * Finally check the correct flag */ - if( correct == 0 ) - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + if (correct == 0) { + return MBEDTLS_ERR_SSL_INVALID_MAC; + } #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ /* Make extra sure authentication was performed, exactly once */ - if( auth_done != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (auth_done != 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) { /* Remove inner padding and infer true content type. */ - ret = ssl_parse_inner_plaintext( data, &rec->data_len, - &rec->type ); + ret = ssl_parse_inner_plaintext(data, &rec->data_len, + &rec->type); - if( ret != 0 ) - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ret != 0) { + return MBEDTLS_ERR_SSL_INVALID_RECORD; + } } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( rec->cid_len != 0 ) - { - ret = ssl_parse_inner_plaintext( data, &rec->data_len, - &rec->type ); - if( ret != 0 ) - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (rec->cid_len != 0) { + ret = ssl_parse_inner_plaintext(data, &rec->data_len, + &rec->type); + if (ret != 0) { + return MBEDTLS_ERR_SSL_INVALID_RECORD; + } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= decrypt buf")); - return( 0 ); + return 0; } #undef MAC_NONE @@ -1749,7 +1701,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * Compression/decompression functions */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_compress_buf( mbedtls_ssl_context *ssl ) +static int ssl_compress_buf(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *msg_post = ssl->out_msg; @@ -1762,47 +1714,47 @@ static int ssl_compress_buf( mbedtls_ssl_context *ssl ) size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN; #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> compress buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> compress buf")); - if( len_pre == 0 ) - return( 0 ); + if (len_pre == 0) { + return 0; + } - memcpy( msg_pre, ssl->out_msg, len_pre ); + memcpy(msg_pre, ssl->out_msg, len_pre); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before compression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", - ssl->out_msglen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("before compression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", + ssl->out_msglen)); - MBEDTLS_SSL_DEBUG_BUF( 4, "before compression: output payload", - ssl->out_msg, ssl->out_msglen ); + MBEDTLS_SSL_DEBUG_BUF(4, "before compression: output payload", + ssl->out_msg, ssl->out_msglen); ssl->transform_out->ctx_deflate.next_in = msg_pre; ssl->transform_out->ctx_deflate.avail_in = len_pre; ssl->transform_out->ctx_deflate.next_out = msg_post; ssl->transform_out->ctx_deflate.avail_out = out_buf_len - bytes_written; - ret = deflate( &ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH ); - if( ret != Z_OK ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform compression (%d)", ret ) ); - return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); + ret = deflate(&ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH); + if (ret != Z_OK) { + MBEDTLS_SSL_DEBUG_MSG(1, ("failed to perform compression (%d)", ret)); + return MBEDTLS_ERR_SSL_COMPRESSION_FAILED; } ssl->out_msglen = out_buf_len - ssl->transform_out->ctx_deflate.avail_out - bytes_written; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "after compression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", - ssl->out_msglen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("after compression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", + ssl->out_msglen)); - MBEDTLS_SSL_DEBUG_BUF( 4, "after compression: output payload", - ssl->out_msg, ssl->out_msglen ); + MBEDTLS_SSL_DEBUG_BUF(4, "after compression: output payload", + ssl->out_msg, ssl->out_msglen); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= compress buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= compress buf")); - return( 0 ); + return 0; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_decompress_buf( mbedtls_ssl_context *ssl ) +static int ssl_decompress_buf(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *msg_post = ssl->in_msg; @@ -1815,43 +1767,43 @@ static int ssl_decompress_buf( mbedtls_ssl_context *ssl ) size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decompress buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> decompress buf")); - if( len_pre == 0 ) - return( 0 ); + if (len_pre == 0) { + return 0; + } - memcpy( msg_pre, ssl->in_msg, len_pre ); + memcpy(msg_pre, ssl->in_msg, len_pre); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", - ssl->in_msglen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("before decompression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", + ssl->in_msglen)); - MBEDTLS_SSL_DEBUG_BUF( 4, "before decompression: input payload", - ssl->in_msg, ssl->in_msglen ); + MBEDTLS_SSL_DEBUG_BUF(4, "before decompression: input payload", + ssl->in_msg, ssl->in_msglen); ssl->transform_in->ctx_inflate.next_in = msg_pre; ssl->transform_in->ctx_inflate.avail_in = len_pre; ssl->transform_in->ctx_inflate.next_out = msg_post; ssl->transform_in->ctx_inflate.avail_out = in_buf_len - header_bytes; - ret = inflate( &ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH ); - if( ret != Z_OK ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform decompression (%d)", ret ) ); - return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); + ret = inflate(&ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH); + if (ret != Z_OK) { + MBEDTLS_SSL_DEBUG_MSG(1, ("failed to perform decompression (%d)", ret)); + return MBEDTLS_ERR_SSL_COMPRESSION_FAILED; } ssl->in_msglen = in_buf_len - ssl->transform_in->ctx_inflate.avail_out - header_bytes; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", - ssl->in_msglen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("after decompression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", + ssl->in_msglen)); - MBEDTLS_SSL_DEBUG_BUF( 4, "after decompression: input payload", - ssl->in_msg, ssl->in_msglen ); + MBEDTLS_SSL_DEBUG_BUF(4, "after decompression: input payload", + ssl->in_msg, ssl->in_msglen); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decompress buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= decompress buf")); - return( 0 ); + return 0; } #endif /* MBEDTLS_ZLIB_SUPPORT */ @@ -1870,7 +1822,7 @@ static int ssl_decompress_buf( mbedtls_ssl_context *ssl ) * For DTLS, it is up to the caller to set ssl->next_record_offset when * they're done reading a record. */ -int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) +int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -1880,23 +1832,20 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> fetch input" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> fetch input")); - if( ssl->f_recv == NULL && ssl->f_recv_timeout == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() " ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->f_recv == NULL && ssl->f_recv_timeout == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Bad usage of mbedtls_ssl_set_bio() ")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( nb_want > in_buf_len - (size_t)( ssl->in_hdr - ssl->in_buf ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (nb_want > in_buf_len - (size_t) (ssl->in_hdr - ssl->in_buf)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("requesting more data than fits")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { uint32_t timeout; /* @@ -1909,40 +1858,36 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) /* * Move to the next record in the already read datagram if applicable */ - if( ssl->next_record_offset != 0 ) - { - if( ssl->in_left < ssl->next_record_offset ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (ssl->next_record_offset != 0) { + if (ssl->in_left < ssl->next_record_offset) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } ssl->in_left -= ssl->next_record_offset; - if( ssl->in_left != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "next record in same datagram, offset: %" - MBEDTLS_PRINTF_SIZET, - ssl->next_record_offset ) ); - memmove( ssl->in_hdr, - ssl->in_hdr + ssl->next_record_offset, - ssl->in_left ); + if (ssl->in_left != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("next record in same datagram, offset: %" + MBEDTLS_PRINTF_SIZET, + ssl->next_record_offset)); + memmove(ssl->in_hdr, + ssl->in_hdr + ssl->next_record_offset, + ssl->in_left); } ssl->next_record_offset = 0; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %" MBEDTLS_PRINTF_SIZET - ", nb_want: %" MBEDTLS_PRINTF_SIZET, - ssl->in_left, nb_want ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("in_left: %" MBEDTLS_PRINTF_SIZET + ", nb_want: %" MBEDTLS_PRINTF_SIZET, + ssl->in_left, nb_want)); /* * Done if we already have enough data. */ - if( nb_want <= ssl->in_left) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) ); - return( 0 ); + if (nb_want <= ssl->in_left) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= fetch input")); + return 0; } /* @@ -1950,10 +1895,9 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) * are not at the beginning of a new record, the caller did something * wrong. */ - if( ssl->in_left != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (ssl->in_left != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* @@ -1961,195 +1905,182 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) * This avoids by-passing the timer when repeatedly receiving messages * that will end up being dropped. */ - if( mbedtls_ssl_check_timer( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "timer has expired" ) ); + if (mbedtls_ssl_check_timer(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("timer has expired")); ret = MBEDTLS_ERR_SSL_TIMEOUT; - } - else - { - len = in_buf_len - ( ssl->in_hdr - ssl->in_buf ); + } else { + len = in_buf_len - (ssl->in_hdr - ssl->in_buf); - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { timeout = ssl->handshake->retransmit_timeout; - else + } else { timeout = ssl->conf->read_timeout; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "f_recv_timeout: %lu ms", (unsigned long) timeout ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("f_recv_timeout: %lu ms", (unsigned long) timeout)); - if( ssl->f_recv_timeout != NULL ) - ret = ssl->f_recv_timeout( ssl->p_bio, ssl->in_hdr, len, - timeout ); - else - ret = ssl->f_recv( ssl->p_bio, ssl->in_hdr, len ); + if (ssl->f_recv_timeout != NULL) { + ret = ssl->f_recv_timeout(ssl->p_bio, ssl->in_hdr, len, + timeout); + } else { + ret = ssl->f_recv(ssl->p_bio, ssl->in_hdr, len); + } - MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret ); + MBEDTLS_SSL_DEBUG_RET(2, "ssl->f_recv(_timeout)", ret); - if( ret == 0 ) - return( MBEDTLS_ERR_SSL_CONN_EOF ); + if (ret == 0) { + return MBEDTLS_ERR_SSL_CONN_EOF; + } } - if( ret == MBEDTLS_ERR_SSL_TIMEOUT ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "timeout" ) ); - mbedtls_ssl_set_timer( ssl, 0 ); + if (ret == MBEDTLS_ERR_SSL_TIMEOUT) { + MBEDTLS_SSL_DEBUG_MSG(2, ("timeout")); + mbedtls_ssl_set_timer(ssl, 0); - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - if( ssl_double_retransmit_timeout( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake timeout" ) ); - return( MBEDTLS_ERR_SSL_TIMEOUT ); + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + if (ssl_double_retransmit_timeout(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("handshake timeout")); + return MBEDTLS_ERR_SSL_TIMEOUT; } - if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret ); - return( ret ); + if ((ret = mbedtls_ssl_resend(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_resend", ret); + return ret; } - return( MBEDTLS_ERR_SSL_WANT_READ ); + return MBEDTLS_ERR_SSL_WANT_READ; } #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) - else if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) - { - if( ( ret = mbedtls_ssl_resend_hello_request( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend_hello_request", - ret ); - return( ret ); + else if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { + if ((ret = mbedtls_ssl_resend_hello_request(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_resend_hello_request", + ret); + return ret; } - return( MBEDTLS_ERR_SSL_WANT_READ ); + return MBEDTLS_ERR_SSL_WANT_READ; } #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ } - if( ret < 0 ) - return( ret ); + if (ret < 0) { + return ret; + } ssl->in_left = ret; - } - else + } else #endif { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %" MBEDTLS_PRINTF_SIZET - ", nb_want: %" MBEDTLS_PRINTF_SIZET, - ssl->in_left, nb_want ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("in_left: %" MBEDTLS_PRINTF_SIZET + ", nb_want: %" MBEDTLS_PRINTF_SIZET, + ssl->in_left, nb_want)); - while( ssl->in_left < nb_want ) - { + while (ssl->in_left < nb_want) { len = nb_want - ssl->in_left; - if( mbedtls_ssl_check_timer( ssl ) != 0 ) + if (mbedtls_ssl_check_timer(ssl) != 0) { ret = MBEDTLS_ERR_SSL_TIMEOUT; - else - { - if( ssl->f_recv_timeout != NULL ) - { - ret = ssl->f_recv_timeout( ssl->p_bio, - ssl->in_hdr + ssl->in_left, len, - ssl->conf->read_timeout ); - } - else - { - ret = ssl->f_recv( ssl->p_bio, - ssl->in_hdr + ssl->in_left, len ); + } else { + if (ssl->f_recv_timeout != NULL) { + ret = ssl->f_recv_timeout(ssl->p_bio, + ssl->in_hdr + ssl->in_left, len, + ssl->conf->read_timeout); + } else { + ret = ssl->f_recv(ssl->p_bio, + ssl->in_hdr + ssl->in_left, len); } } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %" MBEDTLS_PRINTF_SIZET - ", nb_want: %" MBEDTLS_PRINTF_SIZET, - ssl->in_left, nb_want ) ); - MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret ); + MBEDTLS_SSL_DEBUG_MSG(2, ("in_left: %" MBEDTLS_PRINTF_SIZET + ", nb_want: %" MBEDTLS_PRINTF_SIZET, + ssl->in_left, nb_want)); + MBEDTLS_SSL_DEBUG_RET(2, "ssl->f_recv(_timeout)", ret); - if( ret == 0 ) - return( MBEDTLS_ERR_SSL_CONN_EOF ); + if (ret == 0) { + return MBEDTLS_ERR_SSL_CONN_EOF; + } - if( ret < 0 ) - return( ret ); + if (ret < 0) { + return ret; + } - if ( (size_t)ret > len || ( INT_MAX > SIZE_MAX && ret > (int)SIZE_MAX ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "f_recv returned %d bytes but only %" MBEDTLS_PRINTF_SIZET " were requested", - ret, len ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if ((size_t) ret > len || (INT_MAX > SIZE_MAX && ret > (int) SIZE_MAX)) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("f_recv returned %d bytes but only %" MBEDTLS_PRINTF_SIZET + " were requested", + ret, len)); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } ssl->in_left += ret; } } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= fetch input")); - return( 0 ); + return 0; } /* * Flush any data not yet written */ -int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_flush_output(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *buf; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> flush output" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> flush output")); - if( ssl->f_send == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() " ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->f_send == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Bad usage of mbedtls_ssl_set_bio() ")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* Avoid incrementing counter if data is flushed */ - if( ssl->out_left == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); - return( 0 ); + if (ssl->out_left == 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= flush output")); + return 0; } - while( ssl->out_left > 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "message length: %" MBEDTLS_PRINTF_SIZET - ", out_left: %" MBEDTLS_PRINTF_SIZET, - mbedtls_ssl_out_hdr_len( ssl ) + ssl->out_msglen, ssl->out_left ) ); + while (ssl->out_left > 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("message length: %" MBEDTLS_PRINTF_SIZET + ", out_left: %" MBEDTLS_PRINTF_SIZET, + mbedtls_ssl_out_hdr_len(ssl) + ssl->out_msglen, ssl->out_left)); buf = ssl->out_hdr - ssl->out_left; - ret = ssl->f_send( ssl->p_bio, buf, ssl->out_left ); + ret = ssl->f_send(ssl->p_bio, buf, ssl->out_left); - MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", ret ); + MBEDTLS_SSL_DEBUG_RET(2, "ssl->f_send", ret); - if( ret <= 0 ) - return( ret ); + if (ret <= 0) { + return ret; + } - if( (size_t)ret > ssl->out_left || ( INT_MAX > SIZE_MAX && ret > (int)SIZE_MAX ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "f_send returned %d bytes but only %" MBEDTLS_PRINTF_SIZET " bytes were sent", - ret, ssl->out_left ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if ((size_t) ret > ssl->out_left || (INT_MAX > SIZE_MAX && ret > (int) SIZE_MAX)) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("f_send returned %d bytes but only %" MBEDTLS_PRINTF_SIZET + " bytes were sent", + ret, ssl->out_left)); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } ssl->out_left -= ret; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { ssl->out_hdr = ssl->out_buf; - } - else + } else #endif { ssl->out_hdr = ssl->out_buf + 8; } - mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out ); + mbedtls_ssl_update_out_pointers(ssl, ssl->transform_out); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= flush output")); - return( 0 ); + return 0; } /* @@ -2160,64 +2091,61 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) * Append current handshake message to current outgoing flight */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_flight_append( mbedtls_ssl_context *ssl ) +static int ssl_flight_append(mbedtls_ssl_context *ssl) { mbedtls_ssl_flight_item *msg; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_flight_append" ) ); - MBEDTLS_SSL_DEBUG_BUF( 4, "message appended to flight", - ssl->out_msg, ssl->out_msglen ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_flight_append")); + MBEDTLS_SSL_DEBUG_BUF(4, "message appended to flight", + ssl->out_msg, ssl->out_msglen); /* Allocate space for current message */ - if( ( msg = mbedtls_calloc( 1, sizeof( mbedtls_ssl_flight_item ) ) ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %" MBEDTLS_PRINTF_SIZET " bytes failed", - sizeof( mbedtls_ssl_flight_item ) ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if ((msg = mbedtls_calloc(1, sizeof(mbedtls_ssl_flight_item))) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc %" MBEDTLS_PRINTF_SIZET " bytes failed", + sizeof(mbedtls_ssl_flight_item))); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } - if( ( msg->p = mbedtls_calloc( 1, ssl->out_msglen ) ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %" MBEDTLS_PRINTF_SIZET " bytes failed", - ssl->out_msglen ) ); - mbedtls_free( msg ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if ((msg->p = mbedtls_calloc(1, ssl->out_msglen)) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc %" MBEDTLS_PRINTF_SIZET " bytes failed", + ssl->out_msglen)); + mbedtls_free(msg); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } /* Copy current handshake message with headers */ - memcpy( msg->p, ssl->out_msg, ssl->out_msglen ); + memcpy(msg->p, ssl->out_msg, ssl->out_msglen); msg->len = ssl->out_msglen; msg->type = ssl->out_msgtype; msg->next = NULL; /* Append to the current flight */ - if( ssl->handshake->flight == NULL ) + if (ssl->handshake->flight == NULL) { ssl->handshake->flight = msg; - else - { + } else { mbedtls_ssl_flight_item *cur = ssl->handshake->flight; - while( cur->next != NULL ) + while (cur->next != NULL) { cur = cur->next; + } cur->next = msg; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_flight_append" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_flight_append")); + return 0; } /* * Free the current flight of handshake messages */ -void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight ) +void mbedtls_ssl_flight_free(mbedtls_ssl_flight_item *flight) { mbedtls_ssl_flight_item *cur = flight; mbedtls_ssl_flight_item *next; - while( cur != NULL ) - { + while (cur != NULL) { next = cur->next; - mbedtls_free( cur->p ); - mbedtls_free( cur ); + mbedtls_free(cur->p); + mbedtls_free(cur); cur = next; } @@ -2227,18 +2155,17 @@ void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight ) * Swap transform_out and out_ctr with the alternative ones */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_swap_epochs( mbedtls_ssl_context *ssl ) +static int ssl_swap_epochs(mbedtls_ssl_context *ssl) { mbedtls_ssl_transform *tmp_transform; unsigned char tmp_out_ctr[8]; - if( ssl->transform_out == ssl->handshake->alt_transform_out ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip swap epochs" ) ); - return( 0 ); + if (ssl->transform_out == ssl->handshake->alt_transform_out) { + MBEDTLS_SSL_DEBUG_MSG(3, ("skip swap epochs")); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "swap epochs" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("swap epochs")); /* Swap transforms */ tmp_transform = ssl->transform_out; @@ -2246,42 +2173,40 @@ static int ssl_swap_epochs( mbedtls_ssl_context *ssl ) ssl->handshake->alt_transform_out = tmp_transform; /* Swap epoch + sequence_number */ - memcpy( tmp_out_ctr, ssl->cur_out_ctr, 8 ); - memcpy( ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, 8 ); - memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr, 8 ); + memcpy(tmp_out_ctr, ssl->cur_out_ctr, 8); + memcpy(ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, 8); + memcpy(ssl->handshake->alt_out_ctr, tmp_out_ctr, 8); /* Adjust to the newly activated transform */ - mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out ); + mbedtls_ssl_update_out_pointers(ssl, ssl->transform_out); #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_activate != NULL ) - { - int ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + if (mbedtls_ssl_hw_record_activate != NULL) { + int ret = mbedtls_ssl_hw_record_activate(ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_activate", ret); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } } #endif - return( 0 ); + return 0; } /* * Retransmit the current flight of messages. */ -int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_resend(mbedtls_ssl_context *ssl) { int ret = 0; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_resend" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> mbedtls_ssl_resend")); - ret = mbedtls_ssl_flight_transmit( ssl ); + ret = mbedtls_ssl_flight_transmit(ssl); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_resend" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= mbedtls_ssl_resend")); - return( ret ); + return ret; } /* @@ -2291,121 +2216,117 @@ int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ) * WANT_WRITE, causing us to exit this function and come back later. * This function must be called until state is no longer SENDING. */ -int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_flight_transmit" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> mbedtls_ssl_flight_transmit")); - if( ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialise flight transmission" ) ); + if (ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING) { + MBEDTLS_SSL_DEBUG_MSG(2, ("initialise flight transmission")); ssl->handshake->cur_msg = ssl->handshake->flight; ssl->handshake->cur_msg_p = ssl->handshake->flight->p + 12; - ret = ssl_swap_epochs( ssl ); - if( ret != 0 ) - return( ret ); + ret = ssl_swap_epochs(ssl); + if (ret != 0) { + return ret; + } ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_SENDING; } - while( ssl->handshake->cur_msg != NULL ) - { + while (ssl->handshake->cur_msg != NULL) { size_t max_frag_len; const mbedtls_ssl_flight_item * const cur = ssl->handshake->cur_msg; int const is_finished = - ( cur->type == MBEDTLS_SSL_MSG_HANDSHAKE && - cur->p[0] == MBEDTLS_SSL_HS_FINISHED ); + (cur->type == MBEDTLS_SSL_MSG_HANDSHAKE && + cur->p[0] == MBEDTLS_SSL_HS_FINISHED); uint8_t const force_flush = ssl->disable_datagram_packing == 1 ? - SSL_FORCE_FLUSH : SSL_DONT_FORCE_FLUSH; + SSL_FORCE_FLUSH : SSL_DONT_FORCE_FLUSH; /* Swap epochs before sending Finished: we can't do it after * sending ChangeCipherSpec, in case write returns WANT_READ. * Must be done before copying, may change out_msg pointer */ - if( is_finished && ssl->handshake->cur_msg_p == ( cur->p + 12 ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "swap epochs to send finished message" ) ); - ret = ssl_swap_epochs( ssl ); - if( ret != 0 ) - return( ret ); + if (is_finished && ssl->handshake->cur_msg_p == (cur->p + 12)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("swap epochs to send finished message")); + ret = ssl_swap_epochs(ssl); + if (ret != 0) { + return ret; + } } - ret = ssl_get_remaining_payload_in_datagram( ssl ); - if( ret < 0 ) - return( ret ); + ret = ssl_get_remaining_payload_in_datagram(ssl); + if (ret < 0) { + return ret; + } max_frag_len = (size_t) ret; /* CCS is copied as is, while HS messages may need fragmentation */ - if( cur->type == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) - { - if( max_frag_len == 0 ) - { - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); + if (cur->type == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) { + if (max_frag_len == 0) { + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + return ret; + } continue; } - memcpy( ssl->out_msg, cur->p, cur->len ); + memcpy(ssl->out_msg, cur->p, cur->len); ssl->out_msglen = cur->len; ssl->out_msgtype = cur->type; /* Update position inside current message */ ssl->handshake->cur_msg_p += cur->len; - } - else - { + } else { const unsigned char * const p = ssl->handshake->cur_msg_p; const size_t hs_len = cur->len - 12; - const size_t frag_off = p - ( cur->p + 12 ); + const size_t frag_off = p - (cur->p + 12); const size_t rem_len = hs_len - frag_off; size_t cur_hs_frag_len, max_hs_frag_len; - if( ( max_frag_len < 12 ) || ( max_frag_len == 12 && hs_len != 0 ) ) - { - if( is_finished ) - { - ret = ssl_swap_epochs( ssl ); - if( ret != 0 ) - return( ret ); + if ((max_frag_len < 12) || (max_frag_len == 12 && hs_len != 0)) { + if (is_finished) { + ret = ssl_swap_epochs(ssl); + if (ret != 0) { + return ret; + } } - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + return ret; + } continue; } max_hs_frag_len = max_frag_len - 12; cur_hs_frag_len = rem_len > max_hs_frag_len ? - max_hs_frag_len : rem_len; + max_hs_frag_len : rem_len; - if( frag_off == 0 && cur_hs_frag_len != hs_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "fragmenting handshake message (%u > %u)", - (unsigned) cur_hs_frag_len, - (unsigned) max_hs_frag_len ) ); + if (frag_off == 0 && cur_hs_frag_len != hs_len) { + MBEDTLS_SSL_DEBUG_MSG(2, ("fragmenting handshake message (%u > %u)", + (unsigned) cur_hs_frag_len, + (unsigned) max_hs_frag_len)); } /* Messages are stored with handshake headers as if not fragmented, * copy beginning of headers then fill fragmentation fields. * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ - memcpy( ssl->out_msg, cur->p, 6 ); + memcpy(ssl->out_msg, cur->p, 6); - ssl->out_msg[6] = MBEDTLS_BYTE_2( frag_off ); - ssl->out_msg[7] = MBEDTLS_BYTE_1( frag_off ); - ssl->out_msg[8] = MBEDTLS_BYTE_0( frag_off ); + ssl->out_msg[6] = MBEDTLS_BYTE_2(frag_off); + ssl->out_msg[7] = MBEDTLS_BYTE_1(frag_off); + ssl->out_msg[8] = MBEDTLS_BYTE_0(frag_off); - ssl->out_msg[ 9] = MBEDTLS_BYTE_2( cur_hs_frag_len ); - ssl->out_msg[10] = MBEDTLS_BYTE_1( cur_hs_frag_len ); - ssl->out_msg[11] = MBEDTLS_BYTE_0( cur_hs_frag_len ); + ssl->out_msg[9] = MBEDTLS_BYTE_2(cur_hs_frag_len); + ssl->out_msg[10] = MBEDTLS_BYTE_1(cur_hs_frag_len); + ssl->out_msg[11] = MBEDTLS_BYTE_0(cur_hs_frag_len); - MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 ); + MBEDTLS_SSL_DEBUG_BUF(3, "handshake header", ssl->out_msg, 12); /* Copy the handshake message content and set records fields */ - memcpy( ssl->out_msg + 12, p, cur_hs_frag_len ); + memcpy(ssl->out_msg + 12, p, cur_hs_frag_len); ssl->out_msglen = cur_hs_frag_len + 12; ssl->out_msgtype = cur->type; @@ -2414,52 +2335,47 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) } /* If done with the current message move to the next one if any */ - if( ssl->handshake->cur_msg_p >= cur->p + cur->len ) - { - if( cur->next != NULL ) - { + if (ssl->handshake->cur_msg_p >= cur->p + cur->len) { + if (cur->next != NULL) { ssl->handshake->cur_msg = cur->next; ssl->handshake->cur_msg_p = cur->next->p + 12; - } - else - { + } else { ssl->handshake->cur_msg = NULL; ssl->handshake->cur_msg_p = NULL; } } /* Actually send the message out */ - if( ( ret = mbedtls_ssl_write_record( ssl, force_flush ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_record(ssl, force_flush)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_record", ret); + return ret; } } - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + return ret; + } /* Update state and set timer */ - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) + if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; - else - { + } else { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; - mbedtls_ssl_set_timer( ssl, ssl->handshake->retransmit_timeout ); + mbedtls_ssl_set_timer(ssl, ssl->handshake->retransmit_timeout); } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_flight_transmit" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= mbedtls_ssl_flight_transmit")); - return( 0 ); + return 0; } /* * To be called when the last message of an incoming flight is received. */ -void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_recv_flight_completed(mbedtls_ssl_context *ssl) { /* We won't need to resend that one any more */ - mbedtls_ssl_flight_free( ssl->handshake->flight ); + mbedtls_ssl_flight_free(ssl->handshake->flight); ssl->handshake->flight = NULL; ssl->handshake->cur_msg = NULL; @@ -2470,35 +2386,33 @@ void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ) ssl->handshake->buffering.seen_ccs = 0; /* Clear future message buffering structure. */ - mbedtls_ssl_buffering_free( ssl ); + mbedtls_ssl_buffering_free(ssl); /* Cancel timer */ - mbedtls_ssl_set_timer( ssl, 0 ); + mbedtls_ssl_set_timer(ssl, 0); - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED ) - { + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED) { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; - } - else + } else { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; + } } /* * To be called when the last message of an outgoing flight is send. */ -void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_send_flight_completed(mbedtls_ssl_context *ssl) { - ssl_reset_retransmit_timeout( ssl ); - mbedtls_ssl_set_timer( ssl, ssl->handshake->retransmit_timeout ); + ssl_reset_retransmit_timeout(ssl); + mbedtls_ssl_set_timer(ssl, ssl->handshake->retransmit_timeout); - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED ) - { + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED) { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; - } - else + } else { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; + } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -2528,49 +2442,46 @@ void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ) * (including handshake headers but excluding record headers) * - ssl->out_msg: the record contents (handshake headers + content) */ -int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_handshake_msg(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const size_t hs_len = ssl->out_msglen - 4; const unsigned char hs_type = ssl->out_msg[0]; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write handshake message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write handshake message")); /* * Sanity checks */ - if( ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) - { + if (ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) { /* In SSLv3, the client might send a NoCertificate alert. */ #if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C) - if( ! ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && - ssl->out_msgtype == MBEDTLS_SSL_MSG_ALERT && - ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) ) + if (!(ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && + ssl->out_msgtype == MBEDTLS_SSL_MSG_ALERT && + ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT)) #endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } } /* Whenever we send anything different from a * HelloRequest we should be in a handshake - double check. */ - if( ! ( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST ) && - ssl->handshake == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (!(ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST) && + ssl->handshake == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake != NULL && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #endif @@ -2582,24 +2493,22 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) * * Note: We deliberately do not check for the MTU or MFL here. */ - if( ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record too large: " - "size %" MBEDTLS_PRINTF_SIZET - ", maximum %" MBEDTLS_PRINTF_SIZET, - ssl->out_msglen, - (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Record too large: " + "size %" MBEDTLS_PRINTF_SIZET + ", maximum %" MBEDTLS_PRINTF_SIZET, + ssl->out_msglen, + (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN)); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* * Fill handshake headers */ - if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) - { - ssl->out_msg[1] = MBEDTLS_BYTE_2( hs_len ); - ssl->out_msg[2] = MBEDTLS_BYTE_1( hs_len ); - ssl->out_msg[3] = MBEDTLS_BYTE_0( hs_len ); + if (ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) { + ssl->out_msg[1] = MBEDTLS_BYTE_2(hs_len); + ssl->out_msg[2] = MBEDTLS_BYTE_1(hs_len); + ssl->out_msg[3] = MBEDTLS_BYTE_0(hs_len); /* * DTLS has additional fields in the Handshake layer, @@ -2609,70 +2518,63 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) * uint24 fragment_length; */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Make room for the additional DTLS fields */ - if( MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen < 8 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS handshake message too large: " - "size %" MBEDTLS_PRINTF_SIZET ", maximum %" MBEDTLS_PRINTF_SIZET, - hs_len, - (size_t) ( MBEDTLS_SSL_OUT_CONTENT_LEN - 12 ) ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen < 8) { + MBEDTLS_SSL_DEBUG_MSG(1, ("DTLS handshake message too large: " + "size %" MBEDTLS_PRINTF_SIZET ", maximum %" + MBEDTLS_PRINTF_SIZET, + hs_len, + (size_t) (MBEDTLS_SSL_OUT_CONTENT_LEN - 12))); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - memmove( ssl->out_msg + 12, ssl->out_msg + 4, hs_len ); + memmove(ssl->out_msg + 12, ssl->out_msg + 4, hs_len); ssl->out_msglen += 8; /* Write message_seq and update it, except for HelloRequest */ - if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) - { - MBEDTLS_PUT_UINT16_BE( ssl->handshake->out_msg_seq, ssl->out_msg, 4 ); - ++( ssl->handshake->out_msg_seq ); - } - else - { + if (hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST) { + MBEDTLS_PUT_UINT16_BE(ssl->handshake->out_msg_seq, ssl->out_msg, 4); + ++(ssl->handshake->out_msg_seq); + } else { ssl->out_msg[4] = 0; ssl->out_msg[5] = 0; } /* Handshake hashes are computed without fragmentation, * so set frag_offset = 0 and frag_len = hs_len for now */ - memset( ssl->out_msg + 6, 0x00, 3 ); - memcpy( ssl->out_msg + 9, ssl->out_msg + 1, 3 ); + memset(ssl->out_msg + 6, 0x00, 3); + memcpy(ssl->out_msg + 9, ssl->out_msg + 1, 3); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* Update running hashes of handshake messages seen */ - if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) - ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen ); + if (hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST) { + ssl->handshake->update_checksum(ssl, ssl->out_msg, ssl->out_msglen); + } } /* Either send now, or just save to be sent (and resent) later */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ! ( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST ) ) - { - if( ( ret = ssl_flight_append( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_flight_append", ret ); - return( ret ); - } - } - else + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + !(ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST)) { + if ((ret = ssl_flight_append(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_flight_append", ret); + return ret; + } + } else #endif { - if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_record", ret); + return ret; } } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write handshake message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write handshake message")); - return( 0 ); + return 0; } /* @@ -2687,22 +2589,20 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) * - ssl->out_msglen: length of the record content (excl headers) * - ssl->out_msg: record content */ -int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) +int mbedtls_ssl_write_record(mbedtls_ssl_context *ssl, uint8_t force_flush) { int ret, done = 0; size_t len = ssl->out_msglen; uint8_t flush = force_flush; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write record")); #if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->transform_out != NULL && - ssl->session_out->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) - { - if( ( ret = ssl_compress_buf( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_compress_buf", ret ); - return( ret ); + if (ssl->transform_out != NULL && + ssl->session_out->compression == MBEDTLS_SSL_COMPRESS_DEFLATE) { + if ((ret = ssl_compress_buf(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_compress_buf", ret); + return ret; } len = ssl->out_msglen; @@ -2710,23 +2610,21 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) #endif /*MBEDTLS_ZLIB_SUPPORT */ #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_write != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_write()" ) ); + if (mbedtls_ssl_hw_record_write != NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_write()")); - ret = mbedtls_ssl_hw_record_write( ssl ); - if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_write", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + ret = mbedtls_ssl_hw_record_write(ssl); + if (ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_write", ret); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - if( ret == 0 ) + if (ret == 0) { done = 1; + } } #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ - if( !done ) - { + if (!done) { unsigned i; size_t protected_record_size; #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) @@ -2737,24 +2635,23 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) /* Skip writing the record content type to after the encryption, * as it may change when using the CID extension. */ - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, ssl->out_hdr + 1 ); + mbedtls_ssl_write_version(ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, ssl->out_hdr + 1); - memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); - MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0); + memcpy(ssl->out_ctr, ssl->cur_out_ctr, 8); + MBEDTLS_PUT_UINT16_BE(len, ssl->out_len, 0); - if( ssl->transform_out != NULL ) - { + if (ssl->transform_out != NULL) { mbedtls_record rec; rec.buf = ssl->out_iv; - rec.buf_len = out_buf_len - ( ssl->out_iv - ssl->out_buf ); + rec.buf_len = out_buf_len - (ssl->out_iv - ssl->out_buf); rec.data_len = ssl->out_msglen; rec.data_offset = ssl->out_msg - rec.buf; - memcpy( &rec.ctr[0], ssl->out_ctr, 8 ); - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, rec.ver ); + memcpy(&rec.ctr[0], ssl->out_ctr, 8); + mbedtls_ssl_write_version(ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, rec.ver); rec.type = ssl->out_msgtype; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) @@ -2762,43 +2659,40 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) rec.cid_len = 0; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - if( ( ret = mbedtls_ssl_encrypt_buf( ssl, ssl->transform_out, &rec, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_encrypt_buf", ret ); - return( ret ); + if ((ret = mbedtls_ssl_encrypt_buf(ssl, ssl->transform_out, &rec, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_encrypt_buf", ret); + return ret; } - if( rec.data_offset != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (rec.data_offset != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* Update the record content type and CID. */ ssl->out_msgtype = rec.type; -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID ) - memcpy( ssl->out_cid, rec.cid, rec.cid_len ); +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + memcpy(ssl->out_cid, rec.cid, rec.cid_len); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_msglen = len = rec.data_len; - MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->out_len, 0 ); + MBEDTLS_PUT_UINT16_BE(rec.data_len, ssl->out_len, 0); } - protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl ); + protected_record_size = len + mbedtls_ssl_out_hdr_len(ssl); #if defined(MBEDTLS_SSL_PROTO_DTLS) /* In case of DTLS, double-check that we don't exceed * the remaining space in the datagram. */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ret = ssl_get_remaining_space_in_datagram( ssl ); - if( ret < 0 ) - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + ret = ssl_get_remaining_space_in_datagram(ssl); + if (ret < 0) { + return ret; + } - if( protected_record_size > (size_t) ret ) - { + if (protected_record_size > (size_t) ret) { /* Should never happen */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -2806,133 +2700,131 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) /* Now write the potentially updated record content type. */ ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "output record: msgtype = %u, " - "version = [%u:%u], msglen = %" MBEDTLS_PRINTF_SIZET, - ssl->out_hdr[0], ssl->out_hdr[1], - ssl->out_hdr[2], len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("output record: msgtype = %u, " + "version = [%u:%u], msglen = %" MBEDTLS_PRINTF_SIZET, + ssl->out_hdr[0], ssl->out_hdr[1], + ssl->out_hdr[2], len)); - MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network", - ssl->out_hdr, protected_record_size ); + MBEDTLS_SSL_DEBUG_BUF(4, "output record sent to network", + ssl->out_hdr, protected_record_size); ssl->out_left += protected_record_size; ssl->out_hdr += protected_record_size; - mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out ); + mbedtls_ssl_update_out_pointers(ssl, ssl->transform_out); - for( i = 8; i > mbedtls_ssl_ep_len( ssl ); i-- ) - if( ++ssl->cur_out_ctr[i - 1] != 0 ) + for (i = 8; i > mbedtls_ssl_ep_len(ssl); i--) { + if (++ssl->cur_out_ctr[i - 1] != 0) { break; + } + } /* The loop goes to its end iff the counter is wrapping */ - if( i == mbedtls_ssl_ep_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) ); - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + if (i == mbedtls_ssl_ep_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("outgoing message counter would wrap")); + return MBEDTLS_ERR_SSL_COUNTER_WRAPPING; } } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - flush == SSL_DONT_FORCE_FLUSH ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + flush == SSL_DONT_FORCE_FLUSH) { size_t remaining; - ret = ssl_get_remaining_payload_in_datagram( ssl ); - if( ret < 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_remaining_payload_in_datagram", - ret ); - return( ret ); + ret = ssl_get_remaining_payload_in_datagram(ssl); + if (ret < 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_get_remaining_payload_in_datagram", + ret); + return ret; } remaining = (size_t) ret; - if( remaining == 0 ) - { + if (remaining == 0) { flush = SSL_FORCE_FLUSH; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Still %u bytes available in current datagram", (unsigned) remaining ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, + ("Still %u bytes available in current datagram", + (unsigned) remaining)); } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( ( flush == SSL_FORCE_FLUSH ) && - ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret ); - return( ret ); + if ((flush == SSL_FORCE_FLUSH) && + (ret = mbedtls_ssl_flush_output(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flush_output", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write record" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write record")); - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_DTLS) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl ) +static int ssl_hs_is_proper_fragment(mbedtls_ssl_context *ssl) { - if( ssl->in_msglen < ssl->in_hslen || - memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 || - memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 ) - { - return( 1 ); + if (ssl->in_msglen < ssl->in_hslen || + memcmp(ssl->in_msg + 6, "\0\0\0", 3) != 0 || + memcmp(ssl->in_msg + 9, ssl->in_msg + 1, 3) != 0) { + return 1; } - return( 0 ); + return 0; } -static uint32_t ssl_get_hs_frag_len( mbedtls_ssl_context const *ssl ) +static uint32_t ssl_get_hs_frag_len(mbedtls_ssl_context const *ssl) { - return( ( ssl->in_msg[9] << 16 ) | - ( ssl->in_msg[10] << 8 ) | - ssl->in_msg[11] ); + return (ssl->in_msg[9] << 16) | + (ssl->in_msg[10] << 8) | + ssl->in_msg[11]; } -static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context const *ssl ) +static uint32_t ssl_get_hs_frag_off(mbedtls_ssl_context const *ssl) { - return( ( ssl->in_msg[6] << 16 ) | - ( ssl->in_msg[7] << 8 ) | - ssl->in_msg[8] ); + return (ssl->in_msg[6] << 16) | + (ssl->in_msg[7] << 8) | + ssl->in_msg[8]; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_check_hs_header( mbedtls_ssl_context const *ssl ) +static int ssl_check_hs_header(mbedtls_ssl_context const *ssl) { uint32_t msg_len, frag_off, frag_len; - msg_len = ssl_get_hs_total_len( ssl ); - frag_off = ssl_get_hs_frag_off( ssl ); - frag_len = ssl_get_hs_frag_len( ssl ); + msg_len = ssl_get_hs_total_len(ssl); + frag_off = ssl_get_hs_frag_off(ssl); + frag_len = ssl_get_hs_frag_len(ssl); - if( frag_off > msg_len ) - return( -1 ); + if (frag_off > msg_len) { + return -1; + } - if( frag_len > msg_len - frag_off ) - return( -1 ); + if (frag_len > msg_len - frag_off) { + return -1; + } - if( frag_len + 12 > ssl->in_msglen ) - return( -1 ); + if (frag_len + 12 > ssl->in_msglen) { + return -1; + } - return( 0 ); + return 0; } /* * Mark bits in bitmask (used for DTLS HS reassembly) */ -static void ssl_bitmask_set( unsigned char *mask, size_t offset, size_t len ) +static void ssl_bitmask_set(unsigned char *mask, size_t offset, size_t len) { unsigned int start_bits, end_bits; - start_bits = 8 - ( offset % 8 ); - if( start_bits != 8 ) - { + start_bits = 8 - (offset % 8); + if (start_bits != 8) { size_t first_byte_idx = offset / 8; /* Special case */ - if( len <= start_bits ) - { - for( ; len != 0; len-- ) - mask[first_byte_idx] |= 1 << ( start_bits - len ); + if (len <= start_bits) { + for (; len != 0; len--) { + mask[first_byte_idx] |= 1 << (start_bits - len); + } /* Avoid potential issues with offset or len becoming invalid */ return; @@ -2941,134 +2833,134 @@ static void ssl_bitmask_set( unsigned char *mask, size_t offset, size_t len ) offset += start_bits; /* Now offset % 8 == 0 */ len -= start_bits; - for( ; start_bits != 0; start_bits-- ) - mask[first_byte_idx] |= 1 << ( start_bits - 1 ); + for (; start_bits != 0; start_bits--) { + mask[first_byte_idx] |= 1 << (start_bits - 1); + } } end_bits = len % 8; - if( end_bits != 0 ) - { - size_t last_byte_idx = ( offset + len ) / 8; + if (end_bits != 0) { + size_t last_byte_idx = (offset + len) / 8; len -= end_bits; /* Now len % 8 == 0 */ - for( ; end_bits != 0; end_bits-- ) - mask[last_byte_idx] |= 1 << ( 8 - end_bits ); + for (; end_bits != 0; end_bits--) { + mask[last_byte_idx] |= 1 << (8 - end_bits); + } } - memset( mask + offset / 8, 0xFF, len / 8 ); + memset(mask + offset / 8, 0xFF, len / 8); } /* * Check that bitmask is full */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_bitmask_check( unsigned char *mask, size_t len ) +static int ssl_bitmask_check(unsigned char *mask, size_t len) { size_t i; - for( i = 0; i < len / 8; i++ ) - if( mask[i] != 0xFF ) - return( -1 ); + for (i = 0; i < len / 8; i++) { + if (mask[i] != 0xFF) { + return -1; + } + } - for( i = 0; i < len % 8; i++ ) - if( ( mask[len / 8] & ( 1 << ( 7 - i ) ) ) == 0 ) - return( -1 ); + for (i = 0; i < len % 8; i++) { + if ((mask[len / 8] & (1 << (7 - i))) == 0) { + return -1; + } + } - return( 0 ); + return 0; } /* msg_len does not include the handshake header */ -static size_t ssl_get_reassembly_buffer_size( size_t msg_len, - unsigned add_bitmap ) +static size_t ssl_get_reassembly_buffer_size(size_t msg_len, + unsigned add_bitmap) { size_t alloc_len; alloc_len = 12; /* Handshake header */ alloc_len += msg_len; /* Content buffer */ - if( add_bitmap ) - alloc_len += msg_len / 8 + ( msg_len % 8 != 0 ); /* Bitmap */ + if (add_bitmap) { + alloc_len += msg_len / 8 + (msg_len % 8 != 0); /* Bitmap */ - return( alloc_len ); + } + return alloc_len; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ) +static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl) { - return( ( ssl->in_msg[1] << 16 ) | - ( ssl->in_msg[2] << 8 ) | - ssl->in_msg[3] ); + return (ssl->in_msg[1] << 16) | + (ssl->in_msg[2] << 8) | + ssl->in_msg[3]; } -int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl) { - if( ssl->in_msglen < mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too short: %" MBEDTLS_PRINTF_SIZET, - ssl->in_msglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ssl->in_msglen < mbedtls_ssl_hs_hdr_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("handshake message too short: %" MBEDTLS_PRINTF_SIZET, + ssl->in_msglen)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - ssl->in_hslen = mbedtls_ssl_hs_hdr_len( ssl ) + ssl_get_hs_total_len( ssl ); + ssl->in_hslen = mbedtls_ssl_hs_hdr_len(ssl) + ssl_get_hs_total_len(ssl); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "handshake message: msglen =" - " %" MBEDTLS_PRINTF_SIZET ", type = %u, hslen = %" MBEDTLS_PRINTF_SIZET, - ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("handshake message: msglen =" + " %" MBEDTLS_PRINTF_SIZET ", type = %u, hslen = %" + MBEDTLS_PRINTF_SIZET, + ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen)); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned int recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5]; - - if( ssl_check_hs_header( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid handshake header" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - - if( ssl->handshake != NULL && - ( ( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && - recv_msg_seq != ssl->handshake->in_msg_seq ) || - ( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && - ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) ) ) - { - if( recv_msg_seq > ssl->handshake->in_msg_seq ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received future handshake message of sequence number %u (next %u)", - recv_msg_seq, - ssl->handshake->in_msg_seq ) ); - return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + unsigned int recv_msg_seq = (ssl->in_msg[4] << 8) | ssl->in_msg[5]; + + if (ssl_check_hs_header(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid handshake header")); + return MBEDTLS_ERR_SSL_INVALID_RECORD; + } + + if (ssl->handshake != NULL && + ((ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && + recv_msg_seq != ssl->handshake->in_msg_seq) || + (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && + ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO))) { + if (recv_msg_seq > ssl->handshake->in_msg_seq) { + MBEDTLS_SSL_DEBUG_MSG(2, + ( + "received future handshake message of sequence number %u (next %u)", + recv_msg_seq, + ssl->handshake->in_msg_seq)); + return MBEDTLS_ERR_SSL_EARLY_MESSAGE; } /* Retransmit only on last message from previous flight, to avoid * too many retransmissions. * Besides, No sane server ever retransmits HelloVerifyRequest */ - if( recv_msg_seq == ssl->handshake->in_flight_start_seq - 1 && - ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received message from last flight, " - "message_seq = %u, start_of_flight = %u", - recv_msg_seq, - ssl->handshake->in_flight_start_seq ) ); - - if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret ); - return( ret ); + if (recv_msg_seq == ssl->handshake->in_flight_start_seq - 1 && + ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST) { + MBEDTLS_SSL_DEBUG_MSG(2, ("received message from last flight, " + "message_seq = %u, start_of_flight = %u", + recv_msg_seq, + ssl->handshake->in_flight_start_seq)); + + if ((ret = mbedtls_ssl_resend(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_resend", ret); + return ret; } - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "dropping out-of-sequence message: " - "message_seq = %u, expected = %u", - recv_msg_seq, - ssl->handshake->in_msg_seq ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("dropping out-of-sequence message: " + "message_seq = %u, expected = %u", + recv_msg_seq, + ssl->handshake->in_msg_seq)); } - return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); + return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; } /* Wait until message completion to increment in_msg_seq */ @@ -3076,38 +2968,33 @@ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) * messages; the commonality is that both handshake fragments and * future messages cannot be forwarded immediately to the * handshake logic layer. */ - if( ssl_hs_is_proper_fragment( ssl ) == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "found fragmented DTLS handshake message" ) ); - return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + if (ssl_hs_is_proper_fragment(ssl) == 1) { + MBEDTLS_SSL_DEBUG_MSG(2, ("found fragmented DTLS handshake message")); + return MBEDTLS_ERR_SSL_EARLY_MESSAGE; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* With TLS we don't handle fragmentation (for now) */ - if( ssl->in_msglen < ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS handshake fragmentation not supported" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl->in_msglen < ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("TLS handshake fragmentation not supported")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } - return( 0 ); + return 0; } -void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl) { mbedtls_ssl_handshake_params * const hs = ssl->handshake; - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && hs != NULL ) - { - ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen ); + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && hs != NULL) { + ssl->handshake->update_checksum(ssl, ssl->in_msg, ssl->in_hslen); } /* Handshake message is complete, increment counter */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake != NULL ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake != NULL) { unsigned offset; mbedtls_ssl_hs_buffer *hs_buf; @@ -3119,18 +3006,17 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ) */ /* Free first entry */ - ssl_buffering_free_slot( ssl, 0 ); + ssl_buffering_free_slot(ssl, 0); /* Shift all other entries */ - for( offset = 0, hs_buf = &hs->buffering.hs[0]; + for (offset = 0, hs_buf = &hs->buffering.hs[0]; offset + 1 < MBEDTLS_SSL_MAX_BUFFERED_HS; - offset++, hs_buf++ ) - { + offset++, hs_buf++) { *hs_buf = *(hs_buf + 1); } /* Create a fresh last entry */ - memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); + memset(hs_buf, 0, sizeof(mbedtls_ssl_hs_buffer)); } #endif } @@ -3146,24 +3032,24 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ) * not seen yet). */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -void mbedtls_ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_dtls_replay_reset(mbedtls_ssl_context *ssl) { ssl->in_window_top = 0; ssl->in_window = 0; } -static inline uint64_t ssl_load_six_bytes( unsigned char *buf ) +static inline uint64_t ssl_load_six_bytes(unsigned char *buf) { - return( ( (uint64_t) buf[0] << 40 ) | - ( (uint64_t) buf[1] << 32 ) | - ( (uint64_t) buf[2] << 24 ) | - ( (uint64_t) buf[3] << 16 ) | - ( (uint64_t) buf[4] << 8 ) | - ( (uint64_t) buf[5] ) ); + return ((uint64_t) buf[0] << 40) | + ((uint64_t) buf[1] << 32) | + ((uint64_t) buf[2] << 24) | + ((uint64_t) buf[3] << 16) | + ((uint64_t) buf[4] << 8) | + ((uint64_t) buf[5]); } MBEDTLS_CHECK_RETURN_CRITICAL -static int mbedtls_ssl_dtls_record_replay_check( mbedtls_ssl_context *ssl, uint8_t *record_in_ctr ) +static int mbedtls_ssl_dtls_record_replay_check(mbedtls_ssl_context *ssl, uint8_t *record_in_ctr) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *original_in_ctr; @@ -3174,7 +3060,7 @@ static int mbedtls_ssl_dtls_record_replay_check( mbedtls_ssl_context *ssl, uint8 // use counter from record ssl->in_ctr = record_in_ctr; - ret = mbedtls_ssl_dtls_replay_check( (mbedtls_ssl_context const *) ssl ); + ret = mbedtls_ssl_dtls_replay_check((mbedtls_ssl_context const *) ssl); // restore the counter ssl->in_ctr = original_in_ctr; @@ -3185,60 +3071,62 @@ static int mbedtls_ssl_dtls_record_replay_check( mbedtls_ssl_context *ssl, uint8 /* * Return 0 if sequence number is acceptable, -1 otherwise */ -int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context const *ssl ) +int mbedtls_ssl_dtls_replay_check(mbedtls_ssl_context const *ssl) { - uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 ); + uint64_t rec_seqnum = ssl_load_six_bytes(ssl->in_ctr + 2); uint64_t bit; - if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED ) - return( 0 ); + if (ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED) { + return 0; + } - if( rec_seqnum > ssl->in_window_top ) - return( 0 ); + if (rec_seqnum > ssl->in_window_top) { + return 0; + } bit = ssl->in_window_top - rec_seqnum; - if( bit >= 64 ) - return( -1 ); + if (bit >= 64) { + return -1; + } - if( ( ssl->in_window & ( (uint64_t) 1 << bit ) ) != 0 ) - return( -1 ); + if ((ssl->in_window & ((uint64_t) 1 << bit)) != 0) { + return -1; + } - return( 0 ); + return 0; } /* * Update replay window on new validated record */ -void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_dtls_replay_update(mbedtls_ssl_context *ssl) { - uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 ); + uint64_t rec_seqnum = ssl_load_six_bytes(ssl->in_ctr + 2); - if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED ) + if (ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED) { return; + } - if( rec_seqnum > ssl->in_window_top ) - { + if (rec_seqnum > ssl->in_window_top) { /* Update window_top and the contents of the window */ uint64_t shift = rec_seqnum - ssl->in_window_top; - if( shift >= 64 ) + if (shift >= 64) { ssl->in_window = 1; - else - { + } else { ssl->in_window <<= shift; ssl->in_window |= 1; } ssl->in_window_top = rec_seqnum; - } - else - { + } else { /* Mark that number as seen in the current window */ uint64_t bit = ssl->in_window_top - rec_seqnum; - if( bit < 64 ) /* Always true, but be extra sure */ + if (bit < 64) { /* Always true, but be extra sure */ ssl->in_window |= (uint64_t) 1 << bit; + } } } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -3258,10 +3146,10 @@ void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ) MBEDTLS_CHECK_RETURN_CRITICAL MBEDTLS_STATIC_TESTABLE int mbedtls_ssl_check_dtls_clihlo_cookie( - mbedtls_ssl_context *ssl, - const unsigned char *cli_id, size_t cli_id_len, - const unsigned char *in, size_t in_len, - unsigned char *obuf, size_t buf_len, size_t *olen ) + mbedtls_ssl_context *ssl, + const unsigned char *cli_id, size_t cli_id_len, + const unsigned char *in, size_t in_len, + unsigned char *obuf, size_t buf_len, size_t *olen) { size_t sid_len, cookie_len; unsigned char *p; @@ -3292,54 +3180,49 @@ int mbedtls_ssl_check_dtls_clihlo_cookie( * * Minimum length is 61 bytes. */ - MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: in_len=%u", - (unsigned) in_len ) ); - MBEDTLS_SSL_DEBUG_BUF( 4, "cli_id", cli_id, cli_id_len ); - if( in_len < 61 ) - { - MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: record too short" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - if( in[0] != MBEDTLS_SSL_MSG_HANDSHAKE || + MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: in_len=%u", + (unsigned) in_len)); + MBEDTLS_SSL_DEBUG_BUF(4, "cli_id", cli_id, cli_id_len); + if (in_len < 61) { + MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: record too short")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + } + if (in[0] != MBEDTLS_SSL_MSG_HANDSHAKE || in[3] != 0 || in[4] != 0 || - in[19] != 0 || in[20] != 0 || in[21] != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: not a good ClientHello" ) ); - MBEDTLS_SSL_DEBUG_MSG( 4, ( " type=%u epoch=%u fragment_offset=%u", - in[0], - (unsigned) in[3] << 8 | in[4], - (unsigned) in[19] << 16 | in[20] << 8 | in[21] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + in[19] != 0 || in[20] != 0 || in[21] != 0) { + MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: not a good ClientHello")); + MBEDTLS_SSL_DEBUG_MSG(4, (" type=%u epoch=%u fragment_offset=%u", + in[0], + (unsigned) in[3] << 8 | in[4], + (unsigned) in[19] << 16 | in[20] << 8 | in[21])); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } sid_len = in[59]; - if( 59 + 1 + sid_len + 1 > in_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: sid_len=%u > %u", - (unsigned) sid_len, - (unsigned) in_len - 61 ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (59 + 1 + sid_len + 1 > in_len) { + MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: sid_len=%u > %u", + (unsigned) sid_len, + (unsigned) in_len - 61)); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 4, "sid received from network", - in + 60, sid_len ); + MBEDTLS_SSL_DEBUG_BUF(4, "sid received from network", + in + 60, sid_len); cookie_len = in[60 + sid_len]; - if( 59 + 1 + sid_len + 1 + cookie_len > in_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: cookie_len=%u > %u", - (unsigned) cookie_len, - (unsigned) ( in_len - sid_len - 61 ) ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (59 + 1 + sid_len + 1 + cookie_len > in_len) { + MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: cookie_len=%u > %u", + (unsigned) cookie_len, + (unsigned) (in_len - sid_len - 61))); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 4, "cookie received from network", - in + sid_len + 61, cookie_len ); - if( ssl->conf->f_cookie_check( ssl->conf->p_cookie, - in + sid_len + 61, cookie_len, - cli_id, cli_id_len ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 4, ( "check cookie: valid" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_BUF(4, "cookie received from network", + in + sid_len + 61, cookie_len); + if (ssl->conf->f_cookie_check(ssl->conf->p_cookie, + in + sid_len + 61, cookie_len, + cli_id, cli_id_len) == 0) { + MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: valid")); + return 0; } /* @@ -3362,36 +3245,36 @@ int mbedtls_ssl_check_dtls_clihlo_cookie( * * Minimum length is 28. */ - if( buf_len < 28 ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (buf_len < 28) { + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + } /* Copy most fields and adapt others */ - memcpy( obuf, in, 25 ); + memcpy(obuf, in, 25); obuf[13] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST; obuf[25] = 0xfe; obuf[26] = 0xff; /* Generate and write actual cookie */ p = obuf + 28; - if( ssl->conf->f_cookie_write( ssl->conf->p_cookie, - &p, obuf + buf_len, - cli_id, cli_id_len ) != 0 ) - { - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (ssl->conf->f_cookie_write(ssl->conf->p_cookie, + &p, obuf + buf_len, + cli_id, cli_id_len) != 0) { + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } *olen = p - obuf; /* Go back and fill length fields */ - obuf[27] = (unsigned char)( *olen - 28 ); + obuf[27] = (unsigned char) (*olen - 28); - obuf[14] = obuf[22] = MBEDTLS_BYTE_2( *olen - 25 ); - obuf[15] = obuf[23] = MBEDTLS_BYTE_1( *olen - 25 ); - obuf[16] = obuf[24] = MBEDTLS_BYTE_0( *olen - 25 ); + obuf[14] = obuf[22] = MBEDTLS_BYTE_2(*olen - 25); + obuf[15] = obuf[23] = MBEDTLS_BYTE_1(*olen - 25); + obuf[16] = obuf[24] = MBEDTLS_BYTE_0(*olen - 25); - MBEDTLS_PUT_UINT16_BE( *olen - 13, obuf, 11 ); + MBEDTLS_PUT_UINT16_BE(*olen - 13, obuf, 11); - return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); + return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED; } /* @@ -3415,73 +3298,68 @@ int mbedtls_ssl_check_dtls_clihlo_cookie( * errors, and is the right thing to do in both cases). */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl ) +static int ssl_handle_possible_reconnect(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ssl->conf->f_cookie_write == NULL || - ssl->conf->f_cookie_check == NULL ) - { + if (ssl->conf->f_cookie_write == NULL || + ssl->conf->f_cookie_check == NULL) { /* If we can't use cookies to verify reachability of the peer, * drop the record. */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no cookie callbacks, " - "can't check reconnect validity" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(1, ("no cookie callbacks, " + "can't check reconnect validity")); + return 0; } ret = mbedtls_ssl_check_dtls_clihlo_cookie( - ssl, - ssl->cli_id, ssl->cli_id_len, - ssl->in_buf, ssl->in_left, - ssl->out_buf, MBEDTLS_SSL_OUT_CONTENT_LEN, &len ); + ssl, + ssl->cli_id, ssl->cli_id_len, + ssl->in_buf, ssl->in_left, + ssl->out_buf, MBEDTLS_SSL_OUT_CONTENT_LEN, &len); - MBEDTLS_SSL_DEBUG_RET( 2, "mbedtls_ssl_check_dtls_clihlo_cookie", ret ); + MBEDTLS_SSL_DEBUG_RET(2, "mbedtls_ssl_check_dtls_clihlo_cookie", ret); - if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) - { + if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) { int send_ret; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "sending HelloVerifyRequest" ) ); - MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network", - ssl->out_buf, len ); + MBEDTLS_SSL_DEBUG_MSG(1, ("sending HelloVerifyRequest")); + MBEDTLS_SSL_DEBUG_BUF(4, "output record sent to network", + ssl->out_buf, len); /* Don't check write errors as we can't do anything here. * If the error is permanent we'll catch it later, * if it's not, then hopefully it'll work next time. */ - send_ret = ssl->f_send( ssl->p_bio, ssl->out_buf, len ); - MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", send_ret ); + send_ret = ssl->f_send(ssl->p_bio, ssl->out_buf, len); + MBEDTLS_SSL_DEBUG_RET(2, "ssl->f_send", send_ret); (void) send_ret; - return( 0 ); + return 0; } - if( ret == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "cookie is valid, resetting context" ) ); - if( ( ret = mbedtls_ssl_session_reset_int( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "reset", ret ); - return( ret ); + if (ret == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("cookie is valid, resetting context")); + if ((ret = mbedtls_ssl_session_reset_int(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "reset", ret); + return ret; } - return( MBEDTLS_ERR_SSL_CLIENT_RECONNECT ); + return MBEDTLS_ERR_SSL_CLIENT_RECONNECT; } - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_check_record_type( uint8_t record_type ) +static int ssl_check_record_type(uint8_t record_type) { - if( record_type != MBEDTLS_SSL_MSG_HANDSHAKE && + if (record_type != MBEDTLS_SSL_MSG_HANDSHAKE && record_type != MBEDTLS_SSL_MSG_ALERT && record_type != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && - record_type != MBEDTLS_SSL_MSG_APPLICATION_DATA ) - { - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + record_type != MBEDTLS_SSL_MSG_APPLICATION_DATA) { + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - return( 0 ); + return 0; } /* @@ -3504,10 +3382,10 @@ static int ssl_check_record_type( uint8_t record_type ) * the first record from a datagram but are still waiting for the others. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, - unsigned char *buf, - size_t len, - mbedtls_record *rec ) +static int ssl_parse_record_header(mbedtls_ssl_context const *ssl, + unsigned char *buf, + size_t len, + mbedtls_record *rec) { int major_ver, minor_ver; @@ -3539,38 +3417,36 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { rec_hdr_len_offset = rec_hdr_ctr_offset + rec_hdr_ctr_len; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { rec_hdr_len_offset = rec_hdr_version_offset + rec_hdr_version_len; } - if( len < rec_hdr_len_offset + rec_hdr_len_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "datagram of length %u too small to hold DTLS record header of length %u", - (unsigned) len, - (unsigned)( rec_hdr_len_len + rec_hdr_len_len ) ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (len < rec_hdr_len_offset + rec_hdr_len_len) { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "datagram of length %u too small to hold DTLS record header of length %u", + (unsigned) len, + (unsigned) (rec_hdr_len_len + rec_hdr_len_len))); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } /* * Parse and validate record content type */ - rec->type = buf[ rec_hdr_type_offset ]; + rec->type = buf[rec_hdr_type_offset]; /* Check record content type */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) rec->cid_len = 0; - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->conf->cid_len != 0 && - rec->type == MBEDTLS_SSL_MSG_CID ) - { + rec->type == MBEDTLS_SSL_MSG_CID) { /* Shift pointers to account for record header including CID * struct { * ContentType special_type = tls12_cid; @@ -3589,70 +3465,65 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, rec_hdr_cid_len = ssl->conf->cid_len; rec_hdr_len_offset += rec_hdr_cid_len; - if( len < rec_hdr_len_offset + rec_hdr_len_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "datagram of length %u too small to hold DTLS record header including CID, length %u", - (unsigned) len, - (unsigned)( rec_hdr_len_offset + rec_hdr_len_len ) ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (len < rec_hdr_len_offset + rec_hdr_len_len) { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "datagram of length %u too small to hold DTLS record header including CID, length %u", + (unsigned) len, + (unsigned) (rec_hdr_len_offset + rec_hdr_len_len))); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } /* configured CID len is guaranteed at most 255, see * MBEDTLS_SSL_CID_OUT_LEN_MAX in check_config.h */ rec->cid_len = (uint8_t) rec_hdr_cid_len; - memcpy( rec->cid, buf + rec_hdr_cid_offset, rec_hdr_cid_len ); - } - else + memcpy(rec->cid, buf + rec_hdr_cid_offset, rec_hdr_cid_len); + } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - if( ssl_check_record_type( rec->type ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type %u", - (unsigned) rec->type ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ssl_check_record_type(rec->type)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("unknown record type %u", + (unsigned) rec->type)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } } /* * Parse and validate record version */ - rec->ver[0] = buf[ rec_hdr_version_offset + 0 ]; - rec->ver[1] = buf[ rec_hdr_version_offset + 1 ]; - mbedtls_ssl_read_version( &major_ver, &minor_ver, - ssl->conf->transport, - &rec->ver[0] ); + rec->ver[0] = buf[rec_hdr_version_offset + 0]; + rec->ver[1] = buf[rec_hdr_version_offset + 1]; + mbedtls_ssl_read_version(&major_ver, &minor_ver, + ssl->conf->transport, + &rec->ver[0]); - if( major_ver != ssl->major_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "major version mismatch: got %u, expected %u", - (unsigned) major_ver, - (unsigned) ssl->major_ver ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (major_ver != ssl->major_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("major version mismatch: got %u, expected %u", + (unsigned) major_ver, + (unsigned) ssl->major_ver)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - if( minor_ver > ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "minor version mismatch: got %u, expected max %u", - (unsigned) minor_ver, - (unsigned) ssl->conf->max_minor_ver ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (minor_ver > ssl->conf->max_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("minor version mismatch: got %u, expected max %u", + (unsigned) minor_ver, + (unsigned) ssl->conf->max_minor_ver)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } /* * Parse/Copy record sequence number. */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Copy explicit record sequence number from input buffer. */ - memcpy( &rec->ctr[0], buf + rec_hdr_ctr_offset, - rec_hdr_ctr_len ); - } - else + memcpy(&rec->ctr[0], buf + rec_hdr_ctr_offset, + rec_hdr_ctr_len); + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { /* Copy implicit record sequence number from SSL context structure. */ - memcpy( &rec->ctr[0], ssl->in_ctr, rec_hdr_ctr_len ); + memcpy(&rec->ctr[0], ssl->in_ctr, rec_hdr_ctr_len); } /* @@ -3660,20 +3531,21 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, */ rec->data_offset = rec_hdr_len_offset + rec_hdr_len_len; - rec->data_len = ( (size_t) buf[ rec_hdr_len_offset + 0 ] << 8 ) | - ( (size_t) buf[ rec_hdr_len_offset + 1 ] << 0 ); - MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", buf, rec->data_offset ); + rec->data_len = ((size_t) buf[rec_hdr_len_offset + 0] << 8) | + ((size_t) buf[rec_hdr_len_offset + 1] << 0); + MBEDTLS_SSL_DEBUG_BUF(4, "input record header", buf, rec->data_offset); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %u, " - "version = [%d:%d], msglen = %" MBEDTLS_PRINTF_SIZET, - rec->type, - major_ver, minor_ver, rec->data_len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("input record: msgtype = %u, " + "version = [%d:%d], msglen = %" MBEDTLS_PRINTF_SIZET, + rec->type, + major_ver, minor_ver, rec->data_len)); rec->buf = buf; rec->buf_len = rec->data_offset + rec->data_len; - if( rec->data_len == 0 ) - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (rec->data_len == 0) { + return MBEDTLS_ERR_SSL_INVALID_RECORD; + } /* * DTLS-related tests. @@ -3688,61 +3560,58 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, * record leads to the entire datagram being dropped. */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - rec_epoch = ( rec->ctr[0] << 8 ) | rec->ctr[1]; + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + rec_epoch = (rec->ctr[0] << 8) | rec->ctr[1]; /* Check that the datagram is large enough to contain a record * of the advertised length. */ - if( len < rec->data_offset + rec->data_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Datagram of length %u too small to contain record of advertised length %u.", - (unsigned) len, - (unsigned)( rec->data_offset + rec->data_len ) ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (len < rec->data_offset + rec->data_len) { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "Datagram of length %u too small to contain record of advertised length %u.", + (unsigned) len, + (unsigned) (rec->data_offset + rec->data_len))); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } /* Records from other, non-matching epochs are silently discarded. * (The case of same-port Client reconnects must be considered in * the caller). */ - if( rec_epoch != ssl->in_epoch ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "record from another epoch: " - "expected %u, received %lu", - ssl->in_epoch, (unsigned long) rec_epoch ) ); + if (rec_epoch != ssl->in_epoch) { + MBEDTLS_SSL_DEBUG_MSG(1, ("record from another epoch: " + "expected %u, received %lu", + ssl->in_epoch, (unsigned long) rec_epoch)); /* Records from the next epoch are considered for buffering * (concretely: early Finished messages). */ - if( rec_epoch == (unsigned) ssl->in_epoch + 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Consider record for buffering" ) ); - return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + if (rec_epoch == (unsigned) ssl->in_epoch + 1) { + MBEDTLS_SSL_DEBUG_MSG(2, ("Consider record for buffering")); + return MBEDTLS_ERR_SSL_EARLY_MESSAGE; } - return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) /* For records from the correct epoch, check whether their * sequence number has been seen before. */ - else if( mbedtls_ssl_dtls_record_replay_check( (mbedtls_ssl_context *) ssl, - &rec->ctr[0] ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + else if (mbedtls_ssl_dtls_record_replay_check((mbedtls_ssl_context *) ssl, + &rec->ctr[0]) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("replayed record")); + return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; } #endif } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl ) +static int ssl_check_client_reconnect(mbedtls_ssl_context *ssl) { - unsigned int rec_epoch = ( ssl->in_ctr[0] << 8 ) | ssl->in_ctr[1]; + unsigned int rec_epoch = (ssl->in_ctr[0] << 8) | ssl->in_ctr[1]; /* * Check for an epoch 0 ClientHello. We can't use in_msg here to @@ -3750,19 +3619,18 @@ static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl ) * have an active transform (possibly iv_len != 0), so use the * fact that the record header len is 13 instead. */ - if( rec_epoch == 0 && + if (rec_epoch == 0 && ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && ssl->in_left > 13 && - ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "possible client reconnect " - "from the same port" ) ); - return( ssl_handle_possible_reconnect( ssl ) ); + ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO) { + MBEDTLS_SSL_DEBUG_MSG(1, ("possible client reconnect " + "from the same port")); + return ssl_handle_possible_reconnect(ssl); } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ @@ -3770,60 +3638,55 @@ static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl ) * If applicable, decrypt record content */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_prepare_record_content( mbedtls_ssl_context *ssl, - mbedtls_record *rec ) +static int ssl_prepare_record_content(mbedtls_ssl_context *ssl, + mbedtls_record *rec) { int ret, done = 0; - MBEDTLS_SSL_DEBUG_BUF( 4, "input record from network", - rec->buf, rec->buf_len ); + MBEDTLS_SSL_DEBUG_BUF(4, "input record from network", + rec->buf, rec->buf_len); #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_read != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_read()" ) ); + if (mbedtls_ssl_hw_record_read != NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_read()")); - ret = mbedtls_ssl_hw_record_read( ssl ); - if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_read", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + ret = mbedtls_ssl_hw_record_read(ssl); + if (ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_read", ret); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - if( ret == 0 ) + if (ret == 0) { done = 1; + } } #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ - if( !done && ssl->transform_in != NULL ) - { + if (!done && ssl->transform_in != NULL) { unsigned char const old_msg_type = rec->type; - if( ( ret = mbedtls_ssl_decrypt_buf( ssl, ssl->transform_in, - rec ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret ); + if ((ret = mbedtls_ssl_decrypt_buf(ssl, ssl->transform_in, + rec)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_decrypt_buf", ret); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID && + if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID && ssl->conf->ignore_unexpected_cid - == MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ignoring unexpected CID" ) ); + == MBEDTLS_SSL_UNEXPECTED_CID_IGNORE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ignoring unexpected CID")); ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - return( ret ); + return ret; } - if( old_msg_type != rec->type ) - { - MBEDTLS_SSL_DEBUG_MSG( 4, ( "record type after decrypt (before %d): %d", - old_msg_type, rec->type ) ); + if (old_msg_type != rec->type) { + MBEDTLS_SSL_DEBUG_MSG(4, ("record type after decrypt (before %d): %d", + old_msg_type, rec->type)); } - MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt", - rec->buf + rec->data_offset, rec->data_len ); + MBEDTLS_SSL_DEBUG_BUF(4, "input payload after decrypt", + rec->buf + rec->data_offset, rec->data_len); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) /* We have already checked the record content type @@ -3833,22 +3696,19 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl, * Since with the use of CIDs, the record content type * might change during decryption, re-check the record * content type, but treat a failure as fatal this time. */ - if( ssl_check_record_type( rec->type ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ssl_check_record_type(rec->type)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("unknown record type")); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - if( rec->data_len == 0 ) - { + if (rec->data_len == 0) { #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 - && rec->type != MBEDTLS_SSL_MSG_APPLICATION_DATA ) - { + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 + && rec->type != MBEDTLS_SSL_MSG_APPLICATION_DATA) { /* TLS v1.2 explicitly disallows zero-length messages which are not application data */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid zero-length message type: %d", ssl->in_msgtype ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid zero-length message type: %d", ssl->in_msgtype)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -3858,58 +3718,54 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl, * Three or more empty messages may be a DoS attack * (excessive CPU consumption). */ - if( ssl->nb_zero > 3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received four consecutive empty " - "messages, possible DoS attack" ) ); + if (ssl->nb_zero > 3) { + MBEDTLS_SSL_DEBUG_MSG(1, ("received four consecutive empty " + "messages, possible DoS attack")); /* Treat the records as if they were not properly authenticated, * thereby failing the connection if we see more than allowed * by the configured bad MAC threshold. */ - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + return MBEDTLS_ERR_SSL_INVALID_MAC; } - } - else + } else { ssl->nb_zero = 0; + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { ; /* in_ctr read from peer, not maintained internally */ - } - else + } else #endif { unsigned i; - for( i = 8; i > mbedtls_ssl_ep_len( ssl ); i-- ) - if( ++ssl->in_ctr[i - 1] != 0 ) + for (i = 8; i > mbedtls_ssl_ep_len(ssl); i--) { + if (++ssl->in_ctr[i - 1] != 0) { break; + } + } /* The loop goes to its end iff the counter is wrapping */ - if( i == mbedtls_ssl_ep_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "incoming message counter would wrap" ) ); - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + if (i == mbedtls_ssl_ep_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("incoming message counter would wrap")); + return MBEDTLS_ERR_SSL_COUNTER_WRAPPING; } } } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - mbedtls_ssl_dtls_replay_update( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_dtls_replay_update(ssl); } #endif /* Check actual (decrypted) record content length against * configured maximum. */ - if( rec->data_len > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (rec->data_len > MBEDTLS_SSL_IN_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad message length")); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - return( 0 ); + return 0; } /* @@ -3922,131 +3778,125 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl, /* Helper functions for mbedtls_ssl_read_record(). */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_consume_current_message( mbedtls_ssl_context *ssl ); +static int ssl_consume_current_message(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_get_next_record( mbedtls_ssl_context *ssl ); +static int ssl_get_next_record(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ); +static int ssl_record_is_in_progress(mbedtls_ssl_context *ssl); -int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, - unsigned update_hs_digest ) +int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl, + unsigned update_hs_digest) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read record" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> read record")); - if( ssl->keep_current_message == 0 ) - { + if (ssl->keep_current_message == 0) { do { - ret = ssl_consume_current_message( ssl ); - if( ret != 0 ) - return( ret ); + ret = ssl_consume_current_message(ssl); + if (ret != 0) { + return ret; + } - if( ssl_record_is_in_progress( ssl ) == 0 ) - { + if (ssl_record_is_in_progress(ssl) == 0) { int dtls_have_buffered = 0; #if defined(MBEDTLS_SSL_PROTO_DTLS) /* We only check for buffered messages if the * current datagram is fully consumed. */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl_next_record_is_in_datagram( ssl ) == 0 ) - { - if( ssl_load_buffered_message( ssl ) == 0 ) + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl_next_record_is_in_datagram(ssl) == 0) { + if (ssl_load_buffered_message(ssl) == 0) { dtls_have_buffered = 1; + } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( dtls_have_buffered == 0 ) - { - ret = ssl_get_next_record( ssl ); - if( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ) + if (dtls_have_buffered == 0) { + ret = ssl_get_next_record(ssl); + if (ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING) { continue; + } - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_get_next_record" ), ret ); - return( ret ); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_get_next_record"), ret); + return ret; } } } - ret = mbedtls_ssl_handle_message_type( ssl ); + ret = mbedtls_ssl_handle_message_type(ssl); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) - { + if (ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE) { /* Buffer future message */ - ret = ssl_buffer_message( ssl ); - if( ret != 0 ) - return( ret ); + ret = ssl_buffer_message(ssl); + if (ret != 0) { + return ret; + } ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - } while( MBEDTLS_ERR_SSL_NON_FATAL == ret || - MBEDTLS_ERR_SSL_CONTINUE_PROCESSING == ret ); + } while (MBEDTLS_ERR_SSL_NON_FATAL == ret || + MBEDTLS_ERR_SSL_CONTINUE_PROCESSING == ret); - if( 0 != ret ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_handle_message_type" ), ret ); - return( ret ); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_handle_message_type"), ret); + return ret; } - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - update_hs_digest == 1 ) - { - mbedtls_ssl_update_handshake_status( ssl ); + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + update_hs_digest == 1) { + mbedtls_ssl_update_handshake_status(ssl); } - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "reuse previously read message" ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("reuse previously read message")); ssl->keep_current_message = 0; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read record" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= read record")); - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_DTLS) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ) +static int ssl_next_record_is_in_datagram(mbedtls_ssl_context *ssl) { - if( ssl->in_left > ssl->next_record_offset ) - return( 1 ); + if (ssl->in_left > ssl->next_record_offset) { + return 1; + } - return( 0 ); + return 0; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) +static int ssl_load_buffered_message(mbedtls_ssl_context *ssl) { mbedtls_ssl_handshake_params * const hs = ssl->handshake; - mbedtls_ssl_hs_buffer * hs_buf; + mbedtls_ssl_hs_buffer *hs_buf; int ret = 0; - if( hs == NULL ) - return( -1 ); + if (hs == NULL) { + return -1; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_load_buffered_message")); - if( ssl->state == MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC || - ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) - { + if (ssl->state == MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC || + ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC) { /* Check if we have seen a ChangeCipherSpec before. * If yes, synthesize a CCS record. */ - if( !hs->buffering.seen_ccs ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "CCS not seen in the current flight" ) ); + if (!hs->buffering.seen_ccs) { + MBEDTLS_SSL_DEBUG_MSG(2, ("CCS not seen in the current flight")); ret = -1; goto exit; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Injecting buffered CCS message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Injecting buffered CCS message")); ssl->in_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; ssl->in_msglen = 1; ssl->in_msg[0] = 1; @@ -4063,14 +3913,12 @@ static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) /* Debug only */ { unsigned offset; - for( offset = 1; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ ) - { + for (offset = 1; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++) { hs_buf = &hs->buffering.hs[offset]; - if( hs_buf->is_valid == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Future message with sequence number %u %s buffered.", - hs->in_msg_seq + offset, - hs_buf->is_complete ? "fully" : "partially" ) ); + if (hs_buf->is_valid == 1) { + MBEDTLS_SSL_DEBUG_MSG(2, ("Future message with sequence number %u %s buffered.", + hs->in_msg_seq + offset, + hs_buf->is_complete ? "fully" : "partially")); } } } @@ -4079,105 +3927,100 @@ static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) /* Check if we have buffered and/or fully reassembled the * next handshake message. */ hs_buf = &hs->buffering.hs[0]; - if( ( hs_buf->is_valid == 1 ) && ( hs_buf->is_complete == 1 ) ) - { + if ((hs_buf->is_valid == 1) && (hs_buf->is_complete == 1)) { /* Synthesize a record containing the buffered HS message. */ - size_t msg_len = ( hs_buf->data[1] << 16 ) | - ( hs_buf->data[2] << 8 ) | - hs_buf->data[3]; + size_t msg_len = (hs_buf->data[1] << 16) | + (hs_buf->data[2] << 8) | + hs_buf->data[3]; /* Double-check that we haven't accidentally buffered * a message that doesn't fit into the input buffer. */ - if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message has been buffered - load" ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered handshake message (incl. header)", - hs_buf->data, msg_len + 12 ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Next handshake message has been buffered - load")); + MBEDTLS_SSL_DEBUG_BUF(3, "Buffered handshake message (incl. header)", + hs_buf->data, msg_len + 12); ssl->in_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->in_hslen = msg_len + 12; ssl->in_msglen = msg_len + 12; - memcpy( ssl->in_msg, hs_buf->data, ssl->in_hslen ); + memcpy(ssl->in_msg, hs_buf->data, ssl->in_hslen); ret = 0; goto exit; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message %u not or only partially bufffered", - hs->in_msg_seq ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("Next handshake message %u not or only partially bufffered", + hs->in_msg_seq)); } ret = -1; exit: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_message" ) ); - return( ret ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_load_buffered_message")); + return ret; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_buffer_make_space( mbedtls_ssl_context *ssl, - size_t desired ) +static int ssl_buffer_make_space(mbedtls_ssl_context *ssl, + size_t desired) { int offset; mbedtls_ssl_handshake_params * const hs = ssl->handshake; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Attempt to free buffered messages to have %u bytes available", - (unsigned) desired ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Attempt to free buffered messages to have %u bytes available", + (unsigned) desired)); /* Get rid of future records epoch first, if such exist. */ - ssl_free_buffered_record( ssl ); + ssl_free_buffered_record(ssl); /* Check if we have enough space available now. */ - if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - - hs->buffering.total_bytes_buffered ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing future epoch record" ) ); - return( 0 ); + if (desired <= (MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("Enough space available after freeing future epoch record")); + return 0; } /* We don't have enough space to buffer the next expected handshake * message. Remove buffers used for future messages to gain space, * starting with the most distant one. */ - for( offset = MBEDTLS_SSL_MAX_BUFFERED_HS - 1; - offset >= 0; offset-- ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Free buffering slot %d to make space for reassembly of next handshake message", - offset ) ); + for (offset = MBEDTLS_SSL_MAX_BUFFERED_HS - 1; + offset >= 0; offset--) { + MBEDTLS_SSL_DEBUG_MSG(2, + ( + "Free buffering slot %d to make space for reassembly of next handshake message", + offset)); - ssl_buffering_free_slot( ssl, (uint8_t) offset ); + ssl_buffering_free_slot(ssl, (uint8_t) offset); /* Check if we have enough space available now. */ - if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - - hs->buffering.total_bytes_buffered ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing buffered HS messages" ) ); - return( 0 ); + if (desired <= (MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("Enough space available after freeing buffered HS messages")); + return 0; } } - return( -1 ); + return -1; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_buffer_message( mbedtls_ssl_context *ssl ) +static int ssl_buffer_message(mbedtls_ssl_context *ssl) { int ret = 0; mbedtls_ssl_handshake_params * const hs = ssl->handshake; - if( hs == NULL ) - return( 0 ); + if (hs == NULL) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_buffer_message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_buffer_message")); - switch( ssl->in_msgtype ) - { + switch (ssl->in_msgtype) { case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Remember CCS message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Remember CCS message")); hs->buffering.seen_ccs = 1; break; @@ -4185,113 +4028,115 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl ) case MBEDTLS_SSL_MSG_HANDSHAKE: { unsigned recv_msg_seq_offset; - unsigned recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5]; + unsigned recv_msg_seq = (ssl->in_msg[4] << 8) | ssl->in_msg[5]; mbedtls_ssl_hs_buffer *hs_buf; size_t msg_len = ssl->in_hslen - 12; /* We should never receive an old handshake * message - double-check nonetheless. */ - if( recv_msg_seq < ssl->handshake->in_msg_seq ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (recv_msg_seq < ssl->handshake->in_msg_seq) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } recv_msg_seq_offset = recv_msg_seq - ssl->handshake->in_msg_seq; - if( recv_msg_seq_offset >= MBEDTLS_SSL_MAX_BUFFERED_HS ) - { + if (recv_msg_seq_offset >= MBEDTLS_SSL_MAX_BUFFERED_HS) { /* Silently ignore -- message too far in the future */ - MBEDTLS_SSL_DEBUG_MSG( 2, - ( "Ignore future HS message with sequence number %u, " - "buffering window %u - %u", - recv_msg_seq, ssl->handshake->in_msg_seq, - ssl->handshake->in_msg_seq + MBEDTLS_SSL_MAX_BUFFERED_HS - 1 ) ); + MBEDTLS_SSL_DEBUG_MSG(2, + ("Ignore future HS message with sequence number %u, " + "buffering window %u - %u", + recv_msg_seq, ssl->handshake->in_msg_seq, + ssl->handshake->in_msg_seq + MBEDTLS_SSL_MAX_BUFFERED_HS - + 1)); goto exit; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering HS message with sequence number %u, offset %u ", - recv_msg_seq, recv_msg_seq_offset ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Buffering HS message with sequence number %u, offset %u ", + recv_msg_seq, recv_msg_seq_offset)); - hs_buf = &hs->buffering.hs[ recv_msg_seq_offset ]; + hs_buf = &hs->buffering.hs[recv_msg_seq_offset]; /* Check if the buffering for this seq nr has already commenced. */ - if( !hs_buf->is_valid ) - { + if (!hs_buf->is_valid) { size_t reassembly_buf_sz; hs_buf->is_fragmented = - ( ssl_hs_is_proper_fragment( ssl ) == 1 ); + (ssl_hs_is_proper_fragment(ssl) == 1); /* We copy the message back into the input buffer * after reassembly, so check that it's not too large. * This is an implementation-specific limitation * and not one from the standard, hence it is not * checked in ssl_check_hs_header(). */ - if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN ) - { + if (msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN) { /* Ignore message */ goto exit; } /* Check if we have enough space to buffer the message. */ - if( hs->buffering.total_bytes_buffered > - MBEDTLS_SSL_DTLS_MAX_BUFFERING ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (hs->buffering.total_bytes_buffered > + MBEDTLS_SSL_DTLS_MAX_BUFFERING) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - reassembly_buf_sz = ssl_get_reassembly_buffer_size( msg_len, - hs_buf->is_fragmented ); + reassembly_buf_sz = ssl_get_reassembly_buffer_size(msg_len, + hs_buf->is_fragmented); - if( reassembly_buf_sz > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - - hs->buffering.total_bytes_buffered ) ) - { - if( recv_msg_seq_offset > 0 ) - { + if (reassembly_buf_sz > (MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered)) { + if (recv_msg_seq_offset > 0) { /* If we can't buffer a future message because * of space limitations -- ignore. */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %" MBEDTLS_PRINTF_SIZET - " would exceed the compile-time limit %" MBEDTLS_PRINTF_SIZET - " (already %" MBEDTLS_PRINTF_SIZET - " bytes buffered) -- ignore\n", - msg_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, - hs->buffering.total_bytes_buffered ) ); + MBEDTLS_SSL_DEBUG_MSG(2, + ("Buffering of future message of size %" + MBEDTLS_PRINTF_SIZET + " would exceed the compile-time limit %" + MBEDTLS_PRINTF_SIZET + " (already %" MBEDTLS_PRINTF_SIZET + " bytes buffered) -- ignore\n", + msg_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, + hs->buffering.total_bytes_buffered)); goto exit; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %" MBEDTLS_PRINTF_SIZET - " would exceed the compile-time limit %" MBEDTLS_PRINTF_SIZET - " (already %" MBEDTLS_PRINTF_SIZET - " bytes buffered) -- attempt to make space by freeing buffered future messages\n", - msg_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, - hs->buffering.total_bytes_buffered ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, + ("Buffering of future message of size %" + MBEDTLS_PRINTF_SIZET + " would exceed the compile-time limit %" + MBEDTLS_PRINTF_SIZET + " (already %" MBEDTLS_PRINTF_SIZET + " bytes buffered) -- attempt to make space by freeing buffered future messages\n", + msg_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, + hs->buffering.total_bytes_buffered)); } - if( ssl_buffer_make_space( ssl, reassembly_buf_sz ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reassembly of next message of size %" MBEDTLS_PRINTF_SIZET - " (%" MBEDTLS_PRINTF_SIZET " with bitmap) would exceed" - " the compile-time limit %" MBEDTLS_PRINTF_SIZET - " (already %" MBEDTLS_PRINTF_SIZET - " bytes buffered) -- fail\n", - msg_len, - reassembly_buf_sz, - (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, - hs->buffering.total_bytes_buffered ) ); + if (ssl_buffer_make_space(ssl, reassembly_buf_sz) != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, + ("Reassembly of next message of size %" + MBEDTLS_PRINTF_SIZET + " (%" MBEDTLS_PRINTF_SIZET + " with bitmap) would exceed" + " the compile-time limit %" + MBEDTLS_PRINTF_SIZET + " (already %" MBEDTLS_PRINTF_SIZET + " bytes buffered) -- fail\n", + msg_len, + reassembly_buf_sz, + (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, + hs->buffering.total_bytes_buffered)); ret = MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; goto exit; } } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %" MBEDTLS_PRINTF_SIZET, - msg_len ) ); + MBEDTLS_SSL_DEBUG_MSG(2, + ("initialize reassembly, total length = %" + MBEDTLS_PRINTF_SIZET, + msg_len)); - hs_buf->data = mbedtls_calloc( 1, reassembly_buf_sz ); - if( hs_buf->data == NULL ) - { + hs_buf->data = mbedtls_calloc(1, reassembly_buf_sz); + if (hs_buf->data == NULL) { ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } @@ -4299,27 +4144,23 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl ) /* Prepare final header: copy msg_type, length and message_seq, * then add standardised fragment_offset and fragment_length */ - memcpy( hs_buf->data, ssl->in_msg, 6 ); - memset( hs_buf->data + 6, 0, 3 ); - memcpy( hs_buf->data + 9, hs_buf->data + 1, 3 ); + memcpy(hs_buf->data, ssl->in_msg, 6); + memset(hs_buf->data + 6, 0, 3); + memcpy(hs_buf->data + 9, hs_buf->data + 1, 3); hs_buf->is_valid = 1; hs->buffering.total_bytes_buffered += reassembly_buf_sz; - } - else - { + } else { /* Make sure msg_type and length are consistent */ - if( memcmp( hs_buf->data, ssl->in_msg, 4 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Fragment header mismatch - ignore" ) ); + if (memcmp(hs_buf->data, ssl->in_msg, 4) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Fragment header mismatch - ignore")); /* Ignore */ goto exit; } } - if( !hs_buf->is_complete ) - { + if (!hs_buf->is_complete) { size_t frag_len, frag_off; unsigned char * const msg = hs_buf->data + 12; @@ -4329,28 +4170,25 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl ) /* Validation of header fields already done in * mbedtls_ssl_prepare_handshake_record(). */ - frag_off = ssl_get_hs_frag_off( ssl ); - frag_len = ssl_get_hs_frag_len( ssl ); + frag_off = ssl_get_hs_frag_off(ssl); + frag_len = ssl_get_hs_frag_len(ssl); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %" MBEDTLS_PRINTF_SIZET - ", length = %" MBEDTLS_PRINTF_SIZET, - frag_off, frag_len ) ); - memcpy( msg + frag_off, ssl->in_msg + 12, frag_len ); + MBEDTLS_SSL_DEBUG_MSG(2, ("adding fragment, offset = %" MBEDTLS_PRINTF_SIZET + ", length = %" MBEDTLS_PRINTF_SIZET, + frag_off, frag_len)); + memcpy(msg + frag_off, ssl->in_msg + 12, frag_len); - if( hs_buf->is_fragmented ) - { + if (hs_buf->is_fragmented) { unsigned char * const bitmask = msg + msg_len; - ssl_bitmask_set( bitmask, frag_off, frag_len ); - hs_buf->is_complete = ( ssl_bitmask_check( bitmask, - msg_len ) == 0 ); - } - else - { + ssl_bitmask_set(bitmask, frag_off, frag_len); + hs_buf->is_complete = (ssl_bitmask_check(bitmask, + msg_len) == 0); + } else { hs_buf->is_complete = 1; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "message %scomplete", - hs_buf->is_complete ? "" : "not yet " ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("message %scomplete", + hs_buf->is_complete ? "" : "not yet ")); } break; @@ -4363,13 +4201,13 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl ) exit: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_buffer_message" ) ); - return( ret ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_buffer_message")); + return ret; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_consume_current_message( mbedtls_ssl_context *ssl ) +static int ssl_consume_current_message(mbedtls_ssl_context *ssl) { /* * Consume last content-layer message and potentially @@ -4394,15 +4232,13 @@ static int ssl_consume_current_message( mbedtls_ssl_context *ssl ) */ /* Case (1): Handshake messages */ - if( ssl->in_hslen != 0 ) - { + if (ssl->in_hslen != 0) { /* Hard assertion to be sure that no application data * is in flight, as corrupting ssl->in_msglen during * ssl->in_offt != NULL is fatal. */ - if( ssl->in_offt != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (ssl->in_offt != NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* @@ -4426,68 +4262,64 @@ static int ssl_consume_current_message( mbedtls_ssl_context *ssl ) * bounds after handling a DTLS message with an unexpected * sequence number, see mbedtls_ssl_prepare_handshake_record. */ - if( ssl->in_hslen < ssl->in_msglen ) - { + if (ssl->in_hslen < ssl->in_msglen) { ssl->in_msglen -= ssl->in_hslen; - memmove( ssl->in_msg, ssl->in_msg + ssl->in_hslen, - ssl->in_msglen ); + memmove(ssl->in_msg, ssl->in_msg + ssl->in_hslen, + ssl->in_msglen); - MBEDTLS_SSL_DEBUG_BUF( 4, "remaining content in record", - ssl->in_msg, ssl->in_msglen ); - } - else - { + MBEDTLS_SSL_DEBUG_BUF(4, "remaining content in record", + ssl->in_msg, ssl->in_msglen); + } else { ssl->in_msglen = 0; } ssl->in_hslen = 0; } /* Case (4): Application data */ - else if( ssl->in_offt != NULL ) - { - return( 0 ); + else if (ssl->in_offt != NULL) { + return 0; } /* Everything else (CCS & Alerts) */ - else - { + else { ssl->in_msglen = 0; } - return( 0 ); + return 0; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ) +static int ssl_record_is_in_progress(mbedtls_ssl_context *ssl) { - if( ssl->in_msglen > 0 ) - return( 1 ); + if (ssl->in_msglen > 0) { + return 1; + } - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_DTLS) -static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ) +static void ssl_free_buffered_record(mbedtls_ssl_context *ssl) { mbedtls_ssl_handshake_params * const hs = ssl->handshake; - if( hs == NULL ) + if (hs == NULL) { return; + } - if( hs->buffering.future_record.data != NULL ) - { + if (hs->buffering.future_record.data != NULL) { hs->buffering.total_bytes_buffered -= hs->buffering.future_record.len; - mbedtls_free( hs->buffering.future_record.data ); + mbedtls_free(hs->buffering.future_record.data); hs->buffering.future_record.data = NULL; } } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ) +static int ssl_load_buffered_record(mbedtls_ssl_context *ssl) { mbedtls_ssl_handshake_params * const hs = ssl->handshake; - unsigned char * rec; + unsigned char *rec; size_t rec_len; unsigned rec_epoch; #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) @@ -4495,88 +4327,92 @@ static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ) #else size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; #endif - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 0 ); + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return 0; + } - if( hs == NULL ) - return( 0 ); + if (hs == NULL) { + return 0; + } rec = hs->buffering.future_record.data; rec_len = hs->buffering.future_record.len; rec_epoch = hs->buffering.future_record.epoch; - if( rec == NULL ) - return( 0 ); + if (rec == NULL) { + return 0; + } /* Only consider loading future records if the * input buffer is empty. */ - if( ssl_next_record_is_in_datagram( ssl ) == 1 ) - return( 0 ); + if (ssl_next_record_is_in_datagram(ssl) == 1) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_record" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_load_buffered_record")); - if( rec_epoch != ssl->in_epoch ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffered record not from current epoch." ) ); + if (rec_epoch != ssl->in_epoch) { + MBEDTLS_SSL_DEBUG_MSG(2, ("Buffered record not from current epoch.")); goto exit; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Found buffered record from current epoch - load" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Found buffered record from current epoch - load")); /* Double-check that the record is not too large */ - if( rec_len > in_buf_len - (size_t)( ssl->in_hdr - ssl->in_buf ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (rec_len > in_buf_len - (size_t) (ssl->in_hdr - ssl->in_buf)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - memcpy( ssl->in_hdr, rec, rec_len ); + memcpy(ssl->in_hdr, rec, rec_len); ssl->in_left = rec_len; ssl->next_record_offset = 0; - ssl_free_buffered_record( ssl ); + ssl_free_buffered_record(ssl); exit: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_record" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_load_buffered_record")); + return 0; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_buffer_future_record( mbedtls_ssl_context *ssl, - mbedtls_record const *rec ) +static int ssl_buffer_future_record(mbedtls_ssl_context *ssl, + mbedtls_record const *rec) { mbedtls_ssl_handshake_params * const hs = ssl->handshake; /* Don't buffer future records outside handshakes. */ - if( hs == NULL ) - return( 0 ); + if (hs == NULL) { + return 0; + } /* Only buffer handshake records (we are only interested * in Finished messages). */ - if( rec->type != MBEDTLS_SSL_MSG_HANDSHAKE ) - return( 0 ); + if (rec->type != MBEDTLS_SSL_MSG_HANDSHAKE) { + return 0; + } /* Don't buffer more than one future epoch record. */ - if( hs->buffering.future_record.data != NULL ) - return( 0 ); + if (hs->buffering.future_record.data != NULL) { + return 0; + } /* Don't buffer record if there's not enough buffering space remaining. */ - if( rec->buf_len > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - - hs->buffering.total_bytes_buffered ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future epoch record of size %" MBEDTLS_PRINTF_SIZET - " would exceed the compile-time limit %" MBEDTLS_PRINTF_SIZET - " (already %" MBEDTLS_PRINTF_SIZET - " bytes buffered) -- ignore\n", - rec->buf_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, - hs->buffering.total_bytes_buffered ) ); - return( 0 ); + if (rec->buf_len > (MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("Buffering of future epoch record of size %" MBEDTLS_PRINTF_SIZET + " would exceed the compile-time limit %" MBEDTLS_PRINTF_SIZET + " (already %" MBEDTLS_PRINTF_SIZET + " bytes buffered) -- ignore\n", + rec->buf_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, + hs->buffering.total_bytes_buffered)); + return 0; } /* Buffer record */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffer record from epoch %u", - ssl->in_epoch + 1U ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered record", rec->buf, rec->buf_len ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Buffer record from epoch %u", + ssl->in_epoch + 1U)); + MBEDTLS_SSL_DEBUG_BUF(3, "Buffered record", rec->buf, rec->buf_len); /* ssl_parse_record_header() only considers records * of the next epoch as candidates for buffering. */ @@ -4584,24 +4420,23 @@ static int ssl_buffer_future_record( mbedtls_ssl_context *ssl, hs->buffering.future_record.len = rec->buf_len; hs->buffering.future_record.data = - mbedtls_calloc( 1, hs->buffering.future_record.len ); - if( hs->buffering.future_record.data == NULL ) - { + mbedtls_calloc(1, hs->buffering.future_record.len); + if (hs->buffering.future_record.data == NULL) { /* If we run out of RAM trying to buffer a * record from the next epoch, just ignore. */ - return( 0 ); + return 0; } - memcpy( hs->buffering.future_record.data, rec->buf, rec->buf_len ); + memcpy(hs->buffering.future_record.data, rec->buf, rec->buf_len); hs->buffering.total_bytes_buffered += rec->buf_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_get_next_record( mbedtls_ssl_context *ssl ) +static int ssl_get_next_record(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_record rec; @@ -4613,44 +4448,41 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) * the length of the buffered record, so that * the calls to ssl_fetch_input() below will * essentially be no-ops. */ - ret = ssl_load_buffered_record( ssl ); - if( ret != 0 ) - return( ret ); + ret = ssl_load_buffered_record(ssl); + if (ret != 0) { + return ret; + } #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* Ensure that we have enough space available for the default form * of TLS / DTLS record headers (5 Bytes for TLS, 13 Bytes for DTLS, * with no space for CIDs counted in). */ - ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_in_hdr_len( ssl ) ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); + ret = mbedtls_ssl_fetch_input(ssl, mbedtls_ssl_in_hdr_len(ssl)); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); + return ret; } - ret = ssl_parse_record_header( ssl, ssl->in_hdr, ssl->in_left, &rec ); - if( ret != 0 ) - { + ret = ssl_parse_record_header(ssl, ssl->in_hdr, ssl->in_left, &rec); + if (ret != 0) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) - { - ret = ssl_buffer_future_record( ssl, &rec ); - if( ret != 0 ) - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if (ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE) { + ret = ssl_buffer_future_record(ssl, &rec); + if (ret != 0) { + return ret; + } /* Fall through to handling of unexpected records */ ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; } - if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ) - { + if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD) { #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) /* Reset in pointers to default state for TLS/DTLS records, * assuming no CID and no offset between record content and * record plaintext. */ - mbedtls_ssl_update_in_pointers( ssl ); + mbedtls_ssl_update_in_pointers(ssl); /* Setup internal message pointers from record structure. */ ssl->in_msgtype = rec.type; @@ -4660,59 +4492,53 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->in_iv = ssl->in_msg = ssl->in_len + 2; ssl->in_msglen = rec.data_len; - ret = ssl_check_client_reconnect( ssl ); - MBEDTLS_SSL_DEBUG_RET( 2, "ssl_check_client_reconnect", ret ); - if( ret != 0 ) - return( ret ); + ret = ssl_check_client_reconnect(ssl); + MBEDTLS_SSL_DEBUG_RET(2, "ssl_check_client_reconnect", ret); + if (ret != 0) { + return ret; + } #endif /* Skip unexpected record (but not whole datagram) */ ssl->next_record_offset = rec.buf_len; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding unexpected record " - "(header)" ) ); - } - else - { + MBEDTLS_SSL_DEBUG_MSG(1, ("discarding unexpected record " + "(header)")); + } else { /* Skip invalid record and the rest of the datagram */ ssl->next_record_offset = 0; ssl->in_left = 0; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record " - "(header)" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("discarding invalid record " + "(header)")); } /* Get next record */ - return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); - } - else + return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; + } else #endif { - return( ret ); + return ret; } } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Remember offset of next record within datagram. */ ssl->next_record_offset = rec.buf_len; - if( ssl->next_record_offset < ssl->in_left ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "more than one record within datagram" ) ); + if (ssl->next_record_offset < ssl->in_left) { + MBEDTLS_SSL_DEBUG_MSG(3, ("more than one record within datagram")); } - } - else + } else #endif { /* * Fetch record contents from underlying transport. */ - ret = mbedtls_ssl_fetch_input( ssl, rec.buf_len ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); + ret = mbedtls_ssl_fetch_input(ssl, rec.buf_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); + return ret; } ssl->in_left = 0; @@ -4722,37 +4548,31 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) * Decrypt record contents. */ - if( ( ret = ssl_prepare_record_content( ssl, &rec ) ) != 0 ) - { + if ((ret = ssl_prepare_record_content(ssl, &rec)) != 0) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Silently discard invalid records */ - if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) - { + if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) { /* Except when waiting for Finished as a bad mac here * probably means something went wrong in the handshake * (eg wrong psk used, mitm downgrade attempt, etc.) */ - if( ssl->state == MBEDTLS_SSL_CLIENT_FINISHED || - ssl->state == MBEDTLS_SSL_SERVER_FINISHED ) - { + if (ssl->state == MBEDTLS_SSL_CLIENT_FINISHED || + ssl->state == MBEDTLS_SSL_SERVER_FINISHED) { #if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) - { - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC ); + if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) { + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC); } #endif - return( ret ); + return ret; } #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - if( ssl->conf->badmac_limit != 0 && - ++ssl->badmac_seen >= ssl->conf->badmac_limit ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "too many records with bad MAC" ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + if (ssl->conf->badmac_limit != 0 && + ++ssl->badmac_seen >= ssl->conf->badmac_limit) { + MBEDTLS_SSL_DEBUG_MSG(1, ("too many records with bad MAC")); + return MBEDTLS_ERR_SSL_INVALID_MAC; } #endif @@ -4762,25 +4582,23 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->next_record_offset = 0; ssl->in_left = 0; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record (mac)" ) ); - return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); + MBEDTLS_SSL_DEBUG_MSG(1, ("discarding invalid record (mac)")); + return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; } - return( ret ); - } - else + return ret; + } else #endif { /* Error out (and send alert) on invalid records */ #if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) - { - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC ); + if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) { + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC); } #endif - return( ret ); + return ret; } } @@ -4788,7 +4606,7 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) /* Reset in pointers to default state for TLS/DTLS records, * assuming no CID and no offset between record content and * record plaintext. */ - mbedtls_ssl_update_in_pointers( ssl ); + mbedtls_ssl_update_in_pointers(ssl); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ssl->in_len = ssl->in_cid + rec.cid_len; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -4804,130 +4622,114 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->in_hdr[0] = rec.type; ssl->in_msg = rec.buf + rec.data_offset; ssl->in_msglen = rec.data_len; - MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->in_len, 0 ); + MBEDTLS_PUT_UINT16_BE(rec.data_len, ssl->in_len, 0); #if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->transform_in != NULL && - ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) - { - if( ( ret = ssl_decompress_buf( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret ); - return( ret ); + if (ssl->transform_in != NULL && + ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE) { + if ((ret = ssl_decompress_buf(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_decompress_buf", ret); + return ret; } /* Check actual (decompress) record content length against * configured maximum. */ - if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad message length")); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } } #endif /* MBEDTLS_ZLIB_SUPPORT */ - return( 0 ); + return 0; } -int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_handle_message_type(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* * Handle particular types of records */ - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) - { - if( ( ret = mbedtls_ssl_prepare_handshake_record( ssl ) ) != 0 ) - { - return( ret ); + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) { + if ((ret = mbedtls_ssl_prepare_handshake_record(ssl)) != 0) { + return ret; } } - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) - { - if( ssl->in_msglen != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, len: %" MBEDTLS_PRINTF_SIZET, - ssl->in_msglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) { + if (ssl->in_msglen != 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid CCS message, len: %" MBEDTLS_PRINTF_SIZET, + ssl->in_msglen)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - if( ssl->in_msg[0] != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, content: %02x", - ssl->in_msg[0] ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ssl->in_msg[0] != 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid CCS message, content: %02x", + ssl->in_msg[0])); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC && - ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) - { - if( ssl->handshake == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping ChangeCipherSpec outside handshake" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC) { + if (ssl->handshake == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("dropping ChangeCipherSpec outside handshake")); + return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received out-of-order ChangeCipherSpec - remember" ) ); - return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG(1, ("received out-of-order ChangeCipherSpec - remember")); + return MBEDTLS_ERR_SSL_EARLY_MESSAGE; } #endif } - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT ) - { - if( ssl->in_msglen != 2 ) - { + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT) { + if (ssl->in_msglen != 2) { /* Note: Standard allows for more than one 2 byte alert to be packed in a single message, but Mbed TLS doesn't currently support this. */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid alert message, len: %" MBEDTLS_PRINTF_SIZET, - ssl->in_msglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid alert message, len: %" MBEDTLS_PRINTF_SIZET, + ssl->in_msglen)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%u:%u]", - ssl->in_msg[0], ssl->in_msg[1] ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("got an alert message, type: [%u:%u]", + ssl->in_msg[0], ssl->in_msg[1])); /* * Ignore non-fatal alerts, except close_notify and no_renegotiation */ - if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_FATAL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "is a fatal alert message (msg %d)", - ssl->in_msg[1] ) ); - return( MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE ); + if (ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_FATAL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("is a fatal alert message (msg %d)", + ssl->in_msg[1])); + return MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE; } - if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a close notify message" ) ); - return( MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ); + if (ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY) { + MBEDTLS_SSL_DEBUG_MSG(2, ("is a close notify message")); + return MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY; } #if defined(MBEDTLS_SSL_RENEGOTIATION_ENABLED) - if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a SSLv3 no renegotiation alert" ) ); + if (ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION) { + MBEDTLS_SSL_DEBUG_MSG(2, ("is a SSLv3 no renegotiation alert")); /* Will be handled when trying to parse ServerHello */ - return( 0 ); + return 0; } #endif #if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_SRV_C) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a SSLv3 no_cert" ) ); + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT) { + MBEDTLS_SSL_DEBUG_MSG(2, ("is a SSLv3 no_cert")); /* Will be handled in mbedtls_ssl_parse_certificate() */ - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */ @@ -4936,75 +4738,73 @@ int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ) } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Drop unexpected ApplicationData records, * except at the beginning of renegotiations */ - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA && + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA && ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER #if defined(MBEDTLS_SSL_RENEGOTIATION) - && ! ( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->state == MBEDTLS_SSL_SERVER_HELLO ) + && !(ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->state == MBEDTLS_SSL_SERVER_HELLO) #endif - ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping unexpected ApplicationData" ) ); - return( MBEDTLS_ERR_SSL_NON_FATAL ); + ) { + MBEDTLS_SSL_DEBUG_MSG(1, ("dropping unexpected ApplicationData")); + return MBEDTLS_ERR_SSL_NON_FATAL; } - if( ssl->handshake != NULL && - ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) - { - mbedtls_ssl_handshake_wrapup_free_hs_transform( ssl ); + if (ssl->handshake != NULL && + ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { + mbedtls_ssl_handshake_wrapup_free_hs_transform(ssl); } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - return( 0 ); + return 0; } -int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context *ssl) { - return( mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ) ); + return mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); } -int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, - unsigned char level, - unsigned char message ) +int mbedtls_ssl_send_alert_message(mbedtls_ssl_context *ssl, + unsigned char level, + unsigned char message) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( ssl->out_left != 0 ) - return( mbedtls_ssl_flush_output( ssl ) ); + if (ssl->out_left != 0) { + return mbedtls_ssl_flush_output(ssl); + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> send alert message" ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "send alert level=%u message=%u", level, message )); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> send alert message")); + MBEDTLS_SSL_DEBUG_MSG(3, ("send alert level=%u message=%u", level, message)); ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT; ssl->out_msglen = 2; ssl->out_msg[0] = level; ssl->out_msg[1] = message; - if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_record", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= send alert message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= send alert message")); - return( 0 ); + return 0; } -int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_change_cipher_spec(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write change cipher spec" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write change cipher spec")); ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; ssl->out_msglen = 1; @@ -5012,35 +4812,32 @@ int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write change cipher spec" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write change cipher spec")); - return( 0 ); + return 0; } -int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_parse_change_cipher_spec(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse change cipher spec" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse change cipher spec")); - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad change cipher spec message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } /* CCS records are only accepted if they have length 1 and content '1', @@ -5050,50 +4847,45 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) * Switch to our negotiated transform and session parameters for inbound * data. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for inbound data" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("switching to new transform spec for inbound data")); ssl->transform_in = ssl->transform_negotiate; ssl->session_in = ssl->session_negotiate; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - mbedtls_ssl_dtls_replay_reset( ssl ); + mbedtls_ssl_dtls_replay_reset(ssl); #endif /* Increment epoch */ - if( ++ssl->in_epoch == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); + if (++ssl->in_epoch == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("DTLS epoch would wrap")); /* This is highly unlikely to happen for legitimate reasons, so treat it as an attack and don't send an alert. */ - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + return MBEDTLS_ERR_SSL_COUNTER_WRAPPING; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ - memset( ssl->in_ctr, 0, 8 ); + memset(ssl->in_ctr, 0, 8); - mbedtls_ssl_update_in_pointers( ssl ); + mbedtls_ssl_update_in_pointers(ssl); #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_activate != NULL ) - { - if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_INBOUND ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + if (mbedtls_ssl_hw_record_activate != NULL) { + if ((ret = mbedtls_ssl_hw_record_activate(ssl, MBEDTLS_SSL_CHANNEL_INBOUND)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_activate", ret); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } } #endif ssl->state++; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse change cipher spec" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse change cipher spec")); - return( 0 ); + return 0; } /* Once ssl->out_hdr as the address of the beginning of the @@ -5105,32 +4897,32 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) */ static size_t ssl_transform_get_explicit_iv_len( - mbedtls_ssl_transform const *transform ) + mbedtls_ssl_transform const *transform) { - if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) - return( 0 ); + if (transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2) { + return 0; + } - return( transform->ivlen - transform->fixed_ivlen ); + return transform->ivlen - transform->fixed_ivlen; } -void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl, - mbedtls_ssl_transform *transform ) +void mbedtls_ssl_update_out_pointers(mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { ssl->out_ctr = ssl->out_hdr + 3; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ssl->out_cid = ssl->out_ctr + 8; ssl->out_len = ssl->out_cid; - if( transform != NULL ) + if (transform != NULL) { ssl->out_len += transform->out_cid_len; + } #else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_len = ssl->out_ctr + 8; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_iv = ssl->out_len + 2; - } - else + } else #endif { ssl->out_ctr = ssl->out_hdr - 8; @@ -5143,8 +4935,9 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl, ssl->out_msg = ssl->out_iv; /* Adjust out_msg to make space for explicit IV, if used. */ - if( transform != NULL ) - ssl->out_msg += ssl_transform_get_explicit_iv_len( transform ); + if (transform != NULL) { + ssl->out_msg += ssl_transform_get_explicit_iv_len(transform); + } } /* Once ssl->in_hdr as the address of the beginning of the @@ -5155,7 +4948,7 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl, * and the caller has to make sure there's space for this. */ -void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_update_in_pointers(mbedtls_ssl_context *ssl) { /* This function sets the pointers to match the case * of unprotected TLS/DTLS records, with both ssl->in_iv @@ -5168,8 +4961,7 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl ) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* This sets the header pointers to match records * without CID. When we receive a record containing * a CID, the fields are shifted accordingly in @@ -5182,8 +4974,7 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl ) ssl->in_len = ssl->in_ctr + 8; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->in_iv = ssl->in_len + 2; - } - else + } else #endif { ssl->in_ctr = ssl->in_hdr - 8; @@ -5202,16 +4993,14 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl ) * Setup an SSL context */ -void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_reset_in_out_pointers(mbedtls_ssl_context *ssl) { /* Set the incoming and outgoing record pointers. */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { ssl->out_hdr = ssl->out_buf; ssl->in_hdr = ssl->in_buf; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { ssl->out_hdr = ssl->out_buf + 8; @@ -5219,29 +5008,28 @@ void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ) } /* Derive other internal pointers. */ - mbedtls_ssl_update_out_pointers( ssl, NULL /* no transform enabled */ ); - mbedtls_ssl_update_in_pointers ( ssl ); + mbedtls_ssl_update_out_pointers(ssl, NULL /* no transform enabled */); + mbedtls_ssl_update_in_pointers(ssl); } /* * SSL get accessors */ -size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ) +size_t mbedtls_ssl_get_bytes_avail(const mbedtls_ssl_context *ssl) { - return( ssl->in_offt == NULL ? 0 : ssl->in_msglen ); + return ssl->in_offt == NULL ? 0 : ssl->in_msglen; } -int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ) +int mbedtls_ssl_check_pending(const mbedtls_ssl_context *ssl) { /* * Case A: We're currently holding back * a message for further processing. */ - if( ssl->keep_current_message == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: record held back for processing" ) ); - return( 1 ); + if (ssl->keep_current_message == 1) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_check_pending: record held back for processing")); + return 1; } /* @@ -5249,11 +5037,10 @@ int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->in_left > ssl->next_record_offset ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: more records within current datagram" ) ); - return( 1 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->in_left > ssl->next_record_offset) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_check_pending: more records within current datagram")); + return 1; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -5261,19 +5048,18 @@ int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ) * Case C: A handshake message is being processed. */ - if( ssl->in_hslen > 0 && ssl->in_hslen < ssl->in_msglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: more handshake messages within current record" ) ); - return( 1 ); + if (ssl->in_hslen > 0 && ssl->in_hslen < ssl->in_msglen) { + MBEDTLS_SSL_DEBUG_MSG(3, + ("ssl_check_pending: more handshake messages within current record")); + return 1; } /* * Case D: An application data message is being processed */ - if( ssl->in_offt != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: application data record is being processed" ) ); - return( 1 ); + if (ssl->in_offt != NULL) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_check_pending: application data record is being processed")); + return 1; } /* @@ -5282,29 +5068,30 @@ int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ) * we implement support for multiple alerts in single records. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: nothing pending" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_check_pending: nothing pending")); + return 0; } -int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) +int mbedtls_ssl_get_record_expansion(const mbedtls_ssl_context *ssl) { size_t transform_expansion = 0; const mbedtls_ssl_transform *transform = ssl->transform_out; unsigned block_size; - size_t out_hdr_len = mbedtls_ssl_out_hdr_len( ssl ); + size_t out_hdr_len = mbedtls_ssl_out_hdr_len(ssl); - if( transform == NULL ) - return( (int) out_hdr_len ); + if (transform == NULL) { + return (int) out_hdr_len; + } #if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL) { + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + } #endif - switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) ) - { + switch (mbedtls_cipher_get_cipher_mode(&transform->cipher_ctx_enc)) { case MBEDTLS_MODE_GCM: case MBEDTLS_MODE_CCM: case MBEDTLS_MODE_CHACHAPOLY: @@ -5315,7 +5102,7 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) case MBEDTLS_MODE_CBC: block_size = mbedtls_cipher_get_block_size( - &transform->cipher_ctx_enc ); + &transform->cipher_ctx_enc); /* Expansion due to the addition of the MAC. */ transform_expansion += transform->maclen; @@ -5328,23 +5115,25 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) /* For TLS 1.1 or higher, an explicit IV is added * after the record header. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + if (ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2) { transform_expansion += block_size; + } #endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ break; default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( transform->out_cid_len != 0 ) + if (transform->out_cid_len != 0) { transform_expansion += MBEDTLS_SSL_MAX_CID_EXPANSION; + } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - return( (int)( out_hdr_len + transform_expansion ) ); + return (int) (out_hdr_len + transform_expansion); } #if defined(MBEDTLS_SSL_RENEGOTIATION) @@ -5352,58 +5141,57 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) * Check record counters and renegotiate if they're above the limit. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) +static int ssl_check_ctr_renegotiate(mbedtls_ssl_context *ssl) { - size_t ep_len = mbedtls_ssl_ep_len( ssl ); + size_t ep_len = mbedtls_ssl_ep_len(ssl); int in_ctr_cmp; int out_ctr_cmp; - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER || + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER || ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING || - ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED ) - { - return( 0 ); + ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED) { + return 0; } - in_ctr_cmp = memcmp( ssl->in_ctr + ep_len, - ssl->conf->renego_period + ep_len, 8 - ep_len ); - out_ctr_cmp = memcmp( ssl->cur_out_ctr + ep_len, - ssl->conf->renego_period + ep_len, 8 - ep_len ); + in_ctr_cmp = memcmp(ssl->in_ctr + ep_len, + ssl->conf->renego_period + ep_len, 8 - ep_len); + out_ctr_cmp = memcmp(ssl->cur_out_ctr + ep_len, + ssl->conf->renego_period + ep_len, 8 - ep_len); - if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 ) - { - return( 0 ); + if (in_ctr_cmp <= 0 && out_ctr_cmp <= 0) { + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "record counter limit reached: renegotiate" ) ); - return( mbedtls_ssl_renegotiate( ssl ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("record counter limit reached: renegotiate")); + return mbedtls_ssl_renegotiate(ssl); } #endif /* MBEDTLS_SSL_RENEGOTIATION */ /* * Receive application data decrypted from the SSL layer */ -int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) +int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> read")); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + return ret; + } - if( ssl->handshake != NULL && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); + if (ssl->handshake != NULL && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) { + if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + return ret; + } } } #endif @@ -5421,64 +5209,57 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - ret = ssl_check_ctr_renegotiate( ssl ); - if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && - ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); - return( ret ); + ret = ssl_check_ctr_renegotiate(ssl); + if (ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && + ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_check_ctr_renegotiate", ret); + return ret; } #endif - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - ret = mbedtls_ssl_handshake( ssl ); - if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && - ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); - return( ret ); + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + ret = mbedtls_ssl_handshake(ssl); + if (ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && + ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret); + return ret; } } /* Loop as long as no application data record is available */ - while( ssl->in_offt == NULL ) - { + while (ssl->in_offt == NULL) { /* Start timer if not already running */ - if( ssl->f_get_timer != NULL && - ssl->f_get_timer( ssl->p_timer ) == -1 ) - { - mbedtls_ssl_set_timer( ssl, ssl->conf->read_timeout ); + if (ssl->f_get_timer != NULL && + ssl->f_get_timer(ssl->p_timer) == -1) { + mbedtls_ssl_set_timer(ssl, ssl->conf->read_timeout); } - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_SSL_CONN_EOF ) - return( 0 ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + if (ret == MBEDTLS_ERR_SSL_CONN_EOF) { + return 0; + } - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - if( ssl->in_msglen == 0 && - ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA ) - { + if (ssl->in_msglen == 0 && + ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA) { /* * OpenSSL sends empty messages to randomize the IV */ - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_SSL_CONN_EOF ) - return( 0 ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + if (ret == MBEDTLS_ERR_SSL_CONN_EOF) { + return 0; + } - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } } - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received handshake message" ) ); + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("received handshake message")); /* * - For client-side, expect SERVER_HELLO_REQUEST. @@ -5487,105 +5268,93 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) */ #if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ( ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + (ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl))) { + MBEDTLS_SSL_DEBUG_MSG(1, ("handshake received (not HelloRequest)")); /* With DTLS, drop the packet (probably from last handshake) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { continue; } #endif - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } #endif /* MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not ClientHello)" ) ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO) { + MBEDTLS_SSL_DEBUG_MSG(1, ("handshake received (not ClientHello)")); /* With DTLS, drop the packet (probably from last handshake) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { continue; } #endif - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } #endif /* MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_RENEGOTIATION) /* Determine whether renegotiation attempt should be accepted */ - if( ! ( ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || - ( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == - MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) ) ) - { + if (!(ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || + (ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == + MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION))) { /* * Accept renegotiation request */ /* DTLS clients need to know renego is server-initiated */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; } #endif - ret = mbedtls_ssl_start_renegotiation( ssl ); - if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && - ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_start_renegotiation", - ret ); - return( ret ); + ret = mbedtls_ssl_start_renegotiation(ssl); + if (ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && + ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_start_renegotiation", + ret); + return ret; } - } - else + } else #endif /* MBEDTLS_SSL_RENEGOTIATION */ { /* * Refuse renegotiation */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("refusing renegotiation, sending alert")); #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { /* SSLv3 does not have a "no_renegotiation" warning, so we send a fatal alert and abort the connection. */ - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - else + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) - { - if( ( ret = mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_WARNING, - MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) - { - return( ret ); + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1) { + if ((ret = mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_WARNING, + MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION)) + != 0) { + return ret; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } } @@ -5610,84 +5379,75 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) continue; } #if defined(MBEDTLS_SSL_RENEGOTIATION) - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) - { - if( ssl->conf->renego_max_records >= 0 ) - { - if( ++ssl->renego_records_seen > ssl->conf->renego_max_records ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation requested, " - "but not honored by client" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { + if (ssl->conf->renego_max_records >= 0) { + if (++ssl->renego_records_seen > ssl->conf->renego_max_records) { + MBEDTLS_SSL_DEBUG_MSG(1, ("renegotiation requested, " + "but not honored by client")); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } } } #endif /* MBEDTLS_SSL_RENEGOTIATION */ /* Fatal and closure alerts handled by mbedtls_ssl_read_record() */ - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ignoring non-fatal non-closure alert" ) ); - return( MBEDTLS_ERR_SSL_WANT_READ ); + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT) { + MBEDTLS_SSL_DEBUG_MSG(2, ("ignoring non-fatal non-closure alert")); + return MBEDTLS_ERR_SSL_WANT_READ; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad application data message" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad application data message")); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } ssl->in_offt = ssl->in_msg; /* We're going to return something now, cancel timer, * except if handshake (renegotiation) is in progress */ - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) - mbedtls_ssl_set_timer( ssl, 0 ); + if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { + mbedtls_ssl_set_timer(ssl, 0); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) /* If we requested renego but received AppData, resend HelloRequest. * Do it now, after setting in_offt, to avoid taking this branch * again if ssl_write_hello_request() returns WANT_WRITE */ #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) - { - if( ( ret = mbedtls_ssl_resend_hello_request( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend_hello_request", - ret ); - return( ret ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { + if ((ret = mbedtls_ssl_resend_hello_request(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_resend_hello_request", + ret); + return ret; } } #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ #endif /* MBEDTLS_SSL_PROTO_DTLS */ } - n = ( len < ssl->in_msglen ) + n = (len < ssl->in_msglen) ? len : ssl->in_msglen; - memcpy( buf, ssl->in_offt, n ); + memcpy(buf, ssl->in_offt, n); ssl->in_msglen -= n; /* Zeroising the plaintext buffer to erase unused application data from the memory. */ - mbedtls_platform_zeroize( ssl->in_offt, n ); + mbedtls_platform_zeroize(ssl->in_offt, n); - if( ssl->in_msglen == 0 ) - { + if (ssl->in_msglen == 0) { /* all bytes consumed */ ssl->in_offt = NULL; ssl->keep_current_message = 0; - } - else - { + } else { /* more data available */ ssl->in_offt += n; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= read")); - return( (int) n ); + return (int) n; } /* @@ -5703,50 +5463,42 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) * corresponding return code is 0 on success. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_real( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +static int ssl_write_real(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { - int ret = mbedtls_ssl_get_max_out_record_payload( ssl ); + int ret = mbedtls_ssl_get_max_out_record_payload(ssl); const size_t max_len = (size_t) ret; - if( ret < 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_get_max_out_record_payload", ret ); - return( ret ); + if (ret < 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_get_max_out_record_payload", ret); + return ret; } - if( len > max_len ) - { + if (len > max_len) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment larger than the (negotiated) " - "maximum fragment length: %" MBEDTLS_PRINTF_SIZET - " > %" MBEDTLS_PRINTF_SIZET, - len, max_len ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - else + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + MBEDTLS_SSL_DEBUG_MSG(1, ("fragment larger than the (negotiated) " + "maximum fragment length: %" MBEDTLS_PRINTF_SIZET + " > %" MBEDTLS_PRINTF_SIZET, + len, max_len)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } else #endif - len = max_len; + len = max_len; } - if( ssl->out_left != 0 ) - { + if (ssl->out_left != 0) { /* * The user has previously tried to send the data and * MBEDTLS_ERR_SSL_WANT_WRITE or the message was only partially * written. In this case, we expect the high-level write function * (e.g. mbedtls_ssl_write()) to be called with the same parameters */ - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret ); - return( ret ); + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flush_output", ret); + return ret; } - } - else - { + } else { /* * The user is trying to send a message the first time, so we need to * copy the data into the internal buffers and setup the data structure @@ -5754,16 +5506,15 @@ static int ssl_write_real( mbedtls_ssl_context *ssl, */ ssl->out_msglen = len; ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; - memcpy( ssl->out_msg, buf, len ); + memcpy(ssl->out_msg, buf, len); - if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_record", ret); + return ret; } } - return( (int) len ); + return (int) len; } /* @@ -5775,156 +5526,156 @@ static int ssl_write_real( mbedtls_ssl_context *ssl, */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_split( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +static int ssl_write_split(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ssl->conf->cbc_record_splitting == - MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED || + if (ssl->conf->cbc_record_splitting == + MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED || len <= 1 || ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_1 || - mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc ) - != MBEDTLS_MODE_CBC ) - { - return( ssl_write_real( ssl, buf, len ) ); + mbedtls_cipher_get_cipher_mode(&ssl->transform_out->cipher_ctx_enc) + != MBEDTLS_MODE_CBC) { + return ssl_write_real(ssl, buf, len); } - if( ssl->split_done == 0 ) - { - if( ( ret = ssl_write_real( ssl, buf, 1 ) ) <= 0 ) - return( ret ); + if (ssl->split_done == 0) { + if ((ret = ssl_write_real(ssl, buf, 1)) <= 0) { + return ret; + } ssl->split_done = 1; } - if( ( ret = ssl_write_real( ssl, buf + 1, len - 1 ) ) <= 0 ) - return( ret ); + if ((ret = ssl_write_real(ssl, buf + 1, len - 1)) <= 0) { + return ret; + } ssl->split_done = 0; - return( ret + 1 ); + return ret + 1; } #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ /* * Write application data (public-facing wrapper) */ -int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) +int mbedtls_ssl_write(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write")); - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ( ret = ssl_check_ctr_renegotiate( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); - return( ret ); + if ((ret = ssl_check_ctr_renegotiate(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_check_ctr_renegotiate", ret); + return ret; } #endif - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); - return( ret ); + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret); + return ret; } } #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - ret = ssl_write_split( ssl, buf, len ); + ret = ssl_write_split(ssl, buf, len); #else - ret = ssl_write_real( ssl, buf, len ); + ret = ssl_write_real(ssl, buf, len); #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write")); - return( ret ); + return ret; } /* * Notify the peer that the connection is being closed */ -int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write close notify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write close notify")); - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) - { - if( ( ret = mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_WARNING, - MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_send_alert_message", ret ); - return( ret ); + if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { + if ((ret = mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_WARNING, + MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_send_alert_message", ret); + return ret; } } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write close notify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write close notify")); - return( 0 ); + return 0; } -void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ) +void mbedtls_ssl_transform_free(mbedtls_ssl_transform *transform) { - if( transform == NULL ) + if (transform == NULL) { return; + } #if defined(MBEDTLS_ZLIB_SUPPORT) - deflateEnd( &transform->ctx_deflate ); - inflateEnd( &transform->ctx_inflate ); + deflateEnd(&transform->ctx_deflate); + inflateEnd(&transform->ctx_inflate); #endif - mbedtls_cipher_free( &transform->cipher_ctx_enc ); - mbedtls_cipher_free( &transform->cipher_ctx_dec ); + mbedtls_cipher_free(&transform->cipher_ctx_enc); + mbedtls_cipher_free(&transform->cipher_ctx_dec); #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - mbedtls_md_free( &transform->md_ctx_enc ); - mbedtls_md_free( &transform->md_ctx_dec ); + mbedtls_md_free(&transform->md_ctx_enc); + mbedtls_md_free(&transform->md_ctx_dec); #endif - mbedtls_platform_zeroize( transform, sizeof( mbedtls_ssl_transform ) ); + mbedtls_platform_zeroize(transform, sizeof(mbedtls_ssl_transform)); } #if defined(MBEDTLS_SSL_PROTO_DTLS) -void mbedtls_ssl_buffering_free( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_buffering_free(mbedtls_ssl_context *ssl) { unsigned offset; mbedtls_ssl_handshake_params * const hs = ssl->handshake; - if( hs == NULL ) + if (hs == NULL) { return; + } - ssl_free_buffered_record( ssl ); + ssl_free_buffered_record(ssl); - for( offset = 0; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ ) - ssl_buffering_free_slot( ssl, offset ); + for (offset = 0; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++) { + ssl_buffering_free_slot(ssl, offset); + } } -static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, - uint8_t slot ) +static void ssl_buffering_free_slot(mbedtls_ssl_context *ssl, + uint8_t slot) { mbedtls_ssl_handshake_params * const hs = ssl->handshake; mbedtls_ssl_hs_buffer * const hs_buf = &hs->buffering.hs[slot]; - if( slot >= MBEDTLS_SSL_MAX_BUFFERED_HS ) + if (slot >= MBEDTLS_SSL_MAX_BUFFERED_HS) { return; + } - if( hs_buf->is_valid == 1 ) - { + if (hs_buf->is_valid == 1) { hs->buffering.total_bytes_buffered -= hs_buf->data_len; - mbedtls_platform_zeroize( hs_buf->data, hs_buf->data_len ); - mbedtls_free( hs_buf->data ); - memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); + mbedtls_platform_zeroize(hs_buf->data, hs_buf->data_len); + mbedtls_free(hs_buf->data); + memset(hs_buf, 0, sizeof(mbedtls_ssl_hs_buffer)); } } @@ -5939,19 +5690,18 @@ static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, * 1.0 <-> 3.2 (DTLS 1.0 is based on TLS 1.1) * 1.x <-> 3.x+1 for x != 0 (DTLS 1.2 based on TLS 1.2) */ -void mbedtls_ssl_write_version( int major, int minor, int transport, - unsigned char ver[2] ) +void mbedtls_ssl_write_version(int major, int minor, int transport, + unsigned char ver[2]) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( minor == MBEDTLS_SSL_MINOR_VERSION_2 ) + if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if (minor == MBEDTLS_SSL_MINOR_VERSION_2) { --minor; /* DTLS 1.0 stored as TLS 1.1 internally */ - ver[0] = (unsigned char)( 255 - ( major - 2 ) ); - ver[1] = (unsigned char)( 255 - ( minor - 1 ) ); - } - else + } + ver[0] = (unsigned char) (255 - (major - 2)); + ver[1] = (unsigned char) (255 - (minor - 1)); + } else #else ((void) transport); #endif @@ -5961,19 +5711,18 @@ void mbedtls_ssl_write_version( int major, int minor, int transport, } } -void mbedtls_ssl_read_version( int *major, int *minor, int transport, - const unsigned char ver[2] ) +void mbedtls_ssl_read_version(int *major, int *minor, int transport, + const unsigned char ver[2]) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { *major = 255 - ver[0] + 2; *minor = 255 - ver[1] + 1; - if( *minor == MBEDTLS_SSL_MINOR_VERSION_1 ) + if (*minor == MBEDTLS_SSL_MINOR_VERSION_1) { ++*minor; /* DTLS 1.0 stored as TLS 1.1 internally */ - } - else + } + } else #else ((void) transport); #endif diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 8efccce55c27..994661a44cfc 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -42,28 +42,30 @@ #endif #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) -int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, - const unsigned char *info, - size_t ilen ) +int mbedtls_ssl_set_client_transport_id(mbedtls_ssl_context *ssl, + const unsigned char *info, + size_t ilen) { - if( ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - mbedtls_free( ssl->cli_id ); + mbedtls_free(ssl->cli_id); - if( ( ssl->cli_id = mbedtls_calloc( 1, ilen ) ) == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if ((ssl->cli_id = mbedtls_calloc(1, ilen)) == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - memcpy( ssl->cli_id, info, ilen ); + memcpy(ssl->cli_id, info, ilen); ssl->cli_id_len = ilen; - return( 0 ); + return 0; } -void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, - mbedtls_ssl_cookie_write_t *f_cookie_write, - mbedtls_ssl_cookie_check_t *f_cookie_check, - void *p_cookie ) +void mbedtls_ssl_conf_dtls_cookies(mbedtls_ssl_config *conf, + mbedtls_ssl_cookie_write_t *f_cookie_write, + mbedtls_ssl_cookie_check_t *f_cookie_check, + void *p_cookie) { conf->f_cookie_write = f_cookie_write; conf->f_cookie_check = f_cookie_check; @@ -73,153 +75,147 @@ void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_servername_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t servername_list_size, hostname_len; const unsigned char *p; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "parse ServerName extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("parse ServerName extension")); - if( len < 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len < 2) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); - if( servername_list_size + 2 != len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + servername_list_size = ((buf[0] << 8) | (buf[1])); + if (servername_list_size + 2 != len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } p = buf + 2; - while( servername_list_size > 2 ) - { - hostname_len = ( ( p[1] << 8 ) | p[2] ); - if( hostname_len + 3 > servername_list_size ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + while (servername_list_size > 2) { + hostname_len = ((p[1] << 8) | p[2]); + if (hostname_len + 3 > servername_list_size) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) - { - ret = ssl->conf->f_sni( ssl->conf->p_sni, - ssl, p + 3, hostname_len ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_sni_wrapper", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME) { + ret = ssl->conf->f_sni(ssl->conf->p_sni, + ssl, p + 3, hostname_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_sni_wrapper", ret); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - return( 0 ); + return 0; } servername_list_size -= hostname_len + 3; p += hostname_len + 3; } - if( servername_list_size != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (servername_list_size != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf ) +static int ssl_conf_has_psk_or_cb(mbedtls_ssl_config const *conf) { - if( conf->f_psk != NULL ) - return( 1 ); + if (conf->f_psk != NULL) { + return 1; + } - if( conf->psk_identity_len == 0 || conf->psk_identity == NULL ) - return( 0 ); + if (conf->psk_identity_len == 0 || conf->psk_identity == NULL) { + return 0; + } - if( conf->psk != NULL && conf->psk_len != 0 ) - return( 1 ); + if (conf->psk != NULL && conf->psk_len != 0) { + return 1; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) ) - return( 1 ); + if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) { + return 1; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - return( 0 ); + return 0; } #if defined(MBEDTLS_USE_PSA_CRYPTO) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) +static int ssl_use_opaque_psk(mbedtls_ssl_context const *ssl) { - if( ssl->conf->f_psk != NULL ) - { + if (ssl->conf->f_psk != NULL) { /* If we've used a callback to select the PSK, * the static configuration is irrelevant. */ - if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) - return( 1 ); + if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { + return 1; + } - return( 0 ); + return 0; } - if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) ) - return( 1 ); + if (!mbedtls_svc_key_id_is_null(ssl->conf->psk_opaque)) { + return 1; + } - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_renegotiation_info(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { /* Check verify-data in constant-time. The length OTOH is no secret */ - if( len != 1 + ssl->verify_data_len || + if (len != 1 + ssl->verify_data_len || buf[0] != ssl->verify_data_len || - mbedtls_ct_memcmp( buf + 1, ssl->peer_verify_data, - ssl->verify_data_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + mbedtls_ct_memcmp(buf + 1, ssl->peer_verify_data, + ssl->verify_data_len) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("non-matching renegotiation info")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - } - else + } else #endif /* MBEDTLS_SSL_RENEGOTIATION */ { - if( len != 1 || buf[0] != 0x0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len != 1 || buf[0] != 0x0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("non-zero length renegotiation info")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; } - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ @@ -238,9 +234,9 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, * */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_signature_algorithms_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { size_t sig_alg_list_size; @@ -250,20 +246,19 @@ static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, mbedtls_md_type_t md_cur; mbedtls_pk_type_t sig_cur; - if ( len < 2 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len < 2) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - sig_alg_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); - if( sig_alg_list_size + 2 != len || - sig_alg_list_size % 2 != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + sig_alg_list_size = ((buf[0] << 8) | (buf[1])); + if (sig_alg_list_size + 2 != len || + sig_alg_list_size % 2 != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* Currently we only guarantee signing the ServerKeyExchange message according @@ -275,41 +270,35 @@ static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, * pair list from the extension. */ - for( p = buf + 2; p < end; p += 2 ) - { + for (p = buf + 2; p < end; p += 2) { /* Silently ignore unknown signature or hash algorithms. */ - if( ( sig_cur = mbedtls_ssl_pk_alg_from_sig( p[1] ) ) == MBEDTLS_PK_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext" - " unknown sig alg encoding %d", p[1] ) ); + if ((sig_cur = mbedtls_ssl_pk_alg_from_sig(p[1])) == MBEDTLS_PK_NONE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext" + " unknown sig alg encoding %d", p[1])); continue; } /* Check if we support the hash the user proposes */ - md_cur = mbedtls_ssl_md_alg_from_hash( p[0] ); - if( md_cur == MBEDTLS_MD_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:" - " unknown hash alg encoding %d", p[0] ) ); + md_cur = mbedtls_ssl_md_alg_from_hash(p[0]); + if (md_cur == MBEDTLS_MD_NONE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext:" + " unknown hash alg encoding %d", p[0])); continue; } - if( mbedtls_ssl_check_sig_hash( ssl, md_cur ) == 0 ) - { - mbedtls_ssl_sig_hash_set_add( &ssl->handshake->hash_algs, sig_cur, md_cur ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:" - " match sig %u and hash %u", - (unsigned) sig_cur, (unsigned) md_cur ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: " - "hash alg %u not supported", (unsigned) md_cur ) ); + if (mbedtls_ssl_check_sig_hash(ssl, md_cur) == 0) { + mbedtls_ssl_sig_hash_set_add(&ssl->handshake->hash_algs, sig_cur, md_cur); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext:" + " match sig %u and hash %u", + (unsigned) sig_cur, (unsigned) md_cur)); + } else { + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext: " + "hash alg %u not supported", (unsigned) md_cur)); } } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ @@ -317,61 +306,57 @@ static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_supported_elliptic_curves(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { size_t list_size, our_size; const unsigned char *p; const mbedtls_ecp_curve_info *curve_info, **curves; - if ( len < 2 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len < 2) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); - if( list_size + 2 != len || - list_size % 2 != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + list_size = ((buf[0] << 8) | (buf[1])); + if (list_size + 2 != len || + list_size % 2 != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* Should never happen unless client duplicates the extension */ - if( ssl->handshake->curves != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ssl->handshake->curves != NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* Don't allow our peer to make us allocate too much memory, * and leave room for a final 0 */ our_size = list_size / 2 + 1; - if( our_size > MBEDTLS_ECP_DP_MAX ) + if (our_size > MBEDTLS_ECP_DP_MAX) { our_size = MBEDTLS_ECP_DP_MAX; + } - if( ( curves = mbedtls_calloc( our_size, sizeof( *curves ) ) ) == NULL ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if ((curves = mbedtls_calloc(our_size, sizeof(*curves))) == NULL) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } ssl->handshake->curves = curves; p = buf + 2; - while( list_size > 0 && our_size > 1 ) - { - curve_info = mbedtls_ecp_curve_info_from_tls_id( ( p[0] << 8 ) | p[1] ); + while (list_size > 0 && our_size > 1) { + curve_info = mbedtls_ecp_curve_info_from_tls_id((p[0] << 8) | p[1]); - if( curve_info != NULL ) - { + if (curve_info != NULL) { *curves++ = curve_info; our_size--; } @@ -380,116 +365,109 @@ static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, p += 2; } - return( 0 ); + return 0; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_supported_point_formats(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { size_t list_size; const unsigned char *p; - if( len == 0 || (size_t)( buf[0] + 1 ) != len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len == 0 || (size_t) (buf[0] + 1) != len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } list_size = buf[0]; p = buf + 1; - while( list_size > 0 ) - { - if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || - p[0] == MBEDTLS_ECP_PF_COMPRESSED ) - { + while (list_size > 0) { + if (p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || + p[0] == MBEDTLS_ECP_PF_COMPRESSED) { #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ssl->handshake->ecdh_ctx.point_format = p[0]; #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) ssl->handshake->ecjpake_ctx.point_format = p[0]; #endif - MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(4, ("point format selected: %d", p[0])); + return 0; } list_size--; p++; } - return( 0 ); + return 0; } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_ecjpake_kkpp(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) ); - return( 0 ); + if (mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("skip ecjpake kkpp extension")); + return 0; } - if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx, - buf, len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( ret ); + if ((ret = mbedtls_ecjpake_read_round_one(&ssl->handshake->ecjpake_ctx, + buf, len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_one", ret); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return ret; } /* Only mark the extension as OK when we're sure it is */ ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK; - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_max_fragment_length_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( len != 1 || buf[0] >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len != 1 || buf[0] >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ssl->session_negotiate->mfl_code = buf[0]; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_cid_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { size_t peer_cid_len; /* CID extension only makes sense in DTLS */ - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* @@ -499,179 +477,170 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, * struct { * opaque cid<0..2^8-1>; * } ConnectionId; - */ + */ - if( len < 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len < 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } peer_cid_len = *buf++; len--; - if( len != peer_cid_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len != peer_cid_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* Ignore CID if the user has disabled its use. */ - if( ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED ) - { + if (ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) { /* Leave ssl->handshake->cid_in_use in its default * value of MBEDTLS_SSL_CID_DISABLED. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Client sent CID extension, but CID disabled" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Client sent CID extension, but CID disabled")); + return 0; } - if( peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len; - memcpy( ssl->handshake->peer_cid, buf, peer_cid_len ); + memcpy(ssl->handshake->peer_cid, buf, peer_cid_len); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use of CID extension negotiated" ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Client CID", buf, peer_cid_len ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Use of CID extension negotiated")); + MBEDTLS_SSL_DEBUG_BUF(3, "Client CID", buf, peer_cid_len); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_truncated_hmac_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ((void) buf); - if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) + if (ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED) { ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_encrypt_then_mac_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ((void) buf); - if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED && - ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED && + ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0) { ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_extended_ms_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ((void) buf); - if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED && - ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED && + ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0) { ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t len ) +static int ssl_parse_session_ticket_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_session session; - mbedtls_ssl_session_init( &session ); + mbedtls_ssl_session_init(&session); - if( ssl->conf->f_ticket_parse == NULL || - ssl->conf->f_ticket_write == NULL ) - { - return( 0 ); + if (ssl->conf->f_ticket_parse == NULL || + ssl->conf->f_ticket_write == NULL) { + return 0; } /* Remember the client asked us to send a new ticket */ ssl->handshake->new_session_ticket = 1; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %" MBEDTLS_PRINTF_SIZET, len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket length: %" MBEDTLS_PRINTF_SIZET, len)); - if( len == 0 ) - return( 0 ); + if (len == 0) { + return 0; + } #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket rejected: renegotiating" ) ); - return( 0 ); + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket rejected: renegotiating")); + return 0; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ /* * Failures are ok: just ignore the ticket and proceed. */ - if( ( ret = ssl->conf->f_ticket_parse( ssl->conf->p_ticket, &session, - buf, len ) ) != 0 ) - { - mbedtls_ssl_session_free( &session ); - - if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is not authentic" ) ); - else if( ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED ) - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is expired" ) ); - else - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_parse", ret ); + if ((ret = ssl->conf->f_ticket_parse(ssl->conf->p_ticket, &session, + buf, len)) != 0) { + mbedtls_ssl_session_free(&session); + + if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is not authentic")); + } else if (ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is expired")); + } else { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_ticket_parse", ret); + } - return( 0 ); + return 0; } /* @@ -679,37 +648,38 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, * inform them we're accepting the ticket (RFC 5077 section 3.4) */ session.id_len = ssl->session_negotiate->id_len; - memcpy( &session.id, ssl->session_negotiate->id, session.id_len ); + memcpy(&session.id, ssl->session_negotiate->id, session.id_len); - mbedtls_ssl_session_free( ssl->session_negotiate ); - memcpy( ssl->session_negotiate, &session, sizeof( mbedtls_ssl_session ) ); + mbedtls_ssl_session_free(ssl->session_negotiate); + memcpy(ssl->session_negotiate, &session, sizeof(mbedtls_ssl_session)); /* Zeroize instead of free as we copied the content */ - mbedtls_platform_zeroize( &session, sizeof( mbedtls_ssl_session ) ); + mbedtls_platform_zeroize(&session, sizeof(mbedtls_ssl_session)); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("session successfully restored from ticket")); ssl->handshake->resume = 1; /* Don't send a new ticket after all, this one is OK */ ssl->handshake->new_session_ticket = 0; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_ALPN) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +static int ssl_parse_alpn_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { size_t list_len, cur_len, ours_len; const unsigned char *theirs, *start, *end; const char **ours; /* If ALPN not configured, just ignore the extension */ - if( ssl->conf->alpn_list == NULL ) - return( 0 ); + if (ssl->conf->alpn_list == NULL) { + return 0; + } /* * opaque ProtocolName<1..2^8-1>; @@ -720,19 +690,17 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, */ /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */ - if( len < 4 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len < 4) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - list_len = ( buf[0] << 8 ) | buf[1]; - if( list_len != len - 2 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + list_len = (buf[0] << 8) | buf[1]; + if (list_len != len - 2) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* @@ -740,72 +708,65 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, */ start = buf + 2; end = buf + len; - for( theirs = start; theirs != end; theirs += cur_len ) - { + for (theirs = start; theirs != end; theirs += cur_len) { cur_len = *theirs++; /* Current identifier must fit in list */ - if( cur_len > (size_t)( end - theirs ) ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (cur_len > (size_t) (end - theirs)) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* Empty strings MUST NOT be included */ - if( cur_len == 0 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (cur_len == 0) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } } /* * Use our order of preference */ - for( ours = ssl->conf->alpn_list; *ours != NULL; ours++ ) - { - ours_len = strlen( *ours ); - for( theirs = start; theirs != end; theirs += cur_len ) - { + for (ours = ssl->conf->alpn_list; *ours != NULL; ours++) { + ours_len = strlen(*ours); + for (theirs = start; theirs != end; theirs += cur_len) { cur_len = *theirs++; - if( cur_len == ours_len && - memcmp( theirs, *ours, cur_len ) == 0 ) - { + if (cur_len == ours_len && + memcmp(theirs, *ours, cur_len) == 0) { ssl->alpn_chosen = *ours; - return( 0 ); + return 0; } } } /* If we get there, no match was found */ - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_parse_use_srtp_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { mbedtls_ssl_srtp_profile client_protection = MBEDTLS_TLS_SRTP_UNSET; - size_t i,j; + size_t i, j; size_t profile_length; uint16_t mki_length; /*! 2 bytes for profile length and 1 byte for mki len */ const size_t size_of_lengths = 3; /* If use_srtp is not configured, just ignore the extension */ - if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) || - ( ssl->conf->dtls_srtp_profile_list == NULL ) || - ( ssl->conf->dtls_srtp_profile_list_len == 0 ) ) - { - return( 0 ); + if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) || + (ssl->conf->dtls_srtp_profile_list == NULL) || + (ssl->conf->dtls_srtp_profile_list_len == 0)) { + return 0; } /* RFC5764 section 4.1.1 @@ -825,86 +786,77 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * Check here that we have at least 2 bytes of protection profiles length * and one of srtp_mki length */ - if( len < size_of_lengths ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len < size_of_lengths) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET; + ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET; /* first 2 bytes are protection profile length(in bytes) */ - profile_length = ( buf[0] << 8 ) | buf[1]; + profile_length = (buf[0] << 8) | buf[1]; buf += 2; /* The profile length cannot be bigger than input buffer size - lengths fields */ - if( profile_length > len - size_of_lengths || - profile_length % 2 != 0 ) /* profiles are 2 bytes long, so the length must be even */ - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (profile_length > len - size_of_lengths || + profile_length % 2 != 0) { /* profiles are 2 bytes long, so the length must be even */ + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* * parse the extension list values are defined in * http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml */ - for( j = 0; j < profile_length; j += 2 ) - { + for (j = 0; j < profile_length; j += 2) { uint16_t protection_profile_value = buf[j] << 8 | buf[j + 1]; - client_protection = mbedtls_ssl_check_srtp_profile_value( protection_profile_value ); + client_protection = mbedtls_ssl_check_srtp_profile_value(protection_profile_value); - if( client_protection != MBEDTLS_TLS_SRTP_UNSET ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s", - mbedtls_ssl_get_srtp_profile_as_string( - client_protection ) ) ); - } - else - { + if (client_protection != MBEDTLS_TLS_SRTP_UNSET) { + MBEDTLS_SSL_DEBUG_MSG(3, ("found srtp profile: %s", + mbedtls_ssl_get_srtp_profile_as_string( + client_protection))); + } else { continue; } /* check if suggested profile is in our list */ - for( i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++) - { - if( client_protection == ssl->conf->dtls_srtp_profile_list[i] ) - { + for (i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++) { + if (client_protection == ssl->conf->dtls_srtp_profile_list[i]) { ssl->dtls_srtp_info.chosen_dtls_srtp_profile = ssl->conf->dtls_srtp_profile_list[i]; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected srtp profile: %s", - mbedtls_ssl_get_srtp_profile_as_string( - client_protection ) ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("selected srtp profile: %s", + mbedtls_ssl_get_srtp_profile_as_string( + client_protection))); break; } } - if( ssl->dtls_srtp_info.chosen_dtls_srtp_profile != MBEDTLS_TLS_SRTP_UNSET ) + if (ssl->dtls_srtp_info.chosen_dtls_srtp_profile != MBEDTLS_TLS_SRTP_UNSET) { break; + } } buf += profile_length; /* buf points to the mki length */ mki_length = *buf; buf++; - if( mki_length > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH || - mki_length + profile_length + size_of_lengths != len ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (mki_length > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH || + mki_length + profile_length + size_of_lengths != len) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* Parse the mki only if present and mki is supported locally */ - if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED && - mki_length > 0 ) - { + if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED && + mki_length > 0) { ssl->dtls_srtp_info.mki_len = mki_length; - memcpy( ssl->dtls_srtp_info.mki_value, buf, mki_length ); + memcpy(ssl->dtls_srtp_info.mki_value, buf, mki_length); - MBEDTLS_SSL_DEBUG_BUF( 3, "using mki", ssl->dtls_srtp_info.mki_value, - ssl->dtls_srtp_info.mki_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "using mki", ssl->dtls_srtp_info.mki_value, + ssl->dtls_srtp_info.mki_len); } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ @@ -918,20 +870,20 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, */ #if defined(MBEDTLS_ECDSA_C) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_check_key_curve( mbedtls_pk_context *pk, - const mbedtls_ecp_curve_info **curves ) +static int ssl_check_key_curve(mbedtls_pk_context *pk, + const mbedtls_ecp_curve_info **curves) { const mbedtls_ecp_curve_info **crv = curves; - mbedtls_ecp_group_id grp_id = mbedtls_pk_ec( *pk )->grp.id; + mbedtls_ecp_group_id grp_id = mbedtls_pk_ec(*pk)->grp.id; - while( *crv != NULL ) - { - if( (*crv)->grp_id == grp_id ) - return( 0 ); + while (*crv != NULL) { + if ((*crv)->grp_id == grp_id) { + return 0; + } crv++; } - return( -1 ); + return -1; } #endif /* MBEDTLS_ECDSA_C */ @@ -940,41 +892,39 @@ static int ssl_check_key_curve( mbedtls_pk_context *pk, * return 0 on success and -1 on failure. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_pick_cert( mbedtls_ssl_context *ssl, - const mbedtls_ssl_ciphersuite_t * ciphersuite_info ) +static int ssl_pick_cert(mbedtls_ssl_context *ssl, + const mbedtls_ssl_ciphersuite_t *ciphersuite_info) { mbedtls_ssl_key_cert *cur, *list, *fallback = NULL; mbedtls_pk_type_t pk_alg = - mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); + mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info); uint32_t flags; #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_key_cert != NULL ) + if (ssl->handshake->sni_key_cert != NULL) { list = ssl->handshake->sni_key_cert; - else + } else #endif - list = ssl->conf->key_cert; + list = ssl->conf->key_cert; - if( pk_alg == MBEDTLS_PK_NONE ) - return( 0 ); + if (pk_alg == MBEDTLS_PK_NONE) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite requires certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite requires certificate")); - if( list == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server has no certificate" ) ); - return( -1 ); + if (list == NULL) { + MBEDTLS_SSL_DEBUG_MSG(3, ("server has no certificate")); + return -1; } - for( cur = list; cur != NULL; cur = cur->next ) - { + for (cur = list; cur != NULL; cur = cur->next) { flags = 0; - MBEDTLS_SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate", - cur->cert ); + MBEDTLS_SSL_DEBUG_CRT(3, "candidate certificate chain, certificate", + cur->cert); - if( ! mbedtls_pk_can_do( &cur->cert->pk, pk_alg ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) ); + if (!mbedtls_pk_can_do(&cur->cert->pk, pk_alg)) { + MBEDTLS_SSL_DEBUG_MSG(3, ("certificate mismatch: key type")); continue; } @@ -986,19 +936,17 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, * different uses based on keyUsage, eg if they want to avoid signing * and decrypting with the same RSA key. */ - if( mbedtls_ssl_check_cert_usage( cur->cert, ciphersuite_info, - MBEDTLS_SSL_IS_SERVER, &flags ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: " - "(extended) key usage extension" ) ); + if (mbedtls_ssl_check_cert_usage(cur->cert, ciphersuite_info, + MBEDTLS_SSL_IS_SERVER, &flags) != 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("certificate mismatch: " + "(extended) key usage extension")); continue; } #if defined(MBEDTLS_ECDSA_C) - if( pk_alg == MBEDTLS_PK_ECDSA && - ssl_check_key_curve( &cur->cert->pk, ssl->handshake->curves ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: elliptic curve" ) ); + if (pk_alg == MBEDTLS_PK_ECDSA && + ssl_check_key_curve(&cur->cert->pk, ssl->handshake->curves) != 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("certificate mismatch: elliptic curve")); continue; } #endif @@ -1008,15 +956,15 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, * present them a SHA-higher cert rather than failing if it's the only * one we got that satisfies the other conditions. */ - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 && - cur->cert->sig_md != MBEDTLS_MD_SHA1 ) - { - if( fallback == NULL ) + if (ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 && + cur->cert->sig_md != MBEDTLS_MD_SHA1) { + if (fallback == NULL) { fallback = cur; + } { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate not preferred: " - "sha-2 with pre-TLS 1.2 client" ) ); - continue; + MBEDTLS_SSL_DEBUG_MSG(3, ("certificate not preferred: " + "sha-2 with pre-TLS 1.2 client")); + continue; } } @@ -1024,19 +972,19 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, break; } - if( cur == NULL ) + if (cur == NULL) { cur = fallback; + } /* Do not update ssl->handshake->key_cert unless there is a match */ - if( cur != NULL ) - { + if (cur != NULL) { ssl->handshake->key_cert = cur; - MBEDTLS_SSL_DEBUG_CRT( 3, "selected certificate chain, certificate", - ssl->handshake->key_cert->cert ); - return( 0 ); + MBEDTLS_SSL_DEBUG_CRT(3, "selected certificate chain, certificate", + ssl->handshake->key_cert->cert); + return 0; } - return( -1 ); + return -1; } #endif /* MBEDTLS_X509_CRT_PARSE_C */ @@ -1045,8 +993,8 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, * Sets ciphersuite_info only if the suite matches. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, - const mbedtls_ssl_ciphersuite_t **ciphersuite_info ) +static int ssl_ciphersuite_match(mbedtls_ssl_context *ssl, int suite_id, + const mbedtls_ssl_ciphersuite_t **ciphersuite_info) { const mbedtls_ssl_ciphersuite_t *suite_info; @@ -1055,68 +1003,63 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, mbedtls_pk_type_t sig_type; #endif - suite_info = mbedtls_ssl_ciphersuite_from_id( suite_id ); - if( suite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + suite_info = mbedtls_ssl_ciphersuite_from_id(suite_id); + if (suite_info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "trying ciphersuite: %#04x (%s)", - (unsigned int) suite_id, suite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("trying ciphersuite: %#04x (%s)", + (unsigned int) suite_id, suite_info->name)); - if( suite_info->min_minor_ver > ssl->minor_ver || - suite_info->max_minor_ver < ssl->minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: version" ) ); - return( 0 ); + if (suite_info->min_minor_ver > ssl->minor_ver || + suite_info->max_minor_ver < ssl->minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: version")); + return 0; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) ) - return( 0 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS)) { + return 0; + } #endif #if defined(MBEDTLS_ARC4_C) - if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && - suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: rc4" ) ); - return( 0 ); + if (ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && + suite_info->cipher == MBEDTLS_CIPHER_ARC4_128) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: rc4")); + return 0; } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && - ( ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: ecjpake " - "not configured or ext missing" ) ); - return( 0 ); + if (suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && + (ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK) == 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: ecjpake " + "not configured or ext missing")); + return 0; } #endif #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) - if( mbedtls_ssl_ciphersuite_uses_ec( suite_info ) && - ( ssl->handshake->curves == NULL || - ssl->handshake->curves[0] == NULL ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " - "no common elliptic curve" ) ); - return( 0 ); + if (mbedtls_ssl_ciphersuite_uses_ec(suite_info) && + (ssl->handshake->curves == NULL || + ssl->handshake->curves[0] == NULL)) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: " + "no common elliptic curve")); + return 0; } #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) /* If the ciphersuite requires a pre-shared key and we don't * have one, skip it now rather than failing later */ - if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && - ssl_conf_has_psk_or_cb( ssl->conf ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no pre-shared key" ) ); - return( 0 ); + if (mbedtls_ssl_ciphersuite_uses_psk(suite_info) && + ssl_conf_has_psk_or_cb(ssl->conf) == 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: no pre-shared key")); + return 0; } #endif @@ -1124,15 +1067,14 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* If the ciphersuite requires signing, check whether * a suitable hash algorithm is present. */ - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - sig_type = mbedtls_ssl_get_ciphersuite_sig_alg( suite_info ); - if( sig_type != MBEDTLS_PK_NONE && - mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, sig_type ) == MBEDTLS_MD_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no suitable hash algorithm " - "for signature algorithm %u", (unsigned) sig_type ) ); - return( 0 ); + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { + sig_type = mbedtls_ssl_get_ciphersuite_sig_alg(suite_info); + if (sig_type != MBEDTLS_PK_NONE && + mbedtls_ssl_sig_hash_set_find(&ssl->handshake->hash_algs, + sig_type) == MBEDTLS_MD_NONE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: no suitable hash algorithm " + "for signature algorithm %u", (unsigned) sig_type)); + return 0; } } @@ -1147,21 +1089,20 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, * - try the next ciphersuite if we don't * This must be done last since we modify the key_cert list. */ - if( ssl_pick_cert( ssl, suite_info ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " - "no suitable certificate" ) ); - return( 0 ); + if (ssl_pick_cert(ssl, suite_info) != 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: " + "no suitable certificate")); + return 0; } #endif *ciphersuite_info = suite_info; - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) +static int ssl_parse_client_hello_v2(mbedtls_ssl_context *ssl) { int ret, got_common_suite; unsigned int i, j; @@ -1171,28 +1112,27 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) const int *ciphersuites; const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse client hello v2")); #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "client hello v2 illegal for renegotiation" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("client hello v2 illegal for renegotiation")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ buf = ssl->in_hdr; - MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, 5 ); + MBEDTLS_SSL_DEBUG_BUF(4, "record header", buf, 5); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message type: %d", - buf[2] ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message len.: %d", - ( ( buf[0] & 0x7F ) << 8 ) | buf[1] ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, max. version: [%d:%d]", - buf[3], buf[4] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v2, message type: %d", + buf[2])); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v2, message len.: %d", + ((buf[0] & 0x7F) << 8) | buf[1])); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v2, max. version: [%d:%d]", + buf[3], buf[4])); /* * SSLv2 Client Hello @@ -1204,47 +1144,43 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) * 2 . 2 message type * 3 . 4 protocol version */ - if( buf[2] != MBEDTLS_SSL_HS_CLIENT_HELLO || - buf[3] != MBEDTLS_SSL_MAJOR_VERSION_3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (buf[2] != MBEDTLS_SSL_HS_CLIENT_HELLO || + buf[3] != MBEDTLS_SSL_MAJOR_VERSION_3) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - n = ( ( buf[0] << 8 ) | buf[1] ) & 0x7FFF; + n = ((buf[0] << 8) | buf[1]) & 0x7FFF; - if( n < 17 || n > 512 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (n < 17 || n > 512) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; - ssl->minor_ver = ( buf[4] <= ssl->conf->max_minor_ver ) + ssl->minor_ver = (buf[4] <= ssl->conf->max_minor_ver) ? buf[4] : ssl->conf->max_minor_ver; - if( ssl->minor_ver < ssl->conf->min_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" - " [%d:%d] < [%d:%d]", - ssl->major_ver, ssl->minor_ver, - ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); + if (ssl->minor_ver < ssl->conf->min_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("client only supports ssl smaller than minimum" + " [%d:%d] < [%d:%d]", + ssl->major_ver, ssl->minor_ver, + ssl->conf->min_major_ver, ssl->conf->min_minor_ver)); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION); + return MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; } ssl->handshake->max_major_ver = buf[3]; ssl->handshake->max_minor_ver = buf[4]; - if( ( ret = mbedtls_ssl_fetch_input( ssl, 2 + n ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); + if ((ret = mbedtls_ssl_fetch_input(ssl, 2 + n)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); + return ret; } - ssl->handshake->update_checksum( ssl, buf + 2, n ); + ssl->handshake->update_checksum(ssl, buf + 2, n); buf = ssl->in_msg; n = ssl->in_left - 5; @@ -1257,76 +1193,69 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) * .. . .. session id * .. . .. challenge */ - MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, n ); + MBEDTLS_SSL_DEBUG_BUF(4, "record contents", buf, n); - ciph_len = ( buf[0] << 8 ) | buf[1]; - sess_len = ( buf[2] << 8 ) | buf[3]; - chal_len = ( buf[4] << 8 ) | buf[5]; + ciph_len = (buf[0] << 8) | buf[1]; + sess_len = (buf[2] << 8) | buf[3]; + chal_len = (buf[4] << 8) | buf[5]; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciph_len: %u, sess_len: %u, chal_len: %u", - ciph_len, sess_len, chal_len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ciph_len: %u, sess_len: %u, chal_len: %u", + ciph_len, sess_len, chal_len)); /* * Make sure each parameter length is valid */ - if( ciph_len < 3 || ( ciph_len % 3 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ciph_len < 3 || (ciph_len % 3) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - if( sess_len > 32 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (sess_len > 32) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - if( chal_len < 8 || chal_len > 32 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (chal_len < 8 || chal_len > 32) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - if( n != 6 + ciph_len + sess_len + chal_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (n != 6 + ciph_len + sess_len + chal_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", - buf + 6, ciph_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", - buf + 6 + ciph_len, sess_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, challenge", - buf + 6 + ciph_len + sess_len, chal_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, ciphersuitelist", + buf + 6, ciph_len); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, session id", + buf + 6 + ciph_len, sess_len); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, challenge", + buf + 6 + ciph_len + sess_len, chal_len); p = buf + 6 + ciph_len; ssl->session_negotiate->id_len = sess_len; - memset( ssl->session_negotiate->id, 0, - sizeof( ssl->session_negotiate->id ) ); - memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->id_len ); + memset(ssl->session_negotiate->id, 0, + sizeof(ssl->session_negotiate->id)); + memcpy(ssl->session_negotiate->id, p, ssl->session_negotiate->id_len); p += sess_len; - memset( ssl->handshake->randbytes, 0, 64 ); - memcpy( ssl->handshake->randbytes + 32 - chal_len, p, chal_len ); + memset(ssl->handshake->randbytes, 0, 64); + memcpy(ssl->handshake->randbytes + 32 - chal_len, p, chal_len); /* * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */ - for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 ) - { - if( p[0] == 0 && p[1] == 0 && p[2] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); + for (i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3) { + if (p[0] == 0 && p[1] == 0 && p[2] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO) { + MBEDTLS_SSL_DEBUG_MSG(3, ("received TLS_EMPTY_RENEGOTIATION_INFO ")); #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV " - "during renegotiation" ) ); + if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { + MBEDTLS_SSL_DEBUG_MSG(1, ("received RENEGOTIATION SCSV " + "during renegotiation")); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; @@ -1335,21 +1264,18 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) } #if defined(MBEDTLS_SSL_FALLBACK_SCSV) - for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 ) - { - if( p[0] == 0 && - MBEDTLS_GET_UINT16_BE(p, 1) != MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "received FALLBACK_SCSV" ) ); + for (i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3) { + if (p[0] == 0 && + MBEDTLS_GET_UINT16_BE(p, 1) != MBEDTLS_SSL_FALLBACK_SCSV_VALUE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("received FALLBACK_SCSV")); - if( ssl->minor_ver < ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) ); + if (ssl->minor_ver < ssl->conf->max_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("inapropriate fallback")); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } break; @@ -1361,55 +1287,58 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; ciphersuite_info = NULL; #if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) - for( i = 0; ciphersuites[i] != 0; i++ ) - { - if( p[0] != 0 || - MBEDTLS_GET_UINT16_BE(p, 1) != ciphersuites[i] ) + for (j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3) { + for (i = 0; ciphersuites[i] != 0; i++) { + if (p[0] != 0 || + MBEDTLS_GET_UINT16_BE(p, 1) != ciphersuites[i]) { continue; + } got_common_suite = 1; - if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], - &ciphersuite_info ) ) != 0 ) - return( ret ); + if ((ret = ssl_ciphersuite_match(ssl, ciphersuites[i], + &ciphersuite_info)) != 0) { + return ret; + } - if( ciphersuite_info != NULL ) + if (ciphersuite_info != NULL) { goto have_ciphersuite_v2; + } } + } #else - for( i = 0; ciphersuites[i] != 0; i++ ) - for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) - { - if( p[0] != 0 || - MBEDTLS_GET_UINT16_BE(p, 1) != ciphersuites[i] ) + for (i = 0; ciphersuites[i] != 0; i++) { + for (j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3) { + if (p[0] != 0 || + MBEDTLS_GET_UINT16_BE(p, 1) != ciphersuites[i]) { continue; + } got_common_suite = 1; - if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], - &ciphersuite_info ) ) != 0 ) - return( ret ); + if ((ret = ssl_ciphersuite_match(ssl, ciphersuites[i], + &ciphersuite_info)) != 0) { + return ret; + } - if( ciphersuite_info != NULL ) + if (ciphersuite_info != NULL) { goto have_ciphersuite_v2; + } } + } #endif - if( got_common_suite ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, " - "but none of them usable" ) ); - return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + if (got_common_suite) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got ciphersuites in common, " + "but none of them usable")); + return MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE; + } else { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no ciphersuites in common")); + return MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN; } have_ciphersuite_v2: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("selected ciphersuite: %s", ciphersuite_info->name)); ssl->session_negotiate->ciphersuite = ciphersuites[i]; ssl->handshake->ciphersuite_info = ciphersuite_info; @@ -1417,21 +1346,20 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) /* * SSLv2 Client Hello relevant renegotiation security checks */ - if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("legacy renegotiation, breaking off handshake")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ssl->in_left = 0; ssl->state++; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello v2" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse client hello v2")); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ @@ -1439,7 +1367,7 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) ClientHello parsing because they might indicate that the client is not talking SSL/TLS at all and would not understand our alert. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) +static int ssl_parse_client_hello(mbedtls_ssl_context *ssl) { int ret, got_common_suite; size_t i, j; @@ -1466,7 +1394,7 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse client hello")); int renegotiating = 0; #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) @@ -1478,16 +1406,15 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) * ClientHello, which doesn't use the same record layer format. */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { renegotiating = 1; + } #endif - if( !renegotiating ) - { - if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 ) - { + if (!renegotiating) { + if ((ret = mbedtls_ssl_fetch_input(ssl, 5)) != 0) { /* No alert on a read error. */ - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); + return ret; } } @@ -1496,15 +1423,18 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) int is_dtls = 0; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { is_dtls = 1; + } #endif - if( !is_dtls ) - if( ( buf[0] & 0x80 ) != 0 ) - return( ssl_parse_client_hello_v2( ssl ) ); + if (!is_dtls) { + if ((buf[0] & 0x80) != 0) { + return ssl_parse_client_hello_v2(ssl); + } + } #endif - MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, mbedtls_ssl_in_hdr_len( ssl ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "record header", buf, mbedtls_ssl_in_hdr_len(ssl)); /* * SSLv3/TLS Client Hello @@ -1515,104 +1445,95 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) * 3 . 11 DTLS: epoch + record sequence number * 3 . 4 message length */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message type: %d", - buf[0] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, message type: %d", + buf[0])); - if( buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message len.: %d", - ( ssl->in_len[0] << 8 ) | ssl->in_len[1] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, message len.: %d", + (ssl->in_len[0] << 8) | ssl->in_len[1])); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, protocol version: [%d:%d]", - buf[1], buf[2] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, protocol version: [%d:%d]", + buf[1], buf[2])); - mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf + 1 ); + mbedtls_ssl_read_version(&major, &minor, ssl->conf->transport, buf + 1); /* According to RFC 5246 Appendix E.1, the version here is typically * "{03,00}, the lowest version number supported by the client, [or] the * value of ClientHello.client_version", so the only meaningful check here * is the major version shouldn't be less than 3 */ - if( major < MBEDTLS_SSL_MAJOR_VERSION_3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (major < MBEDTLS_SSL_MAJOR_VERSION_3) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* For DTLS if this is the initial handshake, remember the client sequence * number to use it in our next message (RFC 6347 4.2.1) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM #if defined(MBEDTLS_SSL_RENEGOTIATION) && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE #endif - ) - { + ) { /* Epoch should be 0 for initial handshakes */ - if( ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - memcpy( ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6 ); + memcpy(ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6); #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record, discarding" ) ); + if (mbedtls_ssl_dtls_replay_check(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("replayed record, discarding")); ssl->next_record_offset = 0; ssl->in_left = 0; goto read_record_header; } /* No MAC to check yet, so we can update right now */ - mbedtls_ssl_dtls_replay_update( ssl ); + mbedtls_ssl_dtls_replay_update(ssl); #endif } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1]; + msg_len = (ssl->in_len[0] << 8) | ssl->in_len[1]; #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { /* Set by mbedtls_ssl_read_record() */ msg_len = ssl->in_hslen; - } - else + } else #endif { - if( msg_len > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (msg_len > MBEDTLS_SSL_IN_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - if( ( ret = mbedtls_ssl_fetch_input( ssl, - mbedtls_ssl_in_hdr_len( ssl ) + msg_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); + if ((ret = mbedtls_ssl_fetch_input(ssl, + mbedtls_ssl_in_hdr_len(ssl) + msg_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); + return ret; } - /* Done reading this record, get ready for the next one */ + /* Done reading this record, get ready for the next one */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - ssl->next_record_offset = msg_len + mbedtls_ssl_in_hdr_len( ssl ); - else + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + ssl->next_record_offset = msg_len + mbedtls_ssl_in_hdr_len(ssl); + } else #endif - ssl->in_left = 0; + ssl->in_left = 0; } buf = ssl->in_msg; - MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, msg_len ); + MBEDTLS_SSL_DEBUG_BUF(4, "record contents", buf, msg_len); - ssl->handshake->update_checksum( ssl, buf, msg_len ); + ssl->handshake->update_checksum(ssl, buf, msg_len); /* * Handshake layer: @@ -1622,68 +1543,60 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) * 6 . 8 DTLS only: fragment offset * 9 . 11 DTLS only: fragment length */ - if( msg_len < mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (msg_len < mbedtls_ssl_hs_hdr_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake type: %d", buf[0] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, handshake type: %d", buf[0])); - if( buf[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (buf[0] != MBEDTLS_SSL_HS_CLIENT_HELLO) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d", - ( buf[1] << 16 ) | ( buf[2] << 8 ) | buf[3] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, handshake len.: %d", + (buf[1] << 16) | (buf[2] << 8) | buf[3])); - if( buf[1] != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message: %u != 0", - (unsigned) buf[1] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (buf[1] != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message: %u != 0", + (unsigned) buf[1])); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* We don't support fragmentation of ClientHello (yet?) */ - if( msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message: %u != %u + %u", - (unsigned) msg_len, - (unsigned) mbedtls_ssl_hs_hdr_len( ssl ), - (unsigned) ( buf[2] << 8 ) | buf[3] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (msg_len != mbedtls_ssl_hs_hdr_len(ssl) + ((buf[2] << 8) | buf[3])) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message: %u != %u + %u", + (unsigned) msg_len, + (unsigned) mbedtls_ssl_hs_hdr_len(ssl), + (unsigned) (buf[2] << 8) | buf[3])); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* * Copy the client's handshake message_seq on initial handshakes, * check sequence number on renego. */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { + if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { /* This couldn't be done in ssl_prepare_handshake_record() */ - unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | - ssl->in_msg[5]; - - if( cli_msg_seq != ssl->handshake->in_msg_seq ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message_seq: " - "%u (expected %u)", cli_msg_seq, - ssl->handshake->in_msg_seq ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + unsigned int cli_msg_seq = (ssl->in_msg[4] << 8) | + ssl->in_msg[5]; + + if (cli_msg_seq != ssl->handshake->in_msg_seq) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message_seq: " + "%u (expected %u)", cli_msg_seq, + ssl->handshake->in_msg_seq)); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ssl->handshake->in_msg_seq++; - } - else + } else #endif { - unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | - ssl->in_msg[5]; + unsigned int cli_msg_seq = (ssl->in_msg[4] << 8) | + ssl->in_msg[5]; ssl->handshake->out_msg_seq = cli_msg_seq; ssl->handshake->in_msg_seq = cli_msg_seq + 1; } @@ -1693,21 +1606,20 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) * fragment_offset == 0 and fragment_length == length */ MBEDTLS_SSL_DEBUG_MSG( - 4, ( "fragment_offset=%u fragment_length=%u length=%u", - (unsigned) ( ssl->in_msg[6] << 16 | ssl->in_msg[7] << 8 | ssl->in_msg[8] ), - (unsigned) ( ssl->in_msg[9] << 16 | ssl->in_msg[10] << 8 | ssl->in_msg[11] ), - (unsigned) ( ssl->in_msg[1] << 16 | ssl->in_msg[2] << 8 | ssl->in_msg[3] ) ) ); - if( ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 || - memcmp( ssl->in_msg + 1, ssl->in_msg + 9, 3 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ClientHello fragmentation not supported" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + 4, ("fragment_offset=%u fragment_length=%u length=%u", + (unsigned) (ssl->in_msg[6] << 16 | ssl->in_msg[7] << 8 | ssl->in_msg[8]), + (unsigned) (ssl->in_msg[9] << 16 | ssl->in_msg[10] << 8 | ssl->in_msg[11]), + (unsigned) (ssl->in_msg[1] << 16 | ssl->in_msg[2] << 8 | ssl->in_msg[3]))); + if (ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 || + memcmp(ssl->in_msg + 1, ssl->in_msg + 9, 3) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("ClientHello fragmentation not supported")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - buf += mbedtls_ssl_hs_hdr_len( ssl ); - msg_len -= mbedtls_ssl_hs_hdr_len( ssl ); + buf += mbedtls_ssl_hs_hdr_len(ssl); + msg_len -= mbedtls_ssl_hs_hdr_len(ssl); /* * ClientHello layer: @@ -1730,150 +1642,136 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) * 2 + 32 + 1 + 2 + 1 = 38 bytes. Check that first, so that we can * read at least up to session id length without worrying. */ - if( msg_len < 38 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (msg_len < 38) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* * Check and save the protocol version */ - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, version", buf, 2 ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, version", buf, 2); - mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, - ssl->conf->transport, buf ); + mbedtls_ssl_read_version(&ssl->major_ver, &ssl->minor_ver, + ssl->conf->transport, buf); ssl->handshake->max_major_ver = ssl->major_ver; ssl->handshake->max_minor_ver = ssl->minor_ver; - if( ssl->major_ver < ssl->conf->min_major_ver || - ssl->minor_ver < ssl->conf->min_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" - " [%d:%d] < [%d:%d]", - ssl->major_ver, ssl->minor_ver, - ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + if (ssl->major_ver < ssl->conf->min_major_ver || + ssl->minor_ver < ssl->conf->min_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("client only supports ssl smaller than minimum" + " [%d:%d] < [%d:%d]", + ssl->major_ver, ssl->minor_ver, + ssl->conf->min_major_ver, ssl->conf->min_minor_ver)); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION); + return MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; } - if( ssl->major_ver > ssl->conf->max_major_ver ) - { + if (ssl->major_ver > ssl->conf->max_major_ver) { ssl->major_ver = ssl->conf->max_major_ver; ssl->minor_ver = ssl->conf->max_minor_ver; - } - else if( ssl->minor_ver > ssl->conf->max_minor_ver ) + } else if (ssl->minor_ver > ssl->conf->max_minor_ver) { ssl->minor_ver = ssl->conf->max_minor_ver; + } /* * Save client random (inc. Unix time) */ - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf + 2, 32 ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, random bytes", buf + 2, 32); - memcpy( ssl->handshake->randbytes, buf + 2, 32 ); + memcpy(ssl->handshake->randbytes, buf + 2, 32); /* * Check the session ID length and save session ID */ sess_len = buf[34]; - if( sess_len > sizeof( ssl->session_negotiate->id ) || - sess_len + 34 + 2 > msg_len ) /* 2 for cipherlist length field */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (sess_len > sizeof(ssl->session_negotiate->id) || + sess_len + 34 + 2 > msg_len) { /* 2 for cipherlist length field */ + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 35, sess_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, session id", buf + 35, sess_len); ssl->session_negotiate->id_len = sess_len; - memset( ssl->session_negotiate->id, 0, - sizeof( ssl->session_negotiate->id ) ); - memcpy( ssl->session_negotiate->id, buf + 35, - ssl->session_negotiate->id_len ); + memset(ssl->session_negotiate->id, 0, + sizeof(ssl->session_negotiate->id)); + memcpy(ssl->session_negotiate->id, buf + 35, + ssl->session_negotiate->id_len); /* * Check the cookie length and content */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { cookie_offset = 35 + sess_len; cookie_len = buf[cookie_offset]; - if( cookie_offset + 1 + cookie_len + 2 > msg_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (cookie_offset + 1 + cookie_len + 2 > msg_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", - buf + cookie_offset + 1, cookie_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, cookie", + buf + cookie_offset + 1, cookie_len); #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( ssl->conf->f_cookie_check != NULL + if (ssl->conf->f_cookie_check != NULL #if defined(MBEDTLS_SSL_RENEGOTIATION) && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE #endif - ) - { - if( ssl->conf->f_cookie_check( ssl->conf->p_cookie, - buf + cookie_offset + 1, cookie_len, - ssl->cli_id, ssl->cli_id_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification failed" ) ); + ) { + if (ssl->conf->f_cookie_check(ssl->conf->p_cookie, + buf + cookie_offset + 1, cookie_len, + ssl->cli_id, ssl->cli_id_len) != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("cookie verification failed")); ssl->handshake->verify_cookie_len = 1; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification passed" ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("cookie verification passed")); ssl->handshake->verify_cookie_len = 0; } - } - else + } else #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ { /* We know we didn't send a cookie, so it should be empty */ - if( cookie_len != 0 ) - { + if (cookie_len != 0) { /* This may be an attacker's probe, so don't send an alert */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification skipped" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("cookie verification skipped")); } - /* - * Check the ciphersuitelist length (will be parsed later) - */ + /* + * Check the ciphersuitelist length (will be parsed later) + */ ciph_offset = cookie_offset + 1 + cookie_len; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ - ciph_offset = 35 + sess_len; + ciph_offset = 35 + sess_len; - ciph_len = ( buf[ciph_offset + 0] << 8 ) - | ( buf[ciph_offset + 1] ); + ciph_len = (buf[ciph_offset + 0] << 8) + | (buf[ciph_offset + 1]); - if( ciph_len < 2 || + if (ciph_len < 2 || ciph_len + 2 + ciph_offset + 1 > msg_len || /* 1 for comp. alg. len */ - ( ciph_len % 2 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + (ciph_len % 2) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", - buf + ciph_offset + 2, ciph_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, ciphersuitelist", + buf + ciph_offset + 2, ciph_len); /* * Check the compression algorithms length and pick one @@ -1882,25 +1780,22 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) comp_len = buf[comp_offset]; - if( comp_len < 1 || + if (comp_len < 1 || comp_len > 16 || - comp_len + comp_offset + 1 > msg_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + comp_len + comp_offset + 1 > msg_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, compression", - buf + comp_offset + 1, comp_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, compression", + buf + comp_offset + 1, comp_len); ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; #if defined(MBEDTLS_ZLIB_SUPPORT) - for( i = 0; i < comp_len; ++i ) - { - if( buf[comp_offset + 1 + i] == MBEDTLS_SSL_COMPRESS_DEFLATE ) - { + for (i = 0; i < comp_len; ++i) { + if (buf[comp_offset + 1 + i] == MBEDTLS_SSL_COMPRESS_DEFLATE) { ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_DEFLATE; break; } @@ -1909,99 +1804,97 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) /* See comments in ssl_write_client_hello() */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; + } #endif /* Do not parse the extensions if the protocol is SSLv3 */ #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) - { + if ((ssl->major_ver != 3) || (ssl->minor_ver != 0)) { #endif - /* - * Check the extension length - */ - ext_offset = comp_offset + 1 + comp_len; - if( msg_len > ext_offset ) - { - if( msg_len < ext_offset + 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } + /* + * Check the extension length + */ + ext_offset = comp_offset + 1 + comp_len; + if (msg_len > ext_offset) { + if (msg_len < ext_offset + 2) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + } - ext_len = ( buf[ext_offset + 0] << 8 ) - | ( buf[ext_offset + 1] ); + ext_len = (buf[ext_offset + 0] << 8) + | (buf[ext_offset + 1]); - if( msg_len != ext_offset + 2 + ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } + if (msg_len != ext_offset + 2 + ext_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - else - ext_len = 0; - - ext = buf + ext_offset + 2; - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len ); + } else { + ext_len = 0; + } - while( ext_len != 0 ) - { - unsigned int ext_id; - unsigned int ext_size; - if ( ext_len < 4 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); - ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) ); + ext = buf + ext_offset + 2; + MBEDTLS_SSL_DEBUG_BUF(3, "client hello extensions", ext, ext_len); - if( ext_size + 4 > ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - switch( ext_id ) - { + while (ext_len != 0) { + unsigned int ext_id; + unsigned int ext_size; + if (ext_len < 4) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + } + ext_id = ((ext[0] << 8) | (ext[1])); + ext_size = ((ext[2] << 8) | (ext[3])); + + if (ext_size + 4 > ext_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + } + switch (ext_id) { #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) case MBEDTLS_TLS_EXT_SERVERNAME: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) ); - if( ssl->conf->f_sni == NULL ) + MBEDTLS_SSL_DEBUG_MSG(3, ("found ServerName extension")); + if (ssl->conf->f_sni == NULL) { break; + } - ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_servername_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found renegotiation extension")); #if defined(MBEDTLS_SSL_RENEGOTIATION) renegotiation_info_seen = 1; #endif - ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_renegotiation_info(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) case MBEDTLS_TLS_EXT_SIG_ALG: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found signature_algorithms extension")); - ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_signature_algorithms_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } sig_hash_alg_ext_present = 1; break; @@ -2009,143 +1902,151 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) case MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported elliptic curves extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found supported elliptic curves extension")); - ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_supported_elliptic_curves(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found supported point formats extension")); ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT; - ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_supported_point_formats(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) case MBEDTLS_TLS_EXT_ECJPAKE_KKPP: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake kkpp extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found ecjpake kkpp extension")); - ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_ecjpake_kkpp(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found max fragment length extension")); - ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_max_fragment_length_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found truncated hmac extension")); - ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_truncated_hmac_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) case MBEDTLS_TLS_EXT_CID: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found CID extension")); - ret = ssl_parse_cid_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_cid_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found encrypt then mac extension")); - ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_encrypt_then_mac_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found extended master secret extension")); - ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_extended_ms_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) case MBEDTLS_TLS_EXT_SESSION_TICKET: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found session ticket extension")); - ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_session_ticket_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_ALPN) case MBEDTLS_TLS_EXT_ALPN: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found alpn extension")); - ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_alpn_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_DTLS_SRTP) case MBEDTLS_TLS_EXT_USE_SRTP: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found use_srtp extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found use_srtp extension")); - ret = ssl_parse_use_srtp_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_use_srtp_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_DTLS_SRTP */ default: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %u (ignoring)", - ext_id ) ); - } - - ext_len -= 4 + ext_size; - ext += 4 + ext_size; + MBEDTLS_SSL_DEBUG_MSG(3, ("unknown extension found: %u (ignoring)", + ext_id)); } -#if defined(MBEDTLS_SSL_PROTO_SSL3) + + ext_len -= 4 + ext_size; + ext += 4 + ext_size; } +#if defined(MBEDTLS_SSL_PROTO_SSL3) +} #endif #if defined(MBEDTLS_SSL_FALLBACK_SCSV) - for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 ) - { - if( MBEDTLS_GET_UINT16_BE( p, 0 ) == MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received FALLBACK_SCSV" ) ); + for (i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2) { + if (MBEDTLS_GET_UINT16_BE(p, 0) == MBEDTLS_SSL_FALLBACK_SCSV_VALUE) { + MBEDTLS_SSL_DEBUG_MSG(2, ("received FALLBACK_SCSV")); - if( ssl->minor_ver < ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) ); + if (ssl->minor_ver < ssl->conf->max_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("inapropriate fallback")); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } break; @@ -2160,14 +2061,14 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) * Try to fall back to default hash SHA1 if the client * hasn't provided any preferred signature-hash combinations. */ - if( sig_hash_alg_ext_present == 0 ) - { + if (sig_hash_alg_ext_present == 0) { mbedtls_md_type_t md_default = MBEDTLS_MD_SHA1; - if( mbedtls_ssl_check_sig_hash( ssl, md_default ) != 0 ) + if (mbedtls_ssl_check_sig_hash(ssl, md_default) != 0) { md_default = MBEDTLS_MD_NONE; + } - mbedtls_ssl_sig_hash_set_const_hash( &ssl->handshake->hash_algs, md_default ); + mbedtls_ssl_sig_hash_set_const_hash(&ssl->handshake->hash_algs, md_default); } #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && @@ -2176,19 +2077,16 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) /* * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */ - for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 ) - { - if( p[0] == 0 && p[1] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); + for (i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2) { + if (p[0] == 0 && p[1] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO) { + MBEDTLS_SSL_DEBUG_MSG(3, ("received TLS_EMPTY_RENEGOTIATION_INFO ")); #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV " - "during renegotiation" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { + MBEDTLS_SSL_DEBUG_MSG(1, ("received RENEGOTIATION SCSV " + "during renegotiation")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } #endif ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; @@ -2199,41 +2097,34 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) /* * Renegotiation security checks */ - if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); + if (ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("legacy renegotiation, breaking off handshake")); handshake_failure = 1; } #if defined(MBEDTLS_SSL_RENEGOTIATION) - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && - renegotiation_info_seen == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); + renegotiation_info_seen == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("renegotiation_info extension missing (secure)")); handshake_failure = 1; - } - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); + } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION) { + MBEDTLS_SSL_DEBUG_MSG(1, ("legacy renegotiation not allowed")); handshake_failure = 1; - } - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - renegotiation_info_seen == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) ); + } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + renegotiation_info_seen == 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("renegotiation_info extension present (legacy)")); handshake_failure = 1; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ - if( handshake_failure == 1 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (handshake_failure == 1) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* @@ -2245,57 +2136,60 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; ciphersuite_info = NULL; #if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) - for( i = 0; ciphersuites[i] != 0; i++ ) - { - if( MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i] ) + for (j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2) { + for (i = 0; ciphersuites[i] != 0; i++) { + if (MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i]) { continue; + } got_common_suite = 1; - if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], - &ciphersuite_info ) ) != 0 ) - return( ret ); + if ((ret = ssl_ciphersuite_match(ssl, ciphersuites[i], + &ciphersuite_info)) != 0) { + return ret; + } - if( ciphersuite_info != NULL ) + if (ciphersuite_info != NULL) { goto have_ciphersuite; + } } + } #else - for( i = 0; ciphersuites[i] != 0; i++ ) - for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) - { - if( MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i] ) + for (i = 0; ciphersuites[i] != 0; i++) { + for (j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2) { + if (MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i]) { continue; + } got_common_suite = 1; - if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], - &ciphersuite_info ) ) != 0 ) - return( ret ); + if ((ret = ssl_ciphersuite_match(ssl, ciphersuites[i], + &ciphersuite_info)) != 0) { + return ret; + } - if( ciphersuite_info != NULL ) + if (ciphersuite_info != NULL) { goto have_ciphersuite; + } } + } #endif - if( got_common_suite ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, " - "but none of them usable" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + if (got_common_suite) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got ciphersuites in common, " + "but none of them usable")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE; + } else { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no ciphersuites in common")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN; } have_ciphersuite: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("selected ciphersuite: %s", ciphersuite_info->name)); ssl->session_negotiate->ciphersuite = ciphersuites[i]; ssl->handshake->ciphersuite_info = ciphersuite_info; @@ -2303,53 +2197,49 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) ssl->state++; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_recv_flight_completed( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_recv_flight_completed(ssl); + } #endif /* Debugging-only output for testsuite */ #if defined(MBEDTLS_DEBUG_C) && \ defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_alg( ciphersuite_info ); - if( sig_alg != MBEDTLS_PK_NONE ) - { - mbedtls_md_type_t md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, - sig_alg ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: %d", - mbedtls_ssl_hash_from_md_alg( md_alg ) ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "no hash algorithm for signature algorithm " - "%u - should not happen", (unsigned) sig_alg ) ); + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { + mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_alg(ciphersuite_info); + if (sig_alg != MBEDTLS_PK_NONE) { + mbedtls_md_type_t md_alg = mbedtls_ssl_sig_hash_set_find(&ssl->handshake->hash_algs, + sig_alg); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext: %d", + mbedtls_ssl_hash_from_md_alg(md_alg))); + } else { + MBEDTLS_SSL_DEBUG_MSG(3, ("no hash algorithm for signature algorithm " + "%u - should not happen", (unsigned) sig_alg)); } } #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse client hello")); - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_truncated_hmac_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; - if( ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) - { + if (ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding truncated hmac extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_TRUNCATED_HMAC, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_TRUNCATED_HMAC, p, 0); p += 2; *p++ = 0x00; @@ -2360,9 +2250,9 @@ static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) -static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_cid_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; size_t ext_len; @@ -2372,18 +2262,18 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, /* Skip writing the extension if we don't want to use it or if * the client hasn't offered it. */ - if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_DISABLED ) + if (ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_DISABLED) { return; + } /* ssl->own_cid_len is at most MBEDTLS_SSL_CID_IN_LEN_MAX * which is at most 255, so the increment cannot overflow. */ - if( end < p || (size_t)( end - p ) < (unsigned)( ssl->own_cid_len + 5 ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + if (end < p || (size_t) (end - p) < (unsigned) (ssl->own_cid_len + 5)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small")); return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding CID extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding CID extension")); /* * Quoting draft-ietf-tls-dtls-connection-id-05 @@ -2392,31 +2282,32 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, * struct { * opaque cid<0..2^8-1>; * } ConnectionId; - */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_CID, p, 0 ); + */ + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_CID, p, 0); p += 2; ext_len = (size_t) ssl->own_cid_len + 1; - MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(ext_len, p, 0); p += 2; *p++ = (uint8_t) ssl->own_cid_len; - memcpy( p, ssl->own_cid, ssl->own_cid_len ); + memcpy(p, ssl->own_cid, ssl->own_cid_len); *olen = ssl->own_cid_len + 5; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_encrypt_then_mac_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; const mbedtls_ssl_ciphersuite_t *suite = NULL; const mbedtls_cipher_info_t *cipher = NULL; - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_DISABLED; + } /* * RFC 7366: "If a server receives an encrypt-then-MAC request extension @@ -2424,23 +2315,21 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, * with Associated Data (AEAD) ciphersuite, it MUST NOT send an * encrypt-then-MAC response extension back to the client." */ - if( ( suite = mbedtls_ssl_ciphersuite_from_id( - ssl->session_negotiate->ciphersuite ) ) == NULL || - ( cipher = mbedtls_cipher_info_from_type( suite->cipher ) ) == NULL || - cipher->mode != MBEDTLS_MODE_CBC ) - { + if ((suite = mbedtls_ssl_ciphersuite_from_id( + ssl->session_negotiate->ciphersuite)) == NULL || + (cipher = mbedtls_cipher_info_from_type(suite->cipher)) == NULL || + cipher->mode != MBEDTLS_MODE_CBC) { ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_DISABLED; } - if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED ) - { + if (ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding encrypt then mac extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0); p += 2; *p++ = 0x00; @@ -2451,23 +2340,22 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_extended_ms_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; - if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " - "extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding extended master secret " + "extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0); p += 2; *p++ = 0x00; @@ -2478,21 +2366,20 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) -static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_session_ticket_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; - if( ssl->handshake->new_session_ticket == 0 ) - { + if (ssl->handshake->new_session_ticket == 0) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding session ticket extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0); p += 2; *p++ = 0x00; @@ -2502,36 +2389,33 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ -static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_renegotiation_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; - if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION ) - { + if (ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, secure renegotiation extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0); p += 2; #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { *p++ = 0x00; - *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF; + *p++ = (ssl->verify_data_len * 2 + 1) & 0xFF; *p++ = ssl->verify_data_len * 2 & 0xFF; - memcpy( p, ssl->peer_verify_data, ssl->verify_data_len ); + memcpy(p, ssl->peer_verify_data, ssl->verify_data_len); p += ssl->verify_data_len; - memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); + memcpy(p, ssl->own_verify_data, ssl->verify_data_len); p += ssl->verify_data_len; - } - else + } else #endif /* MBEDTLS_SSL_RENEGOTIATION */ { *p++ = 0x00; @@ -2543,21 +2427,20 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_max_fragment_length_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; - if( ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) - { + if (ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, max_fragment_length extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0); p += 2; *p++ = 0x00; @@ -2571,23 +2454,22 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_supported_point_formats_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; ((void) ssl); - if( ( ssl->handshake->cli_exts & - MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT ) == 0 ) - { + if ((ssl->handshake->cli_exts & + MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT) == 0) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, supported_point_formats extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0); p += 2; *p++ = 0x00; @@ -2601,9 +2483,9 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = buf; @@ -2613,48 +2495,46 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, *olen = 0; /* Skip costly computation if not needed */ - if( ssl->handshake->ciphersuite_info->key_exchange != - MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + if (ssl->handshake->ciphersuite_info->key_exchange != + MBEDTLS_KEY_EXCHANGE_ECJPAKE) { return; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, ecjpake kkpp extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, ecjpake kkpp extension")); - if( end - p < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + if (end - p < 4) { + MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small")); return; } - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0); p += 2; - ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, - p + 2, end - p - 2, &kkpp_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1 , "mbedtls_ecjpake_write_round_one", ret ); + ret = mbedtls_ecjpake_write_round_one(&ssl->handshake->ecjpake_ctx, + p + 2, end - p - 2, &kkpp_len, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_write_round_one", ret); return; } - MBEDTLS_PUT_UINT16_BE( kkpp_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(kkpp_len, p, 0); p += 2; *olen = kkpp_len + 4; } #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ -#if defined(MBEDTLS_SSL_ALPN ) -static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, size_t *olen ) +#if defined(MBEDTLS_SSL_ALPN) +static void ssl_write_alpn_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, size_t *olen) { - if( ssl->alpn_chosen == NULL ) - { + if (ssl->alpn_chosen == NULL) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding alpn extension")); /* * 0 . 1 ext identifier @@ -2663,24 +2543,24 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, buf, 0); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ALPN, buf, 0); - *olen = 7 + strlen( ssl->alpn_chosen ); + *olen = 7 + strlen(ssl->alpn_chosen); - MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); + MBEDTLS_PUT_UINT16_BE(*olen - 4, buf, 2); - MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); + MBEDTLS_PUT_UINT16_BE(*olen - 6, buf, 4); - buf[6] = MBEDTLS_BYTE_0( *olen - 7 ); + buf[6] = MBEDTLS_BYTE_0(*olen - 7); - memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); + memcpy(buf + 7, ssl->alpn_chosen, *olen - 7); } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(MBEDTLS_SSL_DTLS_SRTP ) && defined(MBEDTLS_SSL_PROTO_DTLS) -static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +#if defined(MBEDTLS_SSL_DTLS_SRTP) && defined(MBEDTLS_SSL_PROTO_DTLS) +static void ssl_write_use_srtp_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { size_t mki_len = 0, ext_len = 0; uint16_t profile_value = 0; @@ -2688,16 +2568,14 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, *olen = 0; - if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) || - ( ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) ) - { + if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) || + (ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET)) { return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding use_srtp extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding use_srtp extension")); - if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED ) - { + if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED) { mki_len = ssl->dtls_srtp_info.mki_len; } @@ -2709,38 +2587,34 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * - 1 byte for the mki length * + the actual mki length * Check we have enough room in the output buffer */ - if( (size_t)( end - buf ) < mki_len + 9 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + if ((size_t) (end - buf) < mki_len + 9) { + MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small")); return; } /* extension */ - MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, buf, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, buf, 0); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - MBEDTLS_PUT_UINT16_BE( ext_len, buf, 2 ); + MBEDTLS_PUT_UINT16_BE(ext_len, buf, 2); /* protection profile length: 2 */ buf[4] = 0x00; buf[5] = 0x02; profile_value = mbedtls_ssl_check_srtp_profile_value( - ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); - if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) - { - MBEDTLS_PUT_UINT16_BE( profile_value, buf, 6 ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "use_srtp extension invalid profile" ) ); + ssl->dtls_srtp_info.chosen_dtls_srtp_profile); + if (profile_value != MBEDTLS_TLS_SRTP_UNSET) { + MBEDTLS_PUT_UINT16_BE(profile_value, buf, 6); + } else { + MBEDTLS_SSL_DEBUG_MSG(1, ("use_srtp extension invalid profile")); return; } buf[8] = mki_len & 0xFF; - memcpy( &buf[9], ssl->dtls_srtp_info.mki_value, mki_len ); + memcpy(&buf[9], ssl->dtls_srtp_info.mki_value, mki_len); *olen = 9 + mki_len; } @@ -2748,13 +2622,13 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) +static int ssl_write_hello_verify_request(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = ssl->out_msg + 4; unsigned char *cookie_len_byte; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello verify request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write hello verify request")); /* * struct { @@ -2765,32 +2639,30 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) /* The RFC is not clear on this point, but sending the actual negotiated * version looks like the most interoperable thing to do. */ - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, p ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 ); + mbedtls_ssl_write_version(ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, p); + MBEDTLS_SSL_DEBUG_BUF(3, "server version", p, 2); p += 2; /* If we get here, f_cookie_check is not null */ - if( ssl->conf->f_cookie_write == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "inconsistent cookie callbacks" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (ssl->conf->f_cookie_write == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("inconsistent cookie callbacks")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* Skip length byte until we know the length */ cookie_len_byte = p++; - if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie, - &p, ssl->out_buf + MBEDTLS_SSL_OUT_BUFFER_LEN, - ssl->cli_id, ssl->cli_id_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "f_cookie_write", ret ); - return( ret ); + if ((ret = ssl->conf->f_cookie_write(ssl->conf->p_cookie, + &p, ssl->out_buf + MBEDTLS_SSL_OUT_BUFFER_LEN, + ssl->cli_id, ssl->cli_id_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "f_cookie_write", ret); + return ret; } - *cookie_len_byte = (unsigned char)( p - ( cookie_len_byte + 1 ) ); + *cookie_len_byte = (unsigned char) (p - (cookie_len_byte + 1)); - MBEDTLS_SSL_DEBUG_BUF( 3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte ); + MBEDTLS_SSL_DEBUG_BUF(3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte); ssl->out_msglen = p - ssl->out_msg; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; @@ -2798,28 +2670,26 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) ssl->state = MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flight_transmit", ret); + return ret; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello verify request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write hello verify request")); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ -static void ssl_handle_id_based_session_resumption( mbedtls_ssl_context *ssl ) +static void ssl_handle_id_based_session_resumption(mbedtls_ssl_context *ssl) { int ret; mbedtls_ssl_session session_tmp; @@ -2827,49 +2697,53 @@ static void ssl_handle_id_based_session_resumption( mbedtls_ssl_context *ssl ) /* Resume is 0 by default, see ssl_handshake_init(). * It may be already set to 1 by ssl_parse_session_ticket_ext(). */ - if( ssl->handshake->resume == 1 ) + if (ssl->handshake->resume == 1) { return; - if( session->id_len == 0 ) + } + if (session->id_len == 0) { return; - if( ssl->conf->f_get_cache == NULL ) + } + if (ssl->conf->f_get_cache == NULL) { return; + } #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { return; + } #endif - mbedtls_ssl_session_init( &session_tmp ); + mbedtls_ssl_session_init(&session_tmp); session_tmp.id_len = session->id_len; - memcpy( session_tmp.id, session->id, session->id_len ); + memcpy(session_tmp.id, session->id, session->id_len); - ret = ssl->conf->f_get_cache( ssl->conf->p_cache, - &session_tmp ); - if( ret != 0 ) + ret = ssl->conf->f_get_cache(ssl->conf->p_cache, + &session_tmp); + if (ret != 0) { goto exit; + } - if( session->ciphersuite != session_tmp.ciphersuite || - session->compression != session_tmp.compression ) - { + if (session->ciphersuite != session_tmp.ciphersuite || + session->compression != session_tmp.compression) { /* Mismatch between cached and negotiated session */ goto exit; } /* Move semantics */ - mbedtls_ssl_session_free( session ); + mbedtls_ssl_session_free(session); *session = session_tmp; - memset( &session_tmp, 0, sizeof( session_tmp ) ); + memset(&session_tmp, 0, sizeof(session_tmp)); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("session successfully restored from cache")); ssl->handshake->resume = 1; exit: - mbedtls_ssl_session_free( &session_tmp ); + mbedtls_ssl_session_free(&session_tmp); } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) +static int ssl_write_server_hello(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t t; @@ -2878,23 +2752,21 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) size_t olen, ext_len = 0, n; unsigned char *buf, *p; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write server hello")); #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->verify_cookie_len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "client hello was not authenticated" ) ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->verify_cookie_len != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("client hello was not authenticated")); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server hello")); - return( ssl_write_hello_verify_request( ssl ) ); + return ssl_write_hello_verify_request(ssl); } #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ - if( ssl->conf->f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") ); - return( MBEDTLS_ERR_SSL_NO_RNG ); + if (ssl->conf->f_rng == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided")); + return MBEDTLS_ERR_SSL_NO_RNG; } /* @@ -2907,40 +2779,41 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) buf = ssl->out_msg; p = buf + 4; - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, p ); + mbedtls_ssl_write_version(ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, p); p += 2; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]", - buf[4], buf[5] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, chosen version: [%d:%d]", + buf[4], buf[5])); #if defined(MBEDTLS_HAVE_TIME) - t = mbedtls_time( NULL ); - MBEDTLS_PUT_UINT32_BE( t, p, 0 ); + t = mbedtls_time(NULL); + MBEDTLS_PUT_UINT32_BE(t, p, 0); p += 4; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %" MBEDTLS_PRINTF_LONGLONG, - (long long) t ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, current time: %" MBEDTLS_PRINTF_LONGLONG, + (long long) t)); #else - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 ) - return( ret ); + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 4)) != 0) { + return ret; + } p += 4; #endif /* MBEDTLS_HAVE_TIME */ - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 ) - return( ret ); + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 28)) != 0) { + return ret; + } p += 28; - memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 ); + memcpy(ssl->handshake->randbytes + 32, buf + 6, 32); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 ); + MBEDTLS_SSL_DEBUG_BUF(3, "server hello, random bytes", buf + 6, 32); - ssl_handle_id_based_session_resumption( ssl ); + ssl_handle_id_based_session_resumption(ssl); - if( ssl->handshake->resume == 0 ) - { + if (ssl->handshake->resume == 0) { /* * New session, create a new session id, * unless we're about to issue a session ticket @@ -2948,36 +2821,32 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) ssl->state++; #if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = mbedtls_time( NULL ); + ssl->session_negotiate->start = mbedtls_time(NULL); #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( ssl->handshake->new_session_ticket != 0 ) - { + if (ssl->handshake->new_session_ticket != 0) { ssl->session_negotiate->id_len = n = 0; - memset( ssl->session_negotiate->id, 0, 32 ); - } - else + memset(ssl->session_negotiate->id, 0, 32); + } else #endif /* MBEDTLS_SSL_SESSION_TICKETS */ { ssl->session_negotiate->id_len = n = 32; - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, - n ) ) != 0 ) - return( ret ); + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, ssl->session_negotiate->id, + n)) != 0) { + return ret; + } } - } - else - { + } else { /* * Resuming a session */ n = ssl->session_negotiate->id_len; ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - return( ret ); + if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret); + return ret; } } @@ -2990,136 +2859,132 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) * 44+n . 43+n+m extensions */ *p++ = (unsigned char) ssl->session_negotiate->id_len; - memcpy( p, ssl->session_negotiate->id, ssl->session_negotiate->id_len ); + memcpy(p, ssl->session_negotiate->id, ssl->session_negotiate->id_len); p += ssl->session_negotiate->id_len; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 39, n ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", - ssl->handshake->resume ? "a" : "no" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n)); + MBEDTLS_SSL_DEBUG_BUF(3, "server hello, session id", buf + 39, n); + MBEDTLS_SSL_DEBUG_MSG(3, ("%s session has been resumed", + ssl->handshake->resume ? "a" : "no")); - MBEDTLS_PUT_UINT16_BE( ssl->session_negotiate->ciphersuite, p, 0 ); + MBEDTLS_PUT_UINT16_BE(ssl->session_negotiate->ciphersuite, p, 0); p += 2; - *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->compression ); + *p++ = MBEDTLS_BYTE_0(ssl->session_negotiate->compression); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", - mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X", - (unsigned int) ssl->session_negotiate->compression ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, chosen ciphersuite: %s", + mbedtls_ssl_get_ciphersuite_name(ssl->session_negotiate->ciphersuite))); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, compress alg.: 0x%02X", + (unsigned int) ssl->session_negotiate->compression)); /* Do not write the extensions if the protocol is SSLv3 */ #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) - { + if ((ssl->major_ver != 3) || (ssl->minor_ver != 0)) { #endif /* * First write extensions, then the total length */ - ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_renegotiation_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_max_fragment_length_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_truncated_hmac_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_cid_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_encrypt_then_mac_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_extended_ms_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) - ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_session_ticket_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if ( mbedtls_ssl_ciphersuite_uses_ec( - mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ) ) ) - { - ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); + if (mbedtls_ssl_ciphersuite_uses_ec( + mbedtls_ssl_ciphersuite_from_id(ssl->session_negotiate->ciphersuite))) { + ssl_write_supported_point_formats_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_ecjpake_kkpp_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_ALPN) - ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_alpn_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) - ssl_write_use_srtp_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_use_srtp_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %" MBEDTLS_PRINTF_SIZET, - ext_len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, total extension length: %" MBEDTLS_PRINTF_SIZET, + ext_len)); - if( ext_len > 0 ) - { - MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + if (ext_len > 0) { + MBEDTLS_PUT_UINT16_BE(ext_len, p, 0); p += 2 + ext_len; } #if defined(MBEDTLS_SSL_PROTO_SSL3) - } +} #endif ssl->out_msglen = p - buf; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; - ret = mbedtls_ssl_write_handshake_msg( ssl ); + ret = mbedtls_ssl_write_handshake_msg(ssl); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server hello")); - return( ret ); + return ret; } #if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) +static int ssl_write_certificate_request(mbedtls_ssl_context *ssl) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate request")); - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate request")); ssl->state++; - return( 0 ); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) +static int ssl_write_certificate_request(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = @@ -3131,22 +2996,21 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) const mbedtls_x509_crt *crt; int authmode; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate request")); ssl->state++; #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) + if (ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET) { authmode = ssl->handshake->sni_authmode; - else + } else #endif - authmode = ssl->conf->authmode; + authmode = ssl->conf->authmode; - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) || - authmode == MBEDTLS_SSL_VERIFY_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); - return( 0 ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info) || + authmode == MBEDTLS_SSL_VERIFY_NONE) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate request")); + return 0; } /* @@ -3197,19 +3061,18 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) * enum { (255) } HashAlgorithm; * enum { (255) } SignatureAlgorithm; */ - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { const int *cur; /* * Supported signature algorithms */ - for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ ) - { - unsigned char hash = mbedtls_ssl_hash_from_md_alg( *cur ); + for (cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++) { + unsigned char hash = mbedtls_ssl_hash_from_md_alg(*cur); - if( MBEDTLS_SSL_HASH_NONE == hash || mbedtls_ssl_set_calc_verify_md( ssl, hash ) ) + if (MBEDTLS_SSL_HASH_NONE == hash || mbedtls_ssl_set_calc_verify_md(ssl, hash)) { continue; + } #if defined(MBEDTLS_RSA_C) p[2 + sa_len++] = hash; @@ -3221,7 +3084,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) #endif } - MBEDTLS_PUT_UINT16_BE( sa_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(sa_len, p, 0); sa_len += 2; p += sa_len; } @@ -3235,38 +3098,35 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) total_dn_size = 0; - if( ssl->conf->cert_req_ca_list == MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED ) - { + if (ssl->conf->cert_req_ca_list == MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED) { /* NOTE: If trusted certificates are provisioned * via a CA callback (configured through * `mbedtls_ssl_conf_ca_cb()`, then the * CertificateRequest is currently left empty. */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_ca_chain != NULL ) + if (ssl->handshake->sni_ca_chain != NULL) { crt = ssl->handshake->sni_ca_chain; - else + } else #endif - crt = ssl->conf->ca_chain; + crt = ssl->conf->ca_chain; - while( crt != NULL && crt->version != 0 ) - { + while (crt != NULL && crt->version != 0) { /* It follows from RFC 5280 A.1 that this length * can be represented in at most 11 bits. */ dn_size = (uint16_t) crt->subject_raw.len; - if( end < p || (size_t)( end - p ) < 2 + (size_t) dn_size ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "skipping CAs: buffer too short" ) ); + if (end < p || (size_t) (end - p) < 2 + (size_t) dn_size) { + MBEDTLS_SSL_DEBUG_MSG(1, ("skipping CAs: buffer too short")); break; } - MBEDTLS_PUT_UINT16_BE( dn_size, p, 0 ); + MBEDTLS_PUT_UINT16_BE(dn_size, p, 0); p += 2; - memcpy( p, crt->subject_raw.p, dn_size ); + memcpy(p, crt->subject_raw.p, dn_size); p += dn_size; - MBEDTLS_SSL_DEBUG_BUF( 3, "requested DN", p - dn_size, dn_size ); + MBEDTLS_SSL_DEBUG_BUF(3, "requested DN", p - dn_size, dn_size); total_dn_size += 2 + dn_size; crt = crt->next; @@ -3276,42 +3136,40 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) ssl->out_msglen = p - buf; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; - MBEDTLS_PUT_UINT16_BE( total_dn_size, ssl->out_msg, 4 + ct_len + sa_len ); + MBEDTLS_PUT_UINT16_BE(total_dn_size, ssl->out_msg, 4 + ct_len + sa_len); - ret = mbedtls_ssl_write_handshake_msg( ssl ); + ret = mbedtls_ssl_write_handshake_msg(ssl); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write certificate request")); - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) +static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_pk_context *own_key = mbedtls_ssl_own_key( ssl ); + mbedtls_pk_context *own_key = mbedtls_ssl_own_key(ssl); /* Check if the key is a transparent ECDH key. * This also ensures that it is safe to call mbedtls_pk_ec(). */ - if( mbedtls_pk_get_type( own_key ) != MBEDTLS_PK_ECKEY && - mbedtls_pk_get_type( own_key ) != MBEDTLS_PK_ECKEY_DH ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); - return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); + if (mbedtls_pk_get_type(own_key) != MBEDTLS_PK_ECKEY && + mbedtls_pk_get_type(own_key) != MBEDTLS_PK_ECKEY_DH) { + MBEDTLS_SSL_DEBUG_MSG(1, ("server key not ECDH capable")); + return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } - if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, - mbedtls_pk_ec( *own_key ), - MBEDTLS_ECDH_OURS ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret ); - return( ret ); + if ((ret = mbedtls_ecdh_get_params(&ssl->handshake->ecdh_ctx, + mbedtls_pk_ec(*own_key), + MBEDTLS_ECDH_OURS)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecdh_get_params"), ret); + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ @@ -3319,8 +3177,8 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && \ defined(MBEDTLS_SSL_ASYNC_PRIVATE) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, - size_t *signature_len ) +static int ssl_resume_server_key_exchange(mbedtls_ssl_context *ssl, + size_t *signature_len) { /* Append the signature to ssl->out_msg, leaving 2 bytes for the * signature length which will be added in ssl_write_server_key_exchange @@ -3328,17 +3186,16 @@ static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, * ssl_write_server_key_exchange also takes care of incrementing * ssl->out_msglen. */ unsigned char *sig_start = ssl->out_msg + ssl->out_msglen + 2; - size_t sig_max_len = ( ssl->out_buf + MBEDTLS_SSL_OUT_CONTENT_LEN - - sig_start ); - int ret = ssl->conf->f_async_resume( ssl, - sig_start, signature_len, sig_max_len ); - if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) - { + size_t sig_max_len = (ssl->out_buf + MBEDTLS_SSL_OUT_CONTENT_LEN + - sig_start); + int ret = ssl->conf->f_async_resume(ssl, + sig_start, signature_len, sig_max_len); + if (ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) { ssl->handshake->async_in_progress = 0; - mbedtls_ssl_set_async_operation_data( ssl, NULL ); + mbedtls_ssl_set_async_operation_data(ssl, NULL); } - MBEDTLS_SSL_DEBUG_RET( 2, "ssl_resume_server_key_exchange", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET(2, "ssl_resume_server_key_exchange", ret); + return ret; } #endif /* defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && defined(MBEDTLS_SSL_ASYNC_PRIVATE) */ @@ -3347,8 +3204,8 @@ static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, * calculating the signature if any, but excluding formatting the * signature and sending the message. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, - size_t *signature_len ) +static int ssl_prepare_server_key_exchange(mbedtls_ssl_context *ssl, + size_t *signature_len) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; @@ -3376,8 +3233,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * - ECJPAKE key exchanges */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; @@ -3385,11 +3241,10 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, &ssl->handshake->ecjpake_ctx, ssl->out_msg + ssl->out_msglen, MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, &len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_write_round_two", ret ); - return( ret ); + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_write_round_two", ret); + return ret; } ssl->out_msglen += len; @@ -3403,9 +3258,8 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, **/ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) { ssl->out_msg[ssl->out_msglen++] = 0x00; ssl->out_msg[ssl->out_msglen++] = 0x00; } @@ -3416,15 +3270,13 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * - DHE key exchanges */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_dhe( ciphersuite_info ) ) - { + if (mbedtls_ssl_ciphersuite_uses_dhe(ciphersuite_info)) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - if( ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no DH parameters set" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("no DH parameters set")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* @@ -3436,22 +3288,20 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * opaque dh_Ys<1..2^16-1>; * } ServerDHParams; */ - if( ( ret = mbedtls_dhm_set_group( &ssl->handshake->dhm_ctx, - &ssl->conf->dhm_P, - &ssl->conf->dhm_G ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_set_group", ret ); - return( ret ); + if ((ret = mbedtls_dhm_set_group(&ssl->handshake->dhm_ctx, + &ssl->conf->dhm_P, + &ssl->conf->dhm_G)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_set_group", ret); + return ret; } - if( ( ret = mbedtls_dhm_make_params( - &ssl->handshake->dhm_ctx, - (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), - ssl->out_msg + ssl->out_msglen, &len, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_params", ret ); - return( ret ); + if ((ret = mbedtls_dhm_make_params( + &ssl->handshake->dhm_ctx, + (int) mbedtls_mpi_size(&ssl->handshake->dhm_ctx.P), + ssl->out_msg + ssl->out_msglen, &len, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_make_params", ret); + return ret; } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) @@ -3460,10 +3310,10 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, ssl->out_msglen += len; - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: X ", &ssl->handshake->dhm_ctx.X); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: P ", &ssl->handshake->dhm_ctx.P); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: G ", &ssl->handshake->dhm_ctx.G); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GX", &ssl->handshake->dhm_ctx.GX); } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED */ @@ -3471,8 +3321,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * - ECDHE key exchanges */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_ecdhe( ciphersuite_info ) ) - { + if (mbedtls_ssl_ciphersuite_uses_ecdhe(ciphersuite_info)) { /* * Ephemeral ECDH parameters: * @@ -3487,35 +3336,35 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, size_t len = 0; /* Match our preference list against the offered curves */ - for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) - for( curve = ssl->handshake->curves; *curve != NULL; curve++ ) - if( (*curve)->grp_id == *gid ) + for (gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++) { + for (curve = ssl->handshake->curves; *curve != NULL; curve++) { + if ((*curve)->grp_id == *gid) { goto curve_matching_done; + } + } + } curve_matching_done: - if( curve == NULL || *curve == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + if (curve == NULL || *curve == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("no matching curve for ECDHE")); + return MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("ECDHE curve: %s", (*curve)->name)); - if( ( ret = mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx, - (*curve)->grp_id ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret ); - return( ret ); + if ((ret = mbedtls_ecdh_setup(&ssl->handshake->ecdh_ctx, + (*curve)->grp_id)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecp_group_load", ret); + return ret; } - if( ( ret = mbedtls_ecdh_make_params( - &ssl->handshake->ecdh_ctx, &len, - ssl->out_msg + ssl->out_msglen, - MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret ); - return( ret ); + if ((ret = mbedtls_ecdh_make_params( + &ssl->handshake->ecdh_ctx, &len, + ssl->out_msg + ssl->out_msglen, + MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_make_params", ret); + return ret; } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) @@ -3524,8 +3373,8 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, ssl->out_msglen += len; - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Q ); + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Q); } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED */ @@ -3536,8 +3385,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * */ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) ) - { + if (mbedtls_ssl_ciphersuite_uses_server_signature(ciphersuite_info)) { size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed; size_t hashlen = 0; #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -3560,31 +3408,26 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) mbedtls_pk_type_t sig_alg = - mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info); + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { /* A: For TLS 1.2, obey signature-hash-algorithm extension * (RFC 5246, Sec. 7.4.1.4.1). */ - if( sig_alg == MBEDTLS_PK_NONE || - ( md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, - sig_alg ) ) == MBEDTLS_MD_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + if (sig_alg == MBEDTLS_PK_NONE || + (md_alg = mbedtls_ssl_sig_hash_set_find(&ssl->handshake->hash_algs, + sig_alg)) == MBEDTLS_MD_NONE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); /* (... because we choose a cipher suite * only if there is a matching hash.) */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA) { /* B: Default hash SHA1 */ md_alg = MBEDTLS_MD_SHA1; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ MBEDTLS_SSL_PROTO_TLS1_1 */ { @@ -3592,52 +3435,49 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, md_alg = MBEDTLS_MD_NONE; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "pick hash algorithm %u for signing", (unsigned) md_alg ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("pick hash algorithm %u for signing", (unsigned) md_alg)); /* * 2.2: Compute the hash to be signed */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( md_alg == MBEDTLS_MD_NONE ) - { + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if (md_alg == MBEDTLS_MD_NONE) { hashlen = 36; - ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, - dig_signed, - dig_signed_len ); - if( ret != 0 ) - return( ret ); - } - else + ret = mbedtls_ssl_get_key_exchange_md_ssl_tls(ssl, hash, + dig_signed, + dig_signed_len); + if (ret != 0) { + return ret; + } + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( md_alg != MBEDTLS_MD_NONE ) - { - ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen, - dig_signed, - dig_signed_len, - md_alg ); - if( ret != 0 ) - return( ret ); - } - else + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (md_alg != MBEDTLS_MD_NONE) { + ret = mbedtls_ssl_get_key_exchange_md_tls1_2(ssl, hash, &hashlen, + dig_signed, + dig_signed_len, + md_alg); + if (ret != 0) { + return ret; + } + } else #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen ); + MBEDTLS_SSL_DEBUG_BUF(3, "parameters hash", hash, hashlen); /* * 2.3: Compute and add the signature */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { /* * For TLS 1.2, we need to specify signature and hash algorithm * explicitly through a prefix to the signature. @@ -3655,40 +3495,37 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, */ ssl->out_msg[ssl->out_msglen++] = - mbedtls_ssl_hash_from_md_alg( md_alg ); + mbedtls_ssl_hash_from_md_alg(md_alg); ssl->out_msg[ssl->out_msglen++] = - mbedtls_ssl_sig_from_pk_alg( sig_alg ); + mbedtls_ssl_sig_from_pk_alg(sig_alg); } #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( ssl->conf->f_async_sign_start != NULL ) - { - ret = ssl->conf->f_async_sign_start( ssl, - mbedtls_ssl_own_cert( ssl ), - md_alg, hash, hashlen ); - switch( ret ) - { - case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH: - /* act as if f_async_sign was null */ - break; - case 0: - ssl->handshake->async_in_progress = 1; - return( ssl_resume_server_key_exchange( ssl, signature_len ) ); - case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS: - ssl->handshake->async_in_progress = 1; - return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); - default: - MBEDTLS_SSL_DEBUG_RET( 1, "f_async_sign_start", ret ); - return( ret ); + if (ssl->conf->f_async_sign_start != NULL) { + ret = ssl->conf->f_async_sign_start(ssl, + mbedtls_ssl_own_cert(ssl), + md_alg, hash, hashlen); + switch (ret) { + case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH: + /* act as if f_async_sign was null */ + break; + case 0: + ssl->handshake->async_in_progress = 1; + return ssl_resume_server_key_exchange(ssl, signature_len); + case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS: + ssl->handshake->async_in_progress = 1; + return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS; + default: + MBEDTLS_SSL_DEBUG_RET(1, "f_async_sign_start", ret); + return ret; } } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( mbedtls_ssl_own_key( ssl ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + if (mbedtls_ssl_own_key(ssl) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no private key")); + return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED; } /* Append the signature to ssl->out_msg, leaving 2 bytes for the @@ -3696,20 +3533,19 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * after the call to ssl_prepare_server_key_exchange. * ssl_write_server_key_exchange also takes care of incrementing * ssl->out_msglen. */ - if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), - md_alg, hash, hashlen, - ssl->out_msg + ssl->out_msglen + 2, - signature_len, - ssl->conf->f_rng, - ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); - return( ret ); + if ((ret = mbedtls_pk_sign(mbedtls_ssl_own_key(ssl), + md_alg, hash, hashlen, + ssl->out_msg + ssl->out_msglen + 2, + signature_len, + ssl->conf->f_rng, + ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_sign", ret); + return ret; } } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ - return( 0 ); + return 0; } /* Prepare the ServerKeyExchange message and send it. For ciphersuites @@ -3717,41 +3553,38 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * way, if successful, move on to the next step in the SSL state * machine. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) +static int ssl_write_server_key_exchange(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t signature_len = 0; #if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + ssl->handshake->ciphersuite_info; #endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write server key exchange")); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) /* Extract static ECDH parameters and abort if ServerKeyExchange * is not needed. */ - if( mbedtls_ssl_ciphersuite_no_pfs( ciphersuite_info ) ) - { + if (mbedtls_ssl_ciphersuite_no_pfs(ciphersuite_info)) { /* For suites involving ECDH, extract DH parameters * from certificate at this point. */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_ecdh( ciphersuite_info ) ) - { - ret = ssl_get_ecdh_params_from_cert( ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_ecdh_params_from_cert", ret ); - return( ret ); + if (mbedtls_ssl_ciphersuite_uses_ecdh(ciphersuite_info)) { + ret = ssl_get_ecdh_params_from_cert(ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_get_ecdh_params_from_cert", ret); + return ret; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */ /* Key exchanges not involving ephemeral keys don't use * ServerKeyExchange, so end here. */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write server key exchange")); ssl->state++; - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */ @@ -3759,44 +3592,41 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) defined(MBEDTLS_SSL_ASYNC_PRIVATE) /* If we have already prepared the message and there is an ongoing * signature operation, resume signing. */ - if( ssl->handshake->async_in_progress != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "resuming signature operation" ) ); - ret = ssl_resume_server_key_exchange( ssl, &signature_len ); - } - else + if (ssl->handshake->async_in_progress != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("resuming signature operation")); + ret = ssl_resume_server_key_exchange(ssl, &signature_len); + } else #endif /* defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && defined(MBEDTLS_SSL_ASYNC_PRIVATE) */ { /* ServerKeyExchange is needed. Prepare the message. */ - ret = ssl_prepare_server_key_exchange( ssl, &signature_len ); + ret = ssl_prepare_server_key_exchange(ssl, &signature_len); } - if( ret != 0 ) - { + if (ret != 0) { /* If we're starting to write a new message, set ssl->out_msglen * to 0. But if we're resuming after an asynchronous message, * out_msglen is the amount of data written so far and mst be * preserved. */ - if( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server key exchange (pending)" ) ); - else + if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server key exchange (pending)")); + } else { ssl->out_msglen = 0; - return( ret ); + } + return ret; } /* If there is a signature, write its length. * ssl_prepare_server_key_exchange already wrote the signature * itself at its proper place in the output buffer. */ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) - if( signature_len != 0 ) - { - ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_1( signature_len ); - ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_0( signature_len ); + if (signature_len != 0) { + ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_1(signature_len); + ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_0(signature_len); - MBEDTLS_SSL_DEBUG_BUF( 3, "my signature", - ssl->out_msg + ssl->out_msglen, - signature_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "my signature", + ssl->out_msg + ssl->out_msglen, + signature_len); /* Skip over the already-written signature */ ssl->out_msglen += signature_len; @@ -3809,22 +3639,21 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server key exchange" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server key exchange")); + return 0; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) +static int ssl_write_server_hello_done(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello done" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write server hello done")); ssl->out_msglen = 4; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; @@ -3833,35 +3662,34 @@ static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) ssl->state++; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_send_flight_completed( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_send_flight_completed(ssl); + } #endif - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flight_transmit", ret); + return ret; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello done" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server hello done")); - return( 0 ); + return 0; } #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char **p, - const unsigned char *end ) +static int ssl_parse_client_dh_public(mbedtls_ssl_context *ssl, unsigned char **p, + const unsigned char *end) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t n; @@ -3869,32 +3697,29 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char * /* * Receive G^Y mod P, premaster = (G^Y)^X mod P */ - if( *p + 2 > end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (*p + 2 > end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - n = ( (*p)[0] << 8 ) | (*p)[1]; + n = ((*p)[0] << 8) | (*p)[1]; *p += 2; - if( *p + n > end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (*p + n > end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - if( ( ret = mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + if ((ret = mbedtls_dhm_read_public(&ssl->handshake->dhm_ctx, *p, n)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_read_public", ret); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP; } *p += n; - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GY", &ssl->handshake->dhm_ctx.GY); - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ @@ -3904,50 +3729,48 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char * #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_resume_decrypt_pms( mbedtls_ssl_context *ssl, - unsigned char *peer_pms, - size_t *peer_pmslen, - size_t peer_pmssize ) +static int ssl_resume_decrypt_pms(mbedtls_ssl_context *ssl, + unsigned char *peer_pms, + size_t *peer_pmslen, + size_t peer_pmssize) { - int ret = ssl->conf->f_async_resume( ssl, - peer_pms, peer_pmslen, peer_pmssize ); - if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) - { + int ret = ssl->conf->f_async_resume(ssl, + peer_pms, peer_pmslen, peer_pmssize); + if (ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) { ssl->handshake->async_in_progress = 0; - mbedtls_ssl_set_async_operation_data( ssl, NULL ); + mbedtls_ssl_set_async_operation_data(ssl, NULL); } - MBEDTLS_SSL_DEBUG_RET( 2, "ssl_decrypt_encrypted_pms", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET(2, "ssl_decrypt_encrypted_pms", ret); + return ret; } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, - const unsigned char *p, - const unsigned char *end, - unsigned char *peer_pms, - size_t *peer_pmslen, - size_t peer_pmssize ) +static int ssl_decrypt_encrypted_pms(mbedtls_ssl_context *ssl, + const unsigned char *p, + const unsigned char *end, + unsigned char *peer_pms, + size_t *peer_pmslen, + size_t peer_pmssize) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_x509_crt *own_cert = mbedtls_ssl_own_cert( ssl ); - if( own_cert == NULL ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no local certificate" ) ); - return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE ); + mbedtls_x509_crt *own_cert = mbedtls_ssl_own_cert(ssl); + if (own_cert == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no local certificate")); + return MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE; } mbedtls_pk_context *public_key = &own_cert->pk; - mbedtls_pk_context *private_key = mbedtls_ssl_own_key( ssl ); - size_t len = mbedtls_pk_get_len( public_key ); + mbedtls_pk_context *private_key = mbedtls_ssl_own_key(ssl); + size_t len = mbedtls_pk_get_len(public_key); #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) /* If we have already started decoding the message and there is an ongoing * decryption operation, resume signing. */ - if( ssl->handshake->async_in_progress != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "resuming decryption operation" ) ); - return( ssl_resume_decrypt_pms( ssl, - peer_pms, peer_pmslen, peer_pmssize ) ); + if (ssl->handshake->async_in_progress != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("resuming decryption operation")); + return ssl_resume_decrypt_pms(ssl, + peer_pms, peer_pmslen, peer_pmssize); } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ @@ -3956,75 +3779,68 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) - { - if ( p + 2 > end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0) { + if (p + 2 > end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - if( *p++ != MBEDTLS_BYTE_1( len ) || - *p++ != MBEDTLS_BYTE_0( len ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (*p++ != MBEDTLS_BYTE_1(len) || + *p++ != MBEDTLS_BYTE_0(len)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } } #endif - if( p + len != end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (p + len != end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } /* * Decrypt the premaster secret */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( ssl->conf->f_async_decrypt_start != NULL ) - { - ret = ssl->conf->f_async_decrypt_start( ssl, - mbedtls_ssl_own_cert( ssl ), - p, len ); - switch( ret ) - { - case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH: - /* act as if f_async_decrypt_start was null */ - break; - case 0: - ssl->handshake->async_in_progress = 1; - return( ssl_resume_decrypt_pms( ssl, - peer_pms, - peer_pmslen, - peer_pmssize ) ); - case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS: - ssl->handshake->async_in_progress = 1; - return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); - default: - MBEDTLS_SSL_DEBUG_RET( 1, "f_async_decrypt_start", ret ); - return( ret ); + if (ssl->conf->f_async_decrypt_start != NULL) { + ret = ssl->conf->f_async_decrypt_start(ssl, + mbedtls_ssl_own_cert(ssl), + p, len); + switch (ret) { + case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH: + /* act as if f_async_decrypt_start was null */ + break; + case 0: + ssl->handshake->async_in_progress = 1; + return ssl_resume_decrypt_pms(ssl, + peer_pms, + peer_pmslen, + peer_pmssize); + case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS: + ssl->handshake->async_in_progress = 1; + return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS; + default: + MBEDTLS_SSL_DEBUG_RET(1, "f_async_decrypt_start", ret); + return ret; } } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ! mbedtls_pk_can_do( private_key, MBEDTLS_PK_RSA ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no RSA private key" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + if (!mbedtls_pk_can_do(private_key, MBEDTLS_PK_RSA)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no RSA private key")); + return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED; } - ret = mbedtls_pk_decrypt( private_key, p, len, - peer_pms, peer_pmslen, peer_pmssize, - ssl->conf->f_rng, ssl->conf->p_rng ); - return( ret ); + ret = mbedtls_pk_decrypt(private_key, p, len, + peer_pms, peer_pmslen, peer_pmssize, + ssl->conf->f_rng, ssl->conf->p_rng); + return ret; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, - const unsigned char *p, - const unsigned char *end, - size_t pms_offset ) +static int ssl_parse_encrypted_pms(mbedtls_ssl_context *ssl, + const unsigned char *p, + const unsigned char *end, + size_t pms_offset) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *pms = ssl->handshake->premaster + pms_offset; @@ -4044,19 +3860,20 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, peer_pms[0] = peer_pms[1] = ~0; peer_pmslen = 0; - ret = ssl_decrypt_encrypted_pms( ssl, p, end, - peer_pms, - &peer_pmslen, - sizeof( peer_pms ) ); + ret = ssl_decrypt_encrypted_pms(ssl, p, end, + peer_pms, + &peer_pmslen, + sizeof(peer_pms)); #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if ( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) - return( ret ); + if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) { + return ret; + } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - mbedtls_ssl_write_version( ssl->handshake->max_major_ver, - ssl->handshake->max_minor_ver, - ssl->conf->transport, ver ); + mbedtls_ssl_write_version(ssl->handshake->max_major_ver, + ssl->handshake->max_minor_ver, + ssl->conf->transport, ver); /* Avoid data-dependent branches while checking for invalid * padding, to protect against timing-based Bleichenbacher-type @@ -4067,7 +3884,7 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, diff |= peer_pms[1] ^ ver[1]; /* mask = diff ? 0xff : 0x00 using bit operations to avoid branches */ - mask = mbedtls_ct_uint_mask( diff ); + mask = mbedtls_ct_uint_mask(diff); /* * Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding @@ -4078,101 +3895,94 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, * successful. In particular, always generate the fake premaster secret, * regardless of whether it will ultimately influence the output or not. */ - ret = ssl->conf->f_rng( ssl->conf->p_rng, fake_pms, sizeof( fake_pms ) ); - if( ret != 0 ) - { + ret = ssl->conf->f_rng(ssl->conf->p_rng, fake_pms, sizeof(fake_pms)); + if (ret != 0) { /* It's ok to abort on an RNG failure, since this does not reveal * anything about the RSA decryption. */ - return( ret ); + return ret; } #if defined(MBEDTLS_SSL_DEBUG_ALL) - if( diff != 0 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + if (diff != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + } #endif - if( sizeof( ssl->handshake->premaster ) < pms_offset || - sizeof( ssl->handshake->premaster ) - pms_offset < 48 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (sizeof(ssl->handshake->premaster) < pms_offset || + sizeof(ssl->handshake->premaster) - pms_offset < 48) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } ssl->handshake->pmslen = 48; /* Set pms to either the true or the fake PMS, without * data-dependent branches. */ - for( i = 0; i < ssl->handshake->pmslen; i++ ) - pms[i] = ( mask & fake_pms[i] ) | ( (~mask) & peer_pms[i] ); + for (i = 0; i < ssl->handshake->pmslen; i++) { + pms[i] = (mask & fake_pms[i]) | ((~mask) & peer_pms[i]); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned char **p, - const unsigned char *end ) +static int ssl_parse_client_psk_identity(mbedtls_ssl_context *ssl, unsigned char **p, + const unsigned char *end) { int ret = 0; uint16_t n; - if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + if (ssl_conf_has_psk_or_cb(ssl->conf) == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no pre-shared key")); + return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED; } /* * Receive client pre-shared key identity name */ - if( end - *p < 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (end - *p < 2) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - n = ( (*p)[0] << 8 ) | (*p)[1]; + n = ((*p)[0] << 8) | (*p)[1]; *p += 2; - if( n == 0 || n > end - *p ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (n == 0 || n > end - *p) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - if( ssl->conf->f_psk != NULL ) - { - if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 ) + if (ssl->conf->f_psk != NULL) { + if (ssl->conf->f_psk(ssl->conf->p_psk, ssl, *p, n) != 0) { ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; - } - else - { + } + } else { /* Identity is not a big secret since clients send it in the clear, * but treat it carefully anyway, just in case */ - if( n != ssl->conf->psk_identity_len || - mbedtls_ct_memcmp( ssl->conf->psk_identity, *p, n ) != 0 ) - { + if (n != ssl->conf->psk_identity_len || + mbedtls_ct_memcmp(ssl->conf->psk_identity, *p, n) != 0) { ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; } } - if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ) - { - MBEDTLS_SSL_DEBUG_BUF( 3, "Unknown PSK identity", *p, n ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ); - return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ); + if (ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY) { + MBEDTLS_SSL_DEBUG_BUF(3, "Unknown PSK identity", *p, n); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY); + return MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; } *p += n; - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) +static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_ssl_ciphersuite_t *ciphersuite_info; @@ -4180,334 +3990,285 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse client key exchange")); #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) && \ - ( defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) ) - if( ( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) && - ( ssl->handshake->async_in_progress != 0 ) ) - { + (defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)) + if ((ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) && + (ssl->handshake->async_in_progress != 0)) { /* We've already read a record and there is an asynchronous * operation in progress to decrypt it. So skip reading the * record. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "will resume decryption of previously-read record" ) ); - } - else + MBEDTLS_SSL_DEBUG_MSG(3, ("will resume decryption of previously-read record")); + } else #endif - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); end = ssl->in_msg + ssl->in_hslen; - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) - { - if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret ); - return( ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA) { + if ((ret = ssl_parse_client_dh_public(ssl, &p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_dh_public"), ret); + return ret; } - if( p != end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (p != end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, - ssl->handshake->premaster, - MBEDTLS_PREMASTER_SIZE, - &ssl->handshake->pmslen, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx, + ssl->handshake->premaster, + MBEDTLS_PREMASTER_SIZE, + &ssl->handshake->pmslen, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS; } - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); - } - else + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K); + } else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) - { - if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, - p, end - p) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA) { + if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx, + p, end - p)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_read_public", ret); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP; } - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_QP ); + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_QP); - if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, - &ssl->handshake->pmslen, - ssl->handshake->premaster, - MBEDTLS_MPI_MAX_SIZE, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, + &ssl->handshake->pmslen, + ssl->handshake->premaster, + MBEDTLS_MPI_MAX_SIZE, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_calc_secret", ret); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS; } - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Z ); - } - else + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Z); + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) - { - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK) { + if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret); + return ret; } - if( p != end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (p != end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } #if defined(MBEDTLS_USE_PSA_CRYPTO) /* For opaque PSKs, we perform the PSK-to-MS derivation automatically * and skip the intermediate PMS. */ - if( ssl_use_opaque_psk( ssl ) == 1 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) ); - else + if (ssl_use_opaque_psk(ssl) == 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("skip PMS generation for opaque PSK")); + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); + if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, + ciphersuite_info->key_exchange)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if ( ssl->handshake->async_in_progress != 0 ) - { + if (ssl->handshake->async_in_progress != 0) { /* There is an asynchronous operation in progress to * decrypt the encrypted premaster secret, so skip * directly to resuming this operation. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "PSK identity already parsed" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("PSK identity already parsed")); /* Update p to skip the PSK identity. ssl_parse_encrypted_pms * won't actually use it, but maintain p anyway for robustness. */ p += ssl->conf->psk_identity_len + 2; - } - else + } else #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); + if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret); + return ret; } #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only. */ - if( ssl_use_opaque_psk( ssl ) == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "opaque PSK not supported with RSA-PSK" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl_use_opaque_psk(ssl) == 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with RSA-PSK")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } #endif - if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret ); - return( ret ); + if ((ret = ssl_parse_encrypted_pms(ssl, p, end, 2)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_encrypted_pms"), ret); + return ret; } - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); + if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, + ciphersuite_info->key_exchange)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) - { - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) { + if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret); + return ret; } - if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret ); - return( ret ); + if ((ret = ssl_parse_client_dh_public(ssl, &p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_dh_public"), ret); + return ret; } #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only. */ - if( ssl_use_opaque_psk( ssl ) == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "opaque PSK not supported with DHE-PSK" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl_use_opaque_psk(ssl) == 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with DHE-PSK")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } #endif - if( p != end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (p != end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); + if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, + ciphersuite_info->key_exchange)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) { + if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret); + return ret; } - if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, - p, end - p ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx, + p, end - p)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_read_public", ret); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP; } #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only. */ - if( ssl_use_opaque_psk( ssl ) == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "opaque PSK not supported with ECDHE-PSK" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl_use_opaque_psk(ssl) == 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with ECDHE-PSK")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } #endif - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_QP ); + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_QP); - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); + if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, + ciphersuite_info->key_exchange)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) - { - if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 0 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_parse_encrypted_pms_secret" ), ret ); - return( ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) { + if ((ret = ssl_parse_encrypted_pms(ssl, p, end, 0)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_parse_encrypted_pms_secret"), ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { - ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, - p, end - p ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) { + ret = mbedtls_ecjpake_read_round_two(&ssl->handshake->ecjpake_ctx, + p, end - p); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_two", ret); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, - ssl->handshake->premaster, 32, &ssl->handshake->pmslen, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret ); - return( ret ); + ret = mbedtls_ecjpake_derive_secret(&ssl->handshake->ecjpake_ctx, + ssl->handshake->premaster, 32, &ssl->handshake->pmslen, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_derive_secret", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - return( ret ); + if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret); + return ret; } ssl->state++; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse client key exchange")); - return( 0 ); + return 0; } #if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) +static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate verify")); - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate verify")); ssl->state++; - return( 0 ); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) +static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t i, sig_len; @@ -4520,60 +4281,54 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) mbedtls_md_type_t md_alg; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - mbedtls_pk_context * peer_pk; + mbedtls_pk_context *peer_pk; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate verify")); - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate verify")); ssl->state++; - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( ssl->session_negotiate->peer_cert == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + if (ssl->session_negotiate->peer_cert == NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate verify")); ssl->state++; - return( 0 ); + return 0; } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert_digest == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + if (ssl->session_negotiate->peer_cert_digest == NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate verify")); ssl->state++; - return( 0 ); + return 0; } #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /* Read the message without adding it to the checksum */ - ret = mbedtls_ssl_read_record( ssl, 0 /* no checksum update */ ); - if( 0 != ret ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record" ), ret ); - return( ret ); + ret = mbedtls_ssl_read_record(ssl, 0 /* no checksum update */); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_read_record"), ret); + return ret; } ssl->state++; /* Process the message contents */ - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || - ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || + ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate verify message")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } - i = mbedtls_ssl_hs_hdr_len( ssl ); + i = mbedtls_ssl_hs_hdr_len(ssl); #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) peer_pk = &ssl->handshake->peer_pubkey; #else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert == NULL ) - { + if (ssl->session_negotiate->peer_cert == NULL) { /* Should never happen */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } peer_pk = &ssl->session_negotiate->peer_cert->pk; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ @@ -4586,46 +4341,41 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) { md_alg = MBEDTLS_MD_NONE; hashlen = 36; /* For ECDSA, use SHA-1, not MD-5 + SHA-1 */ - if( mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECDSA ) ) - { + if (mbedtls_pk_can_do(peer_pk, MBEDTLS_PK_ECDSA)) { hash_start += 16; hashlen -= 16; md_alg = MBEDTLS_MD_SHA1; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - if( i + 2 > ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { + if (i + 2 > ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate verify message")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } /* * Hash */ - md_alg = mbedtls_ssl_md_alg_from_hash( ssl->in_msg[i] ); + md_alg = mbedtls_ssl_md_alg_from_hash(ssl->in_msg[i]); - if( md_alg == MBEDTLS_MD_NONE || mbedtls_ssl_set_calc_verify_md( ssl, ssl->in_msg[i] ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" - " for verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if (md_alg == MBEDTLS_MD_NONE || mbedtls_ssl_set_calc_verify_md(ssl, ssl->in_msg[i])) { + MBEDTLS_SSL_DEBUG_MSG(1, ("peer not adhering to requested sig_alg" + " for verify message")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } #if !defined(MBEDTLS_MD_SHA1) - if( MBEDTLS_MD_SHA1 == md_alg ) + if (MBEDTLS_MD_SHA1 == md_alg) { hash_start += 16; + } #endif /* Info from md_alg will be used instead */ @@ -4636,78 +4386,72 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) /* * Signature */ - if( ( pk_alg = mbedtls_ssl_pk_alg_from_sig( ssl->in_msg[i] ) ) - == MBEDTLS_PK_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" - " for verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if ((pk_alg = mbedtls_ssl_pk_alg_from_sig(ssl->in_msg[i])) + == MBEDTLS_PK_NONE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("peer not adhering to requested sig_alg" + " for verify message")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } /* * Check the certificate's key type matches the signature alg */ - if( !mbedtls_pk_can_do( peer_pk, pk_alg ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "sig_alg doesn't match cert key" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if (!mbedtls_pk_can_do(peer_pk, pk_alg)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("sig_alg doesn't match cert key")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } i++; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - if( i + 2 > ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if (i + 2 > ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate verify message")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } - sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1]; + sig_len = (ssl->in_msg[i] << 8) | ssl->in_msg[i+1]; i += 2; - if( i + sig_len != ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if (i + sig_len != ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate verify message")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } /* Calculate hash and verify signature */ { size_t dummy_hlen; - ssl->handshake->calc_verify( ssl, hash, &dummy_hlen ); + ssl->handshake->calc_verify(ssl, hash, &dummy_hlen); } - if( ( ret = mbedtls_pk_verify( peer_pk, - md_alg, hash_start, hashlen, - ssl->in_msg + i, sig_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); - return( ret ); + if ((ret = mbedtls_pk_verify(peer_pk, + md_alg, hash_start, hashlen, + ssl->in_msg + i, sig_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_verify", ret); + return ret; } - mbedtls_ssl_update_handshake_status( ssl ); + mbedtls_ssl_update_handshake_status(ssl); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate verify")); - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) +static int ssl_write_new_session_ticket(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t tlen; uint32_t lifetime; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write new session ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write new session ticket")); ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_NEW_SESSION_TICKET; @@ -4723,18 +4467,17 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) * 10 . 9+n ticket content */ - if( ( ret = ssl->conf->f_ticket_write( ssl->conf->p_ticket, - ssl->session_negotiate, - ssl->out_msg + 10, - ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN, - &tlen, &lifetime ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_write", ret ); + if ((ret = ssl->conf->f_ticket_write(ssl->conf->p_ticket, + ssl->session_negotiate, + ssl->out_msg + 10, + ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN, + &tlen, &lifetime)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_ticket_write", ret); tlen = 0; } - MBEDTLS_PUT_UINT32_BE( lifetime, ssl->out_msg, 4 ); - MBEDTLS_PUT_UINT16_BE( tlen, ssl->out_msg, 8 ); + MBEDTLS_PUT_UINT32_BE(lifetime, ssl->out_msg, 4); + MBEDTLS_PUT_UINT16_BE(tlen, ssl->out_msg, 8); ssl->out_msglen = 10 + tlen; /* @@ -4743,44 +4486,44 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) */ ssl->handshake->new_session_ticket = 0; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write new session ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write new session ticket")); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ /* * SSL handshake -- server side -- single step */ -int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_handshake_server_step(mbedtls_ssl_context *ssl) { int ret = 0; - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("server state: %d", ssl->state)); - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + return ret; + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) { + if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + return ret; + } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - switch( ssl->state ) - { + switch (ssl->state) { case MBEDTLS_SSL_HELLO_REQUEST: ssl->state = MBEDTLS_SSL_CLIENT_HELLO; break; @@ -4789,12 +4532,12 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) * <== ClientHello */ case MBEDTLS_SSL_CLIENT_HELLO: - ret = ssl_parse_client_hello( ssl ); + ret = ssl_parse_client_hello(ssl); break; #if defined(MBEDTLS_SSL_PROTO_DTLS) case MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT: - return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); + return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED; #endif /* @@ -4805,23 +4548,23 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) * ServerHelloDone */ case MBEDTLS_SSL_SERVER_HELLO: - ret = ssl_write_server_hello( ssl ); + ret = ssl_write_server_hello(ssl); break; case MBEDTLS_SSL_SERVER_CERTIFICATE: - ret = mbedtls_ssl_write_certificate( ssl ); + ret = mbedtls_ssl_write_certificate(ssl); break; case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: - ret = ssl_write_server_key_exchange( ssl ); + ret = ssl_write_server_key_exchange(ssl); break; case MBEDTLS_SSL_CERTIFICATE_REQUEST: - ret = ssl_write_certificate_request( ssl ); + ret = ssl_write_certificate_request(ssl); break; case MBEDTLS_SSL_SERVER_HELLO_DONE: - ret = ssl_write_server_hello_done( ssl ); + ret = ssl_write_server_hello_done(ssl); break; /* @@ -4832,23 +4575,23 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) * Finished */ case MBEDTLS_SSL_CLIENT_CERTIFICATE: - ret = mbedtls_ssl_parse_certificate( ssl ); + ret = mbedtls_ssl_parse_certificate(ssl); break; case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: - ret = ssl_parse_client_key_exchange( ssl ); + ret = ssl_parse_client_key_exchange(ssl); break; case MBEDTLS_SSL_CERTIFICATE_VERIFY: - ret = ssl_parse_certificate_verify( ssl ); + ret = ssl_parse_certificate_verify(ssl); break; case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: - ret = mbedtls_ssl_parse_change_cipher_spec( ssl ); + ret = mbedtls_ssl_parse_change_cipher_spec(ssl); break; case MBEDTLS_SSL_CLIENT_FINISHED: - ret = mbedtls_ssl_parse_finished( ssl ); + ret = mbedtls_ssl_parse_finished(ssl); break; /* @@ -4858,31 +4601,31 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) */ case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: #if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( ssl->handshake->new_session_ticket != 0 ) - ret = ssl_write_new_session_ticket( ssl ); - else + if (ssl->handshake->new_session_ticket != 0) { + ret = ssl_write_new_session_ticket(ssl); + } else #endif - ret = mbedtls_ssl_write_change_cipher_spec( ssl ); + ret = mbedtls_ssl_write_change_cipher_spec(ssl); break; case MBEDTLS_SSL_SERVER_FINISHED: - ret = mbedtls_ssl_write_finished( ssl ); + ret = mbedtls_ssl_write_finished(ssl); break; case MBEDTLS_SSL_FLUSH_BUFFERS: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("handshake: done")); ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; break; case MBEDTLS_SSL_HANDSHAKE_WRAPUP: - mbedtls_ssl_handshake_wrapup( ssl ); + mbedtls_ssl_handshake_wrapup(ssl); break; default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid state %d", ssl->state)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_SRV_C */ diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 8a57789f10f8..0789245bacd7 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -33,12 +33,12 @@ /* * Initialize context */ -void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ) +void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_ssl_ticket_context ) ); + memset(ctx, 0, sizeof(mbedtls_ssl_ticket_context)); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif } @@ -49,81 +49,80 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ) #define TICKET_CRYPT_LEN_BYTES 2 #define TICKET_AUTH_TAG_BYTES 16 -#define TICKET_MIN_LEN ( TICKET_KEY_NAME_BYTES + \ - TICKET_IV_BYTES + \ - TICKET_CRYPT_LEN_BYTES + \ - TICKET_AUTH_TAG_BYTES ) -#define TICKET_ADD_DATA_LEN ( TICKET_KEY_NAME_BYTES + \ - TICKET_IV_BYTES + \ - TICKET_CRYPT_LEN_BYTES ) +#define TICKET_MIN_LEN (TICKET_KEY_NAME_BYTES + \ + TICKET_IV_BYTES + \ + TICKET_CRYPT_LEN_BYTES + \ + TICKET_AUTH_TAG_BYTES) +#define TICKET_ADD_DATA_LEN (TICKET_KEY_NAME_BYTES + \ + TICKET_IV_BYTES + \ + TICKET_CRYPT_LEN_BYTES) /* * Generate/update a key */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx, - unsigned char index ) +static int ssl_ticket_gen_key(mbedtls_ssl_ticket_context *ctx, + unsigned char index) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[MAX_KEY_BYTES]; mbedtls_ssl_ticket_key *key = ctx->keys + index; #if defined(MBEDTLS_HAVE_TIME) - key->generation_time = (uint32_t) mbedtls_time( NULL ); + key->generation_time = (uint32_t) mbedtls_time(NULL); #endif - if( ( ret = ctx->f_rng( ctx->p_rng, key->name, sizeof( key->name ) ) ) != 0 ) - return( ret ); + if ((ret = ctx->f_rng(ctx->p_rng, key->name, sizeof(key->name))) != 0) { + return ret; + } - if( ( ret = ctx->f_rng( ctx->p_rng, buf, sizeof( buf ) ) ) != 0 ) - return( ret ); + if ((ret = ctx->f_rng(ctx->p_rng, buf, sizeof(buf))) != 0) { + return ret; + } /* With GCM and CCM, same context can encrypt & decrypt */ - ret = mbedtls_cipher_setkey( &key->ctx, buf, - mbedtls_cipher_get_key_bitlen( &key->ctx ), - MBEDTLS_ENCRYPT ); + ret = mbedtls_cipher_setkey(&key->ctx, buf, + mbedtls_cipher_get_key_bitlen(&key->ctx), + MBEDTLS_ENCRYPT); - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); - return( ret ); + return ret; } /* * Rotate/generate keys if necessary */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx ) +static int ssl_ticket_update_keys(mbedtls_ssl_ticket_context *ctx) { #if !defined(MBEDTLS_HAVE_TIME) ((void) ctx); #else - if( ctx->ticket_lifetime != 0 ) - { - uint32_t current_time = (uint32_t) mbedtls_time( NULL ); + if (ctx->ticket_lifetime != 0) { + uint32_t current_time = (uint32_t) mbedtls_time(NULL); uint32_t key_time = ctx->keys[ctx->active].generation_time; - if( current_time >= key_time && - current_time - key_time < ctx->ticket_lifetime ) - { - return( 0 ); + if (current_time >= key_time && + current_time - key_time < ctx->ticket_lifetime) { + return 0; } ctx->active = 1 - ctx->active; - return( ssl_ticket_gen_key( ctx, ctx->active ) ); - } - else + return ssl_ticket_gen_key(ctx, ctx->active); + } else #endif /* MBEDTLS_HAVE_TIME */ - return( 0 ); + return 0; } /* * Setup context for actual use */ -int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_cipher_type_t cipher, - uint32_t lifetime ) +int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_cipher_type_t cipher, + uint32_t lifetime) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; @@ -133,26 +132,26 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, ctx->ticket_lifetime = lifetime; - cipher_info = mbedtls_cipher_info_from_type( cipher); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + cipher_info = mbedtls_cipher_info_from_type(cipher); + if (cipher_info == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( cipher_info->mode != MBEDTLS_MODE_GCM && - cipher_info->mode != MBEDTLS_MODE_CCM ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (cipher_info->mode != MBEDTLS_MODE_GCM && + cipher_info->mode != MBEDTLS_MODE_CCM) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (cipher_info->key_bitlen > 8 * MAX_KEY_BYTES) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } int do_mbedtls_cipher_setup = 1; #if defined(MBEDTLS_USE_PSA_CRYPTO) - ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx, - cipher_info, TICKET_AUTH_TAG_BYTES ); + ret = mbedtls_cipher_setup_psa(&ctx->keys[0].ctx, + cipher_info, TICKET_AUTH_TAG_BYTES); - switch( ret ) - { + switch (ret) { case 0: do_mbedtls_cipher_setup = 0; break; @@ -162,37 +161,42 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, do_mbedtls_cipher_setup = 1; break; default: - return( ret ); + return ret; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( do_mbedtls_cipher_setup ) - if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) - != 0 ) - return( ret ); + if (do_mbedtls_cipher_setup) { + if ((ret = mbedtls_cipher_setup(&ctx->keys[0].ctx, cipher_info)) + != 0) { + return ret; + } + } do_mbedtls_cipher_setup = 1; #if defined(MBEDTLS_USE_PSA_CRYPTO) do_mbedtls_cipher_setup = 0; - ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx, - cipher_info, TICKET_AUTH_TAG_BYTES ); - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) - return( ret ); - if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + ret = mbedtls_cipher_setup_psa(&ctx->keys[1].ctx, + cipher_info, TICKET_AUTH_TAG_BYTES); + if (ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) { + return ret; + } + if (ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) { do_mbedtls_cipher_setup = 1; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( do_mbedtls_cipher_setup ) - if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) - != 0 ) - return( ret ); + if (do_mbedtls_cipher_setup) { + if ((ret = mbedtls_cipher_setup(&ctx->keys[1].ctx, cipher_info)) + != 0) { + return ret; + } + } - if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 || - ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 ) - { - return( ret ); + if ((ret = ssl_ticket_gen_key(ctx, 0)) != 0 || + (ret = ssl_ticket_gen_key(ctx, 1)) != 0) { + return ret; } - return( 0 ); + return 0; } /* @@ -209,12 +213,12 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, * authenticated data. */ -int mbedtls_ssl_ticket_write( void *p_ticket, - const mbedtls_ssl_session *session, - unsigned char *start, - const unsigned char *end, - size_t *tlen, - uint32_t *ticket_lifetime ) +int mbedtls_ssl_ticket_write(void *p_ticket, + const mbedtls_ssl_session *session, + unsigned char *start, + const unsigned char *end, + size_t *tlen, + uint32_t *ticket_lifetime) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_ticket_context *ctx = p_ticket; @@ -227,53 +231,54 @@ int mbedtls_ssl_ticket_write( void *p_ticket, *tlen = 0; - if( ctx == NULL || ctx->f_rng == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->f_rng == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } /* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag, * in addition to session itself, that will be checked when writing it. */ - MBEDTLS_SSL_CHK_BUF_PTR( start, end, TICKET_MIN_LEN ); + MBEDTLS_SSL_CHK_BUF_PTR(start, end, TICKET_MIN_LEN); #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 ) + if ((ret = ssl_ticket_update_keys(ctx)) != 0) { goto cleanup; + } key = &ctx->keys[ctx->active]; *ticket_lifetime = ctx->ticket_lifetime; - memcpy( key_name, key->name, TICKET_KEY_NAME_BYTES ); + memcpy(key_name, key->name, TICKET_KEY_NAME_BYTES); - if( ( ret = ctx->f_rng( ctx->p_rng, iv, TICKET_IV_BYTES ) ) != 0 ) + if ((ret = ctx->f_rng(ctx->p_rng, iv, TICKET_IV_BYTES)) != 0) { goto cleanup; + } /* Dump session state */ - if( ( ret = mbedtls_ssl_session_save( session, - state, end - state, - &clear_len ) ) != 0 || - (unsigned long) clear_len > 65535 ) - { - goto cleanup; + if ((ret = mbedtls_ssl_session_save(session, + state, end - state, + &clear_len)) != 0 || + (unsigned long) clear_len > 65535) { + goto cleanup; } - MBEDTLS_PUT_UINT16_BE( clear_len, state_len_bytes, 0 ); + MBEDTLS_PUT_UINT16_BE(clear_len, state_len_bytes, 0); /* Encrypt and authenticate */ - if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx, - iv, TICKET_IV_BYTES, - /* Additional data: key name, IV and length */ - key_name, TICKET_ADD_DATA_LEN, - state, clear_len, - state, end - state, &ciph_len, - TICKET_AUTH_TAG_BYTES ) ) != 0 ) - { + if ((ret = mbedtls_cipher_auth_encrypt_ext(&key->ctx, + iv, TICKET_IV_BYTES, + /* Additional data: key name, IV and length */ + key_name, TICKET_ADD_DATA_LEN, + state, clear_len, + state, end - state, &ciph_len, + TICKET_AUTH_TAG_BYTES)) != 0) { goto cleanup; } - if( ciph_len != clear_len + TICKET_AUTH_TAG_BYTES ) - { + if (ciph_len != clear_len + TICKET_AUTH_TAG_BYTES) { ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto cleanup; } @@ -282,36 +287,39 @@ int mbedtls_ssl_ticket_write( void *p_ticket, cleanup: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } /* * Select key based on name */ static mbedtls_ssl_ticket_key *ssl_ticket_select_key( - mbedtls_ssl_ticket_context *ctx, - const unsigned char name[4] ) + mbedtls_ssl_ticket_context *ctx, + const unsigned char name[4]) { unsigned char i; - for( i = 0; i < sizeof( ctx->keys ) / sizeof( *ctx->keys ); i++ ) - if( memcmp( name, ctx->keys[i].name, 4 ) == 0 ) - return( &ctx->keys[i] ); + for (i = 0; i < sizeof(ctx->keys) / sizeof(*ctx->keys); i++) { + if (memcmp(name, ctx->keys[i].name, 4) == 0) { + return &ctx->keys[i]; + } + } - return( NULL ); + return NULL; } /* * Load session ticket (see mbedtls_ssl_ticket_write for structure) */ -int mbedtls_ssl_ticket_parse( void *p_ticket, - mbedtls_ssl_session *session, - unsigned char *buf, - size_t len ) +int mbedtls_ssl_ticket_parse(void *p_ticket, + mbedtls_ssl_session *session, + unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_ticket_context *ctx = p_ticket; @@ -322,31 +330,33 @@ int mbedtls_ssl_ticket_parse( void *p_ticket, unsigned char *ticket = enc_len_p + TICKET_CRYPT_LEN_BYTES; size_t enc_len, clear_len; - if( ctx == NULL || ctx->f_rng == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->f_rng == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( len < TICKET_MIN_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (len < TICKET_MIN_LEN) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 ) + if ((ret = ssl_ticket_update_keys(ctx)) != 0) { goto cleanup; + } - enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1]; + enc_len = (enc_len_p[0] << 8) | enc_len_p[1]; - if( len != TICKET_MIN_LEN + enc_len ) - { + if (len != TICKET_MIN_LEN + enc_len) { ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA; goto cleanup; } /* Select key */ - if( ( key = ssl_ticket_select_key( ctx, key_name ) ) == NULL ) - { + if ((key = ssl_ticket_select_key(ctx, key_name)) == NULL) { /* We can't know for sure but this is a likely option unless we're * under attack - this is only informative anyway */ ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; @@ -354,37 +364,36 @@ int mbedtls_ssl_ticket_parse( void *p_ticket, } /* Decrypt and authenticate */ - if( ( ret = mbedtls_cipher_auth_decrypt_ext( &key->ctx, - iv, TICKET_IV_BYTES, - /* Additional data: key name, IV and length */ - key_name, TICKET_ADD_DATA_LEN, - ticket, enc_len + TICKET_AUTH_TAG_BYTES, - ticket, enc_len, &clear_len, - TICKET_AUTH_TAG_BYTES ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) + if ((ret = mbedtls_cipher_auth_decrypt_ext(&key->ctx, + iv, TICKET_IV_BYTES, + /* Additional data: key name, IV and length */ + key_name, TICKET_ADD_DATA_LEN, + ticket, enc_len + TICKET_AUTH_TAG_BYTES, + ticket, enc_len, &clear_len, + TICKET_AUTH_TAG_BYTES)) != 0) { + if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) { ret = MBEDTLS_ERR_SSL_INVALID_MAC; + } goto cleanup; } - if( clear_len != enc_len ) - { + if (clear_len != enc_len) { ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto cleanup; } /* Actually load session */ - if( ( ret = mbedtls_ssl_session_load( session, ticket, clear_len ) ) != 0 ) + if ((ret = mbedtls_ssl_session_load(session, ticket, clear_len)) != 0) { goto cleanup; + } #if defined(MBEDTLS_HAVE_TIME) { /* Check for expiration */ - mbedtls_time_t current_time = mbedtls_time( NULL ); + mbedtls_time_t current_time = mbedtls_time(NULL); - if( current_time < session->start || - (uint32_t)( current_time - session->start ) > ctx->ticket_lifetime ) - { + if (current_time < session->start || + (uint32_t) (current_time - session->start) > ctx->ticket_lifetime) { ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; goto cleanup; } @@ -393,26 +402,27 @@ int mbedtls_ssl_ticket_parse( void *p_ticket, cleanup: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } /* * Free context */ -void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx ) +void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx) { - mbedtls_cipher_free( &ctx->keys[0].ctx ); - mbedtls_cipher_free( &ctx->keys[1].ctx ); + mbedtls_cipher_free(&ctx->keys[0].ctx); + mbedtls_cipher_free(&ctx->keys[1].ctx); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &ctx->mutex ); + mbedtls_mutex_free(&ctx->mutex); #endif - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ssl_ticket_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ssl_ticket_context)); } #endif /* MBEDTLS_SSL_TICKET_C */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 70196a48618e..494de1b93e16 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -55,93 +55,88 @@ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) /* Top-level Connection ID API */ -int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, - size_t len, - int ignore_other_cid ) +int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, + size_t len, + int ignore_other_cid) { - if( len > MBEDTLS_SSL_CID_IN_LEN_MAX ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (len > MBEDTLS_SSL_CID_IN_LEN_MAX) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_FAIL && - ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_FAIL && + ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_IGNORE) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } conf->ignore_unexpected_cid = ignore_other_cid; conf->cid_len = len; - return( 0 ); + return 0; } -int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, - int enable, - unsigned char const *own_cid, - size_t own_cid_len ) +int mbedtls_ssl_set_cid(mbedtls_ssl_context *ssl, + int enable, + unsigned char const *own_cid, + size_t own_cid_len) { - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } ssl->negotiate_cid = enable; - if( enable == MBEDTLS_SSL_CID_DISABLED ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Disable use of CID extension." ) ); - return( 0 ); + if (enable == MBEDTLS_SSL_CID_DISABLED) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Disable use of CID extension.")); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Enable use of CID extension." ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Own CID", own_cid, own_cid_len ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Enable use of CID extension.")); + MBEDTLS_SSL_DEBUG_BUF(3, "Own CID", own_cid, own_cid_len); - if( own_cid_len != ssl->conf->cid_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "CID length %u does not match CID length %u in config", - (unsigned) own_cid_len, - (unsigned) ssl->conf->cid_len ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (own_cid_len != ssl->conf->cid_len) { + MBEDTLS_SSL_DEBUG_MSG(3, ("CID length %u does not match CID length %u in config", + (unsigned) own_cid_len, + (unsigned) ssl->conf->cid_len)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - memcpy( ssl->own_cid, own_cid, own_cid_len ); + memcpy(ssl->own_cid, own_cid, own_cid_len); /* Truncation is not an issue here because * MBEDTLS_SSL_CID_IN_LEN_MAX at most 255. */ ssl->own_cid_len = (uint8_t) own_cid_len; - return( 0 ); + return 0; } -int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, - int *enabled, - unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ], - size_t *peer_cid_len ) +int mbedtls_ssl_get_peer_cid(mbedtls_ssl_context *ssl, + int *enabled, + unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX], + size_t *peer_cid_len) { *enabled = MBEDTLS_SSL_CID_DISABLED; - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || - ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || + ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* We report MBEDTLS_SSL_CID_DISABLED in case the CID extensions * were used, but client and server requested the empty CID. * This is indistinguishable from not using the CID extension * in the first place. */ - if( ssl->transform_in->in_cid_len == 0 && - ssl->transform_in->out_cid_len == 0 ) - { - return( 0 ); + if (ssl->transform_in->in_cid_len == 0 && + ssl->transform_in->out_cid_len == 0) { + return 0; } - if( peer_cid_len != NULL ) - { + if (peer_cid_len != NULL) { *peer_cid_len = ssl->transform_in->out_cid_len; - if( peer_cid != NULL ) - { - memcpy( peer_cid, ssl->transform_in->out_cid, - ssl->transform_in->out_cid_len ); + if (peer_cid != NULL) { + memcpy(peer_cid, ssl->transform_in->out_cid, + ssl->transform_in->out_cid_len); } } *enabled = MBEDTLS_SSL_CID_ENABLED; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -156,31 +151,30 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, * } MaxFragmentLength; * and we add 0 -> extension unused */ -static unsigned int ssl_mfl_code_to_length( int mfl ) -{ - switch( mfl ) - { - case MBEDTLS_SSL_MAX_FRAG_LEN_NONE: - return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ); - case MBEDTLS_SSL_MAX_FRAG_LEN_512: - return 512; - case MBEDTLS_SSL_MAX_FRAG_LEN_1024: - return 1024; - case MBEDTLS_SSL_MAX_FRAG_LEN_2048: - return 2048; - case MBEDTLS_SSL_MAX_FRAG_LEN_4096: - return 4096; - default: - return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ); +static unsigned int ssl_mfl_code_to_length(int mfl) +{ + switch (mfl) { + case MBEDTLS_SSL_MAX_FRAG_LEN_NONE: + return MBEDTLS_TLS_EXT_ADV_CONTENT_LEN; + case MBEDTLS_SSL_MAX_FRAG_LEN_512: + return 512; + case MBEDTLS_SSL_MAX_FRAG_LEN_1024: + return 1024; + case MBEDTLS_SSL_MAX_FRAG_LEN_2048: + return 2048; + case MBEDTLS_SSL_MAX_FRAG_LEN_4096: + return 4096; + default: + return MBEDTLS_TLS_EXT_ADV_CONTENT_LEN; } } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, - const mbedtls_ssl_session *src ) +int mbedtls_ssl_session_copy(mbedtls_ssl_session *dst, + const mbedtls_ssl_session *src) { - mbedtls_ssl_session_free( dst ); - memcpy( dst, src, sizeof( mbedtls_ssl_session ) ); + mbedtls_ssl_session_free(dst); + memcpy(dst, src, sizeof(mbedtls_ssl_session)); #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) dst->ticket = NULL; @@ -189,34 +183,33 @@ int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, #if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( src->peer_cert != NULL ) - { + if (src->peer_cert != NULL) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - dst->peer_cert = mbedtls_calloc( 1, sizeof(mbedtls_x509_crt) ); - if( dst->peer_cert == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + dst->peer_cert = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); + if (dst->peer_cert == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - mbedtls_x509_crt_init( dst->peer_cert ); + mbedtls_x509_crt_init(dst->peer_cert); - if( ( ret = mbedtls_x509_crt_parse_der( dst->peer_cert, src->peer_cert->raw.p, - src->peer_cert->raw.len ) ) != 0 ) - { - mbedtls_free( dst->peer_cert ); + if ((ret = mbedtls_x509_crt_parse_der(dst->peer_cert, src->peer_cert->raw.p, + src->peer_cert->raw.len)) != 0) { + mbedtls_free(dst->peer_cert); dst->peer_cert = NULL; - return( ret ); + return ret; } } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( src->peer_cert_digest != NULL ) - { + if (src->peer_cert_digest != NULL) { dst->peer_cert_digest = - mbedtls_calloc( 1, src->peer_cert_digest_len ); - if( dst->peer_cert_digest == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + mbedtls_calloc(1, src->peer_cert_digest_len); + if (dst->peer_cert_digest == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - memcpy( dst->peer_cert_digest, src->peer_cert_digest, - src->peer_cert_digest_len ); + memcpy(dst->peer_cert_digest, src->peer_cert_digest, + src->peer_cert_digest_len); dst->peer_cert_digest_type = src->peer_cert_digest_type; dst->peer_cert_digest_len = src->peer_cert_digest_len; } @@ -225,35 +218,36 @@ int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - if( src->ticket != NULL ) - { - dst->ticket = mbedtls_calloc( 1, src->ticket_len ); - if( dst->ticket == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if (src->ticket != NULL) { + dst->ticket = mbedtls_calloc(1, src->ticket_len); + if (dst->ticket == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - memcpy( dst->ticket, src->ticket, src->ticket_len ); + memcpy(dst->ticket, src->ticket, src->ticket_len); } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) MBEDTLS_CHECK_RETURN_CRITICAL -static int resize_buffer( unsigned char **buffer, size_t len_new, size_t *len_old ) +static int resize_buffer(unsigned char **buffer, size_t len_new, size_t *len_old) { - unsigned char* resized_buffer = mbedtls_calloc( 1, len_new ); - if( resized_buffer == NULL ) + unsigned char *resized_buffer = mbedtls_calloc(1, len_new); + if (resized_buffer == NULL) { return -1; + } /* We want to copy len_new bytes when downsizing the buffer, and * len_old bytes when upsizing, so we choose the smaller of two sizes, * to fit one buffer into another. Size checks, ensuring that no data is * lost, are done outside of this function. */ - memcpy( resized_buffer, *buffer, - ( len_new < *len_old ) ? len_new : *len_old ); - mbedtls_platform_zeroize( *buffer, *len_old ); - mbedtls_free( *buffer ); + memcpy(resized_buffer, *buffer, + (len_new < *len_old) ? len_new : *len_old); + mbedtls_platform_zeroize(*buffer, *len_old); + mbedtls_free(*buffer); *buffer = resized_buffer; *len_old = len_new; @@ -261,60 +255,49 @@ static int resize_buffer( unsigned char **buffer, size_t len_new, size_t *len_ol return 0; } -static void handle_buffer_resizing( mbedtls_ssl_context *ssl, int downsizing, - size_t in_buf_new_len, - size_t out_buf_new_len ) +static void handle_buffer_resizing(mbedtls_ssl_context *ssl, int downsizing, + size_t in_buf_new_len, + size_t out_buf_new_len) { int modified = 0; size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0; size_t written_out = 0, iv_offset_out = 0, len_offset_out = 0; - if( ssl->in_buf != NULL ) - { + if (ssl->in_buf != NULL) { written_in = ssl->in_msg - ssl->in_buf; iv_offset_in = ssl->in_iv - ssl->in_buf; len_offset_in = ssl->in_len - ssl->in_buf; - if( downsizing ? + if (downsizing ? ssl->in_buf_len > in_buf_new_len && ssl->in_left < in_buf_new_len : - ssl->in_buf_len < in_buf_new_len ) - { - if( resize_buffer( &ssl->in_buf, in_buf_new_len, &ssl->in_buf_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "input buffer resizing failed - out of memory" ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating in_buf to %" MBEDTLS_PRINTF_SIZET, - in_buf_new_len ) ); + ssl->in_buf_len < in_buf_new_len) { + if (resize_buffer(&ssl->in_buf, in_buf_new_len, &ssl->in_buf_len) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("input buffer resizing failed - out of memory")); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("Reallocating in_buf to %" MBEDTLS_PRINTF_SIZET, + in_buf_new_len)); modified = 1; } } } - if( ssl->out_buf != NULL ) - { + if (ssl->out_buf != NULL) { written_out = ssl->out_msg - ssl->out_buf; iv_offset_out = ssl->out_iv - ssl->out_buf; len_offset_out = ssl->out_len - ssl->out_buf; - if( downsizing ? + if (downsizing ? ssl->out_buf_len > out_buf_new_len && ssl->out_left < out_buf_new_len : - ssl->out_buf_len < out_buf_new_len ) - { - if( resize_buffer( &ssl->out_buf, out_buf_new_len, &ssl->out_buf_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "output buffer resizing failed - out of memory" ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating out_buf to %" MBEDTLS_PRINTF_SIZET, - out_buf_new_len ) ); + ssl->out_buf_len < out_buf_new_len) { + if (resize_buffer(&ssl->out_buf, out_buf_new_len, &ssl->out_buf_len) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("output buffer resizing failed - out of memory")); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("Reallocating out_buf to %" MBEDTLS_PRINTF_SIZET, + out_buf_new_len)); modified = 1; } } } - if( modified ) - { + if (modified) { /* Update pointers here to avoid doing it twice. */ - mbedtls_ssl_reset_in_out_pointers( ssl ); + mbedtls_ssl_reset_in_out_pointers(ssl); /* Fields below might not be properly updated with record * splitting or with CID, so they are manually updated here. */ ssl->out_msg = ssl->out_buf + written_out; @@ -333,10 +316,10 @@ static void handle_buffer_resizing( mbedtls_ssl_context *ssl, int downsizing, */ #if defined(MBEDTLS_SSL_PROTO_SSL3) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl3_prf( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +static int ssl3_prf(const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { int ret = 0; size_t i; @@ -344,10 +327,10 @@ static int ssl3_prf( const unsigned char *secret, size_t slen, mbedtls_sha1_context sha1; unsigned char padding[16]; unsigned char sha1sum[20]; - ((void)label); + ((void) label); - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); + mbedtls_md5_init(&md5); + mbedtls_sha1_init(&sha1); /* * SSLv3: @@ -357,48 +340,56 @@ static int ssl3_prf( const unsigned char *secret, size_t slen, * MD5( secret + SHA1( 'CCC' + secret + random ) ) + * ... */ - for( i = 0; i < dlen / 16; i++ ) - { - memset( padding, (unsigned char) ('A' + i), 1 + i ); + for (i = 0; i < dlen / 16; i++) { + memset(padding, (unsigned char) ('A' + i), 1 + i); - if( ( ret = mbedtls_sha1_starts_ret( &sha1 ) ) != 0 ) + if ((ret = mbedtls_sha1_starts_ret(&sha1)) != 0) { goto exit; - if( ( ret = mbedtls_sha1_update_ret( &sha1, padding, 1 + i ) ) != 0 ) + } + if ((ret = mbedtls_sha1_update_ret(&sha1, padding, 1 + i)) != 0) { goto exit; - if( ( ret = mbedtls_sha1_update_ret( &sha1, secret, slen ) ) != 0 ) + } + if ((ret = mbedtls_sha1_update_ret(&sha1, secret, slen)) != 0) { goto exit; - if( ( ret = mbedtls_sha1_update_ret( &sha1, random, rlen ) ) != 0 ) + } + if ((ret = mbedtls_sha1_update_ret(&sha1, random, rlen)) != 0) { goto exit; - if( ( ret = mbedtls_sha1_finish_ret( &sha1, sha1sum ) ) != 0 ) + } + if ((ret = mbedtls_sha1_finish_ret(&sha1, sha1sum)) != 0) { goto exit; + } - if( ( ret = mbedtls_md5_starts_ret( &md5 ) ) != 0 ) + if ((ret = mbedtls_md5_starts_ret(&md5)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5, secret, slen ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5, secret, slen)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5, sha1sum, 20 ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5, sha1sum, 20)) != 0) { goto exit; - if( ( ret = mbedtls_md5_finish_ret( &md5, dstbuf + i * 16 ) ) != 0 ) + } + if ((ret = mbedtls_md5_finish_ret(&md5, dstbuf + i * 16)) != 0) { goto exit; + } } exit: - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); + mbedtls_md5_free(&md5); + mbedtls_sha1_free(&sha1); - mbedtls_platform_zeroize( padding, sizeof( padding ) ); - mbedtls_platform_zeroize( sha1sum, sizeof( sha1sum ) ); + mbedtls_platform_zeroize(padding, sizeof(padding)); + mbedtls_platform_zeroize(sha1sum, sizeof(sha1sum)); - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) MBEDTLS_CHECK_RETURN_CRITICAL -static int tls1_prf( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +static int tls1_prf(const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { size_t nb, hs; size_t i, j, k; @@ -410,204 +401,216 @@ static int tls1_prf( const unsigned char *secret, size_t slen, mbedtls_md_context_t md_ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_md_init( &md_ctx ); + mbedtls_md_init(&md_ctx); - tmp_len = 20 + strlen( label ) + rlen; - tmp = mbedtls_calloc( 1, tmp_len ); - if( tmp == NULL ) - { + tmp_len = 20 + strlen(label) + rlen; + tmp = mbedtls_calloc(1, tmp_len); + if (tmp == NULL) { ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } - hs = ( slen + 1 ) / 2; + hs = (slen + 1) / 2; S1 = secret; S2 = secret + slen - hs; - nb = strlen( label ); - memcpy( tmp + 20, label, nb ); - memcpy( tmp + 20 + nb, random, rlen ); + nb = strlen(label); + memcpy(tmp + 20, label, nb); + memcpy(tmp + 20 + nb, random, rlen); nb += rlen; /* * First compute P_md5(secret,label+random)[0..dlen] */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL ) - { + if ((md_info = mbedtls_md_info_from_type(MBEDTLS_MD_MD5)) == NULL) { ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto exit; } - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) - { + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) { goto exit; } - ret = mbedtls_md_hmac_starts( &md_ctx, S1, hs ); - if( ret != 0 ) + ret = mbedtls_md_hmac_starts(&md_ctx, S1, hs); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp + 20, nb); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, 4 + tmp); + if (ret != 0) { goto exit; + } - for( i = 0; i < dlen; i += 16 ) - { - ret = mbedtls_md_hmac_reset ( &md_ctx ); - if( ret != 0 ) + for (i = 0; i < dlen; i += 16) { + ret = mbedtls_md_hmac_reset(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 + nb ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, 4 + tmp, 16 + nb); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, h_i ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, h_i); + if (ret != 0) { goto exit; + } - ret = mbedtls_md_hmac_reset ( &md_ctx ); - if( ret != 0 ) + ret = mbedtls_md_hmac_reset(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, 4 + tmp, 16); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, 4 + tmp); + if (ret != 0) { goto exit; + } - k = ( i + 16 > dlen ) ? dlen % 16 : 16; + k = (i + 16 > dlen) ? dlen % 16 : 16; - for( j = 0; j < k; j++ ) + for (j = 0; j < k; j++) { dstbuf[i + j] = h_i[j]; + } } - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); /* * XOR out with P_sha1(secret,label+random)[0..dlen] */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) - { + if ((md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1)) == NULL) { ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto exit; } - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) - { + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) { goto exit; } - ret = mbedtls_md_hmac_starts( &md_ctx, S2, hs ); - if( ret != 0 ) + ret = mbedtls_md_hmac_starts(&md_ctx, S2, hs); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp + 20, nb); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, tmp ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, tmp); + if (ret != 0) { goto exit; + } - for( i = 0; i < dlen; i += 20 ) - { - ret = mbedtls_md_hmac_reset ( &md_ctx ); - if( ret != 0 ) + for (i = 0; i < dlen; i += 20) { + ret = mbedtls_md_hmac_reset(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp, 20 + nb ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp, 20 + nb); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, h_i ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, h_i); + if (ret != 0) { goto exit; + } - ret = mbedtls_md_hmac_reset ( &md_ctx ); - if( ret != 0 ) + ret = mbedtls_md_hmac_reset(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp, 20 ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp, 20); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, tmp ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, tmp); + if (ret != 0) { goto exit; + } - k = ( i + 20 > dlen ) ? dlen % 20 : 20; + k = (i + 20 > dlen) ? dlen % 20 : 20; - for( j = 0; j < k; j++ ) - dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] ); + for (j = 0; j < k; j++) { + dstbuf[i + j] = (unsigned char) (dstbuf[i + j] ^ h_i[j]); + } } exit: - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - mbedtls_platform_zeroize( tmp, tmp_len ); - mbedtls_platform_zeroize( h_i, sizeof( h_i ) ); + mbedtls_platform_zeroize(tmp, tmp_len); + mbedtls_platform_zeroize(h_i, sizeof(h_i)); - mbedtls_free( tmp ); - return( ret ); + mbedtls_free(tmp); + return ret; } #endif /* MBEDTLS_SSL_PROTO_TLS1) || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_USE_PSA_CRYPTO) -static psa_status_t setup_psa_key_derivation( psa_key_derivation_operation_t* derivation, - psa_key_id_t key, - psa_algorithm_t alg, - const unsigned char* seed, size_t seed_length, - const unsigned char* label, size_t label_length, - size_t capacity ) +static psa_status_t setup_psa_key_derivation(psa_key_derivation_operation_t *derivation, + psa_key_id_t key, + psa_algorithm_t alg, + const unsigned char *seed, size_t seed_length, + const unsigned char *label, size_t label_length, + size_t capacity) { psa_status_t status; - status = psa_key_derivation_setup( derivation, alg ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_key_derivation_setup(derivation, alg); + if (status != PSA_SUCCESS) { + return status; + } - if( PSA_ALG_IS_TLS12_PRF( alg ) || PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) - { - status = psa_key_derivation_input_bytes( derivation, - PSA_KEY_DERIVATION_INPUT_SEED, - seed, seed_length ); - if( status != PSA_SUCCESS ) - return( status ); + if (PSA_ALG_IS_TLS12_PRF(alg) || PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) { + status = psa_key_derivation_input_bytes(derivation, + PSA_KEY_DERIVATION_INPUT_SEED, + seed, seed_length); + if (status != PSA_SUCCESS) { + return status; + } - if( mbedtls_svc_key_id_is_null( key ) ) - { + if (mbedtls_svc_key_id_is_null(key)) { status = psa_key_derivation_input_bytes( derivation, PSA_KEY_DERIVATION_INPUT_SECRET, - NULL, 0 ); - } - else - { + NULL, 0); + } else { status = psa_key_derivation_input_key( - derivation, PSA_KEY_DERIVATION_INPUT_SECRET, key ); + derivation, PSA_KEY_DERIVATION_INPUT_SECRET, key); + } + if (status != PSA_SUCCESS) { + return status; } - if( status != PSA_SUCCESS ) - return( status ); - status = psa_key_derivation_input_bytes( derivation, - PSA_KEY_DERIVATION_INPUT_LABEL, - label, label_length ); - if( status != PSA_SUCCESS ) - return( status ); - } - else - { - return( PSA_ERROR_NOT_SUPPORTED ); + status = psa_key_derivation_input_bytes(derivation, + PSA_KEY_DERIVATION_INPUT_LABEL, + label, label_length); + if (status != PSA_SUCCESS) { + return status; + } + } else { + return PSA_ERROR_NOT_SUPPORTED; } - status = psa_key_derivation_set_capacity( derivation, capacity ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_key_derivation_set_capacity(derivation, capacity); + if (status != PSA_SUCCESS) { + return status; + } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } MBEDTLS_CHECK_RETURN_CRITICAL -static int tls_prf_generic( mbedtls_md_type_t md_type, - const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +static int tls_prf_generic(mbedtls_md_type_t md_type, + const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { psa_status_t status; psa_algorithm_t alg; @@ -615,10 +618,11 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, psa_key_derivation_operation_t derivation = PSA_KEY_DERIVATION_OPERATION_INIT; - if( md_type == MBEDTLS_MD_SHA384 ) + if (md_type == MBEDTLS_MD_SHA384) { alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384); - else + } else { alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256); + } /* Normally a "secret" should be long enough to be impossible to * find by brute force, and in particular should not be empty. But @@ -627,62 +631,61 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, * Since the key API doesn't allow importing a key of length 0, * keep master_key=0, which setup_psa_key_derivation() understands * to mean a 0-length "secret" input. */ - if( slen != 0 ) - { + if (slen != 0) { psa_key_attributes_t key_attributes = psa_key_attributes_init(); - psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &key_attributes, alg ); - psa_set_key_type( &key_attributes, PSA_KEY_TYPE_DERIVE ); - - status = psa_import_key( &key_attributes, secret, slen, &master_key ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - - status = setup_psa_key_derivation( &derivation, - master_key, alg, - random, rlen, - (unsigned char const *) label, - (size_t) strlen( label ), - dlen ); - if( status != PSA_SUCCESS ) - { - psa_key_derivation_abort( &derivation ); - psa_destroy_key( master_key ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&key_attributes, alg); + psa_set_key_type(&key_attributes, PSA_KEY_TYPE_DERIVE); + + status = psa_import_key(&key_attributes, secret, slen, &master_key); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } } - status = psa_key_derivation_output_bytes( &derivation, dstbuf, dlen ); - if( status != PSA_SUCCESS ) - { - psa_key_derivation_abort( &derivation ); - psa_destroy_key( master_key ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = setup_psa_key_derivation(&derivation, + master_key, alg, + random, rlen, + (unsigned char const *) label, + (size_t) strlen(label), + dlen); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(&derivation); + psa_destroy_key(master_key); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - status = psa_key_derivation_abort( &derivation ); - if( status != PSA_SUCCESS ) - { - psa_destroy_key( master_key ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = psa_key_derivation_output_bytes(&derivation, dstbuf, dlen); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(&derivation); + psa_destroy_key(master_key); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } + + status = psa_key_derivation_abort(&derivation); + if (status != PSA_SUCCESS) { + psa_destroy_key(master_key); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - if( ! mbedtls_svc_key_id_is_null( master_key ) ) - status = psa_destroy_key( master_key ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + if (!mbedtls_svc_key_id_is_null(master_key)) { + status = psa_destroy_key(master_key); + } + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } - return( 0 ); + return 0; } #else /* MBEDTLS_USE_PSA_CRYPTO */ MBEDTLS_CHECK_RETURN_CRITICAL -static int tls_prf_generic( mbedtls_md_type_t md_type, - const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +static int tls_prf_generic(mbedtls_md_type_t md_type, + const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { size_t nb; size_t i, j, k, md_len; @@ -693,237 +696,240 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, mbedtls_md_context_t md_ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_md_init( &md_ctx ); + mbedtls_md_init(&md_ctx); - if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == NULL ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if ((md_info = mbedtls_md_info_from_type(md_type)) == NULL) { + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; + } - md_len = mbedtls_md_get_size( md_info ); + md_len = mbedtls_md_get_size(md_info); - tmp_len = md_len + strlen( label ) + rlen; - tmp = mbedtls_calloc( 1, tmp_len ); - if( tmp == NULL ) - { + tmp_len = md_len + strlen(label) + rlen; + tmp = mbedtls_calloc(1, tmp_len); + if (tmp == NULL) { ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } - nb = strlen( label ); - memcpy( tmp + md_len, label, nb ); - memcpy( tmp + md_len + nb, random, rlen ); + nb = strlen(label); + memcpy(tmp + md_len, label, nb); + memcpy(tmp + md_len + nb, random, rlen); nb += rlen; /* * Compute P_(secret, label + random)[0..dlen] */ - if ( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) { goto exit; + } - ret = mbedtls_md_hmac_starts( &md_ctx, secret, slen ); - if( ret != 0 ) + ret = mbedtls_md_hmac_starts(&md_ctx, secret, slen); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp + md_len, nb ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp + md_len, nb); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, tmp ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, tmp); + if (ret != 0) { goto exit; + } - for( i = 0; i < dlen; i += md_len ) - { - ret = mbedtls_md_hmac_reset ( &md_ctx ); - if( ret != 0 ) + for (i = 0; i < dlen; i += md_len) { + ret = mbedtls_md_hmac_reset(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp, md_len + nb ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp, md_len + nb); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, h_i ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, h_i); + if (ret != 0) { goto exit; + } - ret = mbedtls_md_hmac_reset ( &md_ctx ); - if( ret != 0 ) + ret = mbedtls_md_hmac_reset(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp, md_len ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp, md_len); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, tmp ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, tmp); + if (ret != 0) { goto exit; + } - k = ( i + md_len > dlen ) ? dlen % md_len : md_len; + k = (i + md_len > dlen) ? dlen % md_len : md_len; - for( j = 0; j < k; j++ ) + for (j = 0; j < k; j++) { dstbuf[i + j] = h_i[j]; + } } exit: - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - if ( tmp != NULL ) - mbedtls_platform_zeroize( tmp, tmp_len ); + if (tmp != NULL) { + mbedtls_platform_zeroize(tmp, tmp_len); + } - mbedtls_platform_zeroize( h_i, sizeof( h_i ) ); + mbedtls_platform_zeroize(h_i, sizeof(h_i)); - mbedtls_free( tmp ); + mbedtls_free(tmp); - return( ret ); + return ret; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_SHA256_C) MBEDTLS_CHECK_RETURN_CRITICAL -static int tls_prf_sha256( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +static int tls_prf_sha256(const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { - return( tls_prf_generic( MBEDTLS_MD_SHA256, secret, slen, - label, random, rlen, dstbuf, dlen ) ); + return tls_prf_generic(MBEDTLS_MD_SHA256, secret, slen, + label, random, rlen, dstbuf, dlen); } #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) MBEDTLS_CHECK_RETURN_CRITICAL -static int tls_prf_sha384( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +static int tls_prf_sha384(const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { - return( tls_prf_generic( MBEDTLS_MD_SHA384, secret, slen, - label, random, rlen, dstbuf, dlen ) ); + return tls_prf_generic(MBEDTLS_MD_SHA384, secret, slen, + label, random, rlen, dstbuf, dlen); } #endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -static void ssl_update_checksum_start( mbedtls_ssl_context *, const unsigned char *, size_t ); +static void ssl_update_checksum_start(mbedtls_ssl_context *, const unsigned char *, size_t); #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *, const unsigned char *, size_t ); +static void ssl_update_checksum_md5sha1(mbedtls_ssl_context *, const unsigned char *, size_t); #endif #if defined(MBEDTLS_SSL_PROTO_SSL3) -static void ssl_calc_verify_ssl( const mbedtls_ssl_context *, unsigned char *, size_t * ); -static void ssl_calc_finished_ssl( mbedtls_ssl_context *, unsigned char *, int ); +static void ssl_calc_verify_ssl(const mbedtls_ssl_context *, unsigned char *, size_t *); +static void ssl_calc_finished_ssl(mbedtls_ssl_context *, unsigned char *, int); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_calc_verify_tls( const mbedtls_ssl_context *, unsigned char*, size_t * ); -static void ssl_calc_finished_tls( mbedtls_ssl_context *, unsigned char *, int ); +static void ssl_calc_verify_tls(const mbedtls_ssl_context *, unsigned char *, size_t *); +static void ssl_calc_finished_tls(mbedtls_ssl_context *, unsigned char *, int); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) -static void ssl_update_checksum_sha256( mbedtls_ssl_context *, const unsigned char *, size_t ); -static void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *,unsigned char*, size_t * ); -static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int ); +static void ssl_update_checksum_sha256(mbedtls_ssl_context *, const unsigned char *, size_t); +static void ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *, unsigned char *, size_t *); +static void ssl_calc_finished_tls_sha256(mbedtls_ssl_context *, unsigned char *, int); #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) -static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t ); -static void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *, unsigned char*, size_t * ); -static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int ); +static void ssl_update_checksum_sha384(mbedtls_ssl_context *, const unsigned char *, size_t); +static void ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *, unsigned char *, size_t *); +static void ssl_calc_finished_tls_sha384(mbedtls_ssl_context *, unsigned char *, int); #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) && \ defined(MBEDTLS_USE_PSA_CRYPTO) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) +static int ssl_use_opaque_psk(mbedtls_ssl_context const *ssl) { - if( ssl->conf->f_psk != NULL ) - { + if (ssl->conf->f_psk != NULL) { /* If we've used a callback to select the PSK, * the static configuration is irrelevant. */ - if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) - return( 1 ); + if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { + return 1; + } - return( 0 ); + return 0; } - if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) ) - return( 1 ); + if (!mbedtls_svc_key_id_is_null(ssl->conf->psk_opaque)) { + return 1; + } - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) -static mbedtls_tls_prf_types tls_prf_get_type( mbedtls_ssl_tls_prf_cb *tls_prf ) +static mbedtls_tls_prf_types tls_prf_get_type(mbedtls_ssl_tls_prf_cb *tls_prf) { #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( tls_prf == ssl3_prf ) - { - return( MBEDTLS_SSL_TLS_PRF_SSL3 ); - } - else + if (tls_prf == ssl3_prf) { + return MBEDTLS_SSL_TLS_PRF_SSL3; + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( tls_prf == tls1_prf ) - { - return( MBEDTLS_SSL_TLS_PRF_TLS1 ); - } - else + if (tls_prf == tls1_prf) { + return MBEDTLS_SSL_TLS_PRF_TLS1; + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) - if( tls_prf == tls_prf_sha384 ) - { - return( MBEDTLS_SSL_TLS_PRF_SHA384 ); - } - else + if (tls_prf == tls_prf_sha384) { + return MBEDTLS_SSL_TLS_PRF_SHA384; + } else #endif #if defined(MBEDTLS_SHA256_C) - if( tls_prf == tls_prf_sha256 ) - { - return( MBEDTLS_SSL_TLS_PRF_SHA256 ); - } - else + if (tls_prf == tls_prf_sha256) { + return MBEDTLS_SSL_TLS_PRF_SHA256; + } else #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - return( MBEDTLS_SSL_TLS_PRF_NONE ); + return MBEDTLS_SSL_TLS_PRF_NONE; } #endif /* MBEDTLS_SSL_EXPORT_KEYS */ -int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf, - const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf, + const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { mbedtls_ssl_tls_prf_cb *tls_prf = NULL; - switch( prf ) - { + switch (prf) { #if defined(MBEDTLS_SSL_PROTO_SSL3) case MBEDTLS_SSL_TLS_PRF_SSL3: tls_prf = ssl3_prf; - break; + break; #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) case MBEDTLS_SSL_TLS_PRF_TLS1: tls_prf = tls1_prf; - break; + break; #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_SSL_TLS_PRF_SHA384: tls_prf = tls_prf_sha384; - break; + break; #endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */ #if defined(MBEDTLS_SHA256_C) case MBEDTLS_SSL_TLS_PRF_SHA256: tls_prf = tls_prf_sha256; - break; + break; #endif /* MBEDTLS_SHA256_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - default: - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + default: + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } - return( tls_prf( secret, slen, label, random, rlen, dstbuf, dlen ) ); + return tls_prf(secret, slen, label, random, rlen, dstbuf, dlen); } /* Type for the TLS PRF */ @@ -954,28 +960,28 @@ typedef int ssl_tls_prf_t(const unsigned char *, size_t, const char *, * - MBEDTLS_DEBUG_C: ssl->conf->{f,p}_dbg */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_populate_transform( mbedtls_ssl_transform *transform, - int ciphersuite, - const unsigned char master[48], +static int ssl_populate_transform(mbedtls_ssl_transform *transform, + int ciphersuite, + const unsigned char master[48], #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - int encrypt_then_mac, + int encrypt_then_mac, #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - int trunc_hmac, + int trunc_hmac, #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #if defined(MBEDTLS_ZLIB_SUPPORT) - int compression, + int compression, #endif - ssl_tls_prf_t tls_prf, - const unsigned char randbytes[64], - int minor_ver, - unsigned endpoint, + ssl_tls_prf_t tls_prf, + const unsigned char randbytes[64], + int minor_ver, + unsigned endpoint, #if !defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - const + const #endif - mbedtls_ssl_context *ssl ) + mbedtls_ssl_context *ssl) { int ret = 0; #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -1012,71 +1018,66 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, transform->minor_ver = minor_ver; #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - memcpy( transform->randbytes, randbytes, sizeof( transform->randbytes ) ); + memcpy(transform->randbytes, randbytes, sizeof(transform->randbytes)); #endif /* * Get various info structures */ - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite ); - if( ciphersuite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %d not found", - ciphersuite ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuite); + if (ciphersuite_info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("ciphersuite info for %d not found", + ciphersuite)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher ); - if( cipher_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %u not found", - ciphersuite_info->cipher ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + cipher_info = mbedtls_cipher_info_from_type(ciphersuite_info->cipher); + if (cipher_info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("cipher info for %u not found", + ciphersuite_info->cipher)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - md_info = mbedtls_md_info_from_type( ciphersuite_info->mac ); - if( md_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %u not found", - (unsigned) ciphersuite_info->mac ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type(ciphersuite_info->mac); + if (md_info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("mbedtls_md info for %u not found", + (unsigned) ciphersuite_info->mac)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) /* Copy own and peer's CID if the use of the CID * extension has been negotiated. */ - if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Copy CIDs into SSL transform" ) ); + if (ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Copy CIDs into SSL transform")); transform->in_cid_len = ssl->own_cid_len; - memcpy( transform->in_cid, ssl->own_cid, ssl->own_cid_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Incoming CID", transform->in_cid, - transform->in_cid_len ); + memcpy(transform->in_cid, ssl->own_cid, ssl->own_cid_len); + MBEDTLS_SSL_DEBUG_BUF(3, "Incoming CID", transform->in_cid, + transform->in_cid_len); transform->out_cid_len = ssl->handshake->peer_cid_len; - memcpy( transform->out_cid, ssl->handshake->peer_cid, - ssl->handshake->peer_cid_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Outgoing CID", transform->out_cid, - transform->out_cid_len ); + memcpy(transform->out_cid, ssl->handshake->peer_cid, + ssl->handshake->peer_cid_len); + MBEDTLS_SSL_DEBUG_BUF(3, "Outgoing CID", transform->out_cid, + transform->out_cid_len); } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ /* * Compute key block using the PRF */ - ret = tls_prf( master, 48, "key expansion", randbytes, 64, keyblk, 256 ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); - return( ret ); + ret = tls_prf(master, 48, "key expansion", randbytes, 64, keyblk, 256); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "prf", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite = %s", - mbedtls_ssl_get_ciphersuite_name( ciphersuite ) ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "master secret", master, 48 ); - MBEDTLS_SSL_DEBUG_BUF( 4, "random bytes", randbytes, 64 ); - MBEDTLS_SSL_DEBUG_BUF( 4, "key block", keyblk, 256 ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite = %s", + mbedtls_ssl_get_ciphersuite_name(ciphersuite))); + MBEDTLS_SSL_DEBUG_BUF(3, "master secret", master, 48); + MBEDTLS_SSL_DEBUG_BUF(4, "random bytes", randbytes, 64); + MBEDTLS_SSL_DEBUG_BUF(4, "key block", keyblk, 256); /* * Determine the appropriate key, IV and MAC length. @@ -1087,10 +1088,9 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, #if defined(MBEDTLS_GCM_C) || \ defined(MBEDTLS_CCM_C) || \ defined(MBEDTLS_CHACHAPOLY_C) - if( cipher_info->mode == MBEDTLS_MODE_GCM || + if (cipher_info->mode == MBEDTLS_MODE_GCM || cipher_info->mode == MBEDTLS_MODE_CCM || - cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) - { + cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY) { size_t explicit_ivlen; transform->maclen = 0; @@ -1108,39 +1108,35 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, */ transform->ivlen = 12; #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) { transform->fixed_ivlen = 12; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ { - if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) + if (cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY) { transform->fixed_ivlen = 12; - else + } else { transform->fixed_ivlen = 4; + } } /* Minimum length of encrypted record */ explicit_ivlen = transform->ivlen - transform->fixed_ivlen; transform->minlen = explicit_ivlen + transform->taglen; - } - else + } else #endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - if( cipher_info->mode == MBEDTLS_MODE_STREAM || - cipher_info->mode == MBEDTLS_MODE_CBC ) - { + if (cipher_info->mode == MBEDTLS_MODE_STREAM || + cipher_info->mode == MBEDTLS_MODE_CBC) { /* Initialize HMAC contexts */ - if( ( ret = mbedtls_md_setup( &transform->md_ctx_enc, md_info, 1 ) ) != 0 || - ( ret = mbedtls_md_setup( &transform->md_ctx_dec, md_info, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret ); + if ((ret = mbedtls_md_setup(&transform->md_ctx_enc, md_info, 1)) != 0 || + (ret = mbedtls_md_setup(&transform->md_ctx_dec, md_info, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_setup", ret); goto end; } /* Get MAC length */ - mac_key_len = mbedtls_md_get_size( md_info ); + mac_key_len = mbedtls_md_get_size(md_info); transform->maclen = mac_key_len; #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) @@ -1149,8 +1145,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * (rfc 6066 page 13 or rfc 2104 section 4), * so we only need to adjust the length here. */ - if( trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) - { + if (trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED) { transform->maclen = MBEDTLS_SSL_TRUNCATED_HMAC_LEN; #if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) @@ -1166,10 +1161,9 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, transform->ivlen = cipher_info->iv_size; /* Minimum length */ - if( cipher_info->mode == MBEDTLS_MODE_STREAM ) + if (cipher_info->mode == MBEDTLS_MODE_STREAM) { transform->minlen = transform->maclen; - else - { + } else { /* * GenericBlockCipher: * 1. if EtM is in use: one block plus MAC @@ -1177,59 +1171,53 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * 2. IV except for SSL3 and TLS 1.0 */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED ) - { + if (encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED) { transform->minlen = transform->maclen - + cipher_info->block_size; - } - else + + cipher_info->block_size; + } else #endif { transform->minlen = transform->maclen - + cipher_info->block_size - - transform->maclen % cipher_info->block_size; + + cipher_info->block_size + - transform->maclen % cipher_info->block_size; } #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || - minor_ver == MBEDTLS_SSL_MINOR_VERSION_1 ) + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || + minor_ver == MBEDTLS_SSL_MINOR_VERSION_1) { ; /* No need to adjust minlen */ - else + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_2 || - minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_2 || + minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { transform->minlen += transform->ivlen; - } - else + } else #endif { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto end; } } - } - else + } else #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "keylen: %u, minlen: %u, ivlen: %u, maclen: %u", - (unsigned) keylen, - (unsigned) transform->minlen, - (unsigned) transform->ivlen, - (unsigned) transform->maclen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("keylen: %u, minlen: %u, ivlen: %u, maclen: %u", + (unsigned) keylen, + (unsigned) transform->minlen, + (unsigned) transform->ivlen, + (unsigned) transform->maclen)); /* * Finally setup the cipher contexts, IVs and MAC secrets. */ #if defined(MBEDTLS_SSL_CLI_C) - if( endpoint == MBEDTLS_SSL_IS_CLIENT ) - { + if (endpoint == MBEDTLS_SSL_IS_CLIENT) { key1 = keyblk + mac_key_len * 2; key2 = keyblk + mac_key_len * 2 + keylen; @@ -1239,17 +1227,15 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, /* * This is not used in TLS v1.1. */ - iv_copy_len = ( transform->fixed_ivlen ) ? - transform->fixed_ivlen : transform->ivlen; - memcpy( transform->iv_enc, key2 + keylen, iv_copy_len ); - memcpy( transform->iv_dec, key2 + keylen + iv_copy_len, - iv_copy_len ); - } - else + iv_copy_len = (transform->fixed_ivlen) ? + transform->fixed_ivlen : transform->ivlen; + memcpy(transform->iv_enc, key2 + keylen, iv_copy_len); + memcpy(transform->iv_dec, key2 + keylen + iv_copy_len, + iv_copy_len); + } else #endif /* MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_SSL_SRV_C) - if( endpoint == MBEDTLS_SSL_IS_SERVER ) - { + if (endpoint == MBEDTLS_SSL_IS_SERVER) { key1 = keyblk + mac_key_len * 2 + keylen; key2 = keyblk + mac_key_len * 2; @@ -1259,77 +1245,70 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, /* * This is not used in TLS v1.1. */ - iv_copy_len = ( transform->fixed_ivlen ) ? - transform->fixed_ivlen : transform->ivlen; - memcpy( transform->iv_dec, key1 + keylen, iv_copy_len ); - memcpy( transform->iv_enc, key1 + keylen + iv_copy_len, - iv_copy_len ); - } - else + iv_copy_len = (transform->fixed_ivlen) ? + transform->fixed_ivlen : transform->ivlen; + memcpy(transform->iv_dec, key1 + keylen, iv_copy_len); + memcpy(transform->iv_enc, key1 + keylen + iv_copy_len, + iv_copy_len); + } else #endif /* MBEDTLS_SSL_SRV_C */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto end; } #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - if( mac_key_len > sizeof( transform->mac_enc ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { + if (mac_key_len > sizeof(transform->mac_enc)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto end; } - memcpy( transform->mac_enc, mac_enc, mac_key_len ); - memcpy( transform->mac_dec, mac_dec, mac_key_len ); - } - else + memcpy(transform->mac_enc, mac_enc, mac_key_len); + memcpy(transform->mac_dec, mac_dec, mac_key_len); + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) - { + if (minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1) { /* For HMAC-based ciphersuites, initialize the HMAC transforms. For AEAD-based ciphersuites, there is nothing to do here. */ - if( mac_key_len != 0 ) - { - ret = mbedtls_md_hmac_starts( &transform->md_ctx_enc, - mac_enc, mac_key_len ); - if( ret != 0 ) + if (mac_key_len != 0) { + ret = mbedtls_md_hmac_starts(&transform->md_ctx_enc, + mac_enc, mac_key_len); + if (ret != 0) { goto end; - ret = mbedtls_md_hmac_starts( &transform->md_ctx_dec, - mac_dec, mac_key_len ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_starts(&transform->md_ctx_dec, + mac_dec, mac_key_len); + if (ret != 0) { goto end; + } } - } - else + } else #endif { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto end; } #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_init != NULL ) - { + if (mbedtls_ssl_hw_record_init != NULL) { ret = 0; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_init()" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_init()")); - if( ( ret = mbedtls_ssl_hw_record_init( ssl, key1, key2, keylen, - transform->iv_enc, transform->iv_dec, - iv_copy_len, - mac_enc, mac_dec, - mac_key_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_init", ret ); + if ((ret = mbedtls_ssl_hw_record_init(ssl, key1, key2, keylen, + transform->iv_enc, transform->iv_dec, + iv_copy_len, + mac_enc, mac_dec, + mac_key_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_init", ret); ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto end; } @@ -1340,23 +1319,21 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( ssl->conf->f_export_keys != NULL ) - { - ssl->conf->f_export_keys( ssl->conf->p_export_keys, - master, keyblk, - mac_key_len, keylen, - iv_copy_len ); + if (ssl->conf->f_export_keys != NULL) { + ssl->conf->f_export_keys(ssl->conf->p_export_keys, + master, keyblk, + mac_key_len, keylen, + iv_copy_len); } - if( ssl->conf->f_export_keys_ext != NULL ) - { - ssl->conf->f_export_keys_ext( ssl->conf->p_export_keys, - master, keyblk, - mac_key_len, keylen, - iv_copy_len, - randbytes + 32, - randbytes, - tls_prf_get_type( tls_prf ) ); + if (ssl->conf->f_export_keys_ext != NULL) { + ssl->conf->f_export_keys_ext(ssl->conf->p_export_keys, + master, keyblk, + mac_key_len, keylen, + iv_copy_len, + randbytes + 32, + randbytes, + tls_prf_get_type(tls_prf)); } #endif @@ -1369,41 +1346,38 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * the structure field for the IV, which the PSA-based * implementation currently doesn't. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc, - cipher_info, transform->taglen ); - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { + ret = mbedtls_cipher_setup_psa(&transform->cipher_ctx_enc, + cipher_info, transform->taglen); + if (ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setup_psa", ret); goto end; } - if( ret == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Successfully setup PSA-based encryption cipher context" ) ); + if (ret == 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Successfully setup PSA-based encryption cipher context")); psa_fallthrough = 0; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "Failed to setup PSA-based cipher context for record encryption - fall through to default setup.")); psa_fallthrough = 1; } - } - else + } else { psa_fallthrough = 1; + } #else psa_fallthrough = 1; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - if( psa_fallthrough == 0 ) + if (psa_fallthrough == 0) { do_mbedtls_cipher_setup = 0; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( do_mbedtls_cipher_setup && - ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc, - cipher_info ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); + if (do_mbedtls_cipher_setup && + (ret = mbedtls_cipher_setup(&transform->cipher_ctx_enc, + cipher_info)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setup", ret); goto end; } @@ -1415,74 +1389,66 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * the structure field for the IV, which the PSA-based * implementation currently doesn't. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec, - cipher_info, transform->taglen ); - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { + ret = mbedtls_cipher_setup_psa(&transform->cipher_ctx_dec, + cipher_info, transform->taglen); + if (ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setup_psa", ret); goto end; } - if( ret == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Successfully setup PSA-based decryption cipher context" ) ); + if (ret == 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Successfully setup PSA-based decryption cipher context")); psa_fallthrough = 0; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "Failed to setup PSA-based cipher context for record decryption - fall through to default setup.")); psa_fallthrough = 1; } - } - else + } else { psa_fallthrough = 1; + } #else psa_fallthrough = 1; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - if( psa_fallthrough == 0 ) + if (psa_fallthrough == 0) { do_mbedtls_cipher_setup = 0; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( do_mbedtls_cipher_setup && - ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec, - cipher_info ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); + if (do_mbedtls_cipher_setup && + (ret = mbedtls_cipher_setup(&transform->cipher_ctx_dec, + cipher_info)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setup", ret); goto end; } - if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc, key1, - cipher_info->key_bitlen, - MBEDTLS_ENCRYPT ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); + if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_enc, key1, + cipher_info->key_bitlen, + MBEDTLS_ENCRYPT)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret); goto end; } - if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec, key2, - cipher_info->key_bitlen, - MBEDTLS_DECRYPT ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); + if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_dec, key2, + cipher_info->key_bitlen, + MBEDTLS_DECRYPT)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret); goto end; } #if defined(MBEDTLS_CIPHER_MODE_CBC) - if( cipher_info->mode == MBEDTLS_MODE_CBC ) - { - if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_enc, - MBEDTLS_PADDING_NONE ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret ); + if (cipher_info->mode == MBEDTLS_MODE_CBC) { + if ((ret = mbedtls_cipher_set_padding_mode(&transform->cipher_ctx_enc, + MBEDTLS_PADDING_NONE)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_set_padding_mode", ret); goto end; } - if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_dec, - MBEDTLS_PADDING_NONE ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret ); + if ((ret = mbedtls_cipher_set_padding_mode(&transform->cipher_ctx_dec, + MBEDTLS_PADDING_NONE)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_set_padding_mode", ret); goto end; } } @@ -1491,18 +1457,16 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, /* Initialize Zlib contexts */ #if defined(MBEDTLS_ZLIB_SUPPORT) - if( compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) ); + if (compression == MBEDTLS_SSL_COMPRESS_DEFLATE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Initializing zlib states")); - memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) ); - memset( &transform->ctx_inflate, 0, sizeof( transform->ctx_inflate ) ); + memset(&transform->ctx_deflate, 0, sizeof(transform->ctx_deflate)); + memset(&transform->ctx_inflate, 0, sizeof(transform->ctx_inflate)); - if( deflateInit( &transform->ctx_deflate, - Z_DEFAULT_COMPRESSION ) != Z_OK || - inflateInit( &transform->ctx_inflate ) != Z_OK ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to initialize compression" ) ); + if (deflateInit(&transform->ctx_deflate, + Z_DEFAULT_COMPRESSION) != Z_OK || + inflateInit(&transform->ctx_inflate) != Z_OK) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Failed to initialize compression")); ret = MBEDTLS_ERR_SSL_COMPRESSION_FAILED; goto end; } @@ -1510,8 +1474,8 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, #endif /* MBEDTLS_ZLIB_SUPPORT */ end: - mbedtls_platform_zeroize( keyblk, sizeof( keyblk ) ); - return( ret ); + mbedtls_platform_zeroize(keyblk, sizeof(keyblk)); + return ret; } /* @@ -1525,59 +1489,51 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * - the tls_prf, calc_verify and calc_finished members of handshake structure */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake, - int minor_ver, - mbedtls_md_type_t hash ) +static int ssl_set_handshake_prfs(mbedtls_ssl_handshake_params *handshake, + int minor_ver, + mbedtls_md_type_t hash) { #if !defined(MBEDTLS_SSL_PROTO_TLS1_2) || \ - !( defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) ) + !(defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)) (void) hash; #endif #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { handshake->tls_prf = ssl3_prf; handshake->calc_verify = ssl_calc_verify_ssl; handshake->calc_finished = ssl_calc_finished_ssl; - } - else + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) { handshake->tls_prf = tls1_prf; handshake->calc_verify = ssl_calc_verify_tls; handshake->calc_finished = ssl_calc_finished_tls; - } - else + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && - hash == MBEDTLS_MD_SHA384 ) - { + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && + hash == MBEDTLS_MD_SHA384) { handshake->tls_prf = tls_prf_sha384; handshake->calc_verify = ssl_calc_verify_tls_sha384; handshake->calc_finished = ssl_calc_finished_tls_sha384; - } - else + } else #endif #if defined(MBEDTLS_SHA256_C) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { handshake->tls_prf = tls_prf_sha256; handshake->calc_verify = ssl_calc_verify_tls_sha256; handshake->calc_finished = ssl_calc_finished_tls_sha256; - } - else + } else #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - return( 0 ); + return 0; } /* @@ -1595,9 +1551,9 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake, * PSA-PSA: minor_ver, conf */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake, - unsigned char *master, - const mbedtls_ssl_context *ssl ) +static int ssl_compute_master(mbedtls_ssl_handshake_params *handshake, + unsigned char *master, + const mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -1628,35 +1584,32 @@ static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake, #if !defined(MBEDTLS_DEBUG_C) && \ !defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \ !(defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)) + defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)) ssl = NULL; /* make sure we don't use it except for those cases */ (void) ssl; #endif - if( handshake->resume != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) ); - return( 0 ); + if (handshake->resume != 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("no premaster (session resumed)")); + return 0; } #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED ) - { + if (handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED) { lbl = "extended master secret"; salt = session_hash; - handshake->calc_verify( ssl, session_hash, &salt_len ); + handshake->calc_verify(ssl, session_hash, &salt_len); - MBEDTLS_SSL_DEBUG_BUF( 3, "session hash for extended master secret", - session_hash, salt_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "session hash for extended master secret", + session_hash, salt_len); } #endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && + if (handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && - ssl_use_opaque_psk( ssl ) == 1 ) - { + ssl_use_opaque_psk(ssl) == 1) { /* Perform PSK-to-MS expansion in a single step. */ psa_status_t status; psa_algorithm_t alg; @@ -1665,89 +1618,85 @@ static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake, PSA_KEY_DERIVATION_OPERATION_INIT; mbedtls_md_type_t hash_alg = handshake->ciphersuite_info->mac; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "perform PSA-based PSK-to-MS expansion" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("perform PSA-based PSK-to-MS expansion")); - psk = mbedtls_ssl_get_opaque_psk( ssl ); + psk = mbedtls_ssl_get_opaque_psk(ssl); - if( hash_alg == MBEDTLS_MD_SHA384 ) + if (hash_alg == MBEDTLS_MD_SHA384) { alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); - else + } else { alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); + } - status = setup_psa_key_derivation( &derivation, psk, alg, - salt, salt_len, - (unsigned char const *) lbl, - (size_t) strlen( lbl ), - master_secret_len ); - if( status != PSA_SUCCESS ) - { - psa_key_derivation_abort( &derivation ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = setup_psa_key_derivation(&derivation, psk, alg, + salt, salt_len, + (unsigned char const *) lbl, + (size_t) strlen(lbl), + master_secret_len); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(&derivation); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - status = psa_key_derivation_output_bytes( &derivation, - master, - master_secret_len ); - if( status != PSA_SUCCESS ) - { - psa_key_derivation_abort( &derivation ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = psa_key_derivation_output_bytes(&derivation, + master, + master_secret_len); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(&derivation); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - status = psa_key_derivation_abort( &derivation ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - else + status = psa_key_derivation_abort(&derivation); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } + } else #endif { - ret = handshake->tls_prf( handshake->premaster, handshake->pmslen, - lbl, salt, salt_len, - master, - master_secret_len ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); - return( ret ); + ret = handshake->tls_prf(handshake->premaster, handshake->pmslen, + lbl, salt, salt_len, + master, + master_secret_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "prf", ret); + return ret; } - MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", - handshake->premaster, - handshake->pmslen ); + MBEDTLS_SSL_DEBUG_BUF(3, "premaster secret", + handshake->premaster, + handshake->pmslen); - mbedtls_platform_zeroize( handshake->premaster, - sizeof(handshake->premaster) ); + mbedtls_platform_zeroize(handshake->premaster, + sizeof(handshake->premaster)); } - return( 0 ); + return 0; } -int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_ssl_ciphersuite_t * const ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> derive keys")); /* Set PRF, calc_verify and calc_finished function pointers */ - ret = ssl_set_handshake_prfs( ssl->handshake, - ssl->minor_ver, - ciphersuite_info->mac ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_set_handshake_prfs", ret ); - return( ret ); + ret = ssl_set_handshake_prfs(ssl->handshake, + ssl->minor_ver, + ciphersuite_info->mac); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_set_handshake_prfs", ret); + return ret; } /* Compute master secret if needed */ - ret = ssl_compute_master( ssl->handshake, - ssl->session_negotiate->master, - ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_compute_master", ret ); - return( ret ); + ret = ssl_compute_master(ssl->handshake, + ssl->session_negotiate->master, + ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_compute_master", ret); + return ret; } /* Swap the client and server random values: @@ -1755,142 +1704,139 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) * - key derivation wants server+client (RFC 5246 6.3) */ { unsigned char tmp[64]; - memcpy( tmp, ssl->handshake->randbytes, 64 ); - memcpy( ssl->handshake->randbytes, tmp + 32, 32 ); - memcpy( ssl->handshake->randbytes + 32, tmp, 32 ); - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); + memcpy(tmp, ssl->handshake->randbytes, 64); + memcpy(ssl->handshake->randbytes, tmp + 32, 32); + memcpy(ssl->handshake->randbytes + 32, tmp, 32); + mbedtls_platform_zeroize(tmp, sizeof(tmp)); } /* Populate transform structure */ - ret = ssl_populate_transform( ssl->transform_negotiate, - ssl->session_negotiate->ciphersuite, - ssl->session_negotiate->master, + ret = ssl_populate_transform(ssl->transform_negotiate, + ssl->session_negotiate->ciphersuite, + ssl->session_negotiate->master, #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - ssl->session_negotiate->encrypt_then_mac, + ssl->session_negotiate->encrypt_then_mac, #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - ssl->session_negotiate->trunc_hmac, + ssl->session_negotiate->trunc_hmac, #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #if defined(MBEDTLS_ZLIB_SUPPORT) - ssl->session_negotiate->compression, -#endif - ssl->handshake->tls_prf, - ssl->handshake->randbytes, - ssl->minor_ver, - ssl->conf->endpoint, - ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_populate_transform", ret ); - return( ret ); + ssl->session_negotiate->compression, +#endif + ssl->handshake->tls_prf, + ssl->handshake->randbytes, + ssl->minor_ver, + ssl->conf->endpoint, + ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_populate_transform", ret); + return ret; } /* We no longer need Server/ClientHello.random values */ - mbedtls_platform_zeroize( ssl->handshake->randbytes, - sizeof( ssl->handshake->randbytes ) ); + mbedtls_platform_zeroize(ssl->handshake->randbytes, + sizeof(ssl->handshake->randbytes)); /* Allocate compression buffer */ #if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->session_negotiate->compression == MBEDTLS_SSL_COMPRESS_DEFLATE && - ssl->compress_buf == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Allocating compression buffer" ) ); - ssl->compress_buf = mbedtls_calloc( 1, MBEDTLS_SSL_COMPRESS_BUFFER_LEN ); - if( ssl->compress_buf == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", - MBEDTLS_SSL_COMPRESS_BUFFER_LEN ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if (ssl->session_negotiate->compression == MBEDTLS_SSL_COMPRESS_DEFLATE && + ssl->compress_buf == NULL) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Allocating compression buffer")); + ssl->compress_buf = mbedtls_calloc(1, MBEDTLS_SSL_COMPRESS_BUFFER_LEN); + if (ssl->compress_buf == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%d bytes) failed", + MBEDTLS_SSL_COMPRESS_BUFFER_LEN)); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } } #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive keys" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= derive keys")); - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_SSL3) -void ssl_calc_verify_ssl( const mbedtls_ssl_context *ssl, - unsigned char *hash, - size_t *hlen ) +void ssl_calc_verify_ssl(const mbedtls_ssl_context *ssl, + unsigned char *hash, + size_t *hlen) { mbedtls_md5_context md5; mbedtls_sha1_context sha1; unsigned char pad_1[48]; unsigned char pad_2[48]; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify ssl" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify ssl")); - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); + mbedtls_md5_init(&md5); + mbedtls_sha1_init(&sha1); - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); + mbedtls_md5_clone(&md5, &ssl->handshake->fin_md5); + mbedtls_sha1_clone(&sha1, &ssl->handshake->fin_sha1); - memset( pad_1, 0x36, 48 ); - memset( pad_2, 0x5C, 48 ); + memset(pad_1, 0x36, 48); + memset(pad_2, 0x5C, 48); - mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 ); - mbedtls_md5_update_ret( &md5, pad_1, 48 ); - mbedtls_md5_finish_ret( &md5, hash ); + mbedtls_md5_update_ret(&md5, ssl->session_negotiate->master, 48); + mbedtls_md5_update_ret(&md5, pad_1, 48); + mbedtls_md5_finish_ret(&md5, hash); - mbedtls_md5_starts_ret( &md5 ); - mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 ); - mbedtls_md5_update_ret( &md5, pad_2, 48 ); - mbedtls_md5_update_ret( &md5, hash, 16 ); - mbedtls_md5_finish_ret( &md5, hash ); + mbedtls_md5_starts_ret(&md5); + mbedtls_md5_update_ret(&md5, ssl->session_negotiate->master, 48); + mbedtls_md5_update_ret(&md5, pad_2, 48); + mbedtls_md5_update_ret(&md5, hash, 16); + mbedtls_md5_finish_ret(&md5, hash); - mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 ); - mbedtls_sha1_update_ret( &sha1, pad_1, 40 ); - mbedtls_sha1_finish_ret( &sha1, hash + 16 ); + mbedtls_sha1_update_ret(&sha1, ssl->session_negotiate->master, 48); + mbedtls_sha1_update_ret(&sha1, pad_1, 40); + mbedtls_sha1_finish_ret(&sha1, hash + 16); - mbedtls_sha1_starts_ret( &sha1 ); - mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 ); - mbedtls_sha1_update_ret( &sha1, pad_2, 40 ); - mbedtls_sha1_update_ret( &sha1, hash + 16, 20 ); - mbedtls_sha1_finish_ret( &sha1, hash + 16 ); + mbedtls_sha1_starts_ret(&sha1); + mbedtls_sha1_update_ret(&sha1, ssl->session_negotiate->master, 48); + mbedtls_sha1_update_ret(&sha1, pad_2, 40); + mbedtls_sha1_update_ret(&sha1, hash + 16, 20); + mbedtls_sha1_finish_ret(&sha1, hash + 16); *hlen = 36; - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify")); - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); + mbedtls_md5_free(&md5); + mbedtls_sha1_free(&sha1); return; } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -void ssl_calc_verify_tls( const mbedtls_ssl_context *ssl, - unsigned char *hash, - size_t *hlen ) +void ssl_calc_verify_tls(const mbedtls_ssl_context *ssl, + unsigned char *hash, + size_t *hlen) { mbedtls_md5_context md5; mbedtls_sha1_context sha1; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify tls" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify tls")); - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); + mbedtls_md5_init(&md5); + mbedtls_sha1_init(&sha1); - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); + mbedtls_md5_clone(&md5, &ssl->handshake->fin_md5); + mbedtls_sha1_clone(&sha1, &ssl->handshake->fin_sha1); - mbedtls_md5_finish_ret( &md5, hash ); - mbedtls_sha1_finish_ret( &sha1, hash + 16 ); + mbedtls_md5_finish_ret(&md5, hash); + mbedtls_sha1_finish_ret(&sha1, hash + 16); *hlen = 36; - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify")); - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); + mbedtls_md5_free(&md5); + mbedtls_sha1_free(&sha1); return; } @@ -1898,98 +1844,94 @@ void ssl_calc_verify_tls( const mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) -void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *ssl, - unsigned char *hash, - size_t *hlen ) +void ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *ssl, + unsigned char *hash, + size_t *hlen) { #if defined(MBEDTLS_USE_PSA_CRYPTO) size_t hash_size; psa_status_t status; psa_hash_operation_t sha256_psa = psa_hash_operation_init(); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PSA calc verify sha256" ) ); - status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> PSA calc verify sha256")); + status = psa_hash_clone(&ssl->handshake->fin_sha256_psa, &sha256_psa); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed")); return; } - status = psa_hash_finish( &sha256_psa, hash, 32, &hash_size ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); + status = psa_hash_finish(&sha256_psa, hash, 32, &hash_size); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed")); return; } *hlen = 32; - MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= PSA calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated verify result", hash, *hlen); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= PSA calc verify")); #else mbedtls_sha256_context sha256; - mbedtls_sha256_init( &sha256 ); + mbedtls_sha256_init(&sha256); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify sha256")); - mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); - mbedtls_sha256_finish_ret( &sha256, hash ); + mbedtls_sha256_clone(&sha256, &ssl->handshake->fin_sha256); + mbedtls_sha256_finish_ret(&sha256, hash); *hlen = 32; - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify")); - mbedtls_sha256_free( &sha256 ); + mbedtls_sha256_free(&sha256); #endif /* MBEDTLS_USE_PSA_CRYPTO */ return; } #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) -void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl, - unsigned char *hash, - size_t *hlen ) +void ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *ssl, + unsigned char *hash, + size_t *hlen) { #if defined(MBEDTLS_USE_PSA_CRYPTO) size_t hash_size; psa_status_t status; psa_hash_operation_t sha384_psa = psa_hash_operation_init(); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PSA calc verify sha384" ) ); - status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> PSA calc verify sha384")); + status = psa_hash_clone(&ssl->handshake->fin_sha384_psa, &sha384_psa); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed")); return; } - status = psa_hash_finish( &sha384_psa, hash, 48, &hash_size ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); + status = psa_hash_finish(&sha384_psa, hash, 48, &hash_size); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed")); return; } *hlen = 48; - MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= PSA calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated verify result", hash, *hlen); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= PSA calc verify")); #else mbedtls_sha512_context sha512; - mbedtls_sha512_init( &sha512 ); + mbedtls_sha512_init(&sha512); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify sha384")); - mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); - mbedtls_sha512_finish_ret( &sha512, hash ); + mbedtls_sha512_clone(&sha512, &ssl->handshake->fin_sha512); + mbedtls_sha512_finish_ret(&sha512, hash); *hlen = 48; - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify")); - mbedtls_sha512_free( &sha512 ); + mbedtls_sha512_free(&sha512); #endif /* MBEDTLS_USE_PSA_CRYPTO */ return; } @@ -1997,22 +1939,21 @@ void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex ) +int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex) { unsigned char *p = ssl->handshake->premaster; - unsigned char *end = p + sizeof( ssl->handshake->premaster ); + unsigned char *end = p + sizeof(ssl->handshake->premaster); const unsigned char *psk = NULL; size_t psk_len = 0; - if( mbedtls_ssl_get_psk( ssl, &psk, &psk_len ) - == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ) - { + if (mbedtls_ssl_get_psk(ssl, &psk, &psk_len) + == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED) { /* * This should never happen because the existence of a PSK is always * checked before calling this function */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* @@ -2023,152 +1964,142 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch * with "other_secret" depending on the particular key exchange */ #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( key_ex == MBEDTLS_KEY_EXCHANGE_PSK ) - { - if( end - p < 2 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (key_ex == MBEDTLS_KEY_EXCHANGE_PSK) { + if (end - p < 2) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(psk_len, p, 0); p += 2; - if( end < p || (size_t)( end - p ) < psk_len ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (end < p || (size_t) (end - p) < psk_len) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - memset( p, 0, psk_len ); + memset(p, 0, psk_len); p += psk_len; - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( key_ex == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { + if (key_ex == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { /* * other_secret already set by the ClientKeyExchange message, * and is 48 bytes long */ - if( end - p < 2 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (end - p < 2) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } *p++ = 0; *p++ = 48; p += 48; - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) - { + if (key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; /* Write length only when we know the actual value */ - if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, - p + 2, end - ( p + 2 ), &len, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); - return( ret ); + if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx, + p + 2, end - (p + 2), &len, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret); + return ret; } - MBEDTLS_PUT_UINT16_BE( len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(len, p, 0); p += 2 + len; - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); - } - else + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K); + } else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { + if (key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t zlen; - if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen, - p + 2, end - ( p + 2 ), - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); - return( ret ); + if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, &zlen, + p + 2, end - (p + 2), + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_calc_secret", ret); + return ret; } - MBEDTLS_PUT_UINT16_BE( zlen, p, 0 ); + MBEDTLS_PUT_UINT16_BE(zlen, p, 0); p += 2 + zlen; - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Z ); - } - else + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Z); + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* opaque psk<0..2^16-1>; */ - if( end - p < 2 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (end - p < 2) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(psk_len, p, 0); p += 2; - if( end < p || (size_t)( end - p ) < psk_len ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (end < p || (size_t) (end - p) < psk_len) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - memcpy( p, psk, psk_len ); + memcpy(p, psk, psk_len); p += psk_len; ssl->handshake->pmslen = p - ssl->handshake->premaster; - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_hello_request( mbedtls_ssl_context *ssl ); +static int ssl_write_hello_request(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_PROTO_DTLS) -int mbedtls_ssl_resend_hello_request( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_resend_hello_request(mbedtls_ssl_context *ssl) { /* If renegotiation is not enforced, retransmit until we would reach max * timeout if we were using the usual handshake doubling scheme */ - if( ssl->conf->renego_max_records < 0 ) - { + if (ssl->conf->renego_max_records < 0) { uint32_t ratio = ssl->conf->hs_timeout_max / ssl->conf->hs_timeout_min + 1; unsigned char doublings = 1; - while( ratio != 0 ) - { + while (ratio != 0) { ++doublings; ratio >>= 1; } - if( ++ssl->renego_records_seen > doublings ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "no longer retransmitting hello request" ) ); - return( 0 ); + if (++ssl->renego_records_seen > doublings) { + MBEDTLS_SSL_DEBUG_MSG(2, ("no longer retransmitting hello request")); + return 0; } } - return( ssl_write_hello_request( ssl ) ); + return ssl_write_hello_request(ssl); } #endif #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -static void ssl_clear_peer_cert( mbedtls_ssl_session *session ) +static void ssl_clear_peer_cert(mbedtls_ssl_session *session) { #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( session->peer_cert != NULL ) - { - mbedtls_x509_crt_free( session->peer_cert ); - mbedtls_free( session->peer_cert ); + if (session->peer_cert != NULL) { + mbedtls_x509_crt_free(session->peer_cert); + mbedtls_free(session->peer_cert); session->peer_cert = NULL; } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( session->peer_cert_digest != NULL ) - { + if (session->peer_cert_digest != NULL) { /* Zeroization is not necessary. */ - mbedtls_free( session->peer_cert_digest ); + mbedtls_free(session->peer_cert_digest); session->peer_cert_digest = NULL; session->peer_cert_digest_type = MBEDTLS_MD_NONE; session->peer_cert_digest_len = 0; @@ -2182,46 +2113,44 @@ static void ssl_clear_peer_cert( mbedtls_ssl_session *session ) */ #if !defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* No certificate support -> dummy functions */ -int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate")); - if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate")); ssl->state++; - return( 0 ); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } -int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate")); - if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate")); ssl->state++; - return( 0 ); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ /* Some certificate support -> implement write and parse */ -int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t i, n; @@ -2229,23 +2158,20 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate")); - if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate")); ssl->state++; - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - { - if( ssl->client_auth == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { + if (ssl->client_auth == 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate")); ssl->state++; - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_SSL3) @@ -2253,32 +2179,29 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) * If using SSLv3 and got no cert, send an Alert message * (otherwise an empty Certificate message will be sent). */ - if( mbedtls_ssl_own_cert( ssl ) == NULL && - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (mbedtls_ssl_own_cert(ssl) == NULL && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { ssl->out_msglen = 2; ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT; ssl->out_msg[0] = MBEDTLS_SSL_ALERT_LEVEL_WARNING; ssl->out_msg[1] = MBEDTLS_SSL_ALERT_MSG_NO_CERT; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "got no certificate to send" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("got no certificate to send")); goto write_msg; } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ } #endif /* MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - { - if( mbedtls_ssl_own_cert( ssl ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no certificate to send" ) ); - return( MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { + if (mbedtls_ssl_own_cert(ssl) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no certificate to send")); + return MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED; } } #endif - MBEDTLS_SSL_DEBUG_CRT( 3, "own certificate", mbedtls_ssl_own_cert( ssl ) ); + MBEDTLS_SSL_DEBUG_CRT(3, "own certificate", mbedtls_ssl_own_cert(ssl)); /* * 0 . 0 handshake type @@ -2290,30 +2213,28 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) * n+3 . ... upper level cert, etc. */ i = 7; - crt = mbedtls_ssl_own_cert( ssl ); + crt = mbedtls_ssl_own_cert(ssl); - while( crt != NULL ) - { + while (crt != NULL) { n = crt->raw.len; - if( n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate too large, %" MBEDTLS_PRINTF_SIZET - " > %" MBEDTLS_PRINTF_SIZET, - i + 3 + n, (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN ) ); - return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE ); + if (n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i) { + MBEDTLS_SSL_DEBUG_MSG(1, ("certificate too large, %" MBEDTLS_PRINTF_SIZET + " > %" MBEDTLS_PRINTF_SIZET, + i + 3 + n, (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN)); + return MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE; } - ssl->out_msg[i ] = MBEDTLS_BYTE_2( n ); - ssl->out_msg[i + 1] = MBEDTLS_BYTE_1( n ); - ssl->out_msg[i + 2] = MBEDTLS_BYTE_0( n ); + ssl->out_msg[i] = MBEDTLS_BYTE_2(n); + ssl->out_msg[i + 1] = MBEDTLS_BYTE_1(n); + ssl->out_msg[i + 2] = MBEDTLS_BYTE_0(n); - i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n ); + i += 3; memcpy(ssl->out_msg + i, crt->raw.p, n); i += n; crt = crt->next; } - ssl->out_msg[4] = MBEDTLS_BYTE_2( i - 7 ); - ssl->out_msg[5] = MBEDTLS_BYTE_1( i - 7 ); - ssl->out_msg[6] = MBEDTLS_BYTE_0( i - 7 ); + ssl->out_msg[4] = MBEDTLS_BYTE_2(i - 7); + ssl->out_msg[5] = MBEDTLS_BYTE_1(i - 7); + ssl->out_msg[6] = MBEDTLS_BYTE_0(i - 7); ssl->out_msglen = i; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; @@ -2325,40 +2246,41 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write certificate")); - return( ret ); + return ret; } #if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, - unsigned char *crt_buf, - size_t crt_buf_len ) +static int ssl_check_peer_crt_unchanged(mbedtls_ssl_context *ssl, + unsigned char *crt_buf, + size_t crt_buf_len) { mbedtls_x509_crt const * const peer_crt = ssl->session->peer_cert; - if( peer_crt == NULL ) - return( -1 ); + if (peer_crt == NULL) { + return -1; + } - if( peer_crt->raw.len != crt_buf_len ) - return( -1 ); + if (peer_crt->raw.len != crt_buf_len) { + return -1; + } - return( memcmp( peer_crt->raw.p, crt_buf, peer_crt->raw.len ) ); + return memcmp(peer_crt->raw.p, crt_buf, peer_crt->raw.len); } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, - unsigned char *crt_buf, - size_t crt_buf_len ) +static int ssl_check_peer_crt_unchanged(mbedtls_ssl_context *ssl, + unsigned char *crt_buf, + size_t crt_buf_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char const * const peer_cert_digest = @@ -2366,22 +2288,25 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, mbedtls_md_type_t const peer_cert_digest_type = ssl->session->peer_cert_digest_type; mbedtls_md_info_t const * const digest_info = - mbedtls_md_info_from_type( peer_cert_digest_type ); + mbedtls_md_info_from_type(peer_cert_digest_type); unsigned char tmp_digest[MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN]; size_t digest_len; - if( peer_cert_digest == NULL || digest_info == NULL ) - return( -1 ); + if (peer_cert_digest == NULL || digest_info == NULL) { + return -1; + } - digest_len = mbedtls_md_get_size( digest_info ); - if( digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN ) - return( -1 ); + digest_len = mbedtls_md_get_size(digest_info); + if (digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN) { + return -1; + } - ret = mbedtls_md( digest_info, crt_buf, crt_buf_len, tmp_digest ); - if( ret != 0 ) - return( -1 ); + ret = mbedtls_md(digest_info, crt_buf, crt_buf_len, tmp_digest); + if (ret != 0) { + return -1; + } - return( memcmp( tmp_digest, peer_cert_digest, digest_len ) ); + return memcmp(tmp_digest, peer_cert_digest, digest_len); } #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */ @@ -2391,125 +2316,116 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, * perform basic checks, but leave actual verification to the caller */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *chain ) +static int ssl_parse_certificate_chain(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *chain) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) - int crt_cnt=0; + int crt_cnt = 0; #endif size_t i, n; uint8_t alert; - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE || - ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 3 + 3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + if (ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE || + ssl->in_hslen < mbedtls_ssl_hs_hdr_len(ssl) + 3 + 3) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } - i = mbedtls_ssl_hs_hdr_len( ssl ); + i = mbedtls_ssl_hs_hdr_len(ssl); /* * Same message structure as in mbedtls_ssl_write_certificate() */ - n = ( ssl->in_msg[i+1] << 8 ) | ssl->in_msg[i+2]; + n = (ssl->in_msg[i+1] << 8) | ssl->in_msg[i+2]; - if( ssl->in_msg[i] != 0 || - ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + if (ssl->in_msg[i] != 0 || + ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } /* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */ i += 3; /* Iterate through and parse the CRTs in the provided chain. */ - while( i < ssl->in_hslen ) - { + while (i < ssl->in_hslen) { /* Check that there's room for the next CRT's length fields. */ - if ( i + 3 > ssl->in_hslen ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + if (i + 3 > ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message")); + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } /* In theory, the CRT can be up to 2**24 Bytes, but we don't support * anything beyond 2**16 ~ 64K. */ - if( ssl->in_msg[i] != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + if (ssl->in_msg[i] != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message")); + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } /* Read length of the next CRT in the chain. */ - n = ( (unsigned int) ssl->in_msg[i + 1] << 8 ) + n = ((unsigned int) ssl->in_msg[i + 1] << 8) | (unsigned int) ssl->in_msg[i + 2]; i += 3; - if( n < 128 || i + n > ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + if (n < 128 || i + n > ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message")); + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } /* Check if we're handling the first CRT in the chain. */ #if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) - if( crt_cnt++ == 0 && + if (crt_cnt++ == 0 && ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { /* During client-side renegotiation, check that the server's * end-CRTs hasn't changed compared to the initial handshake, * mitigating the triple handshake attack. On success, reuse * the original end-CRT instead of parsing it again. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Check that peer CRT hasn't changed during renegotiation" ) ); - if( ssl_check_peer_crt_unchanged( ssl, - &ssl->in_msg[i], - n ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Check that peer CRT hasn't changed during renegotiation")); + if (ssl_check_peer_crt_unchanged(ssl, + &ssl->in_msg[i], + n) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("new server cert during renegotiation")); + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } /* Now we can safely free the original chain. */ - ssl_clear_peer_cert( ssl->session ); + ssl_clear_peer_cert(ssl->session); } #endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */ /* Parse the next certificate in the chain. */ #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - ret = mbedtls_x509_crt_parse_der( chain, ssl->in_msg + i, n ); + ret = mbedtls_x509_crt_parse_der(chain, ssl->in_msg + i, n); #else /* If we don't need to store the CRT chain permanently, parse * it in-place from the input buffer instead of making a copy. */ - ret = mbedtls_x509_crt_parse_der_nocopy( chain, ssl->in_msg + i, n ); + ret = mbedtls_x509_crt_parse_der_nocopy(chain, ssl->in_msg + i, n); #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - switch( ret ) - { + switch (ret) { case 0: /*ok*/ case MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND: /* Ignore certificate with an unknown algorithm: maybe a @@ -2526,57 +2442,55 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, default: alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT; - crt_parse_der_failed: - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert ); - MBEDTLS_SSL_DEBUG_RET( 1, " mbedtls_x509_crt_parse_der", ret ); - return( ret ); +crt_parse_der_failed: + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert); + MBEDTLS_SSL_DEBUG_RET(1, " mbedtls_x509_crt_parse_der", ret); + return ret; } i += n; } - MBEDTLS_SSL_DEBUG_CRT( 3, "peer certificate", chain ); - return( 0 ); + MBEDTLS_SSL_DEBUG_CRT(3, "peer certificate", chain); + return 0; } #if defined(MBEDTLS_SSL_SRV_C) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl ) +static int ssl_srv_check_client_no_crt_notification(mbedtls_ssl_context *ssl) { - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - return( -1 ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { + return -1; + } #if defined(MBEDTLS_SSL_PROTO_SSL3) /* * Check if the client sent an empty certificate */ - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - if( ssl->in_msglen == 2 && + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { + if (ssl->in_msglen == 2 && ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT && ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "SSLv3 client has no certificate" ) ); - return( 0 ); + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT) { + MBEDTLS_SSL_DEBUG_MSG(1, ("SSLv3 client has no certificate")); + return 0; } - return( -1 ); + return -1; } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len( ssl ) && + if (ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len(ssl) && ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE && - memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) ); - return( 0 ); + memcmp(ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl), "\0\0\0", 3) == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("TLSv1 client has no certificate")); + return 0; } - return( -1 ); + return -1; #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ } @@ -2591,40 +2505,40 @@ static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl ) #define SSL_CERTIFICATE_EXPECTED 0 #define SSL_CERTIFICATE_SKIP 1 MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_certificate_coordinate( mbedtls_ssl_context *ssl, - int authmode ) +static int ssl_parse_certificate_coordinate(mbedtls_ssl_context *ssl, + int authmode) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) - return( SSL_CERTIFICATE_SKIP ); + if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) { + return SSL_CERTIFICATE_SKIP; + } #if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - { - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - return( SSL_CERTIFICATE_SKIP ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { + return SSL_CERTIFICATE_SKIP; + } - if( authmode == MBEDTLS_SSL_VERIFY_NONE ) - { + if (authmode == MBEDTLS_SSL_VERIFY_NONE) { ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_SKIP_VERIFY; - return( SSL_CERTIFICATE_SKIP ); + return SSL_CERTIFICATE_SKIP; } } #else ((void) authmode); #endif /* MBEDTLS_SSL_SRV_C */ - return( SSL_CERTIFICATE_EXPECTED ); + return SSL_CERTIFICATE_EXPECTED; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, - int authmode, - mbedtls_x509_crt *chain, - void *rs_ctx ) +static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl, + int authmode, + mbedtls_x509_crt *chain, + void *rs_ctx) { int ret = 0; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = @@ -2634,18 +2548,16 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *); void *p_vrfy; - if( authmode == MBEDTLS_SSL_VERIFY_NONE ) - return( 0 ); + if (authmode == MBEDTLS_SSL_VERIFY_NONE) { + return 0; + } - if( ssl->f_vrfy != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use context-specific verification callback" ) ); + if (ssl->f_vrfy != NULL) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Use context-specific verification callback")); f_vrfy = ssl->f_vrfy; p_vrfy = ssl->p_vrfy; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use configuration-specific verification callback" ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(3, ("Use configuration-specific verification callback")); f_vrfy = ssl->conf->f_vrfy; p_vrfy = ssl->conf->p_vrfy; } @@ -2654,12 +2566,11 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, * Main check: verify certificate */ #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( ssl->conf->f_ca_cb != NULL ) - { + if (ssl->conf->f_ca_cb != NULL) { ((void) rs_ctx); have_ca_chain = 1; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "use CA callback for X.509 CRT verification" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("use CA callback for X.509 CRT verification")); ret = mbedtls_x509_crt_verify_with_ca_cb( chain, ssl->conf->f_ca_cb, @@ -2667,29 +2578,27 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, ssl->conf->cert_profile, ssl->hostname, &ssl->session_negotiate->verify_result, - f_vrfy, p_vrfy ); - } - else + f_vrfy, p_vrfy); + } else #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ { mbedtls_x509_crt *ca_chain; mbedtls_x509_crl *ca_crl; #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_ca_chain != NULL ) - { + if (ssl->handshake->sni_ca_chain != NULL) { ca_chain = ssl->handshake->sni_ca_chain; ca_crl = ssl->handshake->sni_ca_crl; - } - else + } else #endif { ca_chain = ssl->conf->ca_chain; ca_crl = ssl->conf->ca_crl; } - if( ca_chain != NULL ) + if (ca_chain != NULL) { have_ca_chain = 1; + } ret = mbedtls_x509_crt_verify_restartable( chain, @@ -2697,17 +2606,17 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, ssl->conf->cert_profile, ssl->hostname, &ssl->session_negotiate->verify_result, - f_vrfy, p_vrfy, rs_ctx ); + f_vrfy, p_vrfy, rs_ctx); } - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "x509_verify_cert", ret ); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "x509_verify_cert", ret); } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - return( MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ); + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { + return MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; + } #endif /* @@ -2721,26 +2630,26 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, /* If certificate uses an EC key, make sure the curve is OK. * This is a public key, so it can't be opaque, so can_do() is a good * enough check to ensure pk_ec() is safe to use here. */ - if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) && - mbedtls_ssl_check_curve( ssl, mbedtls_pk_ec( *pk )->grp.id ) != 0 ) - { + if (mbedtls_pk_can_do(pk, MBEDTLS_PK_ECKEY) && + mbedtls_ssl_check_curve(ssl, mbedtls_pk_ec(*pk)->grp.id) != 0) { ssl->session_negotiate->verify_result |= MBEDTLS_X509_BADCERT_BAD_KEY; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (EC key curve)" ) ); - if( ret == 0 ) + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate (EC key curve)")); + if (ret == 0) { ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; + } } } #endif /* MBEDTLS_ECP_C */ - if( mbedtls_ssl_check_cert_usage( chain, - ciphersuite_info, - ! ssl->conf->endpoint, - &ssl->session_negotiate->verify_result ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) ); - if( ret == 0 ) + if (mbedtls_ssl_check_cert_usage(chain, + ciphersuite_info, + !ssl->conf->endpoint, + &ssl->session_negotiate->verify_result) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate (usage extensions)")); + if (ret == 0) { ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; + } } /* mbedtls_x509_crt_verify_with_profile is supposed to report a @@ -2749,122 +2658,115 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, * of error codes, including those from the user provided f_vrfy * functions, are treated as fatal and lead to a failure of * ssl_parse_certificate even if verification was optional. */ - if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL && - ( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED || - ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ) ) - { + if (authmode == MBEDTLS_SSL_VERIFY_OPTIONAL && + (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED || + ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE)) { ret = 0; } - if( have_ca_chain == 0 && authmode == MBEDTLS_SSL_VERIFY_REQUIRED ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no CA chain" ) ); + if (have_ca_chain == 0 && authmode == MBEDTLS_SSL_VERIFY_REQUIRED) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no CA chain")); ret = MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED; } - if( ret != 0 ) - { + if (ret != 0) { uint8_t alert; /* The certificate may have been rejected for several reasons. Pick one and send the corresponding alert. Which alert to send may be a subject of debate in some cases. */ - if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_OTHER ) + if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_OTHER) { alert = MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH) { alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_KEY_USAGE ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_KEY_USAGE) { alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXT_KEY_USAGE ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXT_KEY_USAGE) { alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NS_CERT_TYPE ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NS_CERT_TYPE) { alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_PK ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_PK) { alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_KEY ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_KEY) { alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXPIRED ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXPIRED) { alert = MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_REVOKED ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_REVOKED) { alert = MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED) { alert = MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA; - else + } else { alert = MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN; - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - alert ); + } + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + alert); } #if defined(MBEDTLS_DEBUG_C) - if( ssl->session_negotiate->verify_result != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "! Certificate verification flags %08x", - (unsigned int) ssl->session_negotiate->verify_result ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Certificate verification flags clear" ) ); + if (ssl->session_negotiate->verify_result != 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("! Certificate verification flags %08x", + (unsigned int) ssl->session_negotiate->verify_result)); + } else { + MBEDTLS_SSL_DEBUG_MSG(3, ("Certificate verification flags clear")); } #endif /* MBEDTLS_DEBUG_C */ - return( ret ); + return ret; } #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_remember_peer_crt_digest( mbedtls_ssl_context *ssl, - unsigned char *start, size_t len ) +static int ssl_remember_peer_crt_digest(mbedtls_ssl_context *ssl, + unsigned char *start, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Remember digest of the peer's end-CRT. */ ssl->session_negotiate->peer_cert_digest = - mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ); - if( ssl->session_negotiate->peer_cert_digest == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + mbedtls_calloc(1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN); + if (ssl->session_negotiate->peer_cert_digest == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%d bytes) failed", + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN)); + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } - ret = mbedtls_md( mbedtls_md_info_from_type( - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE ), - start, len, - ssl->session_negotiate->peer_cert_digest ); + ret = mbedtls_md(mbedtls_md_info_from_type( + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE), + start, len, + ssl->session_negotiate->peer_cert_digest); ssl->session_negotiate->peer_cert_digest_type = MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; ssl->session_negotiate->peer_cert_digest_len = MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; - return( ret ); + return ret; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_remember_peer_pubkey( mbedtls_ssl_context *ssl, - unsigned char *start, size_t len ) +static int ssl_remember_peer_pubkey(mbedtls_ssl_context *ssl, + unsigned char *start, size_t len) { unsigned char *end = start + len; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Make a copy of the peer's raw public key. */ - mbedtls_pk_init( &ssl->handshake->peer_pubkey ); - ret = mbedtls_pk_parse_subpubkey( &start, end, - &ssl->handshake->peer_pubkey ); - if( ret != 0 ) - { + mbedtls_pk_init(&ssl->handshake->peer_pubkey); + ret = mbedtls_pk_parse_subpubkey(&start, end, + &ssl->handshake->peer_pubkey); + if (ret != 0) { /* We should have parsed the public key before. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - return( 0 ); + return 0; } #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl) { int ret = 0; int crt_expected; @@ -2878,40 +2780,37 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) void *rs_ctx = NULL; mbedtls_x509_crt *chain = NULL; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate")); - crt_expected = ssl_parse_certificate_coordinate( ssl, authmode ); - if( crt_expected == SSL_CERTIFICATE_SKIP ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + crt_expected = ssl_parse_certificate_coordinate(ssl, authmode); + if (crt_expected == SSL_CERTIFICATE_SKIP) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate")); goto exit; } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled && - ssl->handshake->ecrs_state == ssl_ecrs_crt_verify ) - { + if (ssl->handshake->ecrs_enabled && + ssl->handshake->ecrs_state == ssl_ecrs_crt_verify) { chain = ssl->handshake->ecrs_peer_cert; ssl->handshake->ecrs_peer_cert = NULL; goto crt_verify; } #endif - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { /* mbedtls_ssl_read_record may have sent an alert already. We let it decide whether to alert. */ - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); goto exit; } #if defined(MBEDTLS_SSL_SRV_C) - if( ssl_srv_check_client_no_crt_notification( ssl ) == 0 ) - { + if (ssl_srv_check_client_no_crt_notification(ssl) == 0) { ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING; - if( authmode != MBEDTLS_SSL_VERIFY_OPTIONAL ) + if (authmode != MBEDTLS_SSL_VERIFY_OPTIONAL) { ret = MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE; + } goto exit; } @@ -2919,39 +2818,42 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) /* Clear existing peer CRT structure in case we tried to * reuse a session but it failed, and allocate a new one. */ - ssl_clear_peer_cert( ssl->session_negotiate ); + ssl_clear_peer_cert(ssl->session_negotiate); - chain = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); - if( chain == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", - sizeof( mbedtls_x509_crt ) ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + chain = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); + if (chain == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", + sizeof(mbedtls_x509_crt))); + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } - mbedtls_x509_crt_init( chain ); + mbedtls_x509_crt_init(chain); - ret = ssl_parse_certificate_chain( ssl, chain ); - if( ret != 0 ) + ret = ssl_parse_certificate_chain(ssl, chain); + if (ret != 0) { goto exit; + } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled) + if (ssl->handshake->ecrs_enabled) { ssl->handshake->ecrs_state = ssl_ecrs_crt_verify; + } crt_verify: - if( ssl->handshake->ecrs_enabled) + if (ssl->handshake->ecrs_enabled) { rs_ctx = &ssl->handshake->ecrs_ctx; + } #endif - ret = ssl_parse_certificate_verify( ssl, authmode, - chain, rs_ctx ); - if( ret != 0 ) + ret = ssl_parse_certificate_verify(ssl, authmode, + chain, rs_ctx); + if (ret != 0) { goto exit; + } #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) { @@ -2971,17 +2873,19 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) /* Free the CRT structures before computing * digest and copying the peer's public key. */ - mbedtls_x509_crt_free( chain ); - mbedtls_free( chain ); + mbedtls_x509_crt_free(chain); + mbedtls_free(chain); chain = NULL; - ret = ssl_remember_peer_crt_digest( ssl, crt_start, crt_len ); - if( ret != 0 ) + ret = ssl_remember_peer_crt_digest(ssl, crt_start, crt_len); + if (ret != 0) { goto exit; + } - ret = ssl_remember_peer_pubkey( ssl, pk_start, pk_len ); - if( ret != 0 ) + ret = ssl_remember_peer_pubkey(ssl, pk_start, pk_len); + if (ret != 0) { goto exit; + } } #else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /* Pass ownership to session structure. */ @@ -2989,108 +2893,107 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) chain = NULL; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate")); exit: - if( ret == 0 ) + if (ret == 0) { ssl->state++; + } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { + if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { ssl->handshake->ecrs_peer_cert = chain; chain = NULL; } #endif - if( chain != NULL ) - { - mbedtls_x509_crt_free( chain ); - mbedtls_free( chain ); + if (chain != NULL) { + mbedtls_x509_crt_free(chain); + mbedtls_free(chain); } - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, - const mbedtls_ssl_ciphersuite_t *ciphersuite_info ) +void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl, + const mbedtls_ssl_ciphersuite_t *ciphersuite_info) { ((void) ciphersuite_info); #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) + if (ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) { ssl->handshake->update_checksum = ssl_update_checksum_md5sha1; - else + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) - if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { ssl->handshake->update_checksum = ssl_update_checksum_sha384; - else + } else #endif #if defined(MBEDTLS_SHA256_C) - if( ciphersuite_info->mac != MBEDTLS_MD_SHA384 ) + if (ciphersuite_info->mac != MBEDTLS_MD_SHA384) { ssl->handshake->update_checksum = ssl_update_checksum_sha256; - else + } else #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); return; } } -void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_starts_ret( &ssl->handshake->fin_md5 ); - mbedtls_sha1_starts_ret( &ssl->handshake->fin_sha1 ); + mbedtls_md5_starts_ret(&ssl->handshake->fin_md5); + mbedtls_sha1_starts_ret(&ssl->handshake->fin_sha1); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort( &ssl->handshake->fin_sha256_psa ); - psa_hash_setup( &ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256 ); + psa_hash_abort(&ssl->handshake->fin_sha256_psa); + psa_hash_setup(&ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256); #else - mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 ); + mbedtls_sha256_starts_ret(&ssl->handshake->fin_sha256, 0); #endif #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort( &ssl->handshake->fin_sha384_psa ); - psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); + psa_hash_abort(&ssl->handshake->fin_sha384_psa); + psa_hash_setup(&ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384); #else - mbedtls_sha512_starts_ret( &ssl->handshake->fin_sha512, 1 ); + mbedtls_sha512_starts_ret(&ssl->handshake->fin_sha512, 1); #endif #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ } -static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +static void ssl_update_checksum_start(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len ); - mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len ); + mbedtls_md5_update_ret(&ssl->handshake->fin_md5, buf, len); + mbedtls_sha1_update_ret(&ssl->handshake->fin_sha1, buf, len); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len ); + psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len); #else - mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len ); + mbedtls_sha256_update_ret(&ssl->handshake->fin_sha256, buf, len); #endif #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); + psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len); #else - mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len ); + mbedtls_sha512_update_ret(&ssl->handshake->fin_sha512, buf, len); #endif #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -3098,35 +3001,35 @@ static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +static void ssl_update_checksum_md5sha1(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { - mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len ); - mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len ); + mbedtls_md5_update_ret(&ssl->handshake->fin_md5, buf, len); + mbedtls_sha1_update_ret(&ssl->handshake->fin_sha1, buf, len); } #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) -static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +static void ssl_update_checksum_sha256(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len ); + psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len); #else - mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len ); + mbedtls_sha256_update_ret(&ssl->handshake->fin_sha256, buf, len); #endif } #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) -static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +static void ssl_update_checksum_sha384(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); + psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len); #else - mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len ); + mbedtls_sha512_update_ret(&ssl->handshake->fin_sha512, buf, len); #endif } #endif @@ -3134,7 +3037,7 @@ static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_SSL3) static void ssl_calc_finished_ssl( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) + mbedtls_ssl_context *ssl, unsigned char *buf, int from) { const char *sender; mbedtls_md5_context md5; @@ -3145,16 +3048,17 @@ static void ssl_calc_finished_ssl( unsigned char sha1sum[20]; mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) + if (!session) { session = ssl->session; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished ssl" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc finished ssl")); - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); + mbedtls_md5_init(&md5); + mbedtls_sha1_init(&sha1); - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); + mbedtls_md5_clone(&md5, &ssl->handshake->fin_md5); + mbedtls_sha1_clone(&sha1, &ssl->handshake->fin_sha1); /* * SSLv3: @@ -3166,60 +3070,60 @@ static void ssl_calc_finished_ssl( */ #if !defined(MBEDTLS_MD5_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) - md5.state, sizeof( md5.state ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "finished md5 state", (unsigned char *) + md5.state, sizeof(md5.state)); #endif #if !defined(MBEDTLS_SHA1_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) - sha1.state, sizeof( sha1.state ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "finished sha1 state", (unsigned char *) + sha1.state, sizeof(sha1.state)); #endif - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) ? "CLNT" + sender = (from == MBEDTLS_SSL_IS_CLIENT) ? "CLNT" : "SRVR"; - memset( padbuf, 0x36, 48 ); + memset(padbuf, 0x36, 48); - mbedtls_md5_update_ret( &md5, (const unsigned char *) sender, 4 ); - mbedtls_md5_update_ret( &md5, session->master, 48 ); - mbedtls_md5_update_ret( &md5, padbuf, 48 ); - mbedtls_md5_finish_ret( &md5, md5sum ); + mbedtls_md5_update_ret(&md5, (const unsigned char *) sender, 4); + mbedtls_md5_update_ret(&md5, session->master, 48); + mbedtls_md5_update_ret(&md5, padbuf, 48); + mbedtls_md5_finish_ret(&md5, md5sum); - mbedtls_sha1_update_ret( &sha1, (const unsigned char *) sender, 4 ); - mbedtls_sha1_update_ret( &sha1, session->master, 48 ); - mbedtls_sha1_update_ret( &sha1, padbuf, 40 ); - mbedtls_sha1_finish_ret( &sha1, sha1sum ); + mbedtls_sha1_update_ret(&sha1, (const unsigned char *) sender, 4); + mbedtls_sha1_update_ret(&sha1, session->master, 48); + mbedtls_sha1_update_ret(&sha1, padbuf, 40); + mbedtls_sha1_finish_ret(&sha1, sha1sum); - memset( padbuf, 0x5C, 48 ); + memset(padbuf, 0x5C, 48); - mbedtls_md5_starts_ret( &md5 ); - mbedtls_md5_update_ret( &md5, session->master, 48 ); - mbedtls_md5_update_ret( &md5, padbuf, 48 ); - mbedtls_md5_update_ret( &md5, md5sum, 16 ); - mbedtls_md5_finish_ret( &md5, buf ); + mbedtls_md5_starts_ret(&md5); + mbedtls_md5_update_ret(&md5, session->master, 48); + mbedtls_md5_update_ret(&md5, padbuf, 48); + mbedtls_md5_update_ret(&md5, md5sum, 16); + mbedtls_md5_finish_ret(&md5, buf); - mbedtls_sha1_starts_ret( &sha1 ); - mbedtls_sha1_update_ret( &sha1, session->master, 48 ); - mbedtls_sha1_update_ret( &sha1, padbuf , 40 ); - mbedtls_sha1_update_ret( &sha1, sha1sum, 20 ); - mbedtls_sha1_finish_ret( &sha1, buf + 16 ); + mbedtls_sha1_starts_ret(&sha1); + mbedtls_sha1_update_ret(&sha1, session->master, 48); + mbedtls_sha1_update_ret(&sha1, padbuf, 40); + mbedtls_sha1_update_ret(&sha1, sha1sum, 20); + mbedtls_sha1_finish_ret(&sha1, buf + 16); - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 ); + MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, 36); - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); + mbedtls_md5_free(&md5); + mbedtls_sha1_free(&sha1); - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); - mbedtls_platform_zeroize( md5sum, sizeof( md5sum ) ); - mbedtls_platform_zeroize( sha1sum, sizeof( sha1sum ) ); + mbedtls_platform_zeroize(padbuf, sizeof(padbuf)); + mbedtls_platform_zeroize(md5sum, sizeof(md5sum)); + mbedtls_platform_zeroize(sha1sum, sizeof(sha1sum)); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished")); } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) static void ssl_calc_finished_tls( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) + mbedtls_ssl_context *ssl, unsigned char *buf, int from) { int len = 12; const char *sender; @@ -3228,16 +3132,17 @@ static void ssl_calc_finished_tls( unsigned char padbuf[36]; mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) + if (!session) { session = ssl->session; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc finished tls")); - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); + mbedtls_md5_init(&md5); + mbedtls_sha1_init(&sha1); - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); + mbedtls_md5_clone(&md5, &ssl->handshake->fin_md5); + mbedtls_sha1_clone(&sha1, &ssl->handshake->fin_sha1); /* * TLSv1: @@ -3246,40 +3151,40 @@ static void ssl_calc_finished_tls( */ #if !defined(MBEDTLS_MD5_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) - md5.state, sizeof( md5.state ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "finished md5 state", (unsigned char *) + md5.state, sizeof(md5.state)); #endif #if !defined(MBEDTLS_SHA1_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) - sha1.state, sizeof( sha1.state ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "finished sha1 state", (unsigned char *) + sha1.state, sizeof(sha1.state)); #endif - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) + sender = (from == MBEDTLS_SSL_IS_CLIENT) ? "client finished" : "server finished"; - mbedtls_md5_finish_ret( &md5, padbuf ); - mbedtls_sha1_finish_ret( &sha1, padbuf + 16 ); + mbedtls_md5_finish_ret(&md5, padbuf); + mbedtls_sha1_finish_ret(&sha1, padbuf + 16); - ssl->handshake->tls_prf( session->master, 48, sender, - padbuf, 36, buf, len ); + ssl->handshake->tls_prf(session->master, 48, sender, + padbuf, 36, buf, len); - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len); - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); + mbedtls_md5_free(&md5); + mbedtls_sha1_free(&sha1); - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); + mbedtls_platform_zeroize(padbuf, sizeof(padbuf)); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished")); } #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) static void ssl_calc_finished_tls_sha256( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) + mbedtls_ssl_context *ssl, unsigned char *buf, int from) { int len = 12; const char *sender; @@ -3293,39 +3198,38 @@ static void ssl_calc_finished_tls_sha256( #endif mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) + if (!session) { session = ssl->session; + } - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) + sender = (from == MBEDTLS_SSL_IS_CLIENT) ? "client finished" : "server finished"; #if defined(MBEDTLS_USE_PSA_CRYPTO) sha256_psa = psa_hash_operation_init(); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha256" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc PSA finished tls sha256")); - status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); + status = psa_hash_clone(&ssl->handshake->fin_sha256_psa, &sha256_psa); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed")); return; } - status = psa_hash_finish( &sha256_psa, padbuf, sizeof( padbuf ), &hash_size ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); + status = psa_hash_finish(&sha256_psa, padbuf, sizeof(padbuf), &hash_size); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed")); return; } - MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 32 ); + MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated padbuf", padbuf, 32); #else - mbedtls_sha256_init( &sha256 ); + mbedtls_sha256_init(&sha256); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha256" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc finished tls sha256")); - mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); + mbedtls_sha256_clone(&sha256, &ssl->handshake->fin_sha256); /* * TLSv1.2: @@ -3334,29 +3238,29 @@ static void ssl_calc_finished_tls_sha256( */ #if !defined(MBEDTLS_SHA256_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha2 state", (unsigned char *) - sha256.state, sizeof( sha256.state ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "finished sha2 state", (unsigned char *) + sha256.state, sizeof(sha256.state)); #endif - mbedtls_sha256_finish_ret( &sha256, padbuf ); - mbedtls_sha256_free( &sha256 ); + mbedtls_sha256_finish_ret(&sha256, padbuf); + mbedtls_sha256_free(&sha256); #endif /* MBEDTLS_USE_PSA_CRYPTO */ - ssl->handshake->tls_prf( session->master, 48, sender, - padbuf, 32, buf, len ); + ssl->handshake->tls_prf(session->master, 48, sender, + padbuf, 32, buf, len); - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len); - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); + mbedtls_platform_zeroize(padbuf, sizeof(padbuf)); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished")); } #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) static void ssl_calc_finished_tls_sha384( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) + mbedtls_ssl_context *ssl, unsigned char *buf, int from) { int len = 12; const char *sender; @@ -3370,38 +3274,37 @@ static void ssl_calc_finished_tls_sha384( #endif mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) + if (!session) { session = ssl->session; + } - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) + sender = (from == MBEDTLS_SSL_IS_CLIENT) ? "client finished" : "server finished"; #if defined(MBEDTLS_USE_PSA_CRYPTO) sha384_psa = psa_hash_operation_init(); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha384" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc PSA finished tls sha384")); - status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); + status = psa_hash_clone(&ssl->handshake->fin_sha384_psa, &sha384_psa); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed")); return; } - status = psa_hash_finish( &sha384_psa, padbuf, sizeof( padbuf ), &hash_size ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); + status = psa_hash_finish(&sha384_psa, padbuf, sizeof(padbuf), &hash_size); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed")); return; } - MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 48 ); + MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated padbuf", padbuf, 48); #else - mbedtls_sha512_init( &sha512 ); + mbedtls_sha512_init(&sha512); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha384" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc finished tls sha384")); - mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); + mbedtls_sha512_clone(&sha512, &ssl->handshake->fin_sha512); /* * TLSv1.2: @@ -3410,8 +3313,8 @@ static void ssl_calc_finished_tls_sha384( */ #if !defined(MBEDTLS_SHA512_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *) - sha512.state, sizeof( sha512.state ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "finished sha512 state", (unsigned char *) + sha512.state, sizeof(sha512.state)); #endif /* mbedtls_sha512_finish_ret's output parameter is declared as a * 64-byte buffer, but since we're using SHA-384, we know that the @@ -3422,60 +3325,58 @@ static void ssl_calc_finished_tls_sha384( #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wstringop-overflow" #endif - mbedtls_sha512_finish_ret( &sha512, padbuf ); + mbedtls_sha512_finish_ret(&sha512, padbuf); #if defined(__GNUC__) && __GNUC__ >= 11 #pragma GCC diagnostic pop #endif - mbedtls_sha512_free( &sha512 ); + mbedtls_sha512_free(&sha512); #endif - ssl->handshake->tls_prf( session->master, 48, sender, - padbuf, 48, buf, len ); + ssl->handshake->tls_prf(session->master, 48, sender, + padbuf, 48, buf, len); - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len); - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); + mbedtls_platform_zeroize(padbuf, sizeof(padbuf)); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished")); } #endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_handshake_wrapup_free_hs_transform(mbedtls_ssl_context *ssl) { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup: final free" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("=> handshake wrapup: final free")); /* * Free our handshake params */ - mbedtls_ssl_handshake_free( ssl ); - mbedtls_free( ssl->handshake ); + mbedtls_ssl_handshake_free(ssl); + mbedtls_free(ssl->handshake); ssl->handshake = NULL; /* * Free the previous transform and switch in the current one */ - if( ssl->transform ) - { - mbedtls_ssl_transform_free( ssl->transform ); - mbedtls_free( ssl->transform ); + if (ssl->transform) { + mbedtls_ssl_transform_free(ssl->transform); + mbedtls_free(ssl->transform); } ssl->transform = ssl->transform_negotiate; ssl->transform_negotiate = NULL; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup: final free" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("<= handshake wrapup: final free")); } -void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context *ssl) { int resume = ssl->handshake->resume; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("=> handshake wrapup")); #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { + if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_DONE; ssl->renego_records_seen = 0; } @@ -3484,16 +3385,15 @@ void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ) /* * Free the previous session and switch in the current one */ - if( ssl->session ) - { + if (ssl->session) { #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) /* RFC 7366 3.1: keep the EtM state */ ssl->session_negotiate->encrypt_then_mac = - ssl->session->encrypt_then_mac; + ssl->session->encrypt_then_mac; #endif - mbedtls_ssl_session_free( ssl->session ); - mbedtls_free( ssl->session ); + mbedtls_ssl_session_free(ssl->session); + mbedtls_free(ssl->session); } ssl->session = ssl->session_negotiate; ssl->session_negotiate = NULL; @@ -3501,43 +3401,41 @@ void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ) /* * Add cache entry */ - if( ssl->conf->f_set_cache != NULL && + if (ssl->conf->f_set_cache != NULL && ssl->session->id_len != 0 && - resume == 0 ) - { - if( ssl->conf->f_set_cache( ssl->conf->p_cache, ssl->session ) != 0 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "cache did not store session" ) ); + resume == 0) { + if (ssl->conf->f_set_cache(ssl->conf->p_cache, ssl->session) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("cache did not store session")); + } } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->flight != NULL ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->flight != NULL) { /* Cancel handshake timer */ - mbedtls_ssl_set_timer( ssl, 0 ); + mbedtls_ssl_set_timer(ssl, 0); /* Keep last flight around in case we need to resend it: * we need the handshake and transform structures for that */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip freeing handshake and transform" ) ); - } - else + MBEDTLS_SSL_DEBUG_MSG(3, ("skip freeing handshake and transform")); + } else #endif - mbedtls_ssl_handshake_wrapup_free_hs_transform( ssl ); + mbedtls_ssl_handshake_wrapup_free_hs_transform(ssl); ssl->state++; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("<= handshake wrapup")); } -int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl) { int ret, hash_len; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write finished")); - mbedtls_ssl_update_out_pointers( ssl, ssl->transform_negotiate ); + mbedtls_ssl_update_out_pointers(ssl, ssl->transform_negotiate); - ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint ); + ssl->handshake->calc_finished(ssl, ssl->out_msg + 4, ssl->conf->endpoint); /* * RFC 5246 7.4.9 (Page 63) says 12 is the default length and ciphersuites @@ -3545,11 +3443,11 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) * ciphersuite does this (and this is unlikely to change as activity has * moved to TLS 1.3 now) so we can keep the hardcoded 12 here. */ - hash_len = ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) ? 36 : 12; + hash_len = (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) ? 36 : 12; #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->verify_data_len = hash_len; - memcpy( ssl->own_verify_data, ssl->out_msg + 4, hash_len ); + memcpy(ssl->own_verify_data, ssl->out_msg + 4, hash_len); #endif ssl->out_msglen = 4 + hash_len; @@ -3560,91 +3458,88 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) * In case of session resuming, invert the client and server * ChangeCipherSpec messages order. */ - if( ssl->handshake->resume != 0 ) - { + if (ssl->handshake->resume != 0) { #if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; + } #endif #if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC; + } #endif - } - else + } else { ssl->state++; + } /* * Switch to our negotiated transform and session parameters for outbound * data. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("switching to new transform spec for outbound data")); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { unsigned char i; /* Remember current epoch settings for resending */ ssl->handshake->alt_transform_out = ssl->transform_out; - memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8 ); + memcpy(ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8); /* Set sequence_number to zero */ - memset( ssl->cur_out_ctr + 2, 0, 6 ); + memset(ssl->cur_out_ctr + 2, 0, 6); /* Increment epoch */ - for( i = 2; i > 0; i-- ) - if( ++ssl->cur_out_ctr[i - 1] != 0 ) + for (i = 2; i > 0; i--) { + if (++ssl->cur_out_ctr[i - 1] != 0) { break; + } + } /* The loop goes to its end iff the counter is wrapping */ - if( i == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + if (i == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("DTLS epoch would wrap")); + return MBEDTLS_ERR_SSL_COUNTER_WRAPPING; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ - memset( ssl->cur_out_ctr, 0, 8 ); + memset(ssl->cur_out_ctr, 0, 8); ssl->transform_out = ssl->transform_negotiate; ssl->session_out = ssl->session_negotiate; #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_activate != NULL ) - { - if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + if (mbedtls_ssl_hw_record_activate != NULL) { + if ((ret = mbedtls_ssl_hw_record_activate(ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_activate", ret); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } } #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_send_flight_completed( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_send_flight_completed(ssl); + } #endif - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flight_transmit", ret); + return ret; } #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write finished")); - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_SSL3) @@ -3653,118 +3548,116 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) #define SSL_MAX_HASH_LEN 12 #endif -int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned int hash_len; unsigned char buf[SSL_MAX_HASH_LEN]; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse finished")); /* There is currently no ciphersuite using another length with TLS 1.2 */ #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { hash_len = 36; - else + } else #endif - hash_len = 12; + hash_len = 12; - ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 ); + ssl->handshake->calc_finished(ssl, buf, ssl->conf->endpoint ^ 1); - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); goto exit; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad finished message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; goto exit; } - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + if (ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + hash_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad finished message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); ret = MBEDTLS_ERR_SSL_BAD_HS_FINISHED; goto exit; } - if( mbedtls_ct_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), - buf, hash_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR ); + if (mbedtls_ct_memcmp(ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl), + buf, hash_len) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad finished message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR); ret = MBEDTLS_ERR_SSL_BAD_HS_FINISHED; goto exit; } #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->verify_data_len = hash_len; - memcpy( ssl->peer_verify_data, buf, hash_len ); + memcpy(ssl->peer_verify_data, buf, hash_len); #endif - if( ssl->handshake->resume != 0 ) - { + if (ssl->handshake->resume != 0) { #if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC; + } #endif #if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; + } #endif - } - else + } else { ssl->state++; + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_recv_flight_completed( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_recv_flight_completed(ssl); + } #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse finished")); exit: - mbedtls_platform_zeroize( buf, hash_len ); - return( ret ); + mbedtls_platform_zeroize(buf, hash_len); + return ret; } -static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) +static void ssl_handshake_params_init(mbedtls_ssl_handshake_params *handshake) { - memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) ); + memset(handshake, 0, sizeof(mbedtls_ssl_handshake_params)); #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_init( &handshake->fin_md5 ); - mbedtls_sha1_init( &handshake->fin_sha1 ); - mbedtls_md5_starts_ret( &handshake->fin_md5 ); - mbedtls_sha1_starts_ret( &handshake->fin_sha1 ); + mbedtls_md5_init(&handshake->fin_md5); + mbedtls_sha1_init(&handshake->fin_sha1); + mbedtls_md5_starts_ret(&handshake->fin_md5); + mbedtls_sha1_starts_ret(&handshake->fin_sha1); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) handshake->fin_sha256_psa = psa_hash_operation_init(); - psa_hash_setup( &handshake->fin_sha256_psa, PSA_ALG_SHA_256 ); + psa_hash_setup(&handshake->fin_sha256_psa, PSA_ALG_SHA_256); #else - mbedtls_sha256_init( &handshake->fin_sha256 ); - mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 ); + mbedtls_sha256_init(&handshake->fin_sha256); + mbedtls_sha256_starts_ret(&handshake->fin_sha256, 0); #endif #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) handshake->fin_sha384_psa = psa_hash_operation_init(); - psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); + psa_hash_setup(&handshake->fin_sha384_psa, PSA_ALG_SHA_384); #else - mbedtls_sha512_init( &handshake->fin_sha512 ); - mbedtls_sha512_starts_ret( &handshake->fin_sha512, 1 ); + mbedtls_sha512_init(&handshake->fin_sha512); + mbedtls_sha512_starts_ret(&handshake->fin_sha512, 1); #endif #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -3773,17 +3666,17 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - mbedtls_ssl_sig_hash_set_init( &handshake->hash_algs ); + mbedtls_ssl_sig_hash_set_init(&handshake->hash_algs); #endif #if defined(MBEDTLS_DHM_C) - mbedtls_dhm_init( &handshake->dhm_ctx ); + mbedtls_dhm_init(&handshake->dhm_ctx); #endif #if defined(MBEDTLS_ECDH_C) - mbedtls_ecdh_init( &handshake->ecdh_ctx ); + mbedtls_ecdh_init(&handshake->ecdh_ctx); #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - mbedtls_ecjpake_init( &handshake->ecjpake_ctx ); + mbedtls_ecjpake_init(&handshake->ecjpake_ctx); #if defined(MBEDTLS_SSL_CLI_C) handshake->ecjpake_cache = NULL; handshake->ecjpake_cache_len = 0; @@ -3791,7 +3684,7 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) #endif #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - mbedtls_x509_crt_restart_init( &handshake->ecrs_ctx ); + mbedtls_x509_crt_restart_init(&handshake->ecrs_ctx); #endif #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) @@ -3800,110 +3693,109 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_pk_init( &handshake->peer_pubkey ); + mbedtls_pk_init(&handshake->peer_pubkey); #endif } -void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform ) +void mbedtls_ssl_transform_init(mbedtls_ssl_transform *transform) { - memset( transform, 0, sizeof(mbedtls_ssl_transform) ); + memset(transform, 0, sizeof(mbedtls_ssl_transform)); - mbedtls_cipher_init( &transform->cipher_ctx_enc ); - mbedtls_cipher_init( &transform->cipher_ctx_dec ); + mbedtls_cipher_init(&transform->cipher_ctx_enc); + mbedtls_cipher_init(&transform->cipher_ctx_dec); #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - mbedtls_md_init( &transform->md_ctx_enc ); - mbedtls_md_init( &transform->md_ctx_dec ); + mbedtls_md_init(&transform->md_ctx_enc); + mbedtls_md_init(&transform->md_ctx_dec); #endif } -void mbedtls_ssl_session_init( mbedtls_ssl_session *session ) +void mbedtls_ssl_session_init(mbedtls_ssl_session *session) { - memset( session, 0, sizeof(mbedtls_ssl_session) ); + memset(session, 0, sizeof(mbedtls_ssl_session)); } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_handshake_init( mbedtls_ssl_context *ssl ) +static int ssl_handshake_init(mbedtls_ssl_context *ssl) { /* Clear old handshake information if present */ - if( ssl->transform_negotiate ) - mbedtls_ssl_transform_free( ssl->transform_negotiate ); - if( ssl->session_negotiate ) - mbedtls_ssl_session_free( ssl->session_negotiate ); - if( ssl->handshake ) - mbedtls_ssl_handshake_free( ssl ); + if (ssl->transform_negotiate) { + mbedtls_ssl_transform_free(ssl->transform_negotiate); + } + if (ssl->session_negotiate) { + mbedtls_ssl_session_free(ssl->session_negotiate); + } + if (ssl->handshake) { + mbedtls_ssl_handshake_free(ssl); + } /* * Either the pointers are now NULL or cleared properly and can be freed. * Now allocate missing structures. */ - if( ssl->transform_negotiate == NULL ) - { - ssl->transform_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_transform) ); + if (ssl->transform_negotiate == NULL) { + ssl->transform_negotiate = mbedtls_calloc(1, sizeof(mbedtls_ssl_transform)); } - if( ssl->session_negotiate == NULL ) - { - ssl->session_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_session) ); + if (ssl->session_negotiate == NULL) { + ssl->session_negotiate = mbedtls_calloc(1, sizeof(mbedtls_ssl_session)); } - if( ssl->handshake == NULL ) - { - ssl->handshake = mbedtls_calloc( 1, sizeof(mbedtls_ssl_handshake_params) ); + if (ssl->handshake == NULL) { + ssl->handshake = mbedtls_calloc(1, sizeof(mbedtls_ssl_handshake_params)); } #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) /* If the buffers are too small - reallocate */ - handle_buffer_resizing( ssl, 0, MBEDTLS_SSL_IN_BUFFER_LEN, - MBEDTLS_SSL_OUT_BUFFER_LEN ); + handle_buffer_resizing(ssl, 0, MBEDTLS_SSL_IN_BUFFER_LEN, + MBEDTLS_SSL_OUT_BUFFER_LEN); #endif /* All pointers should exist and can be directly freed without issue */ - if( ssl->handshake == NULL || + if (ssl->handshake == NULL || ssl->transform_negotiate == NULL || - ssl->session_negotiate == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc() of ssl sub-contexts failed" ) ); + ssl->session_negotiate == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc() of ssl sub-contexts failed")); - mbedtls_free( ssl->handshake ); - mbedtls_free( ssl->transform_negotiate ); - mbedtls_free( ssl->session_negotiate ); + mbedtls_free(ssl->handshake); + mbedtls_free(ssl->transform_negotiate); + mbedtls_free(ssl->session_negotiate); ssl->handshake = NULL; ssl->transform_negotiate = NULL; ssl->session_negotiate = NULL; - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } /* Initialize structures */ - mbedtls_ssl_session_init( ssl->session_negotiate ); - mbedtls_ssl_transform_init( ssl->transform_negotiate ); - ssl_handshake_params_init( ssl->handshake ); + mbedtls_ssl_session_init(ssl->session_negotiate); + mbedtls_ssl_transform_init(ssl->transform_negotiate); + ssl_handshake_params_init(ssl->handshake); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { ssl->handshake->alt_transform_out = ssl->transform_out; - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; - else + } else { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; + } - mbedtls_ssl_set_timer( ssl, 0 ); + mbedtls_ssl_set_timer(ssl, 0); } #endif - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) /* Dummy cookie callbacks for defaults */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_cookie_write_dummy( void *ctx, - unsigned char **p, unsigned char *end, - const unsigned char *cli_id, size_t cli_id_len ) +static int ssl_cookie_write_dummy(void *ctx, + unsigned char **p, unsigned char *end, + const unsigned char *cli_id, size_t cli_id_len) { ((void) ctx); ((void) p); @@ -3911,13 +3803,13 @@ static int ssl_cookie_write_dummy( void *ctx, ((void) cli_id); ((void) cli_id_len); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_cookie_check_dummy( void *ctx, - const unsigned char *cookie, size_t cookie_len, - const unsigned char *cli_id, size_t cli_id_len ) +static int ssl_cookie_check_dummy(void *ctx, + const unsigned char *cookie, size_t cookie_len, + const unsigned char *cli_id, size_t cli_id_len) { ((void) ctx); ((void) cookie); @@ -3925,24 +3817,24 @@ static int ssl_cookie_check_dummy( void *ctx, ((void) cli_id); ((void) cli_id_len); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ /* * Initialize an SSL context */ -void mbedtls_ssl_init( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_init(mbedtls_ssl_context *ssl) { - memset( ssl, 0, sizeof( mbedtls_ssl_context ) ); + memset(ssl, 0, sizeof(mbedtls_ssl_context)); } /* * Setup an SSL context */ -int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, - const mbedtls_ssl_config *conf ) +int mbedtls_ssl_setup(mbedtls_ssl_context *ssl, + const mbedtls_ssl_config *conf) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; @@ -3960,10 +3852,9 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) ssl->in_buf_len = in_buf_len; #endif - ssl->in_buf = mbedtls_calloc( 1, in_buf_len ); - if( ssl->in_buf == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", in_buf_len ) ); + ssl->in_buf = mbedtls_calloc(1, in_buf_len); + if (ssl->in_buf == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", in_buf_len)); ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto error; } @@ -3971,28 +3862,28 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) ssl->out_buf_len = out_buf_len; #endif - ssl->out_buf = mbedtls_calloc( 1, out_buf_len ); - if( ssl->out_buf == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", out_buf_len ) ); + ssl->out_buf = mbedtls_calloc(1, out_buf_len); + if (ssl->out_buf == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", out_buf_len)); ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto error; } - mbedtls_ssl_reset_in_out_pointers( ssl ); + mbedtls_ssl_reset_in_out_pointers(ssl); #if defined(MBEDTLS_SSL_DTLS_SRTP) - memset( &ssl->dtls_srtp_info, 0, sizeof(ssl->dtls_srtp_info) ); + memset(&ssl->dtls_srtp_info, 0, sizeof(ssl->dtls_srtp_info)); #endif - if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) + if ((ret = ssl_handshake_init(ssl)) != 0) { goto error; + } - return( 0 ); + return 0; error: - mbedtls_free( ssl->in_buf ); - mbedtls_free( ssl->out_buf ); + mbedtls_free(ssl->in_buf); + mbedtls_free(ssl->out_buf); ssl->conf = NULL; @@ -4015,7 +3906,7 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, ssl->out_iv = NULL; ssl->out_msg = NULL; - return( ret ); + return ret; } /* @@ -4025,7 +3916,7 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, * If partial is non-zero, keep data in the input buffer and client ID. * (Use when a DTLS client reconnects from the same port.) */ -int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) +int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) @@ -4044,20 +3935,20 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->state = MBEDTLS_SSL_HELLO_REQUEST; /* Cancel any possibly running timer */ - mbedtls_ssl_set_timer( ssl, 0 ); + mbedtls_ssl_set_timer(ssl, 0); #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->renego_status = MBEDTLS_SSL_INITIAL_HANDSHAKE; ssl->renego_records_seen = 0; ssl->verify_data_len = 0; - memset( ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); - memset( ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); + memset(ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN); + memset(ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN); #endif ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION; ssl->in_offt = NULL; - mbedtls_ssl_reset_in_out_pointers( ssl ); + mbedtls_ssl_reset_in_out_pointers(ssl); ssl->in_msgtype = 0; ssl->in_msglen = 0; @@ -4066,7 +3957,7 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->in_epoch = 0; #endif #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - mbedtls_ssl_dtls_replay_reset( ssl ); + mbedtls_ssl_dtls_replay_reset(ssl); #endif ssl->in_hslen = 0; @@ -4078,11 +3969,12 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->out_msglen = 0; ssl->out_left = 0; #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - if( ssl->split_done != MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ) + if (ssl->split_done != MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED) { ssl->split_done = 0; + } #endif - memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); + memset(ssl->cur_out_ctr, 0, sizeof(ssl->cur_out_ctr)); ssl->transform_in = NULL; ssl->transform_out = NULL; @@ -4090,42 +3982,38 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->session_in = NULL; ssl->session_out = NULL; - memset( ssl->out_buf, 0, out_buf_len ); + memset(ssl->out_buf, 0, out_buf_len); int clear_in_buf = 1; #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) - if( partial != 0 ) + if (partial != 0) { clear_in_buf = 0; + } #endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ - if( clear_in_buf ) - { + if (clear_in_buf) { ssl->in_left = 0; - memset( ssl->in_buf, 0, in_buf_len ); + memset(ssl->in_buf, 0, in_buf_len); } #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_reset != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_reset()" ) ); - if( ( ret = mbedtls_ssl_hw_record_reset( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_reset", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + if (mbedtls_ssl_hw_record_reset != NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_reset()")); + if ((ret = mbedtls_ssl_hw_record_reset(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_reset", ret); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } } #endif - if( ssl->transform ) - { - mbedtls_ssl_transform_free( ssl->transform ); - mbedtls_free( ssl->transform ); + if (ssl->transform) { + mbedtls_ssl_transform_free(ssl->transform); + mbedtls_free(ssl->transform); ssl->transform = NULL; } - if( ssl->session ) - { - mbedtls_ssl_session_free( ssl->session ); - mbedtls_free( ssl->session ); + if (ssl->session) { + mbedtls_ssl_session_free(ssl->session); + mbedtls_free(ssl->session); ssl->session = NULL; } @@ -4136,54 +4024,55 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) int free_cli_id = 1; #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) - if( partial != 0 ) + if (partial != 0) { free_cli_id = 0; + } #endif - if( free_cli_id ) - { - mbedtls_free( ssl->cli_id ); + if (free_cli_id) { + mbedtls_free(ssl->cli_id); ssl->cli_id = NULL; ssl->cli_id_len = 0; } #endif - if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) - return( ret ); + if ((ret = ssl_handshake_init(ssl)) != 0) { + return ret; + } - return( 0 ); + return 0; } /* * Reset an initialized and used SSL context for re-use while retaining * all application-set variables, function pointers and data. */ -int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl) { - return( mbedtls_ssl_session_reset_int( ssl, 0 ) ); + return mbedtls_ssl_session_reset_int(ssl, 0); } /* * SSL set accessors */ -void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ) +void mbedtls_ssl_conf_endpoint(mbedtls_ssl_config *conf, int endpoint) { conf->endpoint = endpoint; } -void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ) +void mbedtls_ssl_conf_transport(mbedtls_ssl_config *conf, int transport) { conf->transport = transport; } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ) +void mbedtls_ssl_conf_dtls_anti_replay(mbedtls_ssl_config *conf, char mode) { conf->anti_replay = mode; } #endif #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) -void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ) +void mbedtls_ssl_conf_dtls_badmac_limit(mbedtls_ssl_config *conf, unsigned limit) { conf->badmac_limit = limit; } @@ -4191,56 +4080,56 @@ void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limi #if defined(MBEDTLS_SSL_PROTO_DTLS) -void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl, - unsigned allow_packing ) +void mbedtls_ssl_set_datagram_packing(mbedtls_ssl_context *ssl, + unsigned allow_packing) { ssl->disable_datagram_packing = !allow_packing; } -void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, - uint32_t min, uint32_t max ) +void mbedtls_ssl_conf_handshake_timeout(mbedtls_ssl_config *conf, + uint32_t min, uint32_t max) { conf->hs_timeout_min = min; conf->hs_timeout_max = max; } #endif -void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ) +void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode) { conf->authmode = authmode; } #if defined(MBEDTLS_X509_CRT_PARSE_C) -void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) +void mbedtls_ssl_conf_verify(mbedtls_ssl_config *conf, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy) { conf->f_vrfy = f_vrfy; conf->p_vrfy = p_vrfy; } #endif /* MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +void mbedtls_ssl_conf_rng(mbedtls_ssl_config *conf, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { conf->f_rng = f_rng; conf->p_rng = p_rng; } -void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, - void (*f_dbg)(void *, int, const char *, int, const char *), - void *p_dbg ) +void mbedtls_ssl_conf_dbg(mbedtls_ssl_config *conf, + void (*f_dbg)(void *, int, const char *, int, const char *), + void *p_dbg) { conf->f_dbg = f_dbg; conf->p_dbg = p_dbg; } -void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, - void *p_bio, - mbedtls_ssl_send_t *f_send, - mbedtls_ssl_recv_t *f_recv, - mbedtls_ssl_recv_timeout_t *f_recv_timeout ) +void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl, + void *p_bio, + mbedtls_ssl_send_t *f_send, + mbedtls_ssl_recv_t *f_recv, + mbedtls_ssl_recv_timeout_t *f_recv_timeout) { ssl->p_bio = p_bio; ssl->f_send = f_send; @@ -4249,35 +4138,35 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_PROTO_DTLS) -void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu ) +void mbedtls_ssl_set_mtu(mbedtls_ssl_context *ssl, uint16_t mtu) { ssl->mtu = mtu; } #endif -void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) +void mbedtls_ssl_conf_read_timeout(mbedtls_ssl_config *conf, uint32_t timeout) { conf->read_timeout = timeout; } -void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, - void *p_timer, - mbedtls_ssl_set_timer_t *f_set_timer, - mbedtls_ssl_get_timer_t *f_get_timer ) +void mbedtls_ssl_set_timer_cb(mbedtls_ssl_context *ssl, + void *p_timer, + mbedtls_ssl_set_timer_t *f_set_timer, + mbedtls_ssl_get_timer_t *f_get_timer) { ssl->p_timer = p_timer; ssl->f_set_timer = f_set_timer; ssl->f_get_timer = f_get_timer; /* Make sure we start with no timer running */ - mbedtls_ssl_set_timer( ssl, 0 ); + mbedtls_ssl_set_timer(ssl, 0); } #if defined(MBEDTLS_SSL_SRV_C) -void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, - void *p_cache, - int (*f_get_cache)(void *, mbedtls_ssl_session *), - int (*f_set_cache)(void *, const mbedtls_ssl_session *) ) +void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf, + void *p_cache, + int (*f_get_cache)(void *, mbedtls_ssl_session *), + int (*f_set_cache)(void *, const mbedtls_ssl_session *)) { conf->p_cache = p_cache; conf->f_get_cache = f_get_cache; @@ -4286,30 +4175,30 @@ void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, #endif /* MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_CLI_C) -int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session ) +int mbedtls_ssl_set_session(mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ssl == NULL || + if (ssl == NULL || session == NULL || ssl->session_negotiate == NULL || - ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( ( ret = mbedtls_ssl_session_copy( ssl->session_negotiate, - session ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ssl_session_copy(ssl->session_negotiate, + session)) != 0) { + return ret; + } ssl->handshake->resume = 1; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_CLI_C */ -void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, - const int *ciphersuites ) +void mbedtls_ssl_conf_ciphersuites(mbedtls_ssl_config *conf, + const int *ciphersuites) { conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites; conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = ciphersuites; @@ -4317,68 +4206,69 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites; } -void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, - const int *ciphersuites, - int major, int minor ) +void mbedtls_ssl_conf_ciphersuites_for_version(mbedtls_ssl_config *conf, + const int *ciphersuites, + int major, int minor) { - if( major != MBEDTLS_SSL_MAJOR_VERSION_3 ) + if (major != MBEDTLS_SSL_MAJOR_VERSION_3) { return; + } - if( minor < MBEDTLS_SSL_MINOR_VERSION_0 || minor > MBEDTLS_SSL_MINOR_VERSION_3 ) + if (minor < MBEDTLS_SSL_MINOR_VERSION_0 || minor > MBEDTLS_SSL_MINOR_VERSION_3) { return; + } conf->ciphersuite_list[minor] = ciphersuites; } #if defined(MBEDTLS_X509_CRT_PARSE_C) -void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, - const mbedtls_x509_crt_profile *profile ) +void mbedtls_ssl_conf_cert_profile(mbedtls_ssl_config *conf, + const mbedtls_x509_crt_profile *profile) { conf->cert_profile = profile; } /* Append a new keycert entry to a (possibly empty) list */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_append_key_cert( mbedtls_ssl_key_cert **head, - mbedtls_x509_crt *cert, - mbedtls_pk_context *key ) +static int ssl_append_key_cert(mbedtls_ssl_key_cert **head, + mbedtls_x509_crt *cert, + mbedtls_pk_context *key) { mbedtls_ssl_key_cert *new_cert; - new_cert = mbedtls_calloc( 1, sizeof( mbedtls_ssl_key_cert ) ); - if( new_cert == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + new_cert = mbedtls_calloc(1, sizeof(mbedtls_ssl_key_cert)); + if (new_cert == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } new_cert->cert = cert; new_cert->key = key; new_cert->next = NULL; /* Update head is the list was null, else add to the end */ - if( *head == NULL ) - { + if (*head == NULL) { *head = new_cert; - } - else - { + } else { mbedtls_ssl_key_cert *cur = *head; - while( cur->next != NULL ) + while (cur->next != NULL) { cur = cur->next; + } cur->next = new_cert; } - return( 0 ); + return 0; } -int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, +int mbedtls_ssl_conf_own_cert(mbedtls_ssl_config *conf, mbedtls_x509_crt *own_cert, - mbedtls_pk_context *pk_key ) + mbedtls_pk_context *pk_key) { - return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) ); + return ssl_append_key_cert(&conf->key_cert, own_cert, pk_key); } -void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, +void mbedtls_ssl_conf_ca_chain(mbedtls_ssl_config *conf, mbedtls_x509_crt *ca_chain, - mbedtls_x509_crl *ca_crl ) + mbedtls_x509_crl *ca_crl) { conf->ca_chain = ca_chain; conf->ca_crl = ca_crl; @@ -4392,9 +4282,9 @@ void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, } #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb ) +void mbedtls_ssl_conf_ca_cb(mbedtls_ssl_config *conf, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb) { conf->f_ca_cb = f_ca_cb; conf->p_ca_cb = p_ca_cb; @@ -4408,33 +4298,33 @@ void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) -int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *own_cert, - mbedtls_pk_context *pk_key ) +int mbedtls_ssl_set_hs_own_cert(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *own_cert, + mbedtls_pk_context *pk_key) { - return( ssl_append_key_cert( &ssl->handshake->sni_key_cert, - own_cert, pk_key ) ); + return ssl_append_key_cert(&ssl->handshake->sni_key_cert, + own_cert, pk_key); } -void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *ca_chain, - mbedtls_x509_crl *ca_crl ) +void mbedtls_ssl_set_hs_ca_chain(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *ca_chain, + mbedtls_x509_crl *ca_crl) { ssl->handshake->sni_ca_chain = ca_chain; ssl->handshake->sni_ca_crl = ca_crl; } -void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, - int authmode ) +void mbedtls_ssl_set_hs_authmode(mbedtls_ssl_context *ssl, + int authmode) { ssl->handshake->sni_authmode = authmode; } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) +void mbedtls_ssl_set_verify(mbedtls_ssl_context *ssl, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy) { ssl->f_vrfy = f_vrfy; ssl->p_vrfy = p_vrfy; @@ -4445,36 +4335,37 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, /* * Set EC J-PAKE password for current handshake */ -int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, - const unsigned char *pw, - size_t pw_len ) +int mbedtls_ssl_set_hs_ecjpake_password(mbedtls_ssl_context *ssl, + const unsigned char *pw, + size_t pw_len) { mbedtls_ecjpake_role role; - if( ssl->handshake == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->handshake == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { role = MBEDTLS_ECJPAKE_SERVER; - else + } else { role = MBEDTLS_ECJPAKE_CLIENT; + } - return( mbedtls_ecjpake_setup( &ssl->handshake->ecjpake_ctx, - role, - MBEDTLS_MD_SHA256, - MBEDTLS_ECP_DP_SECP256R1, - pw, pw_len ) ); + return mbedtls_ecjpake_setup(&ssl->handshake->ecjpake_ctx, + role, + MBEDTLS_MD_SHA256, + MBEDTLS_ECP_DP_SECP256R1, + pw, pw_len); } #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) +static void ssl_conf_remove_psk(mbedtls_ssl_config *conf) { /* Remove reference to existing PSK, if any. */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) ) - { + if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) { /* The maintenance of the PSK key slot is the * user's responsibility. */ conf->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT; @@ -4485,19 +4376,17 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) * configured simultaneously. As a safeguard, * though, `else` is omitted here. */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( conf->psk != NULL ) - { - mbedtls_platform_zeroize( conf->psk, conf->psk_len ); + if (conf->psk != NULL) { + mbedtls_platform_zeroize(conf->psk, conf->psk_len); - mbedtls_free( conf->psk ); + mbedtls_free(conf->psk); conf->psk = NULL; conf->psk_len = 0; } /* Remove reference to PSK identity, if any. */ - if( conf->psk_identity != NULL ) - { - mbedtls_free( conf->psk_identity ); + if (conf->psk_identity != NULL) { + mbedtls_free(conf->psk_identity); conf->psk_identity = NULL; conf->psk_identity_len = 0; } @@ -4508,136 +4397,144 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) * to make a copy of it in the SSL config. * On failure, the PSK identity in the config remains unset. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_conf_set_psk_identity( mbedtls_ssl_config *conf, - unsigned char const *psk_identity, - size_t psk_identity_len ) +static int ssl_conf_set_psk_identity(mbedtls_ssl_config *conf, + unsigned char const *psk_identity, + size_t psk_identity_len) { /* Identity len will be encoded on two bytes */ - if( psk_identity == NULL || - ( psk_identity_len >> 16 ) != 0 || - psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (psk_identity == NULL || + (psk_identity_len >> 16) != 0 || + psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ); - if( conf->psk_identity == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + conf->psk_identity = mbedtls_calloc(1, psk_identity_len); + if (conf->psk_identity == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } conf->psk_identity_len = psk_identity_len; - memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len ); + memcpy(conf->psk_identity, psk_identity, conf->psk_identity_len); - return( 0 ); + return 0; } -int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, - const unsigned char *psk, size_t psk_len, - const unsigned char *psk_identity, size_t psk_identity_len ) +int mbedtls_ssl_conf_psk(mbedtls_ssl_config *conf, + const unsigned char *psk, size_t psk_len, + const unsigned char *psk_identity, size_t psk_identity_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Remove opaque/raw PSK + PSK Identity */ - ssl_conf_remove_psk( conf ); + ssl_conf_remove_psk(conf); /* Check and set raw PSK */ - if( psk == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( psk_len == 0 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( psk_len > MBEDTLS_PSK_MAX_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if (psk == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + if (psk_len == 0) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + if (psk_len > MBEDTLS_PSK_MAX_LEN) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + if ((conf->psk = mbedtls_calloc(1, psk_len)) == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } conf->psk_len = psk_len; - memcpy( conf->psk, psk, conf->psk_len ); + memcpy(conf->psk, psk, conf->psk_len); /* Check and set PSK Identity */ - ret = ssl_conf_set_psk_identity( conf, psk_identity, psk_identity_len ); - if( ret != 0 ) - ssl_conf_remove_psk( conf ); + ret = ssl_conf_set_psk_identity(conf, psk_identity, psk_identity_len); + if (ret != 0) { + ssl_conf_remove_psk(conf); + } - return( ret ); + return ret; } -static void ssl_remove_psk( mbedtls_ssl_context *ssl ) +static void ssl_remove_psk(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) - { + if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT; - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ssl->handshake->psk != NULL ) - { - mbedtls_platform_zeroize( ssl->handshake->psk, - ssl->handshake->psk_len ); - mbedtls_free( ssl->handshake->psk ); + if (ssl->handshake->psk != NULL) { + mbedtls_platform_zeroize(ssl->handshake->psk, + ssl->handshake->psk_len); + mbedtls_free(ssl->handshake->psk); ssl->handshake->psk_len = 0; } } -int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, - const unsigned char *psk, size_t psk_len ) +int mbedtls_ssl_set_hs_psk(mbedtls_ssl_context *ssl, + const unsigned char *psk, size_t psk_len) { - if( psk == NULL || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (psk == NULL || ssl->handshake == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( psk_len > MBEDTLS_PSK_MAX_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (psk_len > MBEDTLS_PSK_MAX_LEN) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ssl_remove_psk( ssl ); + ssl_remove_psk(ssl); - if( ( ssl->handshake->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if ((ssl->handshake->psk = mbedtls_calloc(1, psk_len)) == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } ssl->handshake->psk_len = psk_len; - memcpy( ssl->handshake->psk, psk, ssl->handshake->psk_len ); + memcpy(ssl->handshake->psk, psk, ssl->handshake->psk_len); - return( 0 ); + return 0; } #if defined(MBEDTLS_USE_PSA_CRYPTO) -int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, - psa_key_id_t psk, - const unsigned char *psk_identity, - size_t psk_identity_len ) +int mbedtls_ssl_conf_psk_opaque(mbedtls_ssl_config *conf, + psa_key_id_t psk, + const unsigned char *psk_identity, + size_t psk_identity_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Clear opaque/raw PSK + PSK Identity, if present. */ - ssl_conf_remove_psk( conf ); + ssl_conf_remove_psk(conf); /* Check and set opaque PSK */ - if( mbedtls_svc_key_id_is_null( psk ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (mbedtls_svc_key_id_is_null(psk)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } conf->psk_opaque = psk; /* Check and set PSK Identity */ - ret = ssl_conf_set_psk_identity( conf, psk_identity, - psk_identity_len ); - if( ret != 0 ) - ssl_conf_remove_psk( conf ); + ret = ssl_conf_set_psk_identity(conf, psk_identity, + psk_identity_len); + if (ret != 0) { + ssl_conf_remove_psk(conf); + } - return( ret ); + return ret; } -int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, - psa_key_id_t psk ) +int mbedtls_ssl_set_hs_psk_opaque(mbedtls_ssl_context *ssl, + psa_key_id_t psk) { - if( ( mbedtls_svc_key_id_is_null( psk ) ) || - ( ssl->handshake == NULL ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((mbedtls_svc_key_id_is_null(psk)) || + (ssl->handshake == NULL)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ssl_remove_psk( ssl ); + ssl_remove_psk(ssl); ssl->handshake->psk_opaque = psk; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ -void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, - int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, - size_t), - void *p_psk ) +void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf, + int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, + size_t), + void *p_psk) { conf->f_psk = f_psk; conf->p_psk = p_psk; @@ -4647,58 +4544,55 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) #if !defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G ) +int mbedtls_ssl_conf_dh_param(mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_mpi_read_string( &conf->dhm_P, 16, dhm_P ) ) != 0 || - ( ret = mbedtls_mpi_read_string( &conf->dhm_G, 16, dhm_G ) ) != 0 ) - { - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); - return( ret ); + if ((ret = mbedtls_mpi_read_string(&conf->dhm_P, 16, dhm_P)) != 0 || + (ret = mbedtls_mpi_read_string(&conf->dhm_G, 16, dhm_G)) != 0) { + mbedtls_mpi_free(&conf->dhm_P); + mbedtls_mpi_free(&conf->dhm_G); + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_DEPRECATED_REMOVED */ -int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf, - const unsigned char *dhm_P, size_t P_len, - const unsigned char *dhm_G, size_t G_len ) +int mbedtls_ssl_conf_dh_param_bin(mbedtls_ssl_config *conf, + const unsigned char *dhm_P, size_t P_len, + const unsigned char *dhm_G, size_t G_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); + mbedtls_mpi_free(&conf->dhm_P); + mbedtls_mpi_free(&conf->dhm_G); - if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_P, P_len ) ) != 0 || - ( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_G, G_len ) ) != 0 ) - { - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); - return( ret ); + if ((ret = mbedtls_mpi_read_binary(&conf->dhm_P, dhm_P, P_len)) != 0 || + (ret = mbedtls_mpi_read_binary(&conf->dhm_G, dhm_G, G_len)) != 0) { + mbedtls_mpi_free(&conf->dhm_P); + mbedtls_mpi_free(&conf->dhm_G); + return ret; } - return( 0 ); + return 0; } -int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ) +int mbedtls_ssl_conf_dh_param_ctx(mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); + mbedtls_mpi_free(&conf->dhm_P); + mbedtls_mpi_free(&conf->dhm_G); - if( ( ret = mbedtls_mpi_copy( &conf->dhm_P, &dhm_ctx->P ) ) != 0 || - ( ret = mbedtls_mpi_copy( &conf->dhm_G, &dhm_ctx->G ) ) != 0 ) - { - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); - return( ret ); + if ((ret = mbedtls_mpi_copy(&conf->dhm_P, &dhm_ctx->P)) != 0 || + (ret = mbedtls_mpi_copy(&conf->dhm_G, &dhm_ctx->G)) != 0) { + mbedtls_mpi_free(&conf->dhm_P); + mbedtls_mpi_free(&conf->dhm_G); + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_SRV_C */ @@ -4706,8 +4600,8 @@ int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context /* * Set the minimum length for Diffie-Hellman parameters */ -void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, - unsigned int bitlen ) +void mbedtls_ssl_conf_dhm_min_bitlen(mbedtls_ssl_config *conf, + unsigned int bitlen) { conf->dhm_min_bitlen = bitlen; } @@ -4717,8 +4611,8 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, /* * Set allowed/preferred hashes for handshake signatures */ -void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, - const int *hashes ) +void mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, + const int *hashes) { conf->sig_hashes = hashes; } @@ -4728,64 +4622,61 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, /* * Set the allowed elliptic curves */ -void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, - const mbedtls_ecp_group_id *curve_list ) +void mbedtls_ssl_conf_curves(mbedtls_ssl_config *conf, + const mbedtls_ecp_group_id *curve_list) { conf->curve_list = curve_list; } #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ) +int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname) { /* Initialize to suppress unnecessary compiler warning */ size_t hostname_len = 0; /* Check if new hostname is valid before * making any change to current one */ - if( hostname != NULL ) - { - hostname_len = strlen( hostname ); + if (hostname != NULL) { + hostname_len = strlen(hostname); - if( hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } } /* Now it's clear that we will overwrite the old hostname, * so we can free it safely */ - if( ssl->hostname != NULL ) - { - mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) ); - mbedtls_free( ssl->hostname ); + if (ssl->hostname != NULL) { + mbedtls_platform_zeroize(ssl->hostname, strlen(ssl->hostname)); + mbedtls_free(ssl->hostname); } /* Passing NULL as hostname shall clear the old one */ - if( hostname == NULL ) - { + if (hostname == NULL) { ssl->hostname = NULL; - } - else - { - ssl->hostname = mbedtls_calloc( 1, hostname_len + 1 ); - if( ssl->hostname == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } else { + ssl->hostname = mbedtls_calloc(1, hostname_len + 1); + if (ssl->hostname == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - memcpy( ssl->hostname, hostname, hostname_len ); + memcpy(ssl->hostname, hostname, hostname_len); ssl->hostname[hostname_len] = '\0'; } - return( 0 ); + return 0; } #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) -void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, - int (*f_sni)(void *, mbedtls_ssl_context *, - const unsigned char *, size_t), - void *p_sni ) +void mbedtls_ssl_conf_sni(mbedtls_ssl_config *conf, + int (*f_sni)(void *, mbedtls_ssl_context *, + const unsigned char *, size_t), + void *p_sni) { conf->f_sni = f_sni; conf->p_sni = p_sni; @@ -4793,7 +4684,7 @@ void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_SSL_ALPN) -int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos ) +int mbedtls_ssl_conf_alpn_protocols(mbedtls_ssl_config *conf, const char **protos) { size_t cur_len, tot_len; const char **p; @@ -4804,221 +4695,210 @@ int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **prot * We check lengths now rather than later. */ tot_len = 0; - for( p = protos; *p != NULL; p++ ) - { - cur_len = strlen( *p ); + for (p = protos; *p != NULL; p++) { + cur_len = strlen(*p); tot_len += cur_len; - if( ( cur_len == 0 ) || - ( cur_len > MBEDTLS_SSL_MAX_ALPN_NAME_LEN ) || - ( tot_len > MBEDTLS_SSL_MAX_ALPN_LIST_LEN ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((cur_len == 0) || + (cur_len > MBEDTLS_SSL_MAX_ALPN_NAME_LEN) || + (tot_len > MBEDTLS_SSL_MAX_ALPN_LIST_LEN)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } } conf->alpn_list = protos; - return( 0 ); + return 0; } -const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl ) +const char *mbedtls_ssl_get_alpn_protocol(const mbedtls_ssl_context *ssl) { - return( ssl->alpn_chosen ); + return ssl->alpn_chosen; } #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) -void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf, - int support_mki_value ) +void mbedtls_ssl_conf_srtp_mki_value_supported(mbedtls_ssl_config *conf, + int support_mki_value) { conf->dtls_srtp_mki_support = support_mki_value; } -int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl, - unsigned char *mki_value, - uint16_t mki_len ) +int mbedtls_ssl_dtls_srtp_set_mki_value(mbedtls_ssl_context *ssl, + unsigned char *mki_value, + uint16_t mki_len) { - if( mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED ) - { - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED) { + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } - memcpy( ssl->dtls_srtp_info.mki_value, mki_value, mki_len ); + memcpy(ssl->dtls_srtp_info.mki_value, mki_value, mki_len); ssl->dtls_srtp_info.mki_len = mki_len; - return( 0 ); + return 0; } -int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf, - const mbedtls_ssl_srtp_profile *profiles ) +int mbedtls_ssl_conf_dtls_srtp_protection_profiles(mbedtls_ssl_config *conf, + const mbedtls_ssl_srtp_profile *profiles) { const mbedtls_ssl_srtp_profile *p; size_t list_size = 0; /* check the profiles list: all entry must be valid, * its size cannot be more than the total number of supported profiles, currently 4 */ - for( p = profiles; *p != MBEDTLS_TLS_SRTP_UNSET && - list_size <= MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH; - p++ ) - { - if( mbedtls_ssl_check_srtp_profile_value( *p ) != MBEDTLS_TLS_SRTP_UNSET ) - { + for (p = profiles; *p != MBEDTLS_TLS_SRTP_UNSET && + list_size <= MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH; + p++) { + if (mbedtls_ssl_check_srtp_profile_value(*p) != MBEDTLS_TLS_SRTP_UNSET) { list_size++; - } - else - { + } else { /* unsupported value, stop parsing and set the size to an error value */ list_size = MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH + 1; } } - if( list_size > MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH ) - { - conf->dtls_srtp_profile_list = NULL; - conf->dtls_srtp_profile_list_len = 0; - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (list_size > MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH) { + conf->dtls_srtp_profile_list = NULL; + conf->dtls_srtp_profile_list_len = 0; + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } conf->dtls_srtp_profile_list = profiles; conf->dtls_srtp_profile_list_len = list_size; - return( 0 ); + return 0; } -void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl, - mbedtls_dtls_srtp_info *dtls_srtp_info ) +void mbedtls_ssl_get_dtls_srtp_negotiation_result(const mbedtls_ssl_context *ssl, + mbedtls_dtls_srtp_info *dtls_srtp_info) { dtls_srtp_info->chosen_dtls_srtp_profile = ssl->dtls_srtp_info.chosen_dtls_srtp_profile; /* do not copy the mki value if there is no chosen profile */ - if( dtls_srtp_info->chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) - { + if (dtls_srtp_info->chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET) { dtls_srtp_info->mki_len = 0; - } - else - { + } else { dtls_srtp_info->mki_len = ssl->dtls_srtp_info.mki_len; - memcpy( dtls_srtp_info->mki_value, ssl->dtls_srtp_info.mki_value, - ssl->dtls_srtp_info.mki_len ); + memcpy(dtls_srtp_info->mki_value, ssl->dtls_srtp_info.mki_value, + ssl->dtls_srtp_info.mki_len); } } #endif /* MBEDTLS_SSL_DTLS_SRTP */ -void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ) +void mbedtls_ssl_conf_max_version(mbedtls_ssl_config *conf, int major, int minor) { conf->max_major_ver = major; conf->max_minor_ver = minor; } -void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ) +void mbedtls_ssl_conf_min_version(mbedtls_ssl_config *conf, int major, int minor) { conf->min_major_ver = major; conf->min_minor_ver = minor; } #if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) -void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ) +void mbedtls_ssl_conf_fallback(mbedtls_ssl_config *conf, char fallback) { conf->fallback = fallback; } #endif #if defined(MBEDTLS_SSL_SRV_C) -void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, - char cert_req_ca_list ) +void mbedtls_ssl_conf_cert_req_ca_list(mbedtls_ssl_config *conf, + char cert_req_ca_list) { conf->cert_req_ca_list = cert_req_ca_list; } #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ) +void mbedtls_ssl_conf_encrypt_then_mac(mbedtls_ssl_config *conf, char etm) { conf->encrypt_then_mac = etm; } #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ) +void mbedtls_ssl_conf_extended_master_secret(mbedtls_ssl_config *conf, char ems) { conf->extended_ms = ems; } #endif #if defined(MBEDTLS_ARC4_C) -void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ) +void mbedtls_ssl_conf_arc4_support(mbedtls_ssl_config *conf, char arc4) { conf->arc4_disabled = arc4; } #endif #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ) +int mbedtls_ssl_conf_max_frag_len(mbedtls_ssl_config *conf, unsigned char mfl_code) { - if( mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID || - ssl_mfl_code_to_length( mfl_code ) > MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID || + ssl_mfl_code_to_length(mfl_code) > MBEDTLS_TLS_EXT_ADV_CONTENT_LEN) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } conf->mfl_code = mfl_code; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ) +void mbedtls_ssl_conf_truncated_hmac(mbedtls_ssl_config *conf, int truncate) { conf->trunc_hmac = truncate; } #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) -void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ) +void mbedtls_ssl_conf_cbc_record_splitting(mbedtls_ssl_config *conf, char split) { conf->cbc_record_splitting = split; } #endif -void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ) +void mbedtls_ssl_conf_legacy_renegotiation(mbedtls_ssl_config *conf, int allow_legacy) { conf->allow_legacy_renegotiation = allow_legacy; } #if defined(MBEDTLS_SSL_RENEGOTIATION) -void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation ) +void mbedtls_ssl_conf_renegotiation(mbedtls_ssl_config *conf, int renegotiation) { conf->disable_renegotiation = renegotiation; } -void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records ) +void mbedtls_ssl_conf_renegotiation_enforced(mbedtls_ssl_config *conf, int max_records) { conf->renego_max_records = max_records; } -void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, - const unsigned char period[8] ) +void mbedtls_ssl_conf_renegotiation_period(mbedtls_ssl_config *conf, + const unsigned char period[8]) { - memcpy( conf->renego_period, period, 8 ); + memcpy(conf->renego_period, period, 8); } #endif /* MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) #if defined(MBEDTLS_SSL_CLI_C) -void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ) +void mbedtls_ssl_conf_session_tickets(mbedtls_ssl_config *conf, int use_tickets) { conf->session_tickets = use_tickets; } #endif #if defined(MBEDTLS_SSL_SRV_C) -void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_ticket_write_t *f_ticket_write, - mbedtls_ssl_ticket_parse_t *f_ticket_parse, - void *p_ticket ) +void mbedtls_ssl_conf_session_tickets_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_ticket_write_t *f_ticket_write, + mbedtls_ssl_ticket_parse_t *f_ticket_parse, + void *p_ticket) { conf->f_ticket_write = f_ticket_write; conf->f_ticket_parse = f_ticket_parse; @@ -5028,17 +4908,17 @@ void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) -void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_t *f_export_keys, - void *p_export_keys ) +void mbedtls_ssl_conf_export_keys_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_export_keys_t *f_export_keys, + void *p_export_keys) { conf->f_export_keys = f_export_keys; conf->p_export_keys = p_export_keys; } -void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_ext_t *f_export_keys_ext, - void *p_export_keys ) +void mbedtls_ssl_conf_export_keys_ext_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_export_keys_ext_t *f_export_keys_ext, + void *p_export_keys) { conf->f_export_keys_ext = f_export_keys_ext; conf->p_export_keys = p_export_keys; @@ -5052,7 +4932,7 @@ void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_async_decrypt_t *f_async_decrypt, mbedtls_ssl_async_resume_t *f_async_resume, mbedtls_ssl_async_cancel_t *f_async_cancel, - void *async_config_data ) + void *async_config_data) { conf->f_async_sign_start = f_async_sign; conf->f_async_decrypt_start = f_async_decrypt; @@ -5061,178 +4941,176 @@ void mbedtls_ssl_conf_async_private_cb( conf->p_async_config_data = async_config_data; } -void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf ) +void *mbedtls_ssl_conf_get_async_config_data(const mbedtls_ssl_config *conf) { - return( conf->p_async_config_data ); + return conf->p_async_config_data; } -void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl ) +void *mbedtls_ssl_get_async_operation_data(const mbedtls_ssl_context *ssl) { - if( ssl->handshake == NULL ) - return( NULL ); - else - return( ssl->handshake->user_async_ctx ); + if (ssl->handshake == NULL) { + return NULL; + } else { + return ssl->handshake->user_async_ctx; + } } -void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl, - void *ctx ) +void mbedtls_ssl_set_async_operation_data(mbedtls_ssl_context *ssl, + void *ctx) { - if( ssl->handshake != NULL ) + if (ssl->handshake != NULL) { ssl->handshake->user_async_ctx = ctx; + } } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ /* * SSL get accessors */ -uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ) +uint32_t mbedtls_ssl_get_verify_result(const mbedtls_ssl_context *ssl) { - if( ssl->session != NULL ) - return( ssl->session->verify_result ); + if (ssl->session != NULL) { + return ssl->session->verify_result; + } - if( ssl->session_negotiate != NULL ) - return( ssl->session_negotiate->verify_result ); + if (ssl->session_negotiate != NULL) { + return ssl->session_negotiate->verify_result; + } - return( 0xFFFFFFFF ); + return 0xFFFFFFFF; } -const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ) +const char *mbedtls_ssl_get_ciphersuite(const mbedtls_ssl_context *ssl) { - if( ssl == NULL || ssl->session == NULL ) - return( NULL ); + if (ssl == NULL || ssl->session == NULL) { + return NULL; + } - return mbedtls_ssl_get_ciphersuite_name( ssl->session->ciphersuite ); + return mbedtls_ssl_get_ciphersuite_name(ssl->session->ciphersuite); } -const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ) +const char *mbedtls_ssl_get_version(const mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - switch( ssl->minor_ver ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + switch (ssl->minor_ver) { case MBEDTLS_SSL_MINOR_VERSION_2: - return( "DTLSv1.0" ); + return "DTLSv1.0"; case MBEDTLS_SSL_MINOR_VERSION_3: - return( "DTLSv1.2" ); + return "DTLSv1.2"; default: - return( "unknown (DTLS)" ); + return "unknown (DTLS)"; } } #endif - switch( ssl->minor_ver ) - { + switch (ssl->minor_ver) { case MBEDTLS_SSL_MINOR_VERSION_0: - return( "SSLv3.0" ); + return "SSLv3.0"; case MBEDTLS_SSL_MINOR_VERSION_1: - return( "TLSv1.0" ); + return "TLSv1.0"; case MBEDTLS_SSL_MINOR_VERSION_2: - return( "TLSv1.1" ); + return "TLSv1.1"; case MBEDTLS_SSL_MINOR_VERSION_3: - return( "TLSv1.2" ); + return "TLSv1.2"; default: - return( "unknown" ); + return "unknown"; } } #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl ) +size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl) { size_t max_len = MBEDTLS_SSL_MAX_CONTENT_LEN; size_t read_mfl; /* Use the configured MFL for the client if we're past SERVER_HELLO_DONE */ - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ssl->state >= MBEDTLS_SSL_SERVER_HELLO_DONE ) - { - return ssl_mfl_code_to_length( ssl->conf->mfl_code ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + ssl->state >= MBEDTLS_SSL_SERVER_HELLO_DONE) { + return ssl_mfl_code_to_length(ssl->conf->mfl_code); } /* Check if a smaller max length was negotiated */ - if( ssl->session_out != NULL ) - { - read_mfl = ssl_mfl_code_to_length( ssl->session_out->mfl_code ); - if( read_mfl < max_len ) - { + if (ssl->session_out != NULL) { + read_mfl = ssl_mfl_code_to_length(ssl->session_out->mfl_code); + if (read_mfl < max_len) { max_len = read_mfl; } } // During a handshake, use the value being negotiated - if( ssl->session_negotiate != NULL ) - { - read_mfl = ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ); - if( read_mfl < max_len ) - { + if (ssl->session_negotiate != NULL) { + read_mfl = ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code); + if (read_mfl < max_len) { max_len = read_mfl; } } - return( max_len ); + return max_len; } -size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ) +size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl) { size_t max_len; /* * Assume mfl_code is correct since it was checked when set */ - max_len = ssl_mfl_code_to_length( ssl->conf->mfl_code ); + max_len = ssl_mfl_code_to_length(ssl->conf->mfl_code); /* Check if a smaller max length was negotiated */ - if( ssl->session_out != NULL && - ssl_mfl_code_to_length( ssl->session_out->mfl_code ) < max_len ) - { - max_len = ssl_mfl_code_to_length( ssl->session_out->mfl_code ); + if (ssl->session_out != NULL && + ssl_mfl_code_to_length(ssl->session_out->mfl_code) < max_len) { + max_len = ssl_mfl_code_to_length(ssl->session_out->mfl_code); } /* During a handshake, use the value being negotiated */ - if( ssl->session_negotiate != NULL && - ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ) < max_len ) - { - max_len = ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ); + if (ssl->session_negotiate != NULL && + ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code) < max_len) { + max_len = ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code); } - return( max_len ); + return max_len; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl ) +size_t mbedtls_ssl_get_max_frag_len(const mbedtls_ssl_context *ssl) { - return mbedtls_ssl_get_output_max_frag_len( ssl ); + return mbedtls_ssl_get_output_max_frag_len(ssl); } #endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_PROTO_DTLS) -size_t mbedtls_ssl_get_current_mtu( const mbedtls_ssl_context *ssl ) +size_t mbedtls_ssl_get_current_mtu(const mbedtls_ssl_context *ssl) { /* Return unlimited mtu for client hello messages to avoid fragmentation. */ - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ( ssl->state == MBEDTLS_SSL_CLIENT_HELLO || - ssl->state == MBEDTLS_SSL_SERVER_HELLO ) ) - return ( 0 ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + (ssl->state == MBEDTLS_SSL_CLIENT_HELLO || + ssl->state == MBEDTLS_SSL_SERVER_HELLO)) { + return 0; + } - if( ssl->handshake == NULL || ssl->handshake->mtu == 0 ) - return( ssl->mtu ); + if (ssl->handshake == NULL || ssl->handshake->mtu == 0) { + return ssl->mtu; + } - if( ssl->mtu == 0 ) - return( ssl->handshake->mtu ); + if (ssl->mtu == 0) { + return ssl->handshake->mtu; + } - return( ssl->mtu < ssl->handshake->mtu ? - ssl->mtu : ssl->handshake->mtu ); + return ssl->mtu < ssl->handshake->mtu ? + ssl->mtu : ssl->handshake->mtu; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ) +int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) { size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; @@ -5242,30 +5120,31 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ) #endif #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - const size_t mfl = mbedtls_ssl_get_output_max_frag_len( ssl ); + const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl); - if( max_len > mfl ) + if (max_len > mfl) { max_len = mfl; + } #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( mbedtls_ssl_get_current_mtu( ssl ) != 0 ) - { - const size_t mtu = mbedtls_ssl_get_current_mtu( ssl ); - const int ret = mbedtls_ssl_get_record_expansion( ssl ); + if (mbedtls_ssl_get_current_mtu(ssl) != 0) { + const size_t mtu = mbedtls_ssl_get_current_mtu(ssl); + const int ret = mbedtls_ssl_get_record_expansion(ssl); const size_t overhead = (size_t) ret; - if( ret < 0 ) - return( ret ); + if (ret < 0) { + return ret; + } - if( mtu <= overhead ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "MTU too low for record expansion" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (mtu <= overhead) { + MBEDTLS_SSL_DEBUG_MSG(1, ("MTU too low for record expansion")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } - if( max_len > mtu - overhead ) + if (max_len > mtu - overhead) { max_len = mtu - overhead; + } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -5274,45 +5153,46 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ) ((void) ssl); #endif - return( (int) max_len ); + return (int) max_len; } #if defined(MBEDTLS_X509_CRT_PARSE_C) -const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ) +const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl) { - if( ssl == NULL || ssl->session == NULL ) - return( NULL ); + if (ssl == NULL || ssl->session == NULL) { + return NULL; + } #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - return( ssl->session->peer_cert ); + return ssl->session->peer_cert; #else - return( NULL ); + return NULL; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ } #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_CLI_C) -int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, - mbedtls_ssl_session *dst ) +int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, + mbedtls_ssl_session *dst) { - if( ssl == NULL || + if (ssl == NULL || dst == NULL || ssl->session == NULL || - ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - return( mbedtls_ssl_session_copy( dst, ssl->session ) ); + return mbedtls_ssl_session_copy(dst, ssl->session); } #endif /* MBEDTLS_SSL_CLI_C */ -const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl ) +const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer(const mbedtls_ssl_context *ssl) { - if( ssl == NULL ) - return( NULL ); + if (ssl == NULL) { + return NULL; + } - return( ssl->session ); + return ssl->session; } /* @@ -5376,21 +5256,23 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co #define SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT 6 #define SSL_SERIALIZED_SESSION_CONFIG_BITFLAG \ - ( (uint16_t) ( \ - ( SSL_SERIALIZED_SESSION_CONFIG_TIME << SSL_SERIALIZED_SESSION_CONFIG_TIME_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_CRT << SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET << SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_MFL << SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC << SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_ETM << SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_TICKET << SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT ) ) ) + ((uint16_t) ( \ + (SSL_SERIALIZED_SESSION_CONFIG_TIME << SSL_SERIALIZED_SESSION_CONFIG_TIME_BIT) | \ + (SSL_SERIALIZED_SESSION_CONFIG_CRT << SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT) | \ + (SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET << \ + SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT) | \ + (SSL_SERIALIZED_SESSION_CONFIG_MFL << SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT) | \ + (SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC << \ + SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT) | \ + (SSL_SERIALIZED_SESSION_CONFIG_ETM << SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT) | \ + (SSL_SERIALIZED_SESSION_CONFIG_TICKET << SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT))) static unsigned char ssl_serialized_session_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - MBEDTLS_BYTE_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_BYTE_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1(SSL_SERIALIZED_SESSION_CONFIG_BITFLAG), + MBEDTLS_BYTE_0(SSL_SERIALIZED_SESSION_CONFIG_BITFLAG), }; /* @@ -5428,11 +5310,11 @@ static unsigned char ssl_serialized_session_header[] = { * together in one block. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_session_save( const mbedtls_ssl_session *session, - unsigned char omit_header, - unsigned char *buf, - size_t buf_len, - size_t *olen ) +static int ssl_session_save(const mbedtls_ssl_session *session, + unsigned char omit_header, + unsigned char *buf, + size_t buf_len, + size_t *olen) { unsigned char *p = buf; size_t used = 0; @@ -5446,19 +5328,17 @@ static int ssl_session_save( const mbedtls_ssl_session *session, #endif /* MBEDTLS_X509_CRT_PARSE_C */ - if( !omit_header ) - { + if (!omit_header) { /* * Add version identifier */ - used += sizeof( ssl_serialized_session_header ); + used += sizeof(ssl_serialized_session_header); - if( used <= buf_len ) - { - memcpy( p, ssl_serialized_session_header, - sizeof( ssl_serialized_session_header ) ); - p += sizeof( ssl_serialized_session_header ); + if (used <= buf_len) { + memcpy(p, ssl_serialized_session_header, + sizeof(ssl_serialized_session_header)); + p += sizeof(ssl_serialized_session_header); } } @@ -5468,11 +5348,10 @@ static int ssl_session_save( const mbedtls_ssl_session *session, #if defined(MBEDTLS_HAVE_TIME) used += 8; - if( used <= buf_len ) - { + if (used <= buf_len) { start = (uint64_t) session->start; - MBEDTLS_PUT_UINT64_BE( start, p, 0 ); + MBEDTLS_PUT_UINT64_BE(start, p, 0); p += 8; } #endif /* MBEDTLS_HAVE_TIME */ @@ -5481,27 +5360,26 @@ static int ssl_session_save( const mbedtls_ssl_session *session, * Basic mandatory fields */ used += 2 /* ciphersuite */ - + 1 /* compression */ - + 1 /* id_len */ - + sizeof( session->id ) - + sizeof( session->master ) - + 4; /* verify_result */ - - if( used <= buf_len ) - { - MBEDTLS_PUT_UINT16_BE( session->ciphersuite, p, 0 ); + + 1 /* compression */ + + 1 /* id_len */ + + sizeof(session->id) + + sizeof(session->master) + + 4; /* verify_result */ + + if (used <= buf_len) { + MBEDTLS_PUT_UINT16_BE(session->ciphersuite, p, 0); p += 2; - *p++ = MBEDTLS_BYTE_0( session->compression ); + *p++ = MBEDTLS_BYTE_0(session->compression); - *p++ = MBEDTLS_BYTE_0( session->id_len ); - memcpy( p, session->id, 32 ); + *p++ = MBEDTLS_BYTE_0(session->id_len); + memcpy(p, session->id, 32); p += 32; - memcpy( p, session->master, 48 ); + memcpy(p, session->master, 48); p += 48; - MBEDTLS_PUT_UINT32_BE( session->verify_result, p, 0 ); + MBEDTLS_PUT_UINT32_BE(session->verify_result, p, 0); p += 4; } @@ -5510,43 +5388,37 @@ static int ssl_session_save( const mbedtls_ssl_session *session, */ #if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( session->peer_cert == NULL ) + if (session->peer_cert == NULL) { cert_len = 0; - else + } else { cert_len = session->peer_cert->raw.len; + } used += 3 + cert_len; - if( used <= buf_len ) - { - *p++ = MBEDTLS_BYTE_2( cert_len ); - *p++ = MBEDTLS_BYTE_1( cert_len ); - *p++ = MBEDTLS_BYTE_0( cert_len ); + if (used <= buf_len) { + *p++ = MBEDTLS_BYTE_2(cert_len); + *p++ = MBEDTLS_BYTE_1(cert_len); + *p++ = MBEDTLS_BYTE_0(cert_len); - if( session->peer_cert != NULL ) - { - memcpy( p, session->peer_cert->raw.p, cert_len ); + if (session->peer_cert != NULL) { + memcpy(p, session->peer_cert->raw.p, cert_len); p += cert_len; } } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( session->peer_cert_digest != NULL ) - { + if (session->peer_cert_digest != NULL) { used += 1 /* type */ + 1 /* length */ + session->peer_cert_digest_len; - if( used <= buf_len ) - { + if (used <= buf_len) { *p++ = (unsigned char) session->peer_cert_digest_type; *p++ = (unsigned char) session->peer_cert_digest_len; - memcpy( p, session->peer_cert_digest, - session->peer_cert_digest_len ); + memcpy(p, session->peer_cert_digest, + session->peer_cert_digest_len); p += session->peer_cert_digest_len; } - } - else - { + } else { used += 2; - if( used <= buf_len ) - { + if (used <= buf_len) { *p++ = (unsigned char) MBEDTLS_MD_NONE; *p++ = 0; } @@ -5560,19 +5432,17 @@ static int ssl_session_save( const mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) used += 3 + session->ticket_len + 4; /* len + ticket + lifetime */ - if( used <= buf_len ) - { - *p++ = MBEDTLS_BYTE_2( session->ticket_len ); - *p++ = MBEDTLS_BYTE_1( session->ticket_len ); - *p++ = MBEDTLS_BYTE_0( session->ticket_len ); + if (used <= buf_len) { + *p++ = MBEDTLS_BYTE_2(session->ticket_len); + *p++ = MBEDTLS_BYTE_1(session->ticket_len); + *p++ = MBEDTLS_BYTE_0(session->ticket_len); - if( session->ticket != NULL ) - { - memcpy( p, session->ticket, session->ticket_len ); + if (session->ticket != NULL) { + memcpy(p, session->ticket, session->ticket_len); p += session->ticket_len; } - MBEDTLS_PUT_UINT32_BE( session->ticket_lifetime, p, 0 ); + MBEDTLS_PUT_UINT32_BE(session->ticket_lifetime, p, 0); p += 4; } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -5583,42 +5453,46 @@ static int ssl_session_save( const mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) used += 1; - if( used <= buf_len ) + if (used <= buf_len) { *p++ = session->mfl_code; + } #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) used += 1; - if( used <= buf_len ) - *p++ = (unsigned char)( ( session->trunc_hmac ) & 0xFF ); + if (used <= buf_len) { + *p++ = (unsigned char) ((session->trunc_hmac) & 0xFF); + } #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) used += 1; - if( used <= buf_len ) - *p++ = MBEDTLS_BYTE_0( session->encrypt_then_mac ); + if (used <= buf_len) { + *p++ = MBEDTLS_BYTE_0(session->encrypt_then_mac); + } #endif /* Done */ *olen = used; - if( used > buf_len ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (used > buf_len) { + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + } - return( 0 ); + return 0; } /* * Public wrapper for ssl_session_save() */ -int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, - unsigned char *buf, - size_t buf_len, - size_t *olen ) +int mbedtls_ssl_session_save(const mbedtls_ssl_session *session, + unsigned char *buf, + size_t buf_len, + size_t *olen) { - return( ssl_session_save( session, 0, buf, buf_len, olen ) ); + return ssl_session_save(session, 0, buf, buf_len, olen); } /* @@ -5628,10 +5502,10 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, * case of error, and has an extra option omit_header. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_session_load( mbedtls_ssl_session *session, - unsigned char omit_header, - const unsigned char *buf, - size_t len ) +static int ssl_session_load(mbedtls_ssl_session *session, + unsigned char omit_header, + const unsigned char *buf, + size_t len) { const unsigned char *p = buf; const unsigned char * const end = buf + len; @@ -5644,38 +5518,38 @@ static int ssl_session_load( mbedtls_ssl_session *session, #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ - if( !omit_header ) - { + if (!omit_header) { /* * Check version identifier */ - if( (size_t)( end - p ) < sizeof( ssl_serialized_session_header ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < sizeof(ssl_serialized_session_header)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( memcmp( p, ssl_serialized_session_header, - sizeof( ssl_serialized_session_header ) ) != 0 ) - { - return( MBEDTLS_ERR_SSL_VERSION_MISMATCH ); + if (memcmp(p, ssl_serialized_session_header, + sizeof(ssl_serialized_session_header)) != 0) { + return MBEDTLS_ERR_SSL_VERSION_MISMATCH; } - p += sizeof( ssl_serialized_session_header ); + p += sizeof(ssl_serialized_session_header); } /* * Time */ #if defined(MBEDTLS_HAVE_TIME) - if( 8 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - start = ( (uint64_t) p[0] << 56 ) | - ( (uint64_t) p[1] << 48 ) | - ( (uint64_t) p[2] << 40 ) | - ( (uint64_t) p[3] << 32 ) | - ( (uint64_t) p[4] << 24 ) | - ( (uint64_t) p[5] << 16 ) | - ( (uint64_t) p[6] << 8 ) | - ( (uint64_t) p[7] ); + if (8 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + start = ((uint64_t) p[0] << 56) | + ((uint64_t) p[1] << 48) | + ((uint64_t) p[2] << 40) | + ((uint64_t) p[3] << 32) | + ((uint64_t) p[4] << 24) | + ((uint64_t) p[5] << 16) | + ((uint64_t) p[6] << 8) | + ((uint64_t) p[7]); p += 8; session->start = (time_t) start; @@ -5684,25 +5558,26 @@ static int ssl_session_load( mbedtls_ssl_session *session, /* * Basic mandatory fields */ - if( 2 + 1 + 1 + 32 + 48 + 4 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (2 + 1 + 1 + 32 + 48 + 4 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - session->ciphersuite = ( p[0] << 8 ) | p[1]; + session->ciphersuite = (p[0] << 8) | p[1]; p += 2; session->compression = *p++; session->id_len = *p++; - memcpy( session->id, p, 32 ); + memcpy(session->id, p, 32); p += 32; - memcpy( session->master, p, 48 ); + memcpy(session->master, p, 48); p += 48; - session->verify_result = ( (uint32_t) p[0] << 24 ) | - ( (uint32_t) p[1] << 16 ) | - ( (uint32_t) p[2] << 8 ) | - ( (uint32_t) p[3] ); + session->verify_result = ((uint32_t) p[0] << 24) | + ((uint32_t) p[1] << 16) | + ((uint32_t) p[2] << 8) | + ((uint32_t) p[3]); p += 4; /* Immediately clear invalid pointer values that have been read, in case @@ -5724,64 +5599,69 @@ static int ssl_session_load( mbedtls_ssl_session *session, #if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* Deserialize CRT from the end of the ticket. */ - if( 3 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (3 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2]; + cert_len = (p[0] << 16) | (p[1] << 8) | p[2]; p += 3; - if( cert_len != 0 ) - { + if (cert_len != 0) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( cert_len > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (cert_len > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - session->peer_cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); + session->peer_cert = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); - if( session->peer_cert == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if (session->peer_cert == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - mbedtls_x509_crt_init( session->peer_cert ); + mbedtls_x509_crt_init(session->peer_cert); - if( ( ret = mbedtls_x509_crt_parse_der( session->peer_cert, - p, cert_len ) ) != 0 ) - { - mbedtls_x509_crt_free( session->peer_cert ); - mbedtls_free( session->peer_cert ); + if ((ret = mbedtls_x509_crt_parse_der(session->peer_cert, + p, cert_len)) != 0) { + mbedtls_x509_crt_free(session->peer_cert); + mbedtls_free(session->peer_cert); session->peer_cert = NULL; - return( ret ); + return ret; } p += cert_len; } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /* Deserialize CRT digest from the end of the ticket. */ - if( 2 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (2 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } session->peer_cert_digest_type = (mbedtls_md_type_t) *p++; session->peer_cert_digest_len = (size_t) *p++; - if( session->peer_cert_digest_len != 0 ) - { + if (session->peer_cert_digest_len != 0) { const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type( session->peer_cert_digest_type ); - if( md_info == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( session->peer_cert_digest_len != mbedtls_md_get_size( md_info ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + mbedtls_md_info_from_type(session->peer_cert_digest_type); + if (md_info == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + if (session->peer_cert_digest_len != mbedtls_md_get_size(md_info)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( session->peer_cert_digest_len > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (session->peer_cert_digest_len > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } session->peer_cert_digest = - mbedtls_calloc( 1, session->peer_cert_digest_len ); - if( session->peer_cert_digest == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + mbedtls_calloc(1, session->peer_cert_digest_len); + if (session->peer_cert_digest == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - memcpy( session->peer_cert_digest, p, - session->peer_cert_digest_len ); + memcpy(session->peer_cert_digest, p, + session->peer_cert_digest_len); p += session->peer_cert_digest_len; } #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ @@ -5791,32 +5671,35 @@ static int ssl_session_load( mbedtls_ssl_session *session, * Session ticket and associated data */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - if( 3 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (3 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - session->ticket_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2]; + session->ticket_len = (p[0] << 16) | (p[1] << 8) | p[2]; p += 3; - if( session->ticket_len != 0 ) - { - if( session->ticket_len > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (session->ticket_len != 0) { + if (session->ticket_len > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - session->ticket = mbedtls_calloc( 1, session->ticket_len ); - if( session->ticket == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + session->ticket = mbedtls_calloc(1, session->ticket_len); + if (session->ticket == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - memcpy( session->ticket, p, session->ticket_len ); + memcpy(session->ticket, p, session->ticket_len); p += session->ticket_len; } - if( 4 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (4 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - session->ticket_lifetime = ( (uint32_t) p[0] << 24 ) | - ( (uint32_t) p[1] << 16 ) | - ( (uint32_t) p[2] << 8 ) | - ( (uint32_t) p[3] ); + session->ticket_lifetime = ((uint32_t) p[0] << 24) | + ((uint32_t) p[1] << 16) | + ((uint32_t) p[2] << 8) | + ((uint32_t) p[3]); p += 4; #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -5824,106 +5707,114 @@ static int ssl_session_load( mbedtls_ssl_session *session, * Misc extension-related info */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( 1 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (1 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } session->mfl_code = *p++; #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( 1 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (1 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } session->trunc_hmac = *p++; #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( 1 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (1 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } session->encrypt_then_mac = *p++; #endif /* Done, should have consumed entire buffer */ - if( p != end ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (p != end) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - return( 0 ); + return 0; } /* * Deserialize session: public wrapper for error cleaning */ -int mbedtls_ssl_session_load( mbedtls_ssl_session *session, - const unsigned char *buf, - size_t len ) +int mbedtls_ssl_session_load(mbedtls_ssl_session *session, + const unsigned char *buf, + size_t len) { - int ret = ssl_session_load( session, 0, buf, len ); + int ret = ssl_session_load(session, 0, buf, len); - if( ret != 0 ) - mbedtls_ssl_session_free( session ); + if (ret != 0) { + mbedtls_ssl_session_free(session); + } - return( ret ); + return ret; } /* * Perform a single step of the SSL handshake */ -int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } #if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - ret = mbedtls_ssl_handshake_client_step( ssl ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { + ret = mbedtls_ssl_handshake_client_step(ssl); + } #endif #if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - ret = mbedtls_ssl_handshake_server_step( ssl ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { + ret = mbedtls_ssl_handshake_server_step(ssl); + } #endif - return( ret ); + return ret; } /* * Perform the SSL handshake */ -int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl) { int ret = 0; /* Sanity checks */ - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ssl->f_set_timer == NULL || ssl->f_get_timer == NULL ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "You must use " - "mbedtls_ssl_set_timer_cb() for DTLS" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (ssl->f_set_timer == NULL || ssl->f_get_timer == NULL)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("You must use " + "mbedtls_ssl_set_timer_cb() for DTLS")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> handshake" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> handshake")); /* Main handshake loop */ - while( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - ret = mbedtls_ssl_handshake_step( ssl ); + while (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + ret = mbedtls_ssl_handshake_step(ssl); - if( ret != 0 ) + if (ret != 0) { break; + } } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= handshake" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= handshake")); - return( ret ); + return ret; } #if defined(MBEDTLS_SSL_RENEGOTIATION) @@ -5932,25 +5823,24 @@ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ) * Write HelloRequest to request renegotiation on server */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_write_hello_request( mbedtls_ssl_context *ssl ) +static int ssl_write_hello_request(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write hello request")); ssl->out_msglen = 4; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_REQUEST; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write hello request")); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SRV_C */ @@ -5963,67 +5853,69 @@ static int ssl_write_hello_request( mbedtls_ssl_context *ssl ) * If the handshake doesn't complete due to waiting for I/O, it will continue * during the next calls to mbedtls_ssl_renegotiate() or mbedtls_ssl_read() respectively. */ -int mbedtls_ssl_start_renegotiation( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_start_renegotiation(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> renegotiate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> renegotiate")); - if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) - return( ret ); + if ((ret = ssl_handshake_init(ssl)) != 0) { + return ret; + } /* RFC 6347 4.2.2: "[...] the HelloRequest will have message_seq = 0 and * the ServerHello will have message_seq = 1" */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) - { - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { ssl->handshake->out_msg_seq = 1; - else + } else { ssl->handshake->in_msg_seq = 1; + } } #endif ssl->state = MBEDTLS_SSL_HELLO_REQUEST; ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS; - if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); - return( ret ); + if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= renegotiate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= renegotiate")); - return( 0 ); + return 0; } /* * Renegotiate current connection on client, * or request renegotiation on server */ -int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } #if defined(MBEDTLS_SSL_SRV_C) /* On server, just send the request */ - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - { - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; /* Did we already try/start sending HelloRequest? */ - if( ssl->out_left != 0 ) - return( mbedtls_ssl_flush_output( ssl ) ); + if (ssl->out_left != 0) { + return mbedtls_ssl_flush_output(ssl); + } - return( ssl_write_hello_request( ssl ) ); + return ssl_write_hello_request(ssl); } #endif /* MBEDTLS_SSL_SRV_C */ @@ -6032,92 +5924,87 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ) * On client, either start the renegotiation process or, * if already in progress, continue the handshake */ - if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( ( ret = mbedtls_ssl_start_renegotiation( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_start_renegotiation", ret ); - return( ret ); + if ((ret = mbedtls_ssl_start_renegotiation(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_start_renegotiation", ret); + return ret; } - } - else - { - if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); - return( ret ); + } else { + if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret); + return ret; } } #endif /* MBEDTLS_SSL_CLI_C */ - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -static void ssl_key_cert_free( mbedtls_ssl_key_cert *key_cert ) +static void ssl_key_cert_free(mbedtls_ssl_key_cert *key_cert) { mbedtls_ssl_key_cert *cur = key_cert, *next; - while( cur != NULL ) - { + while (cur != NULL) { next = cur->next; - mbedtls_free( cur ); + mbedtls_free(cur); cur = next; } } #endif /* MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl) { mbedtls_ssl_handshake_params *handshake = ssl->handshake; - if( handshake == NULL ) + if (handshake == NULL) { return; + } #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0 ) - { - ssl->conf->f_async_cancel( ssl ); + if (ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0) { + ssl->conf->f_async_cancel(ssl); handshake->async_in_progress = 0; } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_free( &handshake->fin_md5 ); - mbedtls_sha1_free( &handshake->fin_sha1 ); + mbedtls_md5_free(&handshake->fin_md5); + mbedtls_sha1_free(&handshake->fin_sha1); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort( &handshake->fin_sha256_psa ); + psa_hash_abort(&handshake->fin_sha256_psa); #else - mbedtls_sha256_free( &handshake->fin_sha256 ); + mbedtls_sha256_free(&handshake->fin_sha256); #endif #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort( &handshake->fin_sha384_psa ); + psa_hash_abort(&handshake->fin_sha384_psa); #else - mbedtls_sha512_free( &handshake->fin_sha512 ); + mbedtls_sha512_free(&handshake->fin_sha512); #endif #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_DHM_C) - mbedtls_dhm_free( &handshake->dhm_ctx ); + mbedtls_dhm_free(&handshake->dhm_ctx); #endif #if defined(MBEDTLS_ECDH_C) - mbedtls_ecdh_free( &handshake->ecdh_ctx ); + mbedtls_ecdh_free(&handshake->ecdh_ctx); #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - mbedtls_ecjpake_free( &handshake->ecjpake_ctx ); + mbedtls_ecjpake_free(&handshake->ecjpake_ctx); #if defined(MBEDTLS_SSL_CLI_C) - mbedtls_free( handshake->ecjpake_cache ); + mbedtls_free(handshake->ecjpake_cache); handshake->ecjpake_cache = NULL; handshake->ecjpake_cache_len = 0; #endif @@ -6126,14 +6013,13 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) /* explicit void pointer cast for buggy MS compiler */ - mbedtls_free( (void *) handshake->curves ); + mbedtls_free((void *) handshake->curves); #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( handshake->psk != NULL ) - { - mbedtls_platform_zeroize( handshake->psk, handshake->psk_len ); - mbedtls_free( handshake->psk ); + if (handshake->psk != NULL) { + mbedtls_platform_zeroize(handshake->psk, handshake->psk_len); + mbedtls_free(handshake->psk); } #endif @@ -6143,71 +6029,69 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) * Free only the linked list wrapper, not the keys themselves * since the belong to the SNI callback */ - if( handshake->sni_key_cert != NULL ) - { + if (handshake->sni_key_cert != NULL) { mbedtls_ssl_key_cert *cur = handshake->sni_key_cert, *next; - while( cur != NULL ) - { + while (cur != NULL) { next = cur->next; - mbedtls_free( cur ); + mbedtls_free(cur); cur = next; } } #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - mbedtls_x509_crt_restart_free( &handshake->ecrs_ctx ); - if( handshake->ecrs_peer_cert != NULL ) - { - mbedtls_x509_crt_free( handshake->ecrs_peer_cert ); - mbedtls_free( handshake->ecrs_peer_cert ); + mbedtls_x509_crt_restart_free(&handshake->ecrs_ctx); + if (handshake->ecrs_peer_cert != NULL) { + mbedtls_x509_crt_free(handshake->ecrs_peer_cert); + mbedtls_free(handshake->ecrs_peer_cert); } #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_pk_free( &handshake->peer_pubkey ); + mbedtls_pk_free(&handshake->peer_pubkey); #endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - mbedtls_free( handshake->verify_cookie ); - mbedtls_ssl_flight_free( handshake->flight ); - mbedtls_ssl_buffering_free( ssl ); + mbedtls_free(handshake->verify_cookie); + mbedtls_ssl_flight_free(handshake->flight); + mbedtls_ssl_buffering_free(ssl); #endif #if defined(MBEDTLS_ECDH_C) && \ defined(MBEDTLS_USE_PSA_CRYPTO) - psa_destroy_key( handshake->ecdh_psa_privkey ); + psa_destroy_key(handshake->ecdh_psa_privkey); #endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_platform_zeroize( handshake, - sizeof( mbedtls_ssl_handshake_params ) ); + mbedtls_platform_zeroize(handshake, + sizeof(mbedtls_ssl_handshake_params)); #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) /* If the buffers are too big - reallocate. Because of the way Mbed TLS * processes datagrams and the fact that a datagram is allowed to have * several records in it, it is possible that the I/O buffers are not * empty at this stage */ - handle_buffer_resizing( ssl, 1, mbedtls_ssl_get_input_buflen( ssl ), - mbedtls_ssl_get_output_buflen( ssl ) ); + handle_buffer_resizing(ssl, 1, mbedtls_ssl_get_input_buflen(ssl), + mbedtls_ssl_get_output_buflen(ssl)); #endif } -void mbedtls_ssl_session_free( mbedtls_ssl_session *session ) +void mbedtls_ssl_session_free(mbedtls_ssl_session *session) { - if( session == NULL ) + if (session == NULL) { return; + } #if defined(MBEDTLS_X509_CRT_PARSE_C) - ssl_clear_peer_cert( session ); + ssl_clear_peer_cert(session); #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - mbedtls_free( session->ticket ); + mbedtls_free(session->ticket); #endif - mbedtls_platform_zeroize( session, sizeof( mbedtls_ssl_session ) ); + mbedtls_platform_zeroize(session, sizeof(mbedtls_ssl_session)); } #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) @@ -6242,22 +6126,25 @@ void mbedtls_ssl_session_free( mbedtls_ssl_session *session ) #define SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT 3 #define SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG \ - ( (uint32_t) ( \ - ( SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID << SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT ) | \ - ( SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT << SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT ) | \ - ( SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY << SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT ) | \ - ( SSL_SERIALIZED_CONTEXT_CONFIG_ALPN << SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT ) | \ - 0u ) ) + ((uint32_t) ( \ + (SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID << \ + SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT) | \ + (SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT << \ + SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT) | \ + (SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY << \ + SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT) | \ + (SSL_SERIALIZED_CONTEXT_CONFIG_ALPN << SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT) | \ + 0u)) static unsigned char ssl_serialized_context_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - MBEDTLS_BYTE_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_BYTE_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_BYTE_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), - MBEDTLS_BYTE_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), - MBEDTLS_BYTE_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1(SSL_SERIALIZED_SESSION_CONFIG_BITFLAG), + MBEDTLS_BYTE_0(SSL_SERIALIZED_SESSION_CONFIG_BITFLAG), + MBEDTLS_BYTE_2(SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG), + MBEDTLS_BYTE_1(SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG), + MBEDTLS_BYTE_0(SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG), }; /* @@ -6298,10 +6185,10 @@ static unsigned char ssl_serialized_context_header[] = { * 4. value was temporary (eg content of input buffer) * 5. value will be provided by the user again (eg I/O callbacks and context) */ -int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t buf_len, - size_t *olen ) +int mbedtls_ssl_context_save(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t buf_len, + size_t *olen) { unsigned char *p = buf; size_t used = 0; @@ -6317,94 +6204,84 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, * (only DTLS) but are currently used to simplify the implementation. */ /* The initial handshake must be over */ - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Initial handshake isn't over" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Initial handshake isn't over")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( ssl->handshake != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Handshake isn't completed" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->handshake != NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Handshake isn't completed")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* Double-check that sub-structures are indeed ready */ - if( ssl->transform == NULL || ssl->session == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Serialised structures aren't ready" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->transform == NULL || ssl->session == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Serialised structures aren't ready")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* There must be no pending incoming or outgoing data */ - if( mbedtls_ssl_check_pending( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "There is pending incoming data" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (mbedtls_ssl_check_pending(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("There is pending incoming data")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( ssl->out_left != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "There is pending outgoing data" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->out_left != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("There is pending outgoing data")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* Protocol must be DTLS, not TLS */ - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Only DTLS is supported" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Only DTLS is supported")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* Version must be 1.2 */ - if( ssl->major_ver != MBEDTLS_SSL_MAJOR_VERSION_3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Only version 1.2 supported" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->major_ver != MBEDTLS_SSL_MAJOR_VERSION_3) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Only version 1.2 supported")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Only version 1.2 supported" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Only version 1.2 supported")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* We must be using an AEAD ciphersuite */ - if( mbedtls_ssl_transform_uses_aead( ssl->transform ) != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Only AEAD ciphersuites supported" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (mbedtls_ssl_transform_uses_aead(ssl->transform) != 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Only AEAD ciphersuites supported")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* Renegotiation must not be enabled */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Renegotiation must not be enabled" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Renegotiation must not be enabled")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } #endif /* * Version and format identifier */ - used += sizeof( ssl_serialized_context_header ); + used += sizeof(ssl_serialized_context_header); - if( used <= buf_len ) - { - memcpy( p, ssl_serialized_context_header, - sizeof( ssl_serialized_context_header ) ); - p += sizeof( ssl_serialized_context_header ); + if (used <= buf_len) { + memcpy(p, ssl_serialized_context_header, + sizeof(ssl_serialized_context_header)); + p += sizeof(ssl_serialized_context_header); } /* * Session (length + data) */ - ret = ssl_session_save( ssl->session, 1, NULL, 0, &session_len ); - if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ) - return( ret ); + ret = ssl_session_save(ssl->session, 1, NULL, 0, &session_len); + if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { + return ret; + } used += 4 + session_len; - if( used <= buf_len ) - { - MBEDTLS_PUT_UINT32_BE( session_len, p, 0 ); + if (used <= buf_len) { + MBEDTLS_PUT_UINT32_BE(session_len, p, 0); p += 4; - ret = ssl_session_save( ssl->session, 1, - p, session_len, &session_len ); - if( ret != 0 ) - return( ret ); + ret = ssl_session_save(ssl->session, 1, + p, session_len, &session_len); + if (ret != 0) { + return ret; + } p += session_len; } @@ -6412,24 +6289,22 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, /* * Transform */ - used += sizeof( ssl->transform->randbytes ); - if( used <= buf_len ) - { - memcpy( p, ssl->transform->randbytes, - sizeof( ssl->transform->randbytes ) ); - p += sizeof( ssl->transform->randbytes ); + used += sizeof(ssl->transform->randbytes); + if (used <= buf_len) { + memcpy(p, ssl->transform->randbytes, + sizeof(ssl->transform->randbytes)); + p += sizeof(ssl->transform->randbytes); } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) used += 2 + ssl->transform->in_cid_len + ssl->transform->out_cid_len; - if( used <= buf_len ) - { + if (used <= buf_len) { *p++ = ssl->transform->in_cid_len; - memcpy( p, ssl->transform->in_cid, ssl->transform->in_cid_len ); + memcpy(p, ssl->transform->in_cid, ssl->transform->in_cid_len); p += ssl->transform->in_cid_len; *p++ = ssl->transform->out_cid_len; - memcpy( p, ssl->transform->out_cid, ssl->transform->out_cid_len ); + memcpy(p, ssl->transform->out_cid, ssl->transform->out_cid_len); p += ssl->transform->out_cid_len; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -6439,45 +6314,40 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, */ #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) used += 4; - if( used <= buf_len ) - { - MBEDTLS_PUT_UINT32_BE( ssl->badmac_seen, p, 0 ); + if (used <= buf_len) { + MBEDTLS_PUT_UINT32_BE(ssl->badmac_seen, p, 0); p += 4; } #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) used += 16; - if( used <= buf_len ) - { - MBEDTLS_PUT_UINT64_BE( ssl->in_window_top, p, 0 ); + if (used <= buf_len) { + MBEDTLS_PUT_UINT64_BE(ssl->in_window_top, p, 0); p += 8; - MBEDTLS_PUT_UINT64_BE( ssl->in_window, p, 0 ); + MBEDTLS_PUT_UINT64_BE(ssl->in_window, p, 0); p += 8; } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ #if defined(MBEDTLS_SSL_PROTO_DTLS) used += 1; - if( used <= buf_len ) - { + if (used <= buf_len) { *p++ = ssl->disable_datagram_packing; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ used += 8; - if( used <= buf_len ) - { - memcpy( p, ssl->cur_out_ctr, 8 ); + if (used <= buf_len) { + memcpy(p, ssl->cur_out_ctr, 8); p += 8; } #if defined(MBEDTLS_SSL_PROTO_DTLS) used += 2; - if( used <= buf_len ) - { - MBEDTLS_PUT_UINT16_BE( ssl->mtu, p, 0 ); + if (used <= buf_len) { + MBEDTLS_PUT_UINT16_BE(ssl->mtu, p, 0); p += 2; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -6485,17 +6355,15 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_ALPN) { const uint8_t alpn_len = ssl->alpn_chosen - ? (uint8_t) strlen( ssl->alpn_chosen ) + ? (uint8_t) strlen(ssl->alpn_chosen) : 0; used += 1 + alpn_len; - if( used <= buf_len ) - { + if (used <= buf_len) { *p++ = alpn_len; - if( ssl->alpn_chosen != NULL ) - { - memcpy( p, ssl->alpn_chosen, alpn_len ); + if (ssl->alpn_chosen != NULL) { + memcpy(p, ssl->alpn_chosen, alpn_len); p += alpn_len; } } @@ -6507,12 +6375,13 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, */ *olen = used; - if( used > buf_len ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (used > buf_len) { + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + } - MBEDTLS_SSL_DEBUG_BUF( 4, "saved context", buf, used ); + MBEDTLS_SSL_DEBUG_BUF(4, "saved context", buf, used); - return( mbedtls_ssl_session_reset_int( ssl, 0 ) ); + return mbedtls_ssl_session_reset_int(ssl, 0); } /* @@ -6521,34 +6390,36 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, */ #if defined(MBEDTLS_SHA256_C) || \ (defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)) -typedef int (*tls_prf_fn)( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ); -static tls_prf_fn ssl_tls12prf_from_cs( int ciphersuite_id ) +typedef int (*tls_prf_fn)(const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen); +static tls_prf_fn ssl_tls12prf_from_cs(int ciphersuite_id) { const mbedtls_ssl_ciphersuite_t * const ciphersuite_info = - mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); + mbedtls_ssl_ciphersuite_from_id(ciphersuite_id); - if( ciphersuite_info == NULL ) - return( NULL ); + if (ciphersuite_info == NULL) { + return NULL; + } #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) - if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) - return( tls_prf_sha384 ); - else + if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { + return tls_prf_sha384; + } else #endif #if defined(MBEDTLS_SHA256_C) { - if( ciphersuite_info->mac == MBEDTLS_MD_SHA256 ) - return( tls_prf_sha256 ); + if (ciphersuite_info->mac == MBEDTLS_MD_SHA256) { + return tls_prf_sha256; + } } #endif #if !defined(MBEDTLS_SHA256_C) && \ (!defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA512_NO_SHA384)) (void) ciphersuite_info; #endif - return( NULL ); + return NULL; } #endif /* MBEDTLS_SHA256_C || @@ -6561,9 +6432,9 @@ static tls_prf_fn ssl_tls12prf_from_cs( int ciphersuite_id ) * case of error. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_context_load( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +static int ssl_context_load(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { const unsigned char *p = buf; const unsigned char * const end = buf + len; @@ -6577,17 +6448,16 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, * (Checking session is useful because it won't be NULL if we're * renegotiating, or if the user mistakenly loaded a session first.) */ - if( ssl->state != MBEDTLS_SSL_HELLO_REQUEST || - ssl->session != NULL ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->state != MBEDTLS_SSL_HELLO_REQUEST || + ssl->session != NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* * We can't check that the config matches the initial one, but we can at * least check it matches the requirements for serializing. */ - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || ssl->conf->max_major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || ssl->conf->min_major_ver > MBEDTLS_SSL_MAJOR_VERSION_3 || ssl->conf->max_minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 || @@ -6595,36 +6465,36 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED || #endif - 0 ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + 0) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - MBEDTLS_SSL_DEBUG_BUF( 4, "context to load", buf, len ); + MBEDTLS_SSL_DEBUG_BUF(4, "context to load", buf, len); /* * Check version identifier */ - if( (size_t)( end - p ) < sizeof( ssl_serialized_context_header ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < sizeof(ssl_serialized_context_header)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( memcmp( p, ssl_serialized_context_header, - sizeof( ssl_serialized_context_header ) ) != 0 ) - { - return( MBEDTLS_ERR_SSL_VERSION_MISMATCH ); + if (memcmp(p, ssl_serialized_context_header, + sizeof(ssl_serialized_context_header)) != 0) { + return MBEDTLS_ERR_SSL_VERSION_MISMATCH; } - p += sizeof( ssl_serialized_context_header ); + p += sizeof(ssl_serialized_context_header); /* * Session */ - if( (size_t)( end - p ) < 4 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 4) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - session_len = ( (size_t) p[0] << 24 ) | - ( (size_t) p[1] << 16 ) | - ( (size_t) p[2] << 8 ) | - ( (size_t) p[3] ); + session_len = ((size_t) p[0] << 24) | + ((size_t) p[1] << 16) | + ((size_t) p[2] << 8) | + ((size_t) p[3]); p += 4; /* This has been allocated by ssl_handshake_init(), called by @@ -6634,14 +6504,14 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, ssl->session_out = ssl->session; ssl->session_negotiate = NULL; - if( (size_t)( end - p ) < session_len ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < session_len) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ret = ssl_session_load( ssl->session, 1, p, session_len ); - if( ret != 0 ) - { - mbedtls_ssl_session_free( ssl->session ); - return( ret ); + ret = ssl_session_load(ssl->session, 1, p, session_len); + if (ret != 0) { + mbedtls_ssl_session_free(ssl->session); + return ret; } p += session_len; @@ -6657,57 +6527,63 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, ssl->transform_out = ssl->transform; ssl->transform_negotiate = NULL; - prf_func = ssl_tls12prf_from_cs( ssl->session->ciphersuite ); - if( prf_func == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + prf_func = ssl_tls12prf_from_cs(ssl->session->ciphersuite); + if (prf_func == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } /* Read random bytes and populate structure */ - if( (size_t)( end - p ) < sizeof( ssl->transform->randbytes ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < sizeof(ssl->transform->randbytes)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ret = ssl_populate_transform( ssl->transform, - ssl->session->ciphersuite, - ssl->session->master, + ret = ssl_populate_transform(ssl->transform, + ssl->session->ciphersuite, + ssl->session->master, #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - ssl->session->encrypt_then_mac, + ssl->session->encrypt_then_mac, #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - ssl->session->trunc_hmac, + ssl->session->trunc_hmac, #endif #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #if defined(MBEDTLS_ZLIB_SUPPORT) - ssl->session->compression, + ssl->session->compression, #endif - prf_func, - p, /* currently pointing to randbytes */ - MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */ - ssl->conf->endpoint, - ssl ); - if( ret != 0 ) - return( ret ); + prf_func, + p, /* currently pointing to randbytes */ + MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */ + ssl->conf->endpoint, + ssl); + if (ret != 0) { + return ret; + } - p += sizeof( ssl->transform->randbytes ); + p += sizeof(ssl->transform->randbytes); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) /* Read connection IDs and store them */ - if( (size_t)( end - p ) < 1 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 1) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } ssl->transform->in_cid_len = *p++; - if( (size_t)( end - p ) < ssl->transform->in_cid_len + 1u ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < ssl->transform->in_cid_len + 1u) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - memcpy( ssl->transform->in_cid, p, ssl->transform->in_cid_len ); + memcpy(ssl->transform->in_cid, p, ssl->transform->in_cid_len); p += ssl->transform->in_cid_len; ssl->transform->out_cid_len = *p++; - if( (size_t)( end - p ) < ssl->transform->out_cid_len ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < ssl->transform->out_cid_len) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - memcpy( ssl->transform->out_cid, p, ssl->transform->out_cid_len ); + memcpy(ssl->transform->out_cid, p, ssl->transform->out_cid_len); p += ssl->transform->out_cid_len; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -6715,59 +6591,64 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, * Saved fields from top-level ssl_context structure */ #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - if( (size_t)( end - p ) < 4 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 4) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ssl->badmac_seen = ( (uint32_t) p[0] << 24 ) | - ( (uint32_t) p[1] << 16 ) | - ( (uint32_t) p[2] << 8 ) | - ( (uint32_t) p[3] ); + ssl->badmac_seen = ((uint32_t) p[0] << 24) | + ((uint32_t) p[1] << 16) | + ((uint32_t) p[2] << 8) | + ((uint32_t) p[3]); p += 4; #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( (size_t)( end - p ) < 16 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - ssl->in_window_top = ( (uint64_t) p[0] << 56 ) | - ( (uint64_t) p[1] << 48 ) | - ( (uint64_t) p[2] << 40 ) | - ( (uint64_t) p[3] << 32 ) | - ( (uint64_t) p[4] << 24 ) | - ( (uint64_t) p[5] << 16 ) | - ( (uint64_t) p[6] << 8 ) | - ( (uint64_t) p[7] ); + if ((size_t) (end - p) < 16) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + ssl->in_window_top = ((uint64_t) p[0] << 56) | + ((uint64_t) p[1] << 48) | + ((uint64_t) p[2] << 40) | + ((uint64_t) p[3] << 32) | + ((uint64_t) p[4] << 24) | + ((uint64_t) p[5] << 16) | + ((uint64_t) p[6] << 8) | + ((uint64_t) p[7]); p += 8; - ssl->in_window = ( (uint64_t) p[0] << 56 ) | - ( (uint64_t) p[1] << 48 ) | - ( (uint64_t) p[2] << 40 ) | - ( (uint64_t) p[3] << 32 ) | - ( (uint64_t) p[4] << 24 ) | - ( (uint64_t) p[5] << 16 ) | - ( (uint64_t) p[6] << 8 ) | - ( (uint64_t) p[7] ); + ssl->in_window = ((uint64_t) p[0] << 56) | + ((uint64_t) p[1] << 48) | + ((uint64_t) p[2] << 40) | + ((uint64_t) p[3] << 32) | + ((uint64_t) p[4] << 24) | + ((uint64_t) p[5] << 16) | + ((uint64_t) p[6] << 8) | + ((uint64_t) p[7]); p += 8; #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( (size_t)( end - p ) < 1 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 1) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } ssl->disable_datagram_packing = *p++; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( (size_t)( end - p ) < 8 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 8) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - memcpy( ssl->cur_out_ctr, p, 8 ); + memcpy(ssl->cur_out_ctr, p, 8); p += 8; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( (size_t)( end - p ) < 2 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 2) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ssl->mtu = ( p[0] << 8 ) | p[1]; + ssl->mtu = (p[0] << 8) | p[1]; p += 2; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -6776,19 +6657,17 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, uint8_t alpn_len; const char **cur; - if( (size_t)( end - p ) < 1 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 1) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } alpn_len = *p++; - if( alpn_len != 0 && ssl->conf->alpn_list != NULL ) - { + if (alpn_len != 0 && ssl->conf->alpn_list != NULL) { /* alpn_chosen should point to an item in the configured list */ - for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) - { - if( strlen( *cur ) == alpn_len && - memcmp( p, cur, alpn_len ) == 0 ) - { + for (cur = ssl->conf->alpn_list; *cur != NULL; cur++) { + if (strlen(*cur) == alpn_len && + memcmp(p, cur, alpn_len) == 0) { ssl->alpn_chosen = *cur; break; } @@ -6796,8 +6675,9 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, } /* can only happen on conf mismatch */ - if( alpn_len != 0 && ssl->alpn_chosen == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (alpn_len != 0 && ssl->alpn_chosen == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } p += alpn_len; } @@ -6816,7 +6696,7 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, /* Adjust pointers for header fields of outgoing records to * the given transform, accounting for explicit IV and CID. */ - mbedtls_ssl_update_out_pointers( ssl, ssl->transform ); + mbedtls_ssl_update_out_pointers(ssl, ssl->transform); #if defined(MBEDTLS_SSL_PROTO_DTLS) ssl->in_epoch = 1; @@ -6826,137 +6706,131 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, * which we don't want - otherwise we'd end up freeing the wrong transform * by calling mbedtls_ssl_handshake_wrapup_free_hs_transform() * inappropriately. */ - if( ssl->handshake != NULL ) - { - mbedtls_ssl_handshake_free( ssl ); - mbedtls_free( ssl->handshake ); + if (ssl->handshake != NULL) { + mbedtls_ssl_handshake_free(ssl); + mbedtls_free(ssl->handshake); ssl->handshake = NULL; } /* * Done - should have consumed entire buffer */ - if( p != end ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (p != end) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - return( 0 ); + return 0; } /* * Deserialize context: public wrapper for error cleaning */ -int mbedtls_ssl_context_load( mbedtls_ssl_context *context, - const unsigned char *buf, - size_t len ) +int mbedtls_ssl_context_load(mbedtls_ssl_context *context, + const unsigned char *buf, + size_t len) { - int ret = ssl_context_load( context, buf, len ); + int ret = ssl_context_load(context, buf, len); - if( ret != 0 ) - mbedtls_ssl_free( context ); + if (ret != 0) { + mbedtls_ssl_free(context); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ /* * Free an SSL context */ -void mbedtls_ssl_free( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_free(mbedtls_ssl_context *ssl) { - if( ssl == NULL ) + if (ssl == NULL) { return; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> free" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> free")); - if( ssl->out_buf != NULL ) - { + if (ssl->out_buf != NULL) { #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) size_t out_buf_len = ssl->out_buf_len; #else size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN; #endif - mbedtls_platform_zeroize( ssl->out_buf, out_buf_len ); - mbedtls_free( ssl->out_buf ); + mbedtls_platform_zeroize(ssl->out_buf, out_buf_len); + mbedtls_free(ssl->out_buf); ssl->out_buf = NULL; } - if( ssl->in_buf != NULL ) - { + if (ssl->in_buf != NULL) { #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) size_t in_buf_len = ssl->in_buf_len; #else size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; #endif - mbedtls_platform_zeroize( ssl->in_buf, in_buf_len ); - mbedtls_free( ssl->in_buf ); + mbedtls_platform_zeroize(ssl->in_buf, in_buf_len); + mbedtls_free(ssl->in_buf); ssl->in_buf = NULL; } #if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->compress_buf != NULL ) - { - mbedtls_platform_zeroize( ssl->compress_buf, MBEDTLS_SSL_COMPRESS_BUFFER_LEN ); - mbedtls_free( ssl->compress_buf ); + if (ssl->compress_buf != NULL) { + mbedtls_platform_zeroize(ssl->compress_buf, MBEDTLS_SSL_COMPRESS_BUFFER_LEN); + mbedtls_free(ssl->compress_buf); } #endif - if( ssl->transform ) - { - mbedtls_ssl_transform_free( ssl->transform ); - mbedtls_free( ssl->transform ); + if (ssl->transform) { + mbedtls_ssl_transform_free(ssl->transform); + mbedtls_free(ssl->transform); } - if( ssl->handshake ) - { - mbedtls_ssl_handshake_free( ssl ); - mbedtls_ssl_transform_free( ssl->transform_negotiate ); - mbedtls_ssl_session_free( ssl->session_negotiate ); + if (ssl->handshake) { + mbedtls_ssl_handshake_free(ssl); + mbedtls_ssl_transform_free(ssl->transform_negotiate); + mbedtls_ssl_session_free(ssl->session_negotiate); - mbedtls_free( ssl->handshake ); - mbedtls_free( ssl->transform_negotiate ); - mbedtls_free( ssl->session_negotiate ); + mbedtls_free(ssl->handshake); + mbedtls_free(ssl->transform_negotiate); + mbedtls_free(ssl->session_negotiate); } - if( ssl->session ) - { - mbedtls_ssl_session_free( ssl->session ); - mbedtls_free( ssl->session ); + if (ssl->session) { + mbedtls_ssl_session_free(ssl->session); + mbedtls_free(ssl->session); } #if defined(MBEDTLS_X509_CRT_PARSE_C) - if( ssl->hostname != NULL ) - { - mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) ); - mbedtls_free( ssl->hostname ); + if (ssl->hostname != NULL) { + mbedtls_platform_zeroize(ssl->hostname, strlen(ssl->hostname)); + mbedtls_free(ssl->hostname); } #endif #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_finish != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_finish()" ) ); - mbedtls_ssl_hw_record_finish( ssl ); + if (mbedtls_ssl_hw_record_finish != NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_finish()")); + mbedtls_ssl_hw_record_finish(ssl); } #endif #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) - mbedtls_free( ssl->cli_id ); + mbedtls_free(ssl->cli_id); #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= free" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= free")); /* Actually clear after last debug message */ - mbedtls_platform_zeroize( ssl, sizeof( mbedtls_ssl_context ) ); + mbedtls_platform_zeroize(ssl, sizeof(mbedtls_ssl_context)); } /* * Initialize mbedtls_ssl_config */ -void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ) +void mbedtls_ssl_config_init(mbedtls_ssl_config *conf) { - memset( conf, 0, sizeof( mbedtls_ssl_config ) ); + memset(conf, 0, sizeof(mbedtls_ssl_config)); } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) @@ -7007,8 +6881,8 @@ static mbedtls_ecp_group_id ssl_preset_suiteb_curves[] = { /* * Load default in mbedtls_ssl_config */ -int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, - int endpoint, int transport, int preset ) +int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf, + int endpoint, int transport, int preset) { #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -7016,15 +6890,14 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, /* Use the functions here so that they are covered in tests, * but otherwise access member directly for efficiency */ - mbedtls_ssl_conf_endpoint( conf, endpoint ); - mbedtls_ssl_conf_transport( conf, transport ); + mbedtls_ssl_conf_endpoint(conf, endpoint); + mbedtls_ssl_conf_transport(conf, transport); /* * Things that are common to all presets */ #if defined(MBEDTLS_SSL_CLI_C) - if( endpoint == MBEDTLS_SSL_IS_CLIENT ) - { + if (endpoint == MBEDTLS_SSL_IS_CLIENT) { conf->authmode = MBEDTLS_SSL_VERIFY_REQUIRED; #if defined(MBEDTLS_SSL_SESSION_TICKETS) conf->session_tickets = MBEDTLS_SSL_SESSION_TICKETS_ENABLED; @@ -7068,32 +6941,29 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_RENEGOTIATION) conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT; - memset( conf->renego_period, 0x00, 2 ); - memset( conf->renego_period + 2, 0xFF, 6 ); + memset(conf->renego_period, 0x00, 2); + memset(conf->renego_period + 2, 0xFF, 6); #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) - if( endpoint == MBEDTLS_SSL_IS_SERVER ) - { - const unsigned char dhm_p[] = - MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN; - const unsigned char dhm_g[] = - MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN; - - if ( ( ret = mbedtls_ssl_conf_dh_param_bin( conf, - dhm_p, sizeof( dhm_p ), - dhm_g, sizeof( dhm_g ) ) ) != 0 ) - { - return( ret ); - } - } + if (endpoint == MBEDTLS_SSL_IS_SERVER) { + const unsigned char dhm_p[] = + MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN; + const unsigned char dhm_g[] = + MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN; + + if ((ret = mbedtls_ssl_conf_dh_param_bin(conf, + dhm_p, sizeof(dhm_p), + dhm_g, sizeof(dhm_g))) != 0) { + return ret; + } + } #endif /* * Preset-specific defaults */ - switch( preset ) - { + switch (preset) { /* * NSA Suite B */ @@ -7104,10 +6974,10 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = - ssl_preset_suiteb_ciphersuites; + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = + ssl_preset_suiteb_ciphersuites; #if defined(MBEDTLS_X509_CRT_PARSE_C) conf->cert_profile = &mbedtls_x509_crt_profile_suiteb; @@ -7126,27 +6996,28 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, * Default */ default: - conf->min_major_ver = ( MBEDTLS_SSL_MIN_MAJOR_VERSION > - MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION ) ? - MBEDTLS_SSL_MIN_MAJOR_VERSION : - MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION; - conf->min_minor_ver = ( MBEDTLS_SSL_MIN_MINOR_VERSION > - MBEDTLS_SSL_MIN_VALID_MINOR_VERSION ) ? - MBEDTLS_SSL_MIN_MINOR_VERSION : - MBEDTLS_SSL_MIN_VALID_MINOR_VERSION; + conf->min_major_ver = (MBEDTLS_SSL_MIN_MAJOR_VERSION > + MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION) ? + MBEDTLS_SSL_MIN_MAJOR_VERSION : + MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION; + conf->min_minor_ver = (MBEDTLS_SSL_MIN_MINOR_VERSION > + MBEDTLS_SSL_MIN_VALID_MINOR_VERSION) ? + MBEDTLS_SSL_MIN_MINOR_VERSION : + MBEDTLS_SSL_MIN_VALID_MINOR_VERSION; conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2; + } #endif conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = - mbedtls_ssl_list_ciphersuites(); + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = + mbedtls_ssl_list_ciphersuites(); #if defined(MBEDTLS_X509_CRT_PARSE_C) conf->cert_profile = &mbedtls_x509_crt_profile_default; @@ -7165,89 +7036,88 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #endif } - return( 0 ); + return 0; } /* * Free mbedtls_ssl_config */ -void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ) +void mbedtls_ssl_config_free(mbedtls_ssl_config *conf) { #if defined(MBEDTLS_DHM_C) - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); + mbedtls_mpi_free(&conf->dhm_P); + mbedtls_mpi_free(&conf->dhm_G); #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( conf->psk != NULL ) - { - mbedtls_platform_zeroize( conf->psk, conf->psk_len ); - mbedtls_free( conf->psk ); + if (conf->psk != NULL) { + mbedtls_platform_zeroize(conf->psk, conf->psk_len); + mbedtls_free(conf->psk); conf->psk = NULL; conf->psk_len = 0; } - if( conf->psk_identity != NULL ) - { - mbedtls_platform_zeroize( conf->psk_identity, conf->psk_identity_len ); - mbedtls_free( conf->psk_identity ); + if (conf->psk_identity != NULL) { + mbedtls_platform_zeroize(conf->psk_identity, conf->psk_identity_len); + mbedtls_free(conf->psk_identity); conf->psk_identity = NULL; conf->psk_identity_len = 0; } #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) - ssl_key_cert_free( conf->key_cert ); + ssl_key_cert_free(conf->key_cert); #endif - mbedtls_platform_zeroize( conf, sizeof( mbedtls_ssl_config ) ); + mbedtls_platform_zeroize(conf, sizeof(mbedtls_ssl_config)); } #if defined(MBEDTLS_PK_C) && \ - ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C) ) + (defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C)) /* * Convert between MBEDTLS_PK_XXX and SSL_SIG_XXX */ -unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk ) +unsigned char mbedtls_ssl_sig_from_pk(mbedtls_pk_context *pk) { #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_can_do( pk, MBEDTLS_PK_RSA ) ) - return( MBEDTLS_SSL_SIG_RSA ); + if (mbedtls_pk_can_do(pk, MBEDTLS_PK_RSA)) { + return MBEDTLS_SSL_SIG_RSA; + } #endif #if defined(MBEDTLS_ECDSA_C) - if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECDSA ) ) - return( MBEDTLS_SSL_SIG_ECDSA ); + if (mbedtls_pk_can_do(pk, MBEDTLS_PK_ECDSA)) { + return MBEDTLS_SSL_SIG_ECDSA; + } #endif - return( MBEDTLS_SSL_SIG_ANON ); + return MBEDTLS_SSL_SIG_ANON; } -unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type ) +unsigned char mbedtls_ssl_sig_from_pk_alg(mbedtls_pk_type_t type) { - switch( type ) { + switch (type) { case MBEDTLS_PK_RSA: - return( MBEDTLS_SSL_SIG_RSA ); + return MBEDTLS_SSL_SIG_RSA; case MBEDTLS_PK_ECDSA: case MBEDTLS_PK_ECKEY: - return( MBEDTLS_SSL_SIG_ECDSA ); + return MBEDTLS_SSL_SIG_ECDSA; default: - return( MBEDTLS_SSL_SIG_ANON ); + return MBEDTLS_SSL_SIG_ANON; } } -mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ) +mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig) { - switch( sig ) - { + switch (sig) { #if defined(MBEDTLS_RSA_C) case MBEDTLS_SSL_SIG_RSA: - return( MBEDTLS_PK_RSA ); + return MBEDTLS_PK_RSA; #endif #if defined(MBEDTLS_ECDSA_C) case MBEDTLS_SSL_SIG_ECDSA: - return( MBEDTLS_PK_ECDSA ); + return MBEDTLS_PK_ECDSA; #endif default: - return( MBEDTLS_PK_NONE ); + return MBEDTLS_PK_NONE; } } #endif /* MBEDTLS_PK_C && ( MBEDTLS_RSA_C || MBEDTLS_ECDSA_C ) */ @@ -7256,35 +7126,35 @@ mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ) defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* Find an entry in a signature-hash set matching a given hash algorithm. */ -mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg ) +mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find(mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg) { - switch( sig_alg ) - { + switch (sig_alg) { case MBEDTLS_PK_RSA: - return( set->rsa ); + return set->rsa; case MBEDTLS_PK_ECDSA: - return( set->ecdsa ); + return set->ecdsa; default: - return( MBEDTLS_MD_NONE ); + return MBEDTLS_MD_NONE; } } /* Add a signature-hash-pair to a signature-hash set */ -void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg, - mbedtls_md_type_t md_alg ) +void mbedtls_ssl_sig_hash_set_add(mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg, + mbedtls_md_type_t md_alg) { - switch( sig_alg ) - { + switch (sig_alg) { case MBEDTLS_PK_RSA: - if( set->rsa == MBEDTLS_MD_NONE ) + if (set->rsa == MBEDTLS_MD_NONE) { set->rsa = md_alg; + } break; case MBEDTLS_PK_ECDSA: - if( set->ecdsa == MBEDTLS_MD_NONE ) + if (set->ecdsa == MBEDTLS_MD_NONE) { set->ecdsa = md_alg; + } break; default: @@ -7293,8 +7163,8 @@ void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, } /* Allow exactly one hash algorithm for each signature. */ -void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_md_type_t md_alg ) +void mbedtls_ssl_sig_hash_set_const_hash(mbedtls_ssl_sig_hash_set_t *set, + mbedtls_md_type_t md_alg) { set->rsa = md_alg; set->ecdsa = md_alg; @@ -7306,68 +7176,66 @@ void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, /* * Convert from MBEDTLS_SSL_HASH_XXX to MBEDTLS_MD_XXX */ -mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ) +mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash) { - switch( hash ) - { + switch (hash) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_SSL_HASH_MD5: - return( MBEDTLS_MD_MD5 ); + return MBEDTLS_MD_MD5; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_SSL_HASH_SHA1: - return( MBEDTLS_MD_SHA1 ); + return MBEDTLS_MD_SHA1; #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_SSL_HASH_SHA224: - return( MBEDTLS_MD_SHA224 ); + return MBEDTLS_MD_SHA224; case MBEDTLS_SSL_HASH_SHA256: - return( MBEDTLS_MD_SHA256 ); + return MBEDTLS_MD_SHA256; #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_SSL_HASH_SHA384: - return( MBEDTLS_MD_SHA384 ); + return MBEDTLS_MD_SHA384; #endif #if defined(MBEDTLS_SHA512_C) case MBEDTLS_SSL_HASH_SHA512: - return( MBEDTLS_MD_SHA512 ); + return MBEDTLS_MD_SHA512; #endif default: - return( MBEDTLS_MD_NONE ); + return MBEDTLS_MD_NONE; } } /* * Convert from MBEDTLS_MD_XXX to MBEDTLS_SSL_HASH_XXX */ -unsigned char mbedtls_ssl_hash_from_md_alg( int md ) +unsigned char mbedtls_ssl_hash_from_md_alg(int md) { - switch( md ) - { + switch (md) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( MBEDTLS_SSL_HASH_MD5 ); + return MBEDTLS_SSL_HASH_MD5; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( MBEDTLS_SSL_HASH_SHA1 ); + return MBEDTLS_SSL_HASH_SHA1; #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: - return( MBEDTLS_SSL_HASH_SHA224 ); + return MBEDTLS_SSL_HASH_SHA224; case MBEDTLS_MD_SHA256: - return( MBEDTLS_SSL_HASH_SHA256 ); + return MBEDTLS_SSL_HASH_SHA256; #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: - return( MBEDTLS_SSL_HASH_SHA384 ); + return MBEDTLS_SSL_HASH_SHA384; #endif #if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: - return( MBEDTLS_SSL_HASH_SHA512 ); + return MBEDTLS_SSL_HASH_SHA512; #endif default: - return( MBEDTLS_SSL_HASH_NONE ); + return MBEDTLS_SSL_HASH_NONE; } } @@ -7376,30 +7244,34 @@ unsigned char mbedtls_ssl_hash_from_md_alg( int md ) * Check if a curve proposed by the peer is in our list. * Return 0 if we're willing to use it, -1 otherwise. */ -int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ) +int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id) { const mbedtls_ecp_group_id *gid; - if( ssl->conf->curve_list == NULL ) - return( -1 ); + if (ssl->conf->curve_list == NULL) { + return -1; + } - for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) - if( *gid == grp_id ) - return( 0 ); + for (gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++) { + if (*gid == grp_id) { + return 0; + } + } - return( -1 ); + return -1; } /* * Same as mbedtls_ssl_check_curve() but takes a TLS ID for the curve. */ -int mbedtls_ssl_check_curve_tls_id( const mbedtls_ssl_context *ssl, uint16_t tls_id ) +int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_id) { const mbedtls_ecp_curve_info *curve_info = - mbedtls_ecp_curve_info_from_tls_id( tls_id ); - if( curve_info == NULL ) - return( -1 ); - return( mbedtls_ssl_check_curve( ssl, curve_info->grp_id ) ); + mbedtls_ecp_curve_info_from_tls_id(tls_id); + if (curve_info == NULL) { + return -1; + } + return mbedtls_ssl_check_curve(ssl, curve_info->grp_id); } #endif /* MBEDTLS_ECP_C */ @@ -7408,27 +7280,30 @@ int mbedtls_ssl_check_curve_tls_id( const mbedtls_ssl_context *ssl, uint16_t tls * Check if a hash proposed by the peer is in our list. * Return 0 if we're willing to use it, -1 otherwise. */ -int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl, - mbedtls_md_type_t md ) +int mbedtls_ssl_check_sig_hash(const mbedtls_ssl_context *ssl, + mbedtls_md_type_t md) { const int *cur; - if( ssl->conf->sig_hashes == NULL ) - return( -1 ); + if (ssl->conf->sig_hashes == NULL) { + return -1; + } - for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ ) - if( *cur == (int) md ) - return( 0 ); + for (cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++) { + if (*cur == (int) md) { + return 0; + } + } - return( -1 ); + return -1; } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, - const mbedtls_ssl_ciphersuite_t *ciphersuite, - int cert_endpoint, - uint32_t *flags ) +int mbedtls_ssl_check_cert_usage(const mbedtls_x509_crt *cert, + const mbedtls_ssl_ciphersuite_t *ciphersuite, + int cert_endpoint, + uint32_t *flags) { int ret = 0; #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) @@ -7447,11 +7322,9 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, #endif #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) - { + if (cert_endpoint == MBEDTLS_SSL_IS_SERVER) { /* Server part of the key exchange */ - switch( ciphersuite->key_exchange ) - { + switch (ciphersuite->key_exchange) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: usage = MBEDTLS_X509_KU_KEY_ENCIPHERMENT; @@ -7476,15 +7349,12 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, case MBEDTLS_KEY_EXCHANGE_ECJPAKE: usage = 0; } - } - else - { + } else { /* Client auth: we only implement rsa_sign and mbedtls_ecdsa_sign for now */ usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE; } - if( mbedtls_x509_crt_check_key_usage( cert, usage ) != 0 ) - { + if (mbedtls_x509_crt_check_key_usage(cert, usage) != 0) { *flags |= MBEDTLS_X509_BADCERT_KEY_USAGE; ret = -1; } @@ -7493,36 +7363,32 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, #endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) - if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) - { + if (cert_endpoint == MBEDTLS_SSL_IS_SERVER) { ext_oid = MBEDTLS_OID_SERVER_AUTH; - ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_SERVER_AUTH ); - } - else - { + ext_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_SERVER_AUTH); + } else { ext_oid = MBEDTLS_OID_CLIENT_AUTH; - ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_CLIENT_AUTH ); + ext_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_CLIENT_AUTH); } - if( mbedtls_x509_crt_check_extended_key_usage( cert, ext_oid, ext_len ) != 0 ) - { + if (mbedtls_x509_crt_check_extended_key_usage(cert, ext_oid, ext_len) != 0) { *flags |= MBEDTLS_X509_BADCERT_EXT_KEY_USAGE; ret = -1; } #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ - return( ret ); + return ret; } #endif /* MBEDTLS_X509_CRT_PARSE_C */ -int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) +int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md) { #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) + if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) { return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; + } - switch( md ) - { + switch (md) { #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) #if defined(MBEDTLS_MD5_C) case MBEDTLS_SSL_HASH_MD5: @@ -7559,16 +7425,16 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) -int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, - unsigned char *output, - unsigned char *data, size_t data_len ) +int mbedtls_ssl_get_key_exchange_md_ssl_tls(mbedtls_ssl_context *ssl, + unsigned char *output, + unsigned char *data, size_t data_len) { int ret = 0; mbedtls_md5_context mbedtls_md5; mbedtls_sha1_context mbedtls_sha1; - mbedtls_md5_init( &mbedtls_md5 ); - mbedtls_sha1_init( &mbedtls_sha1 ); + mbedtls_md5_init(&mbedtls_md5); + mbedtls_sha1_init(&mbedtls_sha1); /* * digitally-signed struct { @@ -7583,61 +7449,54 @@ int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, * SHA(ClientHello.random + ServerHello.random * + ServerParams); */ - if( ( ret = mbedtls_md5_starts_ret( &mbedtls_md5 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_starts_ret", ret ); + if ((ret = mbedtls_md5_starts_ret(&mbedtls_md5)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md5_starts_ret", ret); goto exit; } - if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, - ssl->handshake->randbytes, 64 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret ); + if ((ret = mbedtls_md5_update_ret(&mbedtls_md5, + ssl->handshake->randbytes, 64)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md5_update_ret", ret); goto exit; } - if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, data, data_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret ); + if ((ret = mbedtls_md5_update_ret(&mbedtls_md5, data, data_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md5_update_ret", ret); goto exit; } - if( ( ret = mbedtls_md5_finish_ret( &mbedtls_md5, output ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_finish_ret", ret ); + if ((ret = mbedtls_md5_finish_ret(&mbedtls_md5, output)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md5_finish_ret", ret); goto exit; } - if( ( ret = mbedtls_sha1_starts_ret( &mbedtls_sha1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_starts_ret", ret ); + if ((ret = mbedtls_sha1_starts_ret(&mbedtls_sha1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha1_starts_ret", ret); goto exit; } - if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, - ssl->handshake->randbytes, 64 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret ); + if ((ret = mbedtls_sha1_update_ret(&mbedtls_sha1, + ssl->handshake->randbytes, 64)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha1_update_ret", ret); goto exit; } - if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, data, - data_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret ); + if ((ret = mbedtls_sha1_update_ret(&mbedtls_sha1, data, + data_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha1_update_ret", ret); goto exit; } - if( ( ret = mbedtls_sha1_finish_ret( &mbedtls_sha1, - output + 16 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_finish_ret", ret ); + if ((ret = mbedtls_sha1_finish_ret(&mbedtls_sha1, + output + 16)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha1_finish_ret", ret); goto exit; } exit: - mbedtls_md5_free( &mbedtls_md5 ); - mbedtls_sha1_free( &mbedtls_sha1 ); + mbedtls_md5_free(&mbedtls_md5); + mbedtls_sha1_free(&mbedtls_sha1); - if( ret != 0 ) - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + if (ret != 0) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ @@ -7647,81 +7506,75 @@ int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_USE_PSA_CRYPTO) -int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, - unsigned char *hash, size_t *hashlen, - unsigned char *data, size_t data_len, - mbedtls_md_type_t md_alg ) +int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl, + unsigned char *hash, size_t *hashlen, + unsigned char *data, size_t data_len, + mbedtls_md_type_t md_alg) { psa_status_t status; psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; - psa_algorithm_t hash_alg = mbedtls_psa_translate_md( md_alg ); + psa_algorithm_t hash_alg = mbedtls_psa_translate_md(md_alg); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Perform PSA-based computation of digest of ServerKeyExchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Perform PSA-based computation of digest of ServerKeyExchange")); - if( ( status = psa_hash_setup( &hash_operation, - hash_alg ) ) != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_setup", status ); + if ((status = psa_hash_setup(&hash_operation, + hash_alg)) != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_RET(1, "psa_hash_setup", status); goto exit; } - if( ( status = psa_hash_update( &hash_operation, ssl->handshake->randbytes, - 64 ) ) != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status ); + if ((status = psa_hash_update(&hash_operation, ssl->handshake->randbytes, + 64)) != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_RET(1, "psa_hash_update", status); goto exit; } - if( ( status = psa_hash_update( &hash_operation, - data, data_len ) ) != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status ); + if ((status = psa_hash_update(&hash_operation, + data, data_len)) != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_RET(1, "psa_hash_update", status); goto exit; } - if( ( status = psa_hash_finish( &hash_operation, hash, PSA_HASH_MAX_SIZE, - hashlen ) ) != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_finish", status ); - goto exit; + if ((status = psa_hash_finish(&hash_operation, hash, PSA_HASH_MAX_SIZE, + hashlen)) != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_RET(1, "psa_hash_finish", status); + goto exit; } exit: - if( status != PSA_SUCCESS ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - switch( status ) - { + if (status != PSA_SUCCESS) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + switch (status) { case PSA_ERROR_NOT_SUPPORTED: - return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; case PSA_ERROR_BAD_STATE: /* Intentional fallthrough */ case PSA_ERROR_BUFFER_TOO_SMALL: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; case PSA_ERROR_INSUFFICIENT_MEMORY: - return( MBEDTLS_ERR_MD_ALLOC_FAILED ); + return MBEDTLS_ERR_MD_ALLOC_FAILED; default: - return( MBEDTLS_ERR_MD_HW_ACCEL_FAILED ); + return MBEDTLS_ERR_MD_HW_ACCEL_FAILED; } } - return( 0 ); + return 0; } #else -int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, - unsigned char *hash, size_t *hashlen, - unsigned char *data, size_t data_len, - mbedtls_md_type_t md_alg ) +int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl, + unsigned char *hash, size_t *hashlen, + unsigned char *data, size_t data_len, + mbedtls_md_type_t md_alg) { int ret = 0; mbedtls_md_context_t ctx; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - *hashlen = mbedtls_md_get_size( md_info ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_alg); + *hashlen = mbedtls_md_get_size(md_info); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Perform mbedtls-based computation of digest of ServerKeyExchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Perform mbedtls-based computation of digest of ServerKeyExchange")); - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); /* * digitally-signed struct { @@ -7730,40 +7583,36 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, * ServerDHParams params; * }; */ - if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret ); + if ((ret = mbedtls_md_setup(&ctx, md_info, 0)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_setup", ret); goto exit; } - if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_starts", ret ); + if ((ret = mbedtls_md_starts(&ctx)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_starts", ret); goto exit; } - if( ( ret = mbedtls_md_update( &ctx, ssl->handshake->randbytes, 64 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret ); + if ((ret = mbedtls_md_update(&ctx, ssl->handshake->randbytes, 64)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_update", ret); goto exit; } - if( ( ret = mbedtls_md_update( &ctx, data, data_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret ); + if ((ret = mbedtls_md_update(&ctx, data, data_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_update", ret); goto exit; } - if( ( ret = mbedtls_md_finish( &ctx, hash ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_finish", ret ); + if ((ret = mbedtls_md_finish(&ctx, hash)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_finish", ret); goto exit; } exit: - mbedtls_md_free( &ctx ); + mbedtls_md_free(&ctx); - if( ret != 0 ) - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + if (ret != 0) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + } - return( ret ); + return ret; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index cc68773d3a2b..675414885fba 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -29,11 +29,11 @@ #include #include -#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ +#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ .name = string, -#define TLS1_3_EVOLVE_INPUT_SIZE ( PSA_HASH_MAX_SIZE > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE ) ? \ - PSA_HASH_MAX_SIZE : PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE +#define TLS1_3_EVOLVE_INPUT_SIZE (PSA_HASH_MAX_SIZE > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) ? \ + PSA_HASH_MAX_SIZE : PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE struct mbedtls_ssl_tls1_3_labels_struct const mbedtls_ssl_tls1_3_labels = { @@ -81,29 +81,29 @@ struct mbedtls_ssl_tls1_3_labels_struct const mbedtls_ssl_tls1_3_labels = static const char tls1_3_label_prefix[6] = "tls13 "; -#define SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( label_len, context_len ) \ - ( 2 /* expansion length */ \ - + 1 /* label length */ \ - + label_len \ - + 1 /* context length */ \ - + context_len ) +#define SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN(label_len, context_len) \ + (2 /* expansion length */ \ + + 1 /* label length */ \ + + label_len \ + + 1 /* context length */ \ + + context_len) #define SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN \ SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( \ - sizeof(tls1_3_label_prefix) + \ - MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN, \ - MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN ) + sizeof(tls1_3_label_prefix) + \ + MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN, \ + MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN) static void ssl_tls1_3_hkdf_encode_label( - size_t desired_length, - const unsigned char *label, size_t llen, - const unsigned char *ctx, size_t clen, - unsigned char *dst, size_t *dlen ) + size_t desired_length, + const unsigned char *label, size_t llen, + const unsigned char *ctx, size_t clen, + unsigned char *dst, size_t *dlen) { size_t total_label_len = sizeof(tls1_3_label_prefix) + llen; size_t total_hkdf_lbl_len = - SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( total_label_len, clen ); + SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN(total_label_len, clen); unsigned char *p = dst; @@ -112,73 +112,72 @@ static void ssl_tls1_3_hkdf_encode_label( * TLS 1.3 HKDF key expansion to more than 255 Bytes. */ #if MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN > 255 #error "The implementation of ssl_tls1_3_hkdf_encode_label() is not fit for the \ - value of MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN" + value of MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN" #endif *p++ = 0; - *p++ = MBEDTLS_BYTE_0( desired_length ); + *p++ = MBEDTLS_BYTE_0(desired_length); /* Add label incl. prefix */ - *p++ = MBEDTLS_BYTE_0( total_label_len ); - memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) ); + *p++ = MBEDTLS_BYTE_0(total_label_len); + memcpy(p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix)); p += sizeof(tls1_3_label_prefix); - memcpy( p, label, llen ); + memcpy(p, label, llen); p += llen; /* Add context value */ - *p++ = MBEDTLS_BYTE_0( clen ); - if( clen != 0 ) - memcpy( p, ctx, clen ); + *p++ = MBEDTLS_BYTE_0(clen); + if (clen != 0) { + memcpy(p, ctx, clen); + } /* Return total length to the caller. */ *dlen = total_hkdf_lbl_len; } int mbedtls_ssl_tls1_3_hkdf_expand_label( - mbedtls_md_type_t hash_alg, - const unsigned char *secret, size_t slen, - const unsigned char *label, size_t llen, - const unsigned char *ctx, size_t clen, - unsigned char *buf, size_t blen ) + mbedtls_md_type_t hash_alg, + const unsigned char *secret, size_t slen, + const unsigned char *label, size_t llen, + const unsigned char *ctx, size_t clen, + unsigned char *buf, size_t blen) { const mbedtls_md_info_t *md; - unsigned char hkdf_label[ SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN ]; + unsigned char hkdf_label[SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN]; size_t hkdf_label_len; - if( llen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN ) - { + if (llen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN) { /* Should never happen since this is an internal * function, and we know statically which labels * are allowed. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - if( clen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN ) - { + if (clen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN) { /* Should not happen, as above. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - if( blen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN ) - { + if (blen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN) { /* Should not happen, as above. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - md = mbedtls_md_info_from_type( hash_alg ); - if( md == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + md = mbedtls_md_info_from_type(hash_alg); + if (md == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ssl_tls1_3_hkdf_encode_label( blen, - label, llen, - ctx, clen, - hkdf_label, - &hkdf_label_len ); + ssl_tls1_3_hkdf_encode_label(blen, + label, llen, + ctx, clen, + hkdf_label, + &hkdf_label_len); - return( mbedtls_hkdf_expand( md, - secret, slen, - hkdf_label, hkdf_label_len, - buf, blen ) ); + return mbedtls_hkdf_expand(md, + secret, slen, + hkdf_label, hkdf_label_len, + buf, blen); } /* @@ -198,156 +197,157 @@ int mbedtls_ssl_tls1_3_hkdf_expand_label( * keys in a single function call. */ int mbedtls_ssl_tls1_3_make_traffic_keys( - mbedtls_md_type_t hash_alg, - const unsigned char *client_secret, - const unsigned char *server_secret, - size_t slen, size_t key_len, size_t iv_len, - mbedtls_ssl_key_set *keys ) + mbedtls_md_type_t hash_alg, + const unsigned char *client_secret, + const unsigned char *server_secret, + size_t slen, size_t key_len, size_t iv_len, + mbedtls_ssl_key_set *keys) { int ret = 0; - ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg, - client_secret, slen, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( key ), - NULL, 0, - keys->client_write_key, key_len ); - if( ret != 0 ) - return( ret ); - - ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg, - server_secret, slen, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( key ), - NULL, 0, - keys->server_write_key, key_len ); - if( ret != 0 ) - return( ret ); - - ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg, - client_secret, slen, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( iv ), - NULL, 0, - keys->client_write_iv, iv_len ); - if( ret != 0 ) - return( ret ); - - ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg, - server_secret, slen, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( iv ), - NULL, 0, - keys->server_write_iv, iv_len ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg, + client_secret, slen, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(key), + NULL, 0, + keys->client_write_key, key_len); + if (ret != 0) { + return ret; + } + + ret = mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg, + server_secret, slen, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(key), + NULL, 0, + keys->server_write_key, key_len); + if (ret != 0) { + return ret; + } + + ret = mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg, + client_secret, slen, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(iv), + NULL, 0, + keys->client_write_iv, iv_len); + if (ret != 0) { + return ret; + } + + ret = mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg, + server_secret, slen, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(iv), + NULL, 0, + keys->server_write_iv, iv_len); + if (ret != 0) { + return ret; + } keys->key_len = key_len; keys->iv_len = iv_len; - return( 0 ); + return 0; } int mbedtls_ssl_tls1_3_derive_secret( - mbedtls_md_type_t hash_alg, - const unsigned char *secret, size_t slen, - const unsigned char *label, size_t llen, - const unsigned char *ctx, size_t clen, - int ctx_hashed, - unsigned char *dstbuf, size_t buflen ) + mbedtls_md_type_t hash_alg, + const unsigned char *secret, size_t slen, + const unsigned char *label, size_t llen, + const unsigned char *ctx, size_t clen, + int ctx_hashed, + unsigned char *dstbuf, size_t buflen) { int ret; - unsigned char hashed_context[ MBEDTLS_MD_MAX_SIZE ]; + unsigned char hashed_context[MBEDTLS_MD_MAX_SIZE]; const mbedtls_md_info_t *md; - md = mbedtls_md_info_from_type( hash_alg ); - if( md == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( ctx_hashed == MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED ) - { - ret = mbedtls_md( md, ctx, clen, hashed_context ); - if( ret != 0 ) - return( ret ); - clen = mbedtls_md_get_size( md ); + md = mbedtls_md_info_from_type(hash_alg); + if (md == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - else - { - if( clen > sizeof(hashed_context) ) - { + + if (ctx_hashed == MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED) { + ret = mbedtls_md(md, ctx, clen, hashed_context); + if (ret != 0) { + return ret; + } + clen = mbedtls_md_get_size(md); + } else { + if (clen > sizeof(hashed_context)) { /* This should never happen since this function is internal * and the code sets `ctx_hashed` correctly. * Let's double-check nonetheless to not run at the risk * of getting a stack overflow. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - memcpy( hashed_context, ctx, clen ); + memcpy(hashed_context, ctx, clen); } - return( mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg, - secret, slen, - label, llen, - hashed_context, clen, - dstbuf, buflen ) ); + return mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg, + secret, slen, + label, llen, + hashed_context, clen, + dstbuf, buflen); } int mbedtls_ssl_tls1_3_evolve_secret( - mbedtls_md_type_t hash_alg, - const unsigned char *secret_old, - const unsigned char *input, size_t input_len, - unsigned char *secret_new ) + mbedtls_md_type_t hash_alg, + const unsigned char *secret_old, + const unsigned char *input, size_t input_len, + unsigned char *secret_new) { int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; size_t hlen, ilen; - unsigned char tmp_secret[ PSA_MAC_MAX_SIZE ] = { 0 }; - unsigned char tmp_input [ TLS1_3_EVOLVE_INPUT_SIZE ] = { 0 }; + unsigned char tmp_secret[PSA_MAC_MAX_SIZE] = { 0 }; + unsigned char tmp_input[TLS1_3_EVOLVE_INPUT_SIZE] = { 0 }; const mbedtls_md_info_t *md; - md = mbedtls_md_info_from_type( hash_alg ); - if( md == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + md = mbedtls_md_info_from_type(hash_alg); + if (md == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - hlen = mbedtls_md_get_size( md ); + hlen = mbedtls_md_get_size(md); /* For non-initial runs, call Derive-Secret( ., "derived", "") * on the old secret. */ - if( secret_old != NULL ) - { + if (secret_old != NULL) { ret = mbedtls_ssl_tls1_3_derive_secret( - hash_alg, - secret_old, hlen, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( derived ), - NULL, 0, /* context */ - MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, - tmp_secret, hlen ); - if( ret != 0 ) + hash_alg, + secret_old, hlen, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(derived), + NULL, 0, /* context */ + MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, + tmp_secret, hlen); + if (ret != 0) { goto cleanup; + } } - if( input != NULL ) - { - memcpy( tmp_input, input, input_len ); + if (input != NULL) { + memcpy(tmp_input, input, input_len); ilen = input_len; - } - else - { + } else { ilen = hlen; } /* HKDF-Extract takes a salt and input key material. * The salt is the old secret, and the input key material * is the input secret (PSK / ECDHE). */ - ret = mbedtls_hkdf_extract( md, - tmp_secret, hlen, - tmp_input, ilen, - secret_new ); - if( ret != 0 ) + ret = mbedtls_hkdf_extract(md, + tmp_secret, hlen, + tmp_input, ilen, + secret_new); + if (ret != 0) { goto cleanup; + } ret = 0; - cleanup: +cleanup: - mbedtls_platform_zeroize( tmp_secret, sizeof(tmp_secret) ); - mbedtls_platform_zeroize( tmp_input, sizeof(tmp_input) ); - return( ret ); + mbedtls_platform_zeroize(tmp_secret, sizeof(tmp_secret)); + mbedtls_platform_zeroize(tmp_input, sizeof(tmp_input)); + return ret; } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index 7089049ce2c6..4c3b252fa2d5 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -23,46 +23,44 @@ * the point of use. See e.g. the definition of mbedtls_ssl_tls1_3_labels_union * below. */ #define MBEDTLS_SSL_TLS1_3_LABEL_LIST \ - MBEDTLS_SSL_TLS1_3_LABEL( finished , "finished" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( resumption , "resumption" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( traffic_upd , "traffic upd" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( exporter , "exporter" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( key , "key" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( iv , "iv" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( c_hs_traffic, "c hs traffic" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( c_ap_traffic, "c ap traffic" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( c_e_traffic , "c e traffic" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( s_hs_traffic, "s hs traffic" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( s_ap_traffic, "s ap traffic" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( s_e_traffic , "s e traffic" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( e_exp_master, "e exp master" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( res_master , "res master" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( exp_master , "exp master" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( ext_binder , "ext binder" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( res_binder , "res binder" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( derived , "derived" ) + MBEDTLS_SSL_TLS1_3_LABEL(finished, "finished") \ + MBEDTLS_SSL_TLS1_3_LABEL(resumption, "resumption") \ + MBEDTLS_SSL_TLS1_3_LABEL(traffic_upd, "traffic upd") \ + MBEDTLS_SSL_TLS1_3_LABEL(exporter, "exporter") \ + MBEDTLS_SSL_TLS1_3_LABEL(key, "key") \ + MBEDTLS_SSL_TLS1_3_LABEL(iv, "iv") \ + MBEDTLS_SSL_TLS1_3_LABEL(c_hs_traffic, "c hs traffic") \ + MBEDTLS_SSL_TLS1_3_LABEL(c_ap_traffic, "c ap traffic") \ + MBEDTLS_SSL_TLS1_3_LABEL(c_e_traffic, "c e traffic") \ + MBEDTLS_SSL_TLS1_3_LABEL(s_hs_traffic, "s hs traffic") \ + MBEDTLS_SSL_TLS1_3_LABEL(s_ap_traffic, "s ap traffic") \ + MBEDTLS_SSL_TLS1_3_LABEL(s_e_traffic, "s e traffic") \ + MBEDTLS_SSL_TLS1_3_LABEL(e_exp_master, "e exp master") \ + MBEDTLS_SSL_TLS1_3_LABEL(res_master, "res master") \ + MBEDTLS_SSL_TLS1_3_LABEL(exp_master, "exp master") \ + MBEDTLS_SSL_TLS1_3_LABEL(ext_binder, "ext binder") \ + MBEDTLS_SSL_TLS1_3_LABEL(res_binder, "res binder") \ + MBEDTLS_SSL_TLS1_3_LABEL(derived, "derived") -#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ - const unsigned char name [ sizeof(string) - 1 ]; +#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ + const unsigned char name [sizeof(string) - 1]; -union mbedtls_ssl_tls1_3_labels_union -{ +union mbedtls_ssl_tls1_3_labels_union { MBEDTLS_SSL_TLS1_3_LABEL_LIST }; -struct mbedtls_ssl_tls1_3_labels_struct -{ +struct mbedtls_ssl_tls1_3_labels_struct { MBEDTLS_SSL_TLS1_3_LABEL_LIST }; #undef MBEDTLS_SSL_TLS1_3_LABEL extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels; -#define MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( LABEL ) \ +#define MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(LABEL) \ mbedtls_ssl_tls1_3_labels.LABEL, \ sizeof(mbedtls_ssl_tls1_3_labels.LABEL) #define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN \ - sizeof( union mbedtls_ssl_tls1_3_labels_union ) + sizeof(union mbedtls_ssl_tls1_3_labels_union) /* The maximum length of HKDF contexts used in the TLS 1.3 standard. * Since contexts are always hashes of message transcripts, this can @@ -107,11 +105,11 @@ extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels; */ int mbedtls_ssl_tls1_3_hkdf_expand_label( - mbedtls_md_type_t hash_alg, - const unsigned char *secret, size_t slen, - const unsigned char *label, size_t llen, - const unsigned char *ctx, size_t clen, - unsigned char *buf, size_t blen ); + mbedtls_md_type_t hash_alg, + const unsigned char *secret, size_t slen, + const unsigned char *label, size_t llen, + const unsigned char *ctx, size_t clen, + unsigned char *buf, size_t blen); /** * \brief This function is part of the TLS 1.3 key schedule. @@ -143,11 +141,11 @@ int mbedtls_ssl_tls1_3_hkdf_expand_label( */ int mbedtls_ssl_tls1_3_make_traffic_keys( - mbedtls_md_type_t hash_alg, - const unsigned char *client_secret, - const unsigned char *server_secret, - size_t slen, size_t key_len, size_t iv_len, - mbedtls_ssl_key_set *keys ); + mbedtls_md_type_t hash_alg, + const unsigned char *client_secret, + const unsigned char *server_secret, + size_t slen, size_t key_len, size_t iv_len, + mbedtls_ssl_key_set *keys); #define MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED 0 @@ -191,12 +189,12 @@ int mbedtls_ssl_tls1_3_make_traffic_keys( * \returns A negative error code on failure. */ int mbedtls_ssl_tls1_3_derive_secret( - mbedtls_md_type_t hash_alg, - const unsigned char *secret, size_t slen, - const unsigned char *label, size_t llen, - const unsigned char *ctx, size_t clen, - int ctx_hashed, - unsigned char *dstbuf, size_t buflen ); + mbedtls_md_type_t hash_alg, + const unsigned char *secret, size_t slen, + const unsigned char *label, size_t llen, + const unsigned char *ctx, size_t clen, + int ctx_hashed, + unsigned char *dstbuf, size_t buflen); /** * \brief Compute the next secret in the TLS 1.3 key schedule @@ -266,9 +264,9 @@ int mbedtls_ssl_tls1_3_derive_secret( */ int mbedtls_ssl_tls1_3_evolve_secret( - mbedtls_md_type_t hash_alg, - const unsigned char *secret_old, - const unsigned char *input, size_t input_len, - unsigned char *secret_new ); + mbedtls_md_type_t hash_alg, + const unsigned char *secret_old, + const unsigned char *input, size_t input_len, + unsigned char *secret_new); #endif /* MBEDTLS_SSL_TLS1_3_KEYS_H */ diff --git a/library/threading.c b/library/threading.c index 5e0aaa4f21a8..0542f33f1aec 100644 --- a/library/threading.c +++ b/library/threading.c @@ -40,9 +40,9 @@ #endif /* !_WIN32 && (unix || __unix || __unix__ || * (__APPLE__ && __MACH__)) */ -#if !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ - ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ - _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) ) +#if !((defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L) || \ + (defined(_POSIX_THREAD_SAFE_FUNCTIONS) && \ + _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L)) /* * This is a convenience shorthand macro to avoid checking the long * preprocessor conditions above. Ideally, we could expose this macro in @@ -51,21 +51,22 @@ * we keep it private by only defining it in this file */ -#if ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) +#if !(defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)) #define THREADING_USE_GMTIME #endif /* ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) */ -#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ - ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ +#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ + ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) ) */ #endif /* MBEDTLS_HAVE_TIME_DATE && !MBEDTLS_PLATFORM_GMTIME_R_ALT */ #if defined(MBEDTLS_THREADING_PTHREAD) -static void threading_mutex_init_pthread( mbedtls_threading_mutex_t *mutex ) +static void threading_mutex_init_pthread(mbedtls_threading_mutex_t *mutex) { - if( mutex == NULL ) + if (mutex == NULL) { return; + } /* A nonzero value of is_valid indicates a successfully initialized * mutex. This is a workaround for not being able to return an error @@ -73,44 +74,49 @@ static void threading_mutex_init_pthread( mbedtls_threading_mutex_t *mutex ) * if is_valid is nonzero. The Mbed TLS unit test code uses this field * to distinguish more states of the mutex; see * tests/src/threading_helpers for details. */ - mutex->is_valid = pthread_mutex_init( &mutex->mutex, NULL ) == 0; + mutex->is_valid = pthread_mutex_init(&mutex->mutex, NULL) == 0; } -static void threading_mutex_free_pthread( mbedtls_threading_mutex_t *mutex ) +static void threading_mutex_free_pthread(mbedtls_threading_mutex_t *mutex) { - if( mutex == NULL || !mutex->is_valid ) + if (mutex == NULL || !mutex->is_valid) { return; + } - (void) pthread_mutex_destroy( &mutex->mutex ); + (void) pthread_mutex_destroy(&mutex->mutex); mutex->is_valid = 0; } -static int threading_mutex_lock_pthread( mbedtls_threading_mutex_t *mutex ) +static int threading_mutex_lock_pthread(mbedtls_threading_mutex_t *mutex) { - if( mutex == NULL || ! mutex->is_valid ) - return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA ); + if (mutex == NULL || !mutex->is_valid) { + return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; + } - if( pthread_mutex_lock( &mutex->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (pthread_mutex_lock(&mutex->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } - return( 0 ); + return 0; } -static int threading_mutex_unlock_pthread( mbedtls_threading_mutex_t *mutex ) +static int threading_mutex_unlock_pthread(mbedtls_threading_mutex_t *mutex) { - if( mutex == NULL || ! mutex->is_valid ) - return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA ); + if (mutex == NULL || !mutex->is_valid) { + return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; + } - if( pthread_mutex_unlock( &mutex->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (pthread_mutex_unlock(&mutex->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } - return( 0 ); + return 0; } -void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t * ) = threading_mutex_init_pthread; -void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t * ) = threading_mutex_free_pthread; -int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t * ) = threading_mutex_lock_pthread; -int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_unlock_pthread; +void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *) = threading_mutex_init_pthread; +void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *) = threading_mutex_free_pthread; +int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *) = threading_mutex_lock_pthread; +int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *) = threading_mutex_unlock_pthread; /* * With pthreads we can statically initialize mutexes @@ -120,29 +126,29 @@ int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_unl #endif /* MBEDTLS_THREADING_PTHREAD */ #if defined(MBEDTLS_THREADING_ALT) -static int threading_mutex_fail( mbedtls_threading_mutex_t *mutex ) +static int threading_mutex_fail(mbedtls_threading_mutex_t *mutex) { - ((void) mutex ); - return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA ); + ((void) mutex); + return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; } -static void threading_mutex_dummy( mbedtls_threading_mutex_t *mutex ) +static void threading_mutex_dummy(mbedtls_threading_mutex_t *mutex) { - ((void) mutex ); + ((void) mutex); return; } -void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t * ) = threading_mutex_dummy; -void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t * ) = threading_mutex_dummy; -int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t * ) = threading_mutex_fail; -int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_fail; +void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *) = threading_mutex_dummy; +void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *) = threading_mutex_dummy; +int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *) = threading_mutex_fail; +int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *) = threading_mutex_fail; /* * Set functions pointers and initialize global mutexes */ -void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ), - void (*mutex_free)( mbedtls_threading_mutex_t * ), - int (*mutex_lock)( mbedtls_threading_mutex_t * ), - int (*mutex_unlock)( mbedtls_threading_mutex_t * ) ) +void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *), + void (*mutex_free)(mbedtls_threading_mutex_t *), + int (*mutex_lock)(mbedtls_threading_mutex_t *), + int (*mutex_unlock)(mbedtls_threading_mutex_t *)) { mbedtls_mutex_init = mutex_init; mbedtls_mutex_free = mutex_free; @@ -150,23 +156,23 @@ void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * mbedtls_mutex_unlock = mutex_unlock; #if defined(MBEDTLS_FS_IO) - mbedtls_mutex_init( &mbedtls_threading_readdir_mutex ); + mbedtls_mutex_init(&mbedtls_threading_readdir_mutex); #endif #if defined(THREADING_USE_GMTIME) - mbedtls_mutex_init( &mbedtls_threading_gmtime_mutex ); + mbedtls_mutex_init(&mbedtls_threading_gmtime_mutex); #endif } /* * Free global mutexes */ -void mbedtls_threading_free_alt( void ) +void mbedtls_threading_free_alt(void) { #if defined(MBEDTLS_FS_IO) - mbedtls_mutex_free( &mbedtls_threading_readdir_mutex ); + mbedtls_mutex_free(&mbedtls_threading_readdir_mutex); #endif #if defined(THREADING_USE_GMTIME) - mbedtls_mutex_free( &mbedtls_threading_gmtime_mutex ); + mbedtls_mutex_free(&mbedtls_threading_gmtime_mutex); #endif } #endif /* MBEDTLS_THREADING_ALT */ diff --git a/library/timing.c b/library/timing.c index 7f559bebd57b..d4f9554ee359 100644 --- a/library/timing.c +++ b/library/timing.c @@ -44,8 +44,7 @@ #include #include -struct _hr_time -{ +struct _hr_time { LARGE_INTEGER start; }; @@ -58,75 +57,72 @@ struct _hr_time * platform matches the ifdefs above, it will be used. */ #include #include -struct _hr_time -{ +struct _hr_time { struct timeval start; }; #endif /* _WIN32 && !EFIX64 && !EFI32 */ #if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - ( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__) + (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long tsc; __asm rdtsc - __asm mov [tsc], eax - return( tsc ); + __asm mov[tsc], eax + return tsc; } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */ /* some versions of mingw-64 have 32-bit longs even on x84_64 */ #if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && ( defined(__i386__) || ( \ - ( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) ) + defined(__GNUC__) && (defined(__i386__) || ( \ + (defined(__amd64__) || defined(__x86_64__)) && __SIZEOF_LONG__ == 4)) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long lo, hi; - asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) ); - return( lo ); + asm volatile ("rdtsc" : "=a" (lo), "=d" (hi)); + return lo; } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __i386__ */ #if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && ( defined(__amd64__) || defined(__x86_64__) ) + defined(__GNUC__) && (defined(__amd64__) || defined(__x86_64__)) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long lo, hi; - asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) ); - return( lo | ( hi << 32 ) ); + asm volatile ("rdtsc" : "=a" (lo), "=d" (hi)); + return lo | (hi << 32); } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && ( __amd64__ || __x86_64__ ) */ #if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && ( defined(__powerpc__) || defined(__ppc__) ) + defined(__GNUC__) && (defined(__powerpc__) || defined(__ppc__)) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long tbl, tbu0, tbu1; - do - { - asm volatile( "mftbu %0" : "=r" (tbu0) ); - asm volatile( "mftb %0" : "=r" (tbl ) ); - asm volatile( "mftbu %0" : "=r" (tbu1) ); - } - while( tbu0 != tbu1 ); + do { + asm volatile ("mftbu %0" : "=r" (tbu0)); + asm volatile ("mftb %0" : "=r" (tbl)); + asm volatile ("mftbu %0" : "=r" (tbu1)); + } while (tbu0 != tbu1); - return( tbl ); + return tbl; } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && ( __powerpc__ || __ppc__ ) */ @@ -139,11 +135,11 @@ unsigned long mbedtls_timing_hardclock( void ) #else #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long tick; - asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) ); - return( tick ); + asm volatile ("rdpr %%tick, %0;" : "=&r" (tick)); + return tick; } #endif /* __OpenBSD__ */ #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && @@ -154,12 +150,12 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long tick; - asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" ); - asm volatile( "mov %%g1, %0" : "=r" (tick) ); - return( tick ); + asm volatile (".byte 0x83, 0x41, 0x00, 0x00"); + asm volatile ("mov %%g1, %0" : "=r" (tick)); + return tick; } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __sparc__ && !__sparc64__ */ @@ -169,11 +165,11 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long cc; - asm volatile( "rpcc %0" : "=r" (cc) ); - return( cc & 0xFFFFFFFF ); + asm volatile ("rpcc %0" : "=r" (cc)); + return cc & 0xFFFFFFFF; } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __alpha__ */ @@ -183,11 +179,11 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long itc; - asm volatile( "mov %0 = ar.itc" : "=r" (itc) ); - return( itc ); + asm volatile ("mov %0 = ar.itc" : "=r" (itc)); + return itc; } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __ia64__ */ @@ -197,13 +193,13 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { LARGE_INTEGER offset; - QueryPerformanceCounter( &offset ); + QueryPerformanceCounter(&offset); - return( (unsigned long)( offset.QuadPart ) ); + return (unsigned long) (offset.QuadPart); } #endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */ @@ -214,19 +210,18 @@ unsigned long mbedtls_timing_hardclock( void ) static int hardclock_init = 0; static struct timeval tv_init; -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { struct timeval tv_cur; - if( hardclock_init == 0 ) - { - gettimeofday( &tv_init, NULL ); + if (hardclock_init == 0) { + gettimeofday(&tv_init, NULL); hardclock_init = 1; } - gettimeofday( &tv_cur, NULL ); - return( ( tv_cur.tv_sec - tv_init.tv_sec ) * 1000000U - + ( tv_cur.tv_usec - tv_init.tv_usec ) ); + gettimeofday(&tv_cur, NULL); + return (tv_cur.tv_sec - tv_init.tv_sec) * 1000000U + + (tv_cur.tv_usec - tv_init.tv_usec); } #endif /* !HAVE_HARDCLOCK */ @@ -234,43 +229,39 @@ volatile int mbedtls_timing_alarmed = 0; #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) -unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) +unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset) { struct _hr_time *t = (struct _hr_time *) val; - if( reset ) - { - QueryPerformanceCounter( &t->start ); - return( 0 ); - } - else - { + if (reset) { + QueryPerformanceCounter(&t->start); + return 0; + } else { unsigned long delta; LARGE_INTEGER now, hfreq; - QueryPerformanceCounter( &now ); - QueryPerformanceFrequency( &hfreq ); - delta = (unsigned long)( ( now.QuadPart - t->start.QuadPart ) * 1000ul - / hfreq.QuadPart ); - return( delta ); + QueryPerformanceCounter(&now); + QueryPerformanceFrequency(&hfreq); + delta = (unsigned long) ((now.QuadPart - t->start.QuadPart) * 1000ul + / hfreq.QuadPart); + return delta; } } /* It's OK to use a global because alarm() is supposed to be global anyway */ static DWORD alarmMs; -static void TimerProc( void *TimerContext ) +static void TimerProc(void *TimerContext) { (void) TimerContext; - Sleep( alarmMs ); + Sleep(alarmMs); mbedtls_timing_alarmed = 1; /* _endthread will be called implicitly on return * That ensures execution of thread function's epilogue */ } -void mbedtls_set_alarm( int seconds ) +void mbedtls_set_alarm(int seconds) { - if( seconds == 0 ) - { + if (seconds == 0) { /* No need to create a thread for this simple case. * Also, this shorcut is more reliable at least on MinGW32 */ mbedtls_timing_alarmed = 1; @@ -279,44 +270,40 @@ void mbedtls_set_alarm( int seconds ) mbedtls_timing_alarmed = 0; alarmMs = seconds * 1000; - (void) _beginthread( TimerProc, 0, NULL ); + (void) _beginthread(TimerProc, 0, NULL); } #else /* _WIN32 && !EFIX64 && !EFI32 */ -unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) +unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset) { struct _hr_time *t = (struct _hr_time *) val; - if( reset ) - { - gettimeofday( &t->start, NULL ); - return( 0 ); - } - else - { + if (reset) { + gettimeofday(&t->start, NULL); + return 0; + } else { unsigned long delta; struct timeval now; - gettimeofday( &now, NULL ); - delta = ( now.tv_sec - t->start.tv_sec ) * 1000ul - + ( now.tv_usec - t->start.tv_usec ) / 1000; - return( delta ); + gettimeofday(&now, NULL); + delta = (now.tv_sec - t->start.tv_sec) * 1000ul + + (now.tv_usec - t->start.tv_usec) / 1000; + return delta; } } -static void sighandler( int signum ) +static void sighandler(int signum) { mbedtls_timing_alarmed = 1; - signal( signum, sighandler ); + signal(signum, sighandler); } -void mbedtls_set_alarm( int seconds ) +void mbedtls_set_alarm(int seconds) { mbedtls_timing_alarmed = 0; - signal( SIGALRM, sighandler ); - alarm( seconds ); - if( seconds == 0 ) - { + signal(SIGALRM, sighandler); + alarm(seconds); + if (seconds == 0) { /* alarm(0) cancelled any previous pending alarm, but the handler won't fire, so raise the flag straight away. */ mbedtls_timing_alarmed = 1; @@ -328,37 +315,41 @@ void mbedtls_set_alarm( int seconds ) /* * Set delays to watch */ -void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ) +void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms) { mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data; ctx->int_ms = int_ms; ctx->fin_ms = fin_ms; - if( fin_ms != 0 ) - (void) mbedtls_timing_get_timer( &ctx->timer, 1 ); + if (fin_ms != 0) { + (void) mbedtls_timing_get_timer(&ctx->timer, 1); + } } /* * Get number of delays expired */ -int mbedtls_timing_get_delay( void *data ) +int mbedtls_timing_get_delay(void *data) { mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data; unsigned long elapsed_ms; - if( ctx->fin_ms == 0 ) - return( -1 ); + if (ctx->fin_ms == 0) { + return -1; + } - elapsed_ms = mbedtls_timing_get_timer( &ctx->timer, 0 ); + elapsed_ms = mbedtls_timing_get_timer(&ctx->timer, 0); - if( elapsed_ms >= ctx->fin_ms ) - return( 2 ); + if (elapsed_ms >= ctx->fin_ms) { + return 2; + } - if( elapsed_ms >= ctx->int_ms ) - return( 1 ); + if (elapsed_ms >= ctx->int_ms) { + return 1; + } - return( 0 ); + return 0; } @@ -368,16 +359,17 @@ int mbedtls_timing_get_delay( void *data ) * Busy-waits for the given number of milliseconds. * Used for testing mbedtls_timing_hardclock. */ -static void busy_msleep( unsigned long msec ) +static void busy_msleep(unsigned long msec) { struct mbedtls_timing_hr_time hires; unsigned long i = 0; /* for busy-waiting */ volatile unsigned long j; /* to prevent optimisation */ - (void) mbedtls_timing_get_timer( &hires, 1 ); + (void) mbedtls_timing_get_timer(&hires, 1); - while( mbedtls_timing_get_timer( &hires, 0 ) < msec ) + while (mbedtls_timing_get_timer(&hires, 0) < msec) { i++; + } j = i; (void) j; @@ -385,19 +377,19 @@ static void busy_msleep( unsigned long msec ) #define FAIL do \ { \ - if( verbose != 0 ) \ + if (verbose != 0) \ { \ - mbedtls_printf( "failed at line %d\n", __LINE__ ); \ - mbedtls_printf( " cycles=%lu ratio=%lu millisecs=%lu secs=%lu hardfail=%d a=%lu b=%lu\n", \ - cycles, ratio, millisecs, secs, hardfail, \ - (unsigned long) a, (unsigned long) b ); \ - mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=%lu status(ctx)=%d\n", \ - mbedtls_timing_get_timer( &hires, 0 ), \ - mbedtls_timing_get_timer( &ctx.timer, 0 ), \ - mbedtls_timing_get_delay( &ctx ) ); \ + mbedtls_printf("failed at line %d\n", __LINE__); \ + mbedtls_printf(" cycles=%lu ratio=%lu millisecs=%lu secs=%lu hardfail=%d a=%lu b=%lu\n", \ + cycles, ratio, millisecs, secs, hardfail, \ + (unsigned long) a, (unsigned long) b); \ + mbedtls_printf(" elapsed(hires)=%lu elapsed(ctx)=%lu status(ctx)=%d\n", \ + mbedtls_timing_get_timer(&hires, 0), \ + mbedtls_timing_get_timer(&ctx.timer, 0), \ + mbedtls_timing_get_delay(&ctx)); \ } \ - return( 1 ); \ - } while( 0 ) + return 1; \ + } while (0) /* * Checkup routine @@ -405,7 +397,7 @@ static void busy_msleep( unsigned long msec ) * Warning: this is work in progress, some tests may not be reliable enough * yet! False positives may happen. */ -int mbedtls_timing_self_test( int verbose ) +int mbedtls_timing_self_test(int verbose) { unsigned long cycles = 0, ratio = 0; unsigned long millisecs = 0, secs = 0; @@ -414,63 +406,75 @@ int mbedtls_timing_self_test( int verbose ) uint32_t a = 0, b = 0; mbedtls_timing_delay_context ctx; - if( verbose != 0 ) - mbedtls_printf( " TIMING tests note: will take some time!\n" ); + if (verbose != 0) { + mbedtls_printf(" TIMING tests note: will take some time!\n"); + } - if( verbose != 0 ) - mbedtls_printf( " TIMING test #1 (set_alarm / get_timer): " ); + if (verbose != 0) { + mbedtls_printf(" TIMING test #1 (set_alarm / get_timer): "); + } { secs = 1; - (void) mbedtls_timing_get_timer( &hires, 1 ); + (void) mbedtls_timing_get_timer(&hires, 1); - mbedtls_set_alarm( (int) secs ); - while( !mbedtls_timing_alarmed ) + mbedtls_set_alarm((int) secs); + while (!mbedtls_timing_alarmed) { ; + } - millisecs = mbedtls_timing_get_timer( &hires, 0 ); + millisecs = mbedtls_timing_get_timer(&hires, 0); /* For some reason on Windows it looks like alarm has an extra delay * (maybe related to creating a new thread). Allow some room here. */ - if( millisecs < 800 * secs || millisecs > 1200 * secs + 300 ) + if (millisecs < 800 * secs || millisecs > 1200 * secs + 300) { FAIL; + } } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( " TIMING test #2 (set/get_delay ): " ); + if (verbose != 0) { + mbedtls_printf(" TIMING test #2 (set/get_delay ): "); + } { a = 800; b = 400; - mbedtls_timing_set_delay( &ctx, a, a + b ); /* T = 0 */ + mbedtls_timing_set_delay(&ctx, a, a + b); /* T = 0 */ - busy_msleep( a - a / 4 ); /* T = a - a/4 */ - if( mbedtls_timing_get_delay( &ctx ) != 0 ) + busy_msleep(a - a / 4); /* T = a - a/4 */ + if (mbedtls_timing_get_delay(&ctx) != 0) { FAIL; + } - busy_msleep( a / 4 + b / 4 ); /* T = a + b/4 */ - if( mbedtls_timing_get_delay( &ctx ) != 1 ) + busy_msleep(a / 4 + b / 4); /* T = a + b/4 */ + if (mbedtls_timing_get_delay(&ctx) != 1) { FAIL; + } - busy_msleep( b ); /* T = a + b + b/4 */ - if( mbedtls_timing_get_delay( &ctx ) != 2 ) + busy_msleep(b); /* T = a + b + b/4 */ + if (mbedtls_timing_get_delay(&ctx) != 2) { FAIL; + } } - mbedtls_timing_set_delay( &ctx, 0, 0 ); - busy_msleep( 200 ); - if( mbedtls_timing_get_delay( &ctx ) != -1 ) + mbedtls_timing_set_delay(&ctx, 0, 0); + busy_msleep(200); + if (mbedtls_timing_get_delay(&ctx) != -1) { FAIL; + } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( " TIMING test #3 (hardclock / get_timer): " ); + if (verbose != 0) { + mbedtls_printf(" TIMING test #3 (hardclock / get_timer): "); + } /* * Allow one failure for possible counter wrapping. @@ -479,10 +483,10 @@ int mbedtls_timing_self_test( int verbose ) */ hard_test: - if( hardfail > 1 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed (ignored)\n" ); + if (hardfail > 1) { + if (verbose != 0) { + mbedtls_printf("failed (ignored)\n"); + } goto hard_test_done; } @@ -490,35 +494,35 @@ int mbedtls_timing_self_test( int verbose ) /* Get a reference ratio cycles/ms */ millisecs = 1; cycles = mbedtls_timing_hardclock(); - busy_msleep( millisecs ); + busy_msleep(millisecs); cycles = mbedtls_timing_hardclock() - cycles; ratio = cycles / millisecs; /* Check that the ratio is mostly constant */ - for( millisecs = 2; millisecs <= 4; millisecs++ ) - { + for (millisecs = 2; millisecs <= 4; millisecs++) { cycles = mbedtls_timing_hardclock(); - busy_msleep( millisecs ); + busy_msleep(millisecs); cycles = mbedtls_timing_hardclock() - cycles; /* Allow variation up to 20% */ - if( cycles / millisecs < ratio - ratio / 5 || - cycles / millisecs > ratio + ratio / 5 ) - { + if (cycles / millisecs < ratio - ratio / 5 || + cycles / millisecs > ratio + ratio / 5) { hardfail++; goto hard_test; } } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } hard_test_done: - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/version.c b/library/version.c index 32a0d7d584f0..4f78c9cb123e 100644 --- a/library/version.c +++ b/library/version.c @@ -24,21 +24,21 @@ #include "mbedtls/version.h" #include -unsigned int mbedtls_version_get_number( void ) +unsigned int mbedtls_version_get_number(void) { - return( MBEDTLS_VERSION_NUMBER ); + return MBEDTLS_VERSION_NUMBER; } -void mbedtls_version_get_string( char *string ) +void mbedtls_version_get_string(char *string) { - memcpy( string, MBEDTLS_VERSION_STRING, - sizeof( MBEDTLS_VERSION_STRING ) ); + memcpy(string, MBEDTLS_VERSION_STRING, + sizeof(MBEDTLS_VERSION_STRING)); } -void mbedtls_version_get_string_full( char *string ) +void mbedtls_version_get_string_full(char *string) { - memcpy( string, MBEDTLS_VERSION_STRING_FULL, - sizeof( MBEDTLS_VERSION_STRING_FULL ) ); + memcpy(string, MBEDTLS_VERSION_STRING_FULL, + sizeof(MBEDTLS_VERSION_STRING_FULL)); } #endif /* MBEDTLS_VERSION_C */ diff --git a/library/x509.c b/library/x509.c index 54c8666d235b..38eb2e6607d8 100644 --- a/library/x509.c +++ b/library/x509.c @@ -53,42 +53,45 @@ #include #endif -#define CHECK(code) if( ( ret = ( code ) ) != 0 ){ return( ret ); } +#define CHECK(code) if ((ret = (code)) != 0) { return ret; } #define CHECK_RANGE(min, max, val) \ do \ { \ - if( ( val ) < ( min ) || ( val ) > ( max ) ) \ + if ((val) < (min) || (val) > (max)) \ { \ - return( ret ); \ + return ret; \ } \ - } while( 0 ) + } while (0) /* * CertificateSerialNumber ::= INTEGER */ -int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *serial ) +int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *serial) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if ((end - *p) < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SERIAL, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } - if( **p != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2 ) && - **p != MBEDTLS_ASN1_INTEGER ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (**p != (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2) && + **p != MBEDTLS_ASN1_INTEGER) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SERIAL, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } serial->tag = *(*p)++; - if( ( ret = mbedtls_asn1_get_len( p, end, &serial->len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, ret ) ); + if ((ret = mbedtls_asn1_get_len(p, end, &serial->len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SERIAL, ret); + } serial->p = *p; *p += serial->len; - return( 0 ); + return 0; } /* Get an algorithm identifier without parameters (eg for signatures) @@ -97,29 +100,31 @@ int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, * algorithm OBJECT IDENTIFIER, * parameters ANY DEFINED BY algorithm OPTIONAL } */ -int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg ) +int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_alg_null(p, end, alg)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } - return( 0 ); + return 0; } /* * Parse an algorithm identifier with (optional) parameters */ -int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg, mbedtls_x509_buf *params ) +int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg, mbedtls_x509_buf *params) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_alg(p, end, alg, params)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } - return( 0 ); + return 0; } #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) @@ -132,7 +137,7 @@ int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, * * For HashAlgorithm, parameters MUST be NULL or absent. */ -static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg ) +static int x509_get_hash_alg(const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p; @@ -141,42 +146,49 @@ static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md size_t len; /* Make sure we got a SEQUENCE and setup bounds */ - if( alg->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (alg->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } p = alg->p; end = p + alg->len; - if( p >= end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if (p >= end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } /* Parse md_oid */ md_oid.tag = *p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &md_oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &md_oid.len, MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } md_oid.p = p; p += md_oid.len; /* Get md_alg from md_oid */ - if( ( ret = mbedtls_oid_get_md_alg( &md_oid, md_alg ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_oid_get_md_alg(&md_oid, md_alg)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } /* Make sure params is absent of NULL */ - if( p == end ) - return( 0 ); + if (p == end) { + return 0; + } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_NULL ) ) != 0 || len != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_NULL)) != 0 || len != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } - if( p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* @@ -191,9 +203,9 @@ static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md * of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other * option. Enforce this at parsing time. */ -int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, - mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, - int *salt_len ) +int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params, + mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, + int *salt_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p; @@ -207,121 +219,139 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, *salt_len = 20; /* Make sure params is a SEQUENCE and setup bounds */ - if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } p = (unsigned char *) params->p; end = p + params->len; - if( p == end ) - return( 0 ); + if (p == end) { + return 0; + } /* * HashAlgorithm */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 ) - { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 0)) == 0) { end2 = p + len; /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */ - if( ( ret = mbedtls_x509_get_alg_null( &p, end2, &alg_id ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_alg_null(&p, end2, &alg_id)) != 0) { + return ret; + } - if( ( ret = mbedtls_oid_get_md_alg( &alg_id, md_alg ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_oid_get_md_alg(&alg_id, md_alg)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } - if( p != end2 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end2) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); - if( p == end ) - return( 0 ); + if (p == end) { + return 0; + } /* * MaskGenAlgorithm */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 ) - { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 1)) == 0) { end2 = p + len; /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */ - if( ( ret = mbedtls_x509_get_alg( &p, end2, &alg_id, &alg_params ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_alg(&p, end2, &alg_id, &alg_params)) != 0) { + return ret; + } /* Only MFG1 is recognised for now */ - if( MBEDTLS_OID_CMP( MBEDTLS_OID_MGF1, &alg_id ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE, - MBEDTLS_ERR_OID_NOT_FOUND ) ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_MGF1, &alg_id) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE, + MBEDTLS_ERR_OID_NOT_FOUND); + } /* Parse HashAlgorithm */ - if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 ) - return( ret ); + if ((ret = x509_get_hash_alg(&alg_params, mgf_md)) != 0) { + return ret; + } - if( p != end2 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end2) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); - if( p == end ) - return( 0 ); + if (p == end) { + return 0; + } /* * salt_len */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 2 ) ) == 0 ) - { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 2)) == 0) { end2 = p + len; - if( ( ret = mbedtls_asn1_get_int( &p, end2, salt_len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end2, salt_len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } - if( p != end2 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end2) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); - if( p == end ) - return( 0 ); + if (p == end) { + return 0; + } /* * trailer_field (if present, must be 1) */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 3 ) ) == 0 ) - { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 3)) == 0) { int trailer_field; end2 = p + len; - if( ( ret = mbedtls_asn1_get_int( &p, end2, &trailer_field ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end2, &trailer_field)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } - if( p != end2 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end2) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - if( trailer_field != 1 ) - return( MBEDTLS_ERR_X509_INVALID_ALG ); + if (trailer_field != 1) { + return MBEDTLS_ERR_X509_INVALID_ALG; + } + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); - if( p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ @@ -334,63 +364,68 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, * * AttributeValue ::= ANY DEFINED BY AttributeType */ -static int x509_get_attr_type_value( unsigned char **p, - const unsigned char *end, - mbedtls_x509_name *cur ) +static int x509_get_attr_type_value(unsigned char **p, + const unsigned char *end, + mbedtls_x509_name *cur) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; mbedtls_x509_buf *oid; mbedtls_x509_buf *val; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, ret); + } end = *p + len; - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if ((end - *p) < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } oid = &cur->oid; oid->tag = **p; - if( ( ret = mbedtls_asn1_get_tag( p, end, &oid->len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &oid->len, MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, ret); + } oid->p = *p; *p += oid->len; - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if ((end - *p) < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } - if( **p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING && + if (**p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING && **p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING && **p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING && - **p != MBEDTLS_ASN1_BIT_STRING ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + **p != MBEDTLS_ASN1_BIT_STRING) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } val = &cur->val; val->tag = *(*p)++; - if( ( ret = mbedtls_asn1_get_len( p, end, &val->len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); + if ((ret = mbedtls_asn1_get_len(p, end, &val->len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, ret); + } val->p = *p; *p += val->len; - if( *p != end ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } cur->next = NULL; - return( 0 ); + return 0; } /* @@ -421,8 +456,8 @@ static int x509_get_attr_type_value( unsigned char **p, * cases, this function frees all allocated memory internally and the caller * has no freeing responsibilities. */ -int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, - mbedtls_x509_name *cur ) +int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end, + mbedtls_x509_name *cur) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t set_len; @@ -431,35 +466,33 @@ int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, mbedtls_x509_name *prev, *allocated; /* don't use recursion, we'd risk stack overflow if not optimized */ - while( 1 ) - { + while (1) { /* * parse SET */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &set_len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ) != 0 ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &set_len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET)) != 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, ret); goto error; } end_set = *p + set_len; - while( 1 ) - { - if( ( ret = x509_get_attr_type_value( p, end_set, cur ) ) != 0 ) + while (1) { + if ((ret = x509_get_attr_type_value(p, end_set, cur)) != 0) { goto error; + } - if( *p == end_set ) + if (*p == end_set) { break; + } /* Mark this item as being no the only one in a set */ cur->next_merged = 1; - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) ); + cur->next = mbedtls_calloc(1, sizeof(mbedtls_x509_name)); - if( cur->next == NULL ) - { + if (cur->next == NULL) { ret = MBEDTLS_ERR_X509_ALLOC_FAILED; goto error; } @@ -470,13 +503,13 @@ int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, /* * continue until end of SEQUENCE is reached */ - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) ); + cur->next = mbedtls_calloc(1, sizeof(mbedtls_x509_name)); - if( cur->next == NULL ) - { + if (cur->next == NULL) { ret = MBEDTLS_ERR_X509_ALLOC_FAILED; goto error; } @@ -488,48 +521,46 @@ int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, /* Skip the first element as we did not allocate it */ allocated = head->next; - while( allocated != NULL ) - { + while (allocated != NULL) { prev = allocated; allocated = allocated->next; - mbedtls_platform_zeroize( prev, sizeof( *prev ) ); - mbedtls_free( prev ); + mbedtls_platform_zeroize(prev, sizeof(*prev)); + mbedtls_free(prev); } - mbedtls_platform_zeroize( head, sizeof( *head ) ); + mbedtls_platform_zeroize(head, sizeof(*head)); - return( ret ); + return ret; } -static int x509_parse_int( unsigned char **p, size_t n, int *res ) +static int x509_parse_int(unsigned char **p, size_t n, int *res) { *res = 0; - for( ; n > 0; --n ) - { - if( ( **p < '0') || ( **p > '9' ) ) - return ( MBEDTLS_ERR_X509_INVALID_DATE ); + for (; n > 0; --n) { + if ((**p < '0') || (**p > '9')) { + return MBEDTLS_ERR_X509_INVALID_DATE; + } *res *= 10; - *res += ( *(*p)++ - '0' ); + *res += (*(*p)++ - '0'); } - return( 0 ); + return 0; } -static int x509_date_is_valid(const mbedtls_x509_time *t ) +static int x509_date_is_valid(const mbedtls_x509_time *t) { int ret = MBEDTLS_ERR_X509_INVALID_DATE; int month_len; - CHECK_RANGE( 0, 9999, t->year ); - CHECK_RANGE( 0, 23, t->hour ); - CHECK_RANGE( 0, 59, t->min ); - CHECK_RANGE( 0, 59, t->sec ); + CHECK_RANGE(0, 9999, t->year); + CHECK_RANGE(0, 23, t->hour); + CHECK_RANGE(0, 59, t->min); + CHECK_RANGE(0, 59, t->sec); - switch( t->mon ) - { + switch (t->mon) { case 1: case 3: case 5: case 7: case 8: case 10: case 12: month_len = 31; break; @@ -537,69 +568,69 @@ static int x509_date_is_valid(const mbedtls_x509_time *t ) month_len = 30; break; case 2: - if( ( !( t->year % 4 ) && t->year % 100 ) || - !( t->year % 400 ) ) + if ((!(t->year % 4) && t->year % 100) || + !(t->year % 400)) { month_len = 29; - else + } else { month_len = 28; + } break; default: - return( ret ); + return ret; } - CHECK_RANGE( 1, month_len, t->day ); + CHECK_RANGE(1, month_len, t->day); - return( 0 ); + return 0; } /* * Parse an ASN1_UTC_TIME (yearlen=2) or ASN1_GENERALIZED_TIME (yearlen=4) * field. */ -static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, - mbedtls_x509_time *tm ) +static int x509_parse_time(unsigned char **p, size_t len, size_t yearlen, + mbedtls_x509_time *tm) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* * Minimum length is 10 or 12 depending on yearlen */ - if ( len < yearlen + 8 ) - return ( MBEDTLS_ERR_X509_INVALID_DATE ); + if (len < yearlen + 8) { + return MBEDTLS_ERR_X509_INVALID_DATE; + } len -= yearlen + 8; /* * Parse year, month, day, hour, minute */ - CHECK( x509_parse_int( p, yearlen, &tm->year ) ); - if ( 2 == yearlen ) - { - if ( tm->year < 50 ) + CHECK(x509_parse_int(p, yearlen, &tm->year)); + if (2 == yearlen) { + if (tm->year < 50) { tm->year += 100; + } tm->year += 1900; } - CHECK( x509_parse_int( p, 2, &tm->mon ) ); - CHECK( x509_parse_int( p, 2, &tm->day ) ); - CHECK( x509_parse_int( p, 2, &tm->hour ) ); - CHECK( x509_parse_int( p, 2, &tm->min ) ); + CHECK(x509_parse_int(p, 2, &tm->mon)); + CHECK(x509_parse_int(p, 2, &tm->day)); + CHECK(x509_parse_int(p, 2, &tm->hour)); + CHECK(x509_parse_int(p, 2, &tm->min)); /* * Parse seconds if present */ - if ( len >= 2 ) - { - CHECK( x509_parse_int( p, 2, &tm->sec ) ); + if (len >= 2) { + CHECK(x509_parse_int(p, 2, &tm->sec)); len -= 2; + } else { + return MBEDTLS_ERR_X509_INVALID_DATE; } - else - return ( MBEDTLS_ERR_X509_INVALID_DATE ); /* * Parse trailing 'Z' if present */ - if ( 1 == len && 'Z' == **p ) - { + if (1 == len && 'Z' == **p) { (*p)++; len--; } @@ -607,12 +638,13 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, /* * We should have parsed all characters at this point */ - if ( 0 != len ) - return ( MBEDTLS_ERR_X509_INVALID_DATE ); + if (0 != len) { + return MBEDTLS_ERR_X509_INVALID_DATE; + } - CHECK( x509_date_is_valid( tm ) ); + CHECK(x509_date_is_valid(tm)); - return ( 0 ); + return 0; } /* @@ -620,50 +652,55 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, * utcTime UTCTime, * generalTime GeneralizedTime } */ -int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, - mbedtls_x509_time *tm ) +int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end, + mbedtls_x509_time *tm) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len, year_len; unsigned char tag; - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if ((end - *p) < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } tag = **p; - if( tag == MBEDTLS_ASN1_UTC_TIME ) + if (tag == MBEDTLS_ASN1_UTC_TIME) { year_len = 2; - else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME ) + } else if (tag == MBEDTLS_ASN1_GENERALIZED_TIME) { year_len = 4; - else - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + } else { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } (*p)++; - ret = mbedtls_asn1_get_len( p, end, &len ); + ret = mbedtls_asn1_get_len(p, end, &len); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, ret ) ); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, ret); + } - return x509_parse_time( p, len, year_len, tm ); + return x509_parse_time(p, len, year_len, tm); } -int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ) +int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; int tag_type; - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SIGNATURE, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if ((end - *p) < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } tag_type = **p; - if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SIGNATURE, ret ) ); + if ((ret = mbedtls_asn1_get_bitstring_null(p, end, &len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, ret); + } sig->tag = tag_type; sig->len = len; @@ -671,63 +708,64 @@ int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x *p += len; - return( 0 ); + return 0; } /* * Get signature algorithm from alg OID and optional parameters */ -int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, - mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, - void **sig_opts ) +int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, + mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, + void **sig_opts) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( *sig_opts != NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (*sig_opts != NULL) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - if( ( ret = mbedtls_oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, ret ) ); + if ((ret = mbedtls_oid_get_sig_alg(sig_oid, md_alg, pk_alg)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, ret); + } #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - if( *pk_alg == MBEDTLS_PK_RSASSA_PSS ) - { + if (*pk_alg == MBEDTLS_PK_RSASSA_PSS) { mbedtls_pk_rsassa_pss_options *pss_opts; - pss_opts = mbedtls_calloc( 1, sizeof( mbedtls_pk_rsassa_pss_options ) ); - if( pss_opts == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - - ret = mbedtls_x509_get_rsassa_pss_params( sig_params, - md_alg, - &pss_opts->mgf1_hash_id, - &pss_opts->expected_salt_len ); - if( ret != 0 ) - { - mbedtls_free( pss_opts ); - return( ret ); + pss_opts = mbedtls_calloc(1, sizeof(mbedtls_pk_rsassa_pss_options)); + if (pss_opts == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } + + ret = mbedtls_x509_get_rsassa_pss_params(sig_params, + md_alg, + &pss_opts->mgf1_hash_id, + &pss_opts->expected_salt_len); + if (ret != 0) { + mbedtls_free(pss_opts); + return ret; } *sig_opts = (void *) pss_opts; - } - else + } else #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ { /* Make sure parameters are absent or NULL */ - if( ( sig_params->tag != MBEDTLS_ASN1_NULL && sig_params->tag != 0 ) || - sig_params->len != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG ); + if ((sig_params->tag != MBEDTLS_ASN1_NULL && sig_params->tag != 0) || + sig_params->len != 0) { + return MBEDTLS_ERR_X509_INVALID_ALG; + } } - return( 0 ); + return 0; } /* * X.509 Extensions (No parsing of extensions, pointer should * be either manually updated or extensions should be parsed!) */ -int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *ext, int tag ) +int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *ext, int tag) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -735,10 +773,11 @@ int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, /* Extension structure use EXPLICIT tagging. That is, the actual * `Extensions` structure is wrapped by a tag-length pair using * the respective context-specific tag. */ - ret = mbedtls_asn1_get_tag( p, end, &ext->len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag ); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + ret = mbedtls_asn1_get_tag(p, end, &ext->len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } ext->tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag; ext->p = *p; @@ -747,22 +786,24 @@ int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, /* * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( end != *p + len ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (end != *p + len) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* * Store the name in printable form into buf; no more * than size characters will be written */ -int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ) +int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j, n; @@ -771,67 +812,67 @@ int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ) const char *short_name = NULL; char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p; - memset( s, 0, sizeof( s ) ); + memset(s, 0, sizeof(s)); name = dn; p = buf; n = size; - while( name != NULL ) - { - if( !name->oid.p ) - { + while (name != NULL) { + if (!name->oid.p) { name = name->next; continue; } - if( name != dn ) - { - ret = mbedtls_snprintf( p, n, merge ? " + " : ", " ); + if (name != dn) { + ret = mbedtls_snprintf(p, n, merge ? " + " : ", "); MBEDTLS_X509_SAFE_SNPRINTF; } - ret = mbedtls_oid_get_attr_short_name( &name->oid, &short_name ); + ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name); - if( ret == 0 ) - ret = mbedtls_snprintf( p, n, "%s=", short_name ); - else - ret = mbedtls_snprintf( p, n, "\?\?=" ); + if (ret == 0) { + ret = mbedtls_snprintf(p, n, "%s=", short_name); + } else { + ret = mbedtls_snprintf(p, n, "\?\?="); + } MBEDTLS_X509_SAFE_SNPRINTF; - for( i = 0, j = 0; i < name->val.len; i++, j++ ) - { - if( j >= sizeof( s ) - 1 ) - return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); + for (i = 0, j = 0; i < name->val.len; i++, j++) { + if (j >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } c = name->val.p[i]; // Special characters requiring escaping, RFC 1779 - if( c && strchr( ",=+<>#;\"\\", c ) ) - { - if( j + 1 >= sizeof( s ) - 1 ) - return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); + if (c && strchr(",=+<>#;\"\\", c)) { + if (j + 1 >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } s[j++] = '\\'; } - if( c < 32 || c >= 127 ) - s[j] = '?'; - else s[j] = c; + if (c < 32 || c >= 127) { + s[j] = '?'; + } else { + s[j] = c; + } } s[j] = '\0'; - ret = mbedtls_snprintf( p, n, "%s", s ); + ret = mbedtls_snprintf(p, n, "%s", s); MBEDTLS_X509_SAFE_SNPRINTF; merge = name->next_merged; name = name->next; } - return( (int) ( size - n ) ); + return (int) (size - n); } /* * Store the serial in printable form into buf; no more * than size characters will be written */ -int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ) +int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, n, nr; @@ -840,62 +881,61 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se p = buf; n = size; - nr = ( serial->len <= 32 ) + nr = (serial->len <= 32) ? serial->len : 28; - for( i = 0; i < nr; i++ ) - { - if( i == 0 && nr > 1 && serial->p[i] == 0x0 ) + for (i = 0; i < nr; i++) { + if (i == 0 && nr > 1 && serial->p[i] == 0x0) { continue; + } - ret = mbedtls_snprintf( p, n, "%02X%s", - serial->p[i], ( i < nr - 1 ) ? ":" : "" ); + ret = mbedtls_snprintf(p, n, "%02X%s", + serial->p[i], (i < nr - 1) ? ":" : ""); MBEDTLS_X509_SAFE_SNPRINTF; } - if( nr != serial->len ) - { - ret = mbedtls_snprintf( p, n, "...." ); + if (nr != serial->len) { + ret = mbedtls_snprintf(p, n, "...."); MBEDTLS_X509_SAFE_SNPRINTF; } - return( (int) ( size - n ) ); + return (int) (size - n); } /* * Helper for writing signature algorithms */ -int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, - mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, - const void *sig_opts ) +int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid, + mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, + const void *sig_opts) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; char *p = buf; size_t n = size; const char *desc = NULL; - ret = mbedtls_oid_get_sig_alg_desc( sig_oid, &desc ); - if( ret != 0 ) - ret = mbedtls_snprintf( p, n, "???" ); - else - ret = mbedtls_snprintf( p, n, "%s", desc ); + ret = mbedtls_oid_get_sig_alg_desc(sig_oid, &desc); + if (ret != 0) { + ret = mbedtls_snprintf(p, n, "???"); + } else { + ret = mbedtls_snprintf(p, n, "%s", desc); + } MBEDTLS_X509_SAFE_SNPRINTF; #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - if( pk_alg == MBEDTLS_PK_RSASSA_PSS ) - { + if (pk_alg == MBEDTLS_PK_RSASSA_PSS) { const mbedtls_pk_rsassa_pss_options *pss_opts; const mbedtls_md_info_t *md_info, *mgf_md_info; pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts; - md_info = mbedtls_md_info_from_type( md_alg ); - mgf_md_info = mbedtls_md_info_from_type( pss_opts->mgf1_hash_id ); + md_info = mbedtls_md_info_from_type(md_alg); + mgf_md_info = mbedtls_md_info_from_type(pss_opts->mgf1_hash_id); - ret = mbedtls_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", - md_info ? mbedtls_md_get_name( md_info ) : "???", - mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???", - (unsigned int) pss_opts->expected_salt_len ); + ret = mbedtls_snprintf(p, n, " (%s, MGF1-%s, 0x%02X)", + md_info ? mbedtls_md_get_name(md_info) : "???", + mgf_md_info ? mbedtls_md_get_name(mgf_md_info) : "???", + (unsigned int) pss_opts->expected_salt_len); MBEDTLS_X509_SAFE_SNPRINTF; } #else @@ -904,22 +944,22 @@ int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *s ((void) sig_opts); #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ - return( (int)( size - n ) ); + return (int) (size - n); } /* * Helper for writing "RSA key size", "EC key size", etc */ -int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ) +int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name) { char *p = buf; size_t n = buf_size; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ret = mbedtls_snprintf( p, n, "%s key size", name ); + ret = mbedtls_snprintf(p, n, "%s key size", name); MBEDTLS_X509_SAFE_SNPRINTF; - return( 0 ); + return 0; } #if defined(MBEDTLS_HAVE_TIME_DATE) @@ -927,19 +967,18 @@ int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ) * Set the time structure to the current time. * Return 0 on success, non-zero on failure. */ -static int x509_get_current_time( mbedtls_x509_time *now ) +static int x509_get_current_time(mbedtls_x509_time *now) { struct tm *lt, tm_buf; mbedtls_time_t tt; int ret = 0; - tt = mbedtls_time( NULL ); - lt = mbedtls_platform_gmtime_r( &tt, &tm_buf ); + tt = mbedtls_time(NULL); + lt = mbedtls_platform_gmtime_r(&tt, &tm_buf); - if( lt == NULL ) + if (lt == NULL) { ret = -1; - else - { + } else { now->year = lt->tm_year + 1900; now->mon = lt->tm_mon + 1; now->day = lt->tm_mday; @@ -948,82 +987,90 @@ static int x509_get_current_time( mbedtls_x509_time *now ) now->sec = lt->tm_sec; } - return( ret ); + return ret; } /* * Return 0 if before <= after, 1 otherwise */ -static int x509_check_time( const mbedtls_x509_time *before, const mbedtls_x509_time *after ) +static int x509_check_time(const mbedtls_x509_time *before, const mbedtls_x509_time *after) { - if( before->year > after->year ) - return( 1 ); + if (before->year > after->year) { + return 1; + } - if( before->year == after->year && - before->mon > after->mon ) - return( 1 ); + if (before->year == after->year && + before->mon > after->mon) { + return 1; + } - if( before->year == after->year && + if (before->year == after->year && before->mon == after->mon && - before->day > after->day ) - return( 1 ); + before->day > after->day) { + return 1; + } - if( before->year == after->year && + if (before->year == after->year && before->mon == after->mon && before->day == after->day && - before->hour > after->hour ) - return( 1 ); + before->hour > after->hour) { + return 1; + } - if( before->year == after->year && + if (before->year == after->year && before->mon == after->mon && before->day == after->day && before->hour == after->hour && - before->min > after->min ) - return( 1 ); + before->min > after->min) { + return 1; + } - if( before->year == after->year && + if (before->year == after->year && before->mon == after->mon && before->day == after->day && before->hour == after->hour && before->min == after->min && - before->sec > after->sec ) - return( 1 ); + before->sec > after->sec) { + return 1; + } - return( 0 ); + return 0; } -int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ) +int mbedtls_x509_time_is_past(const mbedtls_x509_time *to) { mbedtls_x509_time now; - if( x509_get_current_time( &now ) != 0 ) - return( 1 ); + if (x509_get_current_time(&now) != 0) { + return 1; + } - return( x509_check_time( &now, to ) ); + return x509_check_time(&now, to); } -int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) +int mbedtls_x509_time_is_future(const mbedtls_x509_time *from) { mbedtls_x509_time now; - if( x509_get_current_time( &now ) != 0 ) - return( 1 ); + if (x509_get_current_time(&now) != 0) { + return 1; + } - return( x509_check_time( from, &now ) ); + return x509_check_time(from, &now); } #else /* MBEDTLS_HAVE_TIME_DATE */ -int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ) +int mbedtls_x509_time_is_past(const mbedtls_x509_time *to) { ((void) to); - return( 0 ); + return 0; } -int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) +int mbedtls_x509_time_is_future(const mbedtls_x509_time *from) { ((void) from); - return( 0 ); + return 0; } #endif /* MBEDTLS_HAVE_TIME_DATE */ @@ -1035,7 +1082,7 @@ int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) /* * Checkup routine */ -int mbedtls_x509_self_test( int verbose ) +int mbedtls_x509_self_test(int verbose) { int ret = 0; #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C) @@ -1043,54 +1090,57 @@ int mbedtls_x509_self_test( int verbose ) mbedtls_x509_crt cacert; mbedtls_x509_crt clicert; - if( verbose != 0 ) - mbedtls_printf( " X.509 certificate load: " ); + if (verbose != 0) { + mbedtls_printf(" X.509 certificate load: "); + } - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crt_init( &clicert ); + mbedtls_x509_crt_init(&cacert); + mbedtls_x509_crt_init(&clicert); - ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, - mbedtls_test_cli_crt_len ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + ret = mbedtls_x509_crt_parse(&clicert, (const unsigned char *) mbedtls_test_cli_crt, + mbedtls_test_cli_crt_len); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto cleanup; } - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_ca_crt, - mbedtls_test_ca_crt_len ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_ca_crt, + mbedtls_test_ca_crt_len); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n X.509 signature verify: "); + if (verbose != 0) { + mbedtls_printf("passed\n X.509 signature verify: "); + } - ret = mbedtls_x509_crt_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + ret = mbedtls_x509_crt_verify(&clicert, &cacert, NULL, NULL, &flags, NULL, NULL); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n\n"); + if (verbose != 0) { + mbedtls_printf("passed\n\n"); + } cleanup: - mbedtls_x509_crt_free( &cacert ); - mbedtls_x509_crt_free( &clicert ); + mbedtls_x509_crt_free(&cacert); + mbedtls_x509_crt_free(&clicert); #else ((void) verbose); #endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA256_C */ - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/x509_create.c b/library/x509_create.c index 056bbaa78634..50db95688ff0 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -31,115 +31,115 @@ /* Structure linking OIDs for X.509 DN AttributeTypes to their * string representations and default string encodings used by Mbed TLS. */ typedef struct { - const char *name; /* String representation of AttributeType, e.g. - * "CN" or "emailAddress". */ - size_t name_len; /* Length of 'name', without trailing 0 byte. */ - const char *oid; /* String representation of OID of AttributeType, + const char *name; /* String representation of AttributeType, e.g. + * "CN" or "emailAddress". */ + size_t name_len; /* Length of 'name', without trailing 0 byte. */ + const char *oid; /* String representation of OID of AttributeType, * as per RFC 5280, Appendix A.1. */ - int default_tag; /* The default character encoding used for the + int default_tag; /* The default character encoding used for the * given attribute type, e.g. * MBEDTLS_ASN1_UTF8_STRING for UTF-8. */ } x509_attr_descriptor_t; -#define ADD_STRLEN( s ) s, sizeof( s ) - 1 +#define ADD_STRLEN(s) s, sizeof(s) - 1 /* X.509 DN attributes from RFC 5280, Appendix A.1. */ static const x509_attr_descriptor_t x509_attrs[] = { - { ADD_STRLEN( "CN" ), + { ADD_STRLEN("CN"), MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "commonName" ), + { ADD_STRLEN("commonName"), MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "C" ), + { ADD_STRLEN("C"), MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "countryName" ), + { ADD_STRLEN("countryName"), MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "O" ), + { ADD_STRLEN("O"), MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "organizationName" ), + { ADD_STRLEN("organizationName"), MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "L" ), + { ADD_STRLEN("L"), MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "locality" ), + { ADD_STRLEN("locality"), MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "R" ), + { ADD_STRLEN("R"), MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING }, - { ADD_STRLEN( "OU" ), + { ADD_STRLEN("OU"), MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "organizationalUnitName" ), + { ADD_STRLEN("organizationalUnitName"), MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "ST" ), + { ADD_STRLEN("ST"), MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "stateOrProvinceName" ), + { ADD_STRLEN("stateOrProvinceName"), MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "emailAddress" ), + { ADD_STRLEN("emailAddress"), MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING }, - { ADD_STRLEN( "serialNumber" ), + { ADD_STRLEN("serialNumber"), MBEDTLS_OID_AT_SERIAL_NUMBER, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "postalAddress" ), + { ADD_STRLEN("postalAddress"), MBEDTLS_OID_AT_POSTAL_ADDRESS, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "postalCode" ), + { ADD_STRLEN("postalCode"), MBEDTLS_OID_AT_POSTAL_CODE, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "dnQualifier" ), + { ADD_STRLEN("dnQualifier"), MBEDTLS_OID_AT_DN_QUALIFIER, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "title" ), + { ADD_STRLEN("title"), MBEDTLS_OID_AT_TITLE, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "surName" ), + { ADD_STRLEN("surName"), MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "SN" ), + { ADD_STRLEN("SN"), MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "givenName" ), + { ADD_STRLEN("givenName"), MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "GN" ), + { ADD_STRLEN("GN"), MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "initials" ), + { ADD_STRLEN("initials"), MBEDTLS_OID_AT_INITIALS, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "pseudonym" ), + { ADD_STRLEN("pseudonym"), MBEDTLS_OID_AT_PSEUDONYM, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "generationQualifier" ), + { ADD_STRLEN("generationQualifier"), MBEDTLS_OID_AT_GENERATION_QUALIFIER, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "domainComponent" ), + { ADD_STRLEN("domainComponent"), MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING }, - { ADD_STRLEN( "DC" ), + { ADD_STRLEN("DC"), MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING }, { NULL, 0, NULL, MBEDTLS_ASN1_NULL } }; -static const x509_attr_descriptor_t *x509_attr_descr_from_name( const char *name, size_t name_len ) +static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name, size_t name_len) { const x509_attr_descriptor_t *cur; - for( cur = x509_attrs; cur->name != NULL; cur++ ) - if( cur->name_len == name_len && - strncmp( cur->name, name, name_len ) == 0 ) + for (cur = x509_attrs; cur->name != NULL; cur++) { + if (cur->name_len == name_len && + strncmp(cur->name, name, name_len) == 0) { break; + } + } - if ( cur->name == NULL ) - return( NULL ); + if (cur->name == NULL) { + return NULL; + } - return( cur ); + return cur; } -int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ) +int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name) { int ret = 0; const char *s = name, *c = s; - const char *end = s + strlen( s ); + const char *end = s + strlen(s); const char *oid = NULL; - const x509_attr_descriptor_t* attr_descr = NULL; + const x509_attr_descriptor_t *attr_descr = NULL; int in_tag = 1; char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; char *d = data; /* Clear existing chain if present */ - mbedtls_asn1_free_named_data_list( head ); - - while( c <= end ) - { - if( in_tag && *c == '=' ) - { - if( ( attr_descr = x509_attr_descr_from_name( s, c - s ) ) == NULL ) - { + mbedtls_asn1_free_named_data_list(head); + + while (c <= end) { + if (in_tag && *c == '=') { + if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) { ret = MBEDTLS_ERR_X509_UNKNOWN_OID; goto exit; } @@ -150,45 +150,39 @@ int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *na d = data; } - if( !in_tag && *c == '\\' && c != end ) - { + if (!in_tag && *c == '\\' && c != end) { c++; /* Check for valid escaped characters */ - if( c == end || *c != ',' ) - { + if (c == end || *c != ',') { ret = MBEDTLS_ERR_X509_INVALID_NAME; goto exit; } - } - else if( !in_tag && ( *c == ',' || c == end ) ) - { - mbedtls_asn1_named_data* cur = - mbedtls_asn1_store_named_data( head, oid, strlen( oid ), - (unsigned char *) data, - d - data ); - - if(cur == NULL ) - { - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + } else if (!in_tag && (*c == ',' || c == end)) { + mbedtls_asn1_named_data *cur = + mbedtls_asn1_store_named_data(head, oid, strlen(oid), + (unsigned char *) data, + d - data); + + if (cur == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; } // set tagType cur->val.tag = attr_descr->default_tag; - while( c < end && *(c + 1) == ' ' ) + while (c < end && *(c + 1) == ' ') { c++; + } s = c + 1; in_tag = 1; } - if( !in_tag && s != c + 1 ) - { + if (!in_tag && s != c + 1) { *(d++) = *c; - if( d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE ) - { + if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) { ret = MBEDTLS_ERR_X509_INVALID_NAME; goto exit; } @@ -199,27 +193,26 @@ int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *na exit: - return( ret ); + return ret; } /* The first byte of the value in the mbedtls_asn1_named_data structure is reserved * to store the critical boolean for us */ -int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, - int critical, const unsigned char *val, size_t val_len ) +int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, + int critical, const unsigned char *val, size_t val_len) { mbedtls_asn1_named_data *cur; - if( ( cur = mbedtls_asn1_store_named_data( head, oid, oid_len, - NULL, val_len + 1 ) ) == NULL ) - { - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if ((cur = mbedtls_asn1_store_named_data(head, oid, oid_len, + NULL, val_len + 1)) == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; } cur->val.p[0] = critical; - memcpy( cur->val.p + 1, val, val_len ); + memcpy(cur->val.p + 1, val, val_len); - return( 0 ); + return 0; } /* @@ -234,115 +227,117 @@ int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, * * AttributeValue ::= ANY DEFINED BY AttributeType */ -static int x509_write_name( unsigned char **p, unsigned char *start, mbedtls_asn1_named_data* cur_name) +static int x509_write_name(unsigned char **p, + unsigned char *start, + mbedtls_asn1_named_data *cur_name) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - const char *oid = (const char*)cur_name->oid.p; + const char *oid = (const char *) cur_name->oid.p; size_t oid_len = cur_name->oid.len; const unsigned char *name = cur_name->val.p; size_t name_len = cur_name->val.len; // Write correct string tag and value - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tagged_string( p, start, - cur_name->val.tag, - (const char *) name, - name_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tagged_string(p, start, + cur_name->val.tag, + (const char *) name, + name_len)); // Write OID // - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, - oid_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, + oid_len)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SET ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SET)); - return( (int) len ); + return (int) len; } -int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ) +int mbedtls_x509_write_names(unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; mbedtls_asn1_named_data *cur = first; - while( cur != NULL ) - { - MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, cur ) ); + while (cur != NULL) { + MBEDTLS_ASN1_CHK_ADD(len, x509_write_name(p, start, cur)); cur = cur->next; } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( (int) len ); + return (int) len; } -int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len, - unsigned char *sig, size_t size ) +int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len, + unsigned char *sig, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - if( *p < start || (size_t)( *p - start ) < size ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p < start || (size_t) (*p - start) < size) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } len = size; (*p) -= len; - memcpy( *p, sig, len ); + memcpy(*p, sig, len); - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = 0; len += 1; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BIT_STRING)); // Write OID // - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( p, start, oid, - oid_len, 0 ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_algorithm_identifier(p, start, oid, + oid_len, 0)); - return( (int) len ); + return (int) len; } -static int x509_write_extension( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *ext ) +static int x509_write_extension(unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *ext) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->val.p + 1, - ext->val.len - 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->val.len - 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, ext->val.p + 1, + ext->val.len - 1)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, ext->val.len - 1)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OCTET_STRING)); - if( ext->val.p[0] != 0 ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( p, start, 1 ) ); + if (ext->val.p[0] != 0) { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_bool(p, start, 1)); } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->oid.p, - ext->oid.len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->oid.len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, ext->oid.p, + ext->oid.len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, ext->oid.len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OID)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( (int) len ); + return (int) len; } /* @@ -355,20 +350,19 @@ static int x509_write_extension( unsigned char **p, unsigned char *start, * -- by extnID * } */ -int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ) +int mbedtls_x509_write_extensions(unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; mbedtls_asn1_named_data *cur_ext = first; - while( cur_ext != NULL ) - { - MBEDTLS_ASN1_CHK_ADD( len, x509_write_extension( p, start, cur_ext ) ); + while (cur_ext != NULL) { + MBEDTLS_ASN1_CHK_ADD(len, x509_write_extension(p, start, cur_ext)); cur_ext = cur_ext->next; } - return( (int) len ); + return (int) len; } #endif /* MBEDTLS_X509_CREATE_C */ diff --git a/library/x509_crl.c b/library/x509_crl.c index b943a8d6da65..d5357ea4e8fb 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -59,24 +59,22 @@ /* * Version ::= INTEGER { v1(0), v2(1) } */ -static int x509_crl_get_version( unsigned char **p, - const unsigned char *end, - int *ver ) +static int x509_crl_get_version(unsigned char **p, + const unsigned char *end, + int *ver) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { + if ((ret = mbedtls_asn1_get_int(p, end, ver)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { *ver = 0; - return( 0 ); + return 0; } - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) ); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION, ret); } - return( 0 ); + return 0; } /* @@ -86,26 +84,27 @@ static int x509_crl_get_version( unsigned char **p, * list of extensions is well-formed and abort on critical extensions (that * are unsupported as we don't support any extension so far) */ -static int x509_get_crl_ext( unsigned char **p, - const unsigned char *end, - mbedtls_x509_buf *ext ) +static int x509_get_crl_ext(unsigned char **p, + const unsigned char *end, + mbedtls_x509_buf *ext) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } /* * crlExtensions [0] EXPLICIT Extensions OPTIONAL * -- if present, version MUST be v2 */ - if( ( ret = mbedtls_x509_get_ext( p, end, ext, 0 ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_ext(p, end, ext, 0)) != 0) { + return ret; + } end = ext->p + ext->len; - while( *p < end ) - { + while (*p < end) { /* * Extension ::= SEQUENCE { * extnID OBJECT IDENTIFIER, @@ -117,65 +116,69 @@ static int x509_get_crl_ext( unsigned char **p, size_t len; /* Get enclosing sequence tag */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } end_ext_data = *p + len; /* Get OID (currently ignored) */ - if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, - MBEDTLS_ASN1_OID ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); } *p += len; /* Get optional critical */ - if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, - &is_critical ) ) != 0 && - ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_bool(p, end_ext_data, + &is_critical)) != 0 && + (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); } /* Data should be octet string type */ - if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, - MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len, + MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* Ignore data so far and just check its length */ *p += len; - if( *p != end_ext_data ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end_ext_data) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* Abort on (unsupported) critical extensions */ - if( is_critical ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (is_critical) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* * X.509 CRL v2 entry extensions (no extensions parsed yet.) */ -static int x509_get_crl_entry_ext( unsigned char **p, - const unsigned char *end, - mbedtls_x509_buf *ext ) +static int x509_get_crl_entry_ext(unsigned char **p, + const unsigned char *end, + mbedtls_x509_buf *ext) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; /* OPTIONAL */ - if( end <= *p ) - return( 0 ); + if (end <= *p) { + return 0; + } ext->tag = **p; ext->p = *p; @@ -184,110 +187,112 @@ static int x509_get_crl_entry_ext( unsigned char **p, * Get CRL-entry extension sequence header * crlEntryExtensions Extensions OPTIONAL -- if present, MUST be v2 */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { + if ((ret = mbedtls_asn1_get_tag(p, end, &ext->len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { ext->p = NULL; - return( 0 ); + return 0; } - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); } end = *p + ext->len; - if( end != *p + ext->len ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (end != *p + ext->len) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - while( *p < end ) - { - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + while (*p < end) { + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } *p += len; } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* * X.509 CRL Entries */ -static int x509_get_entries( unsigned char **p, - const unsigned char *end, - mbedtls_x509_crl_entry *entry ) +static int x509_get_entries(unsigned char **p, + const unsigned char *end, + mbedtls_x509_crl_entry *entry) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t entry_len; mbedtls_x509_crl_entry *cur_entry = entry; - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } - if( ( ret = mbedtls_asn1_get_tag( p, end, &entry_len, - MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( 0 ); + if ((ret = mbedtls_asn1_get_tag(p, end, &entry_len, + MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return 0; + } - return( ret ); + return ret; } end = *p + entry_len; - while( *p < end ) - { + while (*p < end) { size_t len2; const unsigned char *end2; cur_entry->raw.tag = **p; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len2, - MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len2, + MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED)) != 0) { + return ret; } cur_entry->raw.p = *p; cur_entry->raw.len = len2; end2 = *p + len2; - if( ( ret = mbedtls_x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_serial(p, end2, &cur_entry->serial)) != 0) { + return ret; + } - if( ( ret = mbedtls_x509_get_time( p, end2, - &cur_entry->revocation_date ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_time(p, end2, + &cur_entry->revocation_date)) != 0) { + return ret; + } - if( ( ret = x509_get_crl_entry_ext( p, end2, - &cur_entry->entry_ext ) ) != 0 ) - return( ret ); + if ((ret = x509_get_crl_entry_ext(p, end2, + &cur_entry->entry_ext)) != 0) { + return ret; + } - if( *p < end ) - { - cur_entry->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl_entry ) ); + if (*p < end) { + cur_entry->next = mbedtls_calloc(1, sizeof(mbedtls_x509_crl_entry)); - if( cur_entry->next == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if (cur_entry->next == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } cur_entry = cur_entry->next; } } - return( 0 ); + return 0; } /* * Parse one CRLs in DER format and append it to the chained list */ -int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, - const unsigned char *buf, size_t buflen ) +int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain, + const unsigned char *buf, size_t buflen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -298,44 +303,46 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, /* * Check for valid input */ - if( crl == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (crl == NULL || buf == NULL) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) ); + memset(&sig_params1, 0, sizeof(mbedtls_x509_buf)); + memset(&sig_params2, 0, sizeof(mbedtls_x509_buf)); + memset(&sig_oid2, 0, sizeof(mbedtls_x509_buf)); /* * Add new CRL on the end of the chain if needed. */ - while( crl->version != 0 && crl->next != NULL ) + while (crl->version != 0 && crl->next != NULL) { crl = crl->next; + } - if( crl->version != 0 && crl->next == NULL ) - { - crl->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ); + if (crl->version != 0 && crl->next == NULL) { + crl->next = mbedtls_calloc(1, sizeof(mbedtls_x509_crl)); - if( crl->next == NULL ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if (crl->next == NULL) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERR_X509_ALLOC_FAILED; } - mbedtls_x509_crl_init( crl->next ); + mbedtls_x509_crl_init(crl->next); crl = crl->next; } /* * Copy raw DER-encoded CRL */ - if( buflen == 0 ) - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + if (buflen == 0) { + return MBEDTLS_ERR_X509_INVALID_FORMAT; + } - p = mbedtls_calloc( 1, buflen ); - if( p == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + p = mbedtls_calloc(1, buflen); + if (p == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } - memcpy( p, buf, buflen ); + memcpy(p, buf, buflen); crl->raw.p = p; crl->raw.len = buflen; @@ -348,18 +355,16 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERR_X509_INVALID_FORMAT; } - if( len != (size_t) ( end - p ) ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (len != (size_t) (end - p)) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } /* @@ -367,11 +372,10 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, */ crl->tbs.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } end = p + len; @@ -383,27 +387,24 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, * * signature AlgorithmIdentifier */ - if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 || - ( ret = mbedtls_x509_get_alg( &p, end, &crl->sig_oid, &sig_params1 ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if ((ret = x509_crl_get_version(&p, end, &crl->version)) != 0 || + (ret = mbedtls_x509_get_alg(&p, end, &crl->sig_oid, &sig_params1)) != 0) { + mbedtls_x509_crl_free(crl); + return ret; } - if( crl->version < 0 || crl->version > 1 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); + if (crl->version < 0 || crl->version > 1) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERR_X509_UNKNOWN_VERSION; } crl->version++; - if( ( ret = mbedtls_x509_get_sig_alg( &crl->sig_oid, &sig_params1, - &crl->sig_md, &crl->sig_pk, - &crl->sig_opts ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG ); + if ((ret = mbedtls_x509_get_sig_alg(&crl->sig_oid, &sig_params1, + &crl->sig_md, &crl->sig_pk, + &crl->sig_opts)) != 0) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG; } /* @@ -411,17 +412,15 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, */ crl->issuer_raw.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } - if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if ((ret = mbedtls_x509_get_name(&p, p + len, &crl->issuer)) != 0) { + mbedtls_x509_crl_free(crl); + return ret; } crl->issuer_raw.len = p - crl->issuer_raw.p; @@ -430,21 +429,18 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, * thisUpdate Time * nextUpdate Time OPTIONAL */ - if( ( ret = mbedtls_x509_get_time( &p, end, &crl->this_update ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); - } - - if( ( ret = mbedtls_x509_get_time( &p, end, &crl->next_update ) ) != 0 ) - { - if( ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) && - ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ) ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if ((ret = mbedtls_x509_get_time(&p, end, &crl->this_update)) != 0) { + mbedtls_x509_crl_free(crl); + return ret; + } + + if ((ret = mbedtls_x509_get_time(&p, end, &crl->next_update)) != 0) { + if (ret != (MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) && + ret != (MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_OUT_OF_DATA))) { + mbedtls_x509_crl_free(crl); + return ret; } } @@ -456,32 +452,28 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, * -- if present, MUST be v2 * } OPTIONAL */ - if( ( ret = x509_get_entries( &p, end, &crl->entry ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if ((ret = x509_get_entries(&p, end, &crl->entry)) != 0) { + mbedtls_x509_crl_free(crl); + return ret; } /* * crlExtensions EXPLICIT Extensions OPTIONAL * -- if present, MUST be v2 */ - if( crl->version == 2 ) - { - ret = x509_get_crl_ext( &p, end, &crl->crl_ext ); - - if( ret != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if (crl->version == 2) { + ret = x509_get_crl_ext(&p, end, &crl->crl_ext); + + if (ret != 0) { + mbedtls_x509_crl_free(crl); + return ret; } } - if( p != end ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } end = crl->raw.p + crl->raw.len; @@ -490,42 +482,38 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ - if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if ((ret = mbedtls_x509_get_alg(&p, end, &sig_oid2, &sig_params2)) != 0) { + mbedtls_x509_crl_free(crl); + return ret; } - if( crl->sig_oid.len != sig_oid2.len || - memcmp( crl->sig_oid.p, sig_oid2.p, crl->sig_oid.len ) != 0 || + if (crl->sig_oid.len != sig_oid2.len || + memcmp(crl->sig_oid.p, sig_oid2.p, crl->sig_oid.len) != 0 || sig_params1.len != sig_params2.len || - ( sig_params1.len != 0 && - memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_SIG_MISMATCH ); + (sig_params1.len != 0 && + memcmp(sig_params1.p, sig_params2.p, sig_params1.len) != 0)) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERR_X509_SIG_MISMATCH; } - if( ( ret = mbedtls_x509_get_sig( &p, end, &crl->sig ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if ((ret = mbedtls_x509_get_sig(&p, end, &crl->sig)) != 0) { + mbedtls_x509_crl_free(crl); + return ret; } - if( p != end ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } - return( 0 ); + return 0; } /* * Parse one or more CRLs and add them to the chained list */ -int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ) +int mbedtls_x509_crl_parse(mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen) { #if defined(MBEDTLS_PEM_PARSE_C) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -533,25 +521,25 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s mbedtls_pem_context pem; int is_pem = 0; - if( chain == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (chain == NULL || buf == NULL) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - do - { - mbedtls_pem_init( &pem ); + do { + mbedtls_pem_init(&pem); // Avoid calling mbedtls_pem_read_buffer() on non-null-terminated // string - if( buflen == 0 || buf[buflen - 1] != '\0' ) + if (buflen == 0 || buf[buflen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN X509 CRL-----", - "-----END X509 CRL-----", - buf, NULL, 0, &use_len ); - - if( ret == 0 ) - { + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN X509 CRL-----", + "-----END X509 CRL-----", + buf, NULL, 0, &use_len); + } + + if (ret == 0) { /* * Was PEM encoded */ @@ -560,51 +548,49 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s buflen -= use_len; buf += use_len; - if( ( ret = mbedtls_x509_crl_parse_der( chain, - pem.buf, pem.buflen ) ) != 0 ) - { - mbedtls_pem_free( &pem ); - return( ret ); + if ((ret = mbedtls_x509_crl_parse_der(chain, + pem.buf, pem.buflen)) != 0) { + mbedtls_pem_free(&pem); + return ret; } - } - else if( is_pem ) - { - mbedtls_pem_free( &pem ); - return( ret ); + } else if (is_pem) { + mbedtls_pem_free(&pem); + return ret; } - mbedtls_pem_free( &pem ); + mbedtls_pem_free(&pem); } /* In the PEM case, buflen is 1 at the end, for the terminated NULL byte. * And a valid CRL cannot be less than 1 byte anyway. */ - while( is_pem && buflen > 1 ); + while (is_pem && buflen > 1); - if( is_pem ) - return( 0 ); - else + if (is_pem) { + return 0; + } else #endif /* MBEDTLS_PEM_PARSE_C */ - return( mbedtls_x509_crl_parse_der( chain, buf, buflen ) ); + return mbedtls_x509_crl_parse_der(chain, buf, buflen); } #if defined(MBEDTLS_FS_IO) /* * Load one or more CRLs and add them to the chained list */ -int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ) +int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } - ret = mbedtls_x509_crl_parse( chain, buf, n ); + ret = mbedtls_x509_crl_parse(chain, buf, n); - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); + mbedtls_platform_zeroize(buf, n); + mbedtls_free(buf); - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ @@ -616,8 +602,8 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ) /* * Return an informational string about the CRL. */ -int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_crl *crl ) +int mbedtls_x509_crl_info(char *buf, size_t size, const char *prefix, + const mbedtls_x509_crl *crl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; @@ -627,79 +613,78 @@ int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, p = buf; n = size; - ret = mbedtls_snprintf( p, n, "%sCRL version : %d", - prefix, crl->version ); + ret = mbedtls_snprintf(p, n, "%sCRL version : %d", + prefix, crl->version); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%sissuer name : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &crl->issuer ); + ret = mbedtls_x509_dn_gets(p, n, &crl->issuer); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%sthis update : " \ - "%04d-%02d-%02d %02d:%02d:%02d", prefix, - crl->this_update.year, crl->this_update.mon, - crl->this_update.day, crl->this_update.hour, - crl->this_update.min, crl->this_update.sec ); + ret = mbedtls_snprintf(p, n, "\n%sthis update : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crl->this_update.year, crl->this_update.mon, + crl->this_update.day, crl->this_update.hour, + crl->this_update.min, crl->this_update.sec); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%snext update : " \ - "%04d-%02d-%02d %02d:%02d:%02d", prefix, - crl->next_update.year, crl->next_update.mon, - crl->next_update.day, crl->next_update.hour, - crl->next_update.min, crl->next_update.sec ); + ret = mbedtls_snprintf(p, n, "\n%snext update : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crl->next_update.year, crl->next_update.mon, + crl->next_update.day, crl->next_update.hour, + crl->next_update.min, crl->next_update.sec); MBEDTLS_X509_SAFE_SNPRINTF; entry = &crl->entry; - ret = mbedtls_snprintf( p, n, "\n%sRevoked certificates:", - prefix ); + ret = mbedtls_snprintf(p, n, "\n%sRevoked certificates:", + prefix); MBEDTLS_X509_SAFE_SNPRINTF; - while( entry != NULL && entry->raw.len != 0 ) - { - ret = mbedtls_snprintf( p, n, "\n%sserial number: ", - prefix ); + while (entry != NULL && entry->raw.len != 0) { + ret = mbedtls_snprintf(p, n, "\n%sserial number: ", + prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_serial_gets( p, n, &entry->serial ); + ret = mbedtls_x509_serial_gets(p, n, &entry->serial); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, " revocation date: " \ - "%04d-%02d-%02d %02d:%02d:%02d", - entry->revocation_date.year, entry->revocation_date.mon, - entry->revocation_date.day, entry->revocation_date.hour, - entry->revocation_date.min, entry->revocation_date.sec ); + ret = mbedtls_snprintf(p, n, " revocation date: " \ + "%04d-%02d-%02d %02d:%02d:%02d", + entry->revocation_date.year, entry->revocation_date.mon, + entry->revocation_date.day, entry->revocation_date.hour, + entry->revocation_date.min, entry->revocation_date.sec); MBEDTLS_X509_SAFE_SNPRINTF; entry = entry->next; } - ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%ssigned using : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_sig_alg_gets( p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md, - crl->sig_opts ); + ret = mbedtls_x509_sig_alg_gets(p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md, + crl->sig_opts); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n" ); + ret = mbedtls_snprintf(p, n, "\n"); MBEDTLS_X509_SAFE_SNPRINTF; - return( (int) ( size - n ) ); + return (int) (size - n); } /* * Initialize a CRL chain */ -void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ) +void mbedtls_x509_crl_init(mbedtls_x509_crl *crl) { - memset( crl, 0, sizeof(mbedtls_x509_crl) ); + memset(crl, 0, sizeof(mbedtls_x509_crl)); } /* * Unallocate all CRL data */ -void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ) +void mbedtls_x509_crl_free(mbedtls_x509_crl *crl) { mbedtls_x509_crl *crl_cur = crl; mbedtls_x509_crl *crl_prv; @@ -708,55 +693,50 @@ void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ) mbedtls_x509_crl_entry *entry_cur; mbedtls_x509_crl_entry *entry_prv; - if( crl == NULL ) + if (crl == NULL) { return; + } - do - { + do { #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - mbedtls_free( crl_cur->sig_opts ); + mbedtls_free(crl_cur->sig_opts); #endif name_cur = crl_cur->issuer.next; - while( name_cur != NULL ) - { + while (name_cur != NULL) { name_prv = name_cur; name_cur = name_cur->next; - mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); - mbedtls_free( name_prv ); + mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name)); + mbedtls_free(name_prv); } entry_cur = crl_cur->entry.next; - while( entry_cur != NULL ) - { + while (entry_cur != NULL) { entry_prv = entry_cur; entry_cur = entry_cur->next; - mbedtls_platform_zeroize( entry_prv, - sizeof( mbedtls_x509_crl_entry ) ); - mbedtls_free( entry_prv ); + mbedtls_platform_zeroize(entry_prv, + sizeof(mbedtls_x509_crl_entry)); + mbedtls_free(entry_prv); } - if( crl_cur->raw.p != NULL ) - { - mbedtls_platform_zeroize( crl_cur->raw.p, crl_cur->raw.len ); - mbedtls_free( crl_cur->raw.p ); + if (crl_cur->raw.p != NULL) { + mbedtls_platform_zeroize(crl_cur->raw.p, crl_cur->raw.len); + mbedtls_free(crl_cur->raw.p); } crl_cur = crl_cur->next; - } - while( crl_cur != NULL ); + } while (crl_cur != NULL); crl_cur = crl; - do - { + do { crl_prv = crl_cur; crl_cur = crl_cur->next; - mbedtls_platform_zeroize( crl_prv, sizeof( mbedtls_x509_crl ) ); - if( crl_prv != crl ) - mbedtls_free( crl_prv ); - } - while( crl_cur != NULL ); + mbedtls_platform_zeroize(crl_prv, sizeof(mbedtls_x509_crl)); + if (crl_prv != crl) { + mbedtls_free(crl_prv); + } + } while (crl_cur != NULL); } #endif /* MBEDTLS_X509_CRL_PARSE_C */ diff --git a/library/x509_crt.c b/library/x509_crt.c index def1414eca0f..9ea96b0aa5a4 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -84,17 +84,17 @@ typedef struct { /* * Max size of verification chain: end-entity + intermediates + trusted root */ -#define X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) +#define X509_MAX_VERIFY_CHAIN_SIZE (MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2) /* Default profile. Do not remove items unless there are serious security * concerns. */ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = { /* Only SHA-2 hashes */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA224) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), 0xFFFFFFF, /* Any PK alg */ 0xFFFFFFF, /* Any curve */ 2048, @@ -106,19 +106,19 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next = { /* Hashes from SHA-256 and above */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), 0xFFFFFFF, /* Any PK alg */ #if defined(MBEDTLS_ECP_C) /* Curves at or above 128-bit security level */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256K1 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP384R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP521R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP256R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP384R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP512R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256K1), #else 0, #endif @@ -131,15 +131,15 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next = const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb = { /* Only SHA-256 and 384 */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384), /* Only ECDSA */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECDSA ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECKEY ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_ECDSA) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_ECKEY), #if defined(MBEDTLS_ECP_C) /* Only NIST P-256 and P-384 */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP384R1), #else 0, #endif @@ -150,133 +150,136 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb = * Check md_alg against profile * Return 0 if md_alg is acceptable for this profile, -1 otherwise */ -static int x509_profile_check_md_alg( const mbedtls_x509_crt_profile *profile, - mbedtls_md_type_t md_alg ) +static int x509_profile_check_md_alg(const mbedtls_x509_crt_profile *profile, + mbedtls_md_type_t md_alg) { - if( md_alg == MBEDTLS_MD_NONE ) - return( -1 ); + if (md_alg == MBEDTLS_MD_NONE) { + return -1; + } - if( ( profile->allowed_mds & MBEDTLS_X509_ID_FLAG( md_alg ) ) != 0 ) - return( 0 ); + if ((profile->allowed_mds & MBEDTLS_X509_ID_FLAG(md_alg)) != 0) { + return 0; + } - return( -1 ); + return -1; } /* * Check pk_alg against profile * Return 0 if pk_alg is acceptable for this profile, -1 otherwise */ -static int x509_profile_check_pk_alg( const mbedtls_x509_crt_profile *profile, - mbedtls_pk_type_t pk_alg ) +static int x509_profile_check_pk_alg(const mbedtls_x509_crt_profile *profile, + mbedtls_pk_type_t pk_alg) { - if( pk_alg == MBEDTLS_PK_NONE ) - return( -1 ); + if (pk_alg == MBEDTLS_PK_NONE) { + return -1; + } - if( ( profile->allowed_pks & MBEDTLS_X509_ID_FLAG( pk_alg ) ) != 0 ) - return( 0 ); + if ((profile->allowed_pks & MBEDTLS_X509_ID_FLAG(pk_alg)) != 0) { + return 0; + } - return( -1 ); + return -1; } /* * Check key against profile * Return 0 if pk is acceptable for this profile, -1 otherwise */ -static int x509_profile_check_key( const mbedtls_x509_crt_profile *profile, - const mbedtls_pk_context *pk ) +static int x509_profile_check_key(const mbedtls_x509_crt_profile *profile, + const mbedtls_pk_context *pk) { - const mbedtls_pk_type_t pk_alg = mbedtls_pk_get_type( pk ); + const mbedtls_pk_type_t pk_alg = mbedtls_pk_get_type(pk); #if defined(MBEDTLS_RSA_C) - if( pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS ) - { - if( mbedtls_pk_get_bitlen( pk ) >= profile->rsa_min_bitlen ) - return( 0 ); + if (pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS) { + if (mbedtls_pk_get_bitlen(pk) >= profile->rsa_min_bitlen) { + return 0; + } - return( -1 ); + return -1; } #endif #if defined(MBEDTLS_ECP_C) - if( pk_alg == MBEDTLS_PK_ECDSA || + if (pk_alg == MBEDTLS_PK_ECDSA || pk_alg == MBEDTLS_PK_ECKEY || - pk_alg == MBEDTLS_PK_ECKEY_DH ) - { - const mbedtls_ecp_group_id gid = mbedtls_pk_ec( *pk )->grp.id; + pk_alg == MBEDTLS_PK_ECKEY_DH) { + const mbedtls_ecp_group_id gid = mbedtls_pk_ec(*pk)->grp.id; - if( gid == MBEDTLS_ECP_DP_NONE ) - return( -1 ); + if (gid == MBEDTLS_ECP_DP_NONE) { + return -1; + } - if( ( profile->allowed_curves & MBEDTLS_X509_ID_FLAG( gid ) ) != 0 ) - return( 0 ); + if ((profile->allowed_curves & MBEDTLS_X509_ID_FLAG(gid)) != 0) { + return 0; + } - return( -1 ); + return -1; } #endif - return( -1 ); + return -1; } /* * Like memcmp, but case-insensitive and always returns -1 if different */ -static int x509_memcasecmp( const void *s1, const void *s2, size_t len ) +static int x509_memcasecmp(const void *s1, const void *s2, size_t len) { size_t i; unsigned char diff; const unsigned char *n1 = s1, *n2 = s2; - for( i = 0; i < len; i++ ) - { + for (i = 0; i < len; i++) { diff = n1[i] ^ n2[i]; - if( diff == 0 ) + if (diff == 0) { continue; + } - if( diff == 32 && - ( ( n1[i] >= 'a' && n1[i] <= 'z' ) || - ( n1[i] >= 'A' && n1[i] <= 'Z' ) ) ) - { + if (diff == 32 && + ((n1[i] >= 'a' && n1[i] <= 'z') || + (n1[i] >= 'A' && n1[i] <= 'Z'))) { continue; } - return( -1 ); + return -1; } - return( 0 ); + return 0; } /* * Return 0 if name matches wildcard, -1 otherwise */ -static int x509_check_wildcard( const char *cn, const mbedtls_x509_buf *name ) +static int x509_check_wildcard(const char *cn, const mbedtls_x509_buf *name) { size_t i; - size_t cn_idx = 0, cn_len = strlen( cn ); + size_t cn_idx = 0, cn_len = strlen(cn); /* We can't have a match if there is no wildcard to match */ - if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' ) - return( -1 ); + if (name->len < 3 || name->p[0] != '*' || name->p[1] != '.') { + return -1; + } - for( i = 0; i < cn_len; ++i ) - { - if( cn[i] == '.' ) - { + for (i = 0; i < cn_len; ++i) { + if (cn[i] == '.') { cn_idx = i; break; } } - if( cn_idx == 0 ) - return( -1 ); + if (cn_idx == 0) { + return -1; + } - if( cn_len - cn_idx == name->len - 1 && - x509_memcasecmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 ) - { - return( 0 ); + if (cn_len - cn_idx == name->len - 1 && + x509_memcasecmp(name->p + 1, cn + cn_idx, name->len - 1) == 0) { + return 0; } - return( -1 ); + return -1; } /* @@ -285,24 +288,22 @@ static int x509_check_wildcard( const char *cn, const mbedtls_x509_buf *name ) * * Return 0 if equal, -1 otherwise. */ -static int x509_string_cmp( const mbedtls_x509_buf *a, const mbedtls_x509_buf *b ) +static int x509_string_cmp(const mbedtls_x509_buf *a, const mbedtls_x509_buf *b) { - if( a->tag == b->tag && + if (a->tag == b->tag && a->len == b->len && - memcmp( a->p, b->p, b->len ) == 0 ) - { - return( 0 ); + memcmp(a->p, b->p, b->len) == 0) { + return 0; } - if( ( a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && - ( b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && + if ((a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING) && + (b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING) && a->len == b->len && - x509_memcasecmp( a->p, b->p, b->len ) == 0 ) - { - return( 0 ); + x509_memcasecmp(a->p, b->p, b->len) == 0) { + return 0; } - return( -1 ); + return -1; } /* @@ -315,48 +316,48 @@ static int x509_string_cmp( const mbedtls_x509_buf *a, const mbedtls_x509_buf *b * * Return 0 if equal, -1 otherwise. */ -static int x509_name_cmp( const mbedtls_x509_name *a, const mbedtls_x509_name *b ) +static int x509_name_cmp(const mbedtls_x509_name *a, const mbedtls_x509_name *b) { /* Avoid recursion, it might not be optimised by the compiler */ - while( a != NULL || b != NULL ) - { - if( a == NULL || b == NULL ) - return( -1 ); + while (a != NULL || b != NULL) { + if (a == NULL || b == NULL) { + return -1; + } /* type */ - if( a->oid.tag != b->oid.tag || + if (a->oid.tag != b->oid.tag || a->oid.len != b->oid.len || - memcmp( a->oid.p, b->oid.p, b->oid.len ) != 0 ) - { - return( -1 ); + memcmp(a->oid.p, b->oid.p, b->oid.len) != 0) { + return -1; } /* value */ - if( x509_string_cmp( &a->val, &b->val ) != 0 ) - return( -1 ); + if (x509_string_cmp(&a->val, &b->val) != 0) { + return -1; + } /* structure of the list of sets */ - if( a->next_merged != b->next_merged ) - return( -1 ); + if (a->next_merged != b->next_merged) { + return -1; + } a = a->next; b = b->next; } /* a == NULL == b */ - return( 0 ); + return 0; } /* * Reset (init or clear) a verify_chain */ static void x509_crt_verify_chain_reset( - mbedtls_x509_crt_verify_chain *ver_chain ) + mbedtls_x509_crt_verify_chain *ver_chain) { size_t i; - for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ ) - { + for (i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++) { ver_chain->items[i].crt = NULL; ver_chain->items[i].flags = (uint32_t) -1; } @@ -371,35 +372,36 @@ static void x509_crt_verify_chain_reset( /* * Version ::= INTEGER { v1(0), v2(1), v3(2) } */ -static int x509_get_version( unsigned char **p, - const unsigned char *end, - int *ver ) +static int x509_get_version(unsigned char **p, + const unsigned char *end, + int *ver) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 0)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { *ver = 0; - return( 0 ); + return 0; } - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } end = *p + len; - if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) ); + if ((ret = mbedtls_asn1_get_int(p, end, ver)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION, ret); + } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* @@ -407,66 +409,72 @@ static int x509_get_version( unsigned char **p, * notBefore Time, * notAfter Time } */ -static int x509_get_dates( unsigned char **p, - const unsigned char *end, - mbedtls_x509_time *from, - mbedtls_x509_time *to ) +static int x509_get_dates(unsigned char **p, + const unsigned char *end, + mbedtls_x509_time *from, + mbedtls_x509_time *to) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, ret); + } end = *p + len; - if( ( ret = mbedtls_x509_get_time( p, end, from ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_time(p, end, from)) != 0) { + return ret; + } - if( ( ret = mbedtls_x509_get_time( p, end, to ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_time(p, end, to)) != 0) { + return ret; + } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* * X.509 v2/v3 unique identifier (not parsed) */ -static int x509_get_uid( unsigned char **p, - const unsigned char *end, - mbedtls_x509_buf *uid, int n ) +static int x509_get_uid(unsigned char **p, + const unsigned char *end, + mbedtls_x509_buf *uid, int n) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } uid->tag = **p; - if( ( ret = mbedtls_asn1_get_tag( p, end, &uid->len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | n ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( 0 ); + if ((ret = mbedtls_asn1_get_tag(p, end, &uid->len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + n)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return 0; + } - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } uid->p = *p; *p += uid->len; - return( 0 ); + return 0; } -static int x509_get_basic_constraints( unsigned char **p, - const unsigned char *end, - int *ca_istrue, - int *max_pathlen ) +static int x509_get_basic_constraints(unsigned char **p, + const unsigned char *end, + int *ca_istrue, + int *max_pathlen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -479,88 +487,99 @@ static int x509_get_basic_constraints( unsigned char **p, *ca_istrue = 0; /* DEFAULT FALSE */ *max_pathlen = 0; /* endless */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } - if( ( ret = mbedtls_asn1_get_bool( p, end, ca_istrue ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - ret = mbedtls_asn1_get_int( p, end, ca_istrue ); + if ((ret = mbedtls_asn1_get_bool(p, end, ca_istrue)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + ret = mbedtls_asn1_get_int(p, end, ca_istrue); + } - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( *ca_istrue != 0 ) + if (*ca_istrue != 0) { *ca_istrue = 1; + } } - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } - if( ( ret = mbedtls_asn1_get_int( p, end, max_pathlen ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_int(p, end, max_pathlen)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* Do not accept max_pathlen equal to INT_MAX to avoid a signed integer * overflow, which is an undefined behavior. */ - if( *max_pathlen == INT_MAX ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); + if (*max_pathlen == INT_MAX) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH); + } (*max_pathlen)++; - return( 0 ); + return 0; } -static int x509_get_ns_cert_type( unsigned char **p, - const unsigned char *end, - unsigned char *ns_cert_type) +static int x509_get_ns_cert_type(unsigned char **p, + const unsigned char *end, + unsigned char *ns_cert_type) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_x509_bitstring bs = { 0, 0, NULL }; - if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_bitstring(p, end, &bs)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( bs.len != 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); + if (bs.len != 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH); + } /* Get actual bitstring */ *ns_cert_type = *bs.p; - return( 0 ); + return 0; } -static int x509_get_key_usage( unsigned char **p, - const unsigned char *end, - unsigned int *key_usage) +static int x509_get_key_usage(unsigned char **p, + const unsigned char *end, + unsigned int *key_usage) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_x509_bitstring bs = { 0, 0, NULL }; - if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_bitstring(p, end, &bs)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( bs.len < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); + if (bs.len < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH); + } /* Get actual bitstring */ *key_usage = 0; - for( i = 0; i < bs.len && i < sizeof( unsigned int ); i++ ) - { + for (i = 0; i < bs.len && i < sizeof(unsigned int); i++) { *key_usage |= (unsigned int) bs.p[i] << (8*i); } - return( 0 ); + return 0; } /* @@ -568,21 +587,23 @@ static int x509_get_key_usage( unsigned char **p, * * KeyPurposeId ::= OBJECT IDENTIFIER */ -static int x509_get_ext_key_usage( unsigned char **p, - const unsigned char *end, - mbedtls_x509_sequence *ext_key_usage) +static int x509_get_ext_key_usage(unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *ext_key_usage) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_asn1_get_sequence_of( p, end, ext_key_usage, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_sequence_of(p, end, ext_key_usage, MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* Sequence length must be >= 1 */ - if( ext_key_usage->buf.p == NULL ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); + if (ext_key_usage->buf.p == NULL) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH); + } - return( 0 ); + return 0; } /* @@ -612,9 +633,9 @@ static int x509_get_ext_key_usage( unsigned char **p, * NOTE: we list all types, but only use dNSName and otherName * of type HwModuleName, as defined in RFC 4108, at this point. */ -static int x509_get_subject_alt_name( unsigned char **p, - const unsigned char *end, - mbedtls_x509_sequence *subject_alt_name ) +static int x509_get_subject_alt_name(unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *subject_alt_name) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len, tag_len; @@ -623,66 +644,66 @@ static int x509_get_subject_alt_name( unsigned char **p, mbedtls_asn1_sequence *cur = subject_alt_name; /* Get main sequence tag */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( *p + len != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - while( *p < end ) - { + while (*p < end) { mbedtls_x509_subject_alternative_name dummy_san_buf; - memset( &dummy_san_buf, 0, sizeof( dummy_san_buf ) ); + memset(&dummy_san_buf, 0, sizeof(dummy_san_buf)); tag = **p; (*p)++; - if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_len(p, end, &tag_len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( ( tag & MBEDTLS_ASN1_TAG_CLASS_MASK ) != - MBEDTLS_ASN1_CONTEXT_SPECIFIC ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if ((tag & MBEDTLS_ASN1_TAG_CLASS_MASK) != + MBEDTLS_ASN1_CONTEXT_SPECIFIC) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } /* * Check that the SAN is structured correctly. */ - ret = mbedtls_x509_parse_subject_alt_name( &(cur->buf), &dummy_san_buf ); + ret = mbedtls_x509_parse_subject_alt_name(&(cur->buf), &dummy_san_buf); /* * In case the extension is malformed, return an error, * and clear the allocated sequences. */ - if( ret != 0 && ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ) - { + if (ret != 0 && ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) { mbedtls_x509_sequence *seq_cur = subject_alt_name->next; mbedtls_x509_sequence *seq_prv; - while( seq_cur != NULL ) - { + while (seq_cur != NULL) { seq_prv = seq_cur; seq_cur = seq_cur->next; - mbedtls_platform_zeroize( seq_prv, - sizeof( mbedtls_x509_sequence ) ); - mbedtls_free( seq_prv ); + mbedtls_platform_zeroize(seq_prv, + sizeof(mbedtls_x509_sequence)); + mbedtls_free(seq_prv); } subject_alt_name->next = NULL; - return( ret ); + return ret; } /* Allocate and assign next pointer */ - if( cur->buf.p != NULL ) - { - if( cur->next != NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS ); + if (cur->buf.p != NULL) { + if (cur->next != NULL) { + return MBEDTLS_ERR_X509_INVALID_EXTENSIONS; + } - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); + cur->next = mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence)); - if( cur->next == NULL ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_ALLOC_FAILED ) ); + if (cur->next == NULL) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_ALLOC_FAILED); + } cur = cur->next; } @@ -697,11 +718,12 @@ static int x509_get_subject_alt_name( unsigned char **p, /* Set final sequence entry's next pointer to NULL */ cur->next = NULL; - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* @@ -753,9 +775,9 @@ static int x509_get_subject_alt_name( unsigned char **p, * NOTE: we only parse and use anyPolicy without qualifiers at this point * as defined in RFC 5280. */ -static int x509_get_certificate_policies( unsigned char **p, - const unsigned char *end, - mbedtls_x509_sequence *certificate_policies ) +static int x509_get_certificate_policies(unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *certificate_policies) { int ret, parse_ret = 0; size_t len; @@ -763,39 +785,43 @@ static int x509_get_certificate_policies( unsigned char **p, mbedtls_asn1_sequence *cur = certificate_policies; /* Get main sequence tag */ - ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( *p + len != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* * Cannot be an empty sequence. */ - if( len == 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (len == 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - while( *p < end ) - { + while (*p < end) { mbedtls_x509_buf policy_oid; const unsigned char *policy_end; /* * Get the policy sequence */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } policy_end = *p + len; - if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, - MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } policy_oid.tag = MBEDTLS_ASN1_OID; policy_oid.len = len; @@ -804,8 +830,7 @@ static int x509_get_certificate_policies( unsigned char **p, /* * Only AnyPolicy is currently supported when enforcing policy. */ - if( MBEDTLS_OID_CMP( MBEDTLS_OID_ANY_POLICY, &policy_oid ) != 0 ) - { + if (MBEDTLS_OID_CMP(MBEDTLS_OID_ANY_POLICY, &policy_oid) != 0) { /* * Set the parsing return code but continue parsing, in case this * extension is critical and MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION @@ -815,135 +840,144 @@ static int x509_get_certificate_policies( unsigned char **p, } /* Allocate and assign next pointer */ - if( cur->buf.p != NULL ) - { - if( cur->next != NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS ); + if (cur->buf.p != NULL) { + if (cur->next != NULL) { + return MBEDTLS_ERR_X509_INVALID_EXTENSIONS; + } - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); + cur->next = mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence)); - if( cur->next == NULL ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_ALLOC_FAILED ) ); + if (cur->next == NULL) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_ALLOC_FAILED); + } cur = cur->next; } - buf = &( cur->buf ); + buf = &(cur->buf); buf->tag = policy_oid.tag; buf->p = policy_oid.p; buf->len = policy_oid.len; *p += len; - /* - * If there is an optional qualifier, then *p < policy_end - * Check the Qualifier len to verify it doesn't exceed policy_end. - */ - if( *p < policy_end ) - { - if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + /* + * If there is an optional qualifier, then *p < policy_end + * Check the Qualifier len to verify it doesn't exceed policy_end. + */ + if (*p < policy_end) { + if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != + 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* * Skip the optional policy qualifiers. */ *p += len; } - if( *p != policy_end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != policy_end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } } /* Set final sequence entry's next pointer to NULL */ cur->next = NULL; - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( parse_ret ); + return parse_ret; } /* * X.509 v3 extensions * */ -static int x509_get_crt_ext( unsigned char **p, - const unsigned char *end, - mbedtls_x509_crt *crt, - mbedtls_x509_crt_ext_cb_t cb, - void *p_ctx ) +static int x509_get_crt_ext(unsigned char **p, + const unsigned char *end, + mbedtls_x509_crt *crt, + mbedtls_x509_crt_ext_cb_t cb, + void *p_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; unsigned char *end_ext_data, *start_ext_octet, *end_ext_octet; - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } - if( ( ret = mbedtls_x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_ext(p, end, &crt->v3_ext, 3)) != 0) { + return ret; + } end = crt->v3_ext.p + crt->v3_ext.len; - while( *p < end ) - { + while (*p < end) { /* * Extension ::= SEQUENCE { * extnID OBJECT IDENTIFIER, * critical BOOLEAN DEFAULT FALSE, * extnValue OCTET STRING } */ - mbedtls_x509_buf extn_oid = {0, 0, NULL}; + mbedtls_x509_buf extn_oid = { 0, 0, NULL }; int is_critical = 0; /* DEFAULT FALSE */ int ext_type = 0; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } end_ext_data = *p + len; /* Get extension ID */ - if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &extn_oid.len, - MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &extn_oid.len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } extn_oid.tag = MBEDTLS_ASN1_OID; extn_oid.p = *p; *p += extn_oid.len; /* Get optional critical */ - if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 && - ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_bool(p, end_ext_data, &is_critical)) != 0 && + (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* Data should be octet string type */ - if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, - MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len, + MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } start_ext_octet = *p; end_ext_octet = *p + len; - if( end_ext_octet != end_ext_data ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (end_ext_octet != end_ext_data) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* * Detect supported extensions */ - ret = mbedtls_oid_get_x509_ext_type( &extn_oid, &ext_type ); + ret = mbedtls_oid_get_x509_ext_type(&extn_oid, &ext_type); - if( ret != 0 ) - { + if (ret != 0) { /* Give the callback (if any) a chance to handle the extension */ - if( cb != NULL ) - { - ret = cb( p_ctx, crt, &extn_oid, is_critical, *p, end_ext_octet ); - if( ret != 0 && is_critical ) - return( ret ); + if (cb != NULL) { + ret = cb(p_ctx, crt, &extn_oid, is_critical, *p, end_ext_octet); + if (ret != 0 && is_critical) { + return ret; + } *p = end_ext_octet; continue; } @@ -952,136 +986,143 @@ static int x509_get_crt_ext( unsigned char **p, *p = end_ext_octet; #if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - if( is_critical ) - { + if (is_critical) { /* Data is marked as critical: fail */ - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } #endif continue; } /* Forbid repeated extensions */ - if( ( crt->ext_types & ext_type ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS ); + if ((crt->ext_types & ext_type) != 0) { + return MBEDTLS_ERR_X509_INVALID_EXTENSIONS; + } crt->ext_types |= ext_type; - switch( ext_type ) - { - case MBEDTLS_X509_EXT_BASIC_CONSTRAINTS: - /* Parse basic constraints */ - if( ( ret = x509_get_basic_constraints( p, end_ext_octet, - &crt->ca_istrue, &crt->max_pathlen ) ) != 0 ) - return( ret ); - break; + switch (ext_type) { + case MBEDTLS_X509_EXT_BASIC_CONSTRAINTS: + /* Parse basic constraints */ + if ((ret = x509_get_basic_constraints(p, end_ext_octet, + &crt->ca_istrue, &crt->max_pathlen)) != 0) { + return ret; + } + break; - case MBEDTLS_X509_EXT_KEY_USAGE: - /* Parse key usage */ - if( ( ret = x509_get_key_usage( p, end_ext_octet, - &crt->key_usage ) ) != 0 ) - return( ret ); - break; + case MBEDTLS_X509_EXT_KEY_USAGE: + /* Parse key usage */ + if ((ret = x509_get_key_usage(p, end_ext_octet, + &crt->key_usage)) != 0) { + return ret; + } + break; - case MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE: - /* Parse extended key usage */ - if( ( ret = x509_get_ext_key_usage( p, end_ext_octet, - &crt->ext_key_usage ) ) != 0 ) - return( ret ); - break; + case MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE: + /* Parse extended key usage */ + if ((ret = x509_get_ext_key_usage(p, end_ext_octet, + &crt->ext_key_usage)) != 0) { + return ret; + } + break; - case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME: - /* Parse subject alt name */ - if( ( ret = x509_get_subject_alt_name( p, end_ext_octet, - &crt->subject_alt_names ) ) != 0 ) - return( ret ); - break; + case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME: + /* Parse subject alt name */ + if ((ret = x509_get_subject_alt_name(p, end_ext_octet, + &crt->subject_alt_names)) != 0) { + return ret; + } + break; - case MBEDTLS_X509_EXT_NS_CERT_TYPE: - /* Parse netscape certificate type */ - if( ( ret = x509_get_ns_cert_type( p, end_ext_octet, - &crt->ns_cert_type ) ) != 0 ) - return( ret ); - break; + case MBEDTLS_X509_EXT_NS_CERT_TYPE: + /* Parse netscape certificate type */ + if ((ret = x509_get_ns_cert_type(p, end_ext_octet, + &crt->ns_cert_type)) != 0) { + return ret; + } + break; - case MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES: - /* Parse certificate policies type */ - if( ( ret = x509_get_certificate_policies( p, end_ext_octet, - &crt->certificate_policies ) ) != 0 ) - { - /* Give the callback (if any) a chance to handle the extension - * if it contains unsupported policies */ - if( ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE && cb != NULL && - cb( p_ctx, crt, &extn_oid, is_critical, - start_ext_octet, end_ext_octet ) == 0 ) - break; + case MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES: + /* Parse certificate policies type */ + if ((ret = x509_get_certificate_policies(p, end_ext_octet, + &crt->certificate_policies)) != 0) { + /* Give the callback (if any) a chance to handle the extension + * if it contains unsupported policies */ + if (ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE && cb != NULL && + cb(p_ctx, crt, &extn_oid, is_critical, + start_ext_octet, end_ext_octet) == 0) { + break; + } #if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - if( is_critical ) - return( ret ); - else + if (is_critical) { + return ret; + } else #endif + /* + * If MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE is returned, then we + * cannot interpret or enforce the policy. However, it is up to + * the user to choose how to enforce the policies, + * unless the extension is critical. + */ + if (ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) { + return ret; + } + } + break; + + default: /* - * If MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE is returned, then we - * cannot interpret or enforce the policy. However, it is up to - * the user to choose how to enforce the policies, - * unless the extension is critical. + * If this is a non-critical extension, which the oid layer + * supports, but there isn't an x509 parser for it, + * skip the extension. */ - if( ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ) - return( ret ); - } - break; - - default: - /* - * If this is a non-critical extension, which the oid layer - * supports, but there isn't an x509 parser for it, - * skip the extension. - */ #if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - if( is_critical ) - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); - else + if (is_critical) { + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; + } else #endif *p = end_ext_octet; } } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* * Parse and fill a single X.509 certificate in DER format */ -static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, - const unsigned char *buf, - size_t buflen, - int make_copy, - mbedtls_x509_crt_ext_cb_t cb, - void *p_ctx ) +static int x509_crt_parse_der_core(mbedtls_x509_crt *crt, + const unsigned char *buf, + size_t buflen, + int make_copy, + mbedtls_x509_crt_ext_cb_t cb, + void *p_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; unsigned char *p, *end, *crt_end; mbedtls_x509_buf sig_params1, sig_params2, sig_oid2; - memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) ); + memset(&sig_params1, 0, sizeof(mbedtls_x509_buf)); + memset(&sig_params2, 0, sizeof(mbedtls_x509_buf)); + memset(&sig_oid2, 0, sizeof(mbedtls_x509_buf)); /* * Check for valid input */ - if( crt == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (crt == NULL || buf == NULL) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } /* Use the original buffer until we figure out actual length. */ - p = (unsigned char*) buf; + p = (unsigned char *) buf; len = buflen; end = p + len; @@ -1091,31 +1132,28 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERR_X509_INVALID_FORMAT; } end = crt_end = p + len; crt->raw.len = crt_end - buf; - if( make_copy != 0 ) - { + if (make_copy != 0) { /* Create and populate a new buffer for the raw field. */ - crt->raw.p = p = mbedtls_calloc( 1, crt->raw.len ); - if( crt->raw.p == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + crt->raw.p = p = mbedtls_calloc(1, crt->raw.len); + if (crt->raw.p == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } - memcpy( crt->raw.p, buf, crt->raw.len ); + memcpy(crt->raw.p, buf, crt->raw.len); crt->own_buffer = 1; p += crt->raw.len - len; end = crt_end = p + len; - } - else - { - crt->raw.p = (unsigned char*) buf; + } else { + crt->raw.p = (unsigned char *) buf; crt->own_buffer = 0; } @@ -1124,11 +1162,10 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, */ crt->tbs.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } end = p + len; @@ -1141,29 +1178,26 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, * * signature AlgorithmIdentifier */ - if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 || - ( ret = mbedtls_x509_get_serial( &p, end, &crt->serial ) ) != 0 || - ( ret = mbedtls_x509_get_alg( &p, end, &crt->sig_oid, - &sig_params1 ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = x509_get_version(&p, end, &crt->version)) != 0 || + (ret = mbedtls_x509_get_serial(&p, end, &crt->serial)) != 0 || + (ret = mbedtls_x509_get_alg(&p, end, &crt->sig_oid, + &sig_params1)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } - if( crt->version < 0 || crt->version > 2 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); + if (crt->version < 0 || crt->version > 2) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERR_X509_UNKNOWN_VERSION; } crt->version++; - if( ( ret = mbedtls_x509_get_sig_alg( &crt->sig_oid, &sig_params1, - &crt->sig_md, &crt->sig_pk, - &crt->sig_opts ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = mbedtls_x509_get_sig_alg(&crt->sig_oid, &sig_params1, + &crt->sig_md, &crt->sig_pk, + &crt->sig_opts)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } /* @@ -1171,17 +1205,15 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, */ crt->issuer_raw.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } - if( ( ret = mbedtls_x509_get_name( &p, p + len, &crt->issuer ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = mbedtls_x509_get_name(&p, p + len, &crt->issuer)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } crt->issuer_raw.len = p - crt->issuer_raw.p; @@ -1192,11 +1224,10 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, * notAfter Time } * */ - if( ( ret = x509_get_dates( &p, end, &crt->valid_from, - &crt->valid_to ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = x509_get_dates(&p, end, &crt->valid_from, + &crt->valid_to)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } /* @@ -1204,17 +1235,15 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, */ crt->subject_raw.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } - if( len && ( ret = mbedtls_x509_get_name( &p, p + len, &crt->subject ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if (len && (ret = mbedtls_x509_get_name(&p, p + len, &crt->subject)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } crt->subject_raw.len = p - crt->subject_raw.p; @@ -1223,10 +1252,9 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, * SubjectPublicKeyInfo */ crt->pk_raw.p = p; - if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = mbedtls_pk_parse_subpubkey(&p, end, &crt->pk)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } crt->pk_raw.len = p - crt->pk_raw.p; @@ -1238,46 +1266,40 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, * extensions [3] EXPLICIT Extensions OPTIONAL * -- If present, version shall be v3 */ - if( crt->version == 2 || crt->version == 3 ) - { - ret = x509_get_uid( &p, end, &crt->issuer_id, 1 ); - if( ret != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if (crt->version == 2 || crt->version == 3) { + ret = x509_get_uid(&p, end, &crt->issuer_id, 1); + if (ret != 0) { + mbedtls_x509_crt_free(crt); + return ret; } } - if( crt->version == 2 || crt->version == 3 ) - { - ret = x509_get_uid( &p, end, &crt->subject_id, 2 ); - if( ret != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if (crt->version == 2 || crt->version == 3) { + ret = x509_get_uid(&p, end, &crt->subject_id, 2); + if (ret != 0) { + mbedtls_x509_crt_free(crt); + return ret; } } int extensions_allowed = 1; #if !defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) - if( crt->version != 3 ) + if (crt->version != 3) { extensions_allowed = 0; + } #endif - if( extensions_allowed ) - { - ret = x509_get_crt_ext( &p, end, crt, cb, p_ctx ); - if( ret != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if (extensions_allowed) { + ret = x509_get_crt_ext(&p, end, crt, cb, p_ctx); + if (ret != 0) { + mbedtls_x509_crt_free(crt); + return ret; } } - if( p != end ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } end = crt_end; @@ -1289,49 +1311,45 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ - if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = mbedtls_x509_get_alg(&p, end, &sig_oid2, &sig_params2)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } - if( crt->sig_oid.len != sig_oid2.len || - memcmp( crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len ) != 0 || + if (crt->sig_oid.len != sig_oid2.len || + memcmp(crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len) != 0 || sig_params1.tag != sig_params2.tag || sig_params1.len != sig_params2.len || - ( sig_params1.len != 0 && - memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_SIG_MISMATCH ); + (sig_params1.len != 0 && + memcmp(sig_params1.p, sig_params2.p, sig_params1.len) != 0)) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERR_X509_SIG_MISMATCH; } - if( ( ret = mbedtls_x509_get_sig( &p, end, &crt->sig ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = mbedtls_x509_get_sig(&p, end, &crt->sig)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } - if( p != end ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } - return( 0 ); + return 0; } /* * Parse one X.509 certificate in DER format from a buffer and add them to a * chained list */ -static int mbedtls_x509_crt_parse_der_internal( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen, - int make_copy, - mbedtls_x509_crt_ext_cb_t cb, - void *p_ctx ) +static int mbedtls_x509_crt_parse_der_internal(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen, + int make_copy, + mbedtls_x509_crt_ext_cb_t cb, + void *p_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_x509_crt *crt = chain, *prev = NULL; @@ -1339,11 +1357,11 @@ static int mbedtls_x509_crt_parse_der_internal( mbedtls_x509_crt *chain, /* * Check for valid input */ - if( crt == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (crt == NULL || buf == NULL) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - while( crt->version != 0 && crt->next != NULL ) - { + while (crt->version != 0 && crt->next != NULL) { prev = crt; crt = crt->next; } @@ -1351,64 +1369,65 @@ static int mbedtls_x509_crt_parse_der_internal( mbedtls_x509_crt *chain, /* * Add new certificate on the end of the chain if needed. */ - if( crt->version != 0 && crt->next == NULL ) - { - crt->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); + if (crt->version != 0 && crt->next == NULL) { + crt->next = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); - if( crt->next == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if (crt->next == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } prev = crt; - mbedtls_x509_crt_init( crt->next ); + mbedtls_x509_crt_init(crt->next); crt = crt->next; } - ret = x509_crt_parse_der_core( crt, buf, buflen, make_copy, cb, p_ctx ); - if( ret != 0 ) - { - if( prev ) + ret = x509_crt_parse_der_core(crt, buf, buflen, make_copy, cb, p_ctx); + if (ret != 0) { + if (prev) { prev->next = NULL; + } - if( crt != chain ) - mbedtls_free( crt ); + if (crt != chain) { + mbedtls_free(crt); + } - return( ret ); + return ret; } - return( 0 ); + return 0; } -int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ) +int mbedtls_x509_crt_parse_der_nocopy(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen) { - return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, 0, NULL, NULL ) ); + return mbedtls_x509_crt_parse_der_internal(chain, buf, buflen, 0, NULL, NULL); } -int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen, - int make_copy, - mbedtls_x509_crt_ext_cb_t cb, - void *p_ctx ) +int mbedtls_x509_crt_parse_der_with_ext_cb(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen, + int make_copy, + mbedtls_x509_crt_ext_cb_t cb, + void *p_ctx) { - return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, make_copy, cb, p_ctx ) ); + return mbedtls_x509_crt_parse_der_internal(chain, buf, buflen, make_copy, cb, p_ctx); } -int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ) +int mbedtls_x509_crt_parse_der(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen) { - return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, 1, NULL, NULL ) ); + return mbedtls_x509_crt_parse_der_internal(chain, buf, buflen, 1, NULL, NULL); } /* * Parse one or more PEM certificates from a buffer and add them to the chained * list */ -int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ) +int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen) { #if defined(MBEDTLS_PEM_PARSE_C) int success = 0, first_error = 0, total_failed = 0; @@ -1418,59 +1437,53 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, /* * Check for valid input */ - if( chain == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (chain == NULL || buf == NULL) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } /* * Determine buffer content. Buffer contains either one DER certificate or * one or more PEM certificates. */ #if defined(MBEDTLS_PEM_PARSE_C) - if( buflen != 0 && buf[buflen - 1] == '\0' && - strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL ) - { + if (buflen != 0 && buf[buflen - 1] == '\0' && + strstr((const char *) buf, "-----BEGIN CERTIFICATE-----") != NULL) { buf_format = MBEDTLS_X509_FORMAT_PEM; } - if( buf_format == MBEDTLS_X509_FORMAT_DER ) - return mbedtls_x509_crt_parse_der( chain, buf, buflen ); + if (buf_format == MBEDTLS_X509_FORMAT_DER) { + return mbedtls_x509_crt_parse_der(chain, buf, buflen); + } #else - return mbedtls_x509_crt_parse_der( chain, buf, buflen ); + return mbedtls_x509_crt_parse_der(chain, buf, buflen); #endif #if defined(MBEDTLS_PEM_PARSE_C) - if( buf_format == MBEDTLS_X509_FORMAT_PEM ) - { + if (buf_format == MBEDTLS_X509_FORMAT_PEM) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_pem_context pem; /* 1 rather than 0 since the terminating NULL byte is counted in */ - while( buflen > 1 ) - { + while (buflen > 1) { size_t use_len; - mbedtls_pem_init( &pem ); + mbedtls_pem_init(&pem); /* If we get there, we know the string is null-terminated */ - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN CERTIFICATE-----", - "-----END CERTIFICATE-----", - buf, NULL, 0, &use_len ); + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN CERTIFICATE-----", + "-----END CERTIFICATE-----", + buf, NULL, 0, &use_len); - if( ret == 0 ) - { + if (ret == 0) { /* * Was PEM encoded */ buflen -= use_len; buf += use_len; - } - else if( ret == MBEDTLS_ERR_PEM_BAD_INPUT_DATA ) - { - return( ret ); - } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - { - mbedtls_pem_free( &pem ); + } else if (ret == MBEDTLS_ERR_PEM_BAD_INPUT_DATA) { + return ret; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + mbedtls_pem_free(&pem); /* * PEM header and footer were found @@ -1478,29 +1491,31 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, buflen -= use_len; buf += use_len; - if( first_error == 0 ) + if (first_error == 0) { first_error = ret; + } total_failed++; continue; - } - else + } else { break; + } - ret = mbedtls_x509_crt_parse_der( chain, pem.buf, pem.buflen ); + ret = mbedtls_x509_crt_parse_der(chain, pem.buf, pem.buflen); - mbedtls_pem_free( &pem ); + mbedtls_pem_free(&pem); - if( ret != 0 ) - { + if (ret != 0) { /* * Quit parsing on a memory error */ - if( ret == MBEDTLS_ERR_X509_ALLOC_FAILED ) - return( ret ); + if (ret == MBEDTLS_ERR_X509_ALLOC_FAILED) { + return ret; + } - if( first_error == 0 ) + if (first_error == 0) { first_error = ret; + } total_failed++; continue; @@ -1510,12 +1525,13 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, } } - if( success ) - return( total_failed ); - else if( first_error ) - return( first_error ); - else - return( MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT ); + if (success) { + return total_failed; + } else if (first_error) { + return first_error; + } else { + return MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT; + } #endif /* MBEDTLS_PEM_PARSE_C */ } @@ -1523,24 +1539,25 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, /* * Load one or more certificates and add them to the chained list */ -int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ) +int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } - ret = mbedtls_x509_crt_parse( chain, buf, n ); + ret = mbedtls_x509_crt_parse(chain, buf, n); - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); + mbedtls_platform_zeroize(buf, n); + mbedtls_free(buf); - return( ret ); + return ret; } -int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) +int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path) { int ret = 0; #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -1548,96 +1565,94 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) WCHAR szDir[MAX_PATH]; char filename[MAX_PATH]; char *p; - size_t len = strlen( path ); + size_t len = strlen(path); WIN32_FIND_DATAW file_data; HANDLE hFind; - if( len > MAX_PATH - 3 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (len > MAX_PATH - 3) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - memset( szDir, 0, sizeof(szDir) ); - memset( filename, 0, MAX_PATH ); - memcpy( filename, path, len ); + memset(szDir, 0, sizeof(szDir)); + memset(filename, 0, MAX_PATH); + memcpy(filename, path, len); filename[len++] = '\\'; p = filename + len; filename[len++] = '*'; - w_ret = MultiByteToWideChar( CP_ACP, 0, filename, (int)len, szDir, - MAX_PATH - 3 ); - if( w_ret == 0 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + w_ret = MultiByteToWideChar(CP_ACP, 0, filename, (int) len, szDir, + MAX_PATH - 3); + if (w_ret == 0) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - hFind = FindFirstFileW( szDir, &file_data ); - if( hFind == INVALID_HANDLE_VALUE ) - return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); + hFind = FindFirstFileW(szDir, &file_data); + if (hFind == INVALID_HANDLE_VALUE) { + return MBEDTLS_ERR_X509_FILE_IO_ERROR; + } len = MAX_PATH - len; - do - { - memset( p, 0, len ); + do { + memset(p, 0, len); - if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY ) + if (file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { continue; + } - w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName, - lstrlenW( file_data.cFileName ), - p, (int) len - 1, - NULL, NULL ); - if( w_ret == 0 ) - { + w_ret = WideCharToMultiByte(CP_ACP, 0, file_data.cFileName, + lstrlenW(file_data.cFileName), + p, (int) len - 1, + NULL, NULL); + if (w_ret == 0) { ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; goto cleanup; } - w_ret = mbedtls_x509_crt_parse_file( chain, filename ); - if( w_ret < 0 ) + w_ret = mbedtls_x509_crt_parse_file(chain, filename); + if (w_ret < 0) { ret++; - else + } else { ret += w_ret; - } - while( FindNextFileW( hFind, &file_data ) != 0 ); + } + } while (FindNextFileW(hFind, &file_data) != 0); - if( GetLastError() != ERROR_NO_MORE_FILES ) + if (GetLastError() != ERROR_NO_MORE_FILES) { ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; + } cleanup: - FindClose( hFind ); + FindClose(hFind); #else /* _WIN32 */ int t_ret; int snp_ret; struct stat sb; struct dirent *entry; char entry_name[MBEDTLS_X509_MAX_FILE_PATH_LEN]; - DIR *dir = opendir( path ); + DIR *dir = opendir(path); - if( dir == NULL ) - return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); + if (dir == NULL) { + return MBEDTLS_ERR_X509_FILE_IO_ERROR; + } #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &mbedtls_threading_readdir_mutex ) ) != 0 ) - { - closedir( dir ); - return( ret ); + if ((ret = mbedtls_mutex_lock(&mbedtls_threading_readdir_mutex)) != 0) { + closedir(dir); + return ret; } #endif /* MBEDTLS_THREADING_C */ - memset( &sb, 0, sizeof( sb ) ); + memset(&sb, 0, sizeof(sb)); - while( ( entry = readdir( dir ) ) != NULL ) - { - snp_ret = mbedtls_snprintf( entry_name, sizeof entry_name, - "%s/%s", path, entry->d_name ); + while ((entry = readdir(dir)) != NULL) { + snp_ret = mbedtls_snprintf(entry_name, sizeof entry_name, + "%s/%s", path, entry->d_name); - if( snp_ret < 0 || (size_t)snp_ret >= sizeof entry_name ) - { + if (snp_ret < 0 || (size_t) snp_ret >= sizeof entry_name) { ret = MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; goto cleanup; - } - else if( stat( entry_name, &sb ) == -1 ) - { - if( errno == ENOENT ) - { + } else if (stat(entry_name, &sb) == -1) { + if (errno == ENOENT) { /* Broken symbolic link - ignore this entry. stat(2) will return this error for either (a) a dangling symlink or (b) a missing file. @@ -1645,38 +1660,39 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) assume that it does exist and therefore treat this as a dangling symlink. */ continue; - } - else - { + } else { /* Some other file error; report the error. */ ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; goto cleanup; } } - if( !S_ISREG( sb.st_mode ) ) + if (!S_ISREG(sb.st_mode)) { continue; + } // Ignore parse errors // - t_ret = mbedtls_x509_crt_parse_file( chain, entry_name ); - if( t_ret < 0 ) + t_ret = mbedtls_x509_crt_parse_file(chain, entry_name); + if (t_ret < 0) { ret++; - else + } else { ret += t_ret; + } } cleanup: - closedir( dir ); + closedir(dir); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &mbedtls_threading_readdir_mutex ) != 0 ) + if (mbedtls_mutex_unlock(&mbedtls_threading_readdir_mutex) != 0) { ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif /* MBEDTLS_THREADING_C */ #endif /* _WIN32 */ - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ @@ -1692,8 +1708,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) * NOTE: we currently only parse and use otherName of type HwModuleName, * as defined in RFC 4108. */ -static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, - mbedtls_x509_san_other_name *other_name ) +static int x509_get_other_name(const mbedtls_x509_buf *subject_alt_name, + mbedtls_x509_san_other_name *other_name) { int ret = 0; size_t len; @@ -1701,19 +1717,19 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, const unsigned char *end = p + subject_alt_name->len; mbedtls_x509_buf cur_oid; - if( ( subject_alt_name->tag & - ( MBEDTLS_ASN1_TAG_CLASS_MASK | MBEDTLS_ASN1_TAG_VALUE_MASK ) ) != - ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME ) ) - { + if ((subject_alt_name->tag & + (MBEDTLS_ASN1_TAG_CLASS_MASK | MBEDTLS_ASN1_TAG_VALUE_MASK)) != + (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME)) { /* * The given subject alternative name is not of type "othername". */ - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } cur_oid.tag = MBEDTLS_ASN1_OID; cur_oid.p = p; @@ -1722,62 +1738,63 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, /* * Only HwModuleName is currently supported. */ - if( MBEDTLS_OID_CMP( MBEDTLS_OID_ON_HW_MODULE_NAME, &cur_oid ) != 0 ) - { - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, &cur_oid) != 0) { + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; } - if( p + len >= end ) - { - mbedtls_platform_zeroize( other_name, sizeof( *other_name ) ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p + len >= end) { + mbedtls_platform_zeroize(other_name, sizeof(*other_name)); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } p += len; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)) != + 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } other_name->value.hardware_module_name.oid.tag = MBEDTLS_ASN1_OID; other_name->value.hardware_module_name.oid.p = p; other_name->value.hardware_module_name.oid.len = len; - if( p + len >= end ) - { - mbedtls_platform_zeroize( other_name, sizeof( *other_name ) ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p + len >= end) { + mbedtls_platform_zeroize(other_name, sizeof(*other_name)); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } p += len; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } other_name->value.hardware_module_name.val.tag = MBEDTLS_ASN1_OCTET_STRING; other_name->value.hardware_module_name.val.p = p; other_name->value.hardware_module_name.val.len = len; p += len; - if( p != end ) - { - mbedtls_platform_zeroize( other_name, - sizeof( *other_name ) ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); - } - return( 0 ); + if (p != end) { + mbedtls_platform_zeroize(other_name, + sizeof(*other_name)); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + return 0; } -static int x509_info_subject_alt_name( char **buf, size_t *size, - const mbedtls_x509_sequence - *subject_alt_name, - const char *prefix ) +static int x509_info_subject_alt_name(char **buf, size_t *size, + const mbedtls_x509_sequence + *subject_alt_name, + const char *prefix) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; @@ -1787,28 +1804,22 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, mbedtls_x509_subject_alternative_name san; int parse_ret; - while( cur != NULL ) - { - memset( &san, 0, sizeof( san ) ); - parse_ret = mbedtls_x509_parse_subject_alt_name( &cur->buf, &san ); - if( parse_ret != 0 ) - { - if( parse_ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ) - { - ret = mbedtls_snprintf( p, n, "\n%s ", prefix ); + while (cur != NULL) { + memset(&san, 0, sizeof(san)); + parse_ret = mbedtls_x509_parse_subject_alt_name(&cur->buf, &san); + if (parse_ret != 0) { + if (parse_ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) { + ret = mbedtls_snprintf(p, n, "\n%s ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - } - else - { - ret = mbedtls_snprintf( p, n, "\n%s ", prefix ); + } else { + ret = mbedtls_snprintf(p, n, "\n%s ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; } cur = cur->next; continue; } - switch( san.type ) - { + switch (san.type) { /* * otherName */ @@ -1816,26 +1827,31 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, { mbedtls_x509_san_other_name *other_name = &san.san.other_name; - ret = mbedtls_snprintf( p, n, "\n%s otherName :", prefix ); + ret = mbedtls_snprintf(p, n, "\n%s otherName :", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( MBEDTLS_OID_CMP( MBEDTLS_OID_ON_HW_MODULE_NAME, - &other_name->value.hardware_module_name.oid ) != 0 ) - { - ret = mbedtls_snprintf( p, n, "\n%s hardware module name :", prefix ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, + &other_name->value.hardware_module_name.oid) != 0) { + ret = mbedtls_snprintf(p, n, "\n%s hardware module name :", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%s hardware type : ", prefix ); + ret = + mbedtls_snprintf(p, n, "\n%s hardware type : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_oid_get_numeric_string( p, n, &other_name->value.hardware_module_name.oid ); + ret = mbedtls_oid_get_numeric_string(p, + n, + &other_name->value.hardware_module_name.oid); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%s hardware serial number : ", prefix ); + ret = + mbedtls_snprintf(p, n, "\n%s hardware serial number : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - for( i = 0; i < other_name->value.hardware_module_name.val.len; i++ ) - { - ret = mbedtls_snprintf( p, n, "%02X", other_name->value.hardware_module_name.val.p[i] ); + for (i = 0; i < other_name->value.hardware_module_name.val.len; i++) { + ret = mbedtls_snprintf(p, + n, + "%02X", + other_name->value.hardware_module_name.val.p[i]); MBEDTLS_X509_SAFE_SNPRINTF; } }/* MBEDTLS_OID_ON_HW_MODULE_NAME */ @@ -1847,15 +1863,14 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, */ case MBEDTLS_X509_SAN_DNS_NAME: { - ret = mbedtls_snprintf( p, n, "\n%s dNSName : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%s dNSName : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( san.san.unstructured_name.len >= n ) - { + if (san.san.unstructured_name.len >= n) { *p = '\0'; - return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; } - memcpy( p, san.san.unstructured_name.p, san.san.unstructured_name.len ); + memcpy(p, san.san.unstructured_name.p, san.san.unstructured_name.len); p += san.san.unstructured_name.len; n -= san.san.unstructured_name.len; } @@ -1865,7 +1880,7 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, * Type not supported, skip item. */ default: - ret = mbedtls_snprintf( p, n, "\n%s ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%s ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; break; } @@ -1878,32 +1893,32 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, *size = n; *buf = p; - return( 0 ); + return 0; } -int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, - mbedtls_x509_subject_alternative_name *san ) +int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf, + mbedtls_x509_subject_alternative_name *san) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - switch( san_buf->tag & - ( MBEDTLS_ASN1_TAG_CLASS_MASK | - MBEDTLS_ASN1_TAG_VALUE_MASK ) ) - { + switch (san_buf->tag & + (MBEDTLS_ASN1_TAG_CLASS_MASK | + MBEDTLS_ASN1_TAG_VALUE_MASK)) { /* * otherName */ - case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME ): + case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME): { mbedtls_x509_san_other_name other_name; - ret = x509_get_other_name( san_buf, &other_name ); - if( ret != 0 ) - return( ret ); + ret = x509_get_other_name(san_buf, &other_name); + if (ret != 0) { + return ret; + } - memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) ); + memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); san->type = MBEDTLS_X509_SAN_OTHER_NAME; - memcpy( &san->san.other_name, - &other_name, sizeof( other_name ) ); + memcpy(&san->san.other_name, + &other_name, sizeof(other_name)); } break; @@ -1911,13 +1926,13 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, /* * dNSName */ - case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DNS_NAME ): + case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DNS_NAME): { - memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) ); + memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); san->type = MBEDTLS_X509_SAN_DNS_NAME; - memcpy( &san->san.unstructured_name, - san_buf, sizeof( *san_buf ) ); + memcpy(&san->san.unstructured_name, + san_buf, sizeof(*san_buf)); } break; @@ -1926,75 +1941,75 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, * Type not supported */ default: - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; } - return( 0 ); + return 0; } #define PRINT_ITEM(i) \ { \ - ret = mbedtls_snprintf( p, n, "%s" i, sep ); \ + ret = mbedtls_snprintf(p, n, "%s" i, sep); \ MBEDTLS_X509_SAFE_SNPRINTF; \ sep = ", "; \ } -#define CERT_TYPE(type,name) \ - if( ns_cert_type & (type) ) \ - PRINT_ITEM( name ); +#define CERT_TYPE(type, name) \ + if (ns_cert_type & (type)) \ + PRINT_ITEM(name); -static int x509_info_cert_type( char **buf, size_t *size, - unsigned char ns_cert_type ) +static int x509_info_cert_type(char **buf, size_t *size, + unsigned char ns_cert_type) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n = *size; char *p = *buf; const char *sep = ""; - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT, "SSL Client" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER, "SSL Server" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL, "Email" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING, "Object Signing" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_RESERVED, "Reserved" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CA, "SSL CA" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA, "Email CA" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA, "Object Signing CA" ); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT, "SSL Client"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER, "SSL Server"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_EMAIL, "Email"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING, "Object Signing"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_RESERVED, "Reserved"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_CA, "SSL CA"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA, "Email CA"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA, "Object Signing CA"); *size = n; *buf = p; - return( 0 ); + return 0; } -#define KEY_USAGE(code,name) \ - if( key_usage & (code) ) \ - PRINT_ITEM( name ); +#define KEY_USAGE(code, name) \ + if (key_usage & (code)) \ + PRINT_ITEM(name); -static int x509_info_key_usage( char **buf, size_t *size, - unsigned int key_usage ) +static int x509_info_key_usage(char **buf, size_t *size, + unsigned int key_usage) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n = *size; char *p = *buf; const char *sep = ""; - KEY_USAGE( MBEDTLS_X509_KU_DIGITAL_SIGNATURE, "Digital Signature" ); - KEY_USAGE( MBEDTLS_X509_KU_NON_REPUDIATION, "Non Repudiation" ); - KEY_USAGE( MBEDTLS_X509_KU_KEY_ENCIPHERMENT, "Key Encipherment" ); - KEY_USAGE( MBEDTLS_X509_KU_DATA_ENCIPHERMENT, "Data Encipherment" ); - KEY_USAGE( MBEDTLS_X509_KU_KEY_AGREEMENT, "Key Agreement" ); - KEY_USAGE( MBEDTLS_X509_KU_KEY_CERT_SIGN, "Key Cert Sign" ); - KEY_USAGE( MBEDTLS_X509_KU_CRL_SIGN, "CRL Sign" ); - KEY_USAGE( MBEDTLS_X509_KU_ENCIPHER_ONLY, "Encipher Only" ); - KEY_USAGE( MBEDTLS_X509_KU_DECIPHER_ONLY, "Decipher Only" ); + KEY_USAGE(MBEDTLS_X509_KU_DIGITAL_SIGNATURE, "Digital Signature"); + KEY_USAGE(MBEDTLS_X509_KU_NON_REPUDIATION, "Non Repudiation"); + KEY_USAGE(MBEDTLS_X509_KU_KEY_ENCIPHERMENT, "Key Encipherment"); + KEY_USAGE(MBEDTLS_X509_KU_DATA_ENCIPHERMENT, "Data Encipherment"); + KEY_USAGE(MBEDTLS_X509_KU_KEY_AGREEMENT, "Key Agreement"); + KEY_USAGE(MBEDTLS_X509_KU_KEY_CERT_SIGN, "Key Cert Sign"); + KEY_USAGE(MBEDTLS_X509_KU_CRL_SIGN, "CRL Sign"); + KEY_USAGE(MBEDTLS_X509_KU_ENCIPHER_ONLY, "Encipher Only"); + KEY_USAGE(MBEDTLS_X509_KU_DECIPHER_ONLY, "Decipher Only"); *size = n; *buf = p; - return( 0 ); + return 0; } -static int x509_info_ext_key_usage( char **buf, size_t *size, - const mbedtls_x509_sequence *extended_key_usage ) +static int x509_info_ext_key_usage(char **buf, size_t *size, + const mbedtls_x509_sequence *extended_key_usage) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const char *desc; @@ -2003,12 +2018,12 @@ static int x509_info_ext_key_usage( char **buf, size_t *size, const mbedtls_x509_sequence *cur = extended_key_usage; const char *sep = ""; - while( cur != NULL ) - { - if( mbedtls_oid_get_extended_key_usage( &cur->buf, &desc ) != 0 ) + while (cur != NULL) { + if (mbedtls_oid_get_extended_key_usage(&cur->buf, &desc) != 0) { desc = "???"; + } - ret = mbedtls_snprintf( p, n, "%s%s", sep, desc ); + ret = mbedtls_snprintf(p, n, "%s%s", sep, desc); MBEDTLS_X509_SAFE_SNPRINTF; sep = ", "; @@ -2019,11 +2034,11 @@ static int x509_info_ext_key_usage( char **buf, size_t *size, *size = n; *buf = p; - return( 0 ); + return 0; } -static int x509_info_cert_policies( char **buf, size_t *size, - const mbedtls_x509_sequence *certificate_policies ) +static int x509_info_cert_policies(char **buf, size_t *size, + const mbedtls_x509_sequence *certificate_policies) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const char *desc; @@ -2032,12 +2047,12 @@ static int x509_info_cert_policies( char **buf, size_t *size, const mbedtls_x509_sequence *cur = certificate_policies; const char *sep = ""; - while( cur != NULL ) - { - if( mbedtls_oid_get_certificate_policies( &cur->buf, &desc ) != 0 ) + while (cur != NULL) { + if (mbedtls_oid_get_certificate_policies(&cur->buf, &desc) != 0) { desc = "???"; + } - ret = mbedtls_snprintf( p, n, "%s%s", sep, desc ); + ret = mbedtls_snprintf(p, n, "%s%s", sep, desc); MBEDTLS_X509_SAFE_SNPRINTF; sep = ", "; @@ -2048,7 +2063,7 @@ static int x509_info_cert_policies( char **buf, size_t *size, *size = n; *buf = p; - return( 0 ); + return 0; } /* @@ -2056,8 +2071,8 @@ static int x509_info_cert_policies( char **buf, size_t *size, */ #define BEFORE_COLON 18 #define BC "18" -int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_crt *crt ) +int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix, + const mbedtls_x509_crt *crt) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; @@ -2067,136 +2082,132 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, p = buf; n = size; - if( NULL == crt ) - { - ret = mbedtls_snprintf( p, n, "\nCertificate is uninitialised!\n" ); + if (NULL == crt) { + ret = mbedtls_snprintf(p, n, "\nCertificate is uninitialised!\n"); MBEDTLS_X509_SAFE_SNPRINTF; - return( (int) ( size - n ) ); + return (int) (size - n); } - ret = mbedtls_snprintf( p, n, "%scert. version : %d\n", - prefix, crt->version ); + ret = mbedtls_snprintf(p, n, "%scert. version : %d\n", + prefix, crt->version); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "%sserial number : ", - prefix ); + ret = mbedtls_snprintf(p, n, "%sserial number : ", + prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_serial_gets( p, n, &crt->serial ); + ret = mbedtls_x509_serial_gets(p, n, &crt->serial); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%sissuer name : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &crt->issuer ); + ret = mbedtls_x509_dn_gets(p, n, &crt->issuer); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%ssubject name : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &crt->subject ); + ret = mbedtls_x509_dn_gets(p, n, &crt->subject); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%sissued on : " \ - "%04d-%02d-%02d %02d:%02d:%02d", prefix, - crt->valid_from.year, crt->valid_from.mon, - crt->valid_from.day, crt->valid_from.hour, - crt->valid_from.min, crt->valid_from.sec ); + ret = mbedtls_snprintf(p, n, "\n%sissued on : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crt->valid_from.year, crt->valid_from.mon, + crt->valid_from.day, crt->valid_from.hour, + crt->valid_from.min, crt->valid_from.sec); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%sexpires on : " \ - "%04d-%02d-%02d %02d:%02d:%02d", prefix, - crt->valid_to.year, crt->valid_to.mon, - crt->valid_to.day, crt->valid_to.hour, - crt->valid_to.min, crt->valid_to.sec ); + ret = mbedtls_snprintf(p, n, "\n%sexpires on : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crt->valid_to.year, crt->valid_to.mon, + crt->valid_to.day, crt->valid_to.hour, + crt->valid_to.min, crt->valid_to.sec); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%ssigned using : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_sig_alg_gets( p, n, &crt->sig_oid, crt->sig_pk, - crt->sig_md, crt->sig_opts ); + ret = mbedtls_x509_sig_alg_gets(p, n, &crt->sig_oid, crt->sig_pk, + crt->sig_md, crt->sig_opts); MBEDTLS_X509_SAFE_SNPRINTF; /* Key size */ - if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON, - mbedtls_pk_get_name( &crt->pk ) ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_x509_key_size_helper(key_size_str, BEFORE_COLON, + mbedtls_pk_get_name(&crt->pk))) != 0) { + return ret; } - ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str, - (int) mbedtls_pk_get_bitlen( &crt->pk ) ); + ret = mbedtls_snprintf(p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str, + (int) mbedtls_pk_get_bitlen(&crt->pk)); MBEDTLS_X509_SAFE_SNPRINTF; /* * Optional extensions */ - if( crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS ) - { - ret = mbedtls_snprintf( p, n, "\n%sbasic constraints : CA=%s", prefix, - crt->ca_istrue ? "true" : "false" ); + if (crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS) { + ret = mbedtls_snprintf(p, n, "\n%sbasic constraints : CA=%s", prefix, + crt->ca_istrue ? "true" : "false"); MBEDTLS_X509_SAFE_SNPRINTF; - if( crt->max_pathlen > 0 ) - { - ret = mbedtls_snprintf( p, n, ", max_pathlen=%d", crt->max_pathlen - 1 ); + if (crt->max_pathlen > 0) { + ret = mbedtls_snprintf(p, n, ", max_pathlen=%d", crt->max_pathlen - 1); MBEDTLS_X509_SAFE_SNPRINTF; } } - if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) - { - ret = mbedtls_snprintf( p, n, "\n%ssubject alt name :", prefix ); + if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) { + ret = mbedtls_snprintf(p, n, "\n%ssubject alt name :", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = x509_info_subject_alt_name( &p, &n, - &crt->subject_alt_names, - prefix ) ) != 0 ) - return( ret ); + if ((ret = x509_info_subject_alt_name(&p, &n, + &crt->subject_alt_names, + prefix)) != 0) { + return ret; + } } - if( crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE ) - { - ret = mbedtls_snprintf( p, n, "\n%scert. type : ", prefix ); + if (crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE) { + ret = mbedtls_snprintf(p, n, "\n%scert. type : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = x509_info_cert_type( &p, &n, crt->ns_cert_type ) ) != 0 ) - return( ret ); + if ((ret = x509_info_cert_type(&p, &n, crt->ns_cert_type)) != 0) { + return ret; + } } - if( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) - { - ret = mbedtls_snprintf( p, n, "\n%skey usage : ", prefix ); + if (crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE) { + ret = mbedtls_snprintf(p, n, "\n%skey usage : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = x509_info_key_usage( &p, &n, crt->key_usage ) ) != 0 ) - return( ret ); + if ((ret = x509_info_key_usage(&p, &n, crt->key_usage)) != 0) { + return ret; + } } - if( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) - { - ret = mbedtls_snprintf( p, n, "\n%sext key usage : ", prefix ); + if (crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE) { + ret = mbedtls_snprintf(p, n, "\n%sext key usage : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = x509_info_ext_key_usage( &p, &n, - &crt->ext_key_usage ) ) != 0 ) - return( ret ); + if ((ret = x509_info_ext_key_usage(&p, &n, + &crt->ext_key_usage)) != 0) { + return ret; + } } - if( crt->ext_types & MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES ) - { - ret = mbedtls_snprintf( p, n, "\n%scertificate policies : ", prefix ); + if (crt->ext_types & MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES) { + ret = mbedtls_snprintf(p, n, "\n%scertificate policies : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = x509_info_cert_policies( &p, &n, - &crt->certificate_policies ) ) != 0 ) - return( ret ); + if ((ret = x509_info_cert_policies(&p, &n, + &crt->certificate_policies)) != 0) { + return ret; + } } - ret = mbedtls_snprintf( p, n, "\n" ); + ret = mbedtls_snprintf(p, n, "\n"); MBEDTLS_X509_SAFE_SNPRINTF; - return( (int) ( size - n ) ); + return (int) (size - n); } struct x509_crt_verify_string { @@ -2207,8 +2218,10 @@ struct x509_crt_verify_string { static const struct x509_crt_verify_string x509_crt_verify_strings[] = { { MBEDTLS_X509_BADCERT_EXPIRED, "The certificate validity has expired" }, { MBEDTLS_X509_BADCERT_REVOKED, "The certificate has been revoked (is on a CRL)" }, - { MBEDTLS_X509_BADCERT_CN_MISMATCH, "The certificate Common Name (CN) does not match with the expected CN" }, - { MBEDTLS_X509_BADCERT_NOT_TRUSTED, "The certificate is not correctly signed by the trusted CA" }, + { MBEDTLS_X509_BADCERT_CN_MISMATCH, + "The certificate Common Name (CN) does not match with the expected CN" }, + { MBEDTLS_X509_BADCERT_NOT_TRUSTED, + "The certificate is not correctly signed by the trusted CA" }, { MBEDTLS_X509_BADCRL_NOT_TRUSTED, "The CRL is not correctly signed by the trusted CA" }, { MBEDTLS_X509_BADCRL_EXPIRED, "The CRL is expired" }, { MBEDTLS_X509_BADCERT_MISSING, "Certificate was missing" }, @@ -2220,96 +2233,102 @@ static const struct x509_crt_verify_string x509_crt_verify_strings[] = { { MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" }, { MBEDTLS_X509_BADCERT_NS_CERT_TYPE, "Usage does not match the nsCertType extension" }, { MBEDTLS_X509_BADCERT_BAD_MD, "The certificate is signed with an unacceptable hash." }, - { MBEDTLS_X509_BADCERT_BAD_PK, "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, - { MBEDTLS_X509_BADCERT_BAD_KEY, "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." }, + { MBEDTLS_X509_BADCERT_BAD_PK, + "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, + { MBEDTLS_X509_BADCERT_BAD_KEY, + "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." }, { MBEDTLS_X509_BADCRL_BAD_MD, "The CRL is signed with an unacceptable hash." }, - { MBEDTLS_X509_BADCRL_BAD_PK, "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, - { MBEDTLS_X509_BADCRL_BAD_KEY, "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." }, + { MBEDTLS_X509_BADCRL_BAD_PK, + "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, + { MBEDTLS_X509_BADCRL_BAD_KEY, + "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." }, { 0, NULL } }; -int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, - uint32_t flags ) +int mbedtls_x509_crt_verify_info(char *buf, size_t size, const char *prefix, + uint32_t flags) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const struct x509_crt_verify_string *cur; char *p = buf; size_t n = size; - for( cur = x509_crt_verify_strings; cur->string != NULL ; cur++ ) - { - if( ( flags & cur->code ) == 0 ) + for (cur = x509_crt_verify_strings; cur->string != NULL; cur++) { + if ((flags & cur->code) == 0) { continue; + } - ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, cur->string ); + ret = mbedtls_snprintf(p, n, "%s%s\n", prefix, cur->string); MBEDTLS_X509_SAFE_SNPRINTF; flags ^= cur->code; } - if( flags != 0 ) - { - ret = mbedtls_snprintf( p, n, "%sUnknown reason " - "(this should not happen)\n", prefix ); + if (flags != 0) { + ret = mbedtls_snprintf(p, n, "%sUnknown reason " + "(this should not happen)\n", prefix); MBEDTLS_X509_SAFE_SNPRINTF; } - return( (int) ( size - n ) ); + return (int) (size - n); } #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) -int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, - unsigned int usage ) +int mbedtls_x509_crt_check_key_usage(const mbedtls_x509_crt *crt, + unsigned int usage) { unsigned int usage_must, usage_may; unsigned int may_mask = MBEDTLS_X509_KU_ENCIPHER_ONLY - | MBEDTLS_X509_KU_DECIPHER_ONLY; + | MBEDTLS_X509_KU_DECIPHER_ONLY; - if( ( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) == 0 ) - return( 0 ); + if ((crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE) == 0) { + return 0; + } usage_must = usage & ~may_mask; - if( ( ( crt->key_usage & ~may_mask ) & usage_must ) != usage_must ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (((crt->key_usage & ~may_mask) & usage_must) != usage_must) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } usage_may = usage & may_mask; - if( ( ( crt->key_usage & may_mask ) | usage_may ) != usage_may ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (((crt->key_usage & may_mask) | usage_may) != usage_may) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - return( 0 ); + return 0; } #endif #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) -int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, - const char *usage_oid, - size_t usage_len ) +int mbedtls_x509_crt_check_extended_key_usage(const mbedtls_x509_crt *crt, + const char *usage_oid, + size_t usage_len) { const mbedtls_x509_sequence *cur; /* Extension is not mandatory, absent means no restriction */ - if( ( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) == 0 ) - return( 0 ); + if ((crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE) == 0) { + return 0; + } /* * Look for the requested usage (or wildcard ANY) in our list */ - for( cur = &crt->ext_key_usage; cur != NULL; cur = cur->next ) - { + for (cur = &crt->ext_key_usage; cur != NULL; cur = cur->next) { const mbedtls_x509_buf *cur_oid = &cur->buf; - if( cur_oid->len == usage_len && - memcmp( cur_oid->p, usage_oid, usage_len ) == 0 ) - { - return( 0 ); + if (cur_oid->len == usage_len && + memcmp(cur_oid->p, usage_oid, usage_len) == 0) { + return 0; } - if( MBEDTLS_OID_CMP( MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE, cur_oid ) == 0 ) - return( 0 ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE, cur_oid) == 0) { + return 0; + } } - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; } #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ @@ -2317,44 +2336,41 @@ int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, /* * Return 1 if the certificate is revoked, or 0 otherwise. */ -int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ) +int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl) { const mbedtls_x509_crl_entry *cur = &crl->entry; - while( cur != NULL && cur->serial.len != 0 ) - { - if( crt->serial.len == cur->serial.len && - memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 ) - { - return( 1 ); + while (cur != NULL && cur->serial.len != 0) { + if (crt->serial.len == cur->serial.len && + memcmp(crt->serial.p, cur->serial.p, crt->serial.len) == 0) { + return 1; } cur = cur->next; } - return( 0 ); + return 0; } /* * Check that the given certificate is not revoked according to the CRL. * Skip validation if no CRL for the given CA is present. */ -static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, - mbedtls_x509_crl *crl_list, - const mbedtls_x509_crt_profile *profile ) +static int x509_crt_verifycrl(mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, + mbedtls_x509_crl *crl_list, + const mbedtls_x509_crt_profile *profile) { int flags = 0; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; const mbedtls_md_info_t *md_info; - if( ca == NULL ) - return( flags ); + if (ca == NULL) { + return flags; + } - while( crl_list != NULL ) - { - if( crl_list->version == 0 || - x509_name_cmp( &crl_list->issuer, &ca->subject ) != 0 ) - { + while (crl_list != NULL) { + if (crl_list->version == 0 || + x509_name_cmp(&crl_list->issuer, &ca->subject) != 0) { crl_list = crl_list->next; continue; } @@ -2363,9 +2379,8 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, * Check if the CA is configured to sign CRLs */ #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - if( mbedtls_x509_crt_check_key_usage( ca, - MBEDTLS_X509_KU_CRL_SIGN ) != 0 ) - { + if (mbedtls_x509_crt_check_key_usage(ca, + MBEDTLS_X509_KU_CRL_SIGN) != 0) { flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; break; } @@ -2374,27 +2389,28 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, /* * Check if CRL is correctly signed by the trusted CA */ - if( x509_profile_check_md_alg( profile, crl_list->sig_md ) != 0 ) + if (x509_profile_check_md_alg(profile, crl_list->sig_md) != 0) { flags |= MBEDTLS_X509_BADCRL_BAD_MD; + } - if( x509_profile_check_pk_alg( profile, crl_list->sig_pk ) != 0 ) + if (x509_profile_check_pk_alg(profile, crl_list->sig_pk) != 0) { flags |= MBEDTLS_X509_BADCRL_BAD_PK; + } - md_info = mbedtls_md_info_from_type( crl_list->sig_md ); - if( mbedtls_md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash ) != 0 ) - { + md_info = mbedtls_md_info_from_type(crl_list->sig_md); + if (mbedtls_md(md_info, crl_list->tbs.p, crl_list->tbs.len, hash) != 0) { /* Note: this can't happen except after an internal error */ flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; break; } - if( x509_profile_check_key( profile, &ca->pk ) != 0 ) + if (x509_profile_check_key(profile, &ca->pk) != 0) { flags |= MBEDTLS_X509_BADCERT_BAD_KEY; + } - if( mbedtls_pk_verify_ext( crl_list->sig_pk, crl_list->sig_opts, &ca->pk, - crl_list->sig_md, hash, mbedtls_md_get_size( md_info ), - crl_list->sig.p, crl_list->sig.len ) != 0 ) - { + if (mbedtls_pk_verify_ext(crl_list->sig_pk, crl_list->sig_opts, &ca->pk, + crl_list->sig_md, hash, mbedtls_md_get_size(md_info), + crl_list->sig.p, crl_list->sig.len) != 0) { flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; break; } @@ -2402,17 +2418,18 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, /* * Check for validity of CRL (Do not drop out) */ - if( mbedtls_x509_time_is_past( &crl_list->next_update ) ) + if (mbedtls_x509_time_is_past(&crl_list->next_update)) { flags |= MBEDTLS_X509_BADCRL_EXPIRED; + } - if( mbedtls_x509_time_is_future( &crl_list->this_update ) ) + if (mbedtls_x509_time_is_future(&crl_list->this_update)) { flags |= MBEDTLS_X509_BADCRL_FUTURE; + } /* * Check if certificate is revoked */ - if( mbedtls_x509_crt_is_revoked( crt, crl_list ) ) - { + if (mbedtls_x509_crt_is_revoked(crt, crl_list)) { flags |= MBEDTLS_X509_BADCERT_REVOKED; break; } @@ -2420,64 +2437,64 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, crl_list = crl_list->next; } - return( flags ); + return flags; } #endif /* MBEDTLS_X509_CRL_PARSE_C */ /* * Check the signature of a certificate by its parent */ -static int x509_crt_check_signature( const mbedtls_x509_crt *child, - mbedtls_x509_crt *parent, - mbedtls_x509_crt_restart_ctx *rs_ctx ) +static int x509_crt_check_signature(const mbedtls_x509_crt *child, + mbedtls_x509_crt *parent, + mbedtls_x509_crt_restart_ctx *rs_ctx) { unsigned char hash[MBEDTLS_MD_MAX_SIZE]; size_t hash_len; #if !defined(MBEDTLS_USE_PSA_CRYPTO) const mbedtls_md_info_t *md_info; - md_info = mbedtls_md_info_from_type( child->sig_md ); - hash_len = mbedtls_md_get_size( md_info ); + md_info = mbedtls_md_info_from_type(child->sig_md); + hash_len = mbedtls_md_get_size(md_info); /* Note: hash errors can happen only after an internal error */ - if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 ) - return( -1 ); + if (mbedtls_md(md_info, child->tbs.p, child->tbs.len, hash) != 0) { + return -1; + } #else psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; - psa_algorithm_t hash_alg = mbedtls_psa_translate_md( child->sig_md ); + psa_algorithm_t hash_alg = mbedtls_psa_translate_md(child->sig_md); - if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) - return( -1 ); + if (psa_hash_setup(&hash_operation, hash_alg) != PSA_SUCCESS) { + return -1; + } - if( psa_hash_update( &hash_operation, child->tbs.p, child->tbs.len ) - != PSA_SUCCESS ) - { - return( -1 ); + if (psa_hash_update(&hash_operation, child->tbs.p, child->tbs.len) + != PSA_SUCCESS) { + return -1; } - if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) - != PSA_SUCCESS ) - { - return( -1 ); + if (psa_hash_finish(&hash_operation, hash, sizeof(hash), &hash_len) + != PSA_SUCCESS) { + return -1; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Skip expensive computation on obvious mismatch */ - if( ! mbedtls_pk_can_do( &parent->pk, child->sig_pk ) ) - return( -1 ); + if (!mbedtls_pk_can_do(&parent->pk, child->sig_pk)) { + return -1; + } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA ) - { - return( mbedtls_pk_verify_restartable( &parent->pk, - child->sig_md, hash, hash_len, - child->sig.p, child->sig.len, &rs_ctx->pk ) ); + if (rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA) { + return mbedtls_pk_verify_restartable(&parent->pk, + child->sig_md, hash, hash_len, + child->sig.p, child->sig.len, &rs_ctx->pk); } #else (void) rs_ctx; #endif - return( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk, - child->sig_md, hash, hash_len, - child->sig.p, child->sig.len ) ); + return mbedtls_pk_verify_ext(child->sig_pk, child->sig_opts, &parent->pk, + child->sig_md, hash, hash_len, + child->sig.p, child->sig.len); } /* @@ -2486,35 +2503,37 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child, * * top means parent is a locally-trusted certificate */ -static int x509_crt_check_parent( const mbedtls_x509_crt *child, - const mbedtls_x509_crt *parent, - int top ) +static int x509_crt_check_parent(const mbedtls_x509_crt *child, + const mbedtls_x509_crt *parent, + int top) { int need_ca_bit; /* Parent must be the issuer */ - if( x509_name_cmp( &child->issuer, &parent->subject ) != 0 ) - return( -1 ); + if (x509_name_cmp(&child->issuer, &parent->subject) != 0) { + return -1; + } /* Parent must have the basicConstraints CA bit set as a general rule */ need_ca_bit = 1; /* Exception: v1/v2 certificates that are locally trusted. */ - if( top && parent->version < 3 ) + if (top && parent->version < 3) { need_ca_bit = 0; + } - if( need_ca_bit && ! parent->ca_istrue ) - return( -1 ); + if (need_ca_bit && !parent->ca_istrue) { + return -1; + } #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - if( need_ca_bit && - mbedtls_x509_crt_check_key_usage( parent, MBEDTLS_X509_KU_KEY_CERT_SIGN ) != 0 ) - { - return( -1 ); + if (need_ca_bit && + mbedtls_x509_crt_check_key_usage(parent, MBEDTLS_X509_KU_KEY_CERT_SIGN) != 0) { + return -1; } #endif - return( 0 ); + return 0; } /* @@ -2561,14 +2580,14 @@ static int x509_crt_check_parent( const mbedtls_x509_crt *child, * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise */ static int x509_crt_find_parent_in( - mbedtls_x509_crt *child, - mbedtls_x509_crt *candidates, - mbedtls_x509_crt **r_parent, - int *r_signature_is_good, - int top, - unsigned path_cnt, - unsigned self_cnt, - mbedtls_x509_crt_restart_ctx *rs_ctx ) + mbedtls_x509_crt *child, + mbedtls_x509_crt *candidates, + mbedtls_x509_crt **r_parent, + int *r_signature_is_good, + int top, + unsigned path_cnt, + unsigned self_cnt, + mbedtls_x509_crt_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_x509_crt *parent, *fallback_parent; @@ -2576,8 +2595,7 @@ static int x509_crt_find_parent_in( #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* did we have something in progress? */ - if( rs_ctx != NULL && rs_ctx->parent != NULL ) - { + if (rs_ctx != NULL && rs_ctx->parent != NULL) { /* restore saved state */ parent = rs_ctx->parent; fallback_parent = rs_ctx->fallback_parent; @@ -2596,16 +2614,15 @@ static int x509_crt_find_parent_in( fallback_parent = NULL; fallback_signature_is_good = 0; - for( parent = candidates; parent != NULL; parent = parent->next ) - { + for (parent = candidates; parent != NULL; parent = parent->next) { /* basic parenting skills (name, CA bit, key usage) */ - if( x509_crt_check_parent( child, parent, top ) != 0 ) + if (x509_crt_check_parent(child, parent, top) != 0) { continue; + } /* +1 because stored max_pathlen is 1 higher that the actual value */ - if( parent->max_pathlen > 0 && - (size_t) parent->max_pathlen < 1 + path_cnt - self_cnt ) - { + if (parent->max_pathlen > 0 && + (size_t) parent->max_pathlen < 1 + path_cnt - self_cnt) { continue; } @@ -2613,32 +2630,30 @@ static int x509_crt_find_parent_in( #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) check_signature: #endif - ret = x509_crt_check_signature( child, parent, rs_ctx ); + ret = x509_crt_check_signature(child, parent, rs_ctx); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { + if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { /* save state */ rs_ctx->parent = parent; rs_ctx->fallback_parent = fallback_parent; rs_ctx->fallback_signature_is_good = fallback_signature_is_good; - return( ret ); + return ret; } #else (void) ret; #endif signature_is_good = ret == 0; - if( top && ! signature_is_good ) + if (top && !signature_is_good) { continue; + } /* optional time check */ - if( mbedtls_x509_time_is_past( &parent->valid_to ) || - mbedtls_x509_time_is_future( &parent->valid_from ) ) - { - if( fallback_parent == NULL ) - { + if (mbedtls_x509_time_is_past(&parent->valid_to) || + mbedtls_x509_time_is_future(&parent->valid_from)) { + if (fallback_parent == NULL) { fallback_parent = parent; fallback_signature_is_good = signature_is_good; } @@ -2652,13 +2667,12 @@ static int x509_crt_find_parent_in( break; } - if( parent == NULL ) - { + if (parent == NULL) { *r_parent = fallback_parent; *r_signature_is_good = fallback_signature_is_good; } - return( 0 ); + return 0; } /* @@ -2684,14 +2698,14 @@ static int x509_crt_find_parent_in( * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise */ static int x509_crt_find_parent( - mbedtls_x509_crt *child, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crt **parent, - int *parent_is_trusted, - int *signature_is_good, - unsigned path_cnt, - unsigned self_cnt, - mbedtls_x509_crt_restart_ctx *rs_ctx ) + mbedtls_x509_crt *child, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crt **parent, + int *parent_is_trusted, + int *signature_is_good, + unsigned path_cnt, + unsigned self_cnt, + mbedtls_x509_crt_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_x509_crt *search_list; @@ -2700,48 +2714,46 @@ static int x509_crt_find_parent( #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* restore then clear saved state if we have some stored */ - if( rs_ctx != NULL && rs_ctx->parent_is_trusted != -1 ) - { + if (rs_ctx != NULL && rs_ctx->parent_is_trusted != -1) { *parent_is_trusted = rs_ctx->parent_is_trusted; rs_ctx->parent_is_trusted = -1; } #endif - while( 1 ) { + while (1) { search_list = *parent_is_trusted ? trust_ca : child->next; - ret = x509_crt_find_parent_in( child, search_list, - parent, signature_is_good, - *parent_is_trusted, - path_cnt, self_cnt, rs_ctx ); + ret = x509_crt_find_parent_in(child, search_list, + parent, signature_is_good, + *parent_is_trusted, + path_cnt, self_cnt, rs_ctx); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { + if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { /* save state */ rs_ctx->parent_is_trusted = *parent_is_trusted; - return( ret ); + return ret; } #else (void) ret; #endif /* stop here if found or already in second iteration */ - if( *parent != NULL || *parent_is_trusted == 0 ) + if (*parent != NULL || *parent_is_trusted == 0) { break; + } /* prepare second iteration */ *parent_is_trusted = 0; } /* extra precaution against mistakes in the caller */ - if( *parent == NULL ) - { + if (*parent == NULL) { *parent_is_trusted = 0; *signature_is_good = 0; } - return( 0 ); + return 0; } /* @@ -2751,27 +2763,26 @@ static int x509_crt_find_parent( * check for self-issued as self-signatures are not checked) */ static int x509_crt_check_ee_locally_trusted( - mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca ) + mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca) { mbedtls_x509_crt *cur; /* must be self-issued */ - if( x509_name_cmp( &crt->issuer, &crt->subject ) != 0 ) - return( -1 ); + if (x509_name_cmp(&crt->issuer, &crt->subject) != 0) { + return -1; + } /* look for an exact match with trusted cert */ - for( cur = trust_ca; cur != NULL; cur = cur->next ) - { - if( crt->raw.len == cur->raw.len && - memcmp( crt->raw.p, cur->raw.p, crt->raw.len ) == 0 ) - { - return( 0 ); + for (cur = trust_ca; cur != NULL; cur = cur->next) { + if (crt->raw.len == cur->raw.len && + memcmp(crt->raw.p, cur->raw.p, crt->raw.len) == 0) { + return 0; } } /* too bad */ - return( -1 ); + return -1; } /* @@ -2815,14 +2826,14 @@ static int x509_crt_check_ee_locally_trusted( * even if it was found to be invalid */ static int x509_crt_verify_chain( - mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb, - const mbedtls_x509_crt_profile *profile, - mbedtls_x509_crt_verify_chain *ver_chain, - mbedtls_x509_crt_restart_ctx *rs_ctx ) + mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb, + const mbedtls_x509_crt_profile *profile, + mbedtls_x509_crt_verify_chain *ver_chain, + mbedtls_x509_crt_restart_ctx *rs_ctx) { /* Don't initialize any of those variables here, so that the compiler can * catch potential issues with jumping ahead when restarting */ @@ -2839,8 +2850,7 @@ static int x509_crt_verify_chain( #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* resume if we had an operation in progress */ - if( rs_ctx != NULL && rs_ctx->in_progress == x509_crt_rs_find_parent ) - { + if (rs_ctx != NULL && rs_ctx->in_progress == x509_crt_rs_find_parent) { /* restore saved state */ *ver_chain = rs_ctx->ver_chain; /* struct copy */ self_cnt = rs_ctx->self_cnt; @@ -2859,7 +2869,7 @@ static int x509_crt_verify_chain( parent_is_trusted = 0; child_is_trusted = 0; - while( 1 ) { + while (1) { /* Add certificate to the verification chain */ cur = &ver_chain->items[ver_chain->len]; cur->crt = child; @@ -2868,28 +2878,32 @@ static int x509_crt_verify_chain( flags = &cur->flags; /* Check time-validity (all certificates) */ - if( mbedtls_x509_time_is_past( &child->valid_to ) ) + if (mbedtls_x509_time_is_past(&child->valid_to)) { *flags |= MBEDTLS_X509_BADCERT_EXPIRED; + } - if( mbedtls_x509_time_is_future( &child->valid_from ) ) + if (mbedtls_x509_time_is_future(&child->valid_from)) { *flags |= MBEDTLS_X509_BADCERT_FUTURE; + } /* Stop here for trusted roots (but not for trusted EE certs) */ - if( child_is_trusted ) - return( 0 ); + if (child_is_trusted) { + return 0; + } /* Check signature algorithm: MD & PK algs */ - if( x509_profile_check_md_alg( profile, child->sig_md ) != 0 ) + if (x509_profile_check_md_alg(profile, child->sig_md) != 0) { *flags |= MBEDTLS_X509_BADCERT_BAD_MD; + } - if( x509_profile_check_pk_alg( profile, child->sig_pk ) != 0 ) + if (x509_profile_check_pk_alg(profile, child->sig_pk) != 0) { *flags |= MBEDTLS_X509_BADCERT_BAD_PK; + } /* Special case: EE certs that are locally trusted */ - if( ver_chain->len == 1 && - x509_crt_check_ee_locally_trusted( child, trust_ca ) == 0 ) - { - return( 0 ); + if (ver_chain->len == 1 && + x509_crt_check_ee_locally_trusted(child, trust_ca) == 0) { + return 0; } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) @@ -2899,19 +2913,18 @@ static int x509_crt_verify_chain( /* Obtain list of potential trusted signers from CA callback, * or use statically provided list. */ #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( f_ca_cb != NULL ) - { - mbedtls_x509_crt_free( ver_chain->trust_ca_cb_result ); - mbedtls_free( ver_chain->trust_ca_cb_result ); + if (f_ca_cb != NULL) { + mbedtls_x509_crt_free(ver_chain->trust_ca_cb_result); + mbedtls_free(ver_chain->trust_ca_cb_result); ver_chain->trust_ca_cb_result = NULL; - ret = f_ca_cb( p_ca_cb, child, &ver_chain->trust_ca_cb_result ); - if( ret != 0 ) - return( MBEDTLS_ERR_X509_FATAL_ERROR ); + ret = f_ca_cb(p_ca_cb, child, &ver_chain->trust_ca_cb_result); + if (ret != 0) { + return MBEDTLS_ERR_X509_FATAL_ERROR; + } cur_trust_ca = ver_chain->trust_ca_cb_result; - } - else + } else #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ { ((void) f_ca_cb); @@ -2920,60 +2933,58 @@ static int x509_crt_verify_chain( } /* Look for a parent in trusted CAs or up the chain */ - ret = x509_crt_find_parent( child, cur_trust_ca, &parent, - &parent_is_trusted, &signature_is_good, - ver_chain->len - 1, self_cnt, rs_ctx ); + ret = x509_crt_find_parent(child, cur_trust_ca, &parent, + &parent_is_trusted, &signature_is_good, + ver_chain->len - 1, self_cnt, rs_ctx); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { + if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { /* save state */ rs_ctx->in_progress = x509_crt_rs_find_parent; rs_ctx->self_cnt = self_cnt; rs_ctx->ver_chain = *ver_chain; /* struct copy */ - return( ret ); + return ret; } #else (void) ret; #endif /* No parent? We're done here */ - if( parent == NULL ) - { + if (parent == NULL) { *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; - return( 0 ); + return 0; } /* Count intermediate self-issued (not necessarily self-signed) certs. * These can occur with some strategies for key rollover, see [SIRO], * and should be excluded from max_pathlen checks. */ - if( ver_chain->len != 1 && - x509_name_cmp( &child->issuer, &child->subject ) == 0 ) - { + if (ver_chain->len != 1 && + x509_name_cmp(&child->issuer, &child->subject) == 0) { self_cnt++; } /* path_cnt is 0 for the first intermediate CA, * and if parent is trusted it's not an intermediate CA */ - if( ! parent_is_trusted && - ver_chain->len > MBEDTLS_X509_MAX_INTERMEDIATE_CA ) - { + if (!parent_is_trusted && + ver_chain->len > MBEDTLS_X509_MAX_INTERMEDIATE_CA) { /* return immediately to avoid overflow the chain array */ - return( MBEDTLS_ERR_X509_FATAL_ERROR ); + return MBEDTLS_ERR_X509_FATAL_ERROR; } /* signature was checked while searching parent */ - if( ! signature_is_good ) + if (!signature_is_good) { *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; + } /* check size of signing key */ - if( x509_profile_check_key( profile, &parent->pk ) != 0 ) + if (x509_profile_check_key(profile, &parent->pk) != 0) { *flags |= MBEDTLS_X509_BADCERT_BAD_KEY; + } #if defined(MBEDTLS_X509_CRL_PARSE_C) /* Check trusted CA's CRL for the given crt */ - *flags |= x509_crt_verifycrl( child, parent, ca_crl, profile ); + *flags |= x509_crt_verifycrl(child, parent, ca_crl, profile); #else (void) ca_crl; #endif @@ -2989,79 +3000,75 @@ static int x509_crt_verify_chain( /* * Check for CN match */ -static int x509_crt_check_cn( const mbedtls_x509_buf *name, - const char *cn, size_t cn_len ) +static int x509_crt_check_cn(const mbedtls_x509_buf *name, + const char *cn, size_t cn_len) { /* try exact match */ - if( name->len == cn_len && - x509_memcasecmp( cn, name->p, cn_len ) == 0 ) - { - return( 0 ); + if (name->len == cn_len && + x509_memcasecmp(cn, name->p, cn_len) == 0) { + return 0; } /* try wildcard match */ - if( x509_check_wildcard( cn, name ) == 0 ) - { - return( 0 ); + if (x509_check_wildcard(cn, name) == 0) { + return 0; } - return( -1 ); + return -1; } /* * Check for SAN match, see RFC 5280 Section 4.2.1.6 */ -static int x509_crt_check_san( const mbedtls_x509_buf *name, - const char *cn, size_t cn_len ) +static int x509_crt_check_san(const mbedtls_x509_buf *name, + const char *cn, size_t cn_len) { const unsigned char san_type = (unsigned char) name->tag & MBEDTLS_ASN1_TAG_VALUE_MASK; /* dNSName */ - if( san_type == MBEDTLS_X509_SAN_DNS_NAME ) - return( x509_crt_check_cn( name, cn, cn_len ) ); + if (san_type == MBEDTLS_X509_SAN_DNS_NAME) { + return x509_crt_check_cn(name, cn, cn_len); + } /* (We may handle other types here later.) */ /* Unrecognized type */ - return( -1 ); + return -1; } /* * Verify the requested CN - only call this if cn is not NULL! */ -static void x509_crt_verify_name( const mbedtls_x509_crt *crt, - const char *cn, - uint32_t *flags ) +static void x509_crt_verify_name(const mbedtls_x509_crt *crt, + const char *cn, + uint32_t *flags) { const mbedtls_x509_name *name; const mbedtls_x509_sequence *cur; - size_t cn_len = strlen( cn ); + size_t cn_len = strlen(cn); - if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) - { - for( cur = &crt->subject_alt_names; cur != NULL; cur = cur->next ) - { - if( x509_crt_check_san( &cur->buf, cn, cn_len ) == 0 ) + if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) { + for (cur = &crt->subject_alt_names; cur != NULL; cur = cur->next) { + if (x509_crt_check_san(&cur->buf, cn, cn_len) == 0) { break; + } } - if( cur == NULL ) + if (cur == NULL) { *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; - } - else - { - for( name = &crt->subject; name != NULL; name = name->next ) - { - if( MBEDTLS_OID_CMP( MBEDTLS_OID_AT_CN, &name->oid ) == 0 && - x509_crt_check_cn( &name->val, cn, cn_len ) == 0 ) - { + } + } else { + for (name = &crt->subject; name != NULL; name = name->next) { + if (MBEDTLS_OID_CMP(MBEDTLS_OID_AT_CN, &name->oid) == 0 && + x509_crt_check_cn(&name->val, cn, cn_len) == 0) { break; } } - if( name == NULL ) + if (name == NULL) { *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; + } } } @@ -3069,29 +3076,30 @@ static void x509_crt_verify_name( const mbedtls_x509_crt *crt, * Merge the flags for all certs in the chain, after calling callback */ static int x509_crt_merge_flags_with_cb( - uint32_t *flags, - const mbedtls_x509_crt_verify_chain *ver_chain, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) + uint32_t *flags, + const mbedtls_x509_crt_verify_chain *ver_chain, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned i; uint32_t cur_flags; const mbedtls_x509_crt_verify_chain_item *cur; - for( i = ver_chain->len; i != 0; --i ) - { + for (i = ver_chain->len; i != 0; --i) { cur = &ver_chain->items[i-1]; cur_flags = cur->flags; - if( NULL != f_vrfy ) - if( ( ret = f_vrfy( p_vrfy, cur->crt, (int) i-1, &cur_flags ) ) != 0 ) - return( ret ); + if (NULL != f_vrfy) { + if ((ret = f_vrfy(p_vrfy, cur->crt, (int) i-1, &cur_flags)) != 0) { + return ret; + } + } *flags |= cur_flags; } - return( 0 ); + return 0; } /* @@ -3111,16 +3119,19 @@ static int x509_crt_merge_flags_with_cb( * of trusted signers, and `ca_crl` will be use as the static list * of CRLs. */ -static int x509_crt_verify_restartable_ca_cb( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy, - mbedtls_x509_crt_restart_ctx *rs_ctx ) +static int x509_crt_verify_restartable_ca_cb(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, + mbedtls_x509_crt *, + int, + uint32_t *), + void *p_vrfy, + mbedtls_x509_crt_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_pk_type_t pk_type; @@ -3129,105 +3140,110 @@ static int x509_crt_verify_restartable_ca_cb( mbedtls_x509_crt *crt, *flags = 0; ee_flags = 0; - x509_crt_verify_chain_reset( &ver_chain ); + x509_crt_verify_chain_reset(&ver_chain); - if( profile == NULL ) - { + if (profile == NULL) { ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; goto exit; } /* check name if requested */ - if( cn != NULL ) - x509_crt_verify_name( crt, cn, &ee_flags ); + if (cn != NULL) { + x509_crt_verify_name(crt, cn, &ee_flags); + } /* Check the type and size of the key */ - pk_type = mbedtls_pk_get_type( &crt->pk ); + pk_type = mbedtls_pk_get_type(&crt->pk); - if( x509_profile_check_pk_alg( profile, pk_type ) != 0 ) + if (x509_profile_check_pk_alg(profile, pk_type) != 0) { ee_flags |= MBEDTLS_X509_BADCERT_BAD_PK; + } - if( x509_profile_check_key( profile, &crt->pk ) != 0 ) + if (x509_profile_check_key(profile, &crt->pk) != 0) { ee_flags |= MBEDTLS_X509_BADCERT_BAD_KEY; + } /* Check the chain */ - ret = x509_crt_verify_chain( crt, trust_ca, ca_crl, - f_ca_cb, p_ca_cb, profile, - &ver_chain, rs_ctx ); + ret = x509_crt_verify_chain(crt, trust_ca, ca_crl, + f_ca_cb, p_ca_cb, profile, + &ver_chain, rs_ctx); - if( ret != 0 ) + if (ret != 0) { goto exit; + } /* Merge end-entity flags */ ver_chain.items[0].flags |= ee_flags; /* Build final flags, calling callback on the way if any */ - ret = x509_crt_merge_flags_with_cb( flags, &ver_chain, f_vrfy, p_vrfy ); + ret = x509_crt_merge_flags_with_cb(flags, &ver_chain, f_vrfy, p_vrfy); exit: #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - mbedtls_x509_crt_free( ver_chain.trust_ca_cb_result ); - mbedtls_free( ver_chain.trust_ca_cb_result ); + mbedtls_x509_crt_free(ver_chain.trust_ca_cb_result); + mbedtls_free(ver_chain.trust_ca_cb_result); ver_chain.trust_ca_cb_result = NULL; #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) - mbedtls_x509_crt_restart_free( rs_ctx ); + if (rs_ctx != NULL && ret != MBEDTLS_ERR_ECP_IN_PROGRESS) { + mbedtls_x509_crt_restart_free(rs_ctx); + } #endif /* prevent misuse of the vrfy callback - VERIFY_FAILED would be ignored by * the SSL module for authmode optional, but non-zero return from the * callback means a fatal error so it shouldn't be ignored */ - if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) + if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) { ret = MBEDTLS_ERR_X509_FATAL_ERROR; + } - if( ret != 0 ) - { + if (ret != 0) { *flags = (uint32_t) -1; - return( ret ); + return ret; } - if( *flags != 0 ) - return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ); + if (*flags != 0) { + return MBEDTLS_ERR_X509_CERT_VERIFY_FAILED; + } - return( 0 ); + return 0; } /* * Verify the certificate validity (default profile, not restartable) */ -int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) +int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy) { - return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl, - NULL, NULL, - &mbedtls_x509_crt_profile_default, - cn, flags, - f_vrfy, p_vrfy, NULL ) ); + return x509_crt_verify_restartable_ca_cb(crt, trust_ca, ca_crl, + NULL, NULL, + &mbedtls_x509_crt_profile_default, + cn, flags, + f_vrfy, p_vrfy, NULL); } /* * Verify the certificate validity (user-chosen profile, not restartable) */ -int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) +int mbedtls_x509_crt_verify_with_profile(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy) { - return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl, - NULL, NULL, - profile, cn, flags, - f_vrfy, p_vrfy, NULL ) ); + return x509_crt_verify_restartable_ca_cb(crt, trust_ca, ca_crl, + NULL, NULL, + profile, cn, flags, + f_vrfy, p_vrfy, NULL); } #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) @@ -3235,49 +3251,49 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, * Verify the certificate validity (user-chosen profile, CA callback, * not restartable). */ -int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) +int mbedtls_x509_crt_verify_with_ca_cb(mbedtls_x509_crt *crt, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy) { - return( x509_crt_verify_restartable_ca_cb( crt, NULL, NULL, - f_ca_cb, p_ca_cb, - profile, cn, flags, - f_vrfy, p_vrfy, NULL ) ); + return x509_crt_verify_restartable_ca_cb(crt, NULL, NULL, + f_ca_cb, p_ca_cb, + profile, cn, flags, + f_vrfy, p_vrfy, NULL); } #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy, - mbedtls_x509_crt_restart_ctx *rs_ctx ) +int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy, + mbedtls_x509_crt_restart_ctx *rs_ctx) { - return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl, - NULL, NULL, - profile, cn, flags, - f_vrfy, p_vrfy, rs_ctx ) ); + return x509_crt_verify_restartable_ca_cb(crt, trust_ca, ca_crl, + NULL, NULL, + profile, cn, flags, + f_vrfy, p_vrfy, rs_ctx); } /* * Initialize a certificate chain */ -void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ) +void mbedtls_x509_crt_init(mbedtls_x509_crt *crt) { - memset( crt, 0, sizeof(mbedtls_x509_crt) ); + memset(crt, 0, sizeof(mbedtls_x509_crt)); } /* * Unallocate all certificate data */ -void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ) +void mbedtls_x509_crt_free(mbedtls_x509_crt *crt) { mbedtls_x509_crt *cert_cur = crt; mbedtls_x509_crt *cert_prv; @@ -3286,95 +3302,87 @@ void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ) mbedtls_x509_sequence *seq_cur; mbedtls_x509_sequence *seq_prv; - if( crt == NULL ) + if (crt == NULL) { return; + } - do - { - mbedtls_pk_free( &cert_cur->pk ); + do { + mbedtls_pk_free(&cert_cur->pk); #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - mbedtls_free( cert_cur->sig_opts ); + mbedtls_free(cert_cur->sig_opts); #endif name_cur = cert_cur->issuer.next; - while( name_cur != NULL ) - { + while (name_cur != NULL) { name_prv = name_cur; name_cur = name_cur->next; - mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); - mbedtls_free( name_prv ); + mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name)); + mbedtls_free(name_prv); } name_cur = cert_cur->subject.next; - while( name_cur != NULL ) - { + while (name_cur != NULL) { name_prv = name_cur; name_cur = name_cur->next; - mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); - mbedtls_free( name_prv ); + mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name)); + mbedtls_free(name_prv); } seq_cur = cert_cur->ext_key_usage.next; - while( seq_cur != NULL ) - { + while (seq_cur != NULL) { seq_prv = seq_cur; seq_cur = seq_cur->next; - mbedtls_platform_zeroize( seq_prv, - sizeof( mbedtls_x509_sequence ) ); - mbedtls_free( seq_prv ); + mbedtls_platform_zeroize(seq_prv, + sizeof(mbedtls_x509_sequence)); + mbedtls_free(seq_prv); } seq_cur = cert_cur->subject_alt_names.next; - while( seq_cur != NULL ) - { + while (seq_cur != NULL) { seq_prv = seq_cur; seq_cur = seq_cur->next; - mbedtls_platform_zeroize( seq_prv, - sizeof( mbedtls_x509_sequence ) ); - mbedtls_free( seq_prv ); + mbedtls_platform_zeroize(seq_prv, + sizeof(mbedtls_x509_sequence)); + mbedtls_free(seq_prv); } seq_cur = cert_cur->certificate_policies.next; - while( seq_cur != NULL ) - { + while (seq_cur != NULL) { seq_prv = seq_cur; seq_cur = seq_cur->next; - mbedtls_platform_zeroize( seq_prv, - sizeof( mbedtls_x509_sequence ) ); - mbedtls_free( seq_prv ); + mbedtls_platform_zeroize(seq_prv, + sizeof(mbedtls_x509_sequence)); + mbedtls_free(seq_prv); } - if( cert_cur->raw.p != NULL && cert_cur->own_buffer ) - { - mbedtls_platform_zeroize( cert_cur->raw.p, cert_cur->raw.len ); - mbedtls_free( cert_cur->raw.p ); + if (cert_cur->raw.p != NULL && cert_cur->own_buffer) { + mbedtls_platform_zeroize(cert_cur->raw.p, cert_cur->raw.len); + mbedtls_free(cert_cur->raw.p); } cert_cur = cert_cur->next; - } - while( cert_cur != NULL ); + } while (cert_cur != NULL); cert_cur = crt; - do - { + do { cert_prv = cert_cur; cert_cur = cert_cur->next; - mbedtls_platform_zeroize( cert_prv, sizeof( mbedtls_x509_crt ) ); - if( cert_prv != crt ) - mbedtls_free( cert_prv ); - } - while( cert_cur != NULL ); + mbedtls_platform_zeroize(cert_prv, sizeof(mbedtls_x509_crt)); + if (cert_prv != crt) { + mbedtls_free(cert_prv); + } + } while (cert_cur != NULL); } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* * Initialize a restart context */ -void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ) +void mbedtls_x509_crt_restart_init(mbedtls_x509_crt_restart_ctx *ctx) { - mbedtls_pk_restart_init( &ctx->pk ); + mbedtls_pk_restart_init(&ctx->pk); ctx->parent = NULL; ctx->fallback_parent = NULL; @@ -3384,19 +3392,20 @@ void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ) ctx->in_progress = x509_crt_rs_none; ctx->self_cnt = 0; - x509_crt_verify_chain_reset( &ctx->ver_chain ); + x509_crt_verify_chain_reset(&ctx->ver_chain); } /* * Free the components of a restart context */ -void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ) +void mbedtls_x509_crt_restart_free(mbedtls_x509_crt_restart_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_pk_restart_free( &ctx->pk ); - mbedtls_x509_crt_restart_init( ctx ); + mbedtls_pk_restart_free(&ctx->pk); + mbedtls_x509_crt_restart_init(ctx); } #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ diff --git a/library/x509_csr.c b/library/x509_csr.c index 1a22b77086cf..89344d183bda 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -51,56 +51,56 @@ /* * Version ::= INTEGER { v1(0) } */ -static int x509_csr_get_version( unsigned char **p, - const unsigned char *end, - int *ver ) +static int x509_csr_get_version(unsigned char **p, + const unsigned char *end, + int *ver) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { + if ((ret = mbedtls_asn1_get_int(p, end, ver)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { *ver = 0; - return( 0 ); + return 0; } - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) ); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION, ret); } - return( 0 ); + return 0; } /* * Parse a CSR in DER format */ -int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, - const unsigned char *buf, size_t buflen ) +int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr, + const unsigned char *buf, size_t buflen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; unsigned char *p, *end; mbedtls_x509_buf sig_params; - memset( &sig_params, 0, sizeof( mbedtls_x509_buf ) ); + memset(&sig_params, 0, sizeof(mbedtls_x509_buf)); /* * Check for valid input */ - if( csr == NULL || buf == NULL || buflen == 0 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (csr == NULL || buf == NULL || buflen == 0) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - mbedtls_x509_csr_init( csr ); + mbedtls_x509_csr_init(csr); /* * first copy the raw DER data */ - p = mbedtls_calloc( 1, len = buflen ); + p = mbedtls_calloc(1, len = buflen); - if( p == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if (p == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } - memcpy( p, buf, buflen ); + memcpy(p, buf, buflen); csr->raw.p = p; csr->raw.len = len; @@ -113,18 +113,16 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, * signature BIT STRING * } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERR_X509_INVALID_FORMAT; } - if( len != (size_t) ( end - p ) ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (len != (size_t) (end - p)) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } /* @@ -132,11 +130,10 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, */ csr->cri.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } end = p + len; @@ -145,16 +142,14 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, /* * Version ::= INTEGER { v1(0) } */ - if( ( ret = x509_csr_get_version( &p, end, &csr->version ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); + if ((ret = x509_csr_get_version(&p, end, &csr->version)) != 0) { + mbedtls_x509_csr_free(csr); + return ret; } - if( csr->version != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); + if (csr->version != 0) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERR_X509_UNKNOWN_VERSION; } csr->version++; @@ -164,17 +159,15 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, */ csr->subject_raw.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } - if( ( ret = mbedtls_x509_get_name( &p, p + len, &csr->subject ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); + if ((ret = mbedtls_x509_get_name(&p, p + len, &csr->subject)) != 0) { + mbedtls_x509_csr_free(csr); + return ret; } csr->subject_raw.len = p - csr->subject_raw.p; @@ -182,10 +175,9 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, /* * subjectPKInfo SubjectPublicKeyInfo */ - if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &csr->pk ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); + if ((ret = mbedtls_pk_parse_subpubkey(&p, end, &csr->pk)) != 0) { + mbedtls_x509_csr_free(csr); + return ret; } /* @@ -198,11 +190,11 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, * the requester's expectations - this cannot cause a violation of our * signature policies. */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)) != + 0) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } p += len; @@ -213,40 +205,36 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, * signatureAlgorithm AlgorithmIdentifier, * signature BIT STRING */ - if( ( ret = mbedtls_x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); + if ((ret = mbedtls_x509_get_alg(&p, end, &csr->sig_oid, &sig_params)) != 0) { + mbedtls_x509_csr_free(csr); + return ret; } - if( ( ret = mbedtls_x509_get_sig_alg( &csr->sig_oid, &sig_params, - &csr->sig_md, &csr->sig_pk, - &csr->sig_opts ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG ); + if ((ret = mbedtls_x509_get_sig_alg(&csr->sig_oid, &sig_params, + &csr->sig_md, &csr->sig_pk, + &csr->sig_opts)) != 0) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG; } - if( ( ret = mbedtls_x509_get_sig( &p, end, &csr->sig ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); + if ((ret = mbedtls_x509_get_sig(&p, end, &csr->sig)) != 0) { + mbedtls_x509_csr_free(csr); + return ret; } - if( p != end ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } - return( 0 ); + return 0; } /* * Parse a CSR, allowing for PEM or raw DER encoding */ -int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ) +int mbedtls_x509_csr_parse(mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen) { #if defined(MBEDTLS_PEM_PARSE_C) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -257,61 +245,61 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz /* * Check for valid input */ - if( csr == NULL || buf == NULL || buflen == 0 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (csr == NULL || buf == NULL || buflen == 0) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } #if defined(MBEDTLS_PEM_PARSE_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( buf[buflen - 1] == '\0' ) - { - mbedtls_pem_init( &pem ); - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN CERTIFICATE REQUEST-----", - "-----END CERTIFICATE REQUEST-----", - buf, NULL, 0, &use_len ); - if( ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - { - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN NEW CERTIFICATE REQUEST-----", - "-----END NEW CERTIFICATE REQUEST-----", - buf, NULL, 0, &use_len ); + if (buf[buflen - 1] == '\0') { + mbedtls_pem_init(&pem); + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN CERTIFICATE REQUEST-----", + "-----END CERTIFICATE REQUEST-----", + buf, NULL, 0, &use_len); + if (ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN NEW CERTIFICATE REQUEST-----", + "-----END NEW CERTIFICATE REQUEST-----", + buf, NULL, 0, &use_len); } - if( ret == 0 ) - { + if (ret == 0) { /* * Was PEM encoded, parse the result */ - ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ); + ret = mbedtls_x509_csr_parse_der(csr, pem.buf, pem.buflen); } - mbedtls_pem_free( &pem ); - if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - return( ret ); + mbedtls_pem_free(&pem); + if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + return ret; + } } #endif /* MBEDTLS_PEM_PARSE_C */ - return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) ); + return mbedtls_x509_csr_parse_der(csr, buf, buflen); } #if defined(MBEDTLS_FS_IO) /* * Load a CSR into the structure */ -int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ) +int mbedtls_x509_csr_parse_file(mbedtls_x509_csr *csr, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } - ret = mbedtls_x509_csr_parse( csr, buf, n ); + ret = mbedtls_x509_csr_parse(csr, buf, n); - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); + mbedtls_platform_zeroize(buf, n); + mbedtls_free(buf); - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ @@ -320,8 +308,8 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ) /* * Return an informational string about the CSR. */ -int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_csr *csr ) +int mbedtls_x509_csr_info(char *buf, size_t size, const char *prefix, + const mbedtls_x509_csr *csr) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; @@ -331,76 +319,74 @@ int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, p = buf; n = size; - ret = mbedtls_snprintf( p, n, "%sCSR version : %d", - prefix, csr->version ); + ret = mbedtls_snprintf(p, n, "%sCSR version : %d", + prefix, csr->version); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%ssubject name : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &csr->subject ); + ret = mbedtls_x509_dn_gets(p, n, &csr->subject); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%ssigned using : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md, - csr->sig_opts ); + ret = mbedtls_x509_sig_alg_gets(p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md, + csr->sig_opts); MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON, - mbedtls_pk_get_name( &csr->pk ) ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_x509_key_size_helper(key_size_str, BEFORE_COLON, + mbedtls_pk_get_name(&csr->pk))) != 0) { + return ret; } - ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str, - (int) mbedtls_pk_get_bitlen( &csr->pk ) ); + ret = mbedtls_snprintf(p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str, + (int) mbedtls_pk_get_bitlen(&csr->pk)); MBEDTLS_X509_SAFE_SNPRINTF; - return( (int) ( size - n ) ); + return (int) (size - n); } /* * Initialize a CSR */ -void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ) +void mbedtls_x509_csr_init(mbedtls_x509_csr *csr) { - memset( csr, 0, sizeof(mbedtls_x509_csr) ); + memset(csr, 0, sizeof(mbedtls_x509_csr)); } /* * Unallocate all CSR data */ -void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ) +void mbedtls_x509_csr_free(mbedtls_x509_csr *csr) { mbedtls_x509_name *name_cur; mbedtls_x509_name *name_prv; - if( csr == NULL ) + if (csr == NULL) { return; + } - mbedtls_pk_free( &csr->pk ); + mbedtls_pk_free(&csr->pk); #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - mbedtls_free( csr->sig_opts ); + mbedtls_free(csr->sig_opts); #endif name_cur = csr->subject.next; - while( name_cur != NULL ) - { + while (name_cur != NULL) { name_prv = name_cur; name_cur = name_cur->next; - mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); - mbedtls_free( name_prv ); + mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name)); + mbedtls_free(name_prv); } - if( csr->raw.p != NULL ) - { - mbedtls_platform_zeroize( csr->raw.p, csr->raw.len ); - mbedtls_free( csr->raw.p ); + if (csr->raw.p != NULL) { + mbedtls_platform_zeroize(csr->raw.p, csr->raw.len); + mbedtls_free(csr->raw.p); } - mbedtls_platform_zeroize( csr, sizeof( mbedtls_x509_csr ) ); + mbedtls_platform_zeroize(csr, sizeof(mbedtls_x509_csr)); } #endif /* MBEDTLS_X509_CSR_PARSE_C */ diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 0c5e99183472..4a65939c3acd 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -40,258 +40,264 @@ #include "mbedtls/pem.h" #endif /* MBEDTLS_PEM_WRITE_C */ -void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ) +void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx) { - memset( ctx, 0, sizeof( mbedtls_x509write_cert ) ); + memset(ctx, 0, sizeof(mbedtls_x509write_cert)); - mbedtls_mpi_init( &ctx->serial ); + mbedtls_mpi_init(&ctx->serial); ctx->version = MBEDTLS_X509_CRT_VERSION_3; } -void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ) +void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx) { - mbedtls_mpi_free( &ctx->serial ); + mbedtls_mpi_free(&ctx->serial); - mbedtls_asn1_free_named_data_list( &ctx->subject ); - mbedtls_asn1_free_named_data_list( &ctx->issuer ); - mbedtls_asn1_free_named_data_list( &ctx->extensions ); + mbedtls_asn1_free_named_data_list(&ctx->subject); + mbedtls_asn1_free_named_data_list(&ctx->issuer); + mbedtls_asn1_free_named_data_list(&ctx->extensions); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_cert ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_x509write_cert)); } -void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, - int version ) +void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx, + int version) { ctx->version = version; } -void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, - mbedtls_md_type_t md_alg ) +void mbedtls_x509write_crt_set_md_alg(mbedtls_x509write_cert *ctx, + mbedtls_md_type_t md_alg) { ctx->md_alg = md_alg; } -void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, - mbedtls_pk_context *key ) +void mbedtls_x509write_crt_set_subject_key(mbedtls_x509write_cert *ctx, + mbedtls_pk_context *key) { ctx->subject_key = key; } -void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, - mbedtls_pk_context *key ) +void mbedtls_x509write_crt_set_issuer_key(mbedtls_x509write_cert *ctx, + mbedtls_pk_context *key) { ctx->issuer_key = key; } -int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, - const char *subject_name ) +int mbedtls_x509write_crt_set_subject_name(mbedtls_x509write_cert *ctx, + const char *subject_name) { - return mbedtls_x509_string_to_names( &ctx->subject, subject_name ); + return mbedtls_x509_string_to_names(&ctx->subject, subject_name); } -int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, - const char *issuer_name ) +int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx, + const char *issuer_name) { - return mbedtls_x509_string_to_names( &ctx->issuer, issuer_name ); + return mbedtls_x509_string_to_names(&ctx->issuer, issuer_name); } -int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, - const mbedtls_mpi *serial ) +int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx, + const mbedtls_mpi *serial) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_mpi_copy( &ctx->serial, serial ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mpi_copy(&ctx->serial, serial)) != 0) { + return ret; + } - return( 0 ); + return 0; } -int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, - const char *not_before, - const char *not_after ) +int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, + const char *not_before, + const char *not_after) { - if( strlen( not_before ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 || - strlen( not_after ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 ) - { - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (strlen(not_before) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 || + strlen(not_after) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; } - strncpy( ctx->not_before, not_before, MBEDTLS_X509_RFC5280_UTC_TIME_LEN ); - strncpy( ctx->not_after , not_after , MBEDTLS_X509_RFC5280_UTC_TIME_LEN ); + strncpy(ctx->not_before, not_before, MBEDTLS_X509_RFC5280_UTC_TIME_LEN); + strncpy(ctx->not_after, not_after, MBEDTLS_X509_RFC5280_UTC_TIME_LEN); ctx->not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z'; ctx->not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z'; - return( 0 ); + return 0; } -int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, - const char *oid, size_t oid_len, - int critical, - const unsigned char *val, size_t val_len ) +int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx, + const char *oid, size_t oid_len, + int critical, + const unsigned char *val, size_t val_len) { - return( mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len, - critical, val, val_len ) ); + return mbedtls_x509_set_extension(&ctx->extensions, oid, oid_len, + critical, val, val_len); } -int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, - int is_ca, int max_pathlen ) +int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx, + int is_ca, int max_pathlen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[9]; unsigned char *c = buf + sizeof(buf); size_t len = 0; - memset( buf, 0, sizeof(buf) ); + memset(buf, 0, sizeof(buf)); - if( is_ca && max_pathlen > 127 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (is_ca && max_pathlen > 127) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - if( is_ca ) - { - if( max_pathlen >= 0 ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, - max_pathlen ) ); + if (is_ca) { + if (max_pathlen >= 0) { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, + max_pathlen)); } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( &c, buf, 1 ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_bool(&c, buf, 1)); } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( - mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS, - MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ), - is_ca, buf + sizeof(buf) - len, len ) ); + return + mbedtls_x509write_crt_set_extension(ctx, MBEDTLS_OID_BASIC_CONSTRAINTS, + MBEDTLS_OID_SIZE(MBEDTLS_OID_BASIC_CONSTRAINTS), + is_ca, buf + sizeof(buf) - len, len); } #if defined(MBEDTLS_SHA1_C) -int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ) +int mbedtls_x509write_crt_set_subject_key_identifier(mbedtls_x509write_cert *ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ unsigned char *c = buf + sizeof(buf); size_t len = 0; - memset( buf, 0, sizeof(buf) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) ); + memset(buf, 0, sizeof(buf)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_pk_write_pubkey(&c, buf, ctx->subject_key)); - ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len, - buf + sizeof( buf ) - 20 ); - if( ret != 0 ) - return( ret ); - c = buf + sizeof( buf ) - 20; + ret = mbedtls_sha1_ret(buf + sizeof(buf) - len, len, + buf + sizeof(buf) - 20); + if (ret != 0) { + return ret; + } + c = buf + sizeof(buf) - 20; len = 20; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_OCTET_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_OCTET_STRING)); - return mbedtls_x509write_crt_set_extension( ctx, - MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER, - MBEDTLS_OID_SIZE( MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER ), - 0, buf + sizeof(buf) - len, len ); + return mbedtls_x509write_crt_set_extension(ctx, + MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER, + MBEDTLS_OID_SIZE(MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER), + 0, buf + sizeof(buf) - len, len); } -int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ) +int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ - unsigned char *c = buf + sizeof( buf ); + unsigned char *c = buf + sizeof(buf); size_t len = 0; - memset( buf, 0, sizeof(buf) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) ); + memset(buf, 0, sizeof(buf)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_pk_write_pubkey(&c, buf, ctx->issuer_key)); - ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len, - buf + sizeof( buf ) - 20 ); - if( ret != 0 ) - return( ret ); - c = buf + sizeof( buf ) - 20; + ret = mbedtls_sha1_ret(buf + sizeof(buf) - len, len, + buf + sizeof(buf) - 20); + if (ret != 0) { + return ret; + } + c = buf + sizeof(buf) - 20; len = 20; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0 ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER, - MBEDTLS_OID_SIZE( MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER ), - 0, buf + sizeof( buf ) - len, len ); + MBEDTLS_OID_SIZE(MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER), + 0, buf + sizeof(buf) - len, len); } #endif /* MBEDTLS_SHA1_C */ -int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, - unsigned int key_usage ) +int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx, + unsigned int key_usage) { - unsigned char buf[5] = {0}, ku[2] = {0}; + unsigned char buf[5] = { 0 }, ku[2] = { 0 }; unsigned char *c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE | - MBEDTLS_X509_KU_NON_REPUDIATION | - MBEDTLS_X509_KU_KEY_ENCIPHERMENT | - MBEDTLS_X509_KU_DATA_ENCIPHERMENT | - MBEDTLS_X509_KU_KEY_AGREEMENT | - MBEDTLS_X509_KU_KEY_CERT_SIGN | - MBEDTLS_X509_KU_CRL_SIGN | - MBEDTLS_X509_KU_ENCIPHER_ONLY | - MBEDTLS_X509_KU_DECIPHER_ONLY; + MBEDTLS_X509_KU_NON_REPUDIATION | + MBEDTLS_X509_KU_KEY_ENCIPHERMENT | + MBEDTLS_X509_KU_DATA_ENCIPHERMENT | + MBEDTLS_X509_KU_KEY_AGREEMENT | + MBEDTLS_X509_KU_KEY_CERT_SIGN | + MBEDTLS_X509_KU_CRL_SIGN | + MBEDTLS_X509_KU_ENCIPHER_ONLY | + MBEDTLS_X509_KU_DECIPHER_ONLY; /* Check that nothing other than the allowed flags is set */ - if( ( key_usage & ~allowed_bits ) != 0 ) - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + if ((key_usage & ~allowed_bits) != 0) { + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; + } c = buf + 5; - MBEDTLS_PUT_UINT16_LE( key_usage, ku, 0 ); - ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 ); + MBEDTLS_PUT_UINT16_LE(key_usage, ku, 0); + ret = mbedtls_asn1_write_named_bitstring(&c, buf, ku, 9); - if( ret < 0 ) - return( ret ); - else if( ret < 3 || ret > 5 ) - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + if (ret < 0) { + return ret; + } else if (ret < 3 || ret > 5) { + return MBEDTLS_ERR_X509_INVALID_FORMAT; + } - ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), - 1, c, (size_t)ret ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_x509write_crt_set_extension(ctx, MBEDTLS_OID_KEY_USAGE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_KEY_USAGE), + 1, c, (size_t) ret); + if (ret != 0) { + return ret; + } - return( 0 ); + return 0; } -int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, - unsigned char ns_cert_type ) +int mbedtls_x509write_crt_set_ns_cert_type(mbedtls_x509write_cert *ctx, + unsigned char ns_cert_type) { - unsigned char buf[4] = {0}; + unsigned char buf[4] = { 0 }; unsigned char *c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; c = buf + 4; - ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 ); - if( ret < 3 || ret > 4 ) - return( ret ); + ret = mbedtls_asn1_write_named_bitstring(&c, buf, &ns_cert_type, 8); + if (ret < 3 || ret > 4) { + return ret; + } - ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), - 0, c, (size_t)ret ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_x509write_crt_set_extension(ctx, MBEDTLS_OID_NS_CERT_TYPE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_NS_CERT_TYPE), + 0, c, (size_t) ret); + if (ret != 0) { + return ret; + } - return( 0 ); + return 0; } -static int x509_write_time( unsigned char **p, unsigned char *start, - const char *t, size_t size ) +static int x509_write_time(unsigned char **p, unsigned char *start, + const char *t, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; @@ -299,32 +305,29 @@ static int x509_write_time( unsigned char **p, unsigned char *start, /* * write MBEDTLS_ASN1_UTC_TIME if year < 2050 (2 bytes shorter) */ - if( t[0] < '2' || ( t[0] == '2' && t[1] == '0' && t[2] < '5' ) ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) t + 2, - size - 2 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_UTC_TIME ) ); - } - else - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) t, - size ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_GENERALIZED_TIME ) ); + if (t[0] < '2' || (t[0] == '2' && t[1] == '0' && t[2] < '5')) { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, + (const unsigned char *) t + 2, + size - 2)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_UTC_TIME)); + } else { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, + (const unsigned char *) t, + size)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_GENERALIZED_TIME)); } - return( (int) len ); + return (int) len; } -int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, - unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, + unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const char *sig_oid; @@ -345,17 +348,17 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, /* There's no direct way of extracting a signature algorithm * (represented as an element of mbedtls_pk_type_t) from a PK instance. */ - if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_RSA ) ) + if (mbedtls_pk_can_do(ctx->issuer_key, MBEDTLS_PK_RSA)) { pk_alg = MBEDTLS_PK_RSA; - else if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_ECDSA ) ) + } else if (mbedtls_pk_can_do(ctx->issuer_key, MBEDTLS_PK_ECDSA)) { pk_alg = MBEDTLS_PK_ECDSA; - else - return( MBEDTLS_ERR_X509_INVALID_ALG ); + } else { + return MBEDTLS_ERR_X509_INVALID_ALG; + } - if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, - &sig_oid, &sig_oid_len ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_oid_get_oid_by_sig_alg(pk_alg, ctx->md_alg, + &sig_oid, &sig_oid_len)) != 0) { + return ret; } /* @@ -363,38 +366,37 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, */ /* Only for v3 */ - if( ctx->version == MBEDTLS_X509_CRT_VERSION_3 ) - { - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_x509_write_extensions( &c, - buf, ctx->extensions ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | - MBEDTLS_ASN1_CONSTRUCTED | 3 ) ); + if (ctx->version == MBEDTLS_X509_CRT_VERSION_3) { + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_x509_write_extensions(&c, + buf, ctx->extensions)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 3)); } /* * SubjectPublicKeyInfo */ - MBEDTLS_ASN1_CHK_ADD( pub_len, - mbedtls_pk_write_pubkey_der( ctx->subject_key, - buf, c - buf ) ); + MBEDTLS_ASN1_CHK_ADD(pub_len, + mbedtls_pk_write_pubkey_der(ctx->subject_key, + buf, c - buf)); c -= pub_len; len += pub_len; /* * Subject ::= Name */ - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_x509_write_names( &c, buf, - ctx->subject ) ); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_x509_write_names(&c, buf, + ctx->subject)); /* * Validity ::= SEQUENCE { @@ -403,93 +405,91 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, */ sub_len = 0; - MBEDTLS_ASN1_CHK_ADD( sub_len, - x509_write_time( &c, buf, ctx->not_after, - MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) ); + MBEDTLS_ASN1_CHK_ADD(sub_len, + x509_write_time(&c, buf, ctx->not_after, + MBEDTLS_X509_RFC5280_UTC_TIME_LEN)); - MBEDTLS_ASN1_CHK_ADD( sub_len, - x509_write_time( &c, buf, ctx->not_before, - MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) ); + MBEDTLS_ASN1_CHK_ADD(sub_len, + x509_write_time(&c, buf, ctx->not_before, + MBEDTLS_X509_RFC5280_UTC_TIME_LEN)); len += sub_len; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, sub_len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, sub_len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); /* * Issuer ::= Name */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, buf, - ctx->issuer ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_x509_write_names(&c, buf, + ctx->issuer)); /* * Signature ::= AlgorithmIdentifier */ - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_algorithm_identifier( &c, buf, - sig_oid, strlen( sig_oid ), 0 ) ); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_algorithm_identifier(&c, buf, + sig_oid, strlen(sig_oid), 0)); /* * Serial ::= INTEGER */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, - &ctx->serial ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&c, buf, + &ctx->serial)); /* * Version ::= INTEGER { v1(0), v2(1), v3(2) } */ /* Can be omitted for v1 */ - if( ctx->version != MBEDTLS_X509_CRT_VERSION_1 ) - { + if (ctx->version != MBEDTLS_X509_CRT_VERSION_1) { sub_len = 0; - MBEDTLS_ASN1_CHK_ADD( sub_len, - mbedtls_asn1_write_int( &c, buf, ctx->version ) ); + MBEDTLS_ASN1_CHK_ADD(sub_len, + mbedtls_asn1_write_int(&c, buf, ctx->version)); len += sub_len; - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_len( &c, buf, sub_len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | - MBEDTLS_ASN1_CONSTRUCTED | 0 ) ); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_len(&c, buf, sub_len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 0)); } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); /* * Make signature */ /* Compute hash of CRT. */ - if( ( ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, - len, hash ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_md(mbedtls_md_info_from_type(ctx->md_alg), c, + len, hash)) != 0) { + return ret; } - if( ( ret = mbedtls_pk_sign( ctx->issuer_key, ctx->md_alg, - hash, 0, sig, &sig_len, - f_rng, p_rng ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pk_sign(ctx->issuer_key, ctx->md_alg, + hash, 0, sig, &sig_len, + f_rng, p_rng)) != 0) { + return ret; } /* Move CRT to the front of the buffer to have space * for the signature. */ - memmove( buf, c, len ); + memmove(buf, c, len); c = buf + len; /* Add signature at the end of the buffer, * making sure that it doesn't underflow * into the CRT buffer. */ c2 = buf + size; - MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, c, - sig_oid, sig_oid_len, sig, sig_len ) ); + MBEDTLS_ASN1_CHK_ADD(sig_and_oid_len, mbedtls_x509_write_sig(&c2, c, + sig_oid, sig_oid_len, sig, + sig_len)); /* * Memory layout after this step: @@ -500,43 +500,41 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, /* Move raw CRT to just before the signature. */ c = c2 - len; - memmove( c, buf, len ); + memmove(c, buf, len); len += sig_and_oid_len; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( (int) len ); + return (int) len; } #define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n" #define PEM_END_CRT "-----END CERTIFICATE-----\n" #if defined(MBEDTLS_PEM_WRITE_C) -int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *crt, - unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *crt, + unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen; - if( ( ret = mbedtls_x509write_crt_der( crt, buf, size, - f_rng, p_rng ) ) < 0 ) - { - return( ret ); + if ((ret = mbedtls_x509write_crt_der(crt, buf, size, + f_rng, p_rng)) < 0) { + return ret; } - if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT, - buf + size - ret, ret, - buf, size, &olen ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_CRT, PEM_END_CRT, + buf + size - ret, ret, + buf, size, &olen)) != 0) { + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_PEM_WRITE_C */ diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 707dd001f09d..a421fde97ebf 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -46,92 +46,96 @@ #include "mbedtls/platform.h" -void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ) +void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx) { - memset( ctx, 0, sizeof( mbedtls_x509write_csr ) ); + memset(ctx, 0, sizeof(mbedtls_x509write_csr)); } -void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ) +void mbedtls_x509write_csr_free(mbedtls_x509write_csr *ctx) { - mbedtls_asn1_free_named_data_list( &ctx->subject ); - mbedtls_asn1_free_named_data_list( &ctx->extensions ); + mbedtls_asn1_free_named_data_list(&ctx->subject); + mbedtls_asn1_free_named_data_list(&ctx->extensions); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_csr ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_x509write_csr)); } -void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ) +void mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg) { ctx->md_alg = md_alg; } -void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ) +void mbedtls_x509write_csr_set_key(mbedtls_x509write_csr *ctx, mbedtls_pk_context *key) { ctx->key = key; } -int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, - const char *subject_name ) +int mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr *ctx, + const char *subject_name) { - return mbedtls_x509_string_to_names( &ctx->subject, subject_name ); + return mbedtls_x509_string_to_names(&ctx->subject, subject_name); } -int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, - const char *oid, size_t oid_len, - const unsigned char *val, size_t val_len ) +int mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr *ctx, + const char *oid, size_t oid_len, + const unsigned char *val, size_t val_len) { - return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len, - 0, val, val_len ); + return mbedtls_x509_set_extension(&ctx->extensions, oid, oid_len, + 0, val, val_len); } -int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ) +int mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr *ctx, unsigned char key_usage) { - unsigned char buf[4] = {0}; + unsigned char buf[4] = { 0 }; unsigned char *c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; c = buf + 4; - ret = mbedtls_asn1_write_named_bitstring( &c, buf, &key_usage, 8 ); - if( ret < 3 || ret > 4 ) - return( ret ); + ret = mbedtls_asn1_write_named_bitstring(&c, buf, &key_usage, 8); + if (ret < 3 || ret > 4) { + return ret; + } - ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), - c, (size_t)ret ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_x509write_csr_set_extension(ctx, MBEDTLS_OID_KEY_USAGE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_KEY_USAGE), + c, (size_t) ret); + if (ret != 0) { + return ret; + } - return( 0 ); + return 0; } -int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, - unsigned char ns_cert_type ) +int mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr *ctx, + unsigned char ns_cert_type) { - unsigned char buf[4] = {0}; + unsigned char buf[4] = { 0 }; unsigned char *c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; c = buf + 4; - ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 ); - if( ret < 3 || ret > 4 ) - return( ret ); + ret = mbedtls_asn1_write_named_bitstring(&c, buf, &ns_cert_type, 8); + if (ret < 3 || ret > 4) { + return ret; + } - ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), - c, (size_t)ret ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_x509write_csr_set_extension(ctx, MBEDTLS_OID_NS_CERT_TYPE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_NS_CERT_TYPE), + c, (size_t) ret); + if (ret != 0) { + return ret; + } - return( 0 ); + return 0; } -static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx, - unsigned char *buf, - size_t size, - unsigned char *sig, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx, + unsigned char *buf, + size_t size, + unsigned char *sig, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const char *sig_oid; @@ -144,114 +148,114 @@ static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx, #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; size_t hash_len; - psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg ); + psa_algorithm_t hash_alg = mbedtls_psa_translate_md(ctx->md_alg); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Write the CSR backwards starting from the end of buf */ c = buf + size; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, buf, - ctx->extensions ) ); - - if( len ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( - &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( - &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ); - - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_oid( - &c, buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ, - MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( - &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_x509_write_extensions(&c, buf, + ctx->extensions)); + + if (len) { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag( + &c, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag( + &c, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET)); + + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_oid( + &c, buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ, + MBEDTLS_OID_SIZE(MBEDTLS_OID_PKCS9_CSR_EXT_REQ))); + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag( + &c, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( - &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag( + &c, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)); - MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key, - buf, c - buf ) ); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_pk_write_pubkey_der(ctx->key, + buf, c - buf)); c -= pub_len; len += pub_len; /* * Subject ::= Name */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, buf, - ctx->subject ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_x509_write_names(&c, buf, + ctx->subject)); /* * Version ::= INTEGER { v1(0), v2(1), v3(2) } */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 0)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( - &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag( + &c, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); /* * Sign the written CSR data into the sig buffer * Note: hash errors can happen only after an internal error */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) - return( MBEDTLS_ERR_X509_FATAL_ERROR ); + if (psa_hash_setup(&hash_operation, hash_alg) != PSA_SUCCESS) { + return MBEDTLS_ERR_X509_FATAL_ERROR; + } - if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS ) - return( MBEDTLS_ERR_X509_FATAL_ERROR ); + if (psa_hash_update(&hash_operation, c, len) != PSA_SUCCESS) { + return MBEDTLS_ERR_X509_FATAL_ERROR; + } - if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) - != PSA_SUCCESS ) - { - return( MBEDTLS_ERR_X509_FATAL_ERROR ); + if (psa_hash_finish(&hash_operation, hash, sizeof(hash), &hash_len) + != PSA_SUCCESS) { + return MBEDTLS_ERR_X509_FATAL_ERROR; } #else /* MBEDTLS_USE_PSA_CRYPTO */ - ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_md(mbedtls_md_info_from_type(ctx->md_alg), c, len, hash); + if (ret != 0) { + return ret; + } #endif - if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len, - f_rng, p_rng ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pk_sign(ctx->key, ctx->md_alg, hash, 0, sig, &sig_len, + f_rng, p_rng)) != 0) { + return ret; } - if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_RSA ) ) + if (mbedtls_pk_can_do(ctx->key, MBEDTLS_PK_RSA)) { pk_alg = MBEDTLS_PK_RSA; - else if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_ECDSA ) ) + } else if (mbedtls_pk_can_do(ctx->key, MBEDTLS_PK_ECDSA)) { pk_alg = MBEDTLS_PK_ECDSA; - else - return( MBEDTLS_ERR_X509_INVALID_ALG ); + } else { + return MBEDTLS_ERR_X509_INVALID_ALG; + } - if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, - &sig_oid, &sig_oid_len ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_oid_get_oid_by_sig_alg(pk_alg, ctx->md_alg, + &sig_oid, &sig_oid_len)) != 0) { + return ret; } /* * Move the written CSR data to the start of buf to create space for * writing the signature into buf. */ - memmove( buf, c, len ); + memmove(buf, c, len); /* * Write sig and its OID into buf backwards from the end of buf. @@ -259,76 +263,73 @@ static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx, * and return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if needed. */ c2 = buf + size; - MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, - mbedtls_x509_write_sig( &c2, buf + len, sig_oid, sig_oid_len, - sig, sig_len ) ); + MBEDTLS_ASN1_CHK_ADD(sig_and_oid_len, + mbedtls_x509_write_sig(&c2, buf + len, sig_oid, sig_oid_len, + sig, sig_len)); /* * Compact the space between the CSR data and signature by moving the * CSR data to the start of the signature. */ c2 -= len; - memmove( c2, buf, len ); + memmove(c2, buf, len); /* ASN encode the total size and tag the CSR data with it. */ len += sig_and_oid_len; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( - &c2, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c2, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag( + &c2, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); /* Zero the unused bytes at the start of buf */ - memset( buf, 0, c2 - buf); + memset(buf, 0, c2 - buf); - return( (int) len ); + return (int) len; } -int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, - size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, + size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret; unsigned char *sig; - if( ( sig = mbedtls_calloc( 1, MBEDTLS_PK_SIGNATURE_MAX_SIZE ) ) == NULL ) - { - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if ((sig = mbedtls_calloc(1, MBEDTLS_PK_SIGNATURE_MAX_SIZE)) == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; } - ret = x509write_csr_der_internal( ctx, buf, size, sig, f_rng, p_rng ); + ret = x509write_csr_der_internal(ctx, buf, size, sig, f_rng, p_rng); - mbedtls_free( sig ); + mbedtls_free(sig); - return( ret ); + return ret; } #define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n" #define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n" #if defined(MBEDTLS_PEM_WRITE_C) -int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen = 0; - if( ( ret = mbedtls_x509write_csr_der( ctx, buf, size, - f_rng, p_rng ) ) < 0 ) - { - return( ret ); + if ((ret = mbedtls_x509write_csr_der(ctx, buf, size, + f_rng, p_rng)) < 0) { + return ret; } - if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR, - buf + size - ret, - ret, buf, size, &olen ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_CSR, PEM_END_CSR, + buf + size - ret, + ret, buf, size, &olen)) != 0) { + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_PEM_WRITE_C */ diff --git a/library/xtea.c b/library/xtea.c index 28e6972aa882..27651cc0e539 100644 --- a/library/xtea.c +++ b/library/xtea.c @@ -30,116 +30,109 @@ #if !defined(MBEDTLS_XTEA_ALT) -void mbedtls_xtea_init( mbedtls_xtea_context *ctx ) +void mbedtls_xtea_init(mbedtls_xtea_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_xtea_context ) ); + memset(ctx, 0, sizeof(mbedtls_xtea_context)); } -void mbedtls_xtea_free( mbedtls_xtea_context *ctx ) +void mbedtls_xtea_free(mbedtls_xtea_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_xtea_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_xtea_context)); } /* * XTEA key schedule */ -void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] ) +void mbedtls_xtea_setup(mbedtls_xtea_context *ctx, const unsigned char key[16]) { int i; - memset( ctx, 0, sizeof(mbedtls_xtea_context) ); + memset(ctx, 0, sizeof(mbedtls_xtea_context)); - for( i = 0; i < 4; i++ ) - { - ctx->k[i] = MBEDTLS_GET_UINT32_BE( key, i << 2 ); + for (i = 0; i < 4; i++) { + ctx->k[i] = MBEDTLS_GET_UINT32_BE(key, i << 2); } } /* * XTEA encrypt function */ -int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, int mode, - const unsigned char input[8], unsigned char output[8]) +int mbedtls_xtea_crypt_ecb(mbedtls_xtea_context *ctx, int mode, + const unsigned char input[8], unsigned char output[8]) { uint32_t *k, v0, v1, i; k = ctx->k; - v0 = MBEDTLS_GET_UINT32_BE( input, 0 ); - v1 = MBEDTLS_GET_UINT32_BE( input, 4 ); + v0 = MBEDTLS_GET_UINT32_BE(input, 0); + v1 = MBEDTLS_GET_UINT32_BE(input, 4); - if( mode == MBEDTLS_XTEA_ENCRYPT ) - { + if (mode == MBEDTLS_XTEA_ENCRYPT) { uint32_t sum = 0, delta = 0x9E3779B9; - for( i = 0; i < 32; i++ ) - { + for (i = 0; i < 32; i++) { v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); sum += delta; v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); } - } - else /* MBEDTLS_XTEA_DECRYPT */ - { + } else { /* MBEDTLS_XTEA_DECRYPT */ uint32_t delta = 0x9E3779B9, sum = delta * 32; - for( i = 0; i < 32; i++ ) - { + for (i = 0; i < 32; i++) { v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); sum -= delta; v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); } } - MBEDTLS_PUT_UINT32_BE( v0, output, 0 ); - MBEDTLS_PUT_UINT32_BE( v1, output, 4 ); + MBEDTLS_PUT_UINT32_BE(v0, output, 0); + MBEDTLS_PUT_UINT32_BE(v1, output, 4); - return( 0 ); + return 0; } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * XTEA-CBC buffer encryption/decryption */ -int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length, - unsigned char iv[8], const unsigned char *input, - unsigned char *output) +int mbedtls_xtea_crypt_cbc(mbedtls_xtea_context *ctx, int mode, size_t length, + unsigned char iv[8], const unsigned char *input, + unsigned char *output) { int i; unsigned char temp[8]; - if( length % 8 ) - return( MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH ); + if (length % 8) { + return MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH; + } - if( mode == MBEDTLS_XTEA_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, 8 ); - mbedtls_xtea_crypt_ecb( ctx, mode, input, output ); + if (mode == MBEDTLS_XTEA_DECRYPT) { + while (length > 0) { + memcpy(temp, input, 8); + mbedtls_xtea_crypt_ecb(ctx, mode, input, output); - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < 8; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, 8 ); + memcpy(iv, temp, 8); input += 8; output += 8; length -= 8; } - } - else - { - while( length > 0 ) - { - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + } else { + while (length > 0) { + for (i = 0; i < 8; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - mbedtls_xtea_crypt_ecb( ctx, mode, output, output ); - memcpy( iv, output, 8 ); + mbedtls_xtea_crypt_ecb(ctx, mode, output, output); + memcpy(iv, output, 8); input += 8; output += 8; @@ -147,7 +140,7 @@ int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length, } } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* !MBEDTLS_XTEA_ALT */ @@ -160,18 +153,18 @@ int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length, static const unsigned char xtea_test_key[6][16] = { - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, - 0x0c, 0x0d, 0x0e, 0x0f }, - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, - 0x0c, 0x0d, 0x0e, 0x0f }, - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, - 0x0c, 0x0d, 0x0e, 0x0f }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 } }; static const unsigned char xtea_test_pt[6][8] = @@ -197,43 +190,45 @@ static const unsigned char xtea_test_ct[6][8] = /* * Checkup routine */ -int mbedtls_xtea_self_test( int verbose ) +int mbedtls_xtea_self_test(int verbose) { int i, ret = 0; unsigned char buf[8]; mbedtls_xtea_context ctx; - mbedtls_xtea_init( &ctx ); - for( i = 0; i < 6; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " XTEA test #%d: ", i + 1 ); + mbedtls_xtea_init(&ctx); + for (i = 0; i < 6; i++) { + if (verbose != 0) { + mbedtls_printf(" XTEA test #%d: ", i + 1); + } - memcpy( buf, xtea_test_pt[i], 8 ); + memcpy(buf, xtea_test_pt[i], 8); - mbedtls_xtea_setup( &ctx, xtea_test_key[i] ); - mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf ); + mbedtls_xtea_setup(&ctx, xtea_test_key[i]); + mbedtls_xtea_crypt_ecb(&ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf); - if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (memcmp(buf, xtea_test_ct[i], 8) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } exit: - mbedtls_xtea_free( &ctx ); + mbedtls_xtea_free(&ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index c92ca133f04a..434c609e4d15 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -32,7 +32,7 @@ #include "mbedtls/platform.h" #if defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_MD_C) && \ - defined(MBEDTLS_FS_IO) + defined(MBEDTLS_FS_IO) #include "mbedtls/cipher.h" #include "mbedtls/md.h" #include "mbedtls/platform_util.h" @@ -63,15 +63,15 @@ #if !defined(MBEDTLS_CIPHER_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_CIPHER_C and/or MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1, i; unsigned n; @@ -95,139 +95,122 @@ int main( int argc, char *argv[] ) #if defined(_WIN32_WCE) long filesize, offset; #elif defined(_WIN32) - LARGE_INTEGER li_size; + LARGE_INTEGER li_size; __int64 filesize, offset; #else - off_t filesize, offset; + off_t filesize, offset; #endif - mbedtls_cipher_init( &cipher_ctx ); - mbedtls_md_init( &md_ctx ); + mbedtls_cipher_init(&cipher_ctx); + mbedtls_md_init(&md_ctx); /* * Parse the command-line arguments. */ - if( argc != 7 ) - { + if (argc != 7) { const int *list; - mbedtls_printf( USAGE ); + mbedtls_printf(USAGE); - mbedtls_printf( "Available ciphers:\n" ); + mbedtls_printf("Available ciphers:\n"); list = mbedtls_cipher_list(); - while( *list ) - { - cipher_info = mbedtls_cipher_info_from_type( *list ); - mbedtls_printf( " %s\n", cipher_info->name ); + while (*list) { + cipher_info = mbedtls_cipher_info_from_type(*list); + mbedtls_printf(" %s\n", cipher_info->name); list++; } - mbedtls_printf( "\nAvailable message digests:\n" ); + mbedtls_printf("\nAvailable message digests:\n"); list = mbedtls_md_list(); - while( *list ) - { - md_info = mbedtls_md_info_from_type( *list ); - mbedtls_printf( " %s\n", mbedtls_md_get_name( md_info ) ); + while (*list) { + md_info = mbedtls_md_info_from_type(*list); + mbedtls_printf(" %s\n", mbedtls_md_get_name(md_info)); list++; } #if defined(_WIN32) - mbedtls_printf( "\n Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf("\n Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif goto exit; } - mode = atoi( argv[1] ); + mode = atoi(argv[1]); - if( mode != MODE_ENCRYPT && mode != MODE_DECRYPT ) - { - mbedtls_fprintf( stderr, "invalid operation mode\n" ); + if (mode != MODE_ENCRYPT && mode != MODE_DECRYPT) { + mbedtls_fprintf(stderr, "invalid operation mode\n"); goto exit; } - if( strcmp( argv[2], argv[3] ) == 0 ) - { - mbedtls_fprintf( stderr, "input and output filenames must differ\n" ); + if (strcmp(argv[2], argv[3]) == 0) { + mbedtls_fprintf(stderr, "input and output filenames must differ\n"); goto exit; } - if( ( fin = fopen( argv[2], "rb" ) ) == NULL ) - { - mbedtls_fprintf( stderr, "fopen(%s,rb) failed\n", argv[2] ); + if ((fin = fopen(argv[2], "rb")) == NULL) { + mbedtls_fprintf(stderr, "fopen(%s,rb) failed\n", argv[2]); goto exit; } - if( ( fout = fopen( argv[3], "wb+" ) ) == NULL ) - { - mbedtls_fprintf( stderr, "fopen(%s,wb+) failed\n", argv[3] ); + if ((fout = fopen(argv[3], "wb+")) == NULL) { + mbedtls_fprintf(stderr, "fopen(%s,wb+) failed\n", argv[3]); goto exit; } /* * Read the Cipher and MD from the command line */ - cipher_info = mbedtls_cipher_info_from_string( argv[4] ); - if( cipher_info == NULL ) - { - mbedtls_fprintf( stderr, "Cipher '%s' not found\n", argv[4] ); + cipher_info = mbedtls_cipher_info_from_string(argv[4]); + if (cipher_info == NULL) { + mbedtls_fprintf(stderr, "Cipher '%s' not found\n", argv[4]); goto exit; } - if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info) ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_setup failed\n" ); + if ((ret = mbedtls_cipher_setup(&cipher_ctx, cipher_info)) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_setup failed\n"); goto exit; } - md_info = mbedtls_md_info_from_string( argv[5] ); - if( md_info == NULL ) - { - mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[5] ); + md_info = mbedtls_md_info_from_string(argv[5]); + if (md_info == NULL) { + mbedtls_fprintf(stderr, "Message Digest '%s' not found\n", argv[5]); goto exit; } - if( mbedtls_md_setup( &md_ctx, md_info, 1 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_setup failed\n" ); + if (mbedtls_md_setup(&md_ctx, md_info, 1) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_setup failed\n"); goto exit; } /* * Read the secret key from file or command line */ - if( ( fkey = fopen( argv[6], "rb" ) ) != NULL ) - { - keylen = fread( key, 1, sizeof( key ), fkey ); - fclose( fkey ); - } - else - { - if( memcmp( argv[6], "hex:", 4 ) == 0 ) - { + if ((fkey = fopen(argv[6], "rb")) != NULL) { + keylen = fread(key, 1, sizeof(key), fkey); + fclose(fkey); + } else { + if (memcmp(argv[6], "hex:", 4) == 0) { p = &argv[6][4]; keylen = 0; - while( sscanf( p, "%02X", (unsigned int*) &n ) > 0 && - keylen < (int) sizeof( key ) ) - { + while (sscanf(p, "%02X", (unsigned int *) &n) > 0 && + keylen < (int) sizeof(key)) { key[keylen++] = (unsigned char) n; p += 2; } - } - else - { - keylen = strlen( argv[6] ); + } else { + keylen = strlen(argv[6]); - if( keylen > (int) sizeof( key ) ) - keylen = (int) sizeof( key ); + if (keylen > (int) sizeof(key)) { + keylen = (int) sizeof(key); + } - memcpy( key, argv[6], keylen ); + memcpy(key, argv[6], keylen); } } #if defined(_WIN32_WCE) - filesize = fseek( fin, 0L, SEEK_END ); + filesize = fseek(fin, 0L, SEEK_END); #else #if defined(_WIN32) /* @@ -235,72 +218,64 @@ int main( int argc, char *argv[] ) */ li_size.QuadPart = 0; li_size.LowPart = - SetFilePointer( (HANDLE) _get_osfhandle( _fileno( fin ) ), - li_size.LowPart, &li_size.HighPart, FILE_END ); + SetFilePointer((HANDLE) _get_osfhandle(_fileno(fin)), + li_size.LowPart, &li_size.HighPart, FILE_END); - if( li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR ) - { - mbedtls_fprintf( stderr, "SetFilePointer(0,FILE_END) failed\n" ); + if (li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR) { + mbedtls_fprintf(stderr, "SetFilePointer(0,FILE_END) failed\n"); goto exit; } filesize = li_size.QuadPart; #else - if( ( filesize = lseek( fileno( fin ), 0, SEEK_END ) ) < 0 ) - { - perror( "lseek" ); + if ((filesize = lseek(fileno(fin), 0, SEEK_END)) < 0) { + perror("lseek"); goto exit; } #endif #endif - if( fseek( fin, 0, SEEK_SET ) < 0 ) - { - mbedtls_fprintf( stderr, "fseek(0,SEEK_SET) failed\n" ); + if (fseek(fin, 0, SEEK_SET) < 0) { + mbedtls_fprintf(stderr, "fseek(0,SEEK_SET) failed\n"); goto exit; } - if( mode == MODE_ENCRYPT ) - { + if (mode == MODE_ENCRYPT) { /* * Generate the initialization vector as: * IV = MD( filesize || filename )[0..15] */ - for( i = 0; i < 8; i++ ) - buffer[i] = (unsigned char)( filesize >> ( i << 3 ) ); + for (i = 0; i < 8; i++) { + buffer[i] = (unsigned char) (filesize >> (i << 3)); + } p = argv[2]; - if( mbedtls_md_starts( &md_ctx ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_starts() returned error\n" ); + if (mbedtls_md_starts(&md_ctx) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_starts() returned error\n"); goto exit; } - if( mbedtls_md_update( &md_ctx, buffer, 8 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" ); + if (mbedtls_md_update(&md_ctx, buffer, 8) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n"); goto exit; } - if( mbedtls_md_update( &md_ctx, ( unsigned char * ) p, strlen( p ) ) - != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" ); + if (mbedtls_md_update(&md_ctx, (unsigned char *) p, strlen(p)) + != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n"); goto exit; } - if( mbedtls_md_finish( &md_ctx, digest ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_finish() returned error\n" ); + if (mbedtls_md_finish(&md_ctx, digest) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_finish() returned error\n"); goto exit; } - memcpy( IV, digest, 16 ); + memcpy(IV, digest, 16); /* * Append the IV at the beginning of the output. */ - if( fwrite( IV, 1, 16, fout ) != 16 ) - { - mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 ); + if (fwrite(IV, 1, 16, fout) != 16) { + mbedtls_fprintf(stderr, "fwrite(%d bytes) failed\n", 16); goto exit; } @@ -308,129 +283,109 @@ int main( int argc, char *argv[] ) * Hash the IV and the secret key together 8192 times * using the result to setup the AES context and HMAC. */ - memset( digest, 0, 32 ); - memcpy( digest, IV, 16 ); - - for( i = 0; i < 8192; i++ ) - { - if( mbedtls_md_starts( &md_ctx ) != 0 ) - { - mbedtls_fprintf( stderr, - "mbedtls_md_starts() returned error\n" ); + memset(digest, 0, 32); + memcpy(digest, IV, 16); + + for (i = 0; i < 8192; i++) { + if (mbedtls_md_starts(&md_ctx) != 0) { + mbedtls_fprintf(stderr, + "mbedtls_md_starts() returned error\n"); goto exit; } - if( mbedtls_md_update( &md_ctx, digest, 32 ) != 0 ) - { - mbedtls_fprintf( stderr, - "mbedtls_md_update() returned error\n" ); + if (mbedtls_md_update(&md_ctx, digest, 32) != 0) { + mbedtls_fprintf(stderr, + "mbedtls_md_update() returned error\n"); goto exit; } - if( mbedtls_md_update( &md_ctx, key, keylen ) != 0 ) - { - mbedtls_fprintf( stderr, - "mbedtls_md_update() returned error\n" ); + if (mbedtls_md_update(&md_ctx, key, keylen) != 0) { + mbedtls_fprintf(stderr, + "mbedtls_md_update() returned error\n"); goto exit; } - if( mbedtls_md_finish( &md_ctx, digest ) != 0 ) - { - mbedtls_fprintf( stderr, - "mbedtls_md_finish() returned error\n" ); + if (mbedtls_md_finish(&md_ctx, digest) != 0) { + mbedtls_fprintf(stderr, + "mbedtls_md_finish() returned error\n"); goto exit; } } - if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen, - MBEDTLS_ENCRYPT ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_setkey() returned error\n"); + if (mbedtls_cipher_setkey(&cipher_ctx, digest, cipher_info->key_bitlen, + MBEDTLS_ENCRYPT) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_setkey() returned error\n"); goto exit; } - if( mbedtls_cipher_set_iv( &cipher_ctx, IV, 16 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_set_iv() returned error\n"); + if (mbedtls_cipher_set_iv(&cipher_ctx, IV, 16) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_set_iv() returned error\n"); goto exit; } - if( mbedtls_cipher_reset( &cipher_ctx ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_reset() returned error\n"); + if (mbedtls_cipher_reset(&cipher_ctx) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_reset() returned error\n"); goto exit; } - if( mbedtls_md_hmac_starts( &md_ctx, digest, 32 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_starts() returned error\n" ); + if (mbedtls_md_hmac_starts(&md_ctx, digest, 32) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_starts() returned error\n"); goto exit; } /* * Encrypt and write the ciphertext. */ - for( offset = 0; offset < filesize; offset += mbedtls_cipher_get_block_size( &cipher_ctx ) ) - { - ilen = ( (unsigned int) filesize - offset > mbedtls_cipher_get_block_size( &cipher_ctx ) ) ? - mbedtls_cipher_get_block_size( &cipher_ctx ) : (unsigned int) ( filesize - offset ); - - if( fread( buffer, 1, ilen, fin ) != ilen ) - { - mbedtls_fprintf( stderr, "fread(%ld bytes) failed\n", (long) ilen ); + for (offset = 0; offset < filesize; offset += mbedtls_cipher_get_block_size(&cipher_ctx)) { + ilen = ((unsigned int) filesize - offset > mbedtls_cipher_get_block_size(&cipher_ctx)) ? + mbedtls_cipher_get_block_size(&cipher_ctx) : (unsigned int) (filesize - offset); + + if (fread(buffer, 1, ilen, fin) != ilen) { + mbedtls_fprintf(stderr, "fread(%ld bytes) failed\n", (long) ilen); goto exit; } - if( mbedtls_cipher_update( &cipher_ctx, buffer, ilen, output, &olen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_update() returned error\n"); + if (mbedtls_cipher_update(&cipher_ctx, buffer, ilen, output, &olen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_update() returned error\n"); goto exit; } - if( mbedtls_md_hmac_update( &md_ctx, output, olen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_update() returned error\n" ); + if (mbedtls_md_hmac_update(&md_ctx, output, olen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n"); goto exit; } - if( fwrite( output, 1, olen, fout ) != olen ) - { - mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen ); + if (fwrite(output, 1, olen, fout) != olen) { + mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen); goto exit; } } - if( mbedtls_cipher_finish( &cipher_ctx, output, &olen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_finish() returned error\n" ); + if (mbedtls_cipher_finish(&cipher_ctx, output, &olen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_finish() returned error\n"); goto exit; } - if( mbedtls_md_hmac_update( &md_ctx, output, olen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_update() returned error\n" ); + if (mbedtls_md_hmac_update(&md_ctx, output, olen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n"); goto exit; } - if( fwrite( output, 1, olen, fout ) != olen ) - { - mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen ); + if (fwrite(output, 1, olen, fout) != olen) { + mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen); goto exit; } /* * Finally write the HMAC. */ - if( mbedtls_md_hmac_finish( &md_ctx, digest ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_finish() returned error\n" ); + if (mbedtls_md_hmac_finish(&md_ctx, digest) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_finish() returned error\n"); goto exit; } - if( fwrite( digest, 1, mbedtls_md_get_size( md_info ), fout ) != mbedtls_md_get_size( md_info ) ) - { - mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", mbedtls_md_get_size( md_info ) ); + if (fwrite(digest, 1, mbedtls_md_get_size(md_info), fout) != mbedtls_md_get_size(md_info)) { + mbedtls_fprintf(stderr, "fwrite(%d bytes) failed\n", mbedtls_md_get_size(md_info)); goto exit; } } - if( mode == MODE_DECRYPT ) - { + if (mode == MODE_DECRYPT) { /* * The encrypted file must be structured as follows: * @@ -440,132 +395,114 @@ int main( int argc, char *argv[] ) * N*16 .. (N+1)*16 - 1 Encrypted Block #N * (N+1)*16 .. (N+1)*16 + n Hash(ciphertext) */ - if( filesize < 16 + mbedtls_md_get_size( md_info ) ) - { - mbedtls_fprintf( stderr, "File too short to be encrypted.\n" ); + if (filesize < 16 + mbedtls_md_get_size(md_info)) { + mbedtls_fprintf(stderr, "File too short to be encrypted.\n"); goto exit; } - if( mbedtls_cipher_get_block_size( &cipher_ctx ) == 0 ) - { - mbedtls_fprintf( stderr, "Invalid cipher block size: 0. \n" ); + if (mbedtls_cipher_get_block_size(&cipher_ctx) == 0) { + mbedtls_fprintf(stderr, "Invalid cipher block size: 0. \n"); goto exit; } /* * Check the file size. */ - if( cipher_info->mode != MBEDTLS_MODE_GCM && - ( ( filesize - mbedtls_md_get_size( md_info ) ) % - mbedtls_cipher_get_block_size( &cipher_ctx ) ) != 0 ) - { - mbedtls_fprintf( stderr, "File content not a multiple of the block size (%u).\n", - mbedtls_cipher_get_block_size( &cipher_ctx )); + if (cipher_info->mode != MBEDTLS_MODE_GCM && + ((filesize - mbedtls_md_get_size(md_info)) % + mbedtls_cipher_get_block_size(&cipher_ctx)) != 0) { + mbedtls_fprintf(stderr, "File content not a multiple of the block size (%u).\n", + mbedtls_cipher_get_block_size(&cipher_ctx)); goto exit; } /* * Subtract the IV + HMAC length. */ - filesize -= ( 16 + mbedtls_md_get_size( md_info ) ); + filesize -= (16 + mbedtls_md_get_size(md_info)); /* * Read the IV and original filesize modulo 16. */ - if( fread( buffer, 1, 16, fin ) != 16 ) - { - mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 ); + if (fread(buffer, 1, 16, fin) != 16) { + mbedtls_fprintf(stderr, "fread(%d bytes) failed\n", 16); goto exit; } - memcpy( IV, buffer, 16 ); + memcpy(IV, buffer, 16); /* * Hash the IV and the secret key together 8192 times * using the result to setup the AES context and HMAC. */ - memset( digest, 0, 32 ); - memcpy( digest, IV, 16 ); - - for( i = 0; i < 8192; i++ ) - { - if( mbedtls_md_starts( &md_ctx ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_starts() returned error\n" ); + memset(digest, 0, 32); + memcpy(digest, IV, 16); + + for (i = 0; i < 8192; i++) { + if (mbedtls_md_starts(&md_ctx) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_starts() returned error\n"); goto exit; } - if( mbedtls_md_update( &md_ctx, digest, 32 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" ); + if (mbedtls_md_update(&md_ctx, digest, 32) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n"); goto exit; } - if( mbedtls_md_update( &md_ctx, key, keylen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" ); + if (mbedtls_md_update(&md_ctx, key, keylen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n"); goto exit; } - if( mbedtls_md_finish( &md_ctx, digest ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_finish() returned error\n" ); + if (mbedtls_md_finish(&md_ctx, digest) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_finish() returned error\n"); goto exit; } } - if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen, - MBEDTLS_DECRYPT ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_setkey() returned error\n" ); + if (mbedtls_cipher_setkey(&cipher_ctx, digest, cipher_info->key_bitlen, + MBEDTLS_DECRYPT) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_setkey() returned error\n"); goto exit; } - if( mbedtls_cipher_set_iv( &cipher_ctx, IV, 16 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_set_iv() returned error\n" ); + if (mbedtls_cipher_set_iv(&cipher_ctx, IV, 16) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_set_iv() returned error\n"); goto exit; } - if( mbedtls_cipher_reset( &cipher_ctx ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_reset() returned error\n" ); + if (mbedtls_cipher_reset(&cipher_ctx) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_reset() returned error\n"); goto exit; } - if( mbedtls_md_hmac_starts( &md_ctx, digest, 32 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_starts() returned error\n" ); + if (mbedtls_md_hmac_starts(&md_ctx, digest, 32) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_starts() returned error\n"); goto exit; } /* * Decrypt and write the plaintext. */ - for( offset = 0; offset < filesize; offset += mbedtls_cipher_get_block_size( &cipher_ctx ) ) - { - ilen = ( (unsigned int) filesize - offset > mbedtls_cipher_get_block_size( &cipher_ctx ) ) ? - mbedtls_cipher_get_block_size( &cipher_ctx ) : (unsigned int) ( filesize - offset ); - - if( fread( buffer, 1, ilen, fin ) != ilen ) - { - mbedtls_fprintf( stderr, "fread(%u bytes) failed\n", - mbedtls_cipher_get_block_size( &cipher_ctx ) ); + for (offset = 0; offset < filesize; offset += mbedtls_cipher_get_block_size(&cipher_ctx)) { + ilen = ((unsigned int) filesize - offset > mbedtls_cipher_get_block_size(&cipher_ctx)) ? + mbedtls_cipher_get_block_size(&cipher_ctx) : (unsigned int) (filesize - offset); + + if (fread(buffer, 1, ilen, fin) != ilen) { + mbedtls_fprintf(stderr, "fread(%u bytes) failed\n", + mbedtls_cipher_get_block_size(&cipher_ctx)); goto exit; } - if( mbedtls_md_hmac_update( &md_ctx, buffer, ilen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_update() returned error\n" ); + if (mbedtls_md_hmac_update(&md_ctx, buffer, ilen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n"); goto exit; } - if( mbedtls_cipher_update( &cipher_ctx, buffer, ilen, output, - &olen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_update() returned error\n" ); + if (mbedtls_cipher_update(&cipher_ctx, buffer, ilen, output, + &olen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_update() returned error\n"); goto exit; } - if( fwrite( output, 1, olen, fout ) != olen ) - { - mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen ); + if (fwrite(output, 1, olen, fout) != olen) { + mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen); goto exit; } } @@ -573,42 +510,38 @@ int main( int argc, char *argv[] ) /* * Verify the message authentication code. */ - if( mbedtls_md_hmac_finish( &md_ctx, digest ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_finish() returned error\n" ); + if (mbedtls_md_hmac_finish(&md_ctx, digest) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_finish() returned error\n"); goto exit; } - if( fread( buffer, 1, mbedtls_md_get_size( md_info ), fin ) != mbedtls_md_get_size( md_info ) ) - { - mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", mbedtls_md_get_size( md_info ) ); + if (fread(buffer, 1, mbedtls_md_get_size(md_info), fin) != mbedtls_md_get_size(md_info)) { + mbedtls_fprintf(stderr, "fread(%d bytes) failed\n", mbedtls_md_get_size(md_info)); goto exit; } /* Use constant-time buffer comparison */ diff = 0; - for( i = 0; i < mbedtls_md_get_size( md_info ); i++ ) + for (i = 0; i < mbedtls_md_get_size(md_info); i++) { diff |= digest[i] ^ buffer[i]; + } - if( diff != 0 ) - { - mbedtls_fprintf( stderr, "HMAC check failed: wrong key, " - "or file corrupted.\n" ); + if (diff != 0) { + mbedtls_fprintf(stderr, "HMAC check failed: wrong key, " + "or file corrupted.\n"); goto exit; } /* * Write the final block of data */ - if( mbedtls_cipher_finish( &cipher_ctx, output, &olen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_finish() returned error\n" ); + if (mbedtls_cipher_finish(&cipher_ctx, output, &olen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_finish() returned error\n"); goto exit; } - if( fwrite( output, 1, olen, fout ) != olen ) - { - mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen ); + if (fwrite(output, 1, olen, fout) != olen) { + mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen); goto exit; } } @@ -616,26 +549,29 @@ int main( int argc, char *argv[] ) exit_code = MBEDTLS_EXIT_SUCCESS; exit: - if( fin ) - fclose( fin ); - if( fout ) - fclose( fout ); + if (fin) { + fclose(fin); + } + if (fout) { + fclose(fout); + } /* Zeroize all command line arguments to also cover the case when the user has missed or reordered some, in which case the key might not be in argv[6]. */ - for( i = 0; i < argc; i++ ) - mbedtls_platform_zeroize( argv[i], strlen( argv[i] ) ); + for (i = 0; i < argc; i++) { + mbedtls_platform_zeroize(argv[i], strlen(argv[i])); + } - mbedtls_platform_zeroize( IV, sizeof( IV ) ); - mbedtls_platform_zeroize( key, sizeof( key ) ); - mbedtls_platform_zeroize( buffer, sizeof( buffer ) ); - mbedtls_platform_zeroize( output, sizeof( output ) ); - mbedtls_platform_zeroize( digest, sizeof( digest ) ); + mbedtls_platform_zeroize(IV, sizeof(IV)); + mbedtls_platform_zeroize(key, sizeof(key)); + mbedtls_platform_zeroize(buffer, sizeof(buffer)); + mbedtls_platform_zeroize(output, sizeof(output)); + mbedtls_platform_zeroize(digest, sizeof(digest)); - mbedtls_cipher_free( &cipher_ctx ); - mbedtls_md_free( &md_ctx ); + mbedtls_cipher_free(&cipher_ctx); + mbedtls_md_free(&md_ctx); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_CIPHER_C && MBEDTLS_MD_C && MBEDTLS_FS_IO */ diff --git a/programs/fuzz/common.c b/programs/fuzz/common.c index bea9f9efe6d2..56b9a13cc5d4 100644 --- a/programs/fuzz/common.c +++ b/programs/fuzz/common.c @@ -6,7 +6,7 @@ #include "mbedtls/ctr_drbg.h" #if defined(MBEDTLS_PLATFORM_TIME_ALT) -mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) +mbedtls_time_t dummy_constant_time(mbedtls_time_t *time) { (void) time; return 0x5af2a056; @@ -16,47 +16,47 @@ mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) void dummy_init() { #if defined(MBEDTLS_PLATFORM_TIME_ALT) - mbedtls_platform_set_time( dummy_constant_time ); + mbedtls_platform_set_time(dummy_constant_time); #else fprintf(stderr, "Warning: fuzzing without constant time\n"); #endif } -int dummy_send( void *ctx, const unsigned char *buf, size_t len ) +int dummy_send(void *ctx, const unsigned char *buf, size_t len) { //silence warning about unused parameter (void) ctx; (void) buf; //pretends we wrote everything ok - if( len > INT_MAX ) { - return( -1 ); + if (len > INT_MAX) { + return -1; } - return( (int) len ); + return (int) len; } -int fuzz_recv( void *ctx, unsigned char *buf, size_t len ) +int fuzz_recv(void *ctx, unsigned char *buf, size_t len) { //reads from the buffer from fuzzer - fuzzBufferOffset_t * biomemfuzz = (fuzzBufferOffset_t *) ctx; + fuzzBufferOffset_t *biomemfuzz = (fuzzBufferOffset_t *) ctx; - if(biomemfuzz->Offset == biomemfuzz->Size) { + if (biomemfuzz->Offset == biomemfuzz->Size) { //EOF - return( 0 ); + return 0; } - if( len > INT_MAX ) { - return( -1 ); + if (len > INT_MAX) { + return -1; } - if( len + biomemfuzz->Offset > biomemfuzz->Size ) { + if (len + biomemfuzz->Offset > biomemfuzz->Size) { //do not overflow len = biomemfuzz->Size - biomemfuzz->Offset; } memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len); biomemfuzz->Offset += len; - return( (int) len ); + return (int) len; } -int dummy_random( void *p_rng, unsigned char *output, size_t output_len ) +int dummy_random(void *p_rng, unsigned char *output, size_t output_len) { int ret; size_t i; @@ -68,14 +68,14 @@ int dummy_random( void *p_rng, unsigned char *output, size_t output_len ) (void) p_rng; ret = 0; #endif - for (i=0; i #include -typedef struct fuzzBufferOffset -{ +typedef struct fuzzBufferOffset { const uint8_t *Data; size_t Size; size_t Offset; } fuzzBufferOffset_t; #if defined(MBEDTLS_HAVE_TIME) -mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); +mbedtls_time_t dummy_constant_time(mbedtls_time_t *time); #endif void dummy_init(); -int dummy_send( void *ctx, const unsigned char *buf, size_t len ); -int fuzz_recv( void *ctx, unsigned char *buf, size_t len ); -int dummy_random( void *p_rng, unsigned char *output, size_t output_len ); -int dummy_entropy( void *data, unsigned char *output, size_t len ); -int fuzz_recv_timeout( void *ctx, unsigned char *buf, size_t len, - uint32_t timeout ); +int dummy_send(void *ctx, const unsigned char *buf, size_t len); +int fuzz_recv(void *ctx, unsigned char *buf, size_t len); +int dummy_random(void *p_rng, unsigned char *output, size_t output_len); +int dummy_entropy(void *data, unsigned char *output, size_t len); +int fuzz_recv_timeout(void *ctx, unsigned char *buf, size_t len, + uint32_t timeout); diff --git a/programs/fuzz/fuzz_client.c b/programs/fuzz/fuzz_client.c index 270ae8a4db88..cc208b3a4a0b 100644 --- a/programs/fuzz/fuzz_client.c +++ b/programs/fuzz/fuzz_client.c @@ -30,7 +30,8 @@ const char *pers = "fuzz_client"; #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #if defined(MBEDTLS_SSL_CLI_C) && \ defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_C) @@ -46,10 +47,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (initialized == 0) { #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_x509_crt_init( &cacert ); - if (mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ) != 0) + mbedtls_x509_crt_init(&cacert); + if (mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len) != 0) { return 1; + } #endif alpn_list[0] = "HTTP"; @@ -69,104 +71,118 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { //Avoid warnings if compile options imply no options (void) options; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); - if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy, - (const unsigned char *) pers, strlen( pers ) ) != 0 ) + if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, + (const unsigned char *) pers, strlen(pers)) != 0) { goto exit; + } - if( mbedtls_ssl_config_defaults( &conf, + if (mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT, MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) != 0 ) + MBEDTLS_SSL_PRESET_DEFAULT) != 0) { goto exit; + } #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) if (options & 2) { - mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ), - (const unsigned char *) psk_id, sizeof( psk_id ) - 1 ); + mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk), + (const unsigned char *) psk_id, sizeof(psk_id) - 1); } #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) if (options & 4) { - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED ); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED); } else #endif { - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE ); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE); } #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - mbedtls_ssl_conf_truncated_hmac( &conf, (options & 8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED); + mbedtls_ssl_conf_truncated_hmac(&conf, + (options & + 8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED); #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); + mbedtls_ssl_conf_extended_master_secret(&conf, + (options & + 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED); + mbedtls_ssl_conf_encrypt_then_mac(&conf, + (options & + 0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED); #endif #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - mbedtls_ssl_conf_cbc_record_splitting( &conf, (options & 0x40) ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ); + mbedtls_ssl_conf_cbc_record_splitting(&conf, + (options & + 0x40) ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED); #endif #if defined(MBEDTLS_SSL_RENEGOTIATION) - mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED ); + mbedtls_ssl_conf_renegotiation(&conf, + (options & + 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED); #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) - mbedtls_ssl_conf_session_tickets( &conf, (options & 0x100) ? MBEDTLS_SSL_SESSION_TICKETS_DISABLED : MBEDTLS_SSL_SESSION_TICKETS_ENABLED ); + mbedtls_ssl_conf_session_tickets(&conf, + (options & + 0x100) ? MBEDTLS_SSL_SESSION_TICKETS_DISABLED : MBEDTLS_SSL_SESSION_TICKETS_ENABLED); #endif #if defined(MBEDTLS_SSL_ALPN) if (options & 0x200) { - mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ); + mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list); } #endif //There may be other options to add : // mbedtls_ssl_conf_cert_profile, mbedtls_ssl_conf_sig_hashes srand(1); - mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg ); + mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg); - if( mbedtls_ssl_setup( &ssl, &conf ) != 0 ) + if (mbedtls_ssl_setup(&ssl, &conf) != 0) { goto exit; + } #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) if ((options & 1) == 0) { - if( mbedtls_ssl_set_hostname( &ssl, "localhost" ) != 0 ) + if (mbedtls_ssl_set_hostname(&ssl, "localhost") != 0) { goto exit; + } } #endif biomemfuzz.Data = Data; biomemfuzz.Size = Size-2; biomemfuzz.Offset = 0; - mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL); - ret = mbedtls_ssl_handshake( &ssl ); - if( ret == 0 ) - { + ret = mbedtls_ssl_handshake(&ssl); + if (ret == 0) { //keep reading data from server until the end - do - { - len = sizeof( buf ) - 1; - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ) { continue; - else if( ret <= 0 ) + } else if (ret <= 0) { //EOF or error break; - } - while( 1 ); + } + } while (1); } exit: - mbedtls_entropy_free( &entropy ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_free( &ssl ); + mbedtls_entropy_free(&entropy); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_ssl_config_free(&conf); + mbedtls_ssl_free(&ssl); #else (void) Data; diff --git a/programs/fuzz/fuzz_dtlsclient.c b/programs/fuzz/fuzz_dtlsclient.c index ff258bcc7116..6e8a5e6011b8 100644 --- a/programs/fuzz/fuzz_dtlsclient.c +++ b/programs/fuzz/fuzz_dtlsclient.c @@ -25,7 +25,8 @@ const char *pers = "fuzz_dtlsclient"; -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #if defined(MBEDTLS_SSL_PROTO_DTLS) && \ defined(MBEDTLS_SSL_CLI_C) && \ defined(MBEDTLS_ENTROPY_C) && \ @@ -43,77 +44,80 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (initialized == 0) { #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_x509_crt_init( &cacert ); - if (mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ) != 0) + mbedtls_x509_crt_init(&cacert); + if (mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len) != 0) { return 1; + } #endif dummy_init(); initialized = 1; } - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); srand(1); - if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy, - (const unsigned char *) pers, strlen( pers ) ) != 0 ) + if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, + (const unsigned char *) pers, strlen(pers)) != 0) { goto exit; + } - if( mbedtls_ssl_config_defaults( &conf, + if (mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT, MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) != 0 ) + MBEDTLS_SSL_PRESET_DEFAULT) != 0) { goto exit; + } #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); #endif - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE ); - mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg ); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE); + mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg); - if( mbedtls_ssl_setup( &ssl, &conf ) != 0 ) + if (mbedtls_ssl_setup(&ssl, &conf) != 0) { goto exit; + } - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - if( mbedtls_ssl_set_hostname( &ssl, "localhost" ) != 0 ) + if (mbedtls_ssl_set_hostname(&ssl, "localhost") != 0) { goto exit; + } #endif biomemfuzz.Data = Data; biomemfuzz.Size = Size; biomemfuzz.Offset = 0; - mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout ); + mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout); - ret = mbedtls_ssl_handshake( &ssl ); - if( ret == 0 ) - { + ret = mbedtls_ssl_handshake(&ssl); + if (ret == 0) { //keep reading data from server until the end - do - { - len = sizeof( buf ) - 1; - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ) { continue; - else if( ret <= 0 ) + } else if (ret <= 0) { //EOF or error break; - } - while( 1 ); + } + } while (1); } exit: - mbedtls_entropy_free( &entropy ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_free( &ssl ); + mbedtls_entropy_free(&entropy); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_ssl_config_free(&conf); + mbedtls_ssl_free(&ssl); #else (void) Data; diff --git a/programs/fuzz/fuzz_dtlsserver.c b/programs/fuzz/fuzz_dtlsserver.c index 48553c0c867f..99366aedc2c8 100644 --- a/programs/fuzz/fuzz_dtlsserver.c +++ b/programs/fuzz/fuzz_dtlsserver.c @@ -14,10 +14,10 @@ defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_C) && \ defined(MBEDTLS_TIMING_C) && \ - ( defined(MBEDTLS_SHA256_C) || \ - ( defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) ) ) + (defined(MBEDTLS_SHA256_C) || \ + (defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384))) const char *pers = "fuzz_dtlsserver"; -const unsigned char client_ip[4] = {0x7F, 0, 0, 1}; +const unsigned char client_ip[4] = { 0x7F, 0, 0, 1 }; static int initialized = 0; #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) static mbedtls_x509_crt srvcert; @@ -26,14 +26,15 @@ static mbedtls_pk_context pkey; #endif #endif // MBEDTLS_SSL_PROTO_DTLS -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #if defined(MBEDTLS_SSL_PROTO_DTLS) && \ defined(MBEDTLS_SSL_SRV_C) && \ defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_C) && \ defined(MBEDTLS_TIMING_C) && \ - ( defined(MBEDTLS_SHA256_C) || \ - ( defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) ) ) + (defined(MBEDTLS_SHA256_C) || \ + (defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384))) int ret; size_t len; mbedtls_ssl_context ssl; @@ -47,101 +48,112 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (initialized == 0) { #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ) != 0) + mbedtls_x509_crt_init(&srvcert); + mbedtls_pk_init(&pkey); + if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len) != 0) { return 1; - if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ) != 0) + } + if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len) != 0) { return 1; - if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ) != 0) + } + if (mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0) != 0) { return 1; + } #endif dummy_init(); initialized = 1; } - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - mbedtls_ssl_cookie_init( &cookie_ctx ); - - if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy, - (const unsigned char *) pers, strlen( pers ) ) != 0 ) + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + mbedtls_ssl_cookie_init(&cookie_ctx); + + if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, + (const unsigned char *) pers, strlen(pers)) != 0) { goto exit; + } - if( mbedtls_ssl_config_defaults( &conf, + if (mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) != 0 ) + MBEDTLS_SSL_PRESET_DEFAULT) != 0) { goto exit; + } srand(1); - mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg ); + mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg); #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) != 0 ) + mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); + if (mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey) != 0) { goto exit; + } #endif - if( mbedtls_ssl_cookie_setup( &cookie_ctx, dummy_random, &ctr_drbg ) != 0 ) + if (mbedtls_ssl_cookie_setup(&cookie_ctx, dummy_random, &ctr_drbg) != 0) { goto exit; + } - mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &cookie_ctx ); + mbedtls_ssl_conf_dtls_cookies(&conf, + mbedtls_ssl_cookie_write, + mbedtls_ssl_cookie_check, + &cookie_ctx); - if( mbedtls_ssl_setup( &ssl, &conf ) != 0 ) + if (mbedtls_ssl_setup(&ssl, &conf) != 0) { goto exit; + } - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay); biomemfuzz.Data = Data; biomemfuzz.Size = Size; biomemfuzz.Offset = 0; - mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout ); - if( mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof(client_ip) ) != 0 ) + mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout); + if (mbedtls_ssl_set_client_transport_id(&ssl, client_ip, sizeof(client_ip)) != 0) { goto exit; + } - ret = mbedtls_ssl_handshake( &ssl ); + ret = mbedtls_ssl_handshake(&ssl); if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) { biomemfuzz.Offset = ssl.next_record_offset; - mbedtls_ssl_session_reset( &ssl ); - mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout ); - if( mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof(client_ip) ) != 0 ) + mbedtls_ssl_session_reset(&ssl); + mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout); + if (mbedtls_ssl_set_client_transport_id(&ssl, client_ip, sizeof(client_ip)) != 0) { goto exit; + } - ret = mbedtls_ssl_handshake( &ssl ); + ret = mbedtls_ssl_handshake(&ssl); - if( ret == 0 ) - { + if (ret == 0) { //keep reading data from server until the end - do - { - len = sizeof( buf ) - 1; - ret = mbedtls_ssl_read( &ssl, buf, len ); - if( ret == MBEDTLS_ERR_SSL_WANT_READ ) + do { + len = sizeof(buf) - 1; + ret = mbedtls_ssl_read(&ssl, buf, len); + if (ret == MBEDTLS_ERR_SSL_WANT_READ) { continue; - else if( ret <= 0 ) + } else if (ret <= 0) { //EOF or error break; - } - while( 1 ); + } + } while (1); } } exit: - mbedtls_ssl_cookie_free( &cookie_ctx ); - mbedtls_entropy_free( &entropy ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_free( &ssl ); + mbedtls_ssl_cookie_free(&cookie_ctx); + mbedtls_entropy_free(&entropy); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_ssl_config_free(&conf); + mbedtls_ssl_free(&ssl); #else (void) Data; diff --git a/programs/fuzz/fuzz_privkey.c b/programs/fuzz/fuzz_privkey.c index 6c968fd54cb0..c24f27596936 100644 --- a/programs/fuzz/fuzz_privkey.c +++ b/programs/fuzz/fuzz_privkey.c @@ -6,7 +6,8 @@ #define MAX_LEN 0x1000 -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #ifdef MBEDTLS_PK_PARSE_C int ret; mbedtls_pk_context pk; @@ -16,56 +17,53 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { Size = MAX_LEN; } - mbedtls_pk_init( &pk ); - ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0 ); + mbedtls_pk_init(&pk); + ret = mbedtls_pk_parse_key(&pk, Data, Size, NULL, 0); if (ret == 0) { #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA ) - { + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) { mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; mbedtls_rsa_context *rsa; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); - rsa = mbedtls_pk_rsa( pk ); - if ( mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E ) != 0 ) { + rsa = mbedtls_pk_rsa(pk); + if (mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E) != 0) { abort(); } - if ( mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) != 0 ) { + if (mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP) != 0) { abort(); } - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); - } - else + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY || - mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY_DH ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk ); + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY || + mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk); mbedtls_ecp_group_id grp_id = ecp->grp.id; const mbedtls_ecp_curve_info *curve_info = - mbedtls_ecp_curve_info_from_grp_id( grp_id ); + mbedtls_ecp_curve_info_from_grp_id(grp_id); /* If the curve is not supported, the key should not have been * accepted. */ - if( curve_info == NULL ) - abort( ); - } - else + if (curve_info == NULL) { + abort(); + } + } else #endif { /* The key is valid but is not of a supported type. * This should not happen. */ - abort( ); + abort(); } } - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); #else (void) Data; (void) Size; diff --git a/programs/fuzz/fuzz_pubkey.c b/programs/fuzz/fuzz_pubkey.c index 9e8035045e5f..388b4c586e69 100644 --- a/programs/fuzz/fuzz_pubkey.c +++ b/programs/fuzz/fuzz_pubkey.c @@ -2,70 +2,69 @@ #include #include "mbedtls/pk.h" -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #ifdef MBEDTLS_PK_PARSE_C int ret; mbedtls_pk_context pk; - mbedtls_pk_init( &pk ); - ret = mbedtls_pk_parse_public_key( &pk, Data, Size ); + mbedtls_pk_init(&pk); + ret = mbedtls_pk_parse_public_key(&pk, Data, Size); if (ret == 0) { #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA ) - { + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) { mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; mbedtls_rsa_context *rsa; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); - rsa = mbedtls_pk_rsa( pk ); - if ( mbedtls_rsa_export( rsa, &N, NULL, NULL, NULL, &E ) != 0 ) { + rsa = mbedtls_pk_rsa(pk); + if (mbedtls_rsa_export(rsa, &N, NULL, NULL, NULL, &E) != 0) { abort(); } - if ( mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E ) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) { + if (mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA) { abort(); } - if ( mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) { + if (mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA) { abort(); } - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); - } - else + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY || - mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY_DH ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk ); + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY || + mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk); mbedtls_ecp_group_id grp_id = ecp->grp.id; const mbedtls_ecp_curve_info *curve_info = - mbedtls_ecp_curve_info_from_grp_id( grp_id ); + mbedtls_ecp_curve_info_from_grp_id(grp_id); /* If the curve is not supported, the key should not have been * accepted. */ - if( curve_info == NULL ) - abort( ); + if (curve_info == NULL) { + abort(); + } /* It's a public key, so the private value should not have * been changed from its initialization to 0. */ - if( mbedtls_mpi_cmp_int( &ecp->d, 0 ) != 0 ) - abort( ); - } - else + if (mbedtls_mpi_cmp_int(&ecp->d, 0) != 0) { + abort(); + } + } else #endif { /* The key is valid but is not of a supported type. * This should not happen. */ - abort( ); + abort(); } } - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); #else (void) Data; (void) Size; diff --git a/programs/fuzz/fuzz_server.c b/programs/fuzz/fuzz_server.c index 062df4301505..5f970e92ad87 100644 --- a/programs/fuzz/fuzz_server.c +++ b/programs/fuzz/fuzz_server.c @@ -30,7 +30,8 @@ const char psk_id[] = "Client_identity"; #endif // MBEDTLS_SSL_SRV_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #if defined(MBEDTLS_SSL_SRV_C) && \ defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_C) @@ -55,17 +56,20 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (initialized == 0) { #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ) != 0) + mbedtls_x509_crt_init(&srvcert); + mbedtls_pk_init(&pkey); + if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len) != 0) { return 1; - if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ) != 0) + } + if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len) != 0) { return 1; - if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ) != 0) + } + if (mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0) != 0) { return 1; + } #endif alpn_list[0] = "HTTP"; @@ -76,109 +80,121 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { initialized = 1; } - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) - mbedtls_ssl_ticket_init( &ticket_ctx ); + mbedtls_ssl_ticket_init(&ticket_ctx); #endif - if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy, - (const unsigned char *) pers, strlen( pers ) ) != 0 ) + if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, + (const unsigned char *) pers, strlen(pers)) != 0) { goto exit; + } - if( mbedtls_ssl_config_defaults( &conf, + if (mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) != 0 ) + MBEDTLS_SSL_PRESET_DEFAULT) != 0) { goto exit; + } srand(1); - mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg ); + mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg); #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) != 0 ) + mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); + if (mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey) != 0) { goto exit; + } #endif - mbedtls_ssl_conf_cert_req_ca_list( &conf, (options & 0x1) ? MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED : MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED ); + mbedtls_ssl_conf_cert_req_ca_list(&conf, + (options & + 0x1) ? MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED : MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED); #if defined(MBEDTLS_SSL_ALPN) if (options & 0x2) { - mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ); + mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list); } #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) - if( options & 0x4 ) - { - if( mbedtls_ssl_ticket_setup( &ticket_ctx, + if (options & 0x4) { + if (mbedtls_ssl_ticket_setup(&ticket_ctx, dummy_random, &ctr_drbg, MBEDTLS_CIPHER_AES_256_GCM, - 86400 ) != 0 ) + 86400) != 0) { goto exit; + } - mbedtls_ssl_conf_session_tickets_cb( &conf, + mbedtls_ssl_conf_session_tickets_cb(&conf, mbedtls_ssl_ticket_write, mbedtls_ssl_ticket_parse, - &ticket_ctx ); + &ticket_ctx); } #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - mbedtls_ssl_conf_truncated_hmac( &conf, (options & 0x8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED); + mbedtls_ssl_conf_truncated_hmac(&conf, + (options & + 0x8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED); #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); + mbedtls_ssl_conf_extended_master_secret(&conf, + (options & + 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_ENABLED : MBEDTLS_SSL_ETM_DISABLED); + mbedtls_ssl_conf_encrypt_then_mac(&conf, + (options & + 0x20) ? MBEDTLS_SSL_ETM_ENABLED : MBEDTLS_SSL_ETM_DISABLED); #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) if (options & 0x40) { - mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ), - (const unsigned char *) psk_id, sizeof( psk_id ) - 1 ); + mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk), + (const unsigned char *) psk_id, sizeof(psk_id) - 1); } #endif #if defined(MBEDTLS_SSL_RENEGOTIATION) - mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED ); + mbedtls_ssl_conf_renegotiation(&conf, + (options & + 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED); #endif - if( mbedtls_ssl_setup( &ssl, &conf ) != 0 ) + if (mbedtls_ssl_setup(&ssl, &conf) != 0) { goto exit; + } biomemfuzz.Data = Data; biomemfuzz.Size = Size-1; biomemfuzz.Offset = 0; - mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL); - mbedtls_ssl_session_reset( &ssl ); - ret = mbedtls_ssl_handshake( &ssl ); - if( ret == 0 ) - { + mbedtls_ssl_session_reset(&ssl); + ret = mbedtls_ssl_handshake(&ssl); + if (ret == 0) { //keep reading data from server until the end - do - { - len = sizeof( buf ) - 1; - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ) { continue; - else if( ret <= 0 ) + } else if (ret <= 0) { //EOF or error break; - } - while( 1 ); + } + } while (1); } exit: #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) - mbedtls_ssl_ticket_free( &ticket_ctx ); + mbedtls_ssl_ticket_free(&ticket_ctx); #endif - mbedtls_entropy_free( &entropy ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_free( &ssl ); + mbedtls_entropy_free(&entropy); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_ssl_config_free(&conf); + mbedtls_ssl_free(&ssl); #else (void) Data; diff --git a/programs/fuzz/fuzz_x509crl.c b/programs/fuzz/fuzz_x509crl.c index 02f521cc8dfc..3aaa8e5ffd20 100644 --- a/programs/fuzz/fuzz_x509crl.c +++ b/programs/fuzz/fuzz_x509crl.c @@ -1,18 +1,19 @@ #include #include "mbedtls/x509_crl.h" -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #ifdef MBEDTLS_X509_CRL_PARSE_C int ret; mbedtls_x509_crl crl; unsigned char buf[4096]; - mbedtls_x509_crl_init( &crl ); - ret = mbedtls_x509_crl_parse( &crl, Data, Size ); + mbedtls_x509_crl_init(&crl); + ret = mbedtls_x509_crl_parse(&crl, Data, Size); if (ret == 0) { - ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl ); + ret = mbedtls_x509_crl_info((char *) buf, sizeof(buf) - 1, " ", &crl); } - mbedtls_x509_crl_free( &crl ); + mbedtls_x509_crl_free(&crl); #else (void) Data; (void) Size; diff --git a/programs/fuzz/fuzz_x509crt.c b/programs/fuzz/fuzz_x509crt.c index 8f593a14147a..a5cb7ecdecc7 100644 --- a/programs/fuzz/fuzz_x509crt.c +++ b/programs/fuzz/fuzz_x509crt.c @@ -1,18 +1,19 @@ #include #include "mbedtls/x509_crt.h" -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #ifdef MBEDTLS_X509_CRT_PARSE_C int ret; mbedtls_x509_crt crt; unsigned char buf[4096]; - mbedtls_x509_crt_init( &crt ); - ret = mbedtls_x509_crt_parse( &crt, Data, Size ); + mbedtls_x509_crt_init(&crt); + ret = mbedtls_x509_crt_parse(&crt, Data, Size); if (ret == 0) { - ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", &crt ); + ret = mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ", &crt); } - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); #else (void) Data; (void) Size; diff --git a/programs/fuzz/fuzz_x509csr.c b/programs/fuzz/fuzz_x509csr.c index 3cf28a6fa759..afd20315bff2 100644 --- a/programs/fuzz/fuzz_x509csr.c +++ b/programs/fuzz/fuzz_x509csr.c @@ -1,18 +1,19 @@ #include #include "mbedtls/x509_csr.h" -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #ifdef MBEDTLS_X509_CSR_PARSE_C int ret; mbedtls_x509_csr csr; unsigned char buf[4096]; - mbedtls_x509_csr_init( &csr ); - ret = mbedtls_x509_csr_parse( &csr, Data, Size ); + mbedtls_x509_csr_init(&csr); + ret = mbedtls_x509_csr_parse(&csr, Data, Size); if (ret == 0) { - ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr ); + ret = mbedtls_x509_csr_info((char *) buf, sizeof(buf) - 1, " ", &csr); } - mbedtls_x509_csr_free( &csr ); + mbedtls_x509_csr_free(&csr); #else (void) Data; (void) Size; diff --git a/programs/fuzz/onefile.c b/programs/fuzz/onefile.c index 58b0f83eb63e..8399735075bd 100644 --- a/programs/fuzz/onefile.c +++ b/programs/fuzz/onefile.c @@ -13,9 +13,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); -int main(int argc, char** argv) +int main(int argc, char **argv) { - FILE * fp; + FILE *fp; uint8_t *Data; size_t Size; @@ -57,4 +57,3 @@ int main(int argc, char** argv) fclose(fp); return 0; } - diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index f570e3eb90b1..edb40b6953ba 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -33,43 +33,47 @@ #endif #if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum ) +static int generic_wrapper(const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum) { - int ret = mbedtls_md_file( md_info, filename, sum ); + int ret = mbedtls_md_file(md_info, filename, sum); - if( ret == 1 ) - mbedtls_fprintf( stderr, "failed to open: %s\n", filename ); + if (ret == 1) { + mbedtls_fprintf(stderr, "failed to open: %s\n", filename); + } - if( ret == 2 ) - mbedtls_fprintf( stderr, "failed to read: %s\n", filename ); + if (ret == 2) { + mbedtls_fprintf(stderr, "failed to read: %s\n", filename); + } - return( ret ); + return ret; } -static int generic_print( const mbedtls_md_info_t *md_info, char *filename ) +static int generic_print(const mbedtls_md_info_t *md_info, char *filename) { int i; unsigned char sum[MBEDTLS_MD_MAX_SIZE]; - if( generic_wrapper( md_info, filename, sum ) != 0 ) - return( 1 ); + if (generic_wrapper(md_info, filename, sum) != 0) { + return 1; + } - for( i = 0; i < mbedtls_md_get_size( md_info ); i++ ) - mbedtls_printf( "%02x", sum[i] ); + for (i = 0; i < mbedtls_md_get_size(md_info); i++) { + mbedtls_printf("%02x", sum[i]); + } - mbedtls_printf( " %s\n", filename ); - return( 0 ); + mbedtls_printf(" %s\n", filename); + return 0; } -static int generic_check( const mbedtls_md_info_t *md_info, char *filename ) +static int generic_check(const mbedtls_md_info_t *md_info, char *filename) { int i; size_t n; @@ -85,146 +89,142 @@ static int generic_check( const mbedtls_md_info_t *md_info, char *filename ) char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1]; #endif - if( ( f = fopen( filename, "rb" ) ) == NULL ) - { - mbedtls_printf( "failed to open: %s\n", filename ); - return( 1 ); + if ((f = fopen(filename, "rb")) == NULL) { + mbedtls_printf("failed to open: %s\n", filename); + return 1; } nb_err1 = nb_err2 = 0; nb_tot1 = nb_tot2 = 0; - memset( line, 0, sizeof( line ) ); + memset(line, 0, sizeof(line)); - n = sizeof( line ); + n = sizeof(line); - while( fgets( line, (int) n - 1, f ) != NULL ) - { - n = strlen( line ); + while (fgets(line, (int) n - 1, f) != NULL) { + n = strlen(line); - if( n < (size_t) 2 * mbedtls_md_get_size( md_info ) + 4 ) - { - mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name( md_info )); + if (n < (size_t) 2 * mbedtls_md_get_size(md_info) + 4) { + mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name(md_info)); continue; } - if( line[2 * mbedtls_md_get_size( md_info )] != ' ' || line[2 * mbedtls_md_get_size( md_info ) + 1] != ' ' ) - { - mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name( md_info )); + if (line[2 * mbedtls_md_get_size(md_info)] != ' ' || + line[2 * mbedtls_md_get_size(md_info) + 1] != ' ') { + mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name(md_info)); continue; } - if( line[n - 1] == '\n' ) { n--; line[n] = '\0'; } - if( line[n - 1] == '\r' ) { n--; line[n] = '\0'; } + if (line[n - 1] == '\n') { + n--; line[n] = '\0'; + } + if (line[n - 1] == '\r') { + n--; line[n] = '\0'; + } nb_tot1++; - if( generic_wrapper( md_info, line + 2 + 2 * mbedtls_md_get_size( md_info ), sum ) != 0 ) - { + if (generic_wrapper(md_info, line + 2 + 2 * mbedtls_md_get_size(md_info), sum) != 0) { nb_err1++; continue; } nb_tot2++; - for( i = 0; i < mbedtls_md_get_size( md_info ); i++ ) - sprintf( buf + i * 2, "%02x", sum[i] ); + for (i = 0; i < mbedtls_md_get_size(md_info); i++) { + sprintf(buf + i * 2, "%02x", sum[i]); + } /* Use constant-time buffer comparison */ diff = 0; - for( i = 0; i < 2 * mbedtls_md_get_size( md_info ); i++ ) + for (i = 0; i < 2 * mbedtls_md_get_size(md_info); i++) { diff |= line[i] ^ buf[i]; + } - if( diff != 0 ) - { + if (diff != 0) { nb_err2++; - mbedtls_fprintf( stderr, "wrong checksum: %s\n", line + 66 ); + mbedtls_fprintf(stderr, "wrong checksum: %s\n", line + 66); } - n = sizeof( line ); + n = sizeof(line); } - if( nb_err1 != 0 ) - { - mbedtls_printf( "WARNING: %d (out of %d) input files could " - "not be read\n", nb_err1, nb_tot1 ); + if (nb_err1 != 0) { + mbedtls_printf("WARNING: %d (out of %d) input files could " + "not be read\n", nb_err1, nb_tot1); } - if( nb_err2 != 0 ) - { - mbedtls_printf( "WARNING: %d (out of %d) computed checksums did " - "not match\n", nb_err2, nb_tot2 ); + if (nb_err2 != 0) { + mbedtls_printf("WARNING: %d (out of %d) computed checksums did " + "not match\n", nb_err2, nb_tot2); } - fclose( f ); + fclose(f); - return( nb_err1 != 0 || nb_err2 != 0 ); + return nb_err1 != 0 || nb_err2 != 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1, i; int exit_code = MBEDTLS_EXIT_FAILURE; const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; - mbedtls_md_init( &md_ctx ); + mbedtls_md_init(&md_ctx); - if( argc == 1 ) - { + if (argc == 1) { const int *list; - mbedtls_printf( "print mode: generic_sum ...\n" ); - mbedtls_printf( "check mode: generic_sum -c \n" ); + mbedtls_printf("print mode: generic_sum ...\n"); + mbedtls_printf("check mode: generic_sum -c \n"); - mbedtls_printf( "\nAvailable message digests:\n" ); + mbedtls_printf("\nAvailable message digests:\n"); list = mbedtls_md_list(); - while( *list ) - { - md_info = mbedtls_md_info_from_type( *list ); - mbedtls_printf( " %s\n", mbedtls_md_get_name( md_info ) ); + while (*list) { + md_info = mbedtls_md_info_from_type(*list); + mbedtls_printf(" %s\n", mbedtls_md_get_name(md_info)); list++; } #if defined(_WIN32) - mbedtls_printf( "\n Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf("\n Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } /* * Read the MD from the command line */ - md_info = mbedtls_md_info_from_string( argv[1] ); - if( md_info == NULL ) - { - mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] ); - mbedtls_exit( exit_code ); + md_info = mbedtls_md_info_from_string(argv[1]); + if (md_info == NULL) { + mbedtls_fprintf(stderr, "Message Digest '%s' not found\n", argv[1]); + mbedtls_exit(exit_code); } - if( mbedtls_md_setup( &md_ctx, md_info, 0 ) ) - { - mbedtls_fprintf( stderr, "Failed to initialize context.\n" ); - mbedtls_exit( exit_code ); + if (mbedtls_md_setup(&md_ctx, md_info, 0)) { + mbedtls_fprintf(stderr, "Failed to initialize context.\n"); + mbedtls_exit(exit_code); } ret = 0; - if( argc == 4 && strcmp( "-c", argv[2] ) == 0 ) - { - ret |= generic_check( md_info, argv[3] ); + if (argc == 4 && strcmp("-c", argv[2]) == 0) { + ret |= generic_check(md_info, argv[3]); goto exit; } - for( i = 2; i < argc; i++ ) - ret |= generic_print( md_info, argv[i] ); + for (i = 2; i < argc; i++) { + ret |= generic_print(md_info, argv[i]); + } - if ( ret == 0 ) + if (ret == 0) { exit_code = MBEDTLS_EXIT_SUCCESS; + } exit: - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_MD_C && MBEDTLS_FS_IO */ diff --git a/programs/hash/hello.c b/programs/hash/hello.c index 1991beea73d1..937efc7807fa 100644 --- a/programs/hash/hello.c +++ b/programs/hash/hello.c @@ -30,35 +30,37 @@ #endif #if !defined(MBEDTLS_MD5_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_MD5_C not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( void ) +int main(void) { int i, ret; unsigned char digest[16]; char str[] = "Hello, world!"; - mbedtls_printf( "\n MD5('%s') = ", str ); + mbedtls_printf("\n MD5('%s') = ", str); - if( ( ret = mbedtls_md5_ret( (unsigned char *) str, 13, digest ) ) != 0 ) - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + if ((ret = mbedtls_md5_ret((unsigned char *) str, 13, digest)) != 0) { + mbedtls_exit(MBEDTLS_EXIT_FAILURE); + } - for( i = 0; i < 16; i++ ) - mbedtls_printf( "%02x", digest[i] ); + for (i = 0; i < 16; i++) { + mbedtls_printf("%02x", digest[i]); + } - mbedtls_printf( "\n\n" ); + mbedtls_printf("\n\n"); #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( MBEDTLS_EXIT_SUCCESS ); + mbedtls_exit(MBEDTLS_EXIT_SUCCESS); } #endif /* MBEDTLS_MD5_C */ diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index e906c6b48d33..e9629b00cd30 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -50,18 +50,18 @@ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_SHA1_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( void ) +int main(void) { FILE *f; @@ -81,111 +81,102 @@ int main( void ) mbedtls_dhm_context dhm; mbedtls_aes_context aes; - mbedtls_net_init( &server_fd ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); - mbedtls_dhm_init( &dhm ); - mbedtls_aes_init( &aes ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_net_init(&server_fd); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256); + mbedtls_dhm_init(&dhm); + mbedtls_aes_init(&aes); + mbedtls_ctr_drbg_init(&ctr_drbg); /* * 1. Setup the RNG */ - mbedtls_printf( "\n . Seeding the random number generator" ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_printf("\n . Seeding the random number generator"); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } /* * 2. Read the server's public RSA key */ - mbedtls_printf( "\n . Reading public key from rsa_pub.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading public key from rsa_pub.txt"); + fflush(stdout); - if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); + if ((f = fopen("rsa_pub.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open rsa_pub.txt\n" \ + " ! Please run rsa_genkey first\n\n"); goto exit; } - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); - if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret ); - fclose( f ); + if ((ret = mbedtls_mpi_read_file(&rsa.N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&rsa.E, 16, f)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret); + fclose(f); goto exit; } - rsa.len = ( mbedtls_mpi_bitlen( &rsa.N ) + 7 ) >> 3; + rsa.len = (mbedtls_mpi_bitlen(&rsa.N) + 7) >> 3; - fclose( f ); + fclose(f); /* * 3. Initiate the connection */ - mbedtls_printf( "\n . Connecting to tcp/%s/%s", SERVER_NAME, - SERVER_PORT ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME, - SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + mbedtls_printf("\n . Connecting to tcp/%s/%s", SERVER_NAME, + SERVER_PORT); + fflush(stdout); + + if ((ret = mbedtls_net_connect(&server_fd, SERVER_NAME, + SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret); goto exit; } /* * 4a. First get the buffer length */ - mbedtls_printf( "\n . Receiving the server's DH parameters" ); - fflush( stdout ); + mbedtls_printf("\n . Receiving the server's DH parameters"); + fflush(stdout); - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - if( ( ret = mbedtls_net_recv( &server_fd, buf, 2 ) ) != 2 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + if ((ret = mbedtls_net_recv(&server_fd, buf, 2)) != 2) { + mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret); goto exit; } - n = buflen = ( buf[0] << 8 ) | buf[1]; - if( buflen < 1 || buflen > sizeof( buf ) ) - { - mbedtls_printf( " failed\n ! Got an invalid buffer length\n\n" ); + n = buflen = (buf[0] << 8) | buf[1]; + if (buflen < 1 || buflen > sizeof(buf)) { + mbedtls_printf(" failed\n ! Got an invalid buffer length\n\n"); goto exit; } /* * 4b. Get the DHM parameters: P, G and Ys = G^Xs mod P */ - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - if( ( ret = mbedtls_net_recv( &server_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + if ((ret = mbedtls_net_recv(&server_fd, buf, n)) != (int) n) { + mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret); goto exit; } p = buf, end = buf + buflen; - if( ( ret = mbedtls_dhm_read_params( &dhm, &p, end ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_read_params returned %d\n\n", ret ); + if ((ret = mbedtls_dhm_read_params(&dhm, &p, end)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_read_params returned %d\n\n", ret); goto exit; } - if( dhm.len < 64 || dhm.len > 512 ) - { - mbedtls_printf( " failed\n ! Invalid DHM modulus size\n\n" ); + if (dhm.len < 64 || dhm.len > 512) { + mbedtls_printf(" failed\n ! Invalid DHM modulus size\n\n"); goto exit; } @@ -193,65 +184,60 @@ int main( void ) * 5. Check that the server's RSA signature matches * the SHA-256 hash of (P,G,Ys) */ - mbedtls_printf( "\n . Verifying the server's RSA signature" ); - fflush( stdout ); + mbedtls_printf("\n . Verifying the server's RSA signature"); + fflush(stdout); p += 2; - if( ( n = (size_t) ( end - p ) ) != rsa.len ) - { - mbedtls_printf( " failed\n ! Invalid RSA signature size\n\n" ); + if ((n = (size_t) (end - p)) != rsa.len) { + mbedtls_printf(" failed\n ! Invalid RSA signature size\n\n"); goto exit; } - if( ( ret = mbedtls_sha1_ret( buf, (int)( p - 2 - buf ), hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); + if ((ret = mbedtls_sha1_ret(buf, (int) (p - 2 - buf), hash)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_sha1_ret returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, - MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret ); + if ((ret = mbedtls_rsa_pkcs1_verify(&rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, + MBEDTLS_MD_SHA256, 0, hash, p)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret); goto exit; } /* * 6. Send our public value: Yc = G ^ Xc mod P */ - mbedtls_printf( "\n . Sending own public value to server" ); - fflush( stdout ); + mbedtls_printf("\n . Sending own public value to server"); + fflush(stdout); n = dhm.len; - if( ( ret = mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret ); + if ((ret = mbedtls_dhm_make_public(&dhm, (int) dhm.len, buf, n, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_net_send( &server_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); + if ((ret = mbedtls_net_send(&server_fd, buf, n)) != (int) n) { + mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret); goto exit; } /* * 7. Derive the shared secret: K = Ys ^ Xc mod P */ - mbedtls_printf( "\n . Shared secret: " ); - fflush( stdout ); + mbedtls_printf("\n . Shared secret: "); + fflush(stdout); - if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret ); + if ((ret = mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &n, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret); goto exit; } - for( n = 0; n < 16; n++ ) - mbedtls_printf( "%02x", buf[n] ); + for (n = 0; n < 16; n++) { + mbedtls_printf("%02x", buf[n]); + } /* * 8. Setup the AES-256 decryption key @@ -261,45 +247,46 @@ int main( void ) * the keying material for the encryption/decryption keys, * IVs and MACs. */ - mbedtls_printf( "...\n . Receiving and decrypting the ciphertext" ); - fflush( stdout ); + mbedtls_printf("...\n . Receiving and decrypting the ciphertext"); + fflush(stdout); - ret = mbedtls_aes_setkey_dec( &aes, buf, 256 ); - if( ret != 0 ) + ret = mbedtls_aes_setkey_dec(&aes, buf, 256); + if (ret != 0) { goto exit; + } - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - if( ( ret = mbedtls_net_recv( &server_fd, buf, 16 ) ) != 16 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + if ((ret = mbedtls_net_recv(&server_fd, buf, 16)) != 16) { + mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret); goto exit; } - ret = mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_DECRYPT, buf, buf ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_DECRYPT, buf, buf); + if (ret != 0) { goto exit; + } buf[16] = '\0'; - mbedtls_printf( "\n . Plaintext is \"%s\"\n\n", (char *) buf ); + mbedtls_printf("\n . Plaintext is \"%s\"\n\n", (char *) buf); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_net_free( &server_fd ); + mbedtls_net_free(&server_fd); - mbedtls_aes_free( &aes ); - mbedtls_rsa_free( &rsa ); - mbedtls_dhm_free( &dhm ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_aes_free(&aes); + mbedtls_rsa_free(&rsa); + mbedtls_dhm_free(&dhm); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index 91fddf337f09..b09ef42184b7 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -28,12 +28,12 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_GENPRIME) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_GENPRIME not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_GENPRIME not defined.\n"); + mbedtls_exit(0); } #else @@ -58,7 +58,7 @@ int main( void ) #define GENERATOR "4" -int main( int argc, char **argv ) +int main(int argc, char **argv) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -71,121 +71,112 @@ int main( int argc, char **argv ) int i; char *p, *q; - mbedtls_mpi_init( &G ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); + mbedtls_mpi_init(&G); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc == 0) { +usage: + mbedtls_printf(USAGE); goto exit; } - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "bits" ) == 0 ) - { - nbits = atoi( q ); - if( nbits < 0 || nbits > MBEDTLS_MPI_MAX_BITS ) + if (strcmp(p, "bits") == 0) { + nbits = atoi(q); + if (nbits < 0 || nbits > MBEDTLS_MPI_MAX_BITS) { goto usage; - } - else + } + } else { goto usage; + } } - if( ( ret = mbedtls_mpi_read_string( &G, 10, GENERATOR ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_string returned %d\n", ret ); + if ((ret = mbedtls_mpi_read_string(&G, 10, GENERATOR)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_string returned %d\n", ret); goto exit; } - mbedtls_printf( " ! Generating large primes may take minutes!\n" ); + mbedtls_printf(" ! Generating large primes may take minutes!\n"); - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n . Generating the modulus, please wait..." ); - fflush( stdout ); + mbedtls_printf(" ok\n . Generating the modulus, please wait..."); + fflush(stdout); /* * This can take a long time... */ - if( ( ret = mbedtls_mpi_gen_prime( &P, nbits, 1, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_gen_prime returned %d\n\n", ret ); + if ((ret = mbedtls_mpi_gen_prime(&P, nbits, 1, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_gen_prime returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n . Verifying that Q = (P-1)/2 is prime..." ); - fflush( stdout ); + mbedtls_printf(" ok\n . Verifying that Q = (P-1)/2 is prime..."); + fflush(stdout); - if( ( ret = mbedtls_mpi_sub_int( &Q, &P, 1 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_sub_int returned %d\n\n", ret ); + if ((ret = mbedtls_mpi_sub_int(&Q, &P, 1)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_sub_int returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_mpi_div_int( &Q, NULL, &Q, 2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_div_int returned %d\n\n", ret ); + if ((ret = mbedtls_mpi_div_int(&Q, NULL, &Q, 2)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_div_int returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_mpi_is_prime_ext( &Q, 50, mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_is_prime returned %d\n\n", ret ); + if ((ret = mbedtls_mpi_is_prime_ext(&Q, 50, mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_is_prime returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n . Exporting the value in dh_prime.txt..." ); - fflush( stdout ); + mbedtls_printf(" ok\n . Exporting the value in dh_prime.txt..."); + fflush(stdout); - if( ( fout = fopen( "dh_prime.txt", "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not create dh_prime.txt\n\n" ); + if ((fout = fopen("dh_prime.txt", "wb+")) == NULL) { + mbedtls_printf(" failed\n ! Could not create dh_prime.txt\n\n"); goto exit; } - if( ( ( ret = mbedtls_mpi_write_file( "P = ", &P, 16, fout ) ) != 0 ) || - ( ( ret = mbedtls_mpi_write_file( "G = ", &G, 16, fout ) ) != 0 ) ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret ); - fclose( fout ); + if (((ret = mbedtls_mpi_write_file("P = ", &P, 16, fout)) != 0) || + ((ret = mbedtls_mpi_write_file("G = ", &G, 16, fout)) != 0)) { + mbedtls_printf(" failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret); + fclose(fout); goto exit; } - mbedtls_printf( " ok\n\n" ); - fclose( fout ); + mbedtls_printf(" ok\n\n"); + fclose(fout); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_mpi_free( &G ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_mpi_free(&G); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C && MBEDTLS_GENPRIME */ diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 6ad00d6abb90..0200b2ea7620 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -50,18 +50,18 @@ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_SHA1_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( void ) +int main(void) { FILE *f; @@ -83,196 +83,181 @@ int main( void ) mbedtls_mpi N, P, Q, D, E; - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); - mbedtls_dhm_init( &dhm ); - mbedtls_aes_init( &aes ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_net_init(&listen_fd); + mbedtls_net_init(&client_fd); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256); + mbedtls_dhm_init(&dhm); + mbedtls_aes_init(&aes); + mbedtls_ctr_drbg_init(&ctr_drbg); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); /* * 1. Setup the RNG */ - mbedtls_printf( "\n . Seeding the random number generator" ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_printf("\n . Seeding the random number generator"); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } /* * 2a. Read the server's private RSA key */ - mbedtls_printf( "\n . Reading private key from rsa_priv.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading private key from rsa_priv.txt"); + fflush(stdout); - if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); + if ((f = fopen("rsa_priv.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open rsa_priv.txt\n" \ + " ! Please run rsa_genkey first\n\n"); goto exit; } - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - - if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", - ret ); - fclose( f ); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); + + if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", + ret); + fclose(f); goto exit; } - fclose( f ); + fclose(f); - if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n", + ret); goto exit; } - if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_complete returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_complete(&rsa)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_complete returned %d\n\n", + ret); goto exit; } /* * 2b. Get the DHM modulus and generator */ - mbedtls_printf( "\n . Reading DH parameters from dh_prime.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading DH parameters from dh_prime.txt"); + fflush(stdout); - if( ( f = fopen( "dh_prime.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open dh_prime.txt\n" \ - " ! Please run dh_genprime first\n\n" ); + if ((f = fopen("dh_prime.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open dh_prime.txt\n" \ + " ! Please run dh_genprime first\n\n"); goto exit; } - if( mbedtls_mpi_read_file( &dhm.P, 16, f ) != 0 || - mbedtls_mpi_read_file( &dhm.G, 16, f ) != 0 ) - { - mbedtls_printf( " failed\n ! Invalid DH parameter file\n\n" ); - fclose( f ); + if (mbedtls_mpi_read_file(&dhm.P, 16, f) != 0 || + mbedtls_mpi_read_file(&dhm.G, 16, f) != 0) { + mbedtls_printf(" failed\n ! Invalid DH parameter file\n\n"); + fclose(f); goto exit; } - fclose( f ); + fclose(f); /* * 3. Wait for a client to connect */ - mbedtls_printf( "\n . Waiting for a remote connection" ); - fflush( stdout ); + mbedtls_printf("\n . Waiting for a remote connection"); + fflush(stdout); - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + if ((ret = mbedtls_net_bind(&listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + NULL, 0, NULL)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_accept returned %d\n\n", ret); goto exit; } /* * 4. Setup the DH parameters (P,G,Ys) */ - mbedtls_printf( "\n . Sending the server's DH parameters" ); - fflush( stdout ); + mbedtls_printf("\n . Sending the server's DH parameters"); + fflush(stdout); - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - if( ( ret = mbedtls_dhm_make_params( &dhm, (int) mbedtls_mpi_size( &dhm.P ), buf, &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_make_params returned %d\n\n", ret ); + if ((ret = mbedtls_dhm_make_params(&dhm, (int) mbedtls_mpi_size(&dhm.P), buf, &n, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_make_params returned %d\n\n", ret); goto exit; } /* * 5. Sign the parameters and send them */ - if( ( ret = mbedtls_sha1_ret( buf, n, hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); + if ((ret = mbedtls_sha1_ret(buf, n, hash)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_sha1_ret returned %d\n\n", ret); goto exit; } - buf[n ] = (unsigned char)( rsa.len >> 8 ); - buf[n + 1] = (unsigned char)( rsa.len ); + buf[n] = (unsigned char) (rsa.len >> 8); + buf[n + 1] = (unsigned char) (rsa.len); - if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, - 0, hash, buf + n + 2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret ); + if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, + 0, hash, buf + n + 2)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret); goto exit; } buflen = n + 2 + rsa.len; - buf2[0] = (unsigned char)( buflen >> 8 ); - buf2[1] = (unsigned char)( buflen ); + buf2[0] = (unsigned char) (buflen >> 8); + buf2[1] = (unsigned char) (buflen); - if( ( ret = mbedtls_net_send( &client_fd, buf2, 2 ) ) != 2 || - ( ret = mbedtls_net_send( &client_fd, buf, buflen ) ) != (int) buflen ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); + if ((ret = mbedtls_net_send(&client_fd, buf2, 2)) != 2 || + (ret = mbedtls_net_send(&client_fd, buf, buflen)) != (int) buflen) { + mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret); goto exit; } /* * 6. Get the client's public value: Yc = G ^ Xc mod P */ - mbedtls_printf( "\n . Receiving the client's public value" ); - fflush( stdout ); + mbedtls_printf("\n . Receiving the client's public value"); + fflush(stdout); - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); n = dhm.len; - if( ( ret = mbedtls_net_recv( &client_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + if ((ret = mbedtls_net_recv(&client_fd, buf, n)) != (int) n) { + mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_dhm_read_public( &dhm, buf, dhm.len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_read_public returned %d\n\n", ret ); + if ((ret = mbedtls_dhm_read_public(&dhm, buf, dhm.len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_read_public returned %d\n\n", ret); goto exit; } /* * 7. Derive the shared secret: K = Ys ^ Xc mod P */ - mbedtls_printf( "\n . Shared secret: " ); - fflush( stdout ); + mbedtls_printf("\n . Shared secret: "); + fflush(stdout); - if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret ); + if ((ret = mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &n, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret); goto exit; } - for( n = 0; n < 16; n++ ) - mbedtls_printf( "%02x", buf[n] ); + for (n = 0; n < 16; n++) { + mbedtls_printf("%02x", buf[n]); + } /* * 8. Setup the AES-256 encryption key @@ -282,47 +267,48 @@ int main( void ) * the keying material for the encryption/decryption keys * and MACs. */ - mbedtls_printf( "...\n . Encrypting and sending the ciphertext" ); - fflush( stdout ); + mbedtls_printf("...\n . Encrypting and sending the ciphertext"); + fflush(stdout); - ret = mbedtls_aes_setkey_enc( &aes, buf, 256 ); - if( ret != 0 ) + ret = mbedtls_aes_setkey_enc(&aes, buf, 256); + if (ret != 0) { goto exit; - memcpy( buf, PLAINTEXT, 16 ); - ret = mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_ENCRYPT, buf, buf ); - if( ret != 0 ) + } + memcpy(buf, PLAINTEXT, 16); + ret = mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_ENCRYPT, buf, buf); + if (ret != 0) { goto exit; + } - if( ( ret = mbedtls_net_send( &client_fd, buf, 16 ) ) != 16 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); + if ((ret = mbedtls_net_send(&client_fd, buf, 16)) != 16) { + mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret); goto exit; } - mbedtls_printf( "\n\n" ); + mbedtls_printf("\n\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); + mbedtls_net_free(&client_fd); + mbedtls_net_free(&listen_fd); - mbedtls_aes_free( &aes ); - mbedtls_rsa_free( &rsa ); - mbedtls_dhm_free( &dhm ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_aes_free(&aes); + mbedtls_rsa_free(&rsa); + mbedtls_dhm_free(&dhm); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && diff --git a/programs/pkey/ecdh_curve25519.c b/programs/pkey/ecdh_curve25519.c index 69ff897a860a..da28c7dd49bc 100644 --- a/programs/pkey/ecdh_curve25519.c +++ b/programs/pkey/ecdh_curve25519.c @@ -28,13 +28,13 @@ #if !defined(MBEDTLS_ECDH_C) || \ !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_ECDH_C and/or " - "MBEDTLS_ECP_DP_CURVE25519_ENABLED and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " - "not defined\n" ); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_ECDH_C and/or " + "MBEDTLS_ECP_DP_CURVE25519_ENABLED and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " + "not defined\n"); + mbedtls_exit(0); } #else @@ -45,7 +45,7 @@ int main( void ) #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -64,156 +64,147 @@ int main( int argc, char *argv[] ) ((void) argc); ((void) argv); - mbedtls_ecdh_init( &ctx_cli ); - mbedtls_ecdh_init( &ctx_srv ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_ecdh_init(&ctx_cli); + mbedtls_ecdh_init(&ctx_srv); + mbedtls_ctr_drbg_init(&ctr_drbg); /* * Initialize random number generation */ - mbedtls_printf( " . Seed the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, - (const unsigned char *) pers, - sizeof pers ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", - ret ); + mbedtls_printf(" . Seed the random number generator..."); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, + (const unsigned char *) pers, + sizeof pers)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", + ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * Client: initialize context and generate keypair */ - mbedtls_printf( " . Set up client context, generate EC key pair..." ); - fflush( stdout ); + mbedtls_printf(" . Set up client context, generate EC key pair..."); + fflush(stdout); - ret = mbedtls_ecdh_setup( &ctx_cli, MBEDTLS_ECP_DP_CURVE25519 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdh_setup returned %d\n", ret ); + ret = mbedtls_ecdh_setup(&ctx_cli, MBEDTLS_ECP_DP_CURVE25519); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_setup returned %d\n", ret); goto exit; } - ret = mbedtls_ecdh_make_params( &ctx_cli, &cli_olen, cli_to_srv, - sizeof( cli_to_srv ), - mbedtls_ctr_drbg_random, &ctr_drbg ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdh_make_params returned %d\n", - ret ); + ret = mbedtls_ecdh_make_params(&ctx_cli, &cli_olen, cli_to_srv, + sizeof(cli_to_srv), + mbedtls_ctr_drbg_random, &ctr_drbg); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_make_params returned %d\n", + ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * Server: initialize context and generate keypair */ - mbedtls_printf( " . Server: read params, generate public key..." ); - fflush( stdout ); - - ret = mbedtls_ecdh_read_params( &ctx_srv, &p_cli_to_srv, - p_cli_to_srv + sizeof( cli_to_srv ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdh_read_params returned %d\n", - ret ); + mbedtls_printf(" . Server: read params, generate public key..."); + fflush(stdout); + + ret = mbedtls_ecdh_read_params(&ctx_srv, &p_cli_to_srv, + p_cli_to_srv + sizeof(cli_to_srv)); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_read_params returned %d\n", + ret); goto exit; } - ret = mbedtls_ecdh_make_public( &ctx_srv, &srv_olen, srv_to_cli, - sizeof( srv_to_cli ), - mbedtls_ctr_drbg_random, &ctr_drbg ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdh_make_public returned %d\n", - ret ); + ret = mbedtls_ecdh_make_public(&ctx_srv, &srv_olen, srv_to_cli, + sizeof(srv_to_cli), + mbedtls_ctr_drbg_random, &ctr_drbg); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_make_public returned %d\n", + ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * Client: read public key */ - mbedtls_printf( " . Client: read public key..." ); - fflush( stdout ); - - ret = mbedtls_ecdh_read_public( &ctx_cli, srv_to_cli, - sizeof( srv_to_cli ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdh_read_public returned %d\n", - ret ); + mbedtls_printf(" . Client: read public key..."); + fflush(stdout); + + ret = mbedtls_ecdh_read_public(&ctx_cli, srv_to_cli, + sizeof(srv_to_cli)); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_read_public returned %d\n", + ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * Calculate secrets */ - mbedtls_printf( " . Calculate secrets..." ); - fflush( stdout ); - - ret = mbedtls_ecdh_calc_secret( &ctx_cli, &cli_olen, secret_cli, - sizeof( secret_cli ), - mbedtls_ctr_drbg_random, &ctr_drbg ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdh_calc_secret returned %d\n", - ret ); + mbedtls_printf(" . Calculate secrets..."); + fflush(stdout); + + ret = mbedtls_ecdh_calc_secret(&ctx_cli, &cli_olen, secret_cli, + sizeof(secret_cli), + mbedtls_ctr_drbg_random, &ctr_drbg); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_calc_secret returned %d\n", + ret); goto exit; } - ret = mbedtls_ecdh_calc_secret( &ctx_srv, &srv_olen, secret_srv, - sizeof( secret_srv ), - mbedtls_ctr_drbg_random, &ctr_drbg ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdh_calc_secret returned %d\n", - ret ); + ret = mbedtls_ecdh_calc_secret(&ctx_srv, &srv_olen, secret_srv, + sizeof(secret_srv), + mbedtls_ctr_drbg_random, &ctr_drbg); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_calc_secret returned %d\n", + ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * Verification: are the computed secrets equal? */ - mbedtls_printf( " . Check if both calculated secrets are equal..." ); - fflush( stdout ); + mbedtls_printf(" . Check if both calculated secrets are equal..."); + fflush(stdout); - ret = memcmp( secret_srv, secret_cli, srv_olen ); - if( ret != 0 || ( cli_olen != srv_olen ) ) - { - mbedtls_printf( " failed\n ! Shared secrets not equal.\n" ); + ret = memcmp(secret_srv, secret_cli, srv_olen); + if (ret != 0 || (cli_olen != srv_olen)) { + mbedtls_printf(" failed\n ! Shared secrets not equal.\n"); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_ecdh_free( &ctx_srv ); - mbedtls_ecdh_free( &ctx_cli ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ecdh_free(&ctx_srv); + mbedtls_ecdh_free(&ctx_cli); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_ECDH_C && MBEDTLS_ECP_DP_CURVE25519_ENABLED && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index 3266bb89e2d4..8f9867a4db1b 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -51,46 +51,46 @@ #if !defined(MBEDTLS_ECDSA_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_ECDSA_C and/or MBEDTLS_SHA256_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined\n"); - mbedtls_exit( 0 ); + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined\n"); + mbedtls_exit(0); } #else #if defined(VERBOSE) -static void dump_buf( const char *title, unsigned char *buf, size_t len ) +static void dump_buf(const char *title, unsigned char *buf, size_t len) { size_t i; - mbedtls_printf( "%s", title ); - for( i = 0; i < len; i++ ) + mbedtls_printf("%s", title); + for (i = 0; i < len; i++) { mbedtls_printf("%c%c", "0123456789ABCDEF" [buf[i] / 16], - "0123456789ABCDEF" [buf[i] % 16] ); - mbedtls_printf( "\n" ); + "0123456789ABCDEF" [buf[i] % 16]); + } + mbedtls_printf("\n"); } -static void dump_pubkey( const char *title, mbedtls_ecdsa_context *key ) +static void dump_pubkey(const char *title, mbedtls_ecdsa_context *key) { unsigned char buf[300]; size_t len; - if( mbedtls_ecp_point_write_binary( &key->grp, &key->Q, - MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof buf ) != 0 ) - { + if (mbedtls_ecp_point_write_binary(&key->grp, &key->Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof buf) != 0) { mbedtls_printf("internal error\n"); return; } - dump_buf( title, buf, len ); + dump_buf(title, buf, len); } #else -#define dump_buf( a, b, c ) -#define dump_pubkey( a, b ) +#define dump_buf(a, b, c) +#define dump_pubkey(a, b) #endif -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -104,19 +104,18 @@ int main( int argc, char *argv[] ) const char *pers = "ecdsa"; ((void) argv); - mbedtls_ecdsa_init( &ctx_sign ); - mbedtls_ecdsa_init( &ctx_verify ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_ecdsa_init(&ctx_sign); + mbedtls_ecdsa_init(&ctx_verify); + mbedtls_ctr_drbg_init(&ctr_drbg); - memset( sig, 0, sizeof( sig ) ); - memset( message, 0x25, sizeof( message ) ); + memset(sig, 0, sizeof(sig)); + memset(message, 0x25, sizeof(message)); - if( argc != 1 ) - { - mbedtls_printf( "usage: ecdsa\n" ); + if (argc != 1) { + mbedtls_printf("usage: ecdsa\n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; @@ -125,65 +124,61 @@ int main( int argc, char *argv[] ) /* * Generate a key pair for signing */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n . Generating key pair..." ); - fflush( stdout ); + mbedtls_printf(" ok\n . Generating key pair..."); + fflush(stdout); - if( ( ret = mbedtls_ecdsa_genkey( &ctx_sign, ECPARAMS, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdsa_genkey returned %d\n", ret ); + if ((ret = mbedtls_ecdsa_genkey(&ctx_sign, ECPARAMS, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdsa_genkey returned %d\n", ret); goto exit; } - mbedtls_printf( " ok (key size: %d bits)\n", (int) ctx_sign.grp.pbits ); + mbedtls_printf(" ok (key size: %d bits)\n", (int) ctx_sign.grp.pbits); - dump_pubkey( " + Public key: ", &ctx_sign ); + dump_pubkey(" + Public key: ", &ctx_sign); /* * Compute message hash */ - mbedtls_printf( " . Computing message hash..." ); - fflush( stdout ); + mbedtls_printf(" . Computing message hash..."); + fflush(stdout); - if( ( ret = mbedtls_sha256_ret( message, sizeof( message ), hash, 0 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_sha256_ret returned %d\n", ret ); + if ((ret = mbedtls_sha256_ret(message, sizeof(message), hash, 0)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_sha256_ret returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); - dump_buf( " + Hash: ", hash, sizeof( hash ) ); + dump_buf(" + Hash: ", hash, sizeof(hash)); /* * Sign message hash */ - mbedtls_printf( " . Signing message hash..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ecdsa_write_signature( &ctx_sign, MBEDTLS_MD_SHA256, - hash, sizeof( hash ), - sig, &sig_len, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdsa_write_signature returned %d\n", ret ); + mbedtls_printf(" . Signing message hash..."); + fflush(stdout); + + if ((ret = mbedtls_ecdsa_write_signature(&ctx_sign, MBEDTLS_MD_SHA256, + hash, sizeof(hash), + sig, &sig_len, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdsa_write_signature returned %d\n", ret); goto exit; } - mbedtls_printf( " ok (signature length = %u)\n", (unsigned int) sig_len ); + mbedtls_printf(" ok (signature length = %u)\n", (unsigned int) sig_len); - dump_buf( " + Signature: ", sig, sig_len ); + dump_buf(" + Signature: ", sig, sig_len); /* * Transfer public information to verifying context @@ -192,52 +187,49 @@ int main( int argc, char *argv[] ) * chose to use a new one in order to make it clear that the verifying * context only needs the public key (Q), and not the private key (d). */ - mbedtls_printf( " . Preparing verification context..." ); - fflush( stdout ); + mbedtls_printf(" . Preparing verification context..."); + fflush(stdout); - if( ( ret = mbedtls_ecp_group_copy( &ctx_verify.grp, &ctx_sign.grp ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecp_group_copy returned %d\n", ret ); + if ((ret = mbedtls_ecp_group_copy(&ctx_verify.grp, &ctx_sign.grp)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecp_group_copy returned %d\n", ret); goto exit; } - if( ( ret = mbedtls_ecp_copy( &ctx_verify.Q, &ctx_sign.Q ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecp_copy returned %d\n", ret ); + if ((ret = mbedtls_ecp_copy(&ctx_verify.Q, &ctx_sign.Q)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecp_copy returned %d\n", ret); goto exit; } /* * Verify signature */ - mbedtls_printf( " ok\n . Verifying signature..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ecdsa_read_signature( &ctx_verify, - hash, sizeof( hash ), - sig, sig_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdsa_read_signature returned %d\n", ret ); + mbedtls_printf(" ok\n . Verifying signature..."); + fflush(stdout); + + if ((ret = mbedtls_ecdsa_read_signature(&ctx_verify, + hash, sizeof(hash), + sig, sig_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdsa_read_signature returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_ecdsa_free( &ctx_verify ); - mbedtls_ecdsa_free( &ctx_sign ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ecdsa_free(&ctx_verify); + mbedtls_ecdsa_free(&ctx_sign); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && ECPARAMS */ diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index c440932f92a3..ac6ed94573d7 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -44,8 +44,8 @@ #define DEV_RANDOM_THRESHOLD 32 -int dev_random_entropy_poll( void *data, unsigned char *output, - size_t len, size_t *olen ) +int dev_random_entropy_poll(void *data, unsigned char *output, + size_t len, size_t *olen) { FILE *file; size_t ret, left = len; @@ -54,28 +54,27 @@ int dev_random_entropy_poll( void *data, unsigned char *output, *olen = 0; - file = fopen( "/dev/random", "rb" ); - if( file == NULL ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + file = fopen("/dev/random", "rb"); + if (file == NULL) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } - while( left > 0 ) - { + while (left > 0) { /* /dev/random can return much less than requested. If so, try again */ - ret = fread( p, 1, left, file ); - if( ret == 0 && ferror( file ) ) - { - fclose( file ); - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + ret = fread(p, 1, left, file); + if (ret == 0 && ferror(file)) { + fclose(file); + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } p += ret; left -= ret; - sleep( 1 ); + sleep(1); } - fclose( file ); + fclose(file); *olen = len; - return( 0 ); + return 0; } #endif /* !_WIN32 */ #endif @@ -116,13 +115,13 @@ int dev_random_entropy_poll( void *data, unsigned char *output, #if !defined(MBEDTLS_PK_WRITE_C) || !defined(MBEDTLS_PEM_WRITE_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_PEM_WRITE_C" - "not defined.\n" ); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_PEM_WRITE_C" + "not defined.\n"); + mbedtls_exit(0); } #else @@ -130,8 +129,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { int type; /* the type of key to generate */ int rsa_keysize; /* length of key in bits */ int ec_curve; /* curve identifier for EC keys */ @@ -140,7 +138,7 @@ struct options int use_dev_random; /* use /dev/random as entropy source */ } opt; -static int write_private_key( mbedtls_pk_context *key, const char *output_file ) +static int write_private_key(mbedtls_pk_context *key, const char *output_file) { int ret; FILE *f; @@ -149,37 +147,36 @@ static int write_private_key( mbedtls_pk_context *key, const char *output_file ) size_t len = 0; memset(output_buf, 0, 16000); - if( opt.format == FORMAT_PEM ) - { - if( ( ret = mbedtls_pk_write_key_pem( key, output_buf, 16000 ) ) != 0 ) - return( ret ); + if (opt.format == FORMAT_PEM) { + if ((ret = mbedtls_pk_write_key_pem(key, output_buf, 16000)) != 0) { + return ret; + } - len = strlen( (char *) output_buf ); - } - else - { - if( ( ret = mbedtls_pk_write_key_der( key, output_buf, 16000 ) ) < 0 ) - return( ret ); + len = strlen((char *) output_buf); + } else { + if ((ret = mbedtls_pk_write_key_der(key, output_buf, 16000)) < 0) { + return ret; + } len = ret; c = output_buf + sizeof(output_buf) - len; } - if( ( f = fopen( output_file, "wb" ) ) == NULL ) - return( -1 ); + if ((f = fopen(output_file, "wb")) == NULL) { + return -1; + } - if( fwrite( c, 1, len, f ) != len ) - { - fclose( f ); - return( -1 ); + if (fwrite(c, 1, len, f) != len) { + fclose(f); + return -1; } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -199,24 +196,24 @@ int main( int argc, char *argv[] ) * Set to sane values */ - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); - mbedtls_pk_init( &key ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - memset( buf, 0, sizeof( buf ) ); + mbedtls_pk_init(&key); + mbedtls_ctr_drbg_init(&ctr_drbg); + memset(buf, 0, sizeof(buf)); - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc == 0) { +usage: + mbedtls_printf(USAGE); #if defined(MBEDTLS_ECP_C) - mbedtls_printf( " available ec_curve values:\n" ); + mbedtls_printf(" available ec_curve values:\n"); curve_info = mbedtls_ecp_curve_list(); - mbedtls_printf( " %s (default)\n", curve_info->name ); - while( ( ++curve_info )->name != NULL ) - mbedtls_printf( " %s\n", curve_info->name ); + mbedtls_printf(" %s (default)\n", curve_info->name); + while ((++curve_info)->name != NULL) { + mbedtls_printf(" %s\n", curve_info->name); + } #endif /* MBEDTLS_ECP_C */ goto exit; } @@ -228,214 +225,199 @@ int main( int argc, char *argv[] ) opt.format = DFL_FORMAT; opt.use_dev_random = DFL_USE_DEV_RANDOM; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "type" ) == 0 ) - { - if( strcmp( q, "rsa" ) == 0 ) + if (strcmp(p, "type") == 0) { + if (strcmp(q, "rsa") == 0) { opt.type = MBEDTLS_PK_RSA; - else if( strcmp( q, "ec" ) == 0 ) + } else if (strcmp(q, "ec") == 0) { opt.type = MBEDTLS_PK_ECKEY; - else + } else { goto usage; - } - else if( strcmp( p, "format" ) == 0 ) - { - if( strcmp( q, "pem" ) == 0 ) + } + } else if (strcmp(p, "format") == 0) { + if (strcmp(q, "pem") == 0) { opt.format = FORMAT_PEM; - else if( strcmp( q, "der" ) == 0 ) + } else if (strcmp(q, "der") == 0) { opt.format = FORMAT_DER; - else + } else { goto usage; - } - else if( strcmp( p, "rsa_keysize" ) == 0 ) - { - opt.rsa_keysize = atoi( q ); - if( opt.rsa_keysize < 1024 || - opt.rsa_keysize > MBEDTLS_MPI_MAX_BITS ) + } + } else if (strcmp(p, "rsa_keysize") == 0) { + opt.rsa_keysize = atoi(q); + if (opt.rsa_keysize < 1024 || + opt.rsa_keysize > MBEDTLS_MPI_MAX_BITS) { goto usage; + } } #if defined(MBEDTLS_ECP_C) - else if( strcmp( p, "ec_curve" ) == 0 ) - { - if( ( curve_info = mbedtls_ecp_curve_info_from_name( q ) ) == NULL ) + else if (strcmp(p, "ec_curve") == 0) { + if ((curve_info = mbedtls_ecp_curve_info_from_name(q)) == NULL) { goto usage; + } opt.ec_curve = curve_info->grp_id; } #endif - else if( strcmp( p, "filename" ) == 0 ) + else if (strcmp(p, "filename") == 0) { opt.filename = q; - else if( strcmp( p, "use_dev_random" ) == 0 ) - { - opt.use_dev_random = atoi( q ); - if( opt.use_dev_random < 0 || opt.use_dev_random > 1 ) + } else if (strcmp(p, "use_dev_random") == 0) { + opt.use_dev_random = atoi(q); + if (opt.use_dev_random < 0 || opt.use_dev_random > 1) { goto usage; - } - else + } + } else { goto usage; + } } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - mbedtls_entropy_init( &entropy ); + mbedtls_entropy_init(&entropy); #if !defined(_WIN32) && defined(MBEDTLS_FS_IO) - if( opt.use_dev_random ) - { - if( ( ret = mbedtls_entropy_add_source( &entropy, dev_random_entropy_poll, - NULL, DEV_RANDOM_THRESHOLD, - MBEDTLS_ENTROPY_SOURCE_STRONG ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_entropy_add_source returned -0x%04x\n", (unsigned int) -ret ); + if (opt.use_dev_random) { + if ((ret = mbedtls_entropy_add_source(&entropy, dev_random_entropy_poll, + NULL, DEV_RANDOM_THRESHOLD, + MBEDTLS_ENTROPY_SOURCE_STRONG)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_entropy_add_source returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf("\n Using /dev/random, so can take a long time! " ); - fflush( stdout ); + mbedtls_printf("\n Using /dev/random, so can take a long time! "); + fflush(stdout); } #endif /* !_WIN32 && MBEDTLS_FS_IO */ - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", + (unsigned int) -ret); goto exit; } /* * 1.1. Generate the key */ - mbedtls_printf( "\n . Generating the private key ..." ); - fflush( stdout ); + mbedtls_printf("\n . Generating the private key ..."); + fflush(stdout); - if( ( ret = mbedtls_pk_setup( &key, - mbedtls_pk_info_from_type( (mbedtls_pk_type_t) opt.type ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_setup returned -0x%04x", (unsigned int) -ret ); + if ((ret = mbedtls_pk_setup(&key, + mbedtls_pk_info_from_type((mbedtls_pk_type_t) opt.type))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_setup returned -0x%04x", (unsigned int) -ret); goto exit; } #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) - if( opt.type == MBEDTLS_PK_RSA ) - { - ret = mbedtls_rsa_gen_key( mbedtls_pk_rsa( key ), mbedtls_ctr_drbg_random, &ctr_drbg, - opt.rsa_keysize, 65537 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_gen_key returned -0x%04x", (unsigned int) -ret ); + if (opt.type == MBEDTLS_PK_RSA) { + ret = mbedtls_rsa_gen_key(mbedtls_pk_rsa(key), mbedtls_ctr_drbg_random, &ctr_drbg, + opt.rsa_keysize, 65537); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_gen_key returned -0x%04x", + (unsigned int) -ret); goto exit; } - } - else + } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - if( opt.type == MBEDTLS_PK_ECKEY ) - { - ret = mbedtls_ecp_gen_key( (mbedtls_ecp_group_id) opt.ec_curve, - mbedtls_pk_ec( key ), - mbedtls_ctr_drbg_random, &ctr_drbg ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecp_gen_key returned -0x%04x", (unsigned int) -ret ); + if (opt.type == MBEDTLS_PK_ECKEY) { + ret = mbedtls_ecp_gen_key((mbedtls_ecp_group_id) opt.ec_curve, + mbedtls_pk_ec(key), + mbedtls_ctr_drbg_random, &ctr_drbg); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecp_gen_key returned -0x%04x", + (unsigned int) -ret); goto exit; } - } - else + } else #endif /* MBEDTLS_ECP_C */ { - mbedtls_printf( " failed\n ! key type not supported\n" ); + mbedtls_printf(" failed\n ! key type not supported\n"); goto exit; } /* * 1.2 Print the key */ - mbedtls_printf( " ok\n . Key information:\n" ); + mbedtls_printf(" ok\n . Key information:\n"); #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA ) - { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key ); + if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(key); - if( ( ret = mbedtls_rsa_export ( rsa, &N, &P, &Q, &D, &E ) ) != 0 || - ( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" ); + if ((ret = mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E)) != 0 || + (ret = mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP)) != 0) { + mbedtls_printf(" failed\n ! could not export RSA parameters\n\n"); goto exit; } - mbedtls_mpi_write_file( "N: ", &N, 16, NULL ); - mbedtls_mpi_write_file( "E: ", &E, 16, NULL ); - mbedtls_mpi_write_file( "D: ", &D, 16, NULL ); - mbedtls_mpi_write_file( "P: ", &P, 16, NULL ); - mbedtls_mpi_write_file( "Q: ", &Q, 16, NULL ); - mbedtls_mpi_write_file( "DP: ", &DP, 16, NULL ); - mbedtls_mpi_write_file( "DQ: ", &DQ, 16, NULL ); - mbedtls_mpi_write_file( "QP: ", &QP, 16, NULL ); - } - else + mbedtls_mpi_write_file("N: ", &N, 16, NULL); + mbedtls_mpi_write_file("E: ", &E, 16, NULL); + mbedtls_mpi_write_file("D: ", &D, 16, NULL); + mbedtls_mpi_write_file("P: ", &P, 16, NULL); + mbedtls_mpi_write_file("Q: ", &Q, 16, NULL); + mbedtls_mpi_write_file("DP: ", &DP, 16, NULL); + mbedtls_mpi_write_file("DQ: ", &DQ, 16, NULL); + mbedtls_mpi_write_file("QP: ", &QP, 16, NULL); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key ); - mbedtls_printf( "curve: %s\n", - mbedtls_ecp_curve_info_from_grp_id( ecp->grp.id )->name ); - mbedtls_mpi_write_file( "X_Q: ", &ecp->Q.X, 16, NULL ); - mbedtls_mpi_write_file( "Y_Q: ", &ecp->Q.Y, 16, NULL ); - mbedtls_mpi_write_file( "D: ", &ecp->d , 16, NULL ); - } - else + if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key); + mbedtls_printf("curve: %s\n", + mbedtls_ecp_curve_info_from_grp_id(ecp->grp.id)->name); + mbedtls_mpi_write_file("X_Q: ", &ecp->Q.X, 16, NULL); + mbedtls_mpi_write_file("Y_Q: ", &ecp->Q.Y, 16, NULL); + mbedtls_mpi_write_file("D: ", &ecp->d, 16, NULL); + } else #endif - mbedtls_printf(" ! key type not supported\n"); + mbedtls_printf(" ! key type not supported\n"); /* * 1.3 Export key */ - mbedtls_printf( " . Writing key to file..." ); + mbedtls_printf(" . Writing key to file..."); - if( ( ret = write_private_key( &key, opt.filename ) ) != 0 ) - { - mbedtls_printf( " failed\n" ); + if ((ret = write_private_key(&key, opt.filename)) != 0) { + mbedtls_printf(" failed\n"); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { + if (exit_code != MBEDTLS_EXIT_SUCCESS) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, sizeof( buf ) ); - mbedtls_printf( " - %s\n", buf ); + mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" - %s\n", buf); #else mbedtls_printf("\n"); #endif } - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); - mbedtls_pk_free( &key ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_pk_free(&key); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_PEM_WRITE_C && MBEDTLS_FS_IO && * MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 8dd22b621b3d..4d60299a7a40 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -55,11 +55,11 @@ #if !defined(MBEDTLS_BIGNUM_C) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -67,15 +67,14 @@ int main( void ) /* * global options */ -struct options -{ +struct options { int mode; /* the mode to run the application in */ const char *filename; /* filename of the key file */ const char *password; /* password for the private key */ const char *password_file; /* password_file for the private key */ } opt; -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -89,17 +88,16 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_pk_init( &pk ); - memset( buf, 0, sizeof(buf) ); + mbedtls_pk_init(&pk); + memset(buf, 0, sizeof(buf)); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc == 0) { +usage: + mbedtls_printf(USAGE); goto cleanup; } @@ -108,198 +106,184 @@ int main( int argc, char *argv[] ) opt.password = DFL_PASSWORD; opt.password_file = DFL_PASSWORD_FILE; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "mode" ) == 0 ) - { - if( strcmp( q, "private" ) == 0 ) + if (strcmp(p, "mode") == 0) { + if (strcmp(q, "private") == 0) { opt.mode = MODE_PRIVATE; - else if( strcmp( q, "public" ) == 0 ) + } else if (strcmp(q, "public") == 0) { opt.mode = MODE_PUBLIC; - else + } else { goto usage; - } - else if( strcmp( p, "filename" ) == 0 ) + } + } else if (strcmp(p, "filename") == 0) { opt.filename = q; - else if( strcmp( p, "password" ) == 0 ) + } else if (strcmp(p, "password") == 0) { opt.password = q; - else if( strcmp( p, "password_file" ) == 0 ) + } else if (strcmp(p, "password_file") == 0) { opt.password_file = q; - else + } else { goto usage; + } } - if( opt.mode == MODE_PRIVATE ) - { - if( strlen( opt.password ) && strlen( opt.password_file ) ) - { - mbedtls_printf( "Error: cannot have both password and password_file\n" ); + if (opt.mode == MODE_PRIVATE) { + if (strlen(opt.password) && strlen(opt.password_file)) { + mbedtls_printf("Error: cannot have both password and password_file\n"); goto usage; } - if( strlen( opt.password_file ) ) - { + if (strlen(opt.password_file)) { FILE *f; - mbedtls_printf( "\n . Loading the password file ..." ); - if( ( f = fopen( opt.password_file, "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! fopen returned NULL\n" ); + mbedtls_printf("\n . Loading the password file ..."); + if ((f = fopen(opt.password_file, "rb")) == NULL) { + mbedtls_printf(" failed\n ! fopen returned NULL\n"); goto cleanup; } - if( fgets( buf, sizeof(buf), f ) == NULL ) - { - fclose( f ); - mbedtls_printf( "Error: fgets() failed to retrieve password\n" ); + if (fgets(buf, sizeof(buf), f) == NULL) { + fclose(f); + mbedtls_printf("Error: fgets() failed to retrieve password\n"); goto cleanup; } - fclose( f ); + fclose(f); - i = (int) strlen( buf ); - if( buf[i - 1] == '\n' ) buf[i - 1] = '\0'; - if( buf[i - 2] == '\r' ) buf[i - 2] = '\0'; + i = (int) strlen(buf); + if (buf[i - 1] == '\n') { + buf[i - 1] = '\0'; + } + if (buf[i - 2] == '\r') { + buf[i - 2] = '\0'; + } opt.password = buf; } /* * 1.1. Load the key */ - mbedtls_printf( "\n . Loading the private key ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the private key ..."); + fflush(stdout); - ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password ); + ret = mbedtls_pk_parse_keyfile(&pk, opt.filename, opt.password); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", + (unsigned int) -ret); goto cleanup; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2 Print the key */ - mbedtls_printf( " . Key information ...\n" ); + mbedtls_printf(" . Key information ...\n"); #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA ) - { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk ); + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(pk); - if( ( ret = mbedtls_rsa_export ( rsa, &N, &P, &Q, &D, &E ) ) != 0 || - ( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" ); + if ((ret = mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E)) != 0 || + (ret = mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP)) != 0) { + mbedtls_printf(" failed\n ! could not export RSA parameters\n\n"); goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "N: ", &N, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "E: ", &E, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "D: ", &D, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "P: ", &P, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q: ", &Q, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "DP: ", &DP, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "DQ: ", &DQ, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "QP: ", &QP, 16, NULL ) ); - } - else + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("N: ", &N, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("E: ", &E, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("D: ", &D, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("P: ", &P, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q: ", &Q, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("DP: ", &DP, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("DQ: ", &DQ, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("QP: ", &QP, 16, NULL)); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "D : ", &ecp->d , 16, NULL ) ); - } - else + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(X): ", &ecp->Q.X, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Y): ", &ecp->Q.Y, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Z): ", &ecp->Q.Z, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("D : ", &ecp->d, 16, NULL)); + } else #endif { - mbedtls_printf("Do not know how to print key information for this type\n" ); + mbedtls_printf("Do not know how to print key information for this type\n"); goto cleanup; } - } - else if( opt.mode == MODE_PUBLIC ) - { + } else if (opt.mode == MODE_PUBLIC) { /* * 1.1. Load the key */ - mbedtls_printf( "\n . Loading the public key ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the public key ..."); + fflush(stdout); - ret = mbedtls_pk_parse_public_keyfile( &pk, opt.filename ); + ret = mbedtls_pk_parse_public_keyfile(&pk, opt.filename); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", + (unsigned int) -ret); goto cleanup; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " . Key information ...\n" ); + mbedtls_printf(" . Key information ...\n"); #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA ) - { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk ); + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(pk); - if( ( ret = mbedtls_rsa_export( rsa, &N, NULL, NULL, - NULL, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" ); + if ((ret = mbedtls_rsa_export(rsa, &N, NULL, NULL, + NULL, &E)) != 0) { + mbedtls_printf(" failed\n ! could not export RSA parameters\n\n"); goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "N: ", &N, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "E: ", &E, 16, NULL ) ); - } - else + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("N: ", &N, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("E: ", &E, 16, NULL)); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ) ); - } - else + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(X): ", &ecp->Q.X, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Y): ", &ecp->Q.Y, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Z): ", &ecp->Q.Z, 16, NULL)); + } else #endif { - mbedtls_printf("Do not know how to print key information for this type\n" ); + mbedtls_printf("Do not know how to print key information for this type\n"); goto cleanup; } - } - else + } else { goto usage; + } exit_code = MBEDTLS_EXIT_SUCCESS; cleanup: #if defined(MBEDTLS_ERROR_C) - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - mbedtls_strerror( ret, buf, sizeof( buf ) ); - mbedtls_printf( " ! Last error was: %s\n", buf ); + if (exit_code != MBEDTLS_EXIT_SUCCESS) { + mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); } #endif - mbedtls_pk_free( &pk ); - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); + mbedtls_pk_free(&pk); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 93a94d901bbf..ba926e31b20b 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -80,10 +80,11 @@ #if !defined(MBEDTLS_PK_PARSE_C) || \ !defined(MBEDTLS_PK_WRITE_C) || \ !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO not defined.\n" ); - mbedtls_exit( 0 ); + mbedtls_printf( + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -91,8 +92,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { int mode; /* the mode to run the application in */ const char *filename; /* filename of the key file */ int output_mode; /* the output mode to use */ @@ -100,7 +100,7 @@ struct options int output_format; /* the output format to use */ } opt; -static int write_public_key( mbedtls_pk_context *key, const char *output_file ) +static int write_public_key(mbedtls_pk_context *key, const char *output_file) { int ret; FILE *f; @@ -111,38 +111,38 @@ static int write_public_key( mbedtls_pk_context *key, const char *output_file ) memset(output_buf, 0, 16000); #if defined(MBEDTLS_PEM_WRITE_C) - if( opt.output_format == OUTPUT_FORMAT_PEM ) - { - if( ( ret = mbedtls_pk_write_pubkey_pem( key, output_buf, 16000 ) ) != 0 ) - return( ret ); + if (opt.output_format == OUTPUT_FORMAT_PEM) { + if ((ret = mbedtls_pk_write_pubkey_pem(key, output_buf, 16000)) != 0) { + return ret; + } - len = strlen( (char *) output_buf ); - } - else + len = strlen((char *) output_buf); + } else #endif { - if( ( ret = mbedtls_pk_write_pubkey_der( key, output_buf, 16000 ) ) < 0 ) - return( ret ); + if ((ret = mbedtls_pk_write_pubkey_der(key, output_buf, 16000)) < 0) { + return ret; + } len = ret; c = output_buf + sizeof(output_buf) - len; } - if( ( f = fopen( output_file, "w" ) ) == NULL ) - return( -1 ); + if ((f = fopen(output_file, "w")) == NULL) { + return -1; + } - if( fwrite( c, 1, len, f ) != len ) - { - fclose( f ); - return( -1 ); + if (fwrite(c, 1, len, f) != len) { + fclose(f); + return -1; } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } -static int write_private_key( mbedtls_pk_context *key, const char *output_file ) +static int write_private_key(mbedtls_pk_context *key, const char *output_file) { int ret; FILE *f; @@ -153,38 +153,38 @@ static int write_private_key( mbedtls_pk_context *key, const char *output_file ) memset(output_buf, 0, 16000); #if defined(MBEDTLS_PEM_WRITE_C) - if( opt.output_format == OUTPUT_FORMAT_PEM ) - { - if( ( ret = mbedtls_pk_write_key_pem( key, output_buf, 16000 ) ) != 0 ) - return( ret ); + if (opt.output_format == OUTPUT_FORMAT_PEM) { + if ((ret = mbedtls_pk_write_key_pem(key, output_buf, 16000)) != 0) { + return ret; + } - len = strlen( (char *) output_buf ); - } - else + len = strlen((char *) output_buf); + } else #endif { - if( ( ret = mbedtls_pk_write_key_der( key, output_buf, 16000 ) ) < 0 ) - return( ret ); + if ((ret = mbedtls_pk_write_key_der(key, output_buf, 16000)) < 0) { + return ret; + } len = ret; c = output_buf + sizeof(output_buf) - len; } - if( ( f = fopen( output_file, "w" ) ) == NULL ) - return( -1 ); + if ((f = fopen(output_file, "w")) == NULL) { + return -1; + } - if( fwrite( c, 1, len, f ) != len ) - { - fclose( f ); - return( -1 ); + if (fwrite(c, 1, len, f) != len) { + fclose(f); + return -1; } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -200,19 +200,18 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_pk_init( &key ); + mbedtls_pk_init(&key); #if defined(MBEDTLS_ERROR_C) - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); #endif - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc == 0) { +usage: + mbedtls_printf(USAGE); goto exit; } @@ -222,211 +221,191 @@ int main( int argc, char *argv[] ) opt.output_file = DFL_OUTPUT_FILENAME; opt.output_format = DFL_OUTPUT_FORMAT; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "mode" ) == 0 ) - { - if( strcmp( q, "private" ) == 0 ) + if (strcmp(p, "mode") == 0) { + if (strcmp(q, "private") == 0) { opt.mode = MODE_PRIVATE; - else if( strcmp( q, "public" ) == 0 ) + } else if (strcmp(q, "public") == 0) { opt.mode = MODE_PUBLIC; - else + } else { goto usage; - } - else if( strcmp( p, "output_mode" ) == 0 ) - { - if( strcmp( q, "private" ) == 0 ) + } + } else if (strcmp(p, "output_mode") == 0) { + if (strcmp(q, "private") == 0) { opt.output_mode = OUTPUT_MODE_PRIVATE; - else if( strcmp( q, "public" ) == 0 ) + } else if (strcmp(q, "public") == 0) { opt.output_mode = OUTPUT_MODE_PUBLIC; - else + } else { goto usage; - } - else if( strcmp( p, "output_format" ) == 0 ) - { + } + } else if (strcmp(p, "output_format") == 0) { #if defined(MBEDTLS_PEM_WRITE_C) - if( strcmp( q, "pem" ) == 0 ) + if (strcmp(q, "pem") == 0) { opt.output_format = OUTPUT_FORMAT_PEM; - else + } else #endif - if( strcmp( q, "der" ) == 0 ) + if (strcmp(q, "der") == 0) { opt.output_format = OUTPUT_FORMAT_DER; - else + } else { goto usage; - } - else if( strcmp( p, "filename" ) == 0 ) + } + } else if (strcmp(p, "filename") == 0) { opt.filename = q; - else if( strcmp( p, "output_file" ) == 0 ) + } else if (strcmp(p, "output_file") == 0) { opt.output_file = q; - else + } else { goto usage; + } } - if( opt.mode == MODE_NONE && opt.output_mode != OUTPUT_MODE_NONE ) - { - mbedtls_printf( "\nCannot output a key without reading one.\n"); + if (opt.mode == MODE_NONE && opt.output_mode != OUTPUT_MODE_NONE) { + mbedtls_printf("\nCannot output a key without reading one.\n"); goto exit; } - if( opt.mode == MODE_PUBLIC && opt.output_mode == OUTPUT_MODE_PRIVATE ) - { - mbedtls_printf( "\nCannot output a private key from a public key.\n"); + if (opt.mode == MODE_PUBLIC && opt.output_mode == OUTPUT_MODE_PRIVATE) { + mbedtls_printf("\nCannot output a private key from a public key.\n"); goto exit; } - if( opt.mode == MODE_PRIVATE ) - { + if (opt.mode == MODE_PRIVATE) { /* * 1.1. Load the key */ - mbedtls_printf( "\n . Loading the private key ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the private key ..."); + fflush(stdout); - ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL ); + ret = mbedtls_pk_parse_keyfile(&key, opt.filename, NULL); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x", (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2 Print the key */ - mbedtls_printf( " . Key information ...\n" ); + mbedtls_printf(" . Key information ...\n"); #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA ) - { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key ); - - if( ( ret = mbedtls_rsa_export ( rsa, &N, &P, &Q, &D, &E ) ) != 0 || - ( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" ); + if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(key); + + if ((ret = mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E)) != 0 || + (ret = mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP)) != 0) { + mbedtls_printf(" failed\n ! could not export RSA parameters\n\n"); goto exit; } - mbedtls_mpi_write_file( "N: ", &N, 16, NULL ); - mbedtls_mpi_write_file( "E: ", &E, 16, NULL ); - mbedtls_mpi_write_file( "D: ", &D, 16, NULL ); - mbedtls_mpi_write_file( "P: ", &P, 16, NULL ); - mbedtls_mpi_write_file( "Q: ", &Q, 16, NULL ); - mbedtls_mpi_write_file( "DP: ", &DP, 16, NULL ); - mbedtls_mpi_write_file( "DQ: ", &DQ, 16, NULL ); - mbedtls_mpi_write_file( "QP: ", &QP, 16, NULL ); - } - else + mbedtls_mpi_write_file("N: ", &N, 16, NULL); + mbedtls_mpi_write_file("E: ", &E, 16, NULL); + mbedtls_mpi_write_file("D: ", &D, 16, NULL); + mbedtls_mpi_write_file("P: ", &P, 16, NULL); + mbedtls_mpi_write_file("Q: ", &Q, 16, NULL); + mbedtls_mpi_write_file("DP: ", &DP, 16, NULL); + mbedtls_mpi_write_file("DQ: ", &DQ, 16, NULL); + mbedtls_mpi_write_file("QP: ", &QP, 16, NULL); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key ); - mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ); - mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ); - mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ); - mbedtls_mpi_write_file( "D : ", &ecp->d , 16, NULL ); - } - else + if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key); + mbedtls_mpi_write_file("Q(X): ", &ecp->Q.X, 16, NULL); + mbedtls_mpi_write_file("Q(Y): ", &ecp->Q.Y, 16, NULL); + mbedtls_mpi_write_file("Q(Z): ", &ecp->Q.Z, 16, NULL); + mbedtls_mpi_write_file("D : ", &ecp->d, 16, NULL); + } else #endif - mbedtls_printf("key type not supported yet\n"); + mbedtls_printf("key type not supported yet\n"); - } - else if( opt.mode == MODE_PUBLIC ) - { + } else if (opt.mode == MODE_PUBLIC) { /* * 1.1. Load the key */ - mbedtls_printf( "\n . Loading the public key ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the public key ..."); + fflush(stdout); - ret = mbedtls_pk_parse_public_keyfile( &key, opt.filename ); + ret = mbedtls_pk_parse_public_keyfile(&key, opt.filename); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_key returned -0x%04x", (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_public_key returned -0x%04x", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2 Print the key */ - mbedtls_printf( " . Key information ...\n" ); + mbedtls_printf(" . Key information ...\n"); #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA ) - { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key ); - - if( ( ret = mbedtls_rsa_export( rsa, &N, NULL, NULL, - NULL, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" ); + if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(key); + + if ((ret = mbedtls_rsa_export(rsa, &N, NULL, NULL, + NULL, &E)) != 0) { + mbedtls_printf(" failed\n ! could not export RSA parameters\n\n"); goto exit; } - mbedtls_mpi_write_file( "N: ", &N, 16, NULL ); - mbedtls_mpi_write_file( "E: ", &E, 16, NULL ); - } - else + mbedtls_mpi_write_file("N: ", &N, 16, NULL); + mbedtls_mpi_write_file("E: ", &E, 16, NULL); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key ); - mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ); - mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ); - mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ); - } - else + if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key); + mbedtls_mpi_write_file("Q(X): ", &ecp->Q.X, 16, NULL); + mbedtls_mpi_write_file("Q(Y): ", &ecp->Q.Y, 16, NULL); + mbedtls_mpi_write_file("Q(Z): ", &ecp->Q.Z, 16, NULL); + } else #endif - mbedtls_printf("key type not supported yet\n"); - } - else + mbedtls_printf("key type not supported yet\n"); + } else { goto usage; + } - if( opt.output_mode == OUTPUT_MODE_PUBLIC ) - { - write_public_key( &key, opt.output_file ); + if (opt.output_mode == OUTPUT_MODE_PUBLIC) { + write_public_key(&key, opt.output_file); } - if( opt.output_mode == OUTPUT_MODE_PRIVATE ) - { - write_private_key( &key, opt.output_file ); + if (opt.output_mode == OUTPUT_MODE_PRIVATE) { + write_private_key(&key, opt.output_file); } exit_code = MBEDTLS_EXIT_SUCCESS; exit: - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { + if (exit_code != MBEDTLS_EXIT_SUCCESS) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, sizeof( buf ) ); - mbedtls_printf( " - %s\n", buf ); + mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" - %s\n", buf); #else mbedtls_printf("\n"); #endif } - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); - mbedtls_pk_free( &key ); + mbedtls_pk_free(&key); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c index 097ed102cd21..a758b015871d 100644 --- a/programs/pkey/mpi_demo.c +++ b/programs/pkey/mpi_demo.c @@ -32,75 +32,74 @@ #endif #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( void ) +int main(void) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; mbedtls_mpi E, P, Q, N, H, D, X, Y, Z; - mbedtls_mpi_init( &E ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &H ); mbedtls_mpi_init( &D ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - mbedtls_mpi_init( &Z ); + mbedtls_mpi_init(&E); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&N); + mbedtls_mpi_init(&H); mbedtls_mpi_init(&D); mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); + mbedtls_mpi_init(&Z); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P, 10, "2789" ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &Q, 10, "3203" ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &E, 10, "257" ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &N, &P, &Q ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&P, 10, "2789")); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&Q, 10, "3203")); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&E, 10, "257")); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&N, &P, &Q)); - mbedtls_printf( "\n Public key:\n\n" ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " N = ", &N, 10, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " E = ", &E, 10, NULL ) ); + mbedtls_printf("\n Public key:\n\n"); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" N = ", &N, 10, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" E = ", &E, 10, NULL)); - mbedtls_printf( "\n Private key:\n\n" ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " P = ", &P, 10, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " Q = ", &Q, 10, NULL ) ); + mbedtls_printf("\n Private key:\n\n"); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" P = ", &P, 10, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" Q = ", &Q, 10, NULL)); #if defined(MBEDTLS_GENPRIME) - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P, &P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q, &Q, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &P, &Q ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &D, &E, &H ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&P, &P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&Q, &Q, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&H, &P, &Q)); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&D, &E, &H)); - mbedtls_mpi_write_file( " D = E^-1 mod (P-1)*(Q-1) = ", - &D, 10, NULL ); + mbedtls_mpi_write_file(" D = E^-1 mod (P-1)*(Q-1) = ", + &D, 10, NULL); #else mbedtls_printf("\nTest skipped (MBEDTLS_GENPRIME not defined).\n\n"); #endif - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &X, 10, "55555" ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &Y, &X, &E, &N, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &Z, &Y, &D, &N, NULL ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&X, 10, "55555")); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&Y, &X, &E, &N, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&Z, &Y, &D, &N, NULL)); - mbedtls_printf( "\n RSA operation:\n\n" ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " X (plaintext) = ", &X, 10, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " Y (ciphertext) = X^E mod N = ", &Y, 10, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL ) ); - mbedtls_printf( "\n" ); + mbedtls_printf("\n RSA operation:\n\n"); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" X (plaintext) = ", &X, 10, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" Y (ciphertext) = X^E mod N = ", &Y, 10, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" Z (decrypted) = Y^D mod N = ", &Z, 10, NULL)); + mbedtls_printf("\n"); exit_code = MBEDTLS_EXIT_SUCCESS; cleanup: - mbedtls_mpi_free( &E ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &H ); mbedtls_mpi_free( &D ); mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); - mbedtls_mpi_free( &Z ); + mbedtls_mpi_free(&E); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&N); + mbedtls_mpi_free(&H); mbedtls_mpi_free(&D); mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); + mbedtls_mpi_free(&Z); - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - mbedtls_printf( "\nAn error occurred.\n" ); + if (exit_code != MBEDTLS_EXIT_SUCCESS) { + mbedtls_printf("\nAn error occurred.\n"); } #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index 0b1c4177a1c7..1dff75c5524a 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -40,17 +40,17 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -65,103 +65,97 @@ int main( int argc, char *argv[] ) const char *pers = "mbedtls_pk_decrypt"; ((void) argv); - mbedtls_pk_init( &pk ); - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_pk_init(&pk); + mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&ctr_drbg); - memset(result, 0, sizeof( result ) ); + memset(result, 0, sizeof(result)); - if( argc != 2 ) - { - mbedtls_printf( "usage: mbedtls_pk_decrypt \n" ); + if (argc != 2) { + mbedtls_printf("usage: mbedtls_pk_decrypt \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( "\n . Reading private key from '%s'", argv[1] ); - fflush( stdout ); + mbedtls_printf("\n . Reading private key from '%s'", argv[1]); + fflush(stdout); - if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", + (unsigned int) -ret); goto exit; } /* * Extract the RSA encrypted value from the text file */ - if( ( f = fopen( "result-enc.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( "\n ! Could not open %s\n\n", "result-enc.txt" ); + if ((f = fopen("result-enc.txt", "rb")) == NULL) { + mbedtls_printf("\n ! Could not open %s\n\n", "result-enc.txt"); ret = 1; goto exit; } i = 0; - while( fscanf( f, "%02X", (unsigned int*) &c ) > 0 && - i < (int) sizeof( buf ) ) - { + while (fscanf(f, "%02X", (unsigned int *) &c) > 0 && + i < (int) sizeof(buf)) { buf[i++] = (unsigned char) c; } - fclose( f ); + fclose(f); /* * Decrypt the encrypted RSA data and print the result. */ - mbedtls_printf( "\n . Decrypting the encrypted data" ); - fflush( stdout ); - - if( ( ret = mbedtls_pk_decrypt( &pk, buf, i, result, &olen, sizeof(result), - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_decrypt returned -0x%04x\n", - (unsigned int) -ret ); + mbedtls_printf("\n . Decrypting the encrypted data"); + fflush(stdout); + + if ((ret = mbedtls_pk_decrypt(&pk, buf, i, result, &olen, sizeof(result), + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_decrypt returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( "\n . OK\n\n" ); + mbedtls_printf("\n . OK\n\n"); - mbedtls_printf( "The decrypted result is: '%s'\n\n", result ); + mbedtls_printf("The decrypted result is: '%s'\n\n", result); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_pk_free( &pk ); - mbedtls_entropy_free( &entropy ); - mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_pk_free(&pk); + mbedtls_entropy_free(&entropy); + mbedtls_ctr_drbg_free(&ctr_drbg); #if defined(MBEDTLS_ERROR_C) - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - mbedtls_strerror( ret, (char *) buf, sizeof( buf ) ); - mbedtls_printf( " ! Last error was: %s\n", buf ); + if (exit_code != MBEDTLS_EXIT_SUCCESS) { + mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); } #endif #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index 3b67c46ea669..9a2549a94347 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -40,17 +40,17 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -63,108 +63,101 @@ int main( int argc, char *argv[] ) unsigned char buf[512]; const char *pers = "mbedtls_pk_encrypt"; - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - mbedtls_pk_init( &pk ); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + mbedtls_pk_init(&pk); - if( argc != 3 ) - { - mbedtls_printf( "usage: mbedtls_pk_encrypt \n" ); + if (argc != 3) { + mbedtls_printf("usage: mbedtls_pk_encrypt \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( "\n . Reading public key from '%s'", argv[1] ); - fflush( stdout ); + mbedtls_printf("\n . Reading public key from '%s'", argv[1]); + fflush(stdout); - if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_public_keyfile(&pk, argv[1])) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - if( strlen( argv[2] ) > 100 ) - { - mbedtls_printf( " Input data larger than 100 characters.\n\n" ); + if (strlen(argv[2]) > 100) { + mbedtls_printf(" Input data larger than 100 characters.\n\n"); goto exit; } - memcpy( input, argv[2], strlen( argv[2] ) ); + memcpy(input, argv[2], strlen(argv[2])); /* * Calculate the RSA encryption of the hash. */ - mbedtls_printf( "\n . Generating the encrypted value" ); - fflush( stdout ); - - if( ( ret = mbedtls_pk_encrypt( &pk, input, strlen( argv[2] ), - buf, &olen, sizeof(buf), - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_encrypt returned -0x%04x\n", - (unsigned int) -ret ); + mbedtls_printf("\n . Generating the encrypted value"); + fflush(stdout); + + if ((ret = mbedtls_pk_encrypt(&pk, input, strlen(argv[2]), + buf, &olen, sizeof(buf), + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_encrypt returned -0x%04x\n", + (unsigned int) -ret); goto exit; } /* * Write the signature into result-enc.txt */ - if( ( f = fopen( "result-enc.txt", "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not create %s\n\n", - "result-enc.txt" ); + if ((f = fopen("result-enc.txt", "wb+")) == NULL) { + mbedtls_printf(" failed\n ! Could not create %s\n\n", + "result-enc.txt"); ret = 1; goto exit; } - for( i = 0; i < olen; i++ ) - { - mbedtls_fprintf( f, "%02X%s", buf[i], - ( i + 1 ) % 16 == 0 ? "\r\n" : " " ); + for (i = 0; i < olen; i++) { + mbedtls_fprintf(f, "%02X%s", buf[i], + (i + 1) % 16 == 0 ? "\r\n" : " "); } - fclose( f ); + fclose(f); - mbedtls_printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" ); + mbedtls_printf("\n . Done (created \"%s\")\n\n", "result-enc.txt"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_pk_free( &pk ); - mbedtls_entropy_free( &entropy ); - mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_pk_free(&pk); + mbedtls_entropy_free(&entropy); + mbedtls_ctr_drbg_free(&ctr_drbg); #if defined(MBEDTLS_ERROR_C) - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - mbedtls_strerror( ret, (char *) buf, sizeof( buf ) ); - mbedtls_printf( " ! Last error was: %s\n", buf ); + if (exit_code != MBEDTLS_EXIT_SUCCESS) { + mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); } #endif #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 9c0e264e24af..19a855b2b0b1 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -29,13 +29,13 @@ !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else @@ -48,7 +48,7 @@ int main( void ) #include #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -62,38 +62,36 @@ int main( int argc, char *argv[] ) const char *pers = "mbedtls_pk_sign"; size_t olen = 0; - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_pk_init( &pk ); + mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_pk_init(&pk); - if( argc != 3 ) - { - mbedtls_printf( "usage: mbedtls_pk_sign \n" ); + if (argc != 3) { + mbedtls_printf("usage: mbedtls_pk_sign \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( "\n . Reading private key from '%s'", argv[1] ); - fflush( stdout ); + mbedtls_printf("\n . Reading private key from '%s'", argv[1]); + fflush(stdout); - if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not parse '%s'\n", argv[1] ); + if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) { + mbedtls_printf(" failed\n ! Could not parse '%s'\n", argv[1]); goto exit; } @@ -101,67 +99,62 @@ int main( int argc, char *argv[] ) * Compute the SHA-256 hash of the input file, * then calculate the signature of the hash. */ - mbedtls_printf( "\n . Generating the SHA-256 signature" ); - fflush( stdout ); - - if( ( ret = mbedtls_md_file( - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), - argv[2], hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] ); + mbedtls_printf("\n . Generating the SHA-256 signature"); + fflush(stdout); + + if ((ret = mbedtls_md_file( + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + argv[2], hash)) != 0) { + mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[2]); goto exit; } - if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_sign returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_sign returned -0x%04x\n", (unsigned int) -ret); goto exit; } /* * Write the signature into .sig */ - mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[2] ); + mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[2]); - if( ( f = fopen( filename, "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not create %s\n\n", filename ); + if ((f = fopen(filename, "wb+")) == NULL) { + mbedtls_printf(" failed\n ! Could not create %s\n\n", filename); goto exit; } - if( fwrite( buf, 1, olen, f ) != olen ) - { - mbedtls_printf( "failed\n ! fwrite failed\n\n" ); - fclose( f ); + if (fwrite(buf, 1, olen, f) != olen) { + mbedtls_printf("failed\n ! fwrite failed\n\n"); + fclose(f); goto exit; } - fclose( f ); + fclose(f); - mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename ); + mbedtls_printf("\n . Done (created \"%s\")\n\n", filename); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_pk_free( &pk ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_pk_free(&pk); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(MBEDTLS_ERROR_C) - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - mbedtls_strerror( ret, (char *) buf, sizeof(buf) ); - mbedtls_printf( " ! Last error was: %s\n", buf ); + if (exit_code != MBEDTLS_EXIT_SUCCESS) { + mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); } #endif #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index a460833d00da..f816e927ca78 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -28,12 +28,12 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_PK_PARSE_C) || \ !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_MD_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or " - "MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or " + "MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -45,7 +45,7 @@ int main( void ) #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -56,86 +56,81 @@ int main( int argc, char *argv[] ) unsigned char buf[MBEDTLS_PK_SIGNATURE_MAX_SIZE]; char filename[512]; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); - if( argc != 3 ) - { - mbedtls_printf( "usage: mbedtls_pk_verify \n" ); + if (argc != 3) { + mbedtls_printf("usage: mbedtls_pk_verify \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Reading public key from '%s'", argv[1] ); - fflush( stdout ); + mbedtls_printf("\n . Reading public key from '%s'", argv[1]); + fflush(stdout); - if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_public_keyfile(&pk, argv[1])) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", + (unsigned int) -ret); goto exit; } /* * Extract the signature from the file */ - mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[2] ); + mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[2]); - if( ( f = fopen( filename, "rb" ) ) == NULL ) - { - mbedtls_printf( "\n ! Could not open %s\n\n", filename ); + if ((f = fopen(filename, "rb")) == NULL) { + mbedtls_printf("\n ! Could not open %s\n\n", filename); goto exit; } - i = fread( buf, 1, sizeof(buf), f ); + i = fread(buf, 1, sizeof(buf), f); - fclose( f ); + fclose(f); /* * Compute the SHA-256 hash of the input file and * verify the signature */ - mbedtls_printf( "\n . Verifying the SHA-256 signature" ); - fflush( stdout ); - - if( ( ret = mbedtls_md_file( - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), - argv[2], hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] ); + mbedtls_printf("\n . Verifying the SHA-256 signature"); + fflush(stdout); + + if ((ret = mbedtls_md_file( + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + argv[2], hash)) != 0) { + mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[2]); goto exit; } - if( ( ret = mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, 0, - buf, i ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_verify returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, 0, + buf, i)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_verify returned -0x%04x\n", (unsigned int) -ret); goto exit; } - mbedtls_printf( "\n . OK (the signature is valid)\n\n" ); + mbedtls_printf("\n . OK (the signature is valid)\n\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); #if defined(MBEDTLS_ERROR_C) - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - mbedtls_strerror( ret, (char *) buf, sizeof(buf) ); - mbedtls_printf( " ! Last error was: %s\n", buf ); + if (exit_code != MBEDTLS_EXIT_SUCCESS) { + mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); } #endif #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index 20b967d6bd40..418d5ea6492d 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -39,17 +39,17 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -65,137 +65,129 @@ int main( int argc, char *argv[] ) const char *pers = "rsa_decrypt"; ((void) argv); - memset(result, 0, sizeof( result ) ); + memset(result, 0, sizeof(result)); - if( argc != 1 ) - { - mbedtls_printf( "usage: rsa_decrypt\n" ); + if (argc != 1) { + mbedtls_printf("usage: rsa_decrypt\n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); - - ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", - ret ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); + + ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers)); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", + ret); goto exit; } - mbedtls_printf( "\n . Reading private key from rsa_priv.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading private key from rsa_priv.txt"); + fflush(stdout); - if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); + if ((f = fopen("rsa_priv.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open rsa_priv.txt\n" \ + " ! Please run rsa_genkey first\n\n"); goto exit; } - if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &DP , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &DQ , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &QP , 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", - ret ); - fclose( f ); + if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&DP, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&DQ, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&QP, 16, f)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", + ret); + fclose(f); goto exit; } - fclose( f ); + fclose(f); - if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n", + ret); goto exit; } - if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_complete returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_complete(&rsa)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_complete returned %d\n\n", + ret); goto exit; } /* * Extract the RSA encrypted value from the text file */ - if( ( f = fopen( "result-enc.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( "\n ! Could not open %s\n\n", "result-enc.txt" ); + if ((f = fopen("result-enc.txt", "rb")) == NULL) { + mbedtls_printf("\n ! Could not open %s\n\n", "result-enc.txt"); goto exit; } i = 0; - while( fscanf( f, "%02X", (unsigned int*) &c ) > 0 && - i < (int) sizeof( buf ) ) + while (fscanf(f, "%02X", (unsigned int *) &c) > 0 && + i < (int) sizeof(buf)) { buf[i++] = (unsigned char) c; + } - fclose( f ); + fclose(f); - if( i != rsa.len ) - { - mbedtls_printf( "\n ! Invalid RSA signature format\n\n" ); + if (i != rsa.len) { + mbedtls_printf("\n ! Invalid RSA signature format\n\n"); goto exit; } /* * Decrypt the encrypted RSA data and print the result. */ - mbedtls_printf( "\n . Decrypting the encrypted data" ); - fflush( stdout ); - - ret = mbedtls_rsa_pkcs1_decrypt( &rsa, mbedtls_ctr_drbg_random, - &ctr_drbg, MBEDTLS_RSA_PRIVATE, &i, - buf, result, 1024 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_decrypt returned %d\n\n", - ret ); + mbedtls_printf("\n . Decrypting the encrypted data"); + fflush(stdout); + + ret = mbedtls_rsa_pkcs1_decrypt(&rsa, mbedtls_ctr_drbg_random, + &ctr_drbg, MBEDTLS_RSA_PRIVATE, &i, + buf, result, 1024); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_decrypt returned %d\n\n", + ret); goto exit; } - mbedtls_printf( "\n . OK\n\n" ); + mbedtls_printf("\n . OK\n\n"); - mbedtls_printf( "The decrypted result is: '%s'\n\n", result ); + mbedtls_printf("The decrypted result is: '%s'\n\n", result); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - mbedtls_rsa_free( &rsa ); - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); + mbedtls_rsa_free(&rsa); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index cda3d315c9b1..6ef2e2f91186 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -38,17 +38,17 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -62,117 +62,110 @@ int main( int argc, char *argv[] ) const char *pers = "rsa_encrypt"; mbedtls_mpi N, E; - if( argc != 2 ) - { - mbedtls_printf( "usage: rsa_encrypt \n" ); + if (argc != 2) { + mbedtls_printf("usage: rsa_encrypt \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - - ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", - ret ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + + ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers)); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", + ret); goto exit; } - mbedtls_printf( "\n . Reading public key from rsa_pub.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading public key from rsa_pub.txt"); + fflush(stdout); - if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); + if ((f = fopen("rsa_pub.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open rsa_pub.txt\n" \ + " ! Please run rsa_genkey first\n\n"); goto exit; } - if( ( ret = mbedtls_mpi_read_file( &N, 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &E, 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", - ret ); - fclose( f ); + if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", + ret); + fclose(f); goto exit; } - fclose( f ); + fclose(f); - if( ( ret = mbedtls_rsa_import( &rsa, &N, NULL, NULL, NULL, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_import(&rsa, &N, NULL, NULL, NULL, &E)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n", + ret); goto exit; } - if( strlen( argv[1] ) > 100 ) - { - mbedtls_printf( " Input data larger than 100 characters.\n\n" ); + if (strlen(argv[1]) > 100) { + mbedtls_printf(" Input data larger than 100 characters.\n\n"); goto exit; } - memcpy( input, argv[1], strlen( argv[1] ) ); + memcpy(input, argv[1], strlen(argv[1])); /* * Calculate the RSA encryption of the hash. */ - mbedtls_printf( "\n . Generating the RSA encrypted value" ); - fflush( stdout ); - - ret = mbedtls_rsa_pkcs1_encrypt( &rsa, mbedtls_ctr_drbg_random, - &ctr_drbg, MBEDTLS_RSA_PUBLIC, - strlen( argv[1] ), input, buf ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_encrypt returned %d\n\n", - ret ); + mbedtls_printf("\n . Generating the RSA encrypted value"); + fflush(stdout); + + ret = mbedtls_rsa_pkcs1_encrypt(&rsa, mbedtls_ctr_drbg_random, + &ctr_drbg, MBEDTLS_RSA_PUBLIC, + strlen(argv[1]), input, buf); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_encrypt returned %d\n\n", + ret); goto exit; } /* * Write the signature into result-enc.txt */ - if( ( f = fopen( "result-enc.txt", "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not create %s\n\n", "result-enc.txt" ); + if ((f = fopen("result-enc.txt", "wb+")) == NULL) { + mbedtls_printf(" failed\n ! Could not create %s\n\n", "result-enc.txt"); goto exit; } - for( i = 0; i < rsa.len; i++ ) - mbedtls_fprintf( f, "%02X%s", buf[i], - ( i + 1 ) % 16 == 0 ? "\r\n" : " " ); + for (i = 0; i < rsa.len; i++) { + mbedtls_fprintf(f, "%02X%s", buf[i], + (i + 1) % 16 == 0 ? "\r\n" : " "); + } - fclose( f ); + fclose(f); - mbedtls_printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" ); + mbedtls_printf("\n . Done (created \"%s\")\n\n", "result-enc.txt"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - mbedtls_rsa_free( &rsa ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); + mbedtls_rsa_free(&rsa); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index 1507bd88860c..4bcb8a2ee9ca 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -43,17 +43,17 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_GENPRIME) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_RSA_C and/or MBEDTLS_GENPRIME and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_RSA_C and/or MBEDTLS_GENPRIME and/or " + "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( void ) +int main(void) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -65,103 +65,98 @@ int main( void ) FILE *fpriv = NULL; const char *pers = "rsa_genkey"; - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); - - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); + + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n . Generating the RSA key [ %d-bit ]...", KEY_SIZE ); - fflush( stdout ); + mbedtls_printf(" ok\n . Generating the RSA key [ %d-bit ]...", KEY_SIZE); + fflush(stdout); - if( ( ret = mbedtls_rsa_gen_key( &rsa, mbedtls_ctr_drbg_random, &ctr_drbg, KEY_SIZE, - EXPONENT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_gen_key returned %d\n\n", ret ); + if ((ret = mbedtls_rsa_gen_key(&rsa, mbedtls_ctr_drbg_random, &ctr_drbg, KEY_SIZE, + EXPONENT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_gen_key returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n . Exporting the public key in rsa_pub.txt...." ); - fflush( stdout ); + mbedtls_printf(" ok\n . Exporting the public key in rsa_pub.txt...."); + fflush(stdout); - if( ( ret = mbedtls_rsa_export ( &rsa, &N, &P, &Q, &D, &E ) ) != 0 || - ( ret = mbedtls_rsa_export_crt( &rsa, &DP, &DQ, &QP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" ); + if ((ret = mbedtls_rsa_export(&rsa, &N, &P, &Q, &D, &E)) != 0 || + (ret = mbedtls_rsa_export_crt(&rsa, &DP, &DQ, &QP)) != 0) { + mbedtls_printf(" failed\n ! could not export RSA parameters\n\n"); goto exit; } - if( ( fpub = fopen( "rsa_pub.txt", "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! could not open rsa_pub.txt for writing\n\n" ); + if ((fpub = fopen("rsa_pub.txt", "wb+")) == NULL) { + mbedtls_printf(" failed\n ! could not open rsa_pub.txt for writing\n\n"); goto exit; } - if( ( ret = mbedtls_mpi_write_file( "N = ", &N, 16, fpub ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "E = ", &E, 16, fpub ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret ); + if ((ret = mbedtls_mpi_write_file("N = ", &N, 16, fpub)) != 0 || + (ret = mbedtls_mpi_write_file("E = ", &E, 16, fpub)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n . Exporting the private key in rsa_priv.txt..." ); - fflush( stdout ); + mbedtls_printf(" ok\n . Exporting the private key in rsa_priv.txt..."); + fflush(stdout); - if( ( fpriv = fopen( "rsa_priv.txt", "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! could not open rsa_priv.txt for writing\n" ); + if ((fpriv = fopen("rsa_priv.txt", "wb+")) == NULL) { + mbedtls_printf(" failed\n ! could not open rsa_priv.txt for writing\n"); goto exit; } - if( ( ret = mbedtls_mpi_write_file( "N = " , &N , 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "E = " , &E , 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "D = " , &D , 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "P = " , &P , 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "Q = " , &Q , 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "DP = ", &DP, 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "DQ = ", &DQ, 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "QP = ", &QP, 16, fpriv ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret ); + if ((ret = mbedtls_mpi_write_file("N = ", &N, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("E = ", &E, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("D = ", &D, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("P = ", &P, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("Q = ", &Q, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("DP = ", &DP, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("DQ = ", &DQ, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("QP = ", &QP, 16, fpriv)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n\n" ); + mbedtls_printf(" ok\n\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - if( fpub != NULL ) - fclose( fpub ); + if (fpub != NULL) { + fclose(fpub); + } - if( fpriv != NULL ) - fclose( fpriv ); + if (fpriv != NULL) { + fclose(fpriv); + } - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); - mbedtls_rsa_free( &rsa ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); + mbedtls_rsa_free(&rsa); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C && MBEDTLS_GENPRIME && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index debc16818f4c..a28a699d9147 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -28,12 +28,12 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_MD_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_MD_C and/or " + "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -44,7 +44,7 @@ int main( void ) #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -56,67 +56,62 @@ int main( int argc, char *argv[] ) char filename[512]; mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); - if( argc != 2 ) - { - mbedtls_printf( "usage: rsa_sign \n" ); + if (argc != 2) { + mbedtls_printf("usage: rsa_sign \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Reading private key from rsa_priv.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading private key from rsa_priv.txt"); + fflush(stdout); - if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); + if ((f = fopen("rsa_priv.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open rsa_priv.txt\n" \ + " ! Please run rsa_genkey first\n\n"); goto exit; } - if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &DP , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &DQ , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &QP , 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret ); - fclose( f ); + if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&DP, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&DQ, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&QP, 16, f)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret); + fclose(f); goto exit; } - fclose( f ); + fclose(f); - if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n", + ret); goto exit; } - if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_complete returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_complete(&rsa)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_complete returned %d\n\n", + ret); goto exit; } - mbedtls_printf( "\n . Checking the private key" ); - fflush( stdout ); - if( ( ret = mbedtls_rsa_check_privkey( &rsa ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_check_privkey failed with -0x%0x\n", (unsigned int) -ret ); + mbedtls_printf("\n . Checking the private key"); + fflush(stdout); + if ((ret = mbedtls_rsa_check_privkey(&rsa)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_check_privkey failed with -0x%0x\n", + (unsigned int) -ret); goto exit; } @@ -124,58 +119,57 @@ int main( int argc, char *argv[] ) * Compute the SHA-256 hash of the input file, * then calculate the RSA signature of the hash. */ - mbedtls_printf( "\n . Generating the RSA/SHA-256 signature" ); - fflush( stdout ); - - if( ( ret = mbedtls_md_file( - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), - argv[1], hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[1] ); + mbedtls_printf("\n . Generating the RSA/SHA-256 signature"); + fflush(stdout); + + if ((ret = mbedtls_md_file( + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + argv[1], hash)) != 0) { + mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[1]); goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, - 20, hash, buf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, + 20, hash, buf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", + (unsigned int) -ret); goto exit; } /* * Write the signature into .sig */ - mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[1] ); + mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[1]); - if( ( f = fopen( filename, "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not create %s\n\n", argv[1] ); + if ((f = fopen(filename, "wb+")) == NULL) { + mbedtls_printf(" failed\n ! Could not create %s\n\n", argv[1]); goto exit; } - for( i = 0; i < rsa.len; i++ ) - mbedtls_fprintf( f, "%02X%s", buf[i], - ( i + 1 ) % 16 == 0 ? "\r\n" : " " ); + for (i = 0; i < rsa.len; i++) { + mbedtls_fprintf(f, "%02X%s", buf[i], + (i + 1) % 16 == 0 ? "\r\n" : " "); + } - fclose( f ); + fclose(f); - mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename ); + mbedtls_printf("\n . Done (created \"%s\")\n\n", filename); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_rsa_free( &rsa ); - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); + mbedtls_rsa_free(&rsa); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index ad0598b3b468..d1afdeef0e81 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -29,13 +29,13 @@ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else @@ -49,7 +49,7 @@ int main( void ) #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -63,107 +63,99 @@ int main( int argc, char *argv[] ) const char *pers = "rsa_sign_pss"; size_t olen = 0; - mbedtls_entropy_init( &entropy ); - mbedtls_pk_init( &pk ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_entropy_init(&entropy); + mbedtls_pk_init(&pk); + mbedtls_ctr_drbg_init(&ctr_drbg); - if( argc != 3 ) - { - mbedtls_printf( "usage: rsa_sign_pss \n" ); + if (argc != 3) { + mbedtls_printf("usage: rsa_sign_pss \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( "\n . Reading private key from '%s'", argv[1] ); - fflush( stdout ); + mbedtls_printf("\n . Reading private key from '%s'", argv[1]); + fflush(stdout); - if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not read key from '%s'\n", argv[1] ); - mbedtls_printf( " ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret ); + if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) { + mbedtls_printf(" failed\n ! Could not read key from '%s'\n", argv[1]); + mbedtls_printf(" ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret); goto exit; } - if( !mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) ) - { - mbedtls_printf( " failed\n ! Key is not an RSA key\n" ); + if (!mbedtls_pk_can_do(&pk, MBEDTLS_PK_RSA)) { + mbedtls_printf(" failed\n ! Key is not an RSA key\n"); goto exit; } - mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256 ); + mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256); /* * Compute the SHA-256 hash of the input file, * then calculate the RSA signature of the hash. */ - mbedtls_printf( "\n . Generating the RSA/SHA-256 signature" ); - fflush( stdout ); - - if( ( ret = mbedtls_md_file( - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), - argv[2], hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] ); + mbedtls_printf("\n . Generating the RSA/SHA-256 signature"); + fflush(stdout); + + if ((ret = mbedtls_md_file( + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + argv[2], hash)) != 0) { + mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[2]); goto exit; } - if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_sign returned %d\n\n", ret ); + if ((ret = mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_sign returned %d\n\n", ret); goto exit; } /* * Write the signature into .sig */ - mbedtls_snprintf( filename, 512, "%s.sig", argv[2] ); + mbedtls_snprintf(filename, 512, "%s.sig", argv[2]); - if( ( f = fopen( filename, "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not create %s\n\n", filename ); + if ((f = fopen(filename, "wb+")) == NULL) { + mbedtls_printf(" failed\n ! Could not create %s\n\n", filename); goto exit; } - if( fwrite( buf, 1, olen, f ) != olen ) - { - mbedtls_printf( "failed\n ! fwrite failed\n\n" ); - fclose( f ); + if (fwrite(buf, 1, olen, f) != olen) { + mbedtls_printf("failed\n ! fwrite failed\n\n"); + fclose(f); goto exit; } - fclose( f ); + fclose(f); - mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename ); + mbedtls_printf("\n . Done (created \"%s\")\n\n", filename); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_pk_free( &pk ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_pk_free(&pk); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 81478c23d9cd..aeddd43bb6a2 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -28,12 +28,12 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_MD_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_MD_C and/or " + "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -44,7 +44,7 @@ int main( void ) #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -56,62 +56,58 @@ int main( int argc, char *argv[] ) unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; char filename[512]; - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); - if( argc != 2 ) - { - mbedtls_printf( "usage: rsa_verify \n" ); + if (argc != 2) { + mbedtls_printf("usage: rsa_verify \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Reading public key from rsa_pub.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading public key from rsa_pub.txt"); + fflush(stdout); - if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); + if ((f = fopen("rsa_pub.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open rsa_pub.txt\n" \ + " ! Please run rsa_genkey first\n\n"); goto exit; } - if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret ); - fclose( f ); + if ((ret = mbedtls_mpi_read_file(&rsa.N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&rsa.E, 16, f)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret); + fclose(f); goto exit; } - rsa.len = ( mbedtls_mpi_bitlen( &rsa.N ) + 7 ) >> 3; + rsa.len = (mbedtls_mpi_bitlen(&rsa.N) + 7) >> 3; - fclose( f ); + fclose(f); /* * Extract the RSA signature from the text file */ - mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[1] ); + mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[1]); - if( ( f = fopen( filename, "rb" ) ) == NULL ) - { - mbedtls_printf( "\n ! Could not open %s\n\n", filename ); + if ((f = fopen(filename, "rb")) == NULL) { + mbedtls_printf("\n ! Could not open %s\n\n", filename); goto exit; } i = 0; - while( fscanf( f, "%02X", (unsigned int*) &c ) > 0 && - i < (int) sizeof( buf ) ) + while (fscanf(f, "%02X", (unsigned int *) &c) > 0 && + i < (int) sizeof(buf)) { buf[i++] = (unsigned char) c; + } - fclose( f ); + fclose(f); - if( i != rsa.len ) - { - mbedtls_printf( "\n ! Invalid RSA signature format\n\n" ); + if (i != rsa.len) { + mbedtls_printf("\n ! Invalid RSA signature format\n\n"); goto exit; } @@ -119,38 +115,37 @@ int main( int argc, char *argv[] ) * Compute the SHA-256 hash of the input file and * verify the signature */ - mbedtls_printf( "\n . Verifying the RSA/SHA-256 signature" ); - fflush( stdout ); - - if( ( ret = mbedtls_md_file( - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), - argv[1], hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[1] ); + mbedtls_printf("\n . Verifying the RSA/SHA-256 signature"); + fflush(stdout); + + if ((ret = mbedtls_md_file( + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + argv[1], hash)) != 0) { + mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[1]); goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, - MBEDTLS_MD_SHA256, 20, hash, buf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_rsa_pkcs1_verify(&rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, + MBEDTLS_MD_SHA256, 20, hash, buf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( "\n . OK (the signature is valid)\n\n" ); + mbedtls_printf("\n . OK (the signature is valid)\n\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_rsa_free( &rsa ); + mbedtls_rsa_free(&rsa); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index fe3e2ecd5e89..1718872d32b1 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -29,13 +29,13 @@ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else @@ -48,7 +48,7 @@ int main( void ) #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -59,87 +59,81 @@ int main( int argc, char *argv[] ) unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; char filename[512]; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); - if( argc != 3 ) - { - mbedtls_printf( "usage: rsa_verify_pss \n" ); + if (argc != 3) { + mbedtls_printf("usage: rsa_verify_pss \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Reading public key from '%s'", argv[1] ); - fflush( stdout ); + mbedtls_printf("\n . Reading public key from '%s'", argv[1]); + fflush(stdout); - if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not read key from '%s'\n", argv[1] ); - mbedtls_printf( " ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret ); + if ((ret = mbedtls_pk_parse_public_keyfile(&pk, argv[1])) != 0) { + mbedtls_printf(" failed\n ! Could not read key from '%s'\n", argv[1]); + mbedtls_printf(" ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret); goto exit; } - if( !mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) ) - { - mbedtls_printf( " failed\n ! Key is not an RSA key\n" ); + if (!mbedtls_pk_can_do(&pk, MBEDTLS_PK_RSA)) { + mbedtls_printf(" failed\n ! Key is not an RSA key\n"); goto exit; } - mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256 ); + mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256); /* * Extract the RSA signature from the file */ - mbedtls_snprintf( filename, 512, "%s.sig", argv[2] ); + mbedtls_snprintf(filename, 512, "%s.sig", argv[2]); - if( ( f = fopen( filename, "rb" ) ) == NULL ) - { - mbedtls_printf( "\n ! Could not open %s\n\n", filename ); + if ((f = fopen(filename, "rb")) == NULL) { + mbedtls_printf("\n ! Could not open %s\n\n", filename); goto exit; } - i = fread( buf, 1, MBEDTLS_MPI_MAX_SIZE, f ); + i = fread(buf, 1, MBEDTLS_MPI_MAX_SIZE, f); - fclose( f ); + fclose(f); /* * Compute the SHA-256 hash of the input file and * verify the signature */ - mbedtls_printf( "\n . Verifying the RSA/SHA-256 signature" ); - fflush( stdout ); - - if( ( ret = mbedtls_md_file( - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), - argv[2], hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] ); + mbedtls_printf("\n . Verifying the RSA/SHA-256 signature"); + fflush(stdout); + + if ((ret = mbedtls_md_file( + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + argv[2], hash)) != 0) { + mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[2]); goto exit; } - if( ( ret = mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, 0, - buf, i ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_verify returned %d\n\n", ret ); + if ((ret = mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, 0, + buf, i)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_verify returned %d\n\n", ret); goto exit; } - mbedtls_printf( "\n . OK (the signature is valid)\n\n" ); + mbedtls_printf("\n . OK (the signature is valid)\n\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 935d657af522..3f109d839546 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -20,146 +20,145 @@ #include #include -#define ASSERT( predicate ) \ +#define ASSERT(predicate) \ do \ { \ - if( ! ( predicate ) ) \ + if (!(predicate)) \ { \ - printf( "\tassertion failed at %s:%d - '%s'\r\n", \ - __FILE__, __LINE__, #predicate); \ + printf("\tassertion failed at %s:%d - '%s'\r\n", \ + __FILE__, __LINE__, #predicate); \ goto exit; \ } \ - } while ( 0 ) + } while (0) -#define ASSERT_STATUS( actual, expected ) \ +#define ASSERT_STATUS(actual, expected) \ do \ { \ - if( ( actual ) != ( expected ) ) \ + if ((actual) != (expected)) \ { \ - printf( "\tassertion failed at %s:%d - " \ - "actual:%d expected:%d\r\n", __FILE__, __LINE__, \ - (psa_status_t) actual, (psa_status_t) expected ); \ + printf("\tassertion failed at %s:%d - " \ + "actual:%d expected:%d\r\n", __FILE__, __LINE__, \ + (psa_status_t) actual, (psa_status_t) expected); \ goto exit; \ } \ - } while ( 0 ) + } while (0) #if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_AES_C) || \ !defined(MBEDTLS_CIPHER_MODE_CBC) || !defined(MBEDTLS_CIPHER_MODE_CTR) || \ !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) || \ defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) -int main( void ) +int main(void) { - printf( "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or " - "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR " - "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING " - "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER" - " defined.\r\n" ); - return( 0 ); + printf("MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or " + "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR " + "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING " + "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER" + " defined.\r\n"); + return 0; } #else -static psa_status_t cipher_operation( psa_cipher_operation_t *operation, - const uint8_t * input, - size_t input_size, - size_t part_size, - uint8_t * output, - size_t output_size, - size_t *output_len ) +static psa_status_t cipher_operation(psa_cipher_operation_t *operation, + const uint8_t *input, + size_t input_size, + size_t part_size, + uint8_t *output, + size_t output_size, + size_t *output_len) { psa_status_t status; size_t bytes_to_write = 0, bytes_written = 0, len = 0; *output_len = 0; - while( bytes_written != input_size ) - { - bytes_to_write = ( input_size - bytes_written > part_size ? - part_size : - input_size - bytes_written ); + while (bytes_written != input_size) { + bytes_to_write = (input_size - bytes_written > part_size ? + part_size : + input_size - bytes_written); - status = psa_cipher_update( operation, input + bytes_written, - bytes_to_write, output + *output_len, - output_size - *output_len, &len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_cipher_update(operation, input + bytes_written, + bytes_to_write, output + *output_len, + output_size - *output_len, &len); + ASSERT_STATUS(status, PSA_SUCCESS); bytes_written += bytes_to_write; *output_len += len; } - status = psa_cipher_finish( operation, output + *output_len, - output_size - *output_len, &len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_cipher_finish(operation, output + *output_len, + output_size - *output_len, &len); + ASSERT_STATUS(status, PSA_SUCCESS); *output_len += len; exit: - return( status ); + return status; } -static psa_status_t cipher_encrypt( psa_key_id_t key, - psa_algorithm_t alg, - uint8_t * iv, - size_t iv_size, - const uint8_t * input, - size_t input_size, - size_t part_size, - uint8_t * output, - size_t output_size, - size_t *output_len ) +static psa_status_t cipher_encrypt(psa_key_id_t key, + psa_algorithm_t alg, + uint8_t *iv, + size_t iv_size, + const uint8_t *input, + size_t input_size, + size_t part_size, + uint8_t *output, + size_t output_size, + size_t *output_len) { psa_status_t status; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; size_t iv_len = 0; - memset( &operation, 0, sizeof( operation ) ); - status = psa_cipher_encrypt_setup( &operation, key, alg ); - ASSERT_STATUS( status, PSA_SUCCESS ); + memset(&operation, 0, sizeof(operation)); + status = psa_cipher_encrypt_setup(&operation, key, alg); + ASSERT_STATUS(status, PSA_SUCCESS); - status = psa_cipher_generate_iv( &operation, iv, iv_size, &iv_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_cipher_generate_iv(&operation, iv, iv_size, &iv_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_operation( &operation, input, input_size, part_size, - output, output_size, output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_operation(&operation, input, input_size, part_size, + output, output_size, output_len); + ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_cipher_abort( &operation ); - return( status ); + psa_cipher_abort(&operation); + return status; } -static psa_status_t cipher_decrypt( psa_key_id_t key, - psa_algorithm_t alg, - const uint8_t * iv, - size_t iv_size, - const uint8_t * input, - size_t input_size, - size_t part_size, - uint8_t * output, - size_t output_size, - size_t *output_len ) +static psa_status_t cipher_decrypt(psa_key_id_t key, + psa_algorithm_t alg, + const uint8_t *iv, + size_t iv_size, + const uint8_t *input, + size_t input_size, + size_t part_size, + uint8_t *output, + size_t output_size, + size_t *output_len) { psa_status_t status; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - memset( &operation, 0, sizeof( operation ) ); - status = psa_cipher_decrypt_setup( &operation, key, alg ); - ASSERT_STATUS( status, PSA_SUCCESS ); + memset(&operation, 0, sizeof(operation)); + status = psa_cipher_decrypt_setup(&operation, key, alg); + ASSERT_STATUS(status, PSA_SUCCESS); - status = psa_cipher_set_iv( &operation, iv, iv_size ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_cipher_set_iv(&operation, iv, iv_size); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_operation( &operation, input, input_size, part_size, - output, output_size, output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_operation(&operation, input, input_size, part_size, + output, output_size, output_len); + ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_cipher_abort( &operation ); - return( status ); + psa_cipher_abort(&operation); + return status; } static psa_status_t -cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) +cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block(void) { enum { - block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ), + block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES), key_bits = 256, part_size = block_size, }; @@ -174,40 +173,40 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) uint8_t encrypt[block_size]; uint8_t decrypt[block_size]; - status = psa_generate_random( input, sizeof( input ) ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_generate_random(input, sizeof(input)); + ASSERT_STATUS(status, PSA_SUCCESS); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - psa_set_key_bits( &attributes, key_bits ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, key_bits); - status = psa_generate_key( &attributes, &key ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_generate_key(&attributes, &key); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_encrypt( key, alg, iv, sizeof( iv ), - input, sizeof( input ), part_size, - encrypt, sizeof( encrypt ), &output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_encrypt(key, alg, iv, sizeof(iv), + input, sizeof(input), part_size, + encrypt, sizeof(encrypt), &output_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_decrypt( key, alg, iv, sizeof( iv ), - encrypt, output_len, part_size, - decrypt, sizeof( decrypt ), &output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_decrypt(key, alg, iv, sizeof(iv), + encrypt, output_len, part_size, + decrypt, sizeof(decrypt), &output_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = memcmp( input, decrypt, sizeof( input ) ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = memcmp(input, decrypt, sizeof(input)); + ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_destroy_key( key ); - return( status ); + psa_destroy_key(key); + return status; } -static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) +static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi(void) { enum { - block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ), + block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES), key_bits = 256, input_size = 100, part_size = 10, @@ -222,40 +221,40 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) uint8_t iv[block_size], input[input_size], encrypt[input_size + block_size], decrypt[input_size + block_size]; - status = psa_generate_random( input, sizeof( input ) ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_generate_random(input, sizeof(input)); + ASSERT_STATUS(status, PSA_SUCCESS); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - psa_set_key_bits( &attributes, key_bits ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, key_bits); - status = psa_generate_key( &attributes, &key ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_generate_key(&attributes, &key); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_encrypt( key, alg, iv, sizeof( iv ), - input, sizeof( input ), part_size, - encrypt, sizeof( encrypt ), &output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_encrypt(key, alg, iv, sizeof(iv), + input, sizeof(input), part_size, + encrypt, sizeof(encrypt), &output_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_decrypt( key, alg, iv, sizeof( iv ), - encrypt, output_len, part_size, - decrypt, sizeof( decrypt ), &output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_decrypt(key, alg, iv, sizeof(iv), + encrypt, output_len, part_size, + decrypt, sizeof(decrypt), &output_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = memcmp( input, decrypt, sizeof( input ) ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = memcmp(input, decrypt, sizeof(input)); + ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_destroy_key( key ); - return( status ); + psa_destroy_key(key); + return status; } -static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) +static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi(void) { enum { - block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ), + block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES), key_bits = 256, input_size = 100, part_size = 10, @@ -269,63 +268,66 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) uint8_t iv[block_size], input[input_size], encrypt[input_size], decrypt[input_size]; - status = psa_generate_random( input, sizeof( input ) ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_generate_random(input, sizeof(input)); + ASSERT_STATUS(status, PSA_SUCCESS); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - psa_set_key_bits( &attributes, key_bits ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, key_bits); - status = psa_generate_key( &attributes, &key ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_generate_key(&attributes, &key); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_encrypt( key, alg, iv, sizeof( iv ), - input, sizeof( input ), part_size, - encrypt, sizeof( encrypt ), &output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_encrypt(key, alg, iv, sizeof(iv), + input, sizeof(input), part_size, + encrypt, sizeof(encrypt), &output_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_decrypt( key, alg, iv, sizeof( iv ), - encrypt, output_len, part_size, - decrypt, sizeof( decrypt ), &output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_decrypt(key, alg, iv, sizeof(iv), + encrypt, output_len, part_size, + decrypt, sizeof(decrypt), &output_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = memcmp( input, decrypt, sizeof( input ) ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = memcmp(input, decrypt, sizeof(input)); + ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_destroy_key( key ); - return( status ); + psa_destroy_key(key); + return status; } -static void cipher_examples( void ) +static void cipher_examples(void) { psa_status_t status; - printf( "cipher encrypt/decrypt AES CBC no padding:\r\n" ); - status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( ); - if( status == PSA_SUCCESS ) - printf( "\tsuccess!\r\n" ); + printf("cipher encrypt/decrypt AES CBC no padding:\r\n"); + status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block(); + if (status == PSA_SUCCESS) { + printf("\tsuccess!\r\n"); + } - printf( "cipher encrypt/decrypt AES CBC PKCS7 multipart:\r\n" ); - status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( ); - if( status == PSA_SUCCESS ) - printf( "\tsuccess!\r\n" ); + printf("cipher encrypt/decrypt AES CBC PKCS7 multipart:\r\n"); + status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi(); + if (status == PSA_SUCCESS) { + printf("\tsuccess!\r\n"); + } - printf( "cipher encrypt/decrypt AES CTR multipart:\r\n" ); - status = cipher_example_encrypt_decrypt_aes_ctr_multi( ); - if( status == PSA_SUCCESS ) - printf( "\tsuccess!\r\n" ); + printf("cipher encrypt/decrypt AES CTR multipart:\r\n"); + status = cipher_example_encrypt_decrypt_aes_ctr_multi(); + if (status == PSA_SUCCESS) { + printf("\tsuccess!\r\n"); + } } -int main( void ) +int main(void) { - ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - cipher_examples( ); + ASSERT(psa_crypto_init() == PSA_SUCCESS); + cipher_examples(); exit: - mbedtls_psa_crypto_free( ); - return( 0 ); + mbedtls_psa_crypto_free(); + return 0; } #endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_AES_C && MBEDTLS_CIPHER_MODE_CBC && MBEDTLS_CIPHER_MODE_CTR && MBEDTLS_CIPHER_MODE_WITH_PADDING */ diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index bc1cd123ab2c..aa0a54b07f05 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -69,47 +69,47 @@ !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \ !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) || \ defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) -int main( void ) +int main(void) { - printf( "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " - "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " - "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO " - "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER " - "defined.\n" ); - return( 0 ); + printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " + "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " + "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO " + "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER " + "defined.\n"); + return 0; } #else /* The real program starts here. */ /* Run a system function and bail out if it fails. */ -#define SYS_CHECK( expr ) \ +#define SYS_CHECK(expr) \ do \ { \ - if( ! ( expr ) ) \ + if (!(expr)) \ { \ - perror( #expr ); \ + perror( #expr); \ status = DEMO_ERROR; \ goto exit; \ } \ } \ - while( 0 ) + while (0) /* Run a PSA function and bail out if it fails. */ -#define PSA_CHECK( expr ) \ +#define PSA_CHECK(expr) \ do \ { \ - status = ( expr ); \ - if( status != PSA_SUCCESS ) \ + status = (expr); \ + if (status != PSA_SUCCESS) \ { \ - printf( "Error %d at line %d: %s\n", \ - (int) status, \ - __LINE__, \ - #expr ); \ + printf("Error %d at line %d: %s\n", \ + (int) status, \ + __LINE__, \ + #expr); \ goto exit; \ } \ } \ - while( 0 ) + while (0) /* To report operational errors in this program, use an error code that is * different from every PSA error code. */ @@ -119,19 +119,19 @@ int main( void ) #define MAX_LADDER_DEPTH 10 /* Salt to use when deriving an intermediate key. */ -#define DERIVE_KEY_SALT ( (uint8_t *) "key_ladder_demo.derive" ) -#define DERIVE_KEY_SALT_LENGTH ( strlen( (const char*) DERIVE_KEY_SALT ) ) +#define DERIVE_KEY_SALT ((uint8_t *) "key_ladder_demo.derive") +#define DERIVE_KEY_SALT_LENGTH (strlen((const char *) DERIVE_KEY_SALT)) /* Salt to use when deriving a wrapping key. */ -#define WRAPPING_KEY_SALT ( (uint8_t *) "key_ladder_demo.wrap" ) -#define WRAPPING_KEY_SALT_LENGTH ( strlen( (const char*) WRAPPING_KEY_SALT ) ) +#define WRAPPING_KEY_SALT ((uint8_t *) "key_ladder_demo.wrap") +#define WRAPPING_KEY_SALT_LENGTH (strlen((const char *) WRAPPING_KEY_SALT)) /* Size of the key derivation keys (applies both to the master key and * to intermediate keys). */ #define KEY_SIZE_BYTES 40 /* Algorithm for key derivation. */ -#define KDF_ALG PSA_ALG_HKDF( PSA_ALG_SHA_256 ) +#define KDF_ALG PSA_ALG_HKDF(PSA_ALG_SHA_256) /* Type and size of the key used to wrap data. */ #define WRAPPING_KEY_TYPE PSA_KEY_TYPE_AES @@ -148,9 +148,8 @@ int main( void ) * integer sizes and endianness, because the data is meant to be read * back by the same program on the same machine. */ #define WRAPPED_DATA_MAGIC "key_ladder_demo" // including trailing null byte -#define WRAPPED_DATA_MAGIC_LENGTH ( sizeof( WRAPPED_DATA_MAGIC ) ) -typedef struct -{ +#define WRAPPED_DATA_MAGIC_LENGTH (sizeof(WRAPPED_DATA_MAGIC)) +typedef struct { char magic[WRAPPED_DATA_MAGIC_LENGTH]; size_t ad_size; /* Size of the additional data, which is this header. */ size_t payload_size; /* Size of the encrypted data. */ @@ -159,8 +158,7 @@ typedef struct } wrapped_data_header_t; /* The modes that this program can operate in (see usage). */ -enum program_mode -{ +enum program_mode { MODE_GENERATE, MODE_SAVE, MODE_UNWRAP, @@ -169,26 +167,27 @@ enum program_mode /* Save a key to a file. In the real world, you may want to export a derived * key sometimes, to share it with another party. */ -static psa_status_t save_key( psa_key_id_t key, - const char *output_file_name ) +static psa_status_t save_key(psa_key_id_t key, + const char *output_file_name) { psa_status_t status = PSA_SUCCESS; uint8_t key_data[KEY_SIZE_BYTES]; size_t key_size; FILE *key_file = NULL; - PSA_CHECK( psa_export_key( key, - key_data, sizeof( key_data ), - &key_size ) ); - SYS_CHECK( ( key_file = fopen( output_file_name, "wb" ) ) != NULL ); - SYS_CHECK( fwrite( key_data, 1, key_size, key_file ) == key_size ); - SYS_CHECK( fclose( key_file ) == 0 ); + PSA_CHECK(psa_export_key(key, + key_data, sizeof(key_data), + &key_size)); + SYS_CHECK((key_file = fopen(output_file_name, "wb")) != NULL); + SYS_CHECK(fwrite(key_data, 1, key_size, key_file) == key_size); + SYS_CHECK(fclose(key_file) == 0); key_file = NULL; exit: - if( key_file != NULL) - fclose( key_file ); - return( status ); + if (key_file != NULL) { + fclose(key_file); + } + return status; } /* Generate a master key for use in this demo. @@ -196,25 +195,25 @@ static psa_status_t save_key( psa_key_id_t key, * Normally a master key would be non-exportable. For the purpose of this * demo, we want to save it to a file, to avoid relying on the keystore * capability of the PSA crypto library. */ -static psa_status_t generate( const char *key_file_name ) +static psa_status_t generate(const char *key_file_name) { psa_status_t status = PSA_SUCCESS; psa_key_id_t key = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, KDF_ALG ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, KDF_ALG); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); + psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(KEY_SIZE_BYTES)); - PSA_CHECK( psa_generate_key( &attributes, &key ) ); + PSA_CHECK(psa_generate_key(&attributes, &key)); - PSA_CHECK( save_key( key, key_file_name ) ); + PSA_CHECK(save_key(key, key_file_name)); exit: - (void) psa_destroy_key( key ); - return( status ); + (void) psa_destroy_key(key); + return status; } /* Load the master key from a file. @@ -222,10 +221,10 @@ static psa_status_t generate( const char *key_file_name ) * In the real world, this master key would be stored in an internal memory * and the storage would be managed by the keystore capability of the PSA * crypto library. */ -static psa_status_t import_key_from_file( psa_key_usage_t usage, - psa_algorithm_t alg, - const char *key_file_name, - psa_key_id_t *master_key ) +static psa_status_t import_key_from_file(psa_key_usage_t usage, + psa_algorithm_t alg, + const char *key_file_name, + psa_key_id_t *master_key) { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -234,36 +233,35 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, FILE *key_file = NULL; unsigned char extra_byte; - SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL ); - SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ), - key_file ) ) != 0 ); - if( fread( &extra_byte, 1, 1, key_file ) != 0 ) - { - printf( "Key file too large (max: %u).\n", - (unsigned) sizeof( key_data ) ); + SYS_CHECK((key_file = fopen(key_file_name, "rb")) != NULL); + SYS_CHECK((key_size = fread(key_data, 1, sizeof(key_data), + key_file)) != 0); + if (fread(&extra_byte, 1, 1, key_file) != 0) { + printf("Key file too large (max: %u).\n", + (unsigned) sizeof(key_data)); status = DEMO_ERROR; goto exit; } - SYS_CHECK( fclose( key_file ) == 0 ); + SYS_CHECK(fclose(key_file) == 0); key_file = NULL; - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_CHECK( psa_import_key( &attributes, key_data, key_size, master_key ) ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); + PSA_CHECK(psa_import_key(&attributes, key_data, key_size, master_key)); exit: - if( key_file != NULL ) - fclose( key_file ); - mbedtls_platform_zeroize( key_data, sizeof( key_data ) ); - if( status != PSA_SUCCESS ) - { + if (key_file != NULL) { + fclose(key_file); + } + mbedtls_platform_zeroize(key_data, sizeof(key_data)); + if (status != PSA_SUCCESS) { /* If the key creation hasn't happened yet or has failed, * *master_key is null. psa_destroy_key( 0 ) is * guaranteed to do nothing and return PSA_SUCCESS. */ - (void) psa_destroy_key( *master_key ); + (void) psa_destroy_key(*master_key); *master_key = 0; } - return( status ); + return status; } /* Derive the intermediate keys, using the list of labels provided on @@ -271,60 +269,58 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, * This function destroys the master key. On successful output, *key * is the identifier of the final derived key. */ -static psa_status_t derive_key_ladder( const char *ladder[], - size_t ladder_depth, - psa_key_id_t *key ) +static psa_status_t derive_key_ladder(const char *ladder[], + size_t ladder_depth, + psa_key_id_t *key) { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; size_t i; - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, KDF_ALG ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, KDF_ALG); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); + psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(KEY_SIZE_BYTES)); /* For each label in turn, ... */ - for( i = 0; i < ladder_depth; i++ ) - { + for (i = 0; i < ladder_depth; i++) { /* Start deriving material from the master key (if i=0) or from * the current intermediate key (if i>0). */ - PSA_CHECK( psa_key_derivation_setup( &operation, KDF_ALG ) ); - PSA_CHECK( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_SALT, - DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH ) ); - PSA_CHECK( psa_key_derivation_input_key( - &operation, PSA_KEY_DERIVATION_INPUT_SECRET, - *key ) ); - PSA_CHECK( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_INFO, - (uint8_t*) ladder[i], strlen( ladder[i] ) ) ); + PSA_CHECK(psa_key_derivation_setup(&operation, KDF_ALG)); + PSA_CHECK(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_SALT, + DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH)); + PSA_CHECK(psa_key_derivation_input_key( + &operation, PSA_KEY_DERIVATION_INPUT_SECRET, + *key)); + PSA_CHECK(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + (uint8_t *) ladder[i], strlen(ladder[i]))); /* When the parent key is not the master key, destroy it, * since it is no longer needed. */ - PSA_CHECK( psa_destroy_key( *key ) ); + PSA_CHECK(psa_destroy_key(*key)); *key = 0; /* Derive the next intermediate key from the parent key. */ - PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation, - key ) ); - PSA_CHECK( psa_key_derivation_abort( &operation ) ); + PSA_CHECK(psa_key_derivation_output_key(&attributes, &operation, + key)); + PSA_CHECK(psa_key_derivation_abort(&operation)); } exit: - psa_key_derivation_abort( &operation ); - if( status != PSA_SUCCESS ) - { - psa_destroy_key( *key ); + psa_key_derivation_abort(&operation); + if (status != PSA_SUCCESS) { + psa_destroy_key(*key); *key = 0; } - return( status ); + return status; } /* Derive a wrapping key from the last intermediate key. */ -static psa_status_t derive_wrapping_key( psa_key_usage_t usage, - psa_key_id_t derived_key, - psa_key_id_t *wrapping_key ) +static psa_status_t derive_wrapping_key(psa_key_usage_t usage, + psa_key_id_t derived_key, + psa_key_id_t *wrapping_key) { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -334,33 +330,33 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, /* Set up a key derivation operation from the key derived from * the master key. */ - PSA_CHECK( psa_key_derivation_setup( &operation, KDF_ALG ) ); - PSA_CHECK( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_SALT, - WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH ) ); - PSA_CHECK( psa_key_derivation_input_key( - &operation, PSA_KEY_DERIVATION_INPUT_SECRET, - derived_key ) ); - PSA_CHECK( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_INFO, - NULL, 0 ) ); + PSA_CHECK(psa_key_derivation_setup(&operation, KDF_ALG)); + PSA_CHECK(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_SALT, + WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH)); + PSA_CHECK(psa_key_derivation_input_key( + &operation, PSA_KEY_DERIVATION_INPUT_SECRET, + derived_key)); + PSA_CHECK(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + NULL, 0)); /* Create the wrapping key. */ - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, WRAPPING_ALG ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - psa_set_key_bits( &attributes, WRAPPING_KEY_BITS ); - PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation, - wrapping_key ) ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, WRAPPING_ALG); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, WRAPPING_KEY_BITS); + PSA_CHECK(psa_key_derivation_output_key(&attributes, &operation, + wrapping_key)); exit: - psa_key_derivation_abort( &operation ); - return( status ); + psa_key_derivation_abort(&operation); + return status; } -static psa_status_t wrap_data( const char *input_file_name, - const char *output_file_name, - psa_key_id_t wrapping_key ) +static psa_status_t wrap_data(const char *input_file_name, + const char *output_file_name, + psa_key_id_t wrapping_key) { psa_status_t status; FILE *input_file = NULL; @@ -375,74 +371,75 @@ static psa_status_t wrap_data( const char *input_file_name, wrapped_data_header_t header; /* Find the size of the data to wrap. */ - SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL ); - SYS_CHECK( fseek( input_file, 0, SEEK_END ) == 0 ); - SYS_CHECK( ( input_position = ftell( input_file ) ) != -1 ); + SYS_CHECK((input_file = fopen(input_file_name, "rb")) != NULL); + SYS_CHECK(fseek(input_file, 0, SEEK_END) == 0); + SYS_CHECK((input_position = ftell(input_file)) != -1); #if LONG_MAX > SIZE_MAX - if( input_position > SIZE_MAX ) - { - printf( "Input file too large.\n" ); + if (input_position > SIZE_MAX) { + printf("Input file too large.\n"); status = DEMO_ERROR; goto exit; } #endif input_size = input_position; - PSA_CHECK( psa_get_key_attributes( wrapping_key, &attributes ) ); - key_type = psa_get_key_type( &attributes ); + PSA_CHECK(psa_get_key_attributes(wrapping_key, &attributes)); + key_type = psa_get_key_type(&attributes); buffer_size = - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, WRAPPING_ALG, input_size ); + PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, WRAPPING_ALG, input_size); /* Check for integer overflow. */ - if( buffer_size < input_size ) - { - printf( "Input file too large.\n" ); + if (buffer_size < input_size) { + printf("Input file too large.\n"); status = DEMO_ERROR; goto exit; } /* Load the data to wrap. */ - SYS_CHECK( fseek( input_file, 0, SEEK_SET ) == 0 ); - SYS_CHECK( ( buffer = calloc( 1, buffer_size ) ) != NULL ); - SYS_CHECK( fread( buffer, 1, input_size, input_file ) == input_size ); - SYS_CHECK( fclose( input_file ) == 0 ); + SYS_CHECK(fseek(input_file, 0, SEEK_SET) == 0); + SYS_CHECK((buffer = calloc(1, buffer_size)) != NULL); + SYS_CHECK(fread(buffer, 1, input_size, input_file) == input_size); + SYS_CHECK(fclose(input_file) == 0); input_file = NULL; /* Construct a header. */ - memcpy( &header.magic, WRAPPED_DATA_MAGIC, WRAPPED_DATA_MAGIC_LENGTH ); - header.ad_size = sizeof( header ); + memcpy(&header.magic, WRAPPED_DATA_MAGIC, WRAPPED_DATA_MAGIC_LENGTH); + header.ad_size = sizeof(header); header.payload_size = input_size; /* Wrap the data. */ - PSA_CHECK( psa_generate_random( header.iv, WRAPPING_IV_SIZE ) ); - PSA_CHECK( psa_aead_encrypt( wrapping_key, WRAPPING_ALG, - header.iv, WRAPPING_IV_SIZE, - (uint8_t *) &header, sizeof( header ), - buffer, input_size, - buffer, buffer_size, - &ciphertext_size ) ); + PSA_CHECK(psa_generate_random(header.iv, WRAPPING_IV_SIZE)); + PSA_CHECK(psa_aead_encrypt(wrapping_key, WRAPPING_ALG, + header.iv, WRAPPING_IV_SIZE, + (uint8_t *) &header, sizeof(header), + buffer, input_size, + buffer, buffer_size, + &ciphertext_size)); /* Write the output. */ - SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL ); - SYS_CHECK( fwrite( &header, 1, sizeof( header ), - output_file ) == sizeof( header ) ); - SYS_CHECK( fwrite( buffer, 1, ciphertext_size, - output_file ) == ciphertext_size ); - SYS_CHECK( fclose( output_file ) == 0 ); + SYS_CHECK((output_file = fopen(output_file_name, "wb")) != NULL); + SYS_CHECK(fwrite(&header, 1, sizeof(header), + output_file) == sizeof(header)); + SYS_CHECK(fwrite(buffer, 1, ciphertext_size, + output_file) == ciphertext_size); + SYS_CHECK(fclose(output_file) == 0); output_file = NULL; exit: - if( input_file != NULL ) - fclose( input_file ); - if( output_file != NULL ) - fclose( output_file ); - if( buffer != NULL ) - mbedtls_platform_zeroize( buffer, buffer_size ); - free( buffer ); - return( status ); + if (input_file != NULL) { + fclose(input_file); + } + if (output_file != NULL) { + fclose(output_file); + } + if (buffer != NULL) { + mbedtls_platform_zeroize(buffer, buffer_size); + } + free(buffer); + return status; } -static psa_status_t unwrap_data( const char *input_file_name, - const char *output_file_name, - psa_key_id_t wrapping_key ) +static psa_status_t unwrap_data(const char *input_file_name, + const char *output_file_name, + psa_key_id_t wrapping_key) { psa_status_t status; FILE *input_file = NULL; @@ -456,124 +453,122 @@ static psa_status_t unwrap_data( const char *input_file_name, unsigned char extra_byte; /* Load and validate the header. */ - SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL ); - SYS_CHECK( fread( &header, 1, sizeof( header ), - input_file ) == sizeof( header ) ); - if( memcmp( &header.magic, WRAPPED_DATA_MAGIC, - WRAPPED_DATA_MAGIC_LENGTH ) != 0 ) - { - printf( "The input does not start with a valid magic header.\n" ); + SYS_CHECK((input_file = fopen(input_file_name, "rb")) != NULL); + SYS_CHECK(fread(&header, 1, sizeof(header), + input_file) == sizeof(header)); + if (memcmp(&header.magic, WRAPPED_DATA_MAGIC, + WRAPPED_DATA_MAGIC_LENGTH) != 0) { + printf("The input does not start with a valid magic header.\n"); status = DEMO_ERROR; goto exit; } - if( header.ad_size != sizeof( header ) ) - { - printf( "The header size is not correct.\n" ); + if (header.ad_size != sizeof(header)) { + printf("The header size is not correct.\n"); status = DEMO_ERROR; goto exit; } - PSA_CHECK( psa_get_key_attributes( wrapping_key, &attributes) ); - key_type = psa_get_key_type( &attributes); + PSA_CHECK(psa_get_key_attributes(wrapping_key, &attributes)); + key_type = psa_get_key_type(&attributes); ciphertext_size = - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, WRAPPING_ALG, header.payload_size ); + PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, WRAPPING_ALG, header.payload_size); /* Check for integer overflow. */ - if( ciphertext_size < header.payload_size ) - { - printf( "Input file too large.\n" ); + if (ciphertext_size < header.payload_size) { + printf("Input file too large.\n"); status = DEMO_ERROR; goto exit; } /* Load the payload data. */ - SYS_CHECK( ( buffer = calloc( 1, ciphertext_size ) ) != NULL ); - SYS_CHECK( fread( buffer, 1, ciphertext_size, - input_file ) == ciphertext_size ); - if( fread( &extra_byte, 1, 1, input_file ) != 0 ) - { - printf( "Extra garbage after ciphertext\n" ); + SYS_CHECK((buffer = calloc(1, ciphertext_size)) != NULL); + SYS_CHECK(fread(buffer, 1, ciphertext_size, + input_file) == ciphertext_size); + if (fread(&extra_byte, 1, 1, input_file) != 0) { + printf("Extra garbage after ciphertext\n"); status = DEMO_ERROR; goto exit; } - SYS_CHECK( fclose( input_file ) == 0 ); + SYS_CHECK(fclose(input_file) == 0); input_file = NULL; /* Unwrap the data. */ - PSA_CHECK( psa_aead_decrypt( wrapping_key, WRAPPING_ALG, - header.iv, WRAPPING_IV_SIZE, - (uint8_t *) &header, sizeof( header ), - buffer, ciphertext_size, - buffer, ciphertext_size, - &plaintext_size ) ); - if( plaintext_size != header.payload_size ) - { - printf( "Incorrect payload size in the header.\n" ); + PSA_CHECK(psa_aead_decrypt(wrapping_key, WRAPPING_ALG, + header.iv, WRAPPING_IV_SIZE, + (uint8_t *) &header, sizeof(header), + buffer, ciphertext_size, + buffer, ciphertext_size, + &plaintext_size)); + if (plaintext_size != header.payload_size) { + printf("Incorrect payload size in the header.\n"); status = DEMO_ERROR; goto exit; } /* Write the output. */ - SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL ); - SYS_CHECK( fwrite( buffer, 1, plaintext_size, - output_file ) == plaintext_size ); - SYS_CHECK( fclose( output_file ) == 0 ); + SYS_CHECK((output_file = fopen(output_file_name, "wb")) != NULL); + SYS_CHECK(fwrite(buffer, 1, plaintext_size, + output_file) == plaintext_size); + SYS_CHECK(fclose(output_file) == 0); output_file = NULL; exit: - if( input_file != NULL ) - fclose( input_file ); - if( output_file != NULL ) - fclose( output_file ); - if( buffer != NULL ) - mbedtls_platform_zeroize( buffer, ciphertext_size ); - free( buffer ); - return( status ); + if (input_file != NULL) { + fclose(input_file); + } + if (output_file != NULL) { + fclose(output_file); + } + if (buffer != NULL) { + mbedtls_platform_zeroize(buffer, ciphertext_size); + } + free(buffer); + return status; } -static psa_status_t run( enum program_mode mode, - const char *key_file_name, - const char *ladder[], size_t ladder_depth, - const char *input_file_name, - const char *output_file_name ) +static psa_status_t run(enum program_mode mode, + const char *key_file_name, + const char *ladder[], size_t ladder_depth, + const char *input_file_name, + const char *output_file_name) { psa_status_t status = PSA_SUCCESS; psa_key_id_t derivation_key = 0; psa_key_id_t wrapping_key = 0; /* Initialize the PSA crypto library. */ - PSA_CHECK( psa_crypto_init( ) ); + PSA_CHECK(psa_crypto_init()); /* Generate mode is unlike the others. Generate the master key and exit. */ - if( mode == MODE_GENERATE ) - return( generate( key_file_name ) ); + if (mode == MODE_GENERATE) { + return generate(key_file_name); + } /* Read the master key. */ - PSA_CHECK( import_key_from_file( PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, - KDF_ALG, - key_file_name, - &derivation_key ) ); + PSA_CHECK(import_key_from_file(PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, + KDF_ALG, + key_file_name, + &derivation_key)); /* Calculate the derived key for this session. */ - PSA_CHECK( derive_key_ladder( ladder, ladder_depth, - &derivation_key ) ); + PSA_CHECK(derive_key_ladder(ladder, ladder_depth, + &derivation_key)); - switch( mode ) - { + switch (mode) { case MODE_SAVE: - PSA_CHECK( save_key( derivation_key, output_file_name ) ); + PSA_CHECK(save_key(derivation_key, output_file_name)); break; case MODE_UNWRAP: - PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT, - derivation_key, - &wrapping_key ) ); - PSA_CHECK( unwrap_data( input_file_name, output_file_name, - wrapping_key ) ); + PSA_CHECK(derive_wrapping_key(PSA_KEY_USAGE_DECRYPT, + derivation_key, + &wrapping_key)); + PSA_CHECK(unwrap_data(input_file_name, output_file_name, + wrapping_key)); break; case MODE_WRAP: - PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT, - derivation_key, - &wrapping_key ) ); - PSA_CHECK( wrap_data( input_file_name, output_file_name, - wrapping_key ) ); + PSA_CHECK(derive_wrapping_key(PSA_KEY_USAGE_ENCRYPT, + derivation_key, + &wrapping_key)); + PSA_CHECK(wrap_data(input_file_name, output_file_name, + wrapping_key)); break; default: /* Unreachable but some compilers don't realize it. */ @@ -584,35 +579,35 @@ static psa_status_t run( enum program_mode mode, /* Destroy any remaining key. Deinitializing the crypto library would do * this anyway since they are volatile keys, but explicitly destroying * keys makes the code easier to reuse. */ - (void) psa_destroy_key( derivation_key ); - (void) psa_destroy_key( wrapping_key ); + (void) psa_destroy_key(derivation_key); + (void) psa_destroy_key(wrapping_key); /* Deinitialize the PSA crypto library. */ - mbedtls_psa_crypto_free( ); - return( status ); + mbedtls_psa_crypto_free(); + return status; } -static void usage( void ) +static void usage(void) { - printf( "Usage: key_ladder_demo MODE [OPTION=VALUE]...\n" ); - printf( "Demonstrate the usage of a key derivation ladder.\n" ); - printf( "\n" ); - printf( "Modes:\n" ); - printf( " generate Generate the master key\n" ); - printf( " save Save the derived key\n" ); - printf( " unwrap Unwrap (decrypt) input with the derived key\n" ); - printf( " wrap Wrap (encrypt) input with the derived key\n" ); - printf( "\n" ); - printf( "Options:\n" ); - printf( " input=FILENAME Input file (required for wrap/unwrap)\n" ); - printf( " master=FILENAME File containing the master key (default: master.key)\n" ); - printf( " output=FILENAME Output file (required for save/wrap/unwrap)\n" ); - printf( " label=TEXT Label for the key derivation.\n" ); - printf( " This may be repeated multiple times.\n" ); - printf( " To get the same key, you must use the same master key\n" ); - printf( " and the same sequence of labels.\n" ); + printf("Usage: key_ladder_demo MODE [OPTION=VALUE]...\n"); + printf("Demonstrate the usage of a key derivation ladder.\n"); + printf("\n"); + printf("Modes:\n"); + printf(" generate Generate the master key\n"); + printf(" save Save the derived key\n"); + printf(" unwrap Unwrap (decrypt) input with the derived key\n"); + printf(" wrap Wrap (encrypt) input with the derived key\n"); + printf("\n"); + printf("Options:\n"); + printf(" input=FILENAME Input file (required for wrap/unwrap)\n"); + printf(" master=FILENAME File containing the master key (default: master.key)\n"); + printf(" output=FILENAME Output file (required for save/wrap/unwrap)\n"); + printf(" label=TEXT Label for the key derivation.\n"); + printf(" This may be repeated multiple times.\n"); + printf(" To get the same key, you must use the same master key\n"); + printf(" and the same sequence of labels.\n"); } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { const char *key_file_name = "master.key"; const char *input_file_name = NULL; @@ -623,86 +618,76 @@ int main( int argc, char *argv[] ) enum program_mode mode; psa_status_t status; - if( argc <= 1 || - strcmp( argv[1], "help" ) == 0 || - strcmp( argv[1], "-help" ) == 0 || - strcmp( argv[1], "--help" ) == 0 ) - { - usage( ); - return( EXIT_SUCCESS ); + if (argc <= 1 || + strcmp(argv[1], "help") == 0 || + strcmp(argv[1], "-help") == 0 || + strcmp(argv[1], "--help") == 0) { + usage(); + return EXIT_SUCCESS; } - for( i = 2; i < argc; i++ ) - { - char *q = strchr( argv[i], '=' ); - if( q == NULL ) - { - printf( "Missing argument to option %s\n", argv[i] ); + for (i = 2; i < argc; i++) { + char *q = strchr(argv[i], '='); + if (q == NULL) { + printf("Missing argument to option %s\n", argv[i]); goto usage_failure; } *q = 0; ++q; - if( strcmp( argv[i], "input" ) == 0 ) + if (strcmp(argv[i], "input") == 0) { input_file_name = q; - else if( strcmp( argv[i], "label" ) == 0 ) - { - if( ladder_depth == MAX_LADDER_DEPTH ) - { - printf( "Maximum ladder depth %u exceeded.\n", - (unsigned) MAX_LADDER_DEPTH ); - return( EXIT_FAILURE ); + } else if (strcmp(argv[i], "label") == 0) { + if (ladder_depth == MAX_LADDER_DEPTH) { + printf("Maximum ladder depth %u exceeded.\n", + (unsigned) MAX_LADDER_DEPTH); + return EXIT_FAILURE; } ladder[ladder_depth] = q; ++ladder_depth; - } - else if( strcmp( argv[i], "master" ) == 0 ) + } else if (strcmp(argv[i], "master") == 0) { key_file_name = q; - else if( strcmp( argv[i], "output" ) == 0 ) + } else if (strcmp(argv[i], "output") == 0) { output_file_name = q; - else - { - printf( "Unknown option: %s\n", argv[i] ); + } else { + printf("Unknown option: %s\n", argv[i]); goto usage_failure; } } - if( strcmp( argv[1], "generate" ) == 0 ) + if (strcmp(argv[1], "generate") == 0) { mode = MODE_GENERATE; - else if( strcmp( argv[1], "save" ) == 0 ) + } else if (strcmp(argv[1], "save") == 0) { mode = MODE_SAVE; - else if( strcmp( argv[1], "unwrap" ) == 0 ) + } else if (strcmp(argv[1], "unwrap") == 0) { mode = MODE_UNWRAP; - else if( strcmp( argv[1], "wrap" ) == 0 ) + } else if (strcmp(argv[1], "wrap") == 0) { mode = MODE_WRAP; - else - { - printf( "Unknown action: %s\n", argv[1] ); + } else { + printf("Unknown action: %s\n", argv[1]); goto usage_failure; } - if( input_file_name == NULL && - ( mode == MODE_WRAP || mode == MODE_UNWRAP ) ) - { - printf( "Required argument missing: input\n" ); - return( DEMO_ERROR ); + if (input_file_name == NULL && + (mode == MODE_WRAP || mode == MODE_UNWRAP)) { + printf("Required argument missing: input\n"); + return DEMO_ERROR; } - if( output_file_name == NULL && - ( mode == MODE_SAVE || mode == MODE_WRAP || mode == MODE_UNWRAP ) ) - { - printf( "Required argument missing: output\n" ); - return( DEMO_ERROR ); + if (output_file_name == NULL && + (mode == MODE_SAVE || mode == MODE_WRAP || mode == MODE_UNWRAP)) { + printf("Required argument missing: output\n"); + return DEMO_ERROR; } - status = run( mode, key_file_name, - ladder, ladder_depth, - input_file_name, output_file_name ); - return( status == PSA_SUCCESS ? - EXIT_SUCCESS : - EXIT_FAILURE ); + status = run(mode, key_file_name, + ladder, ladder_depth, + input_file_name, output_file_name); + return status == PSA_SUCCESS ? + EXIT_SUCCESS : + EXIT_FAILURE; usage_failure: - usage( ); - return( EXIT_FAILURE ); + usage(); + return EXIT_FAILURE; } #endif /* MBEDTLS_SHA256_C && MBEDTLS_MD_C && MBEDTLS_AES_C && MBEDTLS_CCM_C && diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index 14d449441cee..842215513689 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -26,29 +26,29 @@ /* This block is present to support Visual Studio builds prior to 2015 */ #if defined(_MSC_VER) && _MSC_VER < 1900 #include -int snprintf( char *s, size_t n, const char *fmt, ... ) +int snprintf(char *s, size_t n, const char *fmt, ...) { int ret; va_list argp; /* Avoid calling the invalid parameter handler by checking ourselves */ - if( s == NULL || n == 0 || fmt == NULL ) - return( -1 ); + if (s == NULL || n == 0 || fmt == NULL) { + return -1; + } - va_start( argp, fmt ); + va_start(argp, fmt); #if defined(_TRUNCATE) && !defined(__MINGW32__) - ret = _vsnprintf_s( s, n, _TRUNCATE, fmt, argp ); + ret = _vsnprintf_s(s, n, _TRUNCATE, fmt, argp); #else - ret = _vsnprintf( s, n, fmt, argp ); - if( ret < 0 || (size_t) ret == n ) - { + ret = _vsnprintf(s, n, fmt, argp); + if (ret < 0 || (size_t) ret == n) { s[n-1] = '\0'; ret = -1; } #endif - va_end( argp ); + va_end(argp); - return( ret ); + return ret; } #endif @@ -75,7 +75,9 @@ static void append_integer(char **buffer, size_t buffer_size, unsigned long value) { size_t n = snprintf(*buffer, buffer_size - *required_size, format, value); - if (n < buffer_size - *required_size) *buffer += n; + if (n < buffer_size - *required_size) { + *buffer += n; + } *required_size += n; } @@ -294,8 +296,7 @@ int main(int argc, char *argv[]) { if (argc <= 1 || !strcmp(argv[1], "help") || - !strcmp(argv[1], "--help")) - { + !strcmp(argv[1], "--help")) { usage(argv[0]); return EXIT_FAILURE; } diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c index 5d742b2e0a74..0fe6a5ddd7e2 100644 --- a/programs/random/gen_entropy.c +++ b/programs/random/gen_entropy.c @@ -32,15 +32,15 @@ #endif #if !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int i, k, ret = 1; @@ -48,45 +48,44 @@ int main( int argc, char *argv[] ) mbedtls_entropy_context entropy; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - if( argc < 2 ) - { - mbedtls_fprintf( stderr, "usage: %s \n", argv[0] ); - mbedtls_exit( exit_code ); + if (argc < 2) { + mbedtls_fprintf(stderr, "usage: %s \n", argv[0]); + mbedtls_exit(exit_code); } - if( ( f = fopen( argv[1], "wb+" ) ) == NULL ) - { - mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] ); - mbedtls_exit( exit_code ); + if ((f = fopen(argv[1], "wb+")) == NULL) { + mbedtls_printf("failed to open '%s' for writing.\n", argv[1]); + mbedtls_exit(exit_code); } - mbedtls_entropy_init( &entropy ); + mbedtls_entropy_init(&entropy); - for( i = 0, k = 768; i < k; i++ ) - { - ret = mbedtls_entropy_func( &entropy, buf, sizeof( buf ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_entropy_func returned -%04X\n", - (unsigned int) ret ); + for (i = 0, k = 768; i < k; i++) { + ret = mbedtls_entropy_func(&entropy, buf, sizeof(buf)); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_entropy_func returned -%04X\n", + (unsigned int) ret); goto cleanup; } - fwrite( buf, 1, sizeof( buf ), f ); + fwrite(buf, 1, sizeof(buf), f); - mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \ - "%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k ); - fflush( stdout ); + mbedtls_printf("Generating %ldkb of data in file '%s'... %04.1f" \ + "%% done\r", + (long) (sizeof(buf) * k / 1024), + argv[1], + (100 * (float) (i + 1)) / k); + fflush(stdout); } exit_code = MBEDTLS_EXIT_SUCCESS; cleanup: - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); - fclose( f ); - mbedtls_entropy_free( &entropy ); + fclose(f); + mbedtls_entropy_free(&entropy); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_ENTROPY_C */ diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c index 30a3cc18ad36..6cf0512f4ad9 100644 --- a/programs/random/gen_random_ctr_drbg.c +++ b/programs/random/gen_random_ctr_drbg.c @@ -26,7 +26,7 @@ #include "mbedtls/platform.h" #if defined(MBEDTLS_CTR_DRBG_C) && defined(MBEDTLS_ENTROPY_C) && \ - defined(MBEDTLS_FS_IO) + defined(MBEDTLS_FS_IO) #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" @@ -34,16 +34,16 @@ #endif #if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_FS_IO) -int main( void ) + !defined(MBEDTLS_FS_IO) +int main(void) { mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int i, k, ret = 1; @@ -52,63 +52,61 @@ int main( int argc, char *argv[] ) mbedtls_entropy_context entropy; unsigned char buf[1024]; - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_ctr_drbg_init(&ctr_drbg); - if( argc < 2 ) - { - mbedtls_fprintf( stderr, "usage: %s \n", argv[0] ); - mbedtls_exit( exit_code ); + if (argc < 2) { + mbedtls_fprintf(stderr, "usage: %s \n", argv[0]); + mbedtls_exit(exit_code); } - if( ( f = fopen( argv[1], "wb+" ) ) == NULL ) - { - mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] ); - mbedtls_exit( exit_code ); + if ((f = fopen(argv[1], "wb+")) == NULL) { + mbedtls_printf("failed to open '%s' for writing.\n", argv[1]); + mbedtls_exit(exit_code); } - mbedtls_entropy_init( &entropy ); - ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) "RANDOM_GEN", 10 ); - if( ret != 0 ) - { - mbedtls_printf( "failed in mbedtls_ctr_drbg_seed: %d\n", ret ); + mbedtls_entropy_init(&entropy); + ret = mbedtls_ctr_drbg_seed(&ctr_drbg, + mbedtls_entropy_func, + &entropy, + (const unsigned char *) "RANDOM_GEN", + 10); + if (ret != 0) { + mbedtls_printf("failed in mbedtls_ctr_drbg_seed: %d\n", ret); goto cleanup; } - mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_OFF ); + mbedtls_ctr_drbg_set_prediction_resistance(&ctr_drbg, MBEDTLS_CTR_DRBG_PR_OFF); #if defined(MBEDTLS_FS_IO) - ret = mbedtls_ctr_drbg_update_seed_file( &ctr_drbg, "seedfile" ); - - if( ret == MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR ) - { - mbedtls_printf( "Failed to open seedfile. Generating one.\n" ); - ret = mbedtls_ctr_drbg_write_seed_file( &ctr_drbg, "seedfile" ); - if( ret != 0 ) - { - mbedtls_printf( "failed in mbedtls_ctr_drbg_write_seed_file: %d\n", ret ); + ret = mbedtls_ctr_drbg_update_seed_file(&ctr_drbg, "seedfile"); + + if (ret == MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR) { + mbedtls_printf("Failed to open seedfile. Generating one.\n"); + ret = mbedtls_ctr_drbg_write_seed_file(&ctr_drbg, "seedfile"); + if (ret != 0) { + mbedtls_printf("failed in mbedtls_ctr_drbg_write_seed_file: %d\n", ret); goto cleanup; } - } - else if( ret != 0 ) - { - mbedtls_printf( "failed in mbedtls_ctr_drbg_update_seed_file: %d\n", ret ); + } else if (ret != 0) { + mbedtls_printf("failed in mbedtls_ctr_drbg_update_seed_file: %d\n", ret); goto cleanup; } #endif - for( i = 0, k = 768; i < k; i++ ) - { - ret = mbedtls_ctr_drbg_random( &ctr_drbg, buf, sizeof( buf ) ); - if( ret != 0 ) - { + for (i = 0, k = 768; i < k; i++) { + ret = mbedtls_ctr_drbg_random(&ctr_drbg, buf, sizeof(buf)); + if (ret != 0) { mbedtls_printf("failed!\n"); goto cleanup; } - fwrite( buf, 1, sizeof( buf ), f ); + fwrite(buf, 1, sizeof(buf), f); - mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \ - "%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k ); - fflush( stdout ); + mbedtls_printf("Generating %ldkb of data in file '%s'... %04.1f" \ + "%% done\r", + (long) (sizeof(buf) * k / 1024), + argv[1], + (100 * (float) (i + 1)) / k); + fflush(stdout); } exit_code = MBEDTLS_EXIT_SUCCESS; @@ -116,10 +114,10 @@ int main( int argc, char *argv[] ) cleanup: mbedtls_printf("\n"); - fclose( f ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + fclose(f); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C */ diff --git a/programs/random/gen_random_havege.c b/programs/random/gen_random_havege.c index 38eeaafe74d8..ac32b5557ada 100644 --- a/programs/random/gen_random_havege.c +++ b/programs/random/gen_random_havege.c @@ -33,15 +33,15 @@ #endif #if !defined(MBEDTLS_HAVEGE_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_HAVEGE_C not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; time_t t; @@ -50,48 +50,48 @@ int main( int argc, char *argv[] ) mbedtls_havege_state hs; unsigned char buf[1024]; - if( argc < 2 ) - { - mbedtls_fprintf( stderr, "usage: %s \n", argv[0] ); - mbedtls_exit( exit_code ); + if (argc < 2) { + mbedtls_fprintf(stderr, "usage: %s \n", argv[0]); + mbedtls_exit(exit_code); } - if( ( f = fopen( argv[1], "wb+" ) ) == NULL ) - { - mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] ); - mbedtls_exit( exit_code ); + if ((f = fopen(argv[1], "wb+")) == NULL) { + mbedtls_printf("failed to open '%s' for writing.\n", argv[1]); + mbedtls_exit(exit_code); } - mbedtls_havege_init( &hs ); + mbedtls_havege_init(&hs); - t = time( NULL ); + t = time(NULL); - for( i = 0, k = 768; i < k; i++ ) - { - if( ( ret = mbedtls_havege_random( &hs, buf, sizeof( buf ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_havege_random returned -0x%04X", - ( unsigned int ) -ret ); + for (i = 0, k = 768; i < k; i++) { + if ((ret = mbedtls_havege_random(&hs, buf, sizeof(buf))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_havege_random returned -0x%04X", + (unsigned int) -ret); goto exit; } - fwrite( buf, sizeof( buf ), 1, f ); + fwrite(buf, sizeof(buf), 1, f); - mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \ - "%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k ); - fflush( stdout ); + mbedtls_printf("Generating %ldkb of data in file '%s'... %04.1f" \ + "%% done\r", + (long) (sizeof(buf) * k / 1024), + argv[1], + (100 * (float) (i + 1)) / k); + fflush(stdout); } - if( t == time( NULL ) ) + if (t == time(NULL)) { t--; + } mbedtls_printf(" \n "); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_havege_free( &hs ); - fclose( f ); - mbedtls_exit( exit_code ); + mbedtls_havege_free(&hs); + fclose(f); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_HAVEGE_C */ diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index 6b314d8b814e..ad51cbeedf55 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -30,14 +30,14 @@ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " - "MBEDTLS_NET_C and/or MBEDTLS_TIMING_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n" ); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " + "MBEDTLS_NET_C and/or MBEDTLS_TIMING_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n"); + mbedtls_exit(0); } #else @@ -72,17 +72,17 @@ int main( void ) #define DEBUG_LEVEL 0 -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret, len; mbedtls_net_context server_fd; @@ -102,217 +102,213 @@ int main( int argc, char *argv[] ) ((void) argv); #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( DEBUG_LEVEL ); + mbedtls_debug_set_threshold(DEBUG_LEVEL); #endif /* * 0. Initialize the RNG and the session data */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_x509_crt_init( &cacert ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_net_init(&server_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_x509_crt_init(&cacert); + mbedtls_ctr_drbg_init(&ctr_drbg); + + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 0. Load certificates */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); - - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" . Loading the CA root certificate ..."); + fflush(stdout); + + ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf(" ok (%d skipped)\n", ret); /* * 1. Start the connection */ - mbedtls_printf( " . Connecting to udp/%s/%s...", SERVER_NAME, SERVER_PORT ); - fflush( stdout ); + mbedtls_printf(" . Connecting to udp/%s/%s...", SERVER_NAME, SERVER_PORT); + fflush(stdout); - if( ( ret = mbedtls_net_connect( &server_fd, SERVER_ADDR, - SERVER_PORT, MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + if ((ret = mbedtls_net_connect(&server_fd, SERVER_ADDR, + SERVER_PORT, MBEDTLS_NET_PROTO_UDP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Setup stuff */ - mbedtls_printf( " . Setting up the DTLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + mbedtls_printf(" . Setting up the DTLS structure..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_DATAGRAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } /* OPTIONAL is usually a bad choice for security, but makes interop easier * in this simplified example, in which the ca chain is hardcoded. * Production code should set a proper ca chain and use REQUIRED. */ - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - mbedtls_ssl_conf_read_timeout( &conf, READ_TIMEOUT_MS ); - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); + mbedtls_ssl_conf_read_timeout(&conf, READ_TIMEOUT_MS); + + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_set_hostname(&ssl, SERVER_NAME)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret); goto exit; } - mbedtls_ssl_set_bio( &ssl, &server_fd, - mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout ); + mbedtls_ssl_set_bio(&ssl, &server_fd, + mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout); - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay); - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 4. Handshake */ - mbedtls_printf( " . Performing the DTLS handshake..." ); - fflush( stdout ); + mbedtls_printf(" . Performing the DTLS handshake..."); + fflush(stdout); - do ret = mbedtls_ssl_handshake( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_handshake(&ssl); + } while (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 5. Verify the server certificate */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf(" . Verifying peer X.509 certificate..."); /* In real life, we would have used MBEDTLS_SSL_VERIFY_REQUIRED so that the * handshake would not succeed if the peer's cert is bad. Even if we used * MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */ - if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) - { + if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); + mbedtls_printf(" failed\n"); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); + } else { + mbedtls_printf(" ok\n"); } - else - mbedtls_printf( " ok\n" ); /* * 6. Write the echo request */ send_request: - mbedtls_printf( " > Write to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write to server:"); + fflush(stdout); - len = sizeof( MESSAGE ) - 1; + len = sizeof(MESSAGE) - 1; - do ret = mbedtls_ssl_write( &ssl, (unsigned char *) MESSAGE, len ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_write(&ssl, (unsigned char *) MESSAGE, len); + } while (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); goto exit; } len = ret; - mbedtls_printf( " %d bytes written\n\n%s\n\n", len, MESSAGE ); + mbedtls_printf(" %d bytes written\n\n%s\n\n", len, MESSAGE); /* * 7. Read the echo response */ - mbedtls_printf( " < Read from server:" ); - fflush( stdout ); + mbedtls_printf(" < Read from server:"); + fflush(stdout); - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); - do ret = mbedtls_ssl_read( &ssl, buf, len ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_read(&ssl, buf, len); + } while (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_TIMEOUT: - mbedtls_printf( " timeout\n\n" ); - if( retry_left-- > 0 ) + mbedtls_printf(" timeout\n\n"); + if (retry_left-- > 0) { goto send_request; + } goto exit; case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); + mbedtls_printf(" connection was closed gracefully\n"); ret = 0; goto close_notify; default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret); goto exit; } } len = ret; - mbedtls_printf( " %d bytes read\n\n%s\n\n", len, buf ); + mbedtls_printf(" %d bytes read\n\n%s\n\n", len, buf); /* * 8. Done, cleanly close the connection */ close_notify: - mbedtls_printf( " . Closing the connection..." ); + mbedtls_printf(" . Closing the connection..."); /* No error checking, the connection might be closed already */ - do ret = mbedtls_ssl_close_notify( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_close_notify(&ssl); + } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE); ret = 0; - mbedtls_printf( " done\n" ); + mbedtls_printf(" done\n"); /* * 9. Final clean-ups and exit @@ -320,32 +316,32 @@ int main( int argc, char *argv[] ) exit: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf( "Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &server_fd ); + mbedtls_net_free(&server_fd); - mbedtls_x509_crt_free( &cacert ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_x509_crt_free(&cacert); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif /* Shell can not handle large exit numbers -> 1 for errors */ - if( ret < 0 ) + if (ret < 0) { ret = 1; + } - mbedtls_exit( ret ); + mbedtls_exit(ret); } #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C && MBEDTLS_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index ab3fa02b39bc..4310f4e6fa0e 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -41,15 +41,15 @@ !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \ !defined(MBEDTLS_TIMING_C) -int main( void ) +int main(void) { - printf( "MBEDTLS_SSL_SRV_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " - "MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C and/or " - "MBEDTLS_TIMING_C not defined.\n" ); - mbedtls_exit( 0 ); + printf("MBEDTLS_SSL_SRV_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " + "MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C and/or " + "MBEDTLS_TIMING_C not defined.\n"); + mbedtls_exit(0); } #else @@ -80,17 +80,17 @@ int main( void ) #define DEBUG_LEVEL 0 -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -int main( void ) +int main(void) { int ret, len; mbedtls_net_context listen_fd, client_fd; @@ -111,274 +111,260 @@ int main( void ) mbedtls_ssl_cache_context cache; #endif - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_ssl_cookie_init( &cookie_ctx ); + mbedtls_net_init(&listen_fd); + mbedtls_net_init(&client_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_ssl_cookie_init(&cookie_ctx); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init( &cache ); + mbedtls_ssl_cache_init(&cache); #endif - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_x509_crt_init(&srvcert); + mbedtls_pk_init(&pkey); + mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&ctr_drbg); #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( DEBUG_LEVEL ); + mbedtls_debug_set_threshold(DEBUG_LEVEL); #endif /* * 1. Load the certificates and private RSA key */ - printf( "\n . Loading the server cert. and key..." ); - fflush( stdout ); + printf("\n . Loading the server cert. and key..."); + fflush(stdout); /* * This demonstration program uses embedded test certificates. * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). */ - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ); - if( ret != 0 ) - { - printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len); + if (ret != 0) { + printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret != 0 ) - { - printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); + if (ret != 0) { + printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); - if( ret != 0 ) - { - printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); + ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0); + if (ret != 0) { + printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret); goto exit; } - printf( " ok\n" ); + printf(" ok\n"); /* * 2. Setup the "listening" UDP socket */ - printf( " . Bind on udp/*/4433 ..." ); - fflush( stdout ); + printf(" . Bind on udp/*/4433 ..."); + fflush(stdout); - if( ( ret = mbedtls_net_bind( &listen_fd, BIND_IP, "4433", MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + if ((ret = mbedtls_net_bind(&listen_fd, BIND_IP, "4433", MBEDTLS_NET_PROTO_UDP)) != 0) { + printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret); goto exit; } - printf( " ok\n" ); + printf(" ok\n"); /* * 3. Seed the RNG */ - printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + printf(" . Seeding the random number generator..."); + fflush(stdout); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - printf( " ok\n" ); + printf(" ok\n"); /* * 4. Setup stuff */ - printf( " . Setting up the DTLS data..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + printf(" . Setting up the DTLS data..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_DATAGRAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - mbedtls_ssl_conf_read_timeout( &conf, READ_TIMEOUT_MS ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); + mbedtls_ssl_conf_read_timeout(&conf, READ_TIMEOUT_MS); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_conf_session_cache( &conf, &cache, + mbedtls_ssl_conf_session_cache(&conf, &cache, mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set ); + mbedtls_ssl_cache_set); #endif - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) { + printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + printf(" failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret); goto exit; } - mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, - &cookie_ctx ); + mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, + &cookie_ctx); - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); goto exit; } - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay); - printf( " ok\n" ); + printf(" ok\n"); reset: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &client_fd ); + mbedtls_net_free(&client_fd); - mbedtls_ssl_session_reset( &ssl ); + mbedtls_ssl_session_reset(&ssl); /* * 3. Wait until a client connects */ - printf( " . Waiting for a remote connection ..." ); - fflush( stdout ); + printf(" . Waiting for a remote connection ..."); + fflush(stdout); - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 ) - { - printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + client_ip, sizeof(client_ip), &cliip_len)) != 0) { + printf(" failed\n ! mbedtls_net_accept returned %d\n\n", ret); goto exit; } /* For HelloVerifyRequest cookies */ - if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl, - client_ip, cliip_len ) ) != 0 ) - { - printf( " failed\n ! " - "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_set_client_transport_id(&ssl, + client_ip, cliip_len)) != 0) { + printf(" failed\n ! " + "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_ssl_set_bio( &ssl, &client_fd, - mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout ); + mbedtls_ssl_set_bio(&ssl, &client_fd, + mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout); - printf( " ok\n" ); + printf(" ok\n"); /* * 5. Handshake */ - printf( " . Performing the DTLS handshake..." ); - fflush( stdout ); + printf(" . Performing the DTLS handshake..."); + fflush(stdout); - do ret = mbedtls_ssl_handshake( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_handshake(&ssl); + } while (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); - if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) - { - printf( " hello verification requested\n" ); + if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) { + printf(" hello verification requested\n"); ret = 0; goto reset; - } - else if( ret != 0 ) - { - printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret ); + } else if (ret != 0) { + printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret); goto reset; } - printf( " ok\n" ); + printf(" ok\n"); /* * 6. Read the echo Request */ - printf( " < Read from client:" ); - fflush( stdout ); + printf(" < Read from client:"); + fflush(stdout); - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); - do ret = mbedtls_ssl_read( &ssl, buf, len ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_read(&ssl, buf, len); + } while (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_TIMEOUT: - printf( " timeout\n\n" ); + printf(" timeout\n\n"); goto reset; case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - printf( " connection was closed gracefully\n" ); + printf(" connection was closed gracefully\n"); ret = 0; goto close_notify; default: - printf( " mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret ); + printf(" mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret); goto reset; } } len = ret; - printf( " %d bytes read\n\n%s\n\n", len, buf ); + printf(" %d bytes read\n\n%s\n\n", len, buf); /* * 7. Write the 200 Response */ - printf( " > Write to client:" ); - fflush( stdout ); + printf(" > Write to client:"); + fflush(stdout); - do ret = mbedtls_ssl_write( &ssl, buf, len ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_write(&ssl, buf, len); + } while (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); - if( ret < 0 ) - { - printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + if (ret < 0) { + printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); goto exit; } len = ret; - printf( " %d bytes written\n\n%s\n\n", len, buf ); + printf(" %d bytes written\n\n%s\n\n", len, buf); /* * 8. Done, cleanly close the connection */ close_notify: - printf( " . Closing the connection..." ); + printf(" . Closing the connection..."); /* No error checking, the connection might be closed already */ - do ret = mbedtls_ssl_close_notify( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_close_notify(&ssl); + } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE); ret = 0; - printf( " done\n" ); + printf(" done\n"); goto reset; @@ -388,38 +374,38 @@ int main( void ) exit: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - printf( "Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); + mbedtls_net_free(&client_fd); + mbedtls_net_free(&listen_fd); - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_cookie_free( &cookie_ctx ); + mbedtls_x509_crt_free(&srvcert); + mbedtls_pk_free(&pkey); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ssl_cookie_free(&cookie_ctx); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free( &cache ); + mbedtls_ssl_cache_free(&cache); #endif - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif /* Shell can not handle large exit numbers -> 1 for errors */ - if( ret < 0 ) + if (ret < 0) { ret = 1; + } - mbedtls_exit( ret ); + mbedtls_exit(ret); } #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C && diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index 1353d8b446f2..688c9fc766d5 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -44,12 +44,12 @@ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_SSL_CLI_C) || \ !defined(UNIX) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX " - "not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX " + "not defined.\n"); + mbedtls_exit(0); } #else @@ -141,8 +141,7 @@ const unsigned char ca_cert[] = { }; #endif /* MBEDTLS_X509_CRT_PARSE_C */ -enum exit_codes -{ +enum exit_codes { exit_ok = 0, ctr_drbg_seed_failed, ssl_config_defaults_failed, @@ -156,7 +155,7 @@ enum exit_codes }; -int main( void ) +int main(void) { int ret = exit_ok; mbedtls_net_context server_fd; @@ -169,62 +168,57 @@ int main( void ) mbedtls_ctr_drbg_context ctr_drbg; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_ctr_drbg_init(&ctr_drbg); /* * 0. Initialize and setup stuff */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); + mbedtls_net_init(&server_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); #if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_init( &ca ); + mbedtls_x509_crt_init(&ca); #endif - mbedtls_entropy_init( &entropy ); - if( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, strlen( pers ) ) != 0 ) - { + mbedtls_entropy_init(&entropy); + if (mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, strlen(pers)) != 0) { ret = ctr_drbg_seed_failed; goto exit; } - if( mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) != 0 ) - { + if (mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT) != 0) { ret = ssl_config_defaults_failed; goto exit; } - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ), - (const unsigned char *) psk_id, sizeof( psk_id ) - 1 ); + mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk), + (const unsigned char *) psk_id, sizeof(psk_id) - 1); #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) - if( mbedtls_x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 ) - { + if (mbedtls_x509_crt_parse_der(&ca, ca_cert, sizeof(ca_cert)) != 0) { ret = x509_crt_parse_failed; goto exit; } - mbedtls_ssl_conf_ca_chain( &conf, &ca, NULL ); - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED ); + mbedtls_ssl_conf_ca_chain(&conf, &ca, NULL); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED); #endif - if( mbedtls_ssl_setup( &ssl, &conf ) != 0 ) - { + if (mbedtls_ssl_setup(&ssl, &conf) != 0) { ret = ssl_setup_failed; goto exit; } #if defined(MBEDTLS_X509_CRT_PARSE_C) - if( mbedtls_ssl_set_hostname( &ssl, HOSTNAME ) != 0 ) - { + if (mbedtls_ssl_set_hostname(&ssl, HOSTNAME) != 0) { ret = hostname_failed; goto exit; } @@ -233,7 +227,7 @@ int main( void ) /* * 1. Start the connection */ - memset( &addr, 0, sizeof( addr ) ); + memset(&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; ret = 1; /* for endianness detection */ @@ -241,23 +235,20 @@ int main( void ) addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE; ret = 0; - if( ( server_fd.fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 ) - { + if ((server_fd.fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) { ret = socket_failed; goto exit; } - if( connect( server_fd.fd, - (const struct sockaddr *) &addr, sizeof( addr ) ) < 0 ) - { + if (connect(server_fd.fd, + (const struct sockaddr *) &addr, sizeof(addr)) < 0) { ret = connect_failed; goto exit; } - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL); - if( mbedtls_ssl_handshake( &ssl ) != 0 ) - { + if (mbedtls_ssl_handshake(&ssl) != 0) { ret = ssl_handshake_failed; goto exit; } @@ -265,26 +256,25 @@ int main( void ) /* * 2. Write the GET request and close the connection */ - if( mbedtls_ssl_write( &ssl, (const unsigned char *) GET_REQUEST, - sizeof( GET_REQUEST ) - 1 ) <= 0 ) - { + if (mbedtls_ssl_write(&ssl, (const unsigned char *) GET_REQUEST, + sizeof(GET_REQUEST) - 1) <= 0) { ret = ssl_write_failed; goto exit; } - mbedtls_ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify(&ssl); exit: - mbedtls_net_free( &server_fd ); + mbedtls_net_free(&server_fd); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_free( &ca ); + mbedtls_x509_crt_free(&ca); #endif - mbedtls_exit( ret ); + mbedtls_exit(ret); } #endif diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index c9f8b3c7045a..ffdef3b42250 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -30,14 +30,14 @@ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \ !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " - "not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " + "not defined.\n"); + mbedtls_exit(0); } #else @@ -58,17 +58,17 @@ int main( void ) #define DEBUG_LEVEL 1 -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -int main( void ) +int main(void) { int ret = 1, len; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -84,221 +84,209 @@ int main( void ) mbedtls_x509_crt cacert; #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( DEBUG_LEVEL ); + mbedtls_debug_set_threshold(DEBUG_LEVEL); #endif /* * 0. Initialize the RNG and the session data */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_x509_crt_init( &cacert ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_net_init(&server_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_x509_crt_init(&cacert); + mbedtls_ctr_drbg_init(&ctr_drbg); + + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 0. Initialize certificates */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); - - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" . Loading the CA root certificate ..."); + fflush(stdout); + + ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf(" ok (%d skipped)\n", ret); /* * 1. Start the connection */ - mbedtls_printf( " . Connecting to tcp/%s/%s...", SERVER_NAME, SERVER_PORT ); - fflush( stdout ); + mbedtls_printf(" . Connecting to tcp/%s/%s...", SERVER_NAME, SERVER_PORT); + fflush(stdout); - if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME, - SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + if ((ret = mbedtls_net_connect(&server_fd, SERVER_NAME, + SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Setup stuff */ - mbedtls_printf( " . Setting up the SSL/TLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + mbedtls_printf(" . Setting up the SSL/TLS structure..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* OPTIONAL is not optimal for security, * but makes interop easier in this simplified example */ - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); + + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_set_hostname(&ssl, SERVER_NAME)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret); goto exit; } - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL); /* * 4. Handshake */ - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" . Performing the SSL/TLS handshake..."); + fflush(stdout); + + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 5. Verify the server certificate */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf(" . Verifying peer X.509 certificate..."); /* In real life, we probably want to bail out when ret != 0 */ - if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) - { + if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); + mbedtls_printf(" failed\n"); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); + } else { + mbedtls_printf(" ok\n"); } - else - mbedtls_printf( " ok\n" ); /* * 3. Write the GET request */ - mbedtls_printf( " > Write to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write to server:"); + fflush(stdout); - len = sprintf( (char *) buf, GET_REQUEST ); + len = sprintf((char *) buf, GET_REQUEST); - while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); goto exit; } } len = ret; - mbedtls_printf( " %d bytes written\n\n%s", len, (char *) buf ); + mbedtls_printf(" %d bytes written\n\n%s", len, (char *) buf); /* * 7. Read the HTTP response */ - mbedtls_printf( " < Read from server:" ); - fflush( stdout ); + mbedtls_printf(" < Read from server:"); + fflush(stdout); - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { continue; + } - if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ) + if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) { break; + } - if( ret < 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret ); + if (ret < 0) { + mbedtls_printf("failed\n ! mbedtls_ssl_read returned %d\n\n", ret); break; } - if( ret == 0 ) - { - mbedtls_printf( "\n\nEOF\n\n" ); + if (ret == 0) { + mbedtls_printf("\n\nEOF\n\n"); break; } len = ret; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); - } - while( 1 ); + mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf); + } while (1); - mbedtls_ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify(&ssl); exit_code = MBEDTLS_EXIT_SUCCESS; exit: #ifdef MBEDTLS_ERROR_C - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { + if (exit_code != MBEDTLS_EXIT_SUCCESS) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &server_fd ); + mbedtls_net_free(&server_fd); - mbedtls_x509_crt_free( &cacert ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_x509_crt_free(&cacert); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 18a47731328d..d42a38e5fe67 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -24,16 +24,16 @@ #endif #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) -int main( void ) +int main(void) { - mbedtls_printf( MBEDTLS_SSL_TEST_IMPOSSIBLE ); - mbedtls_exit( 0 ); + mbedtls_printf(MBEDTLS_SSL_TEST_IMPOSSIBLE); + mbedtls_exit(0); } #elif !defined(MBEDTLS_SSL_CLI_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_SSL_CLI_C not defined.\n" ); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_SSL_CLI_C not defined.\n"); + mbedtls_exit(0); } #else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */ @@ -120,7 +120,7 @@ int main( void ) #define USAGE_CONTEXT_CRT_CB \ " context_crt_cb=%%d This determines whether the CRT verification callback is bound\n" \ " to the SSL configuration of the SSL context.\n" \ - " Possible values:\n"\ + " Possible values:\n" \ " - 0 (default): Use CRT callback bound to configuration\n" \ " - 1: Use CRT callback bound to SSL context\n" #else @@ -137,8 +137,8 @@ int main( void ) " use \"none\" to skip loading any top-level CAs.\n" \ " crt_file=%%s Your own cert and chain (in bottom to top order, top may be omitted)\n" \ " default: \"\" (pre-loaded)\n" \ - " key_file=%%s default: \"\" (pre-loaded)\n"\ - " key_pwd=%%s Password for key specified by key_file argument\n"\ + " key_file=%%s default: \"\" (pre-loaded)\n" \ + " key_pwd=%%s Password for key specified by key_file argument\n" \ " default: none\n" #else #define USAGE_IO \ @@ -219,7 +219,7 @@ int main( void ) #if defined(MBEDTLS_SSL_DTLS_SRTP) #define USAGE_SRTP \ " use_srtp=%%d default: 0 (disabled)\n" \ - " This cannot be used with eap_tls=1 or "\ + " This cannot be used with eap_tls=1 or " \ " nss_keylog=1\n" \ " srtp_force_profile=%%d default: 0 (all enabled)\n" \ " available profiles:\n" \ @@ -350,7 +350,7 @@ int main( void ) " serialize=%%d default: 0 (do not serialize/deserialize)\n" \ " options: 1 (serialize)\n" \ " 2 (serialize with re-initialization)\n" \ - " context_file=%%s The file path to write a serialized connection\n"\ + " context_file=%%s The file path to write a serialized connection\n" \ " in the form of base64 code (serialize option\n" \ " must be set)\n" \ " default: \"\" (do nothing)\n" \ @@ -370,21 +370,21 @@ int main( void ) " request_page=%%s default: \".\"\n" \ " request_size=%%d default: about 34 (basic request)\n" \ " (minimum: 0, max: " MAX_REQUEST_SIZE_STR ")\n" \ - " If 0, in the first exchange only an empty\n" \ - " application data message is sent followed by\n" \ - " a second non-empty message before attempting\n" \ - " to read a response from the server\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ - " build_version=%%d default: none (disabled)\n" \ - " option: 1 (print build version only and stop)\n" \ - " nbio=%%d default: 0 (blocking I/O)\n" \ - " options: 1 (non-blocking), 2 (added delays)\n" \ - " event=%%d default: 0 (loop)\n" \ - " options: 1 (level-triggered, implies nbio=1),\n" \ - " read_timeout=%%d default: 0 ms (no timeout)\n" \ - " max_resend=%%d default: 0 (no resend on timeout)\n" \ - " skip_close_notify=%%d default: 0 (send close_notify)\n" \ - "\n" \ + " If 0, in the first exchange only an empty\n" \ + " application data message is sent followed by\n" \ + " a second non-empty message before attempting\n" \ + " to read a response from the server\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ + " build_version=%%d default: none (disabled)\n" \ + " option: 1 (print build version only and stop)\n" \ + " nbio=%%d default: 0 (blocking I/O)\n" \ + " options: 1 (non-blocking), 2 (added delays)\n" \ + " event=%%d default: 0 (loop)\n" \ + " options: 1 (level-triggered, implies nbio=1),\n" \ + " read_timeout=%%d default: 0 ms (no timeout)\n" \ + " max_resend=%%d default: 0 (no resend on timeout)\n" \ + " skip_close_notify=%%d default: 0 (send close_notify)\n" \ + "\n" \ USAGE_DTLS \ USAGE_CID \ USAGE_SRTP \ @@ -432,7 +432,7 @@ int main( void ) " force_version=%%s default: \"\" (none)\n" \ " options: ssl3, tls1, tls1_1, tls12, dtls1, dtls12\n" \ "\n" \ - " force_ciphersuite= default: all enabled\n"\ + " force_ciphersuite= default: all enabled\n" \ " query_config= return 0 if the specified\n" \ " configuration macro is defined and 1\n" \ " otherwise. The expansion of the macro\n" \ @@ -447,8 +447,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *server_name; /* hostname of the server (client only) */ const char *server_addr; /* address of the server (client only) */ const char *server_port; /* port on which the ssl service runs */ @@ -535,45 +534,47 @@ static unsigned char peer_crt_info[1024]; /* * Enabled if debug_level > 1 in code below */ -static int my_verify( void *data, mbedtls_x509_crt *crt, - int depth, uint32_t *flags ) +static int my_verify(void *data, mbedtls_x509_crt *crt, + int depth, uint32_t *flags) { char buf[1024]; ((void) data); - mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); - if( depth == 0 ) - memcpy( peer_crt_info, buf, sizeof( buf ) ); + mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt); + if (depth == 0) { + memcpy(peer_crt_info, buf, sizeof(buf)); + } - if( opt.debug_level == 0 ) - return( 0 ); + if (opt.debug_level == 0) { + return 0; + } - mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); - mbedtls_printf( "%s", buf ); + mbedtls_printf("\nVerify requested for (Depth %d):\n", depth); + mbedtls_printf("%s", buf); - if ( ( *flags ) == 0 ) - mbedtls_printf( " This certificate has no flags\n" ); - else - { - mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); - mbedtls_printf( "%s\n", buf ); + if ((*flags) == 0) { + mbedtls_printf(" This certificate has no flags\n"); + } else { + mbedtls_x509_crt_verify_info(buf, sizeof(buf), " ! ", *flags); + mbedtls_printf("%s\n", buf); } - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) -int report_cid_usage( mbedtls_ssl_context *ssl, - const char *additional_description ) +int report_cid_usage(mbedtls_ssl_context *ssl, + const char *additional_description) { int ret; - unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; + unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX]; size_t peer_cid_len; int cid_negotiated; - if( opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 0 ); + if (opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return 0; + } /* Check if the use of a CID has been negotiated, * but don't ask for the CID value and length. @@ -585,64 +586,56 @@ int report_cid_usage( mbedtls_ssl_context *ssl, * * An actual application, however, should use * just one call to mbedtls_ssl_get_peer_cid(). */ - ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated, - NULL, NULL ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", - (unsigned int) -ret ); - return( ret ); + ret = mbedtls_ssl_get_peer_cid(ssl, &cid_negotiated, + NULL, NULL); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", + (unsigned int) -ret); + return ret; } - if( cid_negotiated == MBEDTLS_SSL_CID_DISABLED ) - { - if( opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED ) - { - mbedtls_printf( "(%s) Use of Connection ID was rejected by the server.\n", - additional_description ); + if (cid_negotiated == MBEDTLS_SSL_CID_DISABLED) { + if (opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED) { + mbedtls_printf("(%s) Use of Connection ID was rejected by the server.\n", + additional_description); } - } - else - { - size_t idx=0; - mbedtls_printf( "(%s) Use of Connection ID has been negotiated.\n", - additional_description ); + } else { + size_t idx = 0; + mbedtls_printf("(%s) Use of Connection ID has been negotiated.\n", + additional_description); /* Ask for just the length of the peer's CID. */ - ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated, - NULL, &peer_cid_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", - (unsigned int) -ret ); - return( ret ); + ret = mbedtls_ssl_get_peer_cid(ssl, &cid_negotiated, + NULL, &peer_cid_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", + (unsigned int) -ret); + return ret; } /* Ask for just length + value of the peer's CID. */ - ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated, - peer_cid, &peer_cid_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", - (unsigned int) -ret ); - return( ret ); - } - mbedtls_printf( "(%s) Peer CID (length %u Bytes): ", - additional_description, - (unsigned) peer_cid_len ); - while( idx < peer_cid_len ) - { - mbedtls_printf( "%02x ", peer_cid[ idx ] ); + ret = mbedtls_ssl_get_peer_cid(ssl, &cid_negotiated, + peer_cid, &peer_cid_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", + (unsigned int) -ret); + return ret; + } + mbedtls_printf("(%s) Peer CID (length %u Bytes): ", + additional_description, + (unsigned) peer_cid_len); + while (idx < peer_cid_len) { + mbedtls_printf("%02x ", peer_cid[idx]); idx++; } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 0, len, tail_len, i, written, frags, retry_left; int query_config_ret = 0; @@ -677,7 +670,7 @@ int main( int argc, char *argv[] ) #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) unsigned char mki[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH]; - size_t mki_len=0; + size_t mki_len = 0; #endif const char *pers = "ssl_client2"; @@ -719,12 +712,12 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_SSL_EXPORT_KEYS) unsigned char eap_tls_keymaterial[16]; unsigned char eap_tls_iv[8]; - const char* eap_tls_label = "client EAP encryption"; + const char *eap_tls_label = "client EAP encryption"; eap_tls_keys eap_tls_keying; -#if defined( MBEDTLS_SSL_DTLS_SRTP ) +#if defined(MBEDTLS_SSL_DTLS_SRTP) /*! master keys and master salt for SRTP generated during handshake */ unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH]; - const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp"; + const char *dtls_srtp_label = "EXTRACTOR-dtls_srtp"; dtls_srtp_keys dtls_srtp_keying; const mbedtls_ssl_srtp_profile default_profiles[] = { MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80, @@ -737,63 +730,62 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); + mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); #endif #if defined(MBEDTLS_TEST_HOOKS) - test_hooks_init( ); + test_hooks_init(); #endif /* MBEDTLS_TEST_HOOKS */ /* * Make sure memory references are valid. */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) ); - rng_init( &rng ); + mbedtls_net_init(&server_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + memset(&saved_session, 0, sizeof(mbedtls_ssl_session)); + rng_init(&rng); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crt_init( &clicert ); - mbedtls_pk_init( &pkey ); + mbedtls_x509_crt_init(&cacert); + mbedtls_x509_crt_init(&clicert); + mbedtls_pk_init(&pkey); #endif #if defined(MBEDTLS_SSL_ALPN) - memset( (void * ) alpn_list, 0, sizeof( alpn_list ) ); + memset((void *) alpn_list, 0, sizeof(alpn_list)); #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) status = psa_crypto_init(); - if( status != PSA_SUCCESS ) - { - mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n", - (int) status ); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - mbedtls_test_enable_insecure_external_rng( ); + mbedtls_test_enable_insecure_external_rng(); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - if( argc == 0 ) - { - usage: - if( ret == 0 ) + if (argc == 0) { +usage: + if (ret == 0) { ret = 1; + } - mbedtls_printf( USAGE1 ); - mbedtls_printf( USAGE2 ); - mbedtls_printf( USAGE3 ); - mbedtls_printf( USAGE4 ); + mbedtls_printf(USAGE1); + mbedtls_printf(USAGE2); + mbedtls_printf(USAGE3); + mbedtls_printf(USAGE4); list = mbedtls_ssl_list_ciphersuites(); - while( *list ) - { - mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) ); + while (*list) { + mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list)); list++; - if( !*list ) + if (!*list) { break; - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); + } + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); list++; } mbedtls_printf("\n"); @@ -831,7 +823,7 @@ int main( int argc, char *argv[] ) opt.psk_identity = DFL_PSK_IDENTITY; opt.ecjpake_pw = DFL_ECJPAKE_PW; opt.ec_max_ops = DFL_EC_MAX_OPS; - opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; + opt.force_ciphersuite[0] = DFL_FORCE_CIPHER; opt.renegotiation = DFL_RENEGOTIATION; opt.allow_legacy = DFL_ALLOW_LEGACY; opt.renegotiate = DFL_RENEGOTIATE; @@ -872,153 +864,136 @@ int main( int argc, char *argv[] ) opt.force_srtp_profile = DFL_SRTP_FORCE_PROFILE; opt.mki = DFL_SRTP_MKI; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "server_name" ) == 0 ) + if (strcmp(p, "server_name") == 0) { opt.server_name = q; - else if( strcmp( p, "server_addr" ) == 0 ) + } else if (strcmp(p, "server_addr") == 0) { opt.server_addr = q; - else if( strcmp( p, "server_port" ) == 0 ) + } else if (strcmp(p, "server_port") == 0) { opt.server_port = q; - else if( strcmp( p, "dtls" ) == 0 ) - { - int t = atoi( q ); - if( t == 0 ) + } else if (strcmp(p, "dtls") == 0) { + int t = atoi(q); + if (t == 0) { opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM; - else if( t == 1 ) + } else if (t == 1) { opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - else + } else { goto usage; - } - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) + } + } else if (strcmp(p, "debug_level") == 0) { + opt.debug_level = atoi(q); + if (opt.debug_level < 0 || opt.debug_level > 65535) { goto usage; - } - else if( strcmp( p, "build_version" ) == 0 ) - { - if( strcmp( q, "1" ) == 0 ) - { - mbedtls_printf( "build version: %s (build %d)\n", - MBEDTLS_VERSION_STRING_FULL, - MBEDTLS_VERSION_NUMBER ); + } + } else if (strcmp(p, "build_version") == 0) { + if (strcmp(q, "1") == 0) { + mbedtls_printf("build version: %s (build %d)\n", + MBEDTLS_VERSION_STRING_FULL, + MBEDTLS_VERSION_NUMBER); goto exit; } - } - else if( strcmp( p, "context_crt_cb" ) == 0 ) - { - opt.context_crt_cb = atoi( q ); - if( opt.context_crt_cb != 0 && opt.context_crt_cb != 1 ) + } else if (strcmp(p, "context_crt_cb") == 0) { + opt.context_crt_cb = atoi(q); + if (opt.context_crt_cb != 0 && opt.context_crt_cb != 1) { goto usage; - } - else if( strcmp( p, "nbio" ) == 0 ) - { - opt.nbio = atoi( q ); - if( opt.nbio < 0 || opt.nbio > 2 ) + } + } else if (strcmp(p, "nbio") == 0) { + opt.nbio = atoi(q); + if (opt.nbio < 0 || opt.nbio > 2) { goto usage; - } - else if( strcmp( p, "event" ) == 0 ) - { - opt.event = atoi( q ); - if( opt.event < 0 || opt.event > 2 ) + } + } else if (strcmp(p, "event") == 0) { + opt.event = atoi(q); + if (opt.event < 0 || opt.event > 2) { goto usage; - } - else if( strcmp( p, "read_timeout" ) == 0 ) - opt.read_timeout = atoi( q ); - else if( strcmp( p, "max_resend" ) == 0 ) - { - opt.max_resend = atoi( q ); - if( opt.max_resend < 0 ) + } + } else if (strcmp(p, "read_timeout") == 0) { + opt.read_timeout = atoi(q); + } else if (strcmp(p, "max_resend") == 0) { + opt.max_resend = atoi(q); + if (opt.max_resend < 0) { goto usage; - } - else if( strcmp( p, "request_page" ) == 0 ) + } + } else if (strcmp(p, "request_page") == 0) { opt.request_page = q; - else if( strcmp( p, "request_size" ) == 0 ) - { - opt.request_size = atoi( q ); - if( opt.request_size < 0 || - opt.request_size > MAX_REQUEST_SIZE ) + } else if (strcmp(p, "request_size") == 0) { + opt.request_size = atoi(q); + if (opt.request_size < 0 || + opt.request_size > MAX_REQUEST_SIZE) { goto usage; - } - else if( strcmp( p, "ca_file" ) == 0 ) + } + } else if (strcmp(p, "ca_file") == 0) { opt.ca_file = q; - else if( strcmp( p, "ca_path" ) == 0 ) + } else if (strcmp(p, "ca_path") == 0) { opt.ca_path = q; - else if( strcmp( p, "crt_file" ) == 0 ) + } else if (strcmp(p, "crt_file") == 0) { opt.crt_file = q; - else if( strcmp( p, "key_file" ) == 0 ) + } else if (strcmp(p, "key_file") == 0) { opt.key_file = q; - else if( strcmp( p, "key_pwd" ) == 0 ) + } else if (strcmp(p, "key_pwd") == 0) { opt.key_pwd = q; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - else if( strcmp( p, "key_opaque" ) == 0 ) - opt.key_opaque = atoi( q ); + else if (strcmp(p, "key_opaque") == 0) { + opt.key_opaque = atoi(q); + } #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - else if( strcmp( p, "cid" ) == 0 ) - { - opt.cid_enabled = atoi( q ); - if( opt.cid_enabled != 0 && opt.cid_enabled != 1 ) + else if (strcmp(p, "cid") == 0) { + opt.cid_enabled = atoi(q); + if (opt.cid_enabled != 0 && opt.cid_enabled != 1) { goto usage; - } - else if( strcmp( p, "cid_renego" ) == 0 ) - { - opt.cid_enabled_renego = atoi( q ); - if( opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1 ) + } + } else if (strcmp(p, "cid_renego") == 0) { + opt.cid_enabled_renego = atoi(q); + if (opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1) { goto usage; - } - else if( strcmp( p, "cid_val" ) == 0 ) - { + } + } else if (strcmp(p, "cid_val") == 0) { opt.cid_val = q; - } - else if( strcmp( p, "cid_val_renego" ) == 0 ) - { + } else if (strcmp(p, "cid_val_renego") == 0) { opt.cid_val_renego = q; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - else if( strcmp( p, "psk" ) == 0 ) + else if (strcmp(p, "psk") == 0) { opt.psk = q; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - else if( strcmp( p, "psk_opaque" ) == 0 ) - opt.psk_opaque = atoi( q ); + else if (strcmp(p, "psk_opaque") == 0) { + opt.psk_opaque = atoi(q); + } #endif #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - else if( strcmp( p, "ca_callback" ) == 0) - opt.ca_callback = atoi( q ); + else if (strcmp(p, "ca_callback") == 0) { + opt.ca_callback = atoi(q); + } #endif - else if( strcmp( p, "psk_identity" ) == 0 ) + else if (strcmp(p, "psk_identity") == 0) { opt.psk_identity = q; - else if( strcmp( p, "ecjpake_pw" ) == 0 ) + } else if (strcmp(p, "ecjpake_pw") == 0) { opt.ecjpake_pw = q; - else if( strcmp( p, "ec_max_ops" ) == 0 ) - opt.ec_max_ops = atoi( q ); - else if( strcmp( p, "force_ciphersuite" ) == 0 ) - { - opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); - - if( opt.force_ciphersuite[0] == 0 ) - { + } else if (strcmp(p, "ec_max_ops") == 0) { + opt.ec_max_ops = atoi(q); + } else if (strcmp(p, "force_ciphersuite") == 0) { + opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(q); + + if (opt.force_ciphersuite[0] == 0) { ret = 2; goto usage; } opt.force_ciphersuite[1] = 0; - } - else if( strcmp( p, "renegotiation" ) == 0 ) - { - opt.renegotiation = (atoi( q )) ? - MBEDTLS_SSL_RENEGOTIATION_ENABLED : - MBEDTLS_SSL_RENEGOTIATION_DISABLED; - } - else if( strcmp( p, "allow_legacy" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "renegotiation") == 0) { + opt.renegotiation = (atoi(q)) ? + MBEDTLS_SSL_RENEGOTIATION_ENABLED : + MBEDTLS_SSL_RENEGOTIATION_DISABLED; + } else if (strcmp(p, "allow_legacy") == 0) { + switch (atoi(q)) { case -1: opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE; break; @@ -1030,66 +1005,51 @@ int main( int argc, char *argv[] ) break; default: goto usage; } - } - else if( strcmp( p, "renegotiate" ) == 0 ) - { - opt.renegotiate = atoi( q ); - if( opt.renegotiate < 0 || opt.renegotiate > 1 ) + } else if (strcmp(p, "renegotiate") == 0) { + opt.renegotiate = atoi(q); + if (opt.renegotiate < 0 || opt.renegotiate > 1) { goto usage; - } - else if( strcmp( p, "exchanges" ) == 0 ) - { - opt.exchanges = atoi( q ); - if( opt.exchanges < 1 ) + } + } else if (strcmp(p, "exchanges") == 0) { + opt.exchanges = atoi(q); + if (opt.exchanges < 1) { goto usage; - } - else if( strcmp( p, "reconnect" ) == 0 ) - { - opt.reconnect = atoi( q ); - if( opt.reconnect < 0 || opt.reconnect > 2 ) + } + } else if (strcmp(p, "reconnect") == 0) { + opt.reconnect = atoi(q); + if (opt.reconnect < 0 || opt.reconnect > 2) { goto usage; - } - else if( strcmp( p, "reco_delay" ) == 0 ) - { - opt.reco_delay = atoi( q ); - if( opt.reco_delay < 0 ) + } + } else if (strcmp(p, "reco_delay") == 0) { + opt.reco_delay = atoi(q); + if (opt.reco_delay < 0) { goto usage; - } - else if( strcmp( p, "reco_mode" ) == 0 ) - { - opt.reco_mode = atoi( q ); - if( opt.reco_mode < 0 ) + } + } else if (strcmp(p, "reco_mode") == 0) { + opt.reco_mode = atoi(q); + if (opt.reco_mode < 0) { goto usage; - } - else if( strcmp( p, "reconnect_hard" ) == 0 ) - { - opt.reconnect_hard = atoi( q ); - if( opt.reconnect_hard < 0 || opt.reconnect_hard > 1 ) + } + } else if (strcmp(p, "reconnect_hard") == 0) { + opt.reconnect_hard = atoi(q); + if (opt.reconnect_hard < 0 || opt.reconnect_hard > 1) { goto usage; - } - else if( strcmp( p, "tickets" ) == 0 ) - { - opt.tickets = atoi( q ); - if( opt.tickets < 0 || opt.tickets > 2 ) + } + } else if (strcmp(p, "tickets") == 0) { + opt.tickets = atoi(q); + if (opt.tickets < 0 || opt.tickets > 2) { goto usage; - } - else if( strcmp( p, "alpn" ) == 0 ) - { + } + } else if (strcmp(p, "alpn") == 0) { opt.alpn_string = q; - } - else if( strcmp( p, "fallback" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "fallback") == 0) { + switch (atoi(q)) { case 0: opt.fallback = MBEDTLS_SSL_IS_NOT_FALLBACK; break; case 1: opt.fallback = MBEDTLS_SSL_IS_FALLBACK; break; default: goto usage; } - } - else if( strcmp( p, "extended_ms" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "extended_ms") == 0) { + switch (atoi(q)) { case 0: opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED; break; @@ -1098,327 +1058,262 @@ int main( int argc, char *argv[] ) break; default: goto usage; } - } - else if( strcmp( p, "curves" ) == 0 ) + } else if (strcmp(p, "curves") == 0) { opt.curves = q; - else if( strcmp( p, "etm" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "etm") == 0) { + switch (atoi(q)) { case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break; case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break; default: goto usage; } - } - else if( strcmp( p, "min_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) + } else if (strcmp(p, "min_version") == 0) { + if (strcmp(q, "ssl3") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; - else if( strcmp( q, "tls1" ) == 0 ) + } else if (strcmp(q, "tls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) + } else if (strcmp(q, "tls1_1") == 0 || + strcmp(q, "dtls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls12" ) == 0 || - strcmp( q, "dtls12" ) == 0 ) + } else if (strcmp(q, "tls12") == 0 || + strcmp(q, "dtls12") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - else + } else { goto usage; - } - else if( strcmp( p, "max_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) + } + } else if (strcmp(p, "max_version") == 0) { + if (strcmp(q, "ssl3") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; - else if( strcmp( q, "tls1" ) == 0 ) + } else if (strcmp(q, "tls1") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) + } else if (strcmp(q, "tls1_1") == 0 || + strcmp(q, "dtls1") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls12" ) == 0 || - strcmp( q, "dtls12" ) == 0 ) + } else if (strcmp(q, "tls12") == 0 || + strcmp(q, "dtls12") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - else + } else { goto usage; - } - else if( strcmp( p, "arc4" ) == 0 ) - { - switch( atoi( q ) ) - { + } + } else if (strcmp(p, "arc4") == 0) { + switch (atoi(q)) { case 0: opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED; break; case 1: opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; break; default: goto usage; } - } - else if( strcmp( p, "allow_sha1" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "allow_sha1") == 0) { + switch (atoi(q)) { case 0: opt.allow_sha1 = 0; break; case 1: opt.allow_sha1 = 1; break; default: goto usage; } - } - else if( strcmp( p, "force_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) - { + } else if (strcmp(p, "force_version") == 0) { + if (strcmp(q, "ssl3") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; - } - else if( strcmp( q, "tls1" ) == 0 ) - { + } else if (strcmp(q, "tls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - } - else if( strcmp( q, "tls1_1" ) == 0 ) - { + } else if (strcmp(q, "tls1_1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - } - else if( strcmp( q, "tls12" ) == 0 ) - { + } else if (strcmp(q, "tls12") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - } - else if( strcmp( q, "dtls1" ) == 0 ) - { + } else if (strcmp(q, "dtls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } - else if( strcmp( q, "dtls12" ) == 0 ) - { + } else if (strcmp(q, "dtls12") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } - else + } else { goto usage; - } - else if( strcmp( p, "auth_mode" ) == 0 ) - { - if( strcmp( q, "none" ) == 0 ) + } + } else if (strcmp(p, "auth_mode") == 0) { + if (strcmp(q, "none") == 0) { opt.auth_mode = MBEDTLS_SSL_VERIFY_NONE; - else if( strcmp( q, "optional" ) == 0 ) + } else if (strcmp(q, "optional") == 0) { opt.auth_mode = MBEDTLS_SSL_VERIFY_OPTIONAL; - else if( strcmp( q, "required" ) == 0 ) + } else if (strcmp(q, "required") == 0) { opt.auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED; - else + } else { goto usage; - } - else if( strcmp( p, "max_frag_len" ) == 0 ) - { - if( strcmp( q, "512" ) == 0 ) + } + } else if (strcmp(p, "max_frag_len") == 0) { + if (strcmp(q, "512") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512; - else if( strcmp( q, "1024" ) == 0 ) + } else if (strcmp(q, "1024") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024; - else if( strcmp( q, "2048" ) == 0 ) + } else if (strcmp(q, "2048") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048; - else if( strcmp( q, "4096" ) == 0 ) + } else if (strcmp(q, "4096") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096; - else + } else { goto usage; - } - else if( strcmp( p, "trunc_hmac" ) == 0 ) - { - switch( atoi( q ) ) - { + } + } else if (strcmp(p, "trunc_hmac") == 0) { + switch (atoi(q)) { case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break; case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break; default: goto usage; } - } - else if( strcmp( p, "hs_timeout" ) == 0 ) - { - if( ( p = strchr( q, '-' ) ) == NULL ) + } else if (strcmp(p, "hs_timeout") == 0) { + if ((p = strchr(q, '-')) == NULL) { goto usage; + } *p++ = '\0'; - opt.hs_to_min = atoi( q ); - opt.hs_to_max = atoi( p ); - if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min ) + opt.hs_to_min = atoi(q); + opt.hs_to_max = atoi(p); + if (opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min) { goto usage; - } - else if( strcmp( p, "mtu" ) == 0 ) - { - opt.dtls_mtu = atoi( q ); - if( opt.dtls_mtu < 0 ) + } + } else if (strcmp(p, "mtu") == 0) { + opt.dtls_mtu = atoi(q); + if (opt.dtls_mtu < 0) { goto usage; - } - else if( strcmp( p, "dgram_packing" ) == 0 ) - { - opt.dgram_packing = atoi( q ); - if( opt.dgram_packing != 0 && - opt.dgram_packing != 1 ) - { + } + } else if (strcmp(p, "dgram_packing") == 0) { + opt.dgram_packing = atoi(q); + if (opt.dgram_packing != 0 && + opt.dgram_packing != 1) { goto usage; } - } - else if( strcmp( p, "recsplit" ) == 0 ) - { - opt.recsplit = atoi( q ); - if( opt.recsplit < 0 || opt.recsplit > 1 ) + } else if (strcmp(p, "recsplit") == 0) { + opt.recsplit = atoi(q); + if (opt.recsplit < 0 || opt.recsplit > 1) { goto usage; - } - else if( strcmp( p, "dhmlen" ) == 0 ) - { - opt.dhmlen = atoi( q ); - if( opt.dhmlen < 0 ) + } + } else if (strcmp(p, "dhmlen") == 0) { + opt.dhmlen = atoi(q); + if (opt.dhmlen < 0) { goto usage; - } - else if( strcmp( p, "query_config" ) == 0 ) - { + } + } else if (strcmp(p, "query_config") == 0) { opt.query_config_mode = 1; - query_config_ret = query_config( q ); + query_config_ret = query_config(q); goto exit; - } - else if( strcmp( p, "serialize") == 0 ) - { - opt.serialize = atoi( q ); - if( opt.serialize < 0 || opt.serialize > 2) + } else if (strcmp(p, "serialize") == 0) { + opt.serialize = atoi(q); + if (opt.serialize < 0 || opt.serialize > 2) { goto usage; - } - else if( strcmp( p, "context_file") == 0 ) - { + } + } else if (strcmp(p, "context_file") == 0) { opt.context_file = q; - } - else if( strcmp( p, "eap_tls" ) == 0 ) - { - opt.eap_tls = atoi( q ); - if( opt.eap_tls < 0 || opt.eap_tls > 1 ) + } else if (strcmp(p, "eap_tls") == 0) { + opt.eap_tls = atoi(q); + if (opt.eap_tls < 0 || opt.eap_tls > 1) { goto usage; - } - else if( strcmp( p, "reproducible" ) == 0 ) - { + } + } else if (strcmp(p, "reproducible") == 0) { opt.reproducible = 1; - } - else if( strcmp( p, "nss_keylog" ) == 0 ) - { - opt.nss_keylog = atoi( q ); - if( opt.nss_keylog < 0 || opt.nss_keylog > 1 ) + } else if (strcmp(p, "nss_keylog") == 0) { + opt.nss_keylog = atoi(q); + if (opt.nss_keylog < 0 || opt.nss_keylog > 1) { goto usage; - } - else if( strcmp( p, "nss_keylog_file" ) == 0 ) - { + } + } else if (strcmp(p, "nss_keylog_file") == 0) { opt.nss_keylog_file = q; - } - else if( strcmp( p, "skip_close_notify" ) == 0 ) - { - opt.skip_close_notify = atoi( q ); - if( opt.skip_close_notify < 0 || opt.skip_close_notify > 1 ) + } else if (strcmp(p, "skip_close_notify") == 0) { + opt.skip_close_notify = atoi(q); + if (opt.skip_close_notify < 0 || opt.skip_close_notify > 1) { goto usage; - } - else if( strcmp( p, "use_srtp" ) == 0 ) - { - opt.use_srtp = atoi ( q ); - } - else if( strcmp( p, "srtp_force_profile" ) == 0 ) - { - opt.force_srtp_profile = atoi( q ); - } - else if( strcmp( p, "mki" ) == 0 ) - { + } + } else if (strcmp(p, "use_srtp") == 0) { + opt.use_srtp = atoi(q); + } else if (strcmp(p, "srtp_force_profile") == 0) { + opt.force_srtp_profile = atoi(q); + } else if (strcmp(p, "mki") == 0) { opt.mki = q; - } - else + } else { goto usage; + } } - if( opt.nss_keylog != 0 && opt.eap_tls != 0 ) - { - mbedtls_printf( "Error: eap_tls and nss_keylog options cannot be used together.\n" ); + if (opt.nss_keylog != 0 && opt.eap_tls != 0) { + mbedtls_printf("Error: eap_tls and nss_keylog options cannot be used together.\n"); goto usage; } /* Event-driven IO is incompatible with the above custom * receive and send functions, as the polling builds on * refers to the underlying net_context. */ - if( opt.event == 1 && opt.nbio != 1 ) - { - mbedtls_printf( "Warning: event-driven IO mandates nbio=1 - overwrite\n" ); + if (opt.event == 1 && opt.nbio != 1) { + mbedtls_printf("Warning: event-driven IO mandates nbio=1 - overwrite\n"); opt.nbio = 1; } #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( opt.debug_level ); + mbedtls_debug_set_threshold(opt.debug_level); #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) /* * Unhexify the pre-shared key if any is given */ - if( strlen( opt.psk ) ) - { - if( mbedtls_test_unhexify( psk, sizeof( psk ), - opt.psk, &psk_len ) != 0 ) - { - mbedtls_printf( "pre-shared key not valid\n" ); + if (strlen(opt.psk)) { + if (mbedtls_test_unhexify(psk, sizeof(psk), + opt.psk, &psk_len) != 0) { + mbedtls_printf("pre-shared key not valid\n"); goto exit; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { - if( opt.psk == NULL ) - { - mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" ); + if (opt.psk_opaque != 0) { + if (opt.psk == NULL) { + mbedtls_printf("psk_opaque set but no psk to be imported specified.\n"); ret = 2; goto usage; } - if( opt.force_ciphersuite[0] <= 0 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + if (opt.force_ciphersuite[0] <= 0) { + mbedtls_printf( + "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n"); ret = 2; goto usage; } } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( opt.force_ciphersuite[0] > 0 ) - { + if (opt.force_ciphersuite[0] > 0) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info; ciphersuite_info = - mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); + mbedtls_ssl_ciphersuite_from_id(opt.force_ciphersuite[0]); - if( opt.max_version != -1 && - ciphersuite_info->min_minor_ver > opt.max_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + if (opt.max_version != -1 && + ciphersuite_info->min_minor_ver > opt.max_version) { + mbedtls_printf("forced ciphersuite not allowed with this protocol version\n"); ret = 2; goto usage; } - if( opt.min_version != -1 && - ciphersuite_info->max_minor_ver < opt.min_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + if (opt.min_version != -1 && + ciphersuite_info->max_minor_ver < opt.min_version) { + mbedtls_printf("forced ciphersuite not allowed with this protocol version\n"); ret = 2; goto usage; } /* If the server selects a version that's not supported by * this suite, then there will be no common ciphersuite... */ - if( opt.max_version == -1 || - opt.max_version > ciphersuite_info->max_minor_ver ) - { + if (opt.max_version == -1 || + opt.max_version > ciphersuite_info->max_minor_ver) { opt.max_version = ciphersuite_info->max_minor_ver; } - if( opt.min_version < ciphersuite_info->min_minor_ver ) - { + if (opt.min_version < ciphersuite_info->min_minor_ver) { opt.min_version = ciphersuite_info->min_minor_ver; /* DTLS starts with TLS 1.1 */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + } } /* Enable RC4 if needed and not explicitly disabled */ - if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - { - if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) - { - mbedtls_printf( "forced RC4 ciphersuite with RC4 disabled\n" ); + if (ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128) { + if (opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED) { + mbedtls_printf("forced RC4 ciphersuite with RC4 disabled\n"); ret = 2; goto usage; } @@ -1427,92 +1322,83 @@ int main( int argc, char *argv[] ) } #if defined(MBEDTLS_USE_PSA_CRYPTO) -#if defined (MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( opt.psk_opaque != 0 ) - { +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) + if (opt.psk_opaque != 0) { /* Determine KDF algorithm the opaque PSK will be used in. */ #if defined(MBEDTLS_SHA512_C) - if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); - else + } else #endif /* MBEDTLS_SHA512_C */ - alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( mbedtls_test_unhexify( cid, sizeof( cid ), - opt.cid_val, &cid_len ) != 0 ) - { - mbedtls_printf( "CID not valid\n" ); + if (mbedtls_test_unhexify(cid, sizeof(cid), + opt.cid_val, &cid_len) != 0) { + mbedtls_printf("CID not valid\n"); goto exit; } /* Keep CID settings for renegotiation unless * specified otherwise. */ - if( opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO ) + if (opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO) { opt.cid_enabled_renego = opt.cid_enabled; - if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO ) + } + if (opt.cid_val_renego == DFL_CID_VALUE_RENEGO) { opt.cid_val_renego = opt.cid_val; + } - if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ), - opt.cid_val_renego, &cid_renego_len ) != 0 ) - { - mbedtls_printf( "CID not valid\n" ); + if (mbedtls_test_unhexify(cid_renego, sizeof(cid_renego), + opt.cid_val_renego, &cid_renego_len) != 0) { + mbedtls_printf("CID not valid\n"); goto exit; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_ECP_C) - if( opt.curves != NULL ) - { + if (opt.curves != NULL) { p = (char *) opt.curves; i = 0; - if( strcmp( p, "none" ) == 0 ) - { + if (strcmp(p, "none") == 0) { curve_list[0] = MBEDTLS_ECP_DP_NONE; - } - else if( strcmp( p, "default" ) != 0 ) - { + } else if (strcmp(p, "default") != 0) { /* Leave room for a final NULL in curve list */ - while( i < CURVE_LIST_SIZE - 1 && *p != '\0' ) - { + while (i < CURVE_LIST_SIZE - 1 && *p != '\0') { q = p; /* Terminate the current string */ - while( *p != ',' && *p != '\0' ) + while (*p != ',' && *p != '\0') { p++; - if( *p == ',' ) + } + if (*p == ',') { *p++ = '\0'; + } - if( ( curve_cur = mbedtls_ecp_curve_info_from_name( q ) ) != NULL ) - { + if ((curve_cur = mbedtls_ecp_curve_info_from_name(q)) != NULL) { curve_list[i++] = curve_cur->grp_id; - } - else - { - mbedtls_printf( "unknown curve %s\n", q ); - mbedtls_printf( "supported curves: " ); - for( curve_cur = mbedtls_ecp_curve_list(); + } else { + mbedtls_printf("unknown curve %s\n", q); + mbedtls_printf("supported curves: "); + for (curve_cur = mbedtls_ecp_curve_list(); curve_cur->grp_id != MBEDTLS_ECP_DP_NONE; - curve_cur++ ) - { - mbedtls_printf( "%s ", curve_cur->name ); + curve_cur++) { + mbedtls_printf("%s ", curve_cur->name); } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); goto exit; } } - mbedtls_printf("Number of curves: %d\n", i ); + mbedtls_printf("Number of curves: %d\n", i); - if( i == CURVE_LIST_SIZE - 1 && *p != '\0' ) - { - mbedtls_printf( "curves list too long, maximum %d", - CURVE_LIST_SIZE - 1 ); + if (i == CURVE_LIST_SIZE - 1 && *p != '\0') { + mbedtls_printf("curves list too long, maximum %d", + CURVE_LIST_SIZE - 1); goto exit; } @@ -1522,821 +1408,774 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - { + if (opt.alpn_string != NULL) { p = (char *) opt.alpn_string; i = 0; /* Leave room for a final NULL in alpn_list */ - while( i < ALPN_LIST_SIZE - 1 && *p != '\0' ) - { + while (i < ALPN_LIST_SIZE - 1 && *p != '\0') { alpn_list[i++] = p; /* Terminate the current string and move on to next one */ - while( *p != ',' && *p != '\0' ) + while (*p != ',' && *p != '\0') { p++; - if( *p == ',' ) + } + if (*p == ',') { *p++ = '\0'; + } } } #endif /* MBEDTLS_SSL_ALPN */ - mbedtls_printf( "build version: %s (build %d)\n", - MBEDTLS_VERSION_STRING_FULL, MBEDTLS_VERSION_NUMBER ); + mbedtls_printf("build version: %s (build %d)\n", + MBEDTLS_VERSION_STRING_FULL, MBEDTLS_VERSION_NUMBER); /* * 0. Initialize the RNG and the session data */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - ret = rng_seed( &rng, opt.reproducible, pers ); - if( ret != 0 ) + ret = rng_seed(&rng, opt.reproducible, pers); + if (ret != 0) { goto exit; - mbedtls_printf( " ok\n" ); + } + mbedtls_printf(" ok\n"); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* * 1.1. Load the trusted CA */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the CA root certificate ..."); + fflush(stdout); - if( strcmp( opt.ca_path, "none" ) == 0 || - strcmp( opt.ca_file, "none" ) == 0 ) - { + if (strcmp(opt.ca_path, "none") == 0 || + strcmp(opt.ca_file, "none") == 0) { ret = 0; - } - else + } else #if defined(MBEDTLS_FS_IO) - if( strlen( opt.ca_path ) ) - ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ); - else if( strlen( opt.ca_file ) ) - ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); - else + if (strlen(opt.ca_path)) { + ret = mbedtls_x509_crt_parse_path(&cacert, opt.ca_path); + } else if (strlen(opt.ca_file)) { + ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file); + } else #endif #if defined(MBEDTLS_CERTS_C) { #if defined(MBEDTLS_PEM_PARSE_C) - for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) - { - ret = mbedtls_x509_crt_parse( &cacert, - (const unsigned char *) mbedtls_test_cas[i], - mbedtls_test_cas_len[i] ); - if( ret != 0 ) + for (i = 0; mbedtls_test_cas[i] != NULL; i++) { + ret = mbedtls_x509_crt_parse(&cacert, + (const unsigned char *) mbedtls_test_cas[i], + mbedtls_test_cas_len[i]); + if (ret != 0) { break; + } } #endif /* MBEDTLS_PEM_PARSE_C */ - if( ret == 0 ) - { - for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ ) - { - ret = mbedtls_x509_crt_parse_der( &cacert, - (const unsigned char *) mbedtls_test_cas_der[i], - mbedtls_test_cas_der_len[i] ); - if( ret != 0 ) + if (ret == 0) { + for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) { + ret = mbedtls_x509_crt_parse_der(&cacert, + (const unsigned char *) mbedtls_test_cas_der[i], + mbedtls_test_cas_der_len[i]); + if (ret != 0) { break; + } } } } #else { ret = 1; - mbedtls_printf( "MBEDTLS_CERTS_C not defined." ); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif /* MBEDTLS_CERTS_C */ - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", - (unsigned int) -ret ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf(" ok (%d skipped)\n", ret); /* * 1.2. Load own certificate and private key * * (can be skipped if client authentication is not required) */ - mbedtls_printf( " . Loading the client cert. and key..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the client cert. and key..."); + fflush(stdout); - if( strcmp( opt.crt_file, "none" ) == 0 ) + if (strcmp(opt.crt_file, "none") == 0) { ret = 0; - else + } else #if defined(MBEDTLS_FS_IO) - if( strlen( opt.crt_file ) ) - ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); - else + if (strlen(opt.crt_file)) { + ret = mbedtls_x509_crt_parse_file(&clicert, opt.crt_file); + } else #endif #if defined(MBEDTLS_CERTS_C) - ret = mbedtls_x509_crt_parse( &clicert, - (const unsigned char *) mbedtls_test_cli_crt, - mbedtls_test_cli_crt_len ); + { ret = mbedtls_x509_crt_parse(&clicert, + (const unsigned char *) mbedtls_test_cli_crt, + mbedtls_test_cli_crt_len); } #else { ret = 1; - mbedtls_printf( "MBEDTLS_CERTS_C not defined." ); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", - (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( strcmp( opt.key_file, "none" ) == 0 ) + if (strcmp(opt.key_file, "none") == 0) { ret = 0; - else + } else #if defined(MBEDTLS_FS_IO) - if( strlen( opt.key_file ) ) - ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd ); - else + if (strlen(opt.key_file)) { + ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, opt.key_pwd); + } else #endif #if defined(MBEDTLS_CERTS_C) - ret = mbedtls_pk_parse_key( &pkey, - (const unsigned char *) mbedtls_test_cli_key, - mbedtls_test_cli_key_len, NULL, 0 ); + { ret = mbedtls_pk_parse_key(&pkey, + (const unsigned char *) mbedtls_test_cli_key, + mbedtls_test_cli_key_len, NULL, 0); } #else { ret = 1; - mbedtls_printf( "MBEDTLS_CERTS_C not defined." ); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", - (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.key_opaque != 0 ) - { - if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot, - PSA_ALG_ANY_HASH ) ) != 0 ) - { - mbedtls_printf( " failed\n ! " - "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret ); + if (opt.key_opaque != 0) { + if ((ret = mbedtls_pk_wrap_as_opaque(&pkey, &key_slot, + PSA_ALG_ANY_HASH)) != 0) { + mbedtls_printf(" failed\n ! " + "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret); goto exit; } } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_printf( " ok (key type: %s)\n", mbedtls_pk_get_name( &pkey ) ); + mbedtls_printf(" ok (key type: %s)\n", mbedtls_pk_get_name(&pkey)); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ /* * 2. Start the connection */ - if( opt.server_addr == NULL) + if (opt.server_addr == NULL) { opt.server_addr = opt.server_name; + } - mbedtls_printf( " . Connecting to %s/%s/%s...", - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", - opt.server_addr, opt.server_port ); - fflush( stdout ); + mbedtls_printf(" . Connecting to %s/%s/%s...", + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", + opt.server_addr, opt.server_port); + fflush(stdout); - if( ( ret = mbedtls_net_connect( &server_fd, - opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_net_connect(&server_fd, + opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( opt.nbio > 0 ) - ret = mbedtls_net_set_nonblock( &server_fd ); - else - ret = mbedtls_net_set_block( &server_fd ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", - (unsigned int) -ret ); + if (opt.nbio > 0) { + ret = mbedtls_net_set_nonblock(&server_fd); + } else { + ret = mbedtls_net_set_block(&server_fd); + } + if (ret != 0) { + mbedtls_printf(" failed\n ! net_set_(non)block() returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 3. Setup stuff */ - mbedtls_printf( " . Setting up the SSL/TLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - opt.transport, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", - (unsigned int) -ret ); + mbedtls_printf(" . Setting up the SSL/TLS structure..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + opt.transport, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* The default algorithms profile disables SHA-1, but our tests still rely on it heavily. */ - if( opt.allow_sha1 > 0 ) - { - crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ); - mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test ); - mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test ); + if (opt.allow_sha1 > 0) { + crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1); + mbedtls_ssl_conf_cert_profile(&conf, &crt_profile_for_test); + mbedtls_ssl_conf_sig_hashes(&conf, ssl_sig_hashes_for_test); } - if( opt.context_crt_cb == 0 ) - mbedtls_ssl_conf_verify( &conf, my_verify, NULL ); + if (opt.context_crt_cb == 0) { + mbedtls_ssl_conf_verify(&conf, my_verify, NULL); + } - memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); + memset(peer_crt_info, 0, sizeof(peer_crt_info)); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 ) - { - if( opt.cid_enabled == 1 && + if (opt.cid_enabled == 1 || opt.cid_enabled_renego == 1) { + if (opt.cid_enabled == 1 && opt.cid_enabled_renego == 1 && - cid_len != cid_renego_len ) - { - mbedtls_printf( "CID length must not change during renegotiation\n" ); + cid_len != cid_renego_len) { + mbedtls_printf("CID length must not change during renegotiation\n"); goto usage; } - if( opt.cid_enabled == 1 ) - ret = mbedtls_ssl_conf_cid( &conf, cid_len, - MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); - else - ret = mbedtls_ssl_conf_cid( &conf, cid_renego_len, - MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); + if (opt.cid_enabled == 1) { + ret = mbedtls_ssl_conf_cid(&conf, cid_len, + MBEDTLS_SSL_UNEXPECTED_CID_IGNORE); + } else { + ret = mbedtls_ssl_conf_cid(&conf, cid_renego_len, + MBEDTLS_SSL_UNEXPECTED_CID_IGNORE); + } - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n", - (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n", + (unsigned int) -ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - if( opt.auth_mode != DFL_AUTH_MODE ) - mbedtls_ssl_conf_authmode( &conf, opt.auth_mode ); + if (opt.auth_mode != DFL_AUTH_MODE) { + mbedtls_ssl_conf_authmode(&conf, opt.auth_mode); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX ) - mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, - opt.hs_to_max ); + if (opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX) { + mbedtls_ssl_conf_handshake_timeout(&conf, opt.hs_to_min, + opt.hs_to_max); + } - if( opt.dgram_packing != DFL_DGRAM_PACKING ) - mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing ); + if (opt.dgram_packing != DFL_DGRAM_PACKING) { + mbedtls_ssl_set_datagram_packing(&ssl, opt.dgram_packing); + } #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", - ret ); + if ((ret = mbedtls_ssl_conf_max_frag_len(&conf, opt.mfl_code)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", + ret); goto exit; } #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) const mbedtls_ssl_srtp_profile forced_profile[] = - { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET }; - if( opt.use_srtp == 1 ) - { - if( opt.force_srtp_profile != 0 ) - { - ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, forced_profile ); - } - else - { - ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, default_profiles ); - } - - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! " - "mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n", - ret ); + { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET }; + if (opt.use_srtp == 1) { + if (opt.force_srtp_profile != 0) { + ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles(&conf, forced_profile); + } else { + ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles(&conf, default_profiles); + } + + if (ret != 0) { + mbedtls_printf(" failed\n ! " + "mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n", + ret); goto exit; } - } - else if( opt.force_srtp_profile != 0 ) - { - mbedtls_printf( " failed\n ! must enable use_srtp to force srtp profile\n\n" ); + } else if (opt.force_srtp_profile != 0) { + mbedtls_printf(" failed\n ! must enable use_srtp to force srtp profile\n\n"); goto exit; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( opt.trunc_hmac != DFL_TRUNC_HMAC ) - mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac ); + if (opt.trunc_hmac != DFL_TRUNC_HMAC) { + mbedtls_ssl_conf_truncated_hmac(&conf, opt.trunc_hmac); + } #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( opt.extended_ms != DFL_EXTENDED_MS ) - mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms ); + if (opt.extended_ms != DFL_EXTENDED_MS) { + mbedtls_ssl_conf_extended_master_secret(&conf, opt.extended_ms); + } #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( opt.etm != DFL_ETM ) - mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm ); + if (opt.etm != DFL_ETM) { + mbedtls_ssl_conf_encrypt_then_mac(&conf, opt.etm); + } #endif #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( opt.eap_tls != 0 ) - { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, eap_tls_key_derivation, - &eap_tls_keying ); - } - else if( opt.nss_keylog != 0 ) - { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, - nss_keylog_export, - NULL ); + if (opt.eap_tls != 0) { + mbedtls_ssl_conf_export_keys_ext_cb(&conf, eap_tls_key_derivation, + &eap_tls_keying); + } else if (opt.nss_keylog != 0) { + mbedtls_ssl_conf_export_keys_ext_cb(&conf, + nss_keylog_export, + NULL); } -#if defined( MBEDTLS_SSL_DTLS_SRTP ) - else if( opt.use_srtp != 0 ) - { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, dtls_srtp_key_derivation, - &dtls_srtp_keying ); +#if defined(MBEDTLS_SSL_DTLS_SRTP) + else if (opt.use_srtp != 0) { + mbedtls_ssl_conf_export_keys_ext_cb(&conf, dtls_srtp_key_derivation, + &dtls_srtp_keying); } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - if( opt.recsplit != DFL_RECSPLIT ) - mbedtls_ssl_conf_cbc_record_splitting( &conf, opt.recsplit + if (opt.recsplit != DFL_RECSPLIT) { + mbedtls_ssl_conf_cbc_record_splitting(&conf, opt.recsplit ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED - : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ); + : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED); + } #endif #if defined(MBEDTLS_DHM_C) - if( opt.dhmlen != DFL_DHMLEN ) - mbedtls_ssl_conf_dhm_min_bitlen( &conf, opt.dhmlen ); + if (opt.dhmlen != DFL_DHMLEN) { + mbedtls_ssl_conf_dhm_min_bitlen(&conf, opt.dhmlen); + } #endif #if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", - ret ); + if (opt.alpn_string != NULL) { + if ((ret = mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", + ret); goto exit; } + } #endif - if (opt.reproducible) - { + if (opt.reproducible) { #if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_PLATFORM_TIME_ALT) - mbedtls_platform_set_time( dummy_constant_time ); + mbedtls_platform_set_time(dummy_constant_time); #else - fprintf( stderr, "Warning: reproducible option used without constant time\n" ); + fprintf(stderr, "Warning: reproducible option used without constant time\n"); #endif #endif /* MBEDTLS_HAVE_TIME */ } - mbedtls_ssl_conf_rng( &conf, rng_get, &rng ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, rng_get, &rng); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); - mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout ); + mbedtls_ssl_conf_read_timeout(&conf, opt.read_timeout); #if defined(MBEDTLS_SSL_SESSION_TICKETS) - mbedtls_ssl_conf_session_tickets( &conf, opt.tickets ); + mbedtls_ssl_conf_session_tickets(&conf, opt.tickets); #endif - if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) - mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); + if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) { + mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite); + } #if defined(MBEDTLS_ARC4_C) - if( opt.arc4 != DFL_ARC4 ) - mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 ); + if (opt.arc4 != DFL_ARC4) { + mbedtls_ssl_conf_arc4_support(&conf, opt.arc4); + } #endif - if( opt.allow_legacy != DFL_ALLOW_LEGACY ) - mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy ); + if (opt.allow_legacy != DFL_ALLOW_LEGACY) { + mbedtls_ssl_conf_legacy_renegotiation(&conf, opt.allow_legacy); + } #if defined(MBEDTLS_SSL_RENEGOTIATION) - mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation ); + mbedtls_ssl_conf_renegotiation(&conf, opt.renegotiation); #endif #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - if( strcmp( opt.ca_path, "none" ) != 0 && - strcmp( opt.ca_file, "none" ) != 0 ) - { + if (strcmp(opt.ca_path, "none") != 0 && + strcmp(opt.ca_file, "none") != 0) { #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( opt.ca_callback != 0 ) - mbedtls_ssl_conf_ca_cb( &conf, ca_callback, &cacert ); - else + if (opt.ca_callback != 0) { + mbedtls_ssl_conf_ca_cb(&conf, ca_callback, &cacert); + } else #endif - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); } - if( strcmp( opt.crt_file, "none" ) != 0 && - strcmp( opt.key_file, "none" ) != 0 ) - { - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", - ret ); + if (strcmp(opt.crt_file, "none") != 0 && + strcmp(opt.key_file, "none") != 0) { + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &clicert, &pkey)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", + ret); goto exit; } } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_ECP_C) - if( opt.curves != NULL && - strcmp( opt.curves, "default" ) != 0 ) - { - mbedtls_ssl_conf_curves( &conf, curve_list ); + if (opt.curves != NULL && + strcmp(opt.curves, "default") != 0) { + mbedtls_ssl_conf_curves(&conf, curve_list); } #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { + if (opt.psk_opaque != 0) { key_attributes = psa_key_attributes_init(); - psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &key_attributes, alg ); - psa_set_key_type( &key_attributes, PSA_KEY_TYPE_DERIVE ); + psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&key_attributes, alg); + psa_set_key_type(&key_attributes, PSA_KEY_TYPE_DERIVE); - status = psa_import_key( &key_attributes, psk, psk_len, &slot ); - if( status != PSA_SUCCESS ) - { + status = psa_import_key(&key_attributes, psk, psk_len, &slot); + if (status != PSA_SUCCESS) { ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } - if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, slot, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", - ret ); + if ((ret = mbedtls_ssl_conf_psk_opaque(&conf, slot, + (const unsigned char *) opt.psk_identity, + strlen(opt.psk_identity))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", + ret); goto exit; } - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( psk_len > 0 ) - { - ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk returned %d\n\n", ret ); + if (psk_len > 0) { + ret = mbedtls_ssl_conf_psk(&conf, psk, psk_len, + (const unsigned char *) opt.psk_identity, + strlen(opt.psk_identity)); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_psk returned %d\n\n", ret); goto exit; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ - if( opt.min_version != DFL_MIN_VERSION ) - mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, - opt.min_version ); + if (opt.min_version != DFL_MIN_VERSION) { + mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, + opt.min_version); + } - if( opt.max_version != DFL_MAX_VERSION ) - mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, - opt.max_version ); + if (opt.max_version != DFL_MAX_VERSION) { + mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, + opt.max_version); + } #if defined(MBEDTLS_SSL_FALLBACK_SCSV) - if( opt.fallback != DFL_FALLBACK ) - mbedtls_ssl_conf_fallback( &conf, opt.fallback ); + if (opt.fallback != DFL_FALLBACK) { + mbedtls_ssl_conf_fallback(&conf, opt.fallback); + } #endif - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", - ret ); + if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", + ret); goto exit; } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( opt.ecjpake_pw != DFL_ECJPAKE_PW ) - { - if( ( ret = mbedtls_ssl_set_hs_ecjpake_password( &ssl, - (const unsigned char *) opt.ecjpake_pw, - strlen( opt.ecjpake_pw ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", - ret ); + if (opt.ecjpake_pw != DFL_ECJPAKE_PW) { + if ((ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, + (const unsigned char *) opt.ecjpake_pw, + strlen(opt.ecjpake_pw))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", + ret); goto exit; } } #endif #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - if( opt.context_crt_cb == 1 ) - mbedtls_ssl_set_verify( &ssl, my_verify, NULL ); + if (opt.context_crt_cb == 1) { + mbedtls_ssl_set_verify(&ssl, my_verify, NULL); + } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ io_ctx.ssl = &ssl; io_ctx.net = &server_fd; - mbedtls_ssl_set_bio( &ssl, &io_ctx, send_cb, recv_cb, - opt.nbio == 0 ? recv_timeout_cb : NULL ); + mbedtls_ssl_set_bio(&ssl, &io_ctx, send_cb, recv_cb, + opt.nbio == 0 ? recv_timeout_cb : NULL); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled, - cid, cid_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_cid returned %d\n\n", - ret ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled, + cid, cid_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_cid returned %d\n\n", + ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.dtls_mtu != DFL_DTLS_MTU ) - mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu ); + if (opt.dtls_mtu != DFL_DTLS_MTU) { + mbedtls_ssl_set_mtu(&ssl, opt.dtls_mtu); + } #endif #if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #endif #if defined(MBEDTLS_ECP_RESTARTABLE) - if( opt.ec_max_ops != DFL_EC_MAX_OPS ) - mbedtls_ecp_set_max_ops( opt.ec_max_ops ); + if (opt.ec_max_ops != DFL_EC_MAX_OPS) { + mbedtls_ecp_set_max_ops(opt.ec_max_ops); + } #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) - if( opt.use_srtp != 0 && strlen( opt.mki ) != 0 ) - { - if( mbedtls_test_unhexify( mki, sizeof( mki ), - opt.mki,&mki_len ) != 0 ) - { - mbedtls_printf( "mki value not valid hex\n" ); + if (opt.use_srtp != 0 && strlen(opt.mki) != 0) { + if (mbedtls_test_unhexify(mki, sizeof(mki), + opt.mki, &mki_len) != 0) { + mbedtls_printf("mki value not valid hex\n"); goto exit; } - mbedtls_ssl_conf_srtp_mki_value_supported( &conf, MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED ); - if( ( ret = mbedtls_ssl_dtls_srtp_set_mki_value( &ssl, mki, - (uint16_t) strlen( opt.mki ) / 2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_dtls_srtp_set_mki_value returned %d\n\n", ret ); + mbedtls_ssl_conf_srtp_mki_value_supported(&conf, MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED); + if ((ret = mbedtls_ssl_dtls_srtp_set_mki_value(&ssl, mki, + (uint16_t) strlen(opt.mki) / 2)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_dtls_srtp_set_mki_value returned %d\n\n", ret); goto exit; } } #endif - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 4. Handshake */ - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); + mbedtls_printf(" . Performing the SSL/TLS handshake..."); + fflush(stdout); - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n", - (unsigned int) -ret ); - if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n", + (unsigned int) -ret); + if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) { mbedtls_printf( " Unable to verify the server's certificate. " - "Either it is invalid,\n" + "Either it is invalid,\n" " or you didn't set ca_file or ca_path " - "to an appropriate value.\n" + "to an appropriate value.\n" " Alternatively, you may want to use " - "auth_mode=optional for testing purposes.\n" ); - mbedtls_printf( "\n" ); + "auth_mode=optional for testing purposes.\n"); + } + mbedtls_printf("\n"); goto exit; } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { continue; + } #endif /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - ret = idle( &server_fd, &timer, ret ); + ret = idle(&server_fd, &timer, ret); #else - ret = idle( &server_fd, ret ); + ret = idle(&server_fd, ret); #endif - if( ret != 0 ) + if (ret != 0) { goto exit; + } } } - mbedtls_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", - mbedtls_ssl_get_version( &ssl ), - mbedtls_ssl_get_ciphersuite( &ssl ) ); + mbedtls_printf(" ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", + mbedtls_ssl_get_version(&ssl), + mbedtls_ssl_get_ciphersuite(&ssl)); - if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 ) - mbedtls_printf( " [ Record expansion is %d ]\n", ret ); - else - mbedtls_printf( " [ Record expansion is unknown (compression) ]\n" ); + if ((ret = mbedtls_ssl_get_record_expansion(&ssl)) >= 0) { + mbedtls_printf(" [ Record expansion is %d ]\n", ret); + } else { + mbedtls_printf(" [ Record expansion is unknown (compression) ]\n"); + } #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - mbedtls_printf( " [ Maximum input fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_input_max_frag_len( &ssl ) ); - mbedtls_printf( " [ Maximum output fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_output_max_frag_len( &ssl ) ); + mbedtls_printf(" [ Maximum input fragment length is %u ]\n", + (unsigned int) mbedtls_ssl_get_input_max_frag_len(&ssl)); + mbedtls_printf(" [ Maximum output fragment length is %u ]\n", + (unsigned int) mbedtls_ssl_get_output_max_frag_len(&ssl)); #endif #if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - { - const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl ); - mbedtls_printf( " [ Application Layer Protocol is %s ]\n", - alp ? alp : "(none)" ); + if (opt.alpn_string != NULL) { + const char *alp = mbedtls_ssl_get_alpn_protocol(&ssl); + mbedtls_printf(" [ Application Layer Protocol is %s ]\n", + alp ? alp : "(none)"); } #endif #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( opt.eap_tls != 0 ) - { + if (opt.eap_tls != 0) { size_t j = 0; - if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type, - eap_tls_keying.master_secret, - sizeof( eap_tls_keying.master_secret ), - eap_tls_label, - eap_tls_keying.randbytes, - sizeof( eap_tls_keying.randbytes ), - eap_tls_keymaterial, - sizeof( eap_tls_keymaterial ) ) ) - != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, + eap_tls_keying.master_secret, + sizeof(eap_tls_keying.master_secret), + eap_tls_label, + eap_tls_keying.randbytes, + sizeof(eap_tls_keying.randbytes), + eap_tls_keymaterial, + sizeof(eap_tls_keymaterial))) + != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " EAP-TLS key material is:" ); - for( j = 0; j < sizeof( eap_tls_keymaterial ); j++ ) - { - if( j % 8 == 0 ) + mbedtls_printf(" EAP-TLS key material is:"); + for (j = 0; j < sizeof(eap_tls_keymaterial); j++) { + if (j % 8 == 0) { mbedtls_printf("\n "); - mbedtls_printf("%02x ", eap_tls_keymaterial[j] ); + } + mbedtls_printf("%02x ", eap_tls_keymaterial[j]); } mbedtls_printf("\n"); - if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type, NULL, 0, - eap_tls_label, - eap_tls_keying.randbytes, - sizeof( eap_tls_keying.randbytes ), - eap_tls_iv, - sizeof( eap_tls_iv ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", - (unsigned int) -ret ); - goto exit; - } - - mbedtls_printf( " EAP-TLS IV is:" ); - for( j = 0; j < sizeof( eap_tls_iv ); j++ ) - { - if( j % 8 == 0 ) + if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, NULL, 0, + eap_tls_label, + eap_tls_keying.randbytes, + sizeof(eap_tls_keying.randbytes), + eap_tls_iv, + sizeof(eap_tls_iv))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", + (unsigned int) -ret); + goto exit; + } + + mbedtls_printf(" EAP-TLS IV is:"); + for (j = 0; j < sizeof(eap_tls_iv); j++) { + if (j % 8 == 0) { mbedtls_printf("\n "); - mbedtls_printf("%02x ", eap_tls_iv[j] ); + } + mbedtls_printf("%02x ", eap_tls_iv[j]); } mbedtls_printf("\n"); } -#if defined( MBEDTLS_SSL_DTLS_SRTP ) - else if( opt.use_srtp != 0 ) - { +#if defined(MBEDTLS_SSL_DTLS_SRTP) + else if (opt.use_srtp != 0) { size_t j = 0; mbedtls_dtls_srtp_info dtls_srtp_negotiation_result; - mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl, &dtls_srtp_negotiation_result ); - - if( dtls_srtp_negotiation_result.chosen_dtls_srtp_profile - == MBEDTLS_TLS_SRTP_UNSET ) - { - mbedtls_printf( " Unable to negotiate " - "the use of DTLS-SRTP\n" ); - } - else - { - if( ( ret = mbedtls_ssl_tls_prf( dtls_srtp_keying.tls_prf_type, - dtls_srtp_keying.master_secret, - sizeof( dtls_srtp_keying.master_secret ), - dtls_srtp_label, - dtls_srtp_keying.randbytes, - sizeof( dtls_srtp_keying.randbytes ), - dtls_srtp_key_material, - sizeof( dtls_srtp_key_material ) ) ) - != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", - (unsigned int) -ret ); + mbedtls_ssl_get_dtls_srtp_negotiation_result(&ssl, &dtls_srtp_negotiation_result); + + if (dtls_srtp_negotiation_result.chosen_dtls_srtp_profile + == MBEDTLS_TLS_SRTP_UNSET) { + mbedtls_printf(" Unable to negotiate " + "the use of DTLS-SRTP\n"); + } else { + if ((ret = mbedtls_ssl_tls_prf(dtls_srtp_keying.tls_prf_type, + dtls_srtp_keying.master_secret, + sizeof(dtls_srtp_keying.master_secret), + dtls_srtp_label, + dtls_srtp_keying.randbytes, + sizeof(dtls_srtp_keying.randbytes), + dtls_srtp_key_material, + sizeof(dtls_srtp_key_material))) + != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " DTLS-SRTP key material is:" ); - for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ ) - { - if( j % 8 == 0 ) - mbedtls_printf( "\n " ); - mbedtls_printf( "%02x ", dtls_srtp_key_material[j] ); + mbedtls_printf(" DTLS-SRTP key material is:"); + for (j = 0; j < sizeof(dtls_srtp_key_material); j++) { + if (j % 8 == 0) { + mbedtls_printf("\n "); + } + mbedtls_printf("%02x ", dtls_srtp_key_material[j]); } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); /* produce a less readable output used to perform automatic checks * - compare client and server output * - interop test with openssl which client produces this kind of output */ - mbedtls_printf( " Keying material: " ); - for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ ) - { - mbedtls_printf( "%02X", dtls_srtp_key_material[j] ); - } - mbedtls_printf( "\n" ); - - if ( dtls_srtp_negotiation_result.mki_len > 0 ) - { - mbedtls_printf( " DTLS-SRTP mki value: " ); - for( j = 0; j < dtls_srtp_negotiation_result.mki_len; j++ ) - { - mbedtls_printf( "%02X", dtls_srtp_negotiation_result.mki_value[j] ); - } + mbedtls_printf(" Keying material: "); + for (j = 0; j < sizeof(dtls_srtp_key_material); j++) { + mbedtls_printf("%02X", dtls_srtp_key_material[j]); } - else - { - mbedtls_printf( " DTLS-SRTP no mki value negotiated" ); + mbedtls_printf("\n"); + + if (dtls_srtp_negotiation_result.mki_len > 0) { + mbedtls_printf(" DTLS-SRTP mki value: "); + for (j = 0; j < dtls_srtp_negotiation_result.mki_len; j++) { + mbedtls_printf("%02X", dtls_srtp_negotiation_result.mki_value[j]); + } + } else { + mbedtls_printf(" DTLS-SRTP no mki value negotiated"); } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); } } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ - if( opt.reconnect != 0 ) - { - mbedtls_printf(" . Saving session for reuse..." ); - fflush( stdout ); + if (opt.reconnect != 0) { + mbedtls_printf(" . Saving session for reuse..."); + fflush(stdout); - if( opt.reco_mode == 1 ) - { + if (opt.reco_mode == 1) { /* free any previously saved data */ - if( session_data != NULL ) - { - mbedtls_platform_zeroize( session_data, session_data_len ); - mbedtls_free( session_data ); + if (session_data != NULL) { + mbedtls_platform_zeroize(session_data, session_data_len); + mbedtls_free(session_data); session_data = NULL; } /* get size of the buffer needed */ - mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ), - NULL, 0, &session_data_len ); - session_data = mbedtls_calloc( 1, session_data_len ); - if( session_data == NULL ) - { - mbedtls_printf( " failed\n ! alloc %u bytes for session data\n", - (unsigned) session_data_len ); + mbedtls_ssl_session_save(mbedtls_ssl_get_session_pointer(&ssl), + NULL, 0, &session_data_len); + session_data = mbedtls_calloc(1, session_data_len); + if (session_data == NULL) { + mbedtls_printf(" failed\n ! alloc %u bytes for session data\n", + (unsigned) session_data_len); ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } /* actually save session data */ - if( ( ret = mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ), - session_data, session_data_len, - &session_data_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_session_save(mbedtls_ssl_get_session_pointer(&ssl), + session_data, session_data_len, + &session_data_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n", + (unsigned int) -ret); goto exit; } - } - else - { - if( ( ret = mbedtls_ssl_get_session( &ssl, &saved_session ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_get_session returned -0x%x\n\n", - (unsigned int) -ret ); + } else { + if ((ret = mbedtls_ssl_get_session(&ssl, &saved_session)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_get_session returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); - if( opt.reco_mode == 1 ) - { - mbedtls_printf( " [ Saved %u bytes of session data]\n", - (unsigned) session_data_len ); + if (opt.reco_mode == 1) { + mbedtls_printf(" [ Saved %u bytes of session data]\n", + (unsigned) session_data_len); } } @@ -2344,88 +2183,84 @@ int main( int argc, char *argv[] ) /* * 5. Verify the server certificate */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf(" . Verifying peer X.509 certificate..."); - if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) - { + if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); + mbedtls_printf(" failed\n"); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), - " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), + " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); + } else { + mbedtls_printf(" ok\n"); } - else - mbedtls_printf( " ok\n" ); - mbedtls_printf( " . Peer certificate information ...\n" ); - mbedtls_printf( "%s\n", peer_crt_info ); + mbedtls_printf(" . Peer certificate information ...\n"); + mbedtls_printf("%s\n", peer_crt_info); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - ret = report_cid_usage( &ssl, "initial handshake" ); - if( ret != 0 ) + ret = report_cid_usage(&ssl, "initial handshake"); + if (ret != 0) { goto exit; + } - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled_renego, - cid_renego, - cid_renego_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_cid returned %d\n\n", - ret ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled_renego, + cid_renego, + cid_renego_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_cid returned %d\n\n", + ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( opt.renegotiate ) - { + if (opt.renegotiate) { /* * Perform renegotiation (this must be done when the server is waiting * for input from our side). */ - mbedtls_printf( " . Performing renegotiation..." ); - fflush( stdout ); - while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && + mbedtls_printf(" . Performing renegotiation..."); + fflush(stdout); + while ((ret = mbedtls_ssl_renegotiate(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", - ret ); + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { + mbedtls_printf(" failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", + ret); goto exit; } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { continue; + } #endif /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); + idle(&server_fd, &timer, ret); #else - idle( &server_fd, ret ); + idle(&server_fd, ret); #endif } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - ret = report_cid_usage( &ssl, "after renegotiation" ); - if( ret != 0 ) + ret = report_cid_usage(&ssl, "after renegotiation"); + if (ret != 0) { goto exit; + } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ /* @@ -2433,120 +2268,111 @@ int main( int argc, char *argv[] ) */ retry_left = opt.max_resend; send_request: - mbedtls_printf( " > Write to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write to server:"); + fflush(stdout); - len = mbedtls_snprintf( (char *) buf, sizeof( buf ) - 1, GET_REQUEST, - opt.request_page ); - tail_len = (int) strlen( GET_REQUEST_END ); + len = mbedtls_snprintf((char *) buf, sizeof(buf) - 1, GET_REQUEST, + opt.request_page); + tail_len = (int) strlen(GET_REQUEST_END); /* Add padding to GET request to reach opt.request_size in length */ - if( opt.request_size != DFL_REQUEST_SIZE && - len + tail_len < opt.request_size ) - { - memset( buf + len, 'A', opt.request_size - len - tail_len ); + if (opt.request_size != DFL_REQUEST_SIZE && + len + tail_len < opt.request_size) { + memset(buf + len, 'A', opt.request_size - len - tail_len); len += opt.request_size - len - tail_len; } - strncpy( (char *) buf + len, GET_REQUEST_END, sizeof( buf ) - len - 1 ); + strncpy((char *) buf + len, GET_REQUEST_END, sizeof(buf) - len - 1); len += tail_len; /* Truncate if request size is smaller than the "natural" size */ - if( opt.request_size != DFL_REQUEST_SIZE && - len > opt.request_size ) - { + if (opt.request_size != DFL_REQUEST_SIZE && + len > opt.request_size) { len = opt.request_size; /* Still end with \r\n unless that's really not possible */ - if( len >= 2 ) buf[len - 2] = '\r'; - if( len >= 1 ) buf[len - 1] = '\n'; + if (len >= 2) { + buf[len - 2] = '\r'; + } + if (len >= 1) { + buf[len - 1] = '\n'; + } } - if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { + if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) { written = 0; frags = 0; - do - { - while( ( ret = mbedtls_ssl_write( &ssl, buf + written, - len - written ) ) < 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && + do { + while ((ret = mbedtls_ssl_write(&ssl, buf + written, + len - written)) < 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned -0x%x\n\n", - (unsigned int) -ret ); + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); + idle(&server_fd, &timer, ret); #else - idle( &server_fd, ret ); + idle(&server_fd, ret); #endif } } frags++; written += ret; - } - while( written < len ); - } - else /* Not stream, so datagram */ - { - while( 1 ) - { - ret = mbedtls_ssl_write( &ssl, buf, len ); + } while (written < len); + } else { /* Not stream, so datagram */ + while (1) { + ret = mbedtls_ssl_write(&ssl, buf, len); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { continue; + } #endif - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { break; + } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); + idle(&server_fd, &timer, ret); #else - idle( &server_fd, ret ); + idle(&server_fd, ret); #endif } } - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", - ret ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", + ret); goto exit; } frags = 1; written = ret; - if( written < len ) - { - mbedtls_printf( " warning\n ! request didn't fit into single datagram and " - "was truncated to size %u", (unsigned) written ); + if (written < len) { + mbedtls_printf(" warning\n ! request didn't fit into single datagram and " + "was truncated to size %u", (unsigned) written); } } buf[written] = '\0'; - mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n", - written, frags, (char *) buf ); + mbedtls_printf(" %d bytes written in %d fragments\n\n%s\n", + written, frags, (char *) buf); /* Send a non-empty request if request_size == 0 */ - if ( len == 0 ) - { + if (len == 0) { opt.request_size = DFL_REQUEST_SIZE; goto send_request; } @@ -2554,176 +2380,161 @@ int main( int argc, char *argv[] ) /* * 7. Read the HTTP response */ - mbedtls_printf( " < Read from server:" ); - fflush( stdout ); + mbedtls_printf(" < Read from server:"); + fflush(stdout); /* * TLS and DTLS need different reading styles (stream vs datagram) */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) { + do { + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); + ret = mbedtls_ssl_read(&ssl, buf, len); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { continue; + } #endif - if( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ) - { + if (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE) { /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); + idle(&server_fd, &timer, ret); #else - idle( &server_fd, ret ); + idle(&server_fd, ret); #endif } continue; } - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); + mbedtls_printf(" connection was closed gracefully\n"); ret = 0; goto close_notify; case 0: case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( " connection was reset by peer\n" ); + mbedtls_printf(" connection was reset by peer\n"); ret = 0; goto reconnect; default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", - (unsigned int) -ret ); + mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", + (unsigned int) -ret); goto exit; } } len = ret; buf[len] = '\0'; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf); /* End of message should be detected according to the syntax of the * application protocol (eg HTTP), just use a dummy test here. */ - if( ret > 0 && buf[len-1] == '\n' ) - { + if (ret > 0 && buf[len-1] == '\n') { ret = 0; break; } - } - while( 1 ); - } - else /* Not stream, so datagram */ - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); + } while (1); + } else { /* Not stream, so datagram */ + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); - while( 1 ) - { - ret = mbedtls_ssl_read( &ssl, buf, len ); + while (1) { + ret = mbedtls_ssl_read(&ssl, buf, len); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { continue; + } #endif - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { break; + } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); + idle(&server_fd, &timer, ret); #else - idle( &server_fd, ret ); + idle(&server_fd, ret); #endif } } - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_TIMEOUT: - mbedtls_printf( " timeout\n" ); - if( retry_left-- > 0 ) + mbedtls_printf(" timeout\n"); + if (retry_left-- > 0) { goto send_request; + } goto exit; case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); + mbedtls_printf(" connection was closed gracefully\n"); ret = 0; goto close_notify; default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret ); + mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret); goto exit; } } len = ret; buf[len] = '\0'; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf); ret = 0; } /* * 7b. Simulate hard reset and reconnect from same port? */ - if( opt.reconnect_hard != 0 ) - { + if (opt.reconnect_hard != 0) { opt.reconnect_hard = 0; - mbedtls_printf( " . Restarting connection from same port..." ); - fflush( stdout ); + mbedtls_printf(" . Restarting connection from same port..."); + fflush(stdout); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); + memset(peer_crt_info, 0, sizeof(peer_crt_info)); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ - if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_session_reset(&ssl)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", - (unsigned int) -ret ); + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); + idle(&server_fd, &timer, ret); #else - idle( &server_fd, ret ); + idle(&server_fd, ret); #endif } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); goto send_request; } @@ -2732,160 +2543,149 @@ int main( int argc, char *argv[] ) * 7c. Simulate serialize/deserialize and go back to data exchange */ #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( opt.serialize != 0 ) - { + if (opt.serialize != 0) { size_t buf_len; - mbedtls_printf( " . Serializing live connection..." ); + mbedtls_printf(" . Serializing live connection..."); - ret = mbedtls_ssl_context_save( &ssl, NULL, 0, &buf_len ); - if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned " - "-0x%x\n\n", (unsigned int) -ret ); + ret = mbedtls_ssl_context_save(&ssl, NULL, 0, &buf_len); + if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { + mbedtls_printf(" failed\n ! mbedtls_ssl_context_save returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - if( ( context_buf = mbedtls_calloc( 1, buf_len ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Couldn't allocate buffer for " - "serialized context" ); + if ((context_buf = mbedtls_calloc(1, buf_len)) == NULL) { + mbedtls_printf(" failed\n ! Couldn't allocate buffer for " + "serialized context"); goto exit; } context_buf_len = buf_len; - if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf, - buf_len, &buf_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned " - "-0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_context_save(&ssl, context_buf, + buf_len, &buf_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_context_save returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* Save serialized context to the 'opt.context_file' as a base64 code */ - if( 0 < strlen( opt.context_file ) ) - { + if (0 < strlen(opt.context_file)) { FILE *b64_file; uint8_t *b64_buf; size_t b64_len; - mbedtls_printf( " . Save serialized context to a file... " ); + mbedtls_printf(" . Save serialized context to a file... "); - mbedtls_base64_encode( NULL, 0, &b64_len, context_buf, buf_len ); + mbedtls_base64_encode(NULL, 0, &b64_len, context_buf, buf_len); - if( ( b64_buf = mbedtls_calloc( 1, b64_len ) ) == NULL ) - { - mbedtls_printf( "failed\n ! Couldn't allocate buffer for " - "the base64 code\n" ); + if ((b64_buf = mbedtls_calloc(1, b64_len)) == NULL) { + mbedtls_printf("failed\n ! Couldn't allocate buffer for " + "the base64 code\n"); goto exit; } - if( ( ret = mbedtls_base64_encode( b64_buf, b64_len, &b64_len, - context_buf, buf_len ) ) != 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_base64_encode returned " - "-0x%x\n", (unsigned int) -ret ); - mbedtls_free( b64_buf ); + if ((ret = mbedtls_base64_encode(b64_buf, b64_len, &b64_len, + context_buf, buf_len)) != 0) { + mbedtls_printf("failed\n ! mbedtls_base64_encode returned " + "-0x%x\n", (unsigned int) -ret); + mbedtls_free(b64_buf); goto exit; } - if( ( b64_file = fopen( opt.context_file, "w" ) ) == NULL ) - { - mbedtls_printf( "failed\n ! Cannot open '%s' for writing.\n", - opt.context_file ); - mbedtls_free( b64_buf ); + if ((b64_file = fopen(opt.context_file, "w")) == NULL) { + mbedtls_printf("failed\n ! Cannot open '%s' for writing.\n", + opt.context_file); + mbedtls_free(b64_buf); goto exit; } - if( b64_len != fwrite( b64_buf, 1, b64_len, b64_file ) ) - { - mbedtls_printf( "failed\n ! fwrite(%ld bytes) failed\n", - (long) b64_len ); - mbedtls_free( b64_buf ); - fclose( b64_file ); + if (b64_len != fwrite(b64_buf, 1, b64_len, b64_file)) { + mbedtls_printf("failed\n ! fwrite(%ld bytes) failed\n", + (long) b64_len); + mbedtls_free(b64_buf); + fclose(b64_file); goto exit; } - mbedtls_free( b64_buf ); - fclose( b64_file ); + mbedtls_free(b64_buf); + fclose(b64_file); - mbedtls_printf( "ok\n" ); + mbedtls_printf("ok\n"); } - if( opt.serialize == 1 ) - { + if (opt.serialize == 1) { /* nothing to do here, done by context_save() already */ - mbedtls_printf( " . Context has been reset... ok\n" ); + mbedtls_printf(" . Context has been reset... ok\n"); } - if( opt.serialize == 2 ) - { - mbedtls_printf( " . Freeing and reinitializing context..." ); + if (opt.serialize == 2) { + mbedtls_printf(" . Freeing and reinitializing context..."); - mbedtls_ssl_free( &ssl ); + mbedtls_ssl_free(&ssl); - mbedtls_ssl_init( &ssl ); + mbedtls_ssl_init(&ssl); - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned " - "-0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - if( opt.nbio == 2 ) - mbedtls_ssl_set_bio( &ssl, &server_fd, delayed_send, - delayed_recv, NULL ); - else - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, - mbedtls_net_recv, - opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL ); + if (opt.nbio == 2) { + mbedtls_ssl_set_bio(&ssl, &server_fd, delayed_send, + delayed_recv, NULL); + } else { + mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, + mbedtls_net_recv, + opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL); + } #if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &ssl, &timer, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #endif /* MBEDTLS_TIMING_C */ - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } - mbedtls_printf( " . Deserializing connection..." ); + mbedtls_printf(" . Deserializing connection..."); - if( ( ret = mbedtls_ssl_context_load( &ssl, context_buf, - buf_len ) ) != 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_ssl_context_load returned " - "-0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_context_load(&ssl, context_buf, + buf_len)) != 0) { + mbedtls_printf("failed\n ! mbedtls_ssl_context_load returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_free( context_buf ); + mbedtls_free(context_buf); context_buf = NULL; context_buf_len = 0; - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ /* * 7d. Continue doing data exchanges? */ - if( --opt.exchanges > 0 ) + if (--opt.exchanges > 0) { goto send_request; + } /* * 8. Done, cleanly close the connection */ close_notify: - mbedtls_printf( " . Closing the connection..." ); - fflush( stdout ); + mbedtls_printf(" . Closing the connection..."); + fflush(stdout); /* * Most of the time sending a close_notify before closing is the right @@ -2899,97 +2699,90 @@ int main( int argc, char *argv[] ) * failures in tests that use DTLS and resumption with ssl_server2 in * ssl-opt.sh, avoided by enabling skip_close_notify client-side. */ - if( opt.skip_close_notify == 0 ) - { + if (opt.skip_close_notify == 0) { /* No error checking, the connection might be closed already */ - do ret = mbedtls_ssl_close_notify( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_close_notify(&ssl); + } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE); ret = 0; } - mbedtls_printf( " done\n" ); + mbedtls_printf(" done\n"); /* * 9. Reconnect? */ reconnect: - if( opt.reconnect != 0 ) - { + if (opt.reconnect != 0) { --opt.reconnect; - mbedtls_net_free( &server_fd ); + mbedtls_net_free(&server_fd); #if defined(MBEDTLS_TIMING_C) - if( opt.reco_delay > 0 ) - mbedtls_net_usleep( 1000000 * opt.reco_delay ); + if (opt.reco_delay > 0) { + mbedtls_net_usleep(1000000 * opt.reco_delay); + } #endif - mbedtls_printf( " . Reconnecting with saved session..." ); + mbedtls_printf(" . Reconnecting with saved session..."); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); + memset(peer_crt_info, 0, sizeof(peer_crt_info)); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ - if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_session_reset(&ssl)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( opt.reco_mode == 1 ) - { - if( ( ret = mbedtls_ssl_session_load( &saved_session, - session_data, - session_data_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_session_load returned -0x%x\n\n", - (unsigned int) -ret ); + if (opt.reco_mode == 1) { + if ((ret = mbedtls_ssl_session_load(&saved_session, + session_data, + session_data_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_session_load returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_session returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_set_session(&ssl, &saved_session)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_session returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( ( ret = mbedtls_net_connect( &server_fd, - opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_net_connect(&server_fd, + opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( opt.nbio > 0 ) - ret = mbedtls_net_set_nonblock( &server_fd ); - else - ret = mbedtls_net_set_block( &server_fd ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", - (unsigned int) -ret ); + if (opt.nbio > 0) { + ret = mbedtls_net_set_nonblock(&server_fd); + } else { + ret = mbedtls_net_set_block(&server_fd); + } + if (ret != 0) { + mbedtls_printf(" failed\n ! net_set_(non)block() returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", - (unsigned int) -ret ); + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); goto send_request; } @@ -2999,66 +2792,66 @@ int main( int argc, char *argv[] ) */ exit: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf); } #endif - mbedtls_net_free( &server_fd ); + mbedtls_net_free(&server_fd); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_session_free( &saved_session ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ssl_session_free(&saved_session); - if( session_data != NULL ) - mbedtls_platform_zeroize( session_data, session_data_len ); - mbedtls_free( session_data ); + if (session_data != NULL) { + mbedtls_platform_zeroize(session_data, session_data_len); + } + mbedtls_free(session_data); #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( context_buf != NULL ) - mbedtls_platform_zeroize( context_buf, context_buf_len ); - mbedtls_free( context_buf ); + if (context_buf != NULL) { + mbedtls_platform_zeroize(context_buf, context_buf_len); + } + mbedtls_free(context_buf); #endif #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - mbedtls_x509_crt_free( &clicert ); - mbedtls_x509_crt_free( &cacert ); - mbedtls_pk_free( &pkey ); + mbedtls_x509_crt_free(&clicert); + mbedtls_x509_crt_free(&cacert); + mbedtls_pk_free(&pkey); #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_destroy_key( key_slot ); + psa_destroy_key(key_slot); #endif #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \ defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { + if (opt.psk_opaque != 0) { /* This is ok even if the slot hasn't been * initialized (we might have jumed here * immediately because of bad cmd line params, * for example). */ - status = psa_destroy_key( slot ); - if( ( status != PSA_SUCCESS ) && - ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) ) - { - mbedtls_printf( "Failed to destroy key slot %u - error was %d", - (unsigned) slot, (int) status ); - if( ret == 0 ) + status = psa_destroy_key(slot); + if ((status != PSA_SUCCESS) && + (opt.query_config_mode == DFL_QUERY_CONFIG_MODE)) { + mbedtls_printf("Failed to destroy key slot %u - error was %d", + (unsigned) slot, (int) status); + if (ret == 0) { ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED && MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - const char* message = mbedtls_test_helper_is_psa_leaking(); - if( message ) - { - if( ret == 0 ) + const char *message = mbedtls_test_helper_is_psa_leaking(); + if (message) { + if (ret == 0) { ret = 1; - mbedtls_printf( "PSA memory leak detected: %s\n", message); + } + mbedtls_printf("PSA memory leak detected: %s\n", message); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -3066,19 +2859,19 @@ int main( int argc, char *argv[] ) * resources are freed by rng_free(). */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) - mbedtls_psa_crypto_free( ); + mbedtls_psa_crypto_free(); #endif - rng_free( &rng ); + rng_free(&rng); #if defined(MBEDTLS_TEST_HOOKS) - if( test_hooks_failure_detected( ) ) - { - if( ret == 0 ) + if (test_hooks_failure_detected()) { + if (ret == 0) { ret = 1; - mbedtls_printf( "Test hooks detected errors.\n" ); + } + mbedtls_printf("Test hooks detected errors.\n"); } - test_hooks_free( ); + test_hooks_free(); #endif /* MBEDTLS_TEST_HOOKS */ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) @@ -3089,20 +2882,21 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ #if defined(_WIN32) - if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) - { - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); } #endif // Shell can not handle large exit numbers -> 1 for errors - if( ret < 0 ) + if (ret < 0) { ret = 1; + } - if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) - mbedtls_exit( ret ); - else - mbedtls_exit( query_config_ret ); + if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { + mbedtls_exit(ret); + } else { + mbedtls_exit(query_config_ret); + } } #endif /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */ diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index bb84f5294469..a8b2b470e0b9 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -29,11 +29,11 @@ #if !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_ERROR_C) || \ !defined(MBEDTLS_SSL_TLS_C) -int main( void ) +int main(void) { printf("MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_ERROR_C and/or " "MBEDTLS_SSL_TLS_C not defined.\n"); - return( 0 ); + return 0; } #else @@ -65,18 +65,18 @@ int main( void ) /* * Flags copied from the Mbed TLS library. */ -#define SESSION_CONFIG_TIME_BIT ( 1 << 0 ) -#define SESSION_CONFIG_CRT_BIT ( 1 << 1 ) -#define SESSION_CONFIG_CLIENT_TICKET_BIT ( 1 << 2 ) -#define SESSION_CONFIG_MFL_BIT ( 1 << 3 ) -#define SESSION_CONFIG_TRUNC_HMAC_BIT ( 1 << 4 ) -#define SESSION_CONFIG_ETM_BIT ( 1 << 5 ) -#define SESSION_CONFIG_TICKET_BIT ( 1 << 6 ) - -#define CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT ( 1 << 0 ) -#define CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT ( 1 << 1 ) -#define CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT ( 1 << 2 ) -#define CONTEXT_CONFIG_ALPN_BIT ( 1 << 3 ) +#define SESSION_CONFIG_TIME_BIT (1 << 0) +#define SESSION_CONFIG_CRT_BIT (1 << 1) +#define SESSION_CONFIG_CLIENT_TICKET_BIT (1 << 2) +#define SESSION_CONFIG_MFL_BIT (1 << 3) +#define SESSION_CONFIG_TRUNC_HMAC_BIT (1 << 4) +#define SESSION_CONFIG_ETM_BIT (1 << 5) +#define SESSION_CONFIG_TICKET_BIT (1 << 6) + +#define CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT (1 << 0) +#define CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT (1 << 1) +#define CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT (1 << 2) +#define CONTEXT_CONFIG_ALPN_BIT (1 << 3) #define TRANSFORM_RANDBYTE_LEN 64 @@ -91,28 +91,28 @@ int main( void ) #define MAX_CONTEXT_LEN 875 /* without session data */ #define MAX_SESSION_LEN 109 /* without certificate and ticket data */ -#define MAX_CERTIFICATE_LEN ( ( 1 << 24 ) - 1 ) -#define MAX_TICKET_LEN ( ( 1 << 24 ) - 1 ) +#define MAX_CERTIFICATE_LEN ((1 << 24) - 1) +#define MAX_TICKET_LEN ((1 << 24) - 1) -#define MIN_SERIALIZED_DATA ( MIN_CONTEXT_LEN + MIN_SESSION_LEN ) -#define MAX_SERIALIZED_DATA ( MAX_CONTEXT_LEN + MAX_SESSION_LEN + \ - MAX_CERTIFICATE_LEN + MAX_TICKET_LEN ) +#define MIN_SERIALIZED_DATA (MIN_CONTEXT_LEN + MIN_SESSION_LEN) +#define MAX_SERIALIZED_DATA (MAX_CONTEXT_LEN + MAX_SESSION_LEN + \ + MAX_CERTIFICATE_LEN + MAX_TICKET_LEN) -#define MIN_BASE64_LEN ( MIN_SERIALIZED_DATA * 4 / 3 ) -#define MAX_BASE64_LEN ( MAX_SERIALIZED_DATA * 4 / 3 + 3 ) +#define MIN_BASE64_LEN (MIN_SERIALIZED_DATA * 4 / 3) +#define MAX_BASE64_LEN (MAX_SERIALIZED_DATA * 4 / 3 + 3) /* * A macro that prevents from reading out of the ssl buffer range. */ -#define CHECK_SSL_END( LEN ) \ -do \ -{ \ - if( end - ssl < (int)( LEN ) ) \ - { \ - printf_err( "%s", buf_ln_err ); \ - return; \ - } \ -} while( 0 ) +#define CHECK_SSL_END(LEN) \ + do \ + { \ + if (end - ssl < (int) (LEN)) \ + { \ + printf_err("%s", buf_ln_err); \ + return; \ + } \ + } while (0) /* * Global values @@ -127,17 +127,17 @@ const char buf_ln_err[] = "Buffer does not have enough data to complete the pars /* * Basic printing functions */ -void print_version( ) +void print_version() { - printf( "%s v%d.%d\n", PROG_NAME, VER_MAJOR, VER_MINOR ); + printf("%s v%d.%d\n", PROG_NAME, VER_MAJOR, VER_MINOR); } -void print_usage( ) +void print_usage() { print_version(); - printf( "\nThis program is used to deserialize an Mbed TLS SSL session from the base64 code provided\n" - "in the text file. The program can deserialize many codes from one file, but they must be\n" - "separated, e.g. by a newline.\n\n" ); + printf("\nThis program is used to deserialize an Mbed TLS SSL session from the base64 code provided\n" + "in the text file. The program can deserialize many codes from one file, but they must be\n" + "separated, e.g. by a newline.\n\n"); printf( "Usage:\n" "\t-f path - Path to the file with base64 code\n" @@ -151,32 +151,31 @@ void print_usage( ) "\t--dtls-protocol=0 - Use this option if you know that the Mbed TLS library\n" "\t has been compiled without the MBEDTLS_SSL_PROTO_DTLS flag\n" "\n" - ); + ); } -void printf_dbg( const char *str, ... ) +void printf_dbg(const char *str, ...) { - if( debug ) - { + if (debug) { va_list args; - va_start( args, str ); - printf( "debug: " ); - vprintf( str, args ); - fflush( stdout ); - va_end( args ); + va_start(args, str); + printf("debug: "); + vprintf(str, args); + fflush(stdout); + va_end(args); } } -MBEDTLS_PRINTF_ATTRIBUTE( 1, 2 ) -void printf_err( const char *str, ... ) +MBEDTLS_PRINTF_ATTRIBUTE(1, 2) +void printf_err(const char *str, ...) { va_list args; - va_start( args, str ); - fflush( stdout ); - fprintf( stderr, "ERROR: " ); - vfprintf( stderr, str, args ); - fflush( stderr ); - va_end( args ); + va_start(args, str); + fflush(stdout); + fprintf(stderr, "ERROR: "); + vfprintf(stderr, str, args); + fflush(stderr); + va_end(args); } /* @@ -184,70 +183,51 @@ void printf_err( const char *str, ... ) */ void error_exit() { - if( NULL != b64_file ) - { - fclose( b64_file ); + if (NULL != b64_file) { + fclose(b64_file); } - exit( -1 ); + exit(-1); } /* * This function takes the input arguments of this program */ -void parse_arguments( int argc, char *argv[] ) +void parse_arguments(int argc, char *argv[]) { int i = 1; - if( argc < 2 ) - { + if (argc < 2) { print_usage(); error_exit(); } - while( i < argc ) - { - if( strcmp( argv[i], "-d" ) == 0 ) - { + while (i < argc) { + if (strcmp(argv[i], "-d") == 0) { debug = 1; - } - else if( strcmp( argv[i], "-h" ) == 0 ) - { + } else if (strcmp(argv[i], "-h") == 0) { print_usage(); - } - else if( strcmp( argv[i], "-v" ) == 0 ) - { + } else if (strcmp(argv[i], "-v") == 0) { print_version(); - } - else if( strcmp( argv[i], "-f" ) == 0 ) - { - if( ++i >= argc ) - { - printf_err( "File path is empty\n" ); + } else if (strcmp(argv[i], "-f") == 0) { + if (++i >= argc) { + printf_err("File path is empty\n"); error_exit(); } - if( NULL != b64_file ) - { - printf_err( "Cannot specify more than one file with -f\n" ); - error_exit( ); + if (NULL != b64_file) { + printf_err("Cannot specify more than one file with -f\n"); + error_exit(); } - if( ( b64_file = fopen( argv[i], "r" )) == NULL ) - { - printf_err( "Cannot find file \"%s\"\n", argv[i] ); + if ((b64_file = fopen(argv[i], "r")) == NULL) { + printf_err("Cannot find file \"%s\"\n", argv[i]); error_exit(); } - } - else if( strcmp( argv[i], "--keep-peer-cert=0" ) == 0 ) - { + } else if (strcmp(argv[i], "--keep-peer-cert=0") == 0) { conf_keep_peer_certificate = 0; - } - else if( strcmp( argv[i], "--dtls-protocol=0" ) == 0 ) - { + } else if (strcmp(argv[i], "--dtls-protocol=0") == 0) { conf_dtls_proto = 0; - } - else - { + } else { print_usage(); error_exit(); } @@ -259,22 +239,20 @@ void parse_arguments( int argc, char *argv[] ) /* * This function prints base64 code to the stdout */ -void print_b64( const uint8_t *b, size_t len ) +void print_b64(const uint8_t *b, size_t len) { size_t i = 0; const uint8_t *end = b + len; printf("\t"); - while( b < end ) - { - if( ++i > 75 ) - { - printf( "\n\t" ); + while (b < end) { + if (++i > 75) { + printf("\n\t"); i = 0; } - printf( "%c", *b++ ); + printf("%c", *b++); } - printf( "\n" ); - fflush( stdout ); + printf("\n"); + fflush(stdout); } /* @@ -285,25 +263,22 @@ void print_b64( const uint8_t *b, size_t len ) * /p in_line number of bytes in one line * /p prefix prefix for the new lines */ -void print_hex( const uint8_t *b, size_t len, - const size_t in_line, const char *prefix ) +void print_hex(const uint8_t *b, size_t len, + const size_t in_line, const char *prefix) { size_t i = 0; const uint8_t *end = b + len; - if( prefix == NULL ) - { + if (prefix == NULL) { prefix = ""; } - while( b < end ) - { - if( ++i > in_line ) - { - printf( "\n%s", prefix ); + while (b < end) { + if (++i > in_line) { + printf("\n%s", prefix); i = 1; } - printf( "%02X ", (uint8_t) *b++ ); + printf("%02X ", (uint8_t) *b++); } printf("\n"); fflush(stdout); @@ -312,53 +287,48 @@ void print_hex( const uint8_t *b, size_t len, /* * Print the value of time_t in format e.g. 2020-01-23 13:05:59 */ -void print_time( const uint64_t *time ) +void print_time(const uint64_t *time) { #if defined(MBEDTLS_HAVE_TIME) char buf[20]; - struct tm *t = gmtime( (time_t*) time ); + struct tm *t = gmtime((time_t *) time); static const char format[] = "%Y-%m-%d %H:%M:%S"; - if( NULL != t ) - { - strftime( buf, sizeof( buf ), format, t ); - printf( "%s\n", buf ); - } - else - { - printf( "unknown\n" ); + if (NULL != t) { + strftime(buf, sizeof(buf), format, t); + printf("%s\n", buf); + } else { + printf("unknown\n"); } #else (void) time; - printf( "not supported\n" ); + printf("not supported\n"); #endif } /* * Print the input string if the bit is set in the value */ -void print_if_bit( const char *str, int bit, int val ) +void print_if_bit(const char *str, int bit, int val) { - if( bit & val ) - { - printf( "\t%s\n", str ); + if (bit & val) { + printf("\t%s\n", str); } } /* * Return pointer to hardcoded "enabled" or "disabled" depending on the input value */ -const char * get_enabled_str( int is_en ) +const char *get_enabled_str(int is_en) { - return ( is_en ) ? "enabled" : "disabled"; + return (is_en) ? "enabled" : "disabled"; } /* * Return pointer to hardcoded MFL string value depending on the MFL code at the input */ -const char * get_mfl_str( int mfl_code ) +const char *get_mfl_str(int mfl_code) { - switch( mfl_code ) - { + switch (mfl_code) { case MBEDTLS_SSL_MAX_FRAG_LEN_NONE: return "none"; case MBEDTLS_SSL_MAX_FRAG_LEN_512: @@ -389,125 +359,95 @@ const char * get_mfl_str( int mfl_code ) * \retval number of bytes written in to the b64 buffer or 0 in case no more * data was found */ -size_t read_next_b64_code( uint8_t **b64, size_t *max_len ) +size_t read_next_b64_code(uint8_t **b64, size_t *max_len) { int valid_balance = 0; /* balance between valid and invalid characters */ size_t len = 0; char pad = 0; int c = 0; - while( EOF != c ) - { + while (EOF != c) { char c_valid = 0; - c = fgetc( b64_file ); + c = fgetc(b64_file); - if( pad > 0 ) - { - if( c == '=' && pad == 1 ) - { + if (pad > 0) { + if (c == '=' && pad == 1) { c_valid = 1; pad = 2; } - } - else if( ( c >= 'A' && c <= 'Z' ) || - ( c >= 'a' && c <= 'z' ) || - ( c >= '0' && c <= '9' ) || - c == '+' || c == '/' ) - { + } else if ((c >= 'A' && c <= 'Z') || + (c >= 'a' && c <= 'z') || + (c >= '0' && c <= '9') || + c == '+' || c == '/') { c_valid = 1; - } - else if( c == '=' ) - { + } else if (c == '=') { c_valid = 1; pad = 1; - } - else if( c == '-' ) - { + } else if (c == '-') { c = '+'; c_valid = 1; - } - else if( c == '_' ) - { + } else if (c == '_') { c = '/'; c_valid = 1; } - if( c_valid ) - { + if (c_valid) { /* A string of characters that could be a base64 code. */ valid_balance++; - if( len < *max_len ) - { - ( *b64 )[ len++ ] = c; - } - else if( *max_len < MAX_BASE64_LEN ) - { + if (len < *max_len) { + (*b64)[len++] = c; + } else if (*max_len < MAX_BASE64_LEN) { /* Current buffer is too small, but can be resized. */ void *ptr; - size_t new_size = ( MAX_BASE64_LEN - 4096 > *max_len ) ? + size_t new_size = (MAX_BASE64_LEN - 4096 > *max_len) ? *max_len + 4096 : MAX_BASE64_LEN; - ptr = realloc( *b64, new_size ); - if( NULL == ptr ) - { - printf_err( alloc_err ); + ptr = realloc(*b64, new_size); + if (NULL == ptr) { + printf_err(alloc_err); return 0; } *b64 = ptr; *max_len = new_size; - ( *b64 )[ len++ ] = c; - } - else - { + (*b64)[len++] = c; + } else { /* Too much data so it will be treated as invalid */ len++; } - } - else if( len > 0 ) - { + } else if (len > 0) { /* End of a string that could be a base64 code, but need to check * that the length of the characters is correct. */ valid_balance--; - if( len < MIN_CONTEXT_LEN ) - { - printf_dbg( "The code found is too small to be a SSL context.\n" ); + if (len < MIN_CONTEXT_LEN) { + printf_dbg("The code found is too small to be a SSL context.\n"); len = pad = 0; - } - else if( len > *max_len ) - { - printf_err( "The code found is too large by %" MBEDTLS_PRINTF_SIZET " bytes.\n", - len - *max_len ); + } else if (len > *max_len) { + printf_err("The code found is too large by %" MBEDTLS_PRINTF_SIZET " bytes.\n", + len - *max_len); len = pad = 0; - } - else if( len % 4 != 0 ) - { - printf_err( "The length of the base64 code found should be a multiple of 4.\n" ); + } else if (len % 4 != 0) { + printf_err("The length of the base64 code found should be a multiple of 4.\n"); len = pad = 0; - } - else - { + } else { /* Base64 code with valid character length. */ return len; } - } - else - { + } else { valid_balance--; } /* Detection of potentially wrong file format like: binary, zip, ISO, etc. */ - if( valid_balance < -100 ) - { - printf_err( "Too many bad symbols detected. File check aborted.\n" ); + if (valid_balance < -100) { + printf_err("Too many bad symbols detected. File check aborted.\n"); return 0; } } - printf_dbg( "End of file\n" ); + printf_dbg("End of file\n"); return 0; } @@ -517,53 +457,45 @@ size_t read_next_b64_code( uint8_t **b64, size_t *max_len ) * * /p ssl pointer to serialized certificate * /p len number of bytes in the buffer -*/ -void print_deserialized_ssl_cert( const uint8_t *ssl, uint32_t len ) + */ +void print_deserialized_ssl_cert(const uint8_t *ssl, uint32_t len) { enum { STRLEN = 4096 }; mbedtls_x509_crt crt; int ret; char str[STRLEN]; - printf( "\nCertificate:\n" ); + printf("\nCertificate:\n"); - mbedtls_x509_crt_init( &crt ); - ret = mbedtls_x509_crt_parse_der( &crt, ssl, len ); - if( 0 != ret ) - { - mbedtls_strerror( ret, str, STRLEN ); - printf_err( "Invalid format of X.509 - %s\n", str ); - printf( "Cannot deserialize:\n\t" ); - print_hex( ssl, len, 25, "\t" ); - } - else - { + mbedtls_x509_crt_init(&crt); + ret = mbedtls_x509_crt_parse_der(&crt, ssl, len); + if (0 != ret) { + mbedtls_strerror(ret, str, STRLEN); + printf_err("Invalid format of X.509 - %s\n", str); + printf("Cannot deserialize:\n\t"); + print_hex(ssl, len, 25, "\t"); + } else { mbedtls_x509_crt *current = &crt; - while( current != NULL ) - { - ret = mbedtls_x509_crt_info( str, STRLEN, "\t", current ); - if( 0 > ret ) - { - mbedtls_strerror( ret, str, STRLEN ); - printf_err( "Cannot write to the output - %s\n", str ); - } - else - { - printf( "%s", str ); + while (current != NULL) { + ret = mbedtls_x509_crt_info(str, STRLEN, "\t", current); + if (0 > ret) { + mbedtls_strerror(ret, str, STRLEN); + printf_err("Cannot write to the output - %s\n", str); + } else { + printf("%s", str); } current = current->next; - if( current ) - { - printf( "\n" ); + if (current) { + printf("\n"); } } } - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* @@ -591,227 +523,203 @@ void print_deserialized_ssl_cert( const uint8_t *ssl, uint32_t len ) * /p len number of bytes in the buffer * /p session_cfg_flag session configuration flags */ -void print_deserialized_ssl_session( const uint8_t *ssl, uint32_t len, - int session_cfg_flag ) +void print_deserialized_ssl_session(const uint8_t *ssl, uint32_t len, + int session_cfg_flag) { - const struct mbedtls_ssl_ciphersuite_t * ciphersuite_info; + const struct mbedtls_ssl_ciphersuite_t *ciphersuite_info; int ciphersuite_id; uint32_t cert_len, ticket_len; uint32_t verify_result, ticket_lifetime; const uint8_t *end = ssl + len; - printf( "\nSession info:\n" ); + printf("\nSession info:\n"); - if( session_cfg_flag & SESSION_CONFIG_TIME_BIT ) - { + if (session_cfg_flag & SESSION_CONFIG_TIME_BIT) { uint64_t start; - CHECK_SSL_END( 8 ); - start = ( (uint64_t) ssl[0] << 56 ) | - ( (uint64_t) ssl[1] << 48 ) | - ( (uint64_t) ssl[2] << 40 ) | - ( (uint64_t) ssl[3] << 32 ) | - ( (uint64_t) ssl[4] << 24 ) | - ( (uint64_t) ssl[5] << 16 ) | - ( (uint64_t) ssl[6] << 8 ) | - ( (uint64_t) ssl[7] ); + CHECK_SSL_END(8); + start = ((uint64_t) ssl[0] << 56) | + ((uint64_t) ssl[1] << 48) | + ((uint64_t) ssl[2] << 40) | + ((uint64_t) ssl[3] << 32) | + ((uint64_t) ssl[4] << 24) | + ((uint64_t) ssl[5] << 16) | + ((uint64_t) ssl[6] << 8) | + ((uint64_t) ssl[7]); ssl += 8; - printf( "\tstart time : " ); - print_time( &start ); + printf("\tstart time : "); + print_time(&start); } - CHECK_SSL_END( 2 ); - ciphersuite_id = ( (int) ssl[0] << 8 ) | (int) ssl[1]; - printf_dbg( "Ciphersuite ID: %d\n", ciphersuite_id ); + CHECK_SSL_END(2); + ciphersuite_id = ((int) ssl[0] << 8) | (int) ssl[1]; + printf_dbg("Ciphersuite ID: %d\n", ciphersuite_id); ssl += 2; - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); - if( ciphersuite_info == NULL ) - { - printf_err( "Cannot find ciphersuite info\n" ); - } - else - { + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuite_id); + if (ciphersuite_info == NULL) { + printf_err("Cannot find ciphersuite info\n"); + } else { const mbedtls_cipher_info_t *cipher_info; const mbedtls_md_info_t *md_info; - printf( "\tciphersuite : %s\n", ciphersuite_info->name ); - printf( "\tcipher flags : 0x%02X\n", ciphersuite_info->flags ); + printf("\tciphersuite : %s\n", ciphersuite_info->name); + printf("\tcipher flags : 0x%02X\n", ciphersuite_info->flags); - cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher ); - if( cipher_info == NULL ) - { - printf_err( "Cannot find cipher info\n" ); - } - else - { - printf( "\tcipher : %s\n", cipher_info->name ); + cipher_info = mbedtls_cipher_info_from_type(ciphersuite_info->cipher); + if (cipher_info == NULL) { + printf_err("Cannot find cipher info\n"); + } else { + printf("\tcipher : %s\n", cipher_info->name); } - md_info = mbedtls_md_info_from_type( ciphersuite_info->mac ); - if( md_info == NULL ) - { - printf_err( "Cannot find Message-Digest info\n" ); - } - else - { - printf( "\tMessage-Digest : %s\n", md_info->name ); + md_info = mbedtls_md_info_from_type(ciphersuite_info->mac); + if (md_info == NULL) { + printf_err("Cannot find Message-Digest info\n"); + } else { + printf("\tMessage-Digest : %s\n", md_info->name); } } - CHECK_SSL_END( 1 ); - printf( "\tcompression : %s\n", get_enabled_str( *ssl++ ) ); + CHECK_SSL_END(1); + printf("\tcompression : %s\n", get_enabled_str(*ssl++)); /* Note - Here we can get session ID length from serialized data, but we * use hardcoded 32-bytes length. This approach was taken from * 'mbedtls_ssl_session_load()'. */ - CHECK_SSL_END( 1 + 32 ); - printf_dbg( "Session id length: %u\n", (uint32_t) *ssl++ ); - printf( "\tsession ID : "); - print_hex( ssl, 32, 16, "\t " ); + CHECK_SSL_END(1 + 32); + printf_dbg("Session id length: %u\n", (uint32_t) *ssl++); + printf("\tsession ID : "); + print_hex(ssl, 32, 16, "\t "); ssl += 32; - printf( "\tmaster secret : "); - CHECK_SSL_END( 48 ); - print_hex( ssl, 48, 16, "\t " ); + printf("\tmaster secret : "); + CHECK_SSL_END(48); + print_hex(ssl, 48, 16, "\t "); ssl += 48; - CHECK_SSL_END( 4 ); - verify_result = ( (uint32_t) ssl[0] << 24 ) | - ( (uint32_t) ssl[1] << 16 ) | - ( (uint32_t) ssl[2] << 8 ) | - ( (uint32_t) ssl[3] ); + CHECK_SSL_END(4); + verify_result = ((uint32_t) ssl[0] << 24) | + ((uint32_t) ssl[1] << 16) | + ((uint32_t) ssl[2] << 8) | + ((uint32_t) ssl[3]); ssl += 4; - printf( "\tverify result : 0x%08X\n", verify_result ); - - if( SESSION_CONFIG_CRT_BIT & session_cfg_flag ) - { - if( conf_keep_peer_certificate ) - { - CHECK_SSL_END( 3 ); - cert_len = ( (uint32_t) ssl[0] << 16 ) | - ( (uint32_t) ssl[1] << 8 ) | - ( (uint32_t) ssl[2] ); + printf("\tverify result : 0x%08X\n", verify_result); + + if (SESSION_CONFIG_CRT_BIT & session_cfg_flag) { + if (conf_keep_peer_certificate) { + CHECK_SSL_END(3); + cert_len = ((uint32_t) ssl[0] << 16) | + ((uint32_t) ssl[1] << 8) | + ((uint32_t) ssl[2]); ssl += 3; - printf_dbg( "Certificate length: %u\n", cert_len ); + printf_dbg("Certificate length: %u\n", cert_len); - if( cert_len > 0 ) - { - CHECK_SSL_END( cert_len ); - print_deserialized_ssl_cert( ssl, cert_len ); + if (cert_len > 0) { + CHECK_SSL_END(cert_len); + print_deserialized_ssl_cert(ssl, cert_len); ssl += cert_len; } - } - else - { - printf( "\tPeer digest : " ); + } else { + printf("\tPeer digest : "); - CHECK_SSL_END( 1 ); - switch( (mbedtls_md_type_t) *ssl++ ) - { + CHECK_SSL_END(1); + switch ((mbedtls_md_type_t) *ssl++) { case MBEDTLS_MD_NONE: - printf( "none\n" ); + printf("none\n"); break; case MBEDTLS_MD_MD2: - printf( "MD2\n" ); + printf("MD2\n"); break; case MBEDTLS_MD_MD4: - printf( "MD4\n" ); + printf("MD4\n"); break; case MBEDTLS_MD_MD5: - printf( "MD5\n" ); + printf("MD5\n"); break; case MBEDTLS_MD_SHA1: - printf( "SHA1\n" ); + printf("SHA1\n"); break; case MBEDTLS_MD_SHA224: - printf( "SHA224\n" ); + printf("SHA224\n"); break; case MBEDTLS_MD_SHA256: - printf( "SHA256\n" ); + printf("SHA256\n"); break; case MBEDTLS_MD_SHA384: - printf( "SHA384\n" ); + printf("SHA384\n"); break; case MBEDTLS_MD_SHA512: - printf( "SHA512\n" ); + printf("SHA512\n"); break; case MBEDTLS_MD_RIPEMD160: - printf( "RIPEMD160\n" ); + printf("RIPEMD160\n"); break; default: - printf( "undefined or erroneous\n" ); + printf("undefined or erroneous\n"); break; } - CHECK_SSL_END( 1 ); + CHECK_SSL_END(1); cert_len = (uint32_t) *ssl++; - printf_dbg( "Message-Digest length: %u\n", cert_len ); + printf_dbg("Message-Digest length: %u\n", cert_len); - if( cert_len > 0 ) - { - printf( "\tPeer digest cert : " ); - CHECK_SSL_END( cert_len ); - print_hex( ssl, cert_len, 16, "\t " ); + if (cert_len > 0) { + printf("\tPeer digest cert : "); + CHECK_SSL_END(cert_len); + print_hex(ssl, cert_len, 16, "\t "); ssl += cert_len; } } } - if( SESSION_CONFIG_CLIENT_TICKET_BIT & session_cfg_flag ) - { - printf( "\nTicket:\n" ); + if (SESSION_CONFIG_CLIENT_TICKET_BIT & session_cfg_flag) { + printf("\nTicket:\n"); - CHECK_SSL_END( 3 ); - ticket_len = ( (uint32_t) ssl[0] << 16 ) | - ( (uint32_t) ssl[1] << 8 ) | - ( (uint32_t) ssl[2] ); + CHECK_SSL_END(3); + ticket_len = ((uint32_t) ssl[0] << 16) | + ((uint32_t) ssl[1] << 8) | + ((uint32_t) ssl[2]); ssl += 3; - printf_dbg( "Ticket length: %u\n", ticket_len ); + printf_dbg("Ticket length: %u\n", ticket_len); - if( ticket_len > 0 ) - { - printf( "\t" ); - CHECK_SSL_END( ticket_len ); - print_hex( ssl, ticket_len, 22, "\t" ); + if (ticket_len > 0) { + printf("\t"); + CHECK_SSL_END(ticket_len); + print_hex(ssl, ticket_len, 22, "\t"); ssl += ticket_len; - printf( "\n" ); + printf("\n"); } - CHECK_SSL_END( 4 ); - ticket_lifetime = ( (uint32_t) ssl[0] << 24 ) | - ( (uint32_t) ssl[1] << 16 ) | - ( (uint32_t) ssl[2] << 8 ) | - ( (uint32_t) ssl[3] ); + CHECK_SSL_END(4); + ticket_lifetime = ((uint32_t) ssl[0] << 24) | + ((uint32_t) ssl[1] << 16) | + ((uint32_t) ssl[2] << 8) | + ((uint32_t) ssl[3]); ssl += 4; - printf( "\tlifetime : %u sec.\n", ticket_lifetime ); + printf("\tlifetime : %u sec.\n", ticket_lifetime); } - if( ssl < end ) - { - printf( "\nSession others:\n" ); + if (ssl < end) { + printf("\nSession others:\n"); } - if( SESSION_CONFIG_MFL_BIT & session_cfg_flag ) - { - CHECK_SSL_END( 1 ); - printf( "\tMFL : %s\n", get_mfl_str( *ssl++ ) ); + if (SESSION_CONFIG_MFL_BIT & session_cfg_flag) { + CHECK_SSL_END(1); + printf("\tMFL : %s\n", get_mfl_str(*ssl++)); } - if( SESSION_CONFIG_TRUNC_HMAC_BIT & session_cfg_flag ) - { - CHECK_SSL_END( 1 ); - printf( "\tnegotiate truncated HMAC : %s\n", get_enabled_str( *ssl++ ) ); + if (SESSION_CONFIG_TRUNC_HMAC_BIT & session_cfg_flag) { + CHECK_SSL_END(1); + printf("\tnegotiate truncated HMAC : %s\n", get_enabled_str(*ssl++)); } - if( SESSION_CONFIG_ETM_BIT & session_cfg_flag ) - { - CHECK_SSL_END( 1 ); - printf( "\tEncrypt-then-MAC : %s\n", get_enabled_str( *ssl++ ) ); + if (SESSION_CONFIG_ETM_BIT & session_cfg_flag) { + CHECK_SSL_END(1); + printf("\tEncrypt-then-MAC : %s\n", get_enabled_str(*ssl++)); } - if( 0 != ( end - ssl ) ) - { - printf_err( "%i bytes left to analyze from session\n", (int32_t)( end - ssl ) ); + if (0 != (end - ssl)) { + printf_err("%i bytes left to analyze from session\n", (int32_t) (end - ssl)); } } @@ -848,189 +756,179 @@ void print_deserialized_ssl_session( const uint8_t *ssl, uint32_t len, * /p ssl pointer to serialized session * /p len number of bytes in the buffer */ -void print_deserialized_ssl_context( const uint8_t *ssl, size_t len ) +void print_deserialized_ssl_context(const uint8_t *ssl, size_t len) { const uint8_t *end = ssl + len; uint32_t session_len; int session_cfg_flag; int context_cfg_flag; - printf( "\nMbed TLS version:\n" ); + printf("\nMbed TLS version:\n"); - CHECK_SSL_END( 3 + 2 + 3 ); + CHECK_SSL_END(3 + 2 + 3); - printf( "\tmajor %u\n", (uint32_t) *ssl++ ); - printf( "\tminor %u\n", (uint32_t) *ssl++ ); - printf( "\tpath %u\n", (uint32_t) *ssl++ ); + printf("\tmajor %u\n", (uint32_t) *ssl++); + printf("\tminor %u\n", (uint32_t) *ssl++); + printf("\tpath %u\n", (uint32_t) *ssl++); - printf( "\nEnabled session and context configuration:\n" ); + printf("\nEnabled session and context configuration:\n"); - session_cfg_flag = ( (int) ssl[0] << 8 ) | ( (int) ssl[1] ); + session_cfg_flag = ((int) ssl[0] << 8) | ((int) ssl[1]); ssl += 2; - context_cfg_flag = ( (int) ssl[0] << 16 ) | - ( (int) ssl[1] << 8 ) | - ( (int) ssl[2] ) ; + context_cfg_flag = ((int) ssl[0] << 16) | + ((int) ssl[1] << 8) | + ((int) ssl[2]); ssl += 3; - printf_dbg( "Session config flags 0x%04X\n", session_cfg_flag ); - printf_dbg( "Context config flags 0x%06X\n", context_cfg_flag ); - - print_if_bit( "MBEDTLS_HAVE_TIME", SESSION_CONFIG_TIME_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_X509_CRT_PARSE_C", SESSION_CONFIG_CRT_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", SESSION_CONFIG_MFL_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_TRUNCATED_HMAC", SESSION_CONFIG_TRUNC_HMAC_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", SESSION_CONFIG_ETM_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_SESSION_TICKETS", SESSION_CONFIG_TICKET_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_SESSION_TICKETS and client", SESSION_CONFIG_CLIENT_TICKET_BIT, session_cfg_flag ); - - print_if_bit( "MBEDTLS_SSL_DTLS_CONNECTION_ID", CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT, context_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT, context_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_DTLS_ANTI_REPLAY", CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT, context_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_ALPN", CONTEXT_CONFIG_ALPN_BIT, context_cfg_flag ); - - CHECK_SSL_END( 4 ); - session_len = ( (uint32_t) ssl[0] << 24 ) | - ( (uint32_t) ssl[1] << 16 ) | - ( (uint32_t) ssl[2] << 8 ) | - ( (uint32_t) ssl[3] ); + printf_dbg("Session config flags 0x%04X\n", session_cfg_flag); + printf_dbg("Context config flags 0x%06X\n", context_cfg_flag); + + print_if_bit("MBEDTLS_HAVE_TIME", SESSION_CONFIG_TIME_BIT, session_cfg_flag); + print_if_bit("MBEDTLS_X509_CRT_PARSE_C", SESSION_CONFIG_CRT_BIT, session_cfg_flag); + print_if_bit("MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", SESSION_CONFIG_MFL_BIT, session_cfg_flag); + print_if_bit("MBEDTLS_SSL_TRUNCATED_HMAC", SESSION_CONFIG_TRUNC_HMAC_BIT, session_cfg_flag); + print_if_bit("MBEDTLS_SSL_ENCRYPT_THEN_MAC", SESSION_CONFIG_ETM_BIT, session_cfg_flag); + print_if_bit("MBEDTLS_SSL_SESSION_TICKETS", SESSION_CONFIG_TICKET_BIT, session_cfg_flag); + print_if_bit("MBEDTLS_SSL_SESSION_TICKETS and client", + SESSION_CONFIG_CLIENT_TICKET_BIT, + session_cfg_flag); + + print_if_bit("MBEDTLS_SSL_DTLS_CONNECTION_ID", + CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT, + context_cfg_flag); + print_if_bit("MBEDTLS_SSL_DTLS_BADMAC_LIMIT", + CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT, + context_cfg_flag); + print_if_bit("MBEDTLS_SSL_DTLS_ANTI_REPLAY", + CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT, + context_cfg_flag); + print_if_bit("MBEDTLS_SSL_ALPN", CONTEXT_CONFIG_ALPN_BIT, context_cfg_flag); + + CHECK_SSL_END(4); + session_len = ((uint32_t) ssl[0] << 24) | + ((uint32_t) ssl[1] << 16) | + ((uint32_t) ssl[2] << 8) | + ((uint32_t) ssl[3]); ssl += 4; - printf_dbg( "Session length %u\n", session_len ); + printf_dbg("Session length %u\n", session_len); - CHECK_SSL_END( session_len ); - print_deserialized_ssl_session( ssl, session_len, session_cfg_flag ); + CHECK_SSL_END(session_len); + print_deserialized_ssl_session(ssl, session_len, session_cfg_flag); ssl += session_len; - printf( "\nRandom bytes:\n\t"); + printf("\nRandom bytes:\n\t"); - CHECK_SSL_END( TRANSFORM_RANDBYTE_LEN ); - print_hex( ssl, TRANSFORM_RANDBYTE_LEN, 22, "\t" ); + CHECK_SSL_END(TRANSFORM_RANDBYTE_LEN); + print_hex(ssl, TRANSFORM_RANDBYTE_LEN, 22, "\t"); ssl += TRANSFORM_RANDBYTE_LEN; - printf( "\nContext others:\n" ); + printf("\nContext others:\n"); - if( CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT & context_cfg_flag ) - { + if (CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT & context_cfg_flag) { uint8_t cid_len; - CHECK_SSL_END( 1 ); + CHECK_SSL_END(1); cid_len = *ssl++; - printf_dbg( "In CID length %u\n", (uint32_t) cid_len ); + printf_dbg("In CID length %u\n", (uint32_t) cid_len); - printf( "\tin CID : " ); - if( cid_len > 0 ) - { - CHECK_SSL_END( cid_len ); - print_hex( ssl, cid_len, 20, "\t" ); + printf("\tin CID : "); + if (cid_len > 0) { + CHECK_SSL_END(cid_len); + print_hex(ssl, cid_len, 20, "\t"); ssl += cid_len; - } - else - { - printf( "none\n" ); + } else { + printf("none\n"); } - CHECK_SSL_END( 1 ); + CHECK_SSL_END(1); cid_len = *ssl++; - printf_dbg( "Out CID length %u\n", (uint32_t) cid_len ); + printf_dbg("Out CID length %u\n", (uint32_t) cid_len); - printf( "\tout CID : " ); - if( cid_len > 0 ) - { - CHECK_SSL_END( cid_len ); - print_hex( ssl, cid_len, 20, "\t" ); + printf("\tout CID : "); + if (cid_len > 0) { + CHECK_SSL_END(cid_len); + print_hex(ssl, cid_len, 20, "\t"); ssl += cid_len; - } - else - { - printf( "none\n" ); + } else { + printf("none\n"); } } - if( CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT & context_cfg_flag ) - { + if (CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT & context_cfg_flag) { uint32_t badmac_seen; - CHECK_SSL_END( 4 ); - badmac_seen = ( (uint32_t) ssl[0] << 24 ) | - ( (uint32_t) ssl[1] << 16 ) | - ( (uint32_t) ssl[2] << 8 ) | - ( (uint32_t) ssl[3] ); + CHECK_SSL_END(4); + badmac_seen = ((uint32_t) ssl[0] << 24) | + ((uint32_t) ssl[1] << 16) | + ((uint32_t) ssl[2] << 8) | + ((uint32_t) ssl[3]); ssl += 4; - printf( "\tbad MAC seen number : %u\n", badmac_seen ); + printf("\tbad MAC seen number : %u\n", badmac_seen); /* value 'in_window_top' from mbedtls_ssl_context */ - printf( "\tlast validated record sequence no. : " ); - CHECK_SSL_END( 8 ); - print_hex( ssl, 8, 20, "" ); + printf("\tlast validated record sequence no. : "); + CHECK_SSL_END(8); + print_hex(ssl, 8, 20, ""); ssl += 8; /* value 'in_window' from mbedtls_ssl_context */ - printf( "\tbitmask for replay detection : " ); - CHECK_SSL_END( 8 ); - print_hex( ssl, 8, 20, "" ); + printf("\tbitmask for replay detection : "); + CHECK_SSL_END(8); + print_hex(ssl, 8, 20, ""); ssl += 8; } - if( conf_dtls_proto ) - { - CHECK_SSL_END( 1 ); - printf( "\tDTLS datagram packing : %s\n", - get_enabled_str( ! ( *ssl++ ) ) ); + if (conf_dtls_proto) { + CHECK_SSL_END(1); + printf("\tDTLS datagram packing : %s\n", + get_enabled_str(!(*ssl++))); } /* value 'cur_out_ctr' from mbedtls_ssl_context */ - printf( "\toutgoing record sequence no. : "); - CHECK_SSL_END( 8 ); - print_hex( ssl, 8, 20, "" ); + printf("\toutgoing record sequence no. : "); + CHECK_SSL_END(8); + print_hex(ssl, 8, 20, ""); ssl += 8; - if( conf_dtls_proto ) - { + if (conf_dtls_proto) { uint16_t mtu; - CHECK_SSL_END( 2 ); - mtu = ( ssl[0] << 8 ) | ssl[1]; + CHECK_SSL_END(2); + mtu = (ssl[0] << 8) | ssl[1]; ssl += 2; - printf( "\tMTU : %u\n", mtu ); + printf("\tMTU : %u\n", mtu); } - if( CONTEXT_CONFIG_ALPN_BIT & context_cfg_flag ) - { + if (CONTEXT_CONFIG_ALPN_BIT & context_cfg_flag) { uint8_t alpn_len; - CHECK_SSL_END( 1 ); + CHECK_SSL_END(1); alpn_len = *ssl++; - printf_dbg( "ALPN length %u\n", (uint32_t) alpn_len ); - - printf( "\tALPN negotiation : " ); - CHECK_SSL_END( alpn_len ); - if( alpn_len > 0 ) - { - if( strlen( (const char*) ssl ) == alpn_len ) - { - printf( "%s\n", ssl ); - } - else - { - printf( "\n" ); - printf_err( "\tALPN negotiation is incorrect\n" ); + printf_dbg("ALPN length %u\n", (uint32_t) alpn_len); + + printf("\tALPN negotiation : "); + CHECK_SSL_END(alpn_len); + if (alpn_len > 0) { + if (strlen((const char *) ssl) == alpn_len) { + printf("%s\n", ssl); + } else { + printf("\n"); + printf_err("\tALPN negotiation is incorrect\n"); } ssl += alpn_len; - } - else - { - printf( "not selected\n" ); + } else { + printf("not selected\n"); } } - if( 0 != ( end - ssl ) ) - { - printf_err( "%i bytes left to analyze from context\n", (int32_t)( end - ssl ) ); + if (0 != (end - ssl)) { + printf_err("%i bytes left to analyze from context\n", (int32_t) (end - ssl)); } - printf( "\n" ); + printf("\n"); } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { enum { SSL_INIT_LEN = 4096 }; @@ -1041,39 +939,33 @@ int main( int argc, char *argv[] ) size_t ssl_max_len = SSL_INIT_LEN; size_t ssl_len = 0; - /* The 'b64_file' is opened when parsing arguments to check that the - * file name is correct */ - parse_arguments( argc, argv ); + /* The 'b64_file' is opened when parsing arguments to check that the + * file name is correct */ + parse_arguments(argc, argv); - if( NULL != b64_file ) - { - b64_buf = malloc( SSL_INIT_LEN ); - ssl_buf = malloc( SSL_INIT_LEN ); + if (NULL != b64_file) { + b64_buf = malloc(SSL_INIT_LEN); + ssl_buf = malloc(SSL_INIT_LEN); - if( NULL == b64_buf || NULL == ssl_buf ) - { - printf_err( alloc_err ); - fclose( b64_file ); + if (NULL == b64_buf || NULL == ssl_buf) { + printf_err(alloc_err); + fclose(b64_file); b64_file = NULL; } } - while( NULL != b64_file ) - { - size_t b64_len = read_next_b64_code( &b64_buf, &b64_max_len ); - if( b64_len > 0) - { + while (NULL != b64_file) { + size_t b64_len = read_next_b64_code(&b64_buf, &b64_max_len); + if (b64_len > 0) { int ret; size_t ssl_required_len = b64_len * 3 / 4 + 1; /* Allocate more memory if necessary. */ - if( ssl_required_len > ssl_max_len ) - { - void *ptr = realloc( ssl_buf, ssl_required_len ); - if( NULL == ptr ) - { - printf_err( alloc_err ); - fclose( b64_file ); + if (ssl_required_len > ssl_max_len) { + void *ptr = realloc(ssl_buf, ssl_required_len); + if (NULL == ptr) { + printf_err(alloc_err); + fclose(b64_file); b64_file = NULL; break; } @@ -1081,45 +973,38 @@ int main( int argc, char *argv[] ) ssl_max_len = ssl_required_len; } - printf( "\nDeserializing number %u:\n", ++b64_counter ); + printf("\nDeserializing number %u:\n", ++b64_counter); - printf( "\nBase64 code:\n" ); - print_b64( b64_buf, b64_len ); + printf("\nBase64 code:\n"); + print_b64(b64_buf, b64_len); - ret = mbedtls_base64_decode( ssl_buf, ssl_max_len, &ssl_len, b64_buf, b64_len ); - if( ret != 0) - { - mbedtls_strerror( ret, (char*) b64_buf, b64_max_len ); - printf_err( "base64 code cannot be decoded - %s\n", b64_buf ); + ret = mbedtls_base64_decode(ssl_buf, ssl_max_len, &ssl_len, b64_buf, b64_len); + if (ret != 0) { + mbedtls_strerror(ret, (char *) b64_buf, b64_max_len); + printf_err("base64 code cannot be decoded - %s\n", b64_buf); continue; } - if( debug ) - { - printf( "\nDecoded data in hex:\n\t"); - print_hex( ssl_buf, ssl_len, 25, "\t" ); + if (debug) { + printf("\nDecoded data in hex:\n\t"); + print_hex(ssl_buf, ssl_len, 25, "\t"); } - print_deserialized_ssl_context( ssl_buf, ssl_len ); + print_deserialized_ssl_context(ssl_buf, ssl_len); - } - else - { - fclose( b64_file ); + } else { + fclose(b64_file); b64_file = NULL; } } - free( b64_buf ); - free( ssl_buf ); + free(b64_buf); + free(ssl_buf); - if( b64_counter > 0 ) - { - printf_dbg( "Finished. Found %u base64 codes\n", b64_counter ); - } - else - { - printf( "Finished. No valid base64 code found\n" ); + if (b64_counter > 0) { + printf_dbg("Finished. Found %u base64 codes\n", b64_counter); + } else { + printf("Finished. No valid base64 code found\n"); } return 0; diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 58c8749daa67..5a4ac3eedb25 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -31,24 +31,24 @@ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_TIMING_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_PEM_PARSE_C) -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { ((void) argc); ((void) argv); mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " - "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n"); - mbedtls_exit( 0 ); + "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " + "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n"); + mbedtls_exit(0); } #elif defined(_WIN32) -int main( void ) +int main(void) { mbedtls_printf("_WIN32 defined. This application requires fork() and signals " - "to work correctly.\n"); - mbedtls_exit( 0 ); + "to work correctly.\n"); + mbedtls_exit(0); } #else @@ -75,17 +75,17 @@ int main( void ) #define DEBUG_LEVEL 0 -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -int main( void ) +int main(void) { int ret = 1, len, cnt = 0, pid; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -100,126 +100,117 @@ int main( void ) mbedtls_x509_crt srvcert; mbedtls_pk_context pkey; - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_entropy_init( &entropy ); - mbedtls_pk_init( &pkey ); - mbedtls_x509_crt_init( &srvcert ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_net_init(&listen_fd); + mbedtls_net_init(&client_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_entropy_init(&entropy); + mbedtls_pk_init(&pkey); + mbedtls_x509_crt_init(&srvcert); + mbedtls_ctr_drbg_init(&ctr_drbg); - signal( SIGCHLD, SIG_IGN ); + signal(SIGCHLD, SIG_IGN); /* * 0. Initial seeding of the RNG */ - mbedtls_printf( "\n . Initial seeding of the random generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_ctr_drbg_seed returned %d\n\n", ret ); + mbedtls_printf("\n . Initial seeding of the random generator..."); + fflush(stdout); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed! mbedtls_ctr_drbg_seed returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1. Load the certificates and private RSA key */ - mbedtls_printf( " . Loading the server cert. and key..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the server cert. and key..."); + fflush(stdout); /* * This demonstration program uses embedded test certificates. * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). */ - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len); + if (ret != 0) { + mbedtls_printf(" failed! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); + if (ret != 0) { + mbedtls_printf(" failed! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); - if( ret != 0 ) - { - mbedtls_printf( " failed! mbedtls_pk_parse_key returned %d\n\n", ret ); + ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0); + if (ret != 0) { + mbedtls_printf(" failed! mbedtls_pk_parse_key returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1b. Prepare SSL configuration */ - mbedtls_printf( " . Configuring SSL..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + mbedtls_printf(" . Configuring SSL..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) { + mbedtls_printf(" failed! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Setup the listening TCP socket */ - mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); - fflush( stdout ); + mbedtls_printf(" . Bind on https://localhost:4433/ ..."); + fflush(stdout); - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_net_bind returned %d\n\n", ret ); + if ((ret = mbedtls_net_bind(&listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed! mbedtls_net_bind returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); - while( 1 ) - { + while (1) { /* * 3. Wait until a client connects */ - mbedtls_net_init( &client_fd ); - mbedtls_ssl_init( &ssl ); + mbedtls_net_init(&client_fd); + mbedtls_ssl_init(&ssl); - mbedtls_printf( " . Waiting for a remote connection ...\n" ); - fflush( stdout ); + mbedtls_printf(" . Waiting for a remote connection ...\n"); + fflush(stdout); - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_net_accept returned %d\n\n", ret ); + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + NULL, 0, NULL)) != 0) { + mbedtls_printf(" failed! mbedtls_net_accept returned %d\n\n", ret); goto exit; } @@ -227,113 +218,104 @@ int main( void ) * 3.5. Forking server thread */ - mbedtls_printf( " . Forking to handle connection ..." ); - fflush( stdout ); + mbedtls_printf(" . Forking to handle connection ..."); + fflush(stdout); pid = fork(); - if( pid < 0 ) - { - mbedtls_printf(" failed! fork returned %d\n\n", pid ); + if (pid < 0) { + mbedtls_printf(" failed! fork returned %d\n\n", pid); goto exit; } - if( pid != 0 ) - { - mbedtls_printf( " ok\n" ); - mbedtls_net_close( &client_fd ); + if (pid != 0) { + mbedtls_printf(" ok\n"); + mbedtls_net_close(&client_fd); - if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg, - (const unsigned char *) "parent", - 6 ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_ctr_drbg_reseed returned %d\n\n", ret ); + if ((ret = mbedtls_ctr_drbg_reseed(&ctr_drbg, + (const unsigned char *) "parent", + 6)) != 0) { + mbedtls_printf(" failed! mbedtls_ctr_drbg_reseed returned %d\n\n", ret); goto exit; } continue; } - mbedtls_net_close( &listen_fd ); + mbedtls_net_close(&listen_fd); pid = getpid(); /* * 4. Setup stuff */ - mbedtls_printf( "pid %d: Setting up the SSL data.\n", pid ); - fflush( stdout ); + mbedtls_printf("pid %d: Setting up the SSL data.\n", pid); + fflush(stdout); - if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg, - (const unsigned char *) "child", - 5 ) ) != 0 ) - { + if ((ret = mbedtls_ctr_drbg_reseed(&ctr_drbg, + (const unsigned char *) "child", + 5)) != 0) { mbedtls_printf( - "pid %d: SSL setup failed! mbedtls_ctr_drbg_reseed returned %d\n\n", - pid, ret ); + "pid %d: SSL setup failed! mbedtls_ctr_drbg_reseed returned %d\n\n", + pid, ret); goto exit; } - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { mbedtls_printf( - "pid %d: SSL setup failed! mbedtls_ssl_setup returned %d\n\n", - pid, ret ); + "pid %d: SSL setup failed! mbedtls_ssl_setup returned %d\n\n", + pid, ret); goto exit; } - mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL); - mbedtls_printf( "pid %d: SSL setup ok\n", pid ); + mbedtls_printf("pid %d: SSL setup ok\n", pid); /* * 5. Handshake */ - mbedtls_printf( "pid %d: Performing the SSL/TLS handshake.\n", pid ); - fflush( stdout ); + mbedtls_printf("pid %d: Performing the SSL/TLS handshake.\n", pid); + fflush(stdout); - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { mbedtls_printf( - "pid %d: SSL handshake failed! mbedtls_ssl_handshake returned %d\n\n", - pid, ret ); + "pid %d: SSL handshake failed! mbedtls_ssl_handshake returned %d\n\n", + pid, ret); goto exit; } } - mbedtls_printf( "pid %d: SSL handshake ok\n", pid ); + mbedtls_printf("pid %d: SSL handshake ok\n", pid); /* * 6. Read the HTTP Request */ - mbedtls_printf( "pid %d: Start reading from client.\n", pid ); - fflush( stdout ); + mbedtls_printf("pid %d: Start reading from client.\n", pid); + fflush(stdout); - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { continue; + } - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( "pid %d: connection was closed gracefully\n", pid ); + mbedtls_printf("pid %d: connection was closed gracefully\n", pid); break; case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( "pid %d: connection was reset by peer\n", pid ); + mbedtls_printf("pid %d: connection was reset by peer\n", pid); break; default: - mbedtls_printf( "pid %d: mbedtls_ssl_read returned %d\n", pid, ret ); + mbedtls_printf("pid %d: mbedtls_ssl_read returned %d\n", pid, ret); break; } @@ -341,70 +323,66 @@ int main( void ) } len = ret; - mbedtls_printf( "pid %d: %d bytes read\n\n%s", pid, len, (char *) buf ); + mbedtls_printf("pid %d: %d bytes read\n\n%s", pid, len, (char *) buf); - if( ret > 0 ) + if (ret > 0) { break; - } - while( 1 ); + } + } while (1); /* * 7. Write the 200 Response */ - mbedtls_printf( "pid %d: Start writing to client.\n", pid ); - fflush( stdout ); - - len = sprintf( (char *) buf, HTTP_RESPONSE, - mbedtls_ssl_get_ciphersuite( &ssl ) ); - - while( cnt++ < 100 ) - { - while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) - { - if( ret == MBEDTLS_ERR_NET_CONN_RESET ) - { + mbedtls_printf("pid %d: Start writing to client.\n", pid); + fflush(stdout); + + len = sprintf((char *) buf, HTTP_RESPONSE, + mbedtls_ssl_get_ciphersuite(&ssl)); + + while (cnt++ < 100) { + while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) { + if (ret == MBEDTLS_ERR_NET_CONN_RESET) { mbedtls_printf( - "pid %d: Write failed! peer closed the connection\n\n", pid ); + "pid %d: Write failed! peer closed the connection\n\n", pid); goto exit; } - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { mbedtls_printf( - "pid %d: Write failed! mbedtls_ssl_write returned %d\n\n", - pid, ret ); + "pid %d: Write failed! mbedtls_ssl_write returned %d\n\n", + pid, ret); goto exit; } } len = ret; - mbedtls_printf( "pid %d: %d bytes written\n\n%s\n", pid, len, (char *) buf ); + mbedtls_printf("pid %d: %d bytes written\n\n%s\n", pid, len, (char *) buf); - mbedtls_net_usleep( 1000000 ); + mbedtls_net_usleep(1000000); } - mbedtls_ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify(&ssl); goto exit; } exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); + mbedtls_net_free(&client_fd); + mbedtls_net_free(&listen_fd); - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_x509_crt_free(&srvcert); + mbedtls_pk_free(&pkey); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 534c68bdda86..643d3c2111af 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -36,14 +36,14 @@ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " - "not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " + "not defined.\n"); + mbedtls_exit(0); } #else @@ -99,7 +99,8 @@ int main( void ) #define USAGE_AUTH \ " authentication=%%d default: 0 (disabled)\n" \ " user_name=%%s default: \"" DFL_USER_NAME "\"\n" \ - " user_pwd=%%s default: \"" DFL_USER_PWD "\"\n" + " user_pwd=%%s default: \"" \ + DFL_USER_PWD "\"\n" #else #define USAGE_AUTH \ " authentication options disabled. (Require MBEDTLS_BASE64_C)\n" @@ -119,9 +120,10 @@ int main( void ) "\n usage: ssl_mail_client param=<>...\n" \ "\n acceptable parameters:\n" \ " server_name=%%s default: " DFL_SERVER_NAME "\n" \ - " server_port=%%d default: " DFL_SERVER_PORT "\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ - " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \ + " server_port=%%d default: " \ + DFL_SERVER_PORT "\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ + " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \ USAGE_AUTH \ " mail_from=%%s default: \"\"\n" \ " mail_to=%%s default: \"\"\n" \ @@ -133,8 +135,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *server_name; /* hostname of the server (client only) */ const char *server_port; /* port on which the ssl service runs */ int debug_level; /* level of debugging */ @@ -150,17 +151,17 @@ struct options int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ } opt; -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -static int do_handshake( mbedtls_ssl_context *ssl ) +static int do_handshake(mbedtls_ssl_context *ssl) { int ret; uint32_t flags; @@ -170,69 +171,64 @@ static int do_handshake( mbedtls_ssl_context *ssl ) /* * 4. Handshake */ - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); + mbedtls_printf(" . Performing the SSL/TLS handshake..."); + fflush(stdout); - while( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { + while ((ret = mbedtls_ssl_handshake(ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { #if defined(MBEDTLS_ERROR_C) - mbedtls_strerror( ret, (char *) buf, 1024 ); + mbedtls_strerror(ret, (char *) buf, 1024); #endif - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf ); - return( -1 ); + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf); + return -1; } } - mbedtls_printf( " ok\n [ Ciphersuite is %s ]\n", - mbedtls_ssl_get_ciphersuite( ssl ) ); + mbedtls_printf(" ok\n [ Ciphersuite is %s ]\n", + mbedtls_ssl_get_ciphersuite(ssl)); /* * 5. Verify the server certificate */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf(" . Verifying peer X.509 certificate..."); /* In real life, we probably want to bail out when ret != 0 */ - if( ( flags = mbedtls_ssl_get_verify_result( ssl ) ) != 0 ) - { + if ((flags = mbedtls_ssl_get_verify_result(ssl)) != 0) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); + mbedtls_printf(" failed\n"); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); + } else { + mbedtls_printf(" ok\n"); } - else - mbedtls_printf( " ok\n" ); - mbedtls_printf( " . Peer certificate information ...\n" ); - mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", - mbedtls_ssl_get_peer_cert( ssl ) ); - mbedtls_printf( "%s\n", buf ); + mbedtls_printf(" . Peer certificate information ...\n"); + mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ", + mbedtls_ssl_get_peer_cert(ssl)); + mbedtls_printf("%s\n", buf); - return( 0 ); + return 0; } -static int write_ssl_data( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) +static int write_ssl_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) { int ret; mbedtls_printf("\n%s", buf); - while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + while (len && (ret = mbedtls_ssl_write(ssl, buf, len)) <= 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); return -1; } } - return( 0 ); + return 0; } -static int write_ssl_and_get_response( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) +static int write_ssl_and_get_response(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) { int ret; unsigned char data[128]; @@ -240,57 +236,52 @@ static int write_ssl_and_get_response( mbedtls_ssl_context *ssl, unsigned char * size_t i, idx = 0; mbedtls_printf("\n%s", buf); - while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + while (len && (ret = mbedtls_ssl_write(ssl, buf, len)) <= 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); return -1; } } - do - { - len = sizeof( data ) - 1; - memset( data, 0, sizeof( data ) ); - ret = mbedtls_ssl_read( ssl, data, len ); + do { + len = sizeof(data) - 1; + memset(data, 0, sizeof(data)); + ret = mbedtls_ssl_read(ssl, data, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { continue; + } - if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ) + if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) { return -1; + } - if( ret <= 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret ); + if (ret <= 0) { + mbedtls_printf("failed\n ! mbedtls_ssl_read returned %d\n\n", ret); return -1; } mbedtls_printf("\n%s", data); len = ret; - for( i = 0; i < len; i++ ) - { - if( data[i] != '\n' ) - { - if( idx < 4 ) - code[ idx++ ] = data[i]; + for (i = 0; i < len; i++) { + if (data[i] != '\n') { + if (idx < 4) { + code[idx++] = data[i]; + } continue; } - if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' ) - { + if (idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ') { code[3] = '\0'; - return atoi( code ); + return atoi(code); } idx = 0; } - } - while( 1 ); + } while (1); } -static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char *buf, size_t len ) +static int write_and_get_response(mbedtls_net_context *sock_fd, unsigned char *buf, size_t len) { int ret; unsigned char data[128]; @@ -298,49 +289,43 @@ static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char * size_t i, idx = 0; mbedtls_printf("\n%s", buf); - if( len && ( ret = mbedtls_net_send( sock_fd, buf, len ) ) <= 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); - return -1; + if (len && (ret = mbedtls_net_send(sock_fd, buf, len)) <= 0) { + mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret); + return -1; } - do - { - len = sizeof( data ) - 1; - memset( data, 0, sizeof( data ) ); - ret = mbedtls_net_recv( sock_fd, data, len ); + do { + len = sizeof(data) - 1; + memset(data, 0, sizeof(data)); + ret = mbedtls_net_recv(sock_fd, data, len); - if( ret <= 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + if (ret <= 0) { + mbedtls_printf("failed\n ! mbedtls_net_recv returned %d\n\n", ret); return -1; } data[len] = '\0'; mbedtls_printf("\n%s", data); len = ret; - for( i = 0; i < len; i++ ) - { - if( data[i] != '\n' ) - { - if( idx < 4 ) - code[ idx++ ] = data[i]; + for (i = 0; i < len; i++) { + if (data[i] != '\n') { + if (idx < 4) { + code[idx++] = data[i]; + } continue; } - if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' ) - { + if (idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ') { code[3] = '\0'; - return atoi( code ); + return atoi(code); } idx = 0; } - } - while( 1 ); + } while (1); } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1, len; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -351,7 +336,7 @@ int main( int argc, char *argv[] ) * "%s\r\n". Hence, the size of buf should be at least the size of base * plus 2 bytes for the \r and \n characters. */ - unsigned char buf[sizeof( base ) + 2]; + unsigned char buf[sizeof(base) + 2]; #else unsigned char buf[1024]; #endif @@ -373,24 +358,22 @@ int main( int argc, char *argv[] ) /* * Make sure memory references are valid in case we exit early. */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( &buf, 0, sizeof( buf ) ); - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crt_init( &clicert ); - mbedtls_pk_init( &pkey ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + mbedtls_net_init(&server_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + memset(&buf, 0, sizeof(buf)); + mbedtls_x509_crt_init(&cacert); + mbedtls_x509_crt_init(&clicert); + mbedtls_pk_init(&pkey); + mbedtls_ctr_drbg_init(&ctr_drbg); + + if (argc == 0) { +usage: + mbedtls_printf(USAGE); list = mbedtls_ssl_list_ciphersuites(); - while( *list ) - { - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); + while (*list) { + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); list++; } mbedtls_printf("\n"); @@ -409,438 +392,413 @@ int main( int argc, char *argv[] ) opt.ca_file = DFL_CA_FILE; opt.crt_file = DFL_CRT_FILE; opt.key_file = DFL_KEY_FILE; - opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; + opt.force_ciphersuite[0] = DFL_FORCE_CIPHER; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "server_name" ) == 0 ) + if (strcmp(p, "server_name") == 0) { opt.server_name = q; - else if( strcmp( p, "server_port" ) == 0 ) + } else if (strcmp(p, "server_port") == 0) { opt.server_port = q; - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) + } else if (strcmp(p, "debug_level") == 0) { + opt.debug_level = atoi(q); + if (opt.debug_level < 0 || opt.debug_level > 65535) { goto usage; - } - else if( strcmp( p, "authentication" ) == 0 ) - { - opt.authentication = atoi( q ); - if( opt.authentication < 0 || opt.authentication > 1 ) + } + } else if (strcmp(p, "authentication") == 0) { + opt.authentication = atoi(q); + if (opt.authentication < 0 || opt.authentication > 1) { goto usage; - } - else if( strcmp( p, "mode" ) == 0 ) - { - opt.mode = atoi( q ); - if( opt.mode < 0 || opt.mode > 1 ) + } + } else if (strcmp(p, "mode") == 0) { + opt.mode = atoi(q); + if (opt.mode < 0 || opt.mode > 1) { goto usage; - } - else if( strcmp( p, "user_name" ) == 0 ) + } + } else if (strcmp(p, "user_name") == 0) { opt.user_name = q; - else if( strcmp( p, "user_pwd" ) == 0 ) + } else if (strcmp(p, "user_pwd") == 0) { opt.user_pwd = q; - else if( strcmp( p, "mail_from" ) == 0 ) + } else if (strcmp(p, "mail_from") == 0) { opt.mail_from = q; - else if( strcmp( p, "mail_to" ) == 0 ) + } else if (strcmp(p, "mail_to") == 0) { opt.mail_to = q; - else if( strcmp( p, "ca_file" ) == 0 ) + } else if (strcmp(p, "ca_file") == 0) { opt.ca_file = q; - else if( strcmp( p, "crt_file" ) == 0 ) + } else if (strcmp(p, "crt_file") == 0) { opt.crt_file = q; - else if( strcmp( p, "key_file" ) == 0 ) + } else if (strcmp(p, "key_file") == 0) { opt.key_file = q; - else if( strcmp( p, "force_ciphersuite" ) == 0 ) - { + } else if (strcmp(p, "force_ciphersuite") == 0) { opt.force_ciphersuite[0] = -1; - opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); + opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(q); - if( opt.force_ciphersuite[0] <= 0 ) + if (opt.force_ciphersuite[0] <= 0) { goto usage; + } opt.force_ciphersuite[1] = 0; - } - else + } else { goto usage; + } } /* * 0. Initialize the RNG and the session data */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.1. Load the trusted CA */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the CA root certificate ..."); + fflush(stdout); #if defined(MBEDTLS_FS_IO) - if( strlen( opt.ca_file ) ) - ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); - else + if (strlen(opt.ca_file)) { + ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file); + } else #endif #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C) - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); + ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); #else { mbedtls_printf("MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined."); goto exit; } #endif - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf(" ok (%d skipped)\n", ret); /* * 1.2. Load own certificate and private key * * (can be skipped if client authentication is not required) */ - mbedtls_printf( " . Loading the client cert. and key..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the client cert. and key..."); + fflush(stdout); #if defined(MBEDTLS_FS_IO) - if( strlen( opt.crt_file ) ) - ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); - else + if (strlen(opt.crt_file)) { + ret = mbedtls_x509_crt_parse_file(&clicert, opt.crt_file); + } else #endif #if defined(MBEDTLS_CERTS_C) - ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, - mbedtls_test_cli_crt_len ); + ret = mbedtls_x509_crt_parse(&clicert, (const unsigned char *) mbedtls_test_cli_crt, + mbedtls_test_cli_crt_len); #else { mbedtls_printf("MBEDTLS_CERTS_C not defined."); goto exit; } #endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } #if defined(MBEDTLS_FS_IO) - if( strlen( opt.key_file ) ) - ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); - else + if (strlen(opt.key_file)) { + ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, ""); + } else #endif #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C) - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key, - mbedtls_test_cli_key_len, NULL, 0 ); + ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_cli_key, + mbedtls_test_cli_key_len, NULL, 0); #else { mbedtls_printf("MBEDTLS_CERTS_C or MBEDTLS_PEM_PARSE_C not defined."); goto exit; } #endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Start the connection */ - mbedtls_printf( " . Connecting to tcp/%s/%s...", opt.server_name, - opt.server_port ); - fflush( stdout ); + mbedtls_printf(" . Connecting to tcp/%s/%s...", opt.server_name, + opt.server_port); + fflush(stdout); - if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name, - opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + if ((ret = mbedtls_net_connect(&server_fd, opt.server_name, + opt.server_port, MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 3. Setup stuff */ - mbedtls_printf( " . Setting up the SSL/TLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + mbedtls_printf(" . Setting up the SSL/TLS structure..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } /* OPTIONAL is not optimal for security, * but makes interop easier in this simplified example */ - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL); - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); - if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) - mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); + if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) { + mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite); + } - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &clicert, &pkey)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret); goto exit; } - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL); - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); - if( opt.mode == MODE_SSL_TLS ) - { - if( do_handshake( &ssl ) != 0 ) + if (opt.mode == MODE_SSL_TLS) { + if (do_handshake(&ssl) != 0) { goto exit; + } - mbedtls_printf( " > Get header from server:" ); - fflush( stdout ); + mbedtls_printf(" > Get header from server:"); + fflush(stdout); - ret = write_ssl_and_get_response( &ssl, buf, 0 ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + ret = write_ssl_and_get_response(&ssl, buf, 0); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write EHLO to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write EHLO to server:"); + fflush(stdout); - gethostname( hostname, 32 ); - len = sprintf( (char *) buf, "EHLO %s\r\n", hostname ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + gethostname(hostname, 32); + len = sprintf((char *) buf, "EHLO %s\r\n", hostname); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - } - else - { - mbedtls_printf( " > Get header from server:" ); - fflush( stdout ); + } else { + mbedtls_printf(" > Get header from server:"); + fflush(stdout); - ret = write_and_get_response( &server_fd, buf, 0 ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + ret = write_and_get_response(&server_fd, buf, 0); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write EHLO to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write EHLO to server:"); + fflush(stdout); - gethostname( hostname, 32 ); - len = sprintf( (char *) buf, "EHLO %s\r\n", hostname ); - ret = write_and_get_response( &server_fd, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + gethostname(hostname, 32); + len = sprintf((char *) buf, "EHLO %s\r\n", hostname); + ret = write_and_get_response(&server_fd, buf, len); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write STARTTLS to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write STARTTLS to server:"); + fflush(stdout); - gethostname( hostname, 32 ); - len = sprintf( (char *) buf, "STARTTLS\r\n" ); - ret = write_and_get_response( &server_fd, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + gethostname(hostname, 32); + len = sprintf((char *) buf, "STARTTLS\r\n"); + ret = write_and_get_response(&server_fd, buf, len); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - if( do_handshake( &ssl ) != 0 ) + if (do_handshake(&ssl) != 0) { goto exit; + } } #if defined(MBEDTLS_BASE64_C) - if( opt.authentication ) - { - mbedtls_printf( " > Write AUTH LOGIN to server:" ); - fflush( stdout ); - - len = sprintf( (char *) buf, "AUTH LOGIN\r\n" ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 399 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + if (opt.authentication) { + mbedtls_printf(" > Write AUTH LOGIN to server:"); + fflush(stdout); + + len = sprintf((char *) buf, "AUTH LOGIN\r\n"); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 200 || ret > 399) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write username to server: %s", opt.user_name ); - fflush( stdout ); + mbedtls_printf(" > Write username to server: %s", opt.user_name); + fflush(stdout); - ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_name, - strlen( opt.user_name ) ); + ret = mbedtls_base64_encode(base, sizeof(base), &n, (const unsigned char *) opt.user_name, + strlen(opt.user_name)); - if( ret != 0 ) { - mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_base64_encode returned %d\n\n", ret); goto exit; } - len = sprintf( (char *) buf, "%s\r\n", base ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 300 || ret > 399 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + len = sprintf((char *) buf, "%s\r\n", base); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 300 || ret > 399) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write password to server: %s", opt.user_pwd ); - fflush( stdout ); + mbedtls_printf(" > Write password to server: %s", opt.user_pwd); + fflush(stdout); - ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_pwd, - strlen( opt.user_pwd ) ); + ret = mbedtls_base64_encode(base, sizeof(base), &n, (const unsigned char *) opt.user_pwd, + strlen(opt.user_pwd)); - if( ret != 0 ) { - mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_base64_encode returned %d\n\n", ret); goto exit; } - len = sprintf( (char *) buf, "%s\r\n", base ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 399 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + len = sprintf((char *) buf, "%s\r\n", base); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 200 || ret > 399) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); } #endif - mbedtls_printf( " > Write MAIL FROM to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write MAIL FROM to server:"); + fflush(stdout); - len = sprintf( (char *) buf, "MAIL FROM:<%s>\r\n", opt.mail_from ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + len = sprintf((char *) buf, "MAIL FROM:<%s>\r\n", opt.mail_from); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write RCPT TO to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write RCPT TO to server:"); + fflush(stdout); - len = sprintf( (char *) buf, "RCPT TO:<%s>\r\n", opt.mail_to ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + len = sprintf((char *) buf, "RCPT TO:<%s>\r\n", opt.mail_to); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write DATA to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write DATA to server:"); + fflush(stdout); - len = sprintf( (char *) buf, "DATA\r\n" ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 300 || ret > 399 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + len = sprintf((char *) buf, "DATA\r\n"); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 300 || ret > 399) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write content to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write content to server:"); + fflush(stdout); - len = sprintf( (char *) buf, "From: %s\r\nSubject: mbed TLS Test mail\r\n\r\n" - "This is a simple test mail from the " - "mbed TLS mail client example.\r\n" - "\r\n" - "Enjoy!", opt.mail_from ); - ret = write_ssl_data( &ssl, buf, len ); + len = sprintf((char *) buf, "From: %s\r\nSubject: mbed TLS Test mail\r\n\r\n" + "This is a simple test mail from the " + "mbed TLS mail client example.\r\n" + "\r\n" + "Enjoy!", opt.mail_from); + ret = write_ssl_data(&ssl, buf, len); - len = sprintf( (char *) buf, "\r\n.\r\n"); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + len = sprintf((char *) buf, "\r\n.\r\n"); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify(&ssl); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_net_free( &server_fd ); - mbedtls_x509_crt_free( &clicert ); - mbedtls_x509_crt_free( &cacert ); - mbedtls_pk_free( &pkey ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_net_free(&server_fd); + mbedtls_x509_crt_free(&clicert); + mbedtls_x509_crt_free(&cacert); + mbedtls_pk_free(&pkey); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C ** diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index ca84c7a0ae85..4d7e64842850 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -33,15 +33,15 @@ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_THREADING_C) || !defined(MBEDTLS_THREADING_PTHREAD) || \ !defined(MBEDTLS_PEM_PARSE_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " - "MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD " - "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); - mbedtls_exit( 0 ); + "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " + "MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD " + "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); + mbedtls_exit(0); } #else @@ -80,20 +80,20 @@ int main( void ) mbedtls_threading_mutex_t debug_mutex; -static void my_mutexed_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_mutexed_debug(void *ctx, int level, + const char *file, int line, + const char *str) { long int thread_id = (long int) pthread_self(); - mbedtls_mutex_lock( &debug_mutex ); + mbedtls_mutex_lock(&debug_mutex); ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: [ #%ld ] %s", - file, line, thread_id, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: [ #%ld ] %s", + file, line, thread_id, str); + fflush((FILE *) ctx); - mbedtls_mutex_unlock( &debug_mutex ); + mbedtls_mutex_unlock(&debug_mutex); } typedef struct { @@ -111,7 +111,7 @@ typedef struct { static thread_info_t base_info; static pthread_info_t threads[MAX_NUM_THREADS]; -static void *handle_ssl_connection( void *data ) +static void *handle_ssl_connection(void *data) { int ret, len; thread_info_t *thread_info = (thread_info_t *) data; @@ -121,190 +121,178 @@ static void *handle_ssl_connection( void *data ) mbedtls_ssl_context ssl; /* Make sure memory references are valid */ - mbedtls_ssl_init( &ssl ); + mbedtls_ssl_init(&ssl); - mbedtls_printf( " [ #%ld ] Setting up SSL/TLS data\n", thread_id ); + mbedtls_printf(" [ #%ld ] Setting up SSL/TLS data\n", thread_id); /* * 4. Get the SSL context ready */ - if( ( ret = mbedtls_ssl_setup( &ssl, thread_info->config ) ) != 0 ) - { - mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_setup returned -0x%04x\n", - thread_id, ( unsigned int ) -ret ); + if ((ret = mbedtls_ssl_setup(&ssl, thread_info->config)) != 0) { + mbedtls_printf(" [ #%ld ] failed: mbedtls_ssl_setup returned -0x%04x\n", + thread_id, (unsigned int) -ret); goto thread_exit; } - mbedtls_ssl_set_bio( &ssl, client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, client_fd, mbedtls_net_send, mbedtls_net_recv, NULL); /* * 5. Handshake */ - mbedtls_printf( " [ #%ld ] Performing the SSL/TLS handshake\n", thread_id ); - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_handshake returned -0x%04x\n", - thread_id, ( unsigned int ) -ret ); + mbedtls_printf(" [ #%ld ] Performing the SSL/TLS handshake\n", thread_id); + + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" [ #%ld ] failed: mbedtls_ssl_handshake returned -0x%04x\n", + thread_id, (unsigned int) -ret); goto thread_exit; } } - mbedtls_printf( " [ #%ld ] ok\n", thread_id ); + mbedtls_printf(" [ #%ld ] ok\n", thread_id); /* * 6. Read the HTTP Request */ - mbedtls_printf( " [ #%ld ] < Read from client\n", thread_id ); + mbedtls_printf(" [ #%ld ] < Read from client\n", thread_id); - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { continue; + } - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " [ #%ld ] connection was closed gracefully\n", - thread_id ); + mbedtls_printf(" [ #%ld ] connection was closed gracefully\n", + thread_id); goto thread_exit; case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( " [ #%ld ] connection was reset by peer\n", - thread_id ); + mbedtls_printf(" [ #%ld ] connection was reset by peer\n", + thread_id); goto thread_exit; default: - mbedtls_printf( " [ #%ld ] mbedtls_ssl_read returned -0x%04x\n", - thread_id, ( unsigned int ) -ret ); + mbedtls_printf(" [ #%ld ] mbedtls_ssl_read returned -0x%04x\n", + thread_id, (unsigned int) -ret); goto thread_exit; } } len = ret; - mbedtls_printf( " [ #%ld ] %d bytes read\n=====\n%s\n=====\n", - thread_id, len, (char *) buf ); + mbedtls_printf(" [ #%ld ] %d bytes read\n=====\n%s\n=====\n", + thread_id, len, (char *) buf); - if( ret > 0 ) + if (ret > 0) { break; - } - while( 1 ); + } + } while (1); /* * 7. Write the 200 Response */ - mbedtls_printf( " [ #%ld ] > Write to client:\n", thread_id ); + mbedtls_printf(" [ #%ld ] > Write to client:\n", thread_id); - len = sprintf( (char *) buf, HTTP_RESPONSE, - mbedtls_ssl_get_ciphersuite( &ssl ) ); + len = sprintf((char *) buf, HTTP_RESPONSE, + mbedtls_ssl_get_ciphersuite(&ssl)); - while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) - { - if( ret == MBEDTLS_ERR_NET_CONN_RESET ) - { - mbedtls_printf( " [ #%ld ] failed: peer closed the connection\n", - thread_id ); + while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) { + if (ret == MBEDTLS_ERR_NET_CONN_RESET) { + mbedtls_printf(" [ #%ld ] failed: peer closed the connection\n", + thread_id); goto thread_exit; } - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_write returned -0x%04x\n", - thread_id, ( unsigned int ) ret ); + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" [ #%ld ] failed: mbedtls_ssl_write returned -0x%04x\n", + thread_id, (unsigned int) ret); goto thread_exit; } } len = ret; - mbedtls_printf( " [ #%ld ] %d bytes written\n=====\n%s\n=====\n", - thread_id, len, (char *) buf ); - - mbedtls_printf( " [ #%ld ] . Closing the connection...", thread_id ); - - while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_close_notify returned -0x%04x\n", - thread_id, ( unsigned int ) ret ); + mbedtls_printf(" [ #%ld ] %d bytes written\n=====\n%s\n=====\n", + thread_id, len, (char *) buf); + + mbedtls_printf(" [ #%ld ] . Closing the connection...", thread_id); + + while ((ret = mbedtls_ssl_close_notify(&ssl)) < 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" [ #%ld ] failed: mbedtls_ssl_close_notify returned -0x%04x\n", + thread_id, (unsigned int) ret); goto thread_exit; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); ret = 0; thread_exit: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_strerror(ret, error_buf, 100); mbedtls_printf(" [ #%ld ] Last error was: -0x%04x - %s\n\n", - thread_id, ( unsigned int ) -ret, error_buf ); + thread_id, (unsigned int) -ret, error_buf); } #endif - mbedtls_net_free( client_fd ); - mbedtls_ssl_free( &ssl ); + mbedtls_net_free(client_fd); + mbedtls_ssl_free(&ssl); thread_info->thread_complete = 1; - return( NULL ); + return NULL; } -static int thread_create( mbedtls_net_context *client_fd ) +static int thread_create(mbedtls_net_context *client_fd) { int ret, i; /* * Find in-active or finished thread slot */ - for( i = 0; i < MAX_NUM_THREADS; i++ ) - { - if( threads[i].active == 0 ) + for (i = 0; i < MAX_NUM_THREADS; i++) { + if (threads[i].active == 0) { break; + } - if( threads[i].data.thread_complete == 1 ) - { - mbedtls_printf( " [ main ] Cleaning up thread %d\n", i ); - pthread_join(threads[i].thread, NULL ); - memset( &threads[i], 0, sizeof(pthread_info_t) ); + if (threads[i].data.thread_complete == 1) { + mbedtls_printf(" [ main ] Cleaning up thread %d\n", i); + pthread_join(threads[i].thread, NULL); + memset(&threads[i], 0, sizeof(pthread_info_t)); break; } } - if( i == MAX_NUM_THREADS ) - return( -1 ); + if (i == MAX_NUM_THREADS) { + return -1; + } /* * Fill thread-info for thread */ - memcpy( &threads[i].data, &base_info, sizeof(base_info) ); + memcpy(&threads[i].data, &base_info, sizeof(base_info)); threads[i].active = 1; - memcpy( &threads[i].data.client_fd, client_fd, sizeof( mbedtls_net_context ) ); + memcpy(&threads[i].data.client_fd, client_fd, sizeof(mbedtls_net_context)); - if( ( ret = pthread_create( &threads[i].thread, NULL, handle_ssl_connection, - &threads[i].data ) ) != 0 ) - { - return( ret ); + if ((ret = pthread_create(&threads[i].thread, NULL, handle_ssl_connection, + &threads[i].data)) != 0) { + return ret; } - return( 0 ); + return 0; } -int main( void ) +int main(void) { int ret; mbedtls_net_context listen_fd, client_fd; @@ -324,166 +312,156 @@ int main( void ) #endif #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); + mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); #endif #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init( &cache ); + mbedtls_ssl_cache_init(&cache); #endif - mbedtls_x509_crt_init( &srvcert ); - mbedtls_x509_crt_init( &cachain ); + mbedtls_x509_crt_init(&srvcert); + mbedtls_x509_crt_init(&cachain); - mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - memset( threads, 0, sizeof(threads) ); - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); + mbedtls_ssl_config_init(&conf); + mbedtls_ctr_drbg_init(&ctr_drbg); + memset(threads, 0, sizeof(threads)); + mbedtls_net_init(&listen_fd); + mbedtls_net_init(&client_fd); - mbedtls_mutex_init( &debug_mutex ); + mbedtls_mutex_init(&debug_mutex); base_info.config = &conf; /* * We use only a single entropy source that is used in all the threads. */ - mbedtls_entropy_init( &entropy ); + mbedtls_entropy_init(&entropy); /* * 1. Load the certificates and private RSA key */ - mbedtls_printf( "\n . Loading the server cert. and key..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the server cert. and key..."); + fflush(stdout); /* * This demonstration program uses embedded test certificates. * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). */ - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_x509_crt_parse( &cachain, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&cachain, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - mbedtls_pk_init( &pkey ); - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); + mbedtls_pk_init(&pkey); + ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1b. Seed the random number generator */ - mbedtls_printf( " . Seeding the random number generator..." ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n", - ( unsigned int ) -ret ); + mbedtls_printf(" . Seeding the random number generator..."); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed: mbedtls_ctr_drbg_seed returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1c. Prepare SSL configuration */ - mbedtls_printf( " . Setting up the SSL data...." ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed: mbedtls_ssl_config_defaults returned -0x%04x\n", - ( unsigned int ) -ret ); + mbedtls_printf(" . Setting up the SSL data...."); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed: mbedtls_ssl_config_defaults returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_mutexed_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_mutexed_debug, stdout); /* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if * MBEDTLS_THREADING_C is set. */ #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_conf_session_cache( &conf, &cache, + mbedtls_ssl_conf_session_cache(&conf, &cache, mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set ); + mbedtls_ssl_cache_set); #endif - mbedtls_ssl_conf_ca_chain( &conf, &cachain, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + mbedtls_ssl_conf_ca_chain(&conf, &cachain, NULL); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Setup the listening TCP socket */ - mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); - fflush( stdout ); + mbedtls_printf(" . Bind on https://localhost:4433/ ..."); + fflush(stdout); - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + if ((ret = mbedtls_net_bind(&listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); reset: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf( " [ main ] Last error was: -0x%04x - %s\n", ( unsigned int ) -ret, - error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf(" [ main ] Last error was: -0x%04x - %s\n", (unsigned int) -ret, + error_buf); } #endif /* * 3. Wait until a client connects */ - mbedtls_printf( " [ main ] Waiting for a remote connection\n" ); + mbedtls_printf(" [ main ] Waiting for a remote connection\n"); - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", - ( unsigned int ) ret ); + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + NULL, 0, NULL)) != 0) { + mbedtls_printf(" [ main ] failed: mbedtls_net_accept returned -0x%04x\n", + (unsigned int) ret); goto exit; } - mbedtls_printf( " [ main ] ok\n" ); - mbedtls_printf( " [ main ] Creating a new thread\n" ); + mbedtls_printf(" [ main ] ok\n"); + mbedtls_printf(" [ main ] Creating a new thread\n"); - if( ( ret = thread_create( &client_fd ) ) != 0 ) - { - mbedtls_printf( " [ main ] failed: thread_create returned %d\n", ret ); - mbedtls_net_free( &client_fd ); + if ((ret = thread_create(&client_fd)) != 0) { + mbedtls_printf(" [ main ] failed: thread_create returned %d\n", ret); + mbedtls_net_free(&client_fd); goto reset; } @@ -491,29 +469,29 @@ int main( void ) goto reset; exit: - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); + mbedtls_x509_crt_free(&srvcert); + mbedtls_pk_free(&pkey); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free( &cache ); + mbedtls_ssl_cache_free(&cache); #endif - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - mbedtls_ssl_config_free( &conf ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); + mbedtls_ssl_config_free(&conf); - mbedtls_net_free( &listen_fd ); + mbedtls_net_free(&listen_fd); - mbedtls_mutex_free( &debug_mutex ); + mbedtls_mutex_free(&debug_mutex); #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) mbedtls_memory_buffer_alloc_free(); #endif #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( ret ); + mbedtls_exit(ret); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 956cebcb9798..8f6a5730d77b 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -31,14 +31,14 @@ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_PEM_PARSE_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " - "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); - mbedtls_exit( 0 ); + "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " + "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); + mbedtls_exit(0); } #else @@ -70,17 +70,17 @@ int main( void ) #define DEBUG_LEVEL 0 -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -int main( void ) +int main(void) { int ret, len; mbedtls_net_context listen_fd, client_fd; @@ -97,205 +97,191 @@ int main( void ) mbedtls_ssl_cache_context cache; #endif - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); + mbedtls_net_init(&listen_fd); + mbedtls_net_init(&client_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init( &cache ); + mbedtls_ssl_cache_init(&cache); #endif - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_x509_crt_init(&srvcert); + mbedtls_pk_init(&pkey); + mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&ctr_drbg); #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( DEBUG_LEVEL ); + mbedtls_debug_set_threshold(DEBUG_LEVEL); #endif /* * 1. Load the certificates and private RSA key */ - mbedtls_printf( "\n . Loading the server cert. and key..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the server cert. and key..."); + fflush(stdout); /* * This demonstration program uses embedded test certificates. * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). */ - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); + ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Setup the listening TCP socket */ - mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); - fflush( stdout ); + mbedtls_printf(" . Bind on https://localhost:4433/ ..."); + fflush(stdout); - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + if ((ret = mbedtls_net_bind(&listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 3. Seed the RNG */ - mbedtls_printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_printf(" . Seeding the random number generator..."); + fflush(stdout); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 4. Setup stuff */ - mbedtls_printf( " . Setting up the SSL data...." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + mbedtls_printf(" . Setting up the SSL data...."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_conf_session_cache( &conf, &cache, + mbedtls_ssl_conf_session_cache(&conf, &cache, mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set ); + mbedtls_ssl_cache_set); #endif - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); reset: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &client_fd ); + mbedtls_net_free(&client_fd); - mbedtls_ssl_session_reset( &ssl ); + mbedtls_ssl_session_reset(&ssl); /* * 3. Wait until a client connects */ - mbedtls_printf( " . Waiting for a remote connection ..." ); - fflush( stdout ); + mbedtls_printf(" . Waiting for a remote connection ..."); + fflush(stdout); - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + NULL, 0, NULL)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_accept returned %d\n\n", ret); goto exit; } - mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL); - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 5. Handshake */ - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret ); + mbedtls_printf(" . Performing the SSL/TLS handshake..."); + fflush(stdout); + + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret); goto reset; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 6. Read the HTTP Request */ - mbedtls_printf( " < Read from client:" ); - fflush( stdout ); + mbedtls_printf(" < Read from client:"); + fflush(stdout); - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { continue; + } - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); + mbedtls_printf(" connection was closed gracefully\n"); break; case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( " connection was reset by peer\n" ); + mbedtls_printf(" connection was reset by peer\n"); break; default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret ); + mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret); break; } @@ -303,53 +289,48 @@ int main( void ) } len = ret; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf); - if( ret > 0 ) + if (ret > 0) { break; - } - while( 1 ); + } + } while (1); /* * 7. Write the 200 Response */ - mbedtls_printf( " > Write to client:" ); - fflush( stdout ); + mbedtls_printf(" > Write to client:"); + fflush(stdout); - len = sprintf( (char *) buf, HTTP_RESPONSE, - mbedtls_ssl_get_ciphersuite( &ssl ) ); + len = sprintf((char *) buf, HTTP_RESPONSE, + mbedtls_ssl_get_ciphersuite(&ssl)); - while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) - { - if( ret == MBEDTLS_ERR_NET_CONN_RESET ) - { - mbedtls_printf( " failed\n ! peer closed the connection\n\n" ); + while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) { + if (ret == MBEDTLS_ERR_NET_CONN_RESET) { + mbedtls_printf(" failed\n ! peer closed the connection\n\n"); goto reset; } - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); goto exit; } } len = ret; - mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf ); + mbedtls_printf(" %d bytes written\n\n%s\n", len, (char *) buf); - mbedtls_printf( " . Closing the connection..." ); + mbedtls_printf(" . Closing the connection..."); - while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_close_notify returned %d\n\n", ret ); + while ((ret = mbedtls_ssl_close_notify(&ssl)) < 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_close_notify returned %d\n\n", ret); goto reset; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); ret = 0; goto reset; @@ -357,33 +338,32 @@ int main( void ) exit: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); + mbedtls_net_free(&client_fd); + mbedtls_net_free(&listen_fd); - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_x509_crt_free(&srvcert); + mbedtls_pk_free(&pkey); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free( &cache ); + mbedtls_ssl_cache_free(&cache); #endif - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( ret ); + mbedtls_exit(ret); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 4e9e499a9849..dd78c0bd3e4b 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -20,16 +20,16 @@ #include "ssl_test_lib.h" #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) -int main( void ) +int main(void) { - mbedtls_printf( MBEDTLS_SSL_TEST_IMPOSSIBLE ); - mbedtls_exit( 0 ); + mbedtls_printf(MBEDTLS_SSL_TEST_IMPOSSIBLE); + mbedtls_exit(0); } #elif !defined(MBEDTLS_SSL_SRV_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_SSL_SRV_C not defined.\n" ); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_SSL_SRV_C not defined.\n"); + mbedtls_exit(0); } #else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_SRV_C */ @@ -88,9 +88,9 @@ int main( void ) #define DFL_KEY_FILE2 "" #define DFL_KEY_PWD2 "" #define DFL_ASYNC_OPERATIONS "-" -#define DFL_ASYNC_PRIVATE_DELAY1 ( -1 ) -#define DFL_ASYNC_PRIVATE_DELAY2 ( -1 ) -#define DFL_ASYNC_PRIVATE_ERROR ( 0 ) +#define DFL_ASYNC_PRIVATE_DELAY1 (-1) +#define DFL_ASYNC_PRIVATE_DELAY2 (-1) +#define DFL_ASYNC_PRIVATE_ERROR (0) #define DFL_PSK "" #define DFL_PSK_OPAQUE 0 #define DFL_PSK_LIST_OPAQUE 0 @@ -103,7 +103,7 @@ int main( void ) #define DFL_ALLOW_LEGACY -2 #define DFL_RENEGOTIATE 0 #define DFL_RENEGO_DELAY -2 -#define DFL_RENEGO_PERIOD ( (uint64_t)-1 ) +#define DFL_RENEGO_PERIOD ((uint64_t) -1) #define DFL_EXCHANGES 1 #define DFL_MIN_VERSION -1 #define DFL_MAX_VERSION -1 @@ -149,12 +149,12 @@ int main( void ) #define DFL_SRTP_SUPPORT_MKI 0 #define LONG_RESPONSE "

01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "05-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "06-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "07-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah

\r\n" + "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "05-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "06-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "07-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah

\r\n" /* Uncomment LONG_RESPONSE at the end of HTTP_RESPONSE to test sending longer * packets (for fragmentation purposes) */ @@ -180,14 +180,14 @@ int main( void ) " crt_file=%%s Your own cert and chain (in bottom to top order, top may be omitted)\n" \ " default: see note after key_file2\n" \ " key_file=%%s default: see note after key_file2\n" \ - " key_pwd=%%s Password for key specified by key_file argument\n"\ + " key_pwd=%%s Password for key specified by key_file argument\n" \ " default: none\n" \ " crt_file2=%%s Your second cert and chain (in bottom to top order, top may be omitted)\n" \ " default: see note after key_file2\n" \ " key_file2=%%s default: see note below\n" \ " note: if neither crt_file/key_file nor crt_file2/key_file2 are used,\n" \ " preloaded certificate(s) and key(s) are used if available\n" \ - " key_pwd2=%%s Password for key specified by key_file2 argument\n"\ + " key_pwd2=%%s Password for key specified by key_file2 argument\n" \ " default: none\n" \ " dhm_file=%%s File containing Diffie-Hellman parameters\n" \ " default: preloaded parameters\n" @@ -335,8 +335,8 @@ int main( void ) #endif #define USAGE_SNI \ - " sni=%%s name1,cert1,key1,ca1"SNI_CRL",auth1[,...]\n" \ - " default: disabled\n" + " sni=%%s name1,cert1,key1,ca1"SNI_CRL ",auth1[,...]\n" \ + " default: disabled\n" #else #define USAGE_SNI "" #endif /* SNI_OPTION */ @@ -449,7 +449,7 @@ int main( void ) " serialize=%%d default: 0 (do not serialize/deserialize)\n" \ " options: 1 (serialize)\n" \ " 2 (serialize with re-initialization)\n" \ - " context_file=%%s The file path to write a serialized connection\n"\ + " context_file=%%s The file path to write a serialized connection\n" \ " in the form of base64 code (serialize option\n" \ " must be set)\n" \ " default: \"\" (do nothing)\n" \ @@ -472,7 +472,7 @@ int main( void ) " (minimum: 1, max: 16385)\n" \ " response_size=%%d default: about 152 (basic response)\n" \ " (minimum: 0, max: 16384)\n" \ - " increases buffer_size if bigger\n"\ + " increases buffer_size if bigger\n" \ " nbio=%%d default: 0 (blocking I/O)\n" \ " options: 1 (non-blocking), 2 (added delays)\n" \ " event=%%d default: 0 (loop)\n" \ @@ -540,24 +540,23 @@ int main( void ) #define ALPN_LIST_SIZE 10 #define CURVE_LIST_SIZE 20 -#define PUT_UINT64_BE(out_be,in_le,i) \ -{ \ - (out_be)[(i) + 0] = (unsigned char)( ( (in_le) >> 56 ) & 0xFF ); \ - (out_be)[(i) + 1] = (unsigned char)( ( (in_le) >> 48 ) & 0xFF ); \ - (out_be)[(i) + 2] = (unsigned char)( ( (in_le) >> 40 ) & 0xFF ); \ - (out_be)[(i) + 3] = (unsigned char)( ( (in_le) >> 32 ) & 0xFF ); \ - (out_be)[(i) + 4] = (unsigned char)( ( (in_le) >> 24 ) & 0xFF ); \ - (out_be)[(i) + 5] = (unsigned char)( ( (in_le) >> 16 ) & 0xFF ); \ - (out_be)[(i) + 6] = (unsigned char)( ( (in_le) >> 8 ) & 0xFF ); \ - (out_be)[(i) + 7] = (unsigned char)( ( (in_le) >> 0 ) & 0xFF ); \ -} +#define PUT_UINT64_BE(out_be, in_le, i) \ + { \ + (out_be)[(i) + 0] = (unsigned char) (((in_le) >> 56) & 0xFF); \ + (out_be)[(i) + 1] = (unsigned char) (((in_le) >> 48) & 0xFF); \ + (out_be)[(i) + 2] = (unsigned char) (((in_le) >> 40) & 0xFF); \ + (out_be)[(i) + 3] = (unsigned char) (((in_le) >> 32) & 0xFF); \ + (out_be)[(i) + 4] = (unsigned char) (((in_le) >> 24) & 0xFF); \ + (out_be)[(i) + 5] = (unsigned char) (((in_le) >> 16) & 0xFF); \ + (out_be)[(i) + 6] = (unsigned char) (((in_le) >> 8) & 0xFF); \ + (out_be)[(i) + 7] = (unsigned char) (((in_le) >> 0) & 0xFF); \ + } /* * global options */ -struct options -{ +struct options { const char *server_addr; /* address on which the ssl service runs */ const char *server_port; /* port on which the ssl service runs */ int debug_level; /* level of debugging */ @@ -651,30 +650,33 @@ struct options /* * Return authmode from string, or -1 on error */ -static int get_auth_mode( const char *s ) +static int get_auth_mode(const char *s) { - if( strcmp( s, "none" ) == 0 ) - return( MBEDTLS_SSL_VERIFY_NONE ); - if( strcmp( s, "optional" ) == 0 ) - return( MBEDTLS_SSL_VERIFY_OPTIONAL ); - if( strcmp( s, "required" ) == 0 ) - return( MBEDTLS_SSL_VERIFY_REQUIRED ); - - return( -1 ); + if (strcmp(s, "none") == 0) { + return MBEDTLS_SSL_VERIFY_NONE; + } + if (strcmp(s, "optional") == 0) { + return MBEDTLS_SSL_VERIFY_OPTIONAL; + } + if (strcmp(s, "required") == 0) { + return MBEDTLS_SSL_VERIFY_REQUIRED; + } + + return -1; } /* * Used by sni_parse and psk_parse to handle coma-separated lists */ -#define GET_ITEM( dst ) \ +#define GET_ITEM(dst) \ do \ { \ (dst) = p; \ - while( *p != ',' ) \ - if( ++p > end ) \ - goto error; \ + while (*p != ',') \ + if (++p > end) \ + goto error; \ *p++ = '\0'; \ - } while( 0 ) + } while (0) #if defined(SNI_OPTION) typedef struct _sni_entry sni_entry; @@ -683,32 +685,31 @@ struct _sni_entry { const char *name; mbedtls_x509_crt *cert; mbedtls_pk_context *key; - mbedtls_x509_crt* ca; - mbedtls_x509_crl* crl; + mbedtls_x509_crt *ca; + mbedtls_x509_crl *crl; int authmode; sni_entry *next; }; -void sni_free( sni_entry *head ) +void sni_free(sni_entry *head) { sni_entry *cur = head, *next; - while( cur != NULL ) - { - mbedtls_x509_crt_free( cur->cert ); - mbedtls_free( cur->cert ); + while (cur != NULL) { + mbedtls_x509_crt_free(cur->cert); + mbedtls_free(cur->cert); - mbedtls_pk_free( cur->key ); - mbedtls_free( cur->key ); + mbedtls_pk_free(cur->key); + mbedtls_free(cur->key); - mbedtls_x509_crt_free( cur->ca ); - mbedtls_free( cur->ca ); + mbedtls_x509_crt_free(cur->ca); + mbedtls_free(cur->ca); #if defined(MBEDTLS_X509_CRL_PARSE_C) - mbedtls_x509_crl_free( cur->crl ); - mbedtls_free( cur->crl ); + mbedtls_x509_crl_free(cur->crl); + mbedtls_free(cur->crl); #endif next = cur->next; - mbedtls_free( cur ); + mbedtls_free(cur); cur = next; } } @@ -720,7 +721,7 @@ void sni_free( sni_entry *head ) * * Modifies the input string! This is not production quality! */ -sni_entry *sni_parse( char *sni_string ) +sni_entry *sni_parse(char *sni_string) { sni_entry *cur = NULL, *new = NULL; char *p = sni_string; @@ -730,108 +731,111 @@ sni_entry *sni_parse( char *sni_string ) char *crl_file; #endif - while( *end != '\0' ) + while (*end != '\0') { ++end; + } *end = ','; - while( p <= end ) - { - if( ( new = mbedtls_calloc( 1, sizeof( sni_entry ) ) ) == NULL ) - { - sni_free( cur ); - return( NULL ); + while (p <= end) { + if ((new = mbedtls_calloc(1, sizeof(sni_entry))) == NULL) { + sni_free(cur); + return NULL; } - GET_ITEM( new->name ); - GET_ITEM( crt_file ); - GET_ITEM( key_file ); - GET_ITEM( ca_file ); + GET_ITEM(new->name); + GET_ITEM(crt_file); + GET_ITEM(key_file); + GET_ITEM(ca_file); #if defined(MBEDTLS_X509_CRL_PARSE_C) - GET_ITEM( crl_file ); + GET_ITEM(crl_file); #endif - GET_ITEM( auth_str ); + GET_ITEM(auth_str); - if( ( new->cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL || - ( new->key = mbedtls_calloc( 1, sizeof( mbedtls_pk_context ) ) ) == NULL ) + if ((new->cert = mbedtls_calloc(1, sizeof(mbedtls_x509_crt))) == NULL || + (new->key = mbedtls_calloc(1, sizeof(mbedtls_pk_context))) == NULL) { goto error; + } - mbedtls_x509_crt_init( new->cert ); - mbedtls_pk_init( new->key ); + mbedtls_x509_crt_init(new->cert); + mbedtls_pk_init(new->key); - if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 || - mbedtls_pk_parse_keyfile( new->key, key_file, "" ) != 0 ) + if (mbedtls_x509_crt_parse_file(new->cert, crt_file) != 0 || + mbedtls_pk_parse_keyfile(new->key, key_file, "") != 0) { goto error; + } - if( strcmp( ca_file, "-" ) != 0 ) - { - if( ( new->ca = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL ) + if (strcmp(ca_file, "-") != 0) { + if ((new->ca = mbedtls_calloc(1, sizeof(mbedtls_x509_crt))) == NULL) { goto error; + } - mbedtls_x509_crt_init( new->ca ); + mbedtls_x509_crt_init(new->ca); - if( mbedtls_x509_crt_parse_file( new->ca, ca_file ) != 0 ) + if (mbedtls_x509_crt_parse_file(new->ca, ca_file) != 0) { goto error; + } } #if defined(MBEDTLS_X509_CRL_PARSE_C) - if( strcmp( crl_file, "-" ) != 0 ) - { - if( ( new->crl = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ) ) == NULL ) + if (strcmp(crl_file, "-") != 0) { + if ((new->crl = mbedtls_calloc(1, sizeof(mbedtls_x509_crl))) == NULL) { goto error; + } - mbedtls_x509_crl_init( new->crl ); + mbedtls_x509_crl_init(new->crl); - if( mbedtls_x509_crl_parse_file( new->crl, crl_file ) != 0 ) + if (mbedtls_x509_crl_parse_file(new->crl, crl_file) != 0) { goto error; + } } #endif - if( strcmp( auth_str, "-" ) != 0 ) - { - if( ( new->authmode = get_auth_mode( auth_str ) ) < 0 ) + if (strcmp(auth_str, "-") != 0) { + if ((new->authmode = get_auth_mode(auth_str)) < 0) { goto error; - } - else + } + } else { new->authmode = DFL_AUTH_MODE; + } new->next = cur; cur = new; } - return( cur ); + return cur; error: - sni_free( new ); - sni_free( cur ); - return( NULL ); + sni_free(new); + sni_free(cur); + return NULL; } /* * SNI callback. */ -int sni_callback( void *p_info, mbedtls_ssl_context *ssl, - const unsigned char *name, size_t name_len ) +int sni_callback(void *p_info, mbedtls_ssl_context *ssl, + const unsigned char *name, size_t name_len) { const sni_entry *cur = (const sni_entry *) p_info; - while( cur != NULL ) - { - if( name_len == strlen( cur->name ) && - memcmp( name, cur->name, name_len ) == 0 ) - { - if( cur->ca != NULL ) - mbedtls_ssl_set_hs_ca_chain( ssl, cur->ca, cur->crl ); + while (cur != NULL) { + if (name_len == strlen(cur->name) && + memcmp(name, cur->name, name_len) == 0) { + if (cur->ca != NULL) { + mbedtls_ssl_set_hs_ca_chain(ssl, cur->ca, cur->crl); + } - if( cur->authmode != DFL_AUTH_MODE ) - mbedtls_ssl_set_hs_authmode( ssl, cur->authmode ); + if (cur->authmode != DFL_AUTH_MODE) { + mbedtls_ssl_set_hs_authmode(ssl, cur->authmode); + } - return( mbedtls_ssl_set_hs_own_cert( ssl, cur->cert, cur->key ) ); + return mbedtls_ssl_set_hs_own_cert(ssl, cur->cert, cur->key); } cur = cur->next; } - return( -1 ); + return -1; } #endif /* SNI_OPTION */ @@ -840,8 +844,7 @@ int sni_callback( void *p_info, mbedtls_ssl_context *ssl, typedef struct _psk_entry psk_entry; -struct _psk_entry -{ +struct _psk_entry { const char *name; size_t key_len; unsigned char key[MBEDTLS_PSK_MAX_LEN]; @@ -854,30 +857,29 @@ struct _psk_entry /* * Free a list of psk_entry's */ -int psk_free( psk_entry *head ) +int psk_free(psk_entry *head) { psk_entry *next; - while( head != NULL ) - { + while (head != NULL) { #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_status_t status; psa_key_id_t const slot = head->slot; - if( slot != 0 ) - { - status = psa_destroy_key( slot ); - if( status != PSA_SUCCESS ) - return( status ); + if (slot != 0) { + status = psa_destroy_key(slot); + if (status != PSA_SUCCESS) { + return status; + } } #endif /* MBEDTLS_USE_PSA_CRYPTO */ next = head->next; - mbedtls_free( head ); + mbedtls_free(head); head = next; } - return( 0 ); + return 0; } /* @@ -886,68 +888,68 @@ int psk_free( psk_entry *head ) * * Modifies the input string! This is not production quality! */ -psk_entry *psk_parse( char *psk_string ) +psk_entry *psk_parse(char *psk_string) { psk_entry *cur = NULL, *new = NULL; char *p = psk_string; char *end = p; char *key_hex; - while( *end != '\0' ) + while (*end != '\0') { ++end; + } *end = ','; - while( p <= end ) - { - if( ( new = mbedtls_calloc( 1, sizeof( psk_entry ) ) ) == NULL ) + while (p <= end) { + if ((new = mbedtls_calloc(1, sizeof(psk_entry))) == NULL) { goto error; + } - memset( new, 0, sizeof( psk_entry ) ); + memset(new, 0, sizeof(psk_entry)); - GET_ITEM( new->name ); - GET_ITEM( key_hex ); + GET_ITEM(new->name); + GET_ITEM(key_hex); - if( mbedtls_test_unhexify( new->key, MBEDTLS_PSK_MAX_LEN, - key_hex, &new->key_len ) != 0 ) + if (mbedtls_test_unhexify(new->key, MBEDTLS_PSK_MAX_LEN, + key_hex, &new->key_len) != 0) { goto error; + } new->next = cur; cur = new; } - return( cur ); + return cur; error: - psk_free( new ); - psk_free( cur ); - return( 0 ); + psk_free(new); + psk_free(cur); + return 0; } /* * PSK callback */ -int psk_callback( void *p_info, mbedtls_ssl_context *ssl, - const unsigned char *name, size_t name_len ) +int psk_callback(void *p_info, mbedtls_ssl_context *ssl, + const unsigned char *name, size_t name_len) { psk_entry *cur = (psk_entry *) p_info; - while( cur != NULL ) - { - if( name_len == strlen( cur->name ) && - memcmp( name, cur->name, name_len ) == 0 ) - { + while (cur != NULL) { + if (name_len == strlen(cur->name) && + memcmp(name, cur->name, name_len) == 0) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( cur->slot != 0 ) - return( mbedtls_ssl_set_hs_psk_opaque( ssl, cur->slot ) ); - else + if (cur->slot != 0) { + return mbedtls_ssl_set_hs_psk_opaque(ssl, cur->slot); + } else #endif - return( mbedtls_ssl_set_hs_psk( ssl, cur->key, cur->key_len ) ); + return mbedtls_ssl_set_hs_psk(ssl, cur->key, cur->key_len); } cur = cur->next; } - return( -1 ); + return -1; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ @@ -956,12 +958,12 @@ static mbedtls_net_context listen_fd, client_fd; /* Interruption handler to ensure clean exit (for valgrind testing) */ #if !defined(_WIN32) static int received_sigterm = 0; -void term_handler( int sig ) +void term_handler(int sig) { ((void) sig); received_sigterm = 1; - mbedtls_net_free( &listen_fd ); /* causes mbedtls_net_accept() to abort */ - mbedtls_net_free( &client_fd ); /* causes net_read() to abort */ + mbedtls_net_free(&listen_fd); /* causes mbedtls_net_accept() to abort */ + mbedtls_net_free(&client_fd); /* causes net_read() to abort */ } #endif @@ -975,16 +977,15 @@ void term_handler( int sig ) * - A write, when the SSL output buffer contains some data that has not * been sent over the network yet. * - An asynchronous callback that has not completed yet. */ -static int mbedtls_status_is_ssl_in_progress( int ret ) +static int mbedtls_status_is_ssl_in_progress(int ret) { - return( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE || - ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); + return ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE || + ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS; } #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) -typedef struct -{ +typedef struct { mbedtls_x509_crt *cert; /*!< Certificate corresponding to the key */ mbedtls_pk_context *pk; /*!< Private key */ unsigned delay; /*!< Number of resume steps to go through */ @@ -999,8 +1000,7 @@ typedef enum { #define SSL_ASYNC_INJECT_ERROR_MAX SSL_ASYNC_INJECT_ERROR_RESUME } ssl_async_inject_error_t; -typedef struct -{ +typedef struct { ssl_async_key_slot_t slots[4]; /* key, key2, sni1, sni2 */ size_t slots_used; ssl_async_inject_error_t inject_error; @@ -1008,32 +1008,31 @@ typedef struct void *p_rng; } ssl_async_key_context_t; -int ssl_async_set_key( ssl_async_key_context_t *ctx, - mbedtls_x509_crt *cert, - mbedtls_pk_context *pk, - int pk_take_ownership, - unsigned delay ) +int ssl_async_set_key(ssl_async_key_context_t *ctx, + mbedtls_x509_crt *cert, + mbedtls_pk_context *pk, + int pk_take_ownership, + unsigned delay) { - if( ctx->slots_used >= sizeof( ctx->slots ) / sizeof( *ctx->slots ) ) - return( -1 ); + if (ctx->slots_used >= sizeof(ctx->slots) / sizeof(*ctx->slots)) { + return -1; + } ctx->slots[ctx->slots_used].cert = cert; ctx->slots[ctx->slots_used].pk = pk; ctx->slots[ctx->slots_used].delay = delay; ctx->slots[ctx->slots_used].pk_owned = pk_take_ownership; ++ctx->slots_used; - return( 0 ); + return 0; } #define SSL_ASYNC_INPUT_MAX_SIZE 512 -typedef enum -{ +typedef enum { ASYNC_OP_SIGN, ASYNC_OP_DECRYPT, } ssl_async_operation_type_t; -typedef struct -{ +typedef struct { unsigned slot; ssl_async_operation_type_t operation_type; mbedtls_md_type_t md_alg; @@ -1053,244 +1052,239 @@ static const char *const ssl_async_operation_names[] = "decrypt", }; -static int ssl_async_start( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - ssl_async_operation_type_t op_type, - mbedtls_md_type_t md_alg, - const unsigned char *input, - size_t input_len ) +static int ssl_async_start(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + ssl_async_operation_type_t op_type, + mbedtls_md_type_t md_alg, + const unsigned char *input, + size_t input_len) { ssl_async_key_context_t *config_data = - mbedtls_ssl_conf_get_async_config_data( ssl->conf ); + mbedtls_ssl_conf_get_async_config_data(ssl->conf); unsigned slot; ssl_async_operation_context_t *ctx = NULL; const char *op_name = ssl_async_operation_names[op_type]; { char dn[100]; - if( mbedtls_x509_dn_gets( dn, sizeof( dn ), &cert->subject ) > 0 ) - mbedtls_printf( "Async %s callback: looking for DN=%s\n", - op_name, dn ); + if (mbedtls_x509_dn_gets(dn, sizeof(dn), &cert->subject) > 0) { + mbedtls_printf("Async %s callback: looking for DN=%s\n", + op_name, dn); + } } /* Look for a private key that matches the public key in cert. * Since this test code has the private key inside Mbed TLS, * we call mbedtls_pk_check_pair to match a private key with the * public key. */ - for( slot = 0; slot < config_data->slots_used; slot++ ) - { - if( mbedtls_pk_check_pair( &cert->pk, - config_data->slots[slot].pk ) == 0 ) + for (slot = 0; slot < config_data->slots_used; slot++) { + if (mbedtls_pk_check_pair(&cert->pk, + config_data->slots[slot].pk) == 0) { break; + } } - if( slot == config_data->slots_used ) - { - mbedtls_printf( "Async %s callback: no key matches this certificate.\n", - op_name ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ); + if (slot == config_data->slots_used) { + mbedtls_printf("Async %s callback: no key matches this certificate.\n", + op_name); + return MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH; } - mbedtls_printf( "Async %s callback: using key slot %u, delay=%u.\n", - op_name, slot, config_data->slots[slot].delay ); + mbedtls_printf("Async %s callback: using key slot %u, delay=%u.\n", + op_name, slot, config_data->slots[slot].delay); - if( config_data->inject_error == SSL_ASYNC_INJECT_ERROR_START ) - { - mbedtls_printf( "Async %s callback: injected error\n", op_name ); - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + if (config_data->inject_error == SSL_ASYNC_INJECT_ERROR_START) { + mbedtls_printf("Async %s callback: injected error\n", op_name); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } - if( input_len > SSL_ASYNC_INPUT_MAX_SIZE ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (input_len > SSL_ASYNC_INPUT_MAX_SIZE) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ctx = mbedtls_calloc( 1, sizeof( *ctx ) ); - if( ctx == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + ctx = mbedtls_calloc(1, sizeof(*ctx)); + if (ctx == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } ctx->slot = slot; ctx->operation_type = op_type; ctx->md_alg = md_alg; - memcpy( ctx->input, input, input_len ); + memcpy(ctx->input, input, input_len); ctx->input_len = input_len; ctx->remaining_delay = config_data->slots[slot].delay; - mbedtls_ssl_set_async_operation_data( ssl, ctx ); + mbedtls_ssl_set_async_operation_data(ssl, ctx); - if( ctx->remaining_delay == 0 ) - return( 0 ); - else - return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); + if (ctx->remaining_delay == 0) { + return 0; + } else { + return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS; + } } -static int ssl_async_sign( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - mbedtls_md_type_t md_alg, - const unsigned char *hash, - size_t hash_len ) +static int ssl_async_sign(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + mbedtls_md_type_t md_alg, + const unsigned char *hash, + size_t hash_len) { - return( ssl_async_start( ssl, cert, - ASYNC_OP_SIGN, md_alg, - hash, hash_len ) ); + return ssl_async_start(ssl, cert, + ASYNC_OP_SIGN, md_alg, + hash, hash_len); } -static int ssl_async_decrypt( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - const unsigned char *input, - size_t input_len ) +static int ssl_async_decrypt(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + const unsigned char *input, + size_t input_len) { - return( ssl_async_start( ssl, cert, - ASYNC_OP_DECRYPT, MBEDTLS_MD_NONE, - input, input_len ) ); + return ssl_async_start(ssl, cert, + ASYNC_OP_DECRYPT, MBEDTLS_MD_NONE, + input, input_len); } -static int ssl_async_resume( mbedtls_ssl_context *ssl, - unsigned char *output, - size_t *output_len, - size_t output_size ) +static int ssl_async_resume(mbedtls_ssl_context *ssl, + unsigned char *output, + size_t *output_len, + size_t output_size) { - ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data( ssl ); + ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data(ssl); ssl_async_key_context_t *config_data = - mbedtls_ssl_conf_get_async_config_data( ssl->conf ); + mbedtls_ssl_conf_get_async_config_data(ssl->conf); ssl_async_key_slot_t *key_slot = &config_data->slots[ctx->slot]; int ret; const char *op_name; - if( ctx->remaining_delay > 0 ) - { + if (ctx->remaining_delay > 0) { --ctx->remaining_delay; - mbedtls_printf( "Async resume (slot %u): call %u more times.\n", - ctx->slot, ctx->remaining_delay ); - return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); + mbedtls_printf("Async resume (slot %u): call %u more times.\n", + ctx->slot, ctx->remaining_delay); + return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS; } - switch( ctx->operation_type ) - { + switch (ctx->operation_type) { case ASYNC_OP_DECRYPT: - ret = mbedtls_pk_decrypt( key_slot->pk, - ctx->input, ctx->input_len, - output, output_len, output_size, - config_data->f_rng, config_data->p_rng ); + ret = mbedtls_pk_decrypt(key_slot->pk, + ctx->input, ctx->input_len, + output, output_len, output_size, + config_data->f_rng, config_data->p_rng); break; case ASYNC_OP_SIGN: - ret = mbedtls_pk_sign( key_slot->pk, - ctx->md_alg, - ctx->input, ctx->input_len, - output, output_len, - config_data->f_rng, config_data->p_rng ); + ret = mbedtls_pk_sign(key_slot->pk, + ctx->md_alg, + ctx->input, ctx->input_len, + output, output_len, + config_data->f_rng, config_data->p_rng); break; default: - mbedtls_printf( "Async resume (slot %u): unknown operation type %ld. This shouldn't happen.\n", - ctx->slot, (long) ctx->operation_type ); - mbedtls_free( ctx ); - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + mbedtls_printf( + "Async resume (slot %u): unknown operation type %ld. This shouldn't happen.\n", + ctx->slot, + (long) ctx->operation_type); + mbedtls_free(ctx); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; break; } op_name = ssl_async_operation_names[ctx->operation_type]; - if( config_data->inject_error == SSL_ASYNC_INJECT_ERROR_RESUME ) - { - mbedtls_printf( "Async resume callback: %s done but injected error\n", - op_name ); - mbedtls_free( ctx ); - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + if (config_data->inject_error == SSL_ASYNC_INJECT_ERROR_RESUME) { + mbedtls_printf("Async resume callback: %s done but injected error\n", + op_name); + mbedtls_free(ctx); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } - mbedtls_printf( "Async resume (slot %u): %s done, status=%d.\n", - ctx->slot, op_name, ret ); - mbedtls_free( ctx ); - return( ret ); + mbedtls_printf("Async resume (slot %u): %s done, status=%d.\n", + ctx->slot, op_name, ret); + mbedtls_free(ctx); + return ret; } -static void ssl_async_cancel( mbedtls_ssl_context *ssl ) +static void ssl_async_cancel(mbedtls_ssl_context *ssl) { - ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data( ssl ); - mbedtls_printf( "Async cancel callback.\n" ); - mbedtls_free( ctx ); + ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data(ssl); + mbedtls_printf("Async cancel callback.\n"); + mbedtls_free(ctx); } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -static psa_status_t psa_setup_psk_key_slot( psa_key_id_t *slot, - psa_algorithm_t alg, - unsigned char *psk, - size_t psk_len ) +static psa_status_t psa_setup_psk_key_slot(psa_key_id_t *slot, + psa_algorithm_t alg, + unsigned char *psk, + size_t psk_len) { psa_status_t status; psa_key_attributes_t key_attributes; key_attributes = psa_key_attributes_init(); - psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &key_attributes, alg ); - psa_set_key_type( &key_attributes, PSA_KEY_TYPE_DERIVE ); + psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&key_attributes, alg); + psa_set_key_type(&key_attributes, PSA_KEY_TYPE_DERIVE); - status = psa_import_key( &key_attributes, psk, psk_len, slot ); - if( status != PSA_SUCCESS ) - { - fprintf( stderr, "IMPORT\n" ); - return( status ); + status = psa_import_key(&key_attributes, psk, psk_len, slot); + if (status != PSA_SUCCESS) { + fprintf(stderr, "IMPORT\n"); + return status; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) -int report_cid_usage( mbedtls_ssl_context *ssl, - const char *additional_description ) +int report_cid_usage(mbedtls_ssl_context *ssl, + const char *additional_description) { int ret; - unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; + unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX]; size_t peer_cid_len; int cid_negotiated; - if( opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 0 ); - - /* Check if the use of a CID has been negotiated */ - ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated, - peer_cid, &peer_cid_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", - (unsigned int) -ret ); - return( ret ); + if (opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return 0; } - if( cid_negotiated == MBEDTLS_SSL_CID_DISABLED ) - { - if( opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED ) - { - mbedtls_printf( "(%s) Use of Connection ID was not offered by client.\n", - additional_description ); - } - } - else - { - size_t idx=0; - mbedtls_printf( "(%s) Use of Connection ID has been negotiated.\n", - additional_description ); - mbedtls_printf( "(%s) Peer CID (length %u Bytes): ", - additional_description, - (unsigned) peer_cid_len ); - while( idx < peer_cid_len ) - { - mbedtls_printf( "%02x ", peer_cid[ idx ] ); + /* Check if the use of a CID has been negotiated */ + ret = mbedtls_ssl_get_peer_cid(ssl, &cid_negotiated, + peer_cid, &peer_cid_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", + (unsigned int) -ret); + return ret; + } + + if (cid_negotiated == MBEDTLS_SSL_CID_DISABLED) { + if (opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED) { + mbedtls_printf("(%s) Use of Connection ID was not offered by client.\n", + additional_description); + } + } else { + size_t idx = 0; + mbedtls_printf("(%s) Use of Connection ID has been negotiated.\n", + additional_description); + mbedtls_printf("(%s) Peer CID (length %u Bytes): ", + additional_description, + (unsigned) peer_cid_len); + while (idx < peer_cid_len) { + mbedtls_printf("%02x ", peer_cid[idx]); idx++; } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 0, len, written, frags, exchanges_left; int query_config_ret = 0; int version_suites[4][2]; io_ctx_t io_ctx; - unsigned char* buf = 0; + unsigned char *buf = 0; #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_algorithm_t alg = 0; @@ -1346,7 +1340,7 @@ int main( int argc, char *argv[] ) #endif #if defined(MBEDTLS_ECP_C) mbedtls_ecp_group_id curve_list[CURVE_LIST_SIZE]; - const mbedtls_ecp_curve_info * curve_cur; + const mbedtls_ecp_curve_info *curve_cur; #endif #if defined(MBEDTLS_SSL_ALPN) const char *alpn_list[ALPN_LIST_SIZE]; @@ -1374,107 +1368,106 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_SSL_EXPORT_KEYS) unsigned char eap_tls_keymaterial[16]; unsigned char eap_tls_iv[8]; - const char* eap_tls_label = "client EAP encryption"; + const char *eap_tls_label = "client EAP encryption"; eap_tls_keys eap_tls_keying; -#if defined( MBEDTLS_SSL_DTLS_SRTP ) +#if defined(MBEDTLS_SSL_DTLS_SRTP) /*! master keys and master salt for SRTP generated during handshake */ - unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH]; - const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp"; - dtls_srtp_keys dtls_srtp_keying; - const mbedtls_ssl_srtp_profile default_profiles[] = { - MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80, - MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32, - MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80, - MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32, - MBEDTLS_TLS_SRTP_UNSET - }; + unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH]; + const char *dtls_srtp_label = "EXTRACTOR-dtls_srtp"; + dtls_srtp_keys dtls_srtp_keying; + const mbedtls_ssl_srtp_profile default_profiles[] = { + MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80, + MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32, + MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80, + MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32, + MBEDTLS_TLS_SRTP_UNSET + }; #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); + mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); #if defined(MBEDTLS_MEMORY_DEBUG) size_t current_heap_memory, peak_heap_memory, heap_blocks; #endif /* MBEDTLS_MEMORY_DEBUG */ #endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ #if defined(MBEDTLS_TEST_HOOKS) - test_hooks_init( ); + test_hooks_init(); #endif /* MBEDTLS_TEST_HOOKS */ /* * Make sure memory references are valid in case we exit early. */ - mbedtls_net_init( &client_fd ); - mbedtls_net_init( &listen_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - rng_init( &rng ); + mbedtls_net_init(&client_fd); + mbedtls_net_init(&listen_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + rng_init(&rng); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - mbedtls_x509_crt_init( &srvcert2 ); - mbedtls_pk_init( &pkey2 ); + mbedtls_x509_crt_init(&cacert); + mbedtls_x509_crt_init(&srvcert); + mbedtls_pk_init(&pkey); + mbedtls_x509_crt_init(&srvcert2); + mbedtls_pk_init(&pkey2); #endif #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - memset( &ssl_async_keys, 0, sizeof( ssl_async_keys ) ); + memset(&ssl_async_keys, 0, sizeof(ssl_async_keys)); #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) - mbedtls_dhm_init( &dhm ); + mbedtls_dhm_init(&dhm); #endif #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init( &cache ); + mbedtls_ssl_cache_init(&cache); #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) - mbedtls_ssl_ticket_init( &ticket_ctx ); + mbedtls_ssl_ticket_init(&ticket_ctx); #endif #if defined(MBEDTLS_SSL_ALPN) - memset( (void *) alpn_list, 0, sizeof( alpn_list ) ); + memset((void *) alpn_list, 0, sizeof(alpn_list)); #endif #if defined(MBEDTLS_SSL_COOKIE_C) - mbedtls_ssl_cookie_init( &cookie_ctx ); + mbedtls_ssl_cookie_init(&cookie_ctx); #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) status = psa_crypto_init(); - if( status != PSA_SUCCESS ) - { - mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n", - (int) status ); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - mbedtls_test_enable_insecure_external_rng( ); + mbedtls_test_enable_insecure_external_rng(); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ #if !defined(_WIN32) /* Abort cleanly on SIGTERM and SIGINT */ - signal( SIGTERM, term_handler ); - signal( SIGINT, term_handler ); + signal(SIGTERM, term_handler); + signal(SIGINT, term_handler); #endif - if( argc == 0 ) - { - usage: - if( ret == 0 ) + if (argc == 0) { +usage: + if (ret == 0) { ret = 1; + } - mbedtls_printf( USAGE1 ); - mbedtls_printf( USAGE2 ); - mbedtls_printf( USAGE3 ); - mbedtls_printf( USAGE4 ); + mbedtls_printf(USAGE1); + mbedtls_printf(USAGE2); + mbedtls_printf(USAGE3); + mbedtls_printf(USAGE4); list = mbedtls_ssl_list_ciphersuites(); - while( *list ) - { - mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) ); + while (*list) { + mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list)); list++; - if( !*list ) + if (!*list) { break; - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); + } + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); list++; } mbedtls_printf("\n"); @@ -1517,7 +1510,7 @@ int main( int argc, char *argv[] ) opt.psk_identity = DFL_PSK_IDENTITY; opt.psk_list = DFL_PSK_LIST; opt.ecjpake_pw = DFL_ECJPAKE_PW; - opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; + opt.force_ciphersuite[0] = DFL_FORCE_CIPHER; opt.version_suites = DFL_VERSION_SUITES; opt.renegotiation = DFL_RENEGOTIATION; opt.allow_legacy = DFL_ALLOW_LEGACY; @@ -1564,106 +1557,99 @@ int main( int argc, char *argv[] ) opt.force_srtp_profile = DFL_SRTP_FORCE_PROFILE; opt.support_mki = DFL_SRTP_SUPPORT_MKI; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "server_port" ) == 0 ) + if (strcmp(p, "server_port") == 0) { opt.server_port = q; - else if( strcmp( p, "server_addr" ) == 0 ) + } else if (strcmp(p, "server_addr") == 0) { opt.server_addr = q; - else if( strcmp( p, "dtls" ) == 0 ) - { - int t = atoi( q ); - if( t == 0 ) + } else if (strcmp(p, "dtls") == 0) { + int t = atoi(q); + if (t == 0) { opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM; - else if( t == 1 ) + } else if (t == 1) { opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - else + } else { goto usage; - } - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) + } + } else if (strcmp(p, "debug_level") == 0) { + opt.debug_level = atoi(q); + if (opt.debug_level < 0 || opt.debug_level > 65535) { goto usage; - } - else if( strcmp( p, "build_version" ) == 0 ) - { - if( strcmp( q, "1" ) == 0 ) - { - mbedtls_printf( "build version: %s (build %d)\n", - MBEDTLS_VERSION_STRING_FULL, - MBEDTLS_VERSION_NUMBER ); + } + } else if (strcmp(p, "build_version") == 0) { + if (strcmp(q, "1") == 0) { + mbedtls_printf("build version: %s (build %d)\n", + MBEDTLS_VERSION_STRING_FULL, + MBEDTLS_VERSION_NUMBER); goto exit; } - } - else if( strcmp( p, "nbio" ) == 0 ) - { - opt.nbio = atoi( q ); - if( opt.nbio < 0 || opt.nbio > 2 ) + } else if (strcmp(p, "nbio") == 0) { + opt.nbio = atoi(q); + if (opt.nbio < 0 || opt.nbio > 2) { goto usage; - } - else if( strcmp( p, "event" ) == 0 ) - { - opt.event = atoi( q ); - if( opt.event < 0 || opt.event > 2 ) + } + } else if (strcmp(p, "event") == 0) { + opt.event = atoi(q); + if (opt.event < 0 || opt.event > 2) { goto usage; - } - else if( strcmp( p, "read_timeout" ) == 0 ) - opt.read_timeout = atoi( q ); - else if( strcmp( p, "buffer_size" ) == 0 ) - { - opt.buffer_size = atoi( q ); - if( opt.buffer_size < 1 || opt.buffer_size > MBEDTLS_SSL_MAX_CONTENT_LEN + 1 ) + } + } else if (strcmp(p, "read_timeout") == 0) { + opt.read_timeout = atoi(q); + } else if (strcmp(p, "buffer_size") == 0) { + opt.buffer_size = atoi(q); + if (opt.buffer_size < 1 || opt.buffer_size > MBEDTLS_SSL_MAX_CONTENT_LEN + 1) { goto usage; - } - else if( strcmp( p, "response_size" ) == 0 ) - { - opt.response_size = atoi( q ); - if( opt.response_size < 0 || opt.response_size > MBEDTLS_SSL_MAX_CONTENT_LEN ) + } + } else if (strcmp(p, "response_size") == 0) { + opt.response_size = atoi(q); + if (opt.response_size < 0 || opt.response_size > MBEDTLS_SSL_MAX_CONTENT_LEN) { goto usage; - if( opt.buffer_size < opt.response_size ) + } + if (opt.buffer_size < opt.response_size) { opt.buffer_size = opt.response_size; - } - else if( strcmp( p, "ca_file" ) == 0 ) + } + } else if (strcmp(p, "ca_file") == 0) { opt.ca_file = q; - else if( strcmp( p, "ca_path" ) == 0 ) + } else if (strcmp(p, "ca_path") == 0) { opt.ca_path = q; - else if( strcmp( p, "crt_file" ) == 0 ) + } else if (strcmp(p, "crt_file") == 0) { opt.crt_file = q; - else if( strcmp( p, "key_file" ) == 0 ) + } else if (strcmp(p, "key_file") == 0) { opt.key_file = q; - else if( strcmp( p, "key_pwd" ) == 0 ) + } else if (strcmp(p, "key_pwd") == 0) { opt.key_pwd = q; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - else if( strcmp( p, "key_opaque" ) == 0 ) - opt.key_opaque = atoi( q ); + else if (strcmp(p, "key_opaque") == 0) { + opt.key_opaque = atoi(q); + } #endif - else if( strcmp( p, "crt_file2" ) == 0 ) + else if (strcmp(p, "crt_file2") == 0) { opt.crt_file2 = q; - else if( strcmp( p, "key_file2" ) == 0 ) + } else if (strcmp(p, "key_file2") == 0) { opt.key_file2 = q; - else if( strcmp( p, "key_pwd2" ) == 0 ) + } else if (strcmp(p, "key_pwd2") == 0) { opt.key_pwd2 = q; - else if( strcmp( p, "dhm_file" ) == 0 ) + } else if (strcmp(p, "dhm_file") == 0) { opt.dhm_file = q; + } #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - else if( strcmp( p, "async_operations" ) == 0 ) + else if (strcmp(p, "async_operations") == 0) { opt.async_operations = q; - else if( strcmp( p, "async_private_delay1" ) == 0 ) - opt.async_private_delay1 = atoi( q ); - else if( strcmp( p, "async_private_delay2" ) == 0 ) - opt.async_private_delay2 = atoi( q ); - else if( strcmp( p, "async_private_error" ) == 0 ) - { - int n = atoi( q ); - if( n < -SSL_ASYNC_INJECT_ERROR_MAX || - n > SSL_ASYNC_INJECT_ERROR_MAX ) - { + } else if (strcmp(p, "async_private_delay1") == 0) { + opt.async_private_delay1 = atoi(q); + } else if (strcmp(p, "async_private_delay2") == 0) { + opt.async_private_delay2 = atoi(q); + } else if (strcmp(p, "async_private_error") == 0) { + int n = atoi(q); + if (n < -SSL_ASYNC_INJECT_ERROR_MAX || + n > SSL_ASYNC_INJECT_ERROR_MAX) { ret = 2; goto usage; } @@ -1671,70 +1657,61 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - else if( strcmp( p, "cid" ) == 0 ) - { - opt.cid_enabled = atoi( q ); - if( opt.cid_enabled != 0 && opt.cid_enabled != 1 ) + else if (strcmp(p, "cid") == 0) { + opt.cid_enabled = atoi(q); + if (opt.cid_enabled != 0 && opt.cid_enabled != 1) { goto usage; - } - else if( strcmp( p, "cid_renego" ) == 0 ) - { - opt.cid_enabled_renego = atoi( q ); - if( opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1 ) + } + } else if (strcmp(p, "cid_renego") == 0) { + opt.cid_enabled_renego = atoi(q); + if (opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1) { goto usage; - } - else if( strcmp( p, "cid_val" ) == 0 ) - { + } + } else if (strcmp(p, "cid_val") == 0) { opt.cid_val = q; - } - else if( strcmp( p, "cid_val_renego" ) == 0 ) - { + } else if (strcmp(p, "cid_val_renego") == 0) { opt.cid_val_renego = q; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - else if( strcmp( p, "psk" ) == 0 ) + else if (strcmp(p, "psk") == 0) { opt.psk = q; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - else if( strcmp( p, "psk_opaque" ) == 0 ) - opt.psk_opaque = atoi( q ); - else if( strcmp( p, "psk_list_opaque" ) == 0 ) - opt.psk_list_opaque = atoi( q ); + else if (strcmp(p, "psk_opaque") == 0) { + opt.psk_opaque = atoi(q); + } else if (strcmp(p, "psk_list_opaque") == 0) { + opt.psk_list_opaque = atoi(q); + } #endif #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - else if( strcmp( p, "ca_callback" ) == 0) - opt.ca_callback = atoi( q ); + else if (strcmp(p, "ca_callback") == 0) { + opt.ca_callback = atoi(q); + } #endif - else if( strcmp( p, "psk_identity" ) == 0 ) + else if (strcmp(p, "psk_identity") == 0) { opt.psk_identity = q; - else if( strcmp( p, "psk_list" ) == 0 ) + } else if (strcmp(p, "psk_list") == 0) { opt.psk_list = q; - else if( strcmp( p, "ecjpake_pw" ) == 0 ) + } else if (strcmp(p, "ecjpake_pw") == 0) { opt.ecjpake_pw = q; - else if( strcmp( p, "force_ciphersuite" ) == 0 ) - { - opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); + } else if (strcmp(p, "force_ciphersuite") == 0) { + opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(q); - if( opt.force_ciphersuite[0] == 0 ) - { + if (opt.force_ciphersuite[0] == 0) { ret = 2; goto usage; } opt.force_ciphersuite[1] = 0; - } - else if( strcmp( p, "curves" ) == 0 ) + } else if (strcmp(p, "curves") == 0) { opt.curves = q; - else if( strcmp( p, "version_suites" ) == 0 ) + } else if (strcmp(p, "version_suites") == 0) { opt.version_suites = q; - else if( strcmp( p, "renegotiation" ) == 0 ) - { - opt.renegotiation = (atoi( q )) ? - MBEDTLS_SSL_RENEGOTIATION_ENABLED : - MBEDTLS_SSL_RENEGOTIATION_DISABLED; - } - else if( strcmp( p, "allow_legacy" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "renegotiation") == 0) { + opt.renegotiation = (atoi(q)) ? + MBEDTLS_SSL_RENEGOTIATION_ENABLED : + MBEDTLS_SSL_RENEGOTIATION_DISABLED; + } else if (strcmp(p, "allow_legacy") == 0) { + switch (atoi(q)) { case -1: opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE; break; @@ -1746,160 +1723,124 @@ int main( int argc, char *argv[] ) break; default: goto usage; } - } - else if( strcmp( p, "renegotiate" ) == 0 ) - { - opt.renegotiate = atoi( q ); - if( opt.renegotiate < 0 || opt.renegotiate > 1 ) + } else if (strcmp(p, "renegotiate") == 0) { + opt.renegotiate = atoi(q); + if (opt.renegotiate < 0 || opt.renegotiate > 1) { goto usage; - } - else if( strcmp( p, "renego_delay" ) == 0 ) - { - opt.renego_delay = atoi( q ); - } - else if( strcmp( p, "renego_period" ) == 0 ) - { + } + } else if (strcmp(p, "renego_delay") == 0) { + opt.renego_delay = atoi(q); + } else if (strcmp(p, "renego_period") == 0) { #if defined(_MSC_VER) - opt.renego_period = _strtoui64( q, NULL, 10 ); + opt.renego_period = _strtoui64(q, NULL, 10); #else - if( sscanf( q, "%" SCNu64, &opt.renego_period ) != 1 ) + if (sscanf(q, "%" SCNu64, &opt.renego_period) != 1) { goto usage; + } #endif /* _MSC_VER */ - if( opt.renego_period < 2 ) + if (opt.renego_period < 2) { goto usage; - } - else if( strcmp( p, "exchanges" ) == 0 ) - { - opt.exchanges = atoi( q ); - if( opt.exchanges < 0 ) + } + } else if (strcmp(p, "exchanges") == 0) { + opt.exchanges = atoi(q); + if (opt.exchanges < 0) { goto usage; - } - else if( strcmp( p, "min_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) + } + } else if (strcmp(p, "min_version") == 0) { + if (strcmp(q, "ssl3") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; - else if( strcmp( q, "tls1" ) == 0 ) + } else if (strcmp(q, "tls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) + } else if (strcmp(q, "tls1_1") == 0 || + strcmp(q, "dtls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls12" ) == 0 || - strcmp( q, "dtls12" ) == 0 ) + } else if (strcmp(q, "tls12") == 0 || + strcmp(q, "dtls12") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - else + } else { goto usage; - } - else if( strcmp( p, "max_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) + } + } else if (strcmp(p, "max_version") == 0) { + if (strcmp(q, "ssl3") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; - else if( strcmp( q, "tls1" ) == 0 ) + } else if (strcmp(q, "tls1") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) + } else if (strcmp(q, "tls1_1") == 0 || + strcmp(q, "dtls1") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls12" ) == 0 || - strcmp( q, "dtls12" ) == 0 ) + } else if (strcmp(q, "tls12") == 0 || + strcmp(q, "dtls12") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - else + } else { goto usage; - } - else if( strcmp( p, "arc4" ) == 0 ) - { - switch( atoi( q ) ) - { + } + } else if (strcmp(p, "arc4") == 0) { + switch (atoi(q)) { case 0: opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED; break; case 1: opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; break; default: goto usage; } - } - else if( strcmp( p, "allow_sha1" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "allow_sha1") == 0) { + switch (atoi(q)) { case 0: opt.allow_sha1 = 0; break; case 1: opt.allow_sha1 = 1; break; default: goto usage; } - } - else if( strcmp( p, "force_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) - { + } else if (strcmp(p, "force_version") == 0) { + if (strcmp(q, "ssl3") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; - } - else if( strcmp( q, "tls1" ) == 0 ) - { + } else if (strcmp(q, "tls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - } - else if( strcmp( q, "tls1_1" ) == 0 ) - { + } else if (strcmp(q, "tls1_1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - } - else if( strcmp( q, "tls12" ) == 0 ) - { + } else if (strcmp(q, "tls12") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - } - else if( strcmp( q, "dtls1" ) == 0 ) - { + } else if (strcmp(q, "dtls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } - else if( strcmp( q, "dtls12" ) == 0 ) - { + } else if (strcmp(q, "dtls12") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } - else + } else { goto usage; - } - else if( strcmp( p, "auth_mode" ) == 0 ) - { - if( ( opt.auth_mode = get_auth_mode( q ) ) < 0 ) + } + } else if (strcmp(p, "auth_mode") == 0) { + if ((opt.auth_mode = get_auth_mode(q)) < 0) { goto usage; - } - else if( strcmp( p, "cert_req_ca_list" ) == 0 ) - { - opt.cert_req_ca_list = atoi( q ); - if( opt.cert_req_ca_list < 0 || opt.cert_req_ca_list > 1 ) + } + } else if (strcmp(p, "cert_req_ca_list") == 0) { + opt.cert_req_ca_list = atoi(q); + if (opt.cert_req_ca_list < 0 || opt.cert_req_ca_list > 1) { goto usage; - } - else if( strcmp( p, "max_frag_len" ) == 0 ) - { - if( strcmp( q, "512" ) == 0 ) + } + } else if (strcmp(p, "max_frag_len") == 0) { + if (strcmp(q, "512") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512; - else if( strcmp( q, "1024" ) == 0 ) + } else if (strcmp(q, "1024") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024; - else if( strcmp( q, "2048" ) == 0 ) + } else if (strcmp(q, "2048") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048; - else if( strcmp( q, "4096" ) == 0 ) + } else if (strcmp(q, "4096") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096; - else + } else { goto usage; - } - else if( strcmp( p, "alpn" ) == 0 ) - { + } + } else if (strcmp(p, "alpn") == 0) { opt.alpn_string = q; - } - else if( strcmp( p, "trunc_hmac" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "trunc_hmac") == 0) { + switch (atoi(q)) { case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break; case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break; default: goto usage; } - } - else if( strcmp( p, "extended_ms" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "extended_ms") == 0) { + switch (atoi(q)) { case 0: opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED; break; @@ -1908,158 +1849,125 @@ int main( int argc, char *argv[] ) break; default: goto usage; } - } - else if( strcmp( p, "etm" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "etm") == 0) { + switch (atoi(q)) { case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break; case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break; default: goto usage; } - } - else if( strcmp( p, "tickets" ) == 0 ) - { - opt.tickets = atoi( q ); - if( opt.tickets < 0 || opt.tickets > 1 ) + } else if (strcmp(p, "tickets") == 0) { + opt.tickets = atoi(q); + if (opt.tickets < 0 || opt.tickets > 1) { goto usage; - } - else if( strcmp( p, "ticket_timeout" ) == 0 ) - { - opt.ticket_timeout = atoi( q ); - if( opt.ticket_timeout < 0 ) + } + } else if (strcmp(p, "ticket_timeout") == 0) { + opt.ticket_timeout = atoi(q); + if (opt.ticket_timeout < 0) { goto usage; - } - else if( strcmp( p, "cache_max" ) == 0 ) - { - opt.cache_max = atoi( q ); - if( opt.cache_max < 0 ) + } + } else if (strcmp(p, "cache_max") == 0) { + opt.cache_max = atoi(q); + if (opt.cache_max < 0) { goto usage; + } } #if defined(MBEDTLS_HAVE_TIME) - else if( strcmp( p, "cache_timeout" ) == 0 ) - { - opt.cache_timeout = atoi( q ); - if( opt.cache_timeout < 0 ) + else if (strcmp(p, "cache_timeout") == 0) { + opt.cache_timeout = atoi(q); + if (opt.cache_timeout < 0) { goto usage; + } } #endif - else if( strcmp( p, "cookies" ) == 0 ) - { - opt.cookies = atoi( q ); - if( opt.cookies < -1 || opt.cookies > 1) + else if (strcmp(p, "cookies") == 0) { + opt.cookies = atoi(q); + if (opt.cookies < -1 || opt.cookies > 1) { goto usage; - } - else if( strcmp( p, "anti_replay" ) == 0 ) - { - opt.anti_replay = atoi( q ); - if( opt.anti_replay < 0 || opt.anti_replay > 1) + } + } else if (strcmp(p, "anti_replay") == 0) { + opt.anti_replay = atoi(q); + if (opt.anti_replay < 0 || opt.anti_replay > 1) { goto usage; - } - else if( strcmp( p, "badmac_limit" ) == 0 ) - { - opt.badmac_limit = atoi( q ); - if( opt.badmac_limit < 0 ) + } + } else if (strcmp(p, "badmac_limit") == 0) { + opt.badmac_limit = atoi(q); + if (opt.badmac_limit < 0) { goto usage; - } - else if( strcmp( p, "hs_timeout" ) == 0 ) - { - if( ( p = strchr( q, '-' ) ) == NULL ) + } + } else if (strcmp(p, "hs_timeout") == 0) { + if ((p = strchr(q, '-')) == NULL) { goto usage; + } *p++ = '\0'; - opt.hs_to_min = atoi( q ); - opt.hs_to_max = atoi( p ); - if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min ) + opt.hs_to_min = atoi(q); + opt.hs_to_max = atoi(p); + if (opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min) { goto usage; - } - else if( strcmp( p, "mtu" ) == 0 ) - { - opt.dtls_mtu = atoi( q ); - if( opt.dtls_mtu < 0 ) + } + } else if (strcmp(p, "mtu") == 0) { + opt.dtls_mtu = atoi(q); + if (opt.dtls_mtu < 0) { goto usage; - } - else if( strcmp( p, "dgram_packing" ) == 0 ) - { - opt.dgram_packing = atoi( q ); - if( opt.dgram_packing != 0 && - opt.dgram_packing != 1 ) - { + } + } else if (strcmp(p, "dgram_packing") == 0) { + opt.dgram_packing = atoi(q); + if (opt.dgram_packing != 0 && + opt.dgram_packing != 1) { goto usage; } - } - else if( strcmp( p, "sni" ) == 0 ) - { + } else if (strcmp(p, "sni") == 0) { opt.sni = q; - } - else if( strcmp( p, "query_config" ) == 0 ) - { + } else if (strcmp(p, "query_config") == 0) { opt.query_config_mode = 1; - query_config_ret = query_config( q ); + query_config_ret = query_config(q); goto exit; - } - else if( strcmp( p, "serialize") == 0 ) - { - opt.serialize = atoi( q ); - if( opt.serialize < 0 || opt.serialize > 2) + } else if (strcmp(p, "serialize") == 0) { + opt.serialize = atoi(q); + if (opt.serialize < 0 || opt.serialize > 2) { goto usage; - } - else if( strcmp( p, "context_file") == 0 ) - { + } + } else if (strcmp(p, "context_file") == 0) { opt.context_file = q; - } - else if( strcmp( p, "eap_tls" ) == 0 ) - { - opt.eap_tls = atoi( q ); - if( opt.eap_tls < 0 || opt.eap_tls > 1 ) + } else if (strcmp(p, "eap_tls") == 0) { + opt.eap_tls = atoi(q); + if (opt.eap_tls < 0 || opt.eap_tls > 1) { goto usage; - } - else if( strcmp( p, "reproducible" ) == 0 ) - { + } + } else if (strcmp(p, "reproducible") == 0) { opt.reproducible = 1; - } - else if( strcmp( p, "nss_keylog" ) == 0 ) - { - opt.nss_keylog = atoi( q ); - if( opt.nss_keylog < 0 || opt.nss_keylog > 1 ) + } else if (strcmp(p, "nss_keylog") == 0) { + opt.nss_keylog = atoi(q); + if (opt.nss_keylog < 0 || opt.nss_keylog > 1) { goto usage; - } - else if( strcmp( p, "nss_keylog_file" ) == 0 ) - { + } + } else if (strcmp(p, "nss_keylog_file") == 0) { opt.nss_keylog_file = q; - } - else if( strcmp( p, "use_srtp" ) == 0 ) - { - opt.use_srtp = atoi ( q ); - } - else if( strcmp( p, "srtp_force_profile" ) == 0 ) - { - opt.force_srtp_profile = atoi( q ); - } - else if( strcmp( p, "support_mki" ) == 0 ) - { - opt.support_mki = atoi( q ); - } - else + } else if (strcmp(p, "use_srtp") == 0) { + opt.use_srtp = atoi(q); + } else if (strcmp(p, "srtp_force_profile") == 0) { + opt.force_srtp_profile = atoi(q); + } else if (strcmp(p, "support_mki") == 0) { + opt.support_mki = atoi(q); + } else { goto usage; + } } - if( opt.nss_keylog != 0 && opt.eap_tls != 0 ) - { - mbedtls_printf( "Error: eap_tls and nss_keylog options cannot be used together.\n" ); + if (opt.nss_keylog != 0 && opt.eap_tls != 0) { + mbedtls_printf("Error: eap_tls and nss_keylog options cannot be used together.\n"); goto usage; } /* Event-driven IO is incompatible with the above custom * receive and send functions, as the polling builds on * refers to the underlying net_context. */ - if( opt.event == 1 && opt.nbio != 1 ) - { - mbedtls_printf( "Warning: event-driven IO mandates nbio=1 - overwrite\n" ); + if (opt.event == 1 && opt.nbio != 1) { + mbedtls_printf("Warning: event-driven IO mandates nbio=1 - overwrite\n"); opt.nbio = 1; } #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( opt.debug_level ); + mbedtls_debug_set_threshold(opt.debug_level); #endif /* buf will alternatively contain the input read from the client and the @@ -2067,102 +1975,89 @@ int main( int argc, char *argv[] ) size_t buf_content_size = opt.buffer_size; /* The default response contains the ciphersuite name. Leave enough * room for that plus some margin. */ - if( buf_content_size < strlen( HTTP_RESPONSE ) + 80 ) - { - buf_content_size = strlen( HTTP_RESPONSE ) + 80; + if (buf_content_size < strlen(HTTP_RESPONSE) + 80) { + buf_content_size = strlen(HTTP_RESPONSE) + 80; } - if( opt.response_size != DFL_RESPONSE_SIZE && - buf_content_size < (size_t) opt.response_size ) - { + if (opt.response_size != DFL_RESPONSE_SIZE && + buf_content_size < (size_t) opt.response_size) { buf_content_size = opt.response_size; } - buf = mbedtls_calloc( 1, buf_content_size + 1 ); - if( buf == NULL ) - { - mbedtls_printf( "Could not allocate %lu bytes\n", - (unsigned long) buf_content_size + 1 ); + buf = mbedtls_calloc(1, buf_content_size + 1); + if (buf == NULL) { + mbedtls_printf("Could not allocate %lu bytes\n", + (unsigned long) buf_content_size + 1); ret = 3; goto exit; } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { - if( strlen( opt.psk ) == 0 ) - { - mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" ); + if (opt.psk_opaque != 0) { + if (strlen(opt.psk) == 0) { + mbedtls_printf("psk_opaque set but no psk to be imported specified.\n"); ret = 2; goto usage; } - if( opt.force_ciphersuite[0] <= 0 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + if (opt.force_ciphersuite[0] <= 0) { + mbedtls_printf( + "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n"); ret = 2; goto usage; } } - if( opt.psk_list_opaque != 0 ) - { - if( opt.psk_list == NULL ) - { - mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" ); + if (opt.psk_list_opaque != 0) { + if (opt.psk_list == NULL) { + mbedtls_printf("psk_slot set but no psk to be imported specified.\n"); ret = 2; goto usage; } - if( opt.force_ciphersuite[0] <= 0 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + if (opt.force_ciphersuite[0] <= 0) { + mbedtls_printf( + "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n"); ret = 2; goto usage; } } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( opt.force_ciphersuite[0] > 0 ) - { + if (opt.force_ciphersuite[0] > 0) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info; ciphersuite_info = - mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); + mbedtls_ssl_ciphersuite_from_id(opt.force_ciphersuite[0]); - if( opt.max_version != -1 && - ciphersuite_info->min_minor_ver > opt.max_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + if (opt.max_version != -1 && + ciphersuite_info->min_minor_ver > opt.max_version) { + mbedtls_printf("forced ciphersuite not allowed with this protocol version\n"); ret = 2; goto usage; } - if( opt.min_version != -1 && - ciphersuite_info->max_minor_ver < opt.min_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + if (opt.min_version != -1 && + ciphersuite_info->max_minor_ver < opt.min_version) { + mbedtls_printf("forced ciphersuite not allowed with this protocol version\n"); ret = 2; goto usage; } /* If we select a version that's not supported by * this suite, then there will be no common ciphersuite... */ - if( opt.max_version == -1 || - opt.max_version > ciphersuite_info->max_minor_ver ) - { + if (opt.max_version == -1 || + opt.max_version > ciphersuite_info->max_minor_ver) { opt.max_version = ciphersuite_info->max_minor_ver; } - if( opt.min_version < ciphersuite_info->min_minor_ver ) - { + if (opt.min_version < ciphersuite_info->min_minor_ver) { opt.min_version = ciphersuite_info->min_minor_ver; /* DTLS starts with TLS 1.1 */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + } } /* Enable RC4 if needed and not explicitly disabled */ - if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - { - if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) - { + if (ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128) { + if (opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED) { mbedtls_printf("forced RC4 ciphersuite with RC4 disabled\n"); ret = 2; goto usage; @@ -2173,55 +2068,51 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( opt.psk_opaque != 0 || opt.psk_list_opaque != 0 ) - { + if (opt.psk_opaque != 0 || opt.psk_list_opaque != 0) { /* Determine KDF algorithm the opaque PSK will be used in. */ #if defined(MBEDTLS_SHA512_C) - if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); - else + } else #endif /* MBEDTLS_SHA512_C */ - alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ } - if( opt.version_suites != NULL ) - { + if (opt.version_suites != NULL) { const char *name[4] = { 0 }; /* Parse 4-element coma-separated list */ - for( i = 0, p = (char *) opt.version_suites; + for (i = 0, p = (char *) opt.version_suites; i < 4 && *p != '\0'; - i++ ) - { + i++) { name[i] = p; /* Terminate the current string and move on to next one */ - while( *p != ',' && *p != '\0' ) + while (*p != ',' && *p != '\0') { p++; - if( *p == ',' ) + } + if (*p == ',') { *p++ = '\0'; + } } - if( i != 4 ) - { - mbedtls_printf( "too few values for version_suites\n" ); + if (i != 4) { + mbedtls_printf("too few values for version_suites\n"); ret = 1; goto exit; } - memset( version_suites, 0, sizeof( version_suites ) ); + memset(version_suites, 0, sizeof(version_suites)); /* Get the suites identifiers from their name */ - for( i = 0; i < 4; i++ ) - { - version_suites[i][0] = mbedtls_ssl_get_ciphersuite_id( name[i] ); + for (i = 0; i < 4; i++) { + version_suites[i][0] = mbedtls_ssl_get_ciphersuite_id(name[i]); - if( version_suites[i][0] == 0 ) - { - mbedtls_printf( "unknown ciphersuite: '%s'\n", name[i] ); + if (version_suites[i][0] == 0) { + mbedtls_printf("unknown ciphersuite: '%s'\n", name[i]); ret = 2; goto usage; } @@ -2229,24 +2120,24 @@ int main( int argc, char *argv[] ) } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( mbedtls_test_unhexify( cid, sizeof( cid ), - opt.cid_val, &cid_len ) != 0 ) - { - mbedtls_printf( "CID not valid hex\n" ); + if (mbedtls_test_unhexify(cid, sizeof(cid), + opt.cid_val, &cid_len) != 0) { + mbedtls_printf("CID not valid hex\n"); goto exit; } /* Keep CID settings for renegotiation unless * specified otherwise. */ - if( opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO ) + if (opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO) { opt.cid_enabled_renego = opt.cid_enabled; - if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO ) + } + if (opt.cid_val_renego == DFL_CID_VALUE_RENEGO) { opt.cid_val_renego = opt.cid_val; + } - if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ), - opt.cid_val_renego, &cid_renego_len ) != 0 ) - { - mbedtls_printf( "CID not valid hex\n" ); + if (mbedtls_test_unhexify(cid_renego, sizeof(cid_renego), + opt.cid_val_renego, &cid_renego_len) != 0) { + mbedtls_printf("CID not valid hex\n"); goto exit; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -2255,71 +2146,60 @@ int main( int argc, char *argv[] ) /* * Unhexify the pre-shared key and parse the list if any given */ - if( mbedtls_test_unhexify( psk, sizeof( psk ), - opt.psk, &psk_len ) != 0 ) - { - mbedtls_printf( "pre-shared key not valid hex\n" ); + if (mbedtls_test_unhexify(psk, sizeof(psk), + opt.psk, &psk_len) != 0) { + mbedtls_printf("pre-shared key not valid hex\n"); goto exit; } - if( opt.psk_list != NULL ) - { - if( ( psk_info = psk_parse( opt.psk_list ) ) == NULL ) - { - mbedtls_printf( "psk_list invalid" ); + if (opt.psk_list != NULL) { + if ((psk_info = psk_parse(opt.psk_list)) == NULL) { + mbedtls_printf("psk_list invalid"); goto exit; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_ECP_C) - if( opt.curves != NULL ) - { + if (opt.curves != NULL) { p = (char *) opt.curves; i = 0; - if( strcmp( p, "none" ) == 0 ) - { + if (strcmp(p, "none") == 0) { curve_list[0] = MBEDTLS_ECP_DP_NONE; - } - else if( strcmp( p, "default" ) != 0 ) - { + } else if (strcmp(p, "default") != 0) { /* Leave room for a final NULL in curve list */ - while( i < CURVE_LIST_SIZE - 1 && *p != '\0' ) - { + while (i < CURVE_LIST_SIZE - 1 && *p != '\0') { q = p; /* Terminate the current string */ - while( *p != ',' && *p != '\0' ) + while (*p != ',' && *p != '\0') { p++; - if( *p == ',' ) + } + if (*p == ',') { *p++ = '\0'; + } - if( ( curve_cur = mbedtls_ecp_curve_info_from_name( q ) ) != NULL ) - { + if ((curve_cur = mbedtls_ecp_curve_info_from_name(q)) != NULL) { curve_list[i++] = curve_cur->grp_id; - } - else - { - mbedtls_printf( "unknown curve %s\n", q ); - mbedtls_printf( "supported curves: " ); - for( curve_cur = mbedtls_ecp_curve_list(); + } else { + mbedtls_printf("unknown curve %s\n", q); + mbedtls_printf("supported curves: "); + for (curve_cur = mbedtls_ecp_curve_list(); curve_cur->grp_id != MBEDTLS_ECP_DP_NONE; - curve_cur++ ) - { - mbedtls_printf( "%s ", curve_cur->name ); + curve_cur++) { + mbedtls_printf("%s ", curve_cur->name); } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); goto exit; } } - mbedtls_printf("Number of curves: %d\n", i ); + mbedtls_printf("Number of curves: %d\n", i); - if( i == CURVE_LIST_SIZE - 1 && *p != '\0' ) - { - mbedtls_printf( "curves list too long, maximum %d", - CURVE_LIST_SIZE - 1 ); + if (i == CURVE_LIST_SIZE - 1 && *p != '\0') { + mbedtls_printf("curves list too long, maximum %d", + CURVE_LIST_SIZE - 1); goto exit; } @@ -2329,202 +2209,186 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - { + if (opt.alpn_string != NULL) { p = (char *) opt.alpn_string; i = 0; /* Leave room for a final NULL in alpn_list */ - while( i < ALPN_LIST_SIZE - 1 && *p != '\0' ) - { + while (i < ALPN_LIST_SIZE - 1 && *p != '\0') { alpn_list[i++] = p; /* Terminate the current string and move on to next one */ - while( *p != ',' && *p != '\0' ) + while (*p != ',' && *p != '\0') { p++; - if( *p == ',' ) + } + if (*p == ',') { *p++ = '\0'; + } } } #endif /* MBEDTLS_SSL_ALPN */ - mbedtls_printf( "build version: %s (build %d)\n", - MBEDTLS_VERSION_STRING_FULL, MBEDTLS_VERSION_NUMBER ); + mbedtls_printf("build version: %s (build %d)\n", + MBEDTLS_VERSION_STRING_FULL, MBEDTLS_VERSION_NUMBER); /* * 0. Initialize the RNG and the session data */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - ret = rng_seed( &rng, opt.reproducible, pers ); - if( ret != 0 ) + ret = rng_seed(&rng, opt.reproducible, pers); + if (ret != 0) { goto exit; - mbedtls_printf( " ok\n" ); + } + mbedtls_printf(" ok\n"); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* * 1.1. Load the trusted CA */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the CA root certificate ..."); + fflush(stdout); - if( strcmp( opt.ca_path, "none" ) == 0 || - strcmp( opt.ca_file, "none" ) == 0 ) - { + if (strcmp(opt.ca_path, "none") == 0 || + strcmp(opt.ca_file, "none") == 0) { ret = 0; - } - else + } else #if defined(MBEDTLS_FS_IO) - if( strlen( opt.ca_path ) ) - ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ); - else if( strlen( opt.ca_file ) ) - ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); - else + if (strlen(opt.ca_path)) { + ret = mbedtls_x509_crt_parse_path(&cacert, opt.ca_path); + } else if (strlen(opt.ca_file)) { + ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file); + } else #endif #if defined(MBEDTLS_CERTS_C) { #if defined(MBEDTLS_PEM_PARSE_C) - for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) - { - ret = mbedtls_x509_crt_parse( &cacert, - (const unsigned char *) mbedtls_test_cas[i], - mbedtls_test_cas_len[i] ); - if( ret != 0 ) + for (i = 0; mbedtls_test_cas[i] != NULL; i++) { + ret = mbedtls_x509_crt_parse(&cacert, + (const unsigned char *) mbedtls_test_cas[i], + mbedtls_test_cas_len[i]); + if (ret != 0) { break; + } } #endif /* MBEDTLS_PEM_PARSE_C */ - if( ret == 0 ) - { - for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ ) - { - ret = mbedtls_x509_crt_parse_der( &cacert, - (const unsigned char *) mbedtls_test_cas_der[i], - mbedtls_test_cas_der_len[i] ); - if( ret != 0 ) + if (ret == 0) { + for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) { + ret = mbedtls_x509_crt_parse_der(&cacert, + (const unsigned char *) mbedtls_test_cas_der[i], + mbedtls_test_cas_der_len[i]); + if (ret != 0) { break; + } } } } #else { ret = 1; - mbedtls_printf( "MBEDTLS_CERTS_C not defined." ); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif /* MBEDTLS_CERTS_C */ - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf(" ok (%d skipped)\n", ret); /* * 1.2. Load own certificate and private key */ - mbedtls_printf( " . Loading the server cert. and key..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the server cert. and key..."); + fflush(stdout); #if defined(MBEDTLS_FS_IO) - if( strlen( opt.crt_file ) && strcmp( opt.crt_file, "none" ) != 0 ) - { + if (strlen(opt.crt_file) && strcmp(opt.crt_file, "none") != 0) { key_cert_init++; - if( ( ret = mbedtls_x509_crt_parse_file( &srvcert, opt.crt_file ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_x509_crt_parse_file(&srvcert, opt.crt_file)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - if( strlen( opt.key_file ) && strcmp( opt.key_file, "none" ) != 0 ) - { + if (strlen(opt.key_file) && strcmp(opt.key_file, "none") != 0) { key_cert_init++; - if( ( ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, - opt.key_pwd ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, + opt.key_pwd)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - if( key_cert_init == 1 ) - { - mbedtls_printf( " failed\n ! crt_file without key_file or vice-versa\n\n" ); + if (key_cert_init == 1) { + mbedtls_printf(" failed\n ! crt_file without key_file or vice-versa\n\n"); goto exit; } - if( strlen( opt.crt_file2 ) && strcmp( opt.crt_file2, "none" ) != 0 ) - { + if (strlen(opt.crt_file2) && strcmp(opt.crt_file2, "none") != 0) { key_cert_init2++; - if( ( ret = mbedtls_x509_crt_parse_file( &srvcert2, opt.crt_file2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_x509_crt_parse_file(&srvcert2, opt.crt_file2)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - if( strlen( opt.key_file2 ) && strcmp( opt.key_file2, "none" ) != 0 ) - { + if (strlen(opt.key_file2) && strcmp(opt.key_file2, "none") != 0) { key_cert_init2++; - if( ( ret = mbedtls_pk_parse_keyfile( &pkey2, opt.key_file2, - opt.key_pwd2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_keyfile(&pkey2, opt.key_file2, + opt.key_pwd2)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - if( key_cert_init2 == 1 ) - { - mbedtls_printf( " failed\n ! crt_file2 without key_file2 or vice-versa\n\n" ); + if (key_cert_init2 == 1) { + mbedtls_printf(" failed\n ! crt_file2 without key_file2 or vice-versa\n\n"); goto exit; } #endif - if( key_cert_init == 0 && - strcmp( opt.crt_file, "none" ) != 0 && - strcmp( opt.key_file, "none" ) != 0 && + if (key_cert_init == 0 && + strcmp(opt.crt_file, "none") != 0 && + strcmp(opt.key_file, "none") != 0 && key_cert_init2 == 0 && - strcmp( opt.crt_file2, "none" ) != 0 && - strcmp( opt.key_file2, "none" ) != 0 ) - { + strcmp(opt.crt_file2, "none") != 0 && + strcmp(opt.key_file2, "none") != 0) { #if !defined(MBEDTLS_CERTS_C) - mbedtls_printf( "Not certificated or key provided, and \nMBEDTLS_CERTS_C not defined!\n" ); + mbedtls_printf("Not certificated or key provided, and \nMBEDTLS_CERTS_C not defined!\n"); goto exit; #else #if defined(MBEDTLS_RSA_C) - if( ( ret = mbedtls_x509_crt_parse( &srvcert, - (const unsigned char *) mbedtls_test_srv_crt_rsa, - mbedtls_test_srv_crt_rsa_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_x509_crt_parse(&srvcert, + (const unsigned char *) mbedtls_test_srv_crt_rsa, + mbedtls_test_srv_crt_rsa_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( ( ret = mbedtls_pk_parse_key( &pkey, - (const unsigned char *) mbedtls_test_srv_key_rsa, - mbedtls_test_srv_key_rsa_len, NULL, 0 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_key(&pkey, + (const unsigned char *) mbedtls_test_srv_key_rsa, + mbedtls_test_srv_key_rsa_len, NULL, 0)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } key_cert_init = 2; #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECDSA_C) - if( ( ret = mbedtls_x509_crt_parse( &srvcert2, - (const unsigned char *) mbedtls_test_srv_crt_ec, - mbedtls_test_srv_crt_ec_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! x509_crt_parse2 returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_x509_crt_parse(&srvcert2, + (const unsigned char *) mbedtls_test_srv_crt_ec, + mbedtls_test_srv_crt_ec_len)) != 0) { + mbedtls_printf(" failed\n ! x509_crt_parse2 returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( ( ret = mbedtls_pk_parse_key( &pkey2, - (const unsigned char *) mbedtls_test_srv_key_ec, - mbedtls_test_srv_key_ec_len, NULL, 0 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! pk_parse_key2 returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_key(&pkey2, + (const unsigned char *) mbedtls_test_srv_key_ec, + mbedtls_test_srv_key_ec_len, NULL, 0)) != 0) { + mbedtls_printf(" failed\n ! pk_parse_key2 returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } key_cert_init2 = 2; @@ -2532,26 +2396,23 @@ int main( int argc, char *argv[] ) } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.key_opaque != 0 ) - { - if ( mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_ECKEY ) - { - if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot, - PSA_ALG_ANY_HASH ) ) != 0 ) - { - mbedtls_printf( " failed\n ! " - "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret ); + if (opt.key_opaque != 0) { + if (mbedtls_pk_get_type(&pkey) == MBEDTLS_PK_ECKEY) { + if ((ret = mbedtls_pk_wrap_as_opaque(&pkey, &key_slot, + PSA_ALG_ANY_HASH)) != 0) { + mbedtls_printf(" failed\n ! " + "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - if ( mbedtls_pk_get_type( &pkey2 ) == MBEDTLS_PK_ECKEY ) - { - if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey2, &key_slot2, - PSA_ALG_ANY_HASH ) ) != 0 ) - { - mbedtls_printf( " failed\n ! " - "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret ); + if (mbedtls_pk_get_type(&pkey2) == MBEDTLS_PK_ECKEY) { + if ((ret = mbedtls_pk_wrap_as_opaque(&pkey2, &key_slot2, + PSA_ALG_ANY_HASH)) != 0) { + mbedtls_printf(" failed\n ! " + "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } @@ -2559,73 +2420,70 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_CERTS_C */ - mbedtls_printf( " ok (key types: %s - %s)\n", mbedtls_pk_get_name( &pkey ), mbedtls_pk_get_name( &pkey2 ) ); + mbedtls_printf(" ok (key types: %s - %s)\n", + mbedtls_pk_get_name(&pkey), + mbedtls_pk_get_name(&pkey2)); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) - if( opt.dhm_file != NULL ) - { - mbedtls_printf( " . Loading DHM parameters..." ); - fflush( stdout ); + if (opt.dhm_file != NULL) { + mbedtls_printf(" . Loading DHM parameters..."); + fflush(stdout); - if( ( ret = mbedtls_dhm_parse_dhmfile( &dhm, opt.dhm_file ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_dhm_parse_dhmfile(&dhm, opt.dhm_file)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif #if defined(SNI_OPTION) - if( opt.sni != NULL ) - { - mbedtls_printf( " . Setting up SNI information..." ); - fflush( stdout ); + if (opt.sni != NULL) { + mbedtls_printf(" . Setting up SNI information..."); + fflush(stdout); - if( ( sni_info = sni_parse( opt.sni ) ) == NULL ) - { - mbedtls_printf( " failed\n" ); + if ((sni_info = sni_parse(opt.sni)) == NULL) { + mbedtls_printf(" failed\n"); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* SNI_OPTION */ /* * 2. Setup the listening TCP socket */ - mbedtls_printf( " . Bind on %s://%s:%s/ ...", - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", - opt.server_addr ? opt.server_addr : "*", - opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" . Bind on %s://%s:%s/ ...", + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", + opt.server_addr ? opt.server_addr : "*", + opt.server_port); + fflush(stdout); + + if ((ret = mbedtls_net_bind(&listen_fd, opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 3. Setup stuff */ - mbedtls_printf( " . Setting up the SSL/TLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - opt.transport, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" . Setting up the SSL/TLS structure..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_SERVER, + opt.transport, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } @@ -2633,374 +2491,350 @@ int main( int argc, char *argv[] ) /* The default algorithms profile disables SHA-1, but our tests still rely on it heavily. Hence we allow it here. A real-world server should use the default profile unless there is a good reason not to. */ - if( opt.allow_sha1 > 0 ) - { - crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ); - mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test ); - mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test ); + if (opt.allow_sha1 > 0) { + crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1); + mbedtls_ssl_conf_cert_profile(&conf, &crt_profile_for_test); + mbedtls_ssl_conf_sig_hashes(&conf, ssl_sig_hashes_for_test); } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ - if( opt.auth_mode != DFL_AUTH_MODE ) - mbedtls_ssl_conf_authmode( &conf, opt.auth_mode ); + if (opt.auth_mode != DFL_AUTH_MODE) { + mbedtls_ssl_conf_authmode(&conf, opt.auth_mode); + } - if( opt.cert_req_ca_list != DFL_CERT_REQ_CA_LIST ) - mbedtls_ssl_conf_cert_req_ca_list( &conf, opt.cert_req_ca_list ); + if (opt.cert_req_ca_list != DFL_CERT_REQ_CA_LIST) { + mbedtls_ssl_conf_cert_req_ca_list(&conf, opt.cert_req_ca_list); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX ) - mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max ); + if (opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX) { + mbedtls_ssl_conf_handshake_timeout(&conf, opt.hs_to_min, opt.hs_to_max); + } - if( opt.dgram_packing != DFL_DGRAM_PACKING ) - mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing ); + if (opt.dgram_packing != DFL_DGRAM_PACKING) { + mbedtls_ssl_set_datagram_packing(&ssl, opt.dgram_packing); + } #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_conf_max_frag_len(&conf, opt.mfl_code)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret); goto exit; } #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 ) - { - if( opt.cid_enabled == 1 && + if (opt.cid_enabled == 1 || opt.cid_enabled_renego == 1) { + if (opt.cid_enabled == 1 && opt.cid_enabled_renego == 1 && - cid_len != cid_renego_len ) - { - mbedtls_printf( "CID length must not change during renegotiation\n" ); + cid_len != cid_renego_len) { + mbedtls_printf("CID length must not change during renegotiation\n"); goto usage; } - if( opt.cid_enabled == 1 ) - ret = mbedtls_ssl_conf_cid( &conf, cid_len, - MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); - else - ret = mbedtls_ssl_conf_cid( &conf, cid_renego_len, - MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); + if (opt.cid_enabled == 1) { + ret = mbedtls_ssl_conf_cid(&conf, cid_len, + MBEDTLS_SSL_UNEXPECTED_CID_IGNORE); + } else { + ret = mbedtls_ssl_conf_cid(&conf, cid_renego_len, + MBEDTLS_SSL_UNEXPECTED_CID_IGNORE); + } - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n", - (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n", + (unsigned int) -ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_DTLS_SRTP) - const mbedtls_ssl_srtp_profile forced_profile[] = { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET }; - if( opt.use_srtp == 1 ) - { - if( opt.force_srtp_profile != 0 ) - { - ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, forced_profile ); - } - else - { - ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, default_profiles ); - } - - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n", ret ); + const mbedtls_ssl_srtp_profile forced_profile[] = + { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET }; + if (opt.use_srtp == 1) { + if (opt.force_srtp_profile != 0) { + ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles(&conf, forced_profile); + } else { + ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles(&conf, default_profiles); + } + + if (ret != 0) { + mbedtls_printf( + " failed\n ! mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n", + ret); goto exit; } - mbedtls_ssl_conf_srtp_mki_value_supported( &conf, - opt.support_mki ? - MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED : - MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED ); + mbedtls_ssl_conf_srtp_mki_value_supported(&conf, + opt.support_mki ? + MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED : + MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED); - } - else if( opt.force_srtp_profile != 0 ) - { - mbedtls_printf( " failed\n ! must enable use_srtp to force srtp profile\n\n" ); + } else if (opt.force_srtp_profile != 0) { + mbedtls_printf(" failed\n ! must enable use_srtp to force srtp profile\n\n"); goto exit; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( opt.trunc_hmac != DFL_TRUNC_HMAC ) - mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac ); + if (opt.trunc_hmac != DFL_TRUNC_HMAC) { + mbedtls_ssl_conf_truncated_hmac(&conf, opt.trunc_hmac); + } #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( opt.extended_ms != DFL_EXTENDED_MS ) - mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms ); + if (opt.extended_ms != DFL_EXTENDED_MS) { + mbedtls_ssl_conf_extended_master_secret(&conf, opt.extended_ms); + } #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( opt.etm != DFL_ETM ) - mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm ); + if (opt.etm != DFL_ETM) { + mbedtls_ssl_conf_encrypt_then_mac(&conf, opt.etm); + } #endif #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( opt.eap_tls != 0 ) - { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, eap_tls_key_derivation, - &eap_tls_keying ); - } - else if( opt.nss_keylog != 0 ) - { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, - nss_keylog_export, - NULL ); + if (opt.eap_tls != 0) { + mbedtls_ssl_conf_export_keys_ext_cb(&conf, eap_tls_key_derivation, + &eap_tls_keying); + } else if (opt.nss_keylog != 0) { + mbedtls_ssl_conf_export_keys_ext_cb(&conf, + nss_keylog_export, + NULL); } -#if defined( MBEDTLS_SSL_DTLS_SRTP ) - else if( opt.use_srtp != 0 ) - { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, dtls_srtp_key_derivation, - &dtls_srtp_keying ); +#if defined(MBEDTLS_SSL_DTLS_SRTP) + else if (opt.use_srtp != 0) { + mbedtls_ssl_conf_export_keys_ext_cb(&conf, dtls_srtp_key_derivation, + &dtls_srtp_keying); } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret ); + if (opt.alpn_string != NULL) { + if ((ret = mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret); goto exit; } + } #endif - if (opt.reproducible) - { + if (opt.reproducible) { #if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_PLATFORM_TIME_ALT) - mbedtls_platform_set_time( dummy_constant_time ); + mbedtls_platform_set_time(dummy_constant_time); #else - fprintf( stderr, "Warning: reproducible option used without constant time\n" ); + fprintf(stderr, "Warning: reproducible option used without constant time\n"); #endif #endif /* MBEDTLS_HAVE_TIME */ } - mbedtls_ssl_conf_rng( &conf, rng_get, &rng ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, rng_get, &rng); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); #if defined(MBEDTLS_SSL_CACHE_C) - if( opt.cache_max != -1 ) - mbedtls_ssl_cache_set_max_entries( &cache, opt.cache_max ); + if (opt.cache_max != -1) { + mbedtls_ssl_cache_set_max_entries(&cache, opt.cache_max); + } #if defined(MBEDTLS_HAVE_TIME) - if( opt.cache_timeout != -1 ) - mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout ); + if (opt.cache_timeout != -1) { + mbedtls_ssl_cache_set_timeout(&cache, opt.cache_timeout); + } #endif - mbedtls_ssl_conf_session_cache( &conf, &cache, + mbedtls_ssl_conf_session_cache(&conf, &cache, mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set ); + mbedtls_ssl_cache_set); #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) - if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED ) - { - if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx, - rng_get, &rng, - MBEDTLS_CIPHER_AES_256_GCM, - opt.ticket_timeout ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_ticket_setup returned %d\n\n", ret ); + if (opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED) { + if ((ret = mbedtls_ssl_ticket_setup(&ticket_ctx, + rng_get, &rng, + MBEDTLS_CIPHER_AES_256_GCM, + opt.ticket_timeout)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_ticket_setup returned %d\n\n", ret); goto exit; } - mbedtls_ssl_conf_session_tickets_cb( &conf, - mbedtls_ssl_ticket_write, - mbedtls_ssl_ticket_parse, - &ticket_ctx ); + mbedtls_ssl_conf_session_tickets_cb(&conf, + mbedtls_ssl_ticket_write, + mbedtls_ssl_ticket_parse, + &ticket_ctx); } #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { #if defined(MBEDTLS_SSL_COOKIE_C) - if( opt.cookies > 0 ) - { - if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx, - rng_get, &rng ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret ); + if (opt.cookies > 0) { + if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx, + rng_get, &rng)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret); goto exit; } - mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, - &cookie_ctx ); - } - else + mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, + &cookie_ctx); + } else #endif /* MBEDTLS_SSL_COOKIE_C */ #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( opt.cookies == 0 ) - { - mbedtls_ssl_conf_dtls_cookies( &conf, NULL, NULL, NULL ); - } - else + if (opt.cookies == 0) { + mbedtls_ssl_conf_dtls_cookies(&conf, NULL, NULL, NULL); + } else #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ { ; /* Nothing to do */ } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( opt.anti_replay != DFL_ANTI_REPLAY ) - mbedtls_ssl_conf_dtls_anti_replay( &conf, opt.anti_replay ); + if (opt.anti_replay != DFL_ANTI_REPLAY) { + mbedtls_ssl_conf_dtls_anti_replay(&conf, opt.anti_replay); + } #endif #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - if( opt.badmac_limit != DFL_BADMAC_LIMIT ) - mbedtls_ssl_conf_dtls_badmac_limit( &conf, opt.badmac_limit ); + if (opt.badmac_limit != DFL_BADMAC_LIMIT) { + mbedtls_ssl_conf_dtls_badmac_limit(&conf, opt.badmac_limit); + } #endif } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) - mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); + if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) { + mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite); + } #if defined(MBEDTLS_ARC4_C) - if( opt.arc4 != DFL_ARC4 ) - mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 ); + if (opt.arc4 != DFL_ARC4) { + mbedtls_ssl_conf_arc4_support(&conf, opt.arc4); + } #endif - if( opt.version_suites != NULL ) - { - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_0 ); - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[1], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_1 ); - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[2], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_2 ); - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[3], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_3 ); - } - - if( opt.allow_legacy != DFL_ALLOW_LEGACY ) - mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy ); + if (opt.version_suites != NULL) { + mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[0], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_0); + mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[1], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_1); + mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[2], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_2); + mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[3], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_3); + } + + if (opt.allow_legacy != DFL_ALLOW_LEGACY) { + mbedtls_ssl_conf_legacy_renegotiation(&conf, opt.allow_legacy); + } #if defined(MBEDTLS_SSL_RENEGOTIATION) - mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation ); + mbedtls_ssl_conf_renegotiation(&conf, opt.renegotiation); - if( opt.renego_delay != DFL_RENEGO_DELAY ) - mbedtls_ssl_conf_renegotiation_enforced( &conf, opt.renego_delay ); + if (opt.renego_delay != DFL_RENEGO_DELAY) { + mbedtls_ssl_conf_renegotiation_enforced(&conf, opt.renego_delay); + } - if( opt.renego_period != DFL_RENEGO_PERIOD ) - { - PUT_UINT64_BE( renego_period, opt.renego_period, 0 ); - mbedtls_ssl_conf_renegotiation_period( &conf, renego_period ); + if (opt.renego_period != DFL_RENEGO_PERIOD) { + PUT_UINT64_BE(renego_period, opt.renego_period, 0); + mbedtls_ssl_conf_renegotiation_period(&conf, renego_period); } #endif #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - if( strcmp( opt.ca_path, "none" ) != 0 && - strcmp( opt.ca_file, "none" ) != 0 ) - { + if (strcmp(opt.ca_path, "none") != 0 && + strcmp(opt.ca_file, "none") != 0) { #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( opt.ca_callback != 0 ) - mbedtls_ssl_conf_ca_cb( &conf, ca_callback, &cacert); - else + if (opt.ca_callback != 0) { + mbedtls_ssl_conf_ca_cb(&conf, ca_callback, &cacert); + } else #endif - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); } - if( key_cert_init ) - { + if (key_cert_init) { mbedtls_pk_context *pk = &pkey; #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_private_delay1 >= 0 ) - { - ret = ssl_async_set_key( &ssl_async_keys, &srvcert, pk, 0, - opt.async_private_delay1 ); - if( ret < 0 ) - { - mbedtls_printf( " Test error: ssl_async_set_key failed (%d)\n", - ret ); + if (opt.async_private_delay1 >= 0) { + ret = ssl_async_set_key(&ssl_async_keys, &srvcert, pk, 0, + opt.async_private_delay1); + if (ret < 0) { + mbedtls_printf(" Test error: ssl_async_set_key failed (%d)\n", + ret); goto exit; } pk = NULL; } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, pk ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, pk)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } } - if( key_cert_init2 ) - { + if (key_cert_init2) { mbedtls_pk_context *pk = &pkey2; #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_private_delay2 >= 0 ) - { - ret = ssl_async_set_key( &ssl_async_keys, &srvcert2, pk, 0, - opt.async_private_delay2 ); - if( ret < 0 ) - { - mbedtls_printf( " Test error: ssl_async_set_key failed (%d)\n", - ret ); + if (opt.async_private_delay2 >= 0) { + ret = ssl_async_set_key(&ssl_async_keys, &srvcert2, pk, 0, + opt.async_private_delay2); + if (ret < 0) { + mbedtls_printf(" Test error: ssl_async_set_key failed (%d)\n", + ret); goto exit; } pk = NULL; } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert2, pk ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert2, pk)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } } #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_operations[0] != '-' ) - { + if (opt.async_operations[0] != '-') { mbedtls_ssl_async_sign_t *sign = NULL; mbedtls_ssl_async_decrypt_t *decrypt = NULL; const char *r; - for( r = opt.async_operations; *r; r++ ) - { - switch( *r ) - { - case 'd': - decrypt = ssl_async_decrypt; - break; - case 's': - sign = ssl_async_sign; - break; + for (r = opt.async_operations; *r; r++) { + switch (*r) { + case 'd': + decrypt = ssl_async_decrypt; + break; + case 's': + sign = ssl_async_sign; + break; } } - ssl_async_keys.inject_error = ( opt.async_private_error < 0 ? - - opt.async_private_error : - opt.async_private_error ); + ssl_async_keys.inject_error = (opt.async_private_error < 0 ? + -opt.async_private_error : + opt.async_private_error); ssl_async_keys.f_rng = rng_get; ssl_async_keys.p_rng = &rng; - mbedtls_ssl_conf_async_private_cb( &conf, - sign, - decrypt, - ssl_async_resume, - ssl_async_cancel, - &ssl_async_keys ); + mbedtls_ssl_conf_async_private_cb(&conf, + sign, + decrypt, + ssl_async_resume, + ssl_async_cancel, + &ssl_async_keys); } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(SNI_OPTION) - if( opt.sni != NULL ) - { - mbedtls_ssl_conf_sni( &conf, sni_callback, sni_info ); + if (opt.sni != NULL) { + mbedtls_ssl_conf_sni(&conf, sni_callback, sni_info); #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_private_delay2 >= 0 ) - { + if (opt.async_private_delay2 >= 0) { sni_entry *cur; - for( cur = sni_info; cur != NULL; cur = cur->next ) - { - ret = ssl_async_set_key( &ssl_async_keys, - cur->cert, cur->key, 1, - opt.async_private_delay2 ); - if( ret < 0 ) - { - mbedtls_printf( " Test error: ssl_async_set_key failed (%d)\n", - ret ); + for (cur = sni_info; cur != NULL; cur = cur->next) { + ret = ssl_async_set_key(&ssl_async_keys, + cur->cert, cur->key, 1, + opt.async_private_delay2); + if (ret < 0) { + mbedtls_printf(" Test error: ssl_async_set_key failed (%d)\n", + ret); goto exit; } cur->key = NULL; @@ -3011,66 +2845,55 @@ int main( int argc, char *argv[] ) #endif #if defined(MBEDTLS_ECP_C) - if( opt.curves != NULL && - strcmp( opt.curves, "default" ) != 0 ) - { - mbedtls_ssl_conf_curves( &conf, curve_list ); + if (opt.curves != NULL && + strcmp(opt.curves, "default") != 0) { + mbedtls_ssl_conf_curves(&conf, curve_list); } #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 ) - { + if (strlen(opt.psk) != 0 && strlen(opt.psk_identity) != 0) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { + if (opt.psk_opaque != 0) { /* The algorithm has already been determined earlier. */ - status = psa_setup_psk_key_slot( &psk_slot, alg, psk, psk_len ); - if( status != PSA_SUCCESS ) - { - fprintf( stderr, "SETUP FAIL\n" ); + status = psa_setup_psk_key_slot(&psk_slot, alg, psk, psk_len); + if (status != PSA_SUCCESS) { + fprintf(stderr, "SETUP FAIL\n"); ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } - if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, psk_slot, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", - ret ); + if ((ret = mbedtls_ssl_conf_psk_opaque(&conf, psk_slot, + (const unsigned char *) opt.psk_identity, + strlen(opt.psk_identity))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", + ret); goto exit; } - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( psk_len > 0 ) - { - ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", (unsigned int) -ret ); + if (psk_len > 0) { + ret = mbedtls_ssl_conf_psk(&conf, psk, psk_len, + (const unsigned char *) opt.psk_identity, + strlen(opt.psk_identity)); + if (ret != 0) { + mbedtls_printf(" failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", + (unsigned int) -ret); goto exit; } } } - if( opt.psk_list != NULL ) - { + if (opt.psk_list != NULL) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_list_opaque != 0 ) - { + if (opt.psk_list_opaque != 0) { psk_entry *cur_psk; - for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next ) - { - - status = psa_setup_psk_key_slot( &cur_psk->slot, alg, - cur_psk->key, - cur_psk->key_len ); - if( status != PSA_SUCCESS ) - { + for (cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next) { + + status = psa_setup_psk_key_slot(&cur_psk->slot, alg, + cur_psk->key, + cur_psk->key_len); + if (status != PSA_SUCCESS) { ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } @@ -3078,7 +2901,7 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info ); + mbedtls_ssl_conf_psk_cb(&conf, psk_callback, psk_info); } #endif @@ -3087,146 +2910,140 @@ int main( int argc, char *argv[] ) * Use different group than default DHM group */ #if defined(MBEDTLS_FS_IO) - if( opt.dhm_file != NULL ) - ret = mbedtls_ssl_conf_dh_param_ctx( &conf, &dhm ); + if (opt.dhm_file != NULL) { + ret = mbedtls_ssl_conf_dh_param_ctx(&conf, &dhm); + } #endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", + (unsigned int) -ret); goto exit; } #endif - if( opt.min_version != DFL_MIN_VERSION ) - mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version ); + if (opt.min_version != DFL_MIN_VERSION) { + mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version); + } - if( opt.max_version != DFL_MIN_VERSION ) - mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version ); + if (opt.max_version != DFL_MIN_VERSION) { + mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version); + } - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", (unsigned int) -ret); goto exit; } io_ctx.ssl = &ssl; io_ctx.net = &client_fd; - mbedtls_ssl_set_bio( &ssl, &io_ctx, send_cb, recv_cb, - opt.nbio == 0 ? recv_timeout_cb : NULL ); + mbedtls_ssl_set_bio(&ssl, &io_ctx, send_cb, recv_cb, + opt.nbio == 0 ? recv_timeout_cb : NULL); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled, - cid, cid_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_cid returned %d\n\n", - ret ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled, + cid, cid_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_cid returned %d\n\n", + ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.dtls_mtu != DFL_DTLS_MTU ) - mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu ); + if (opt.dtls_mtu != DFL_DTLS_MTU) { + mbedtls_ssl_set_mtu(&ssl, opt.dtls_mtu); + } #endif #if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #endif - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); reset: #if !defined(_WIN32) - if( received_sigterm ) - { - mbedtls_printf( " interrupted by SIGTERM (not in net_accept())\n" ); - if( ret == MBEDTLS_ERR_NET_INVALID_CONTEXT ) + if (received_sigterm) { + mbedtls_printf(" interrupted by SIGTERM (not in net_accept())\n"); + if (ret == MBEDTLS_ERR_NET_INVALID_CONTEXT) { ret = 0; + } goto exit; } #endif - if( ret == MBEDTLS_ERR_SSL_CLIENT_RECONNECT ) - { - mbedtls_printf( " ! Client initiated reconnection from same port\n" ); + if (ret == MBEDTLS_ERR_SSL_CLIENT_RECONNECT) { + mbedtls_printf(" ! Client initiated reconnection from same port\n"); goto handshake; } #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &client_fd ); + mbedtls_net_free(&client_fd); - mbedtls_ssl_session_reset( &ssl ); + mbedtls_ssl_session_reset(&ssl); /* * 3. Wait until a client connects */ - mbedtls_printf( " . Waiting for a remote connection ..." ); - fflush( stdout ); + mbedtls_printf(" . Waiting for a remote connection ..."); + fflush(stdout); - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 ) - { + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + client_ip, sizeof(client_ip), &cliip_len)) != 0) { #if !defined(_WIN32) - if( received_sigterm ) - { - mbedtls_printf( " interrupted by SIGTERM (in net_accept())\n" ); - if( ret == MBEDTLS_ERR_NET_ACCEPT_FAILED ) + if (received_sigterm) { + mbedtls_printf(" interrupted by SIGTERM (in net_accept())\n"); + if (ret == MBEDTLS_ERR_NET_ACCEPT_FAILED) { ret = 0; + } goto exit; } #endif - mbedtls_printf( " failed\n ! mbedtls_net_accept returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" failed\n ! mbedtls_net_accept returned -0x%x\n\n", (unsigned int) -ret); goto exit; } - if( opt.nbio > 0 ) - ret = mbedtls_net_set_nonblock( &client_fd ); - else - ret = mbedtls_net_set_block( &client_fd ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", (unsigned int) -ret ); + if (opt.nbio > 0) { + ret = mbedtls_net_set_nonblock(&client_fd); + } else { + ret = mbedtls_net_set_block(&client_fd); + } + if (ret != 0) { + mbedtls_printf(" failed\n ! net_set_(non)block() returned -0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout ); + mbedtls_ssl_conf_read_timeout(&conf, opt.read_timeout); #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl, - client_ip, cliip_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", - (unsigned int) -ret ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if ((ret = mbedtls_ssl_set_client_transport_id(&ssl, + client_ip, cliip_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( opt.ecjpake_pw != DFL_ECJPAKE_PW ) - { - if( ( ret = mbedtls_ssl_set_hs_ecjpake_password( &ssl, - (const unsigned char *) opt.ecjpake_pw, - strlen( opt.ecjpake_pw ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", ret ); + if (opt.ecjpake_pw != DFL_ECJPAKE_PW) { + if ((ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, + (const unsigned char *) opt.ecjpake_pw, + strlen(opt.ecjpake_pw))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", ret); goto exit; } } @@ -3236,89 +3053,84 @@ int main( int argc, char *argv[] ) * 4. Handshake */ handshake: - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); + mbedtls_printf(" . Performing the SSL/TLS handshake..."); + fflush(stdout); - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS && - ssl_async_keys.inject_error == SSL_ASYNC_INJECT_ERROR_CANCEL ) - { - mbedtls_printf( " cancelling on injected error\n" ); + if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS && + ssl_async_keys.inject_error == SSL_ASYNC_INJECT_ERROR_CANCEL) { + mbedtls_printf(" cancelling on injected error\n"); break; } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ! mbedtls_status_is_ssl_in_progress( ret ) ) + if (!mbedtls_status_is_ssl_in_progress(ret)) { break; + } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - ret = idle( &client_fd, &timer, ret ); + ret = idle(&client_fd, &timer, ret); #else - ret = idle( &client_fd, ret ); + ret = idle(&client_fd, ret); #endif - if( ret != 0 ) + if (ret != 0) { goto reset; + } } } - if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) - { - mbedtls_printf( " hello verification requested\n" ); + if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) { + mbedtls_printf(" hello verification requested\n"); ret = 0; goto reset; - } - else if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret ); + } else if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", + (unsigned int) -ret); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) - { + if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) { char vrfy_buf[512]; - flags = mbedtls_ssl_get_verify_result( &ssl ); + flags = mbedtls_ssl_get_verify_result(&ssl); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); } #endif #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_private_error < 0 ) + if (opt.async_private_error < 0) { /* Injected error only the first time round, to test reset */ ssl_async_keys.inject_error = SSL_ASYNC_INJECT_ERROR_NONE; + } #endif goto reset; - } - else /* ret == 0 */ - { - mbedtls_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", - mbedtls_ssl_get_version( &ssl ), mbedtls_ssl_get_ciphersuite( &ssl ) ); + } else { /* ret == 0 */ + mbedtls_printf(" ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", + mbedtls_ssl_get_version(&ssl), mbedtls_ssl_get_ciphersuite(&ssl)); } - if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 ) - mbedtls_printf( " [ Record expansion is %d ]\n", ret ); - else - mbedtls_printf( " [ Record expansion is unknown (compression) ]\n" ); + if ((ret = mbedtls_ssl_get_record_expansion(&ssl)) >= 0) { + mbedtls_printf(" [ Record expansion is %d ]\n", ret); + } else { + mbedtls_printf(" [ Record expansion is unknown (compression) ]\n"); + } #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - mbedtls_printf( " [ Maximum input fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_input_max_frag_len( &ssl ) ); - mbedtls_printf( " [ Maximum output fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_output_max_frag_len( &ssl ) ); + mbedtls_printf(" [ Maximum input fragment length is %u ]\n", + (unsigned int) mbedtls_ssl_get_input_max_frag_len(&ssl)); + mbedtls_printf(" [ Maximum output fragment length is %u ]\n", + (unsigned int) mbedtls_ssl_get_output_max_frag_len(&ssl)); #endif #if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - { - const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl ); - mbedtls_printf( " [ Application Layer Protocol is %s ]\n", - alp ? alp : "(none)" ); + if (opt.alpn_string != NULL) { + const char *alp = mbedtls_ssl_get_alpn_protocol(&ssl); + mbedtls_printf(" [ Application Layer Protocol is %s ]\n", + alp ? alp : "(none)"); } #endif @@ -3326,146 +3138,131 @@ int main( int argc, char *argv[] ) /* * 5. Verify the client certificate */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf(" . Verifying peer X.509 certificate..."); - if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) - { + if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); + mbedtls_printf(" failed\n"); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); + } else { + mbedtls_printf(" ok\n"); } - else - mbedtls_printf( " ok\n" ); - if( mbedtls_ssl_get_peer_cert( &ssl ) != NULL ) - { + if (mbedtls_ssl_get_peer_cert(&ssl) != NULL) { char crt_buf[512]; - mbedtls_printf( " . Peer certificate information ...\n" ); - mbedtls_x509_crt_info( crt_buf, sizeof( crt_buf ), " ", - mbedtls_ssl_get_peer_cert( &ssl ) ); - mbedtls_printf( "%s\n", crt_buf ); + mbedtls_printf(" . Peer certificate information ...\n"); + mbedtls_x509_crt_info(crt_buf, sizeof(crt_buf), " ", + mbedtls_ssl_get_peer_cert(&ssl)); + mbedtls_printf("%s\n", crt_buf); } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( opt.eap_tls != 0 ) - { + if (opt.eap_tls != 0) { size_t j = 0; - if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type, - eap_tls_keying.master_secret, - sizeof( eap_tls_keying.master_secret ), - eap_tls_label, - eap_tls_keying.randbytes, - sizeof( eap_tls_keying.randbytes ), - eap_tls_keymaterial, - sizeof( eap_tls_keymaterial ) ) ) - != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, + eap_tls_keying.master_secret, + sizeof(eap_tls_keying.master_secret), + eap_tls_label, + eap_tls_keying.randbytes, + sizeof(eap_tls_keying.randbytes), + eap_tls_keymaterial, + sizeof(eap_tls_keymaterial))) + != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", + (unsigned int) -ret); goto reset; } - mbedtls_printf( " EAP-TLS key material is:" ); - for( j = 0; j < sizeof( eap_tls_keymaterial ); j++ ) - { - if( j % 8 == 0 ) + mbedtls_printf(" EAP-TLS key material is:"); + for (j = 0; j < sizeof(eap_tls_keymaterial); j++) { + if (j % 8 == 0) { mbedtls_printf("\n "); - mbedtls_printf("%02x ", eap_tls_keymaterial[j] ); + } + mbedtls_printf("%02x ", eap_tls_keymaterial[j]); } mbedtls_printf("\n"); - if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type, NULL, 0, - eap_tls_label, - eap_tls_keying.randbytes, - sizeof( eap_tls_keying.randbytes ), - eap_tls_iv, - sizeof( eap_tls_iv ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", - (unsigned int) -ret ); - goto reset; - } - - mbedtls_printf( " EAP-TLS IV is:" ); - for( j = 0; j < sizeof( eap_tls_iv ); j++ ) - { - if( j % 8 == 0 ) + if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, NULL, 0, + eap_tls_label, + eap_tls_keying.randbytes, + sizeof(eap_tls_keying.randbytes), + eap_tls_iv, + sizeof(eap_tls_iv))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", + (unsigned int) -ret); + goto reset; + } + + mbedtls_printf(" EAP-TLS IV is:"); + for (j = 0; j < sizeof(eap_tls_iv); j++) { + if (j % 8 == 0) { mbedtls_printf("\n "); - mbedtls_printf("%02x ", eap_tls_iv[j] ); + } + mbedtls_printf("%02x ", eap_tls_iv[j]); } mbedtls_printf("\n"); } -#if defined( MBEDTLS_SSL_DTLS_SRTP ) - else if( opt.use_srtp != 0 ) - { +#if defined(MBEDTLS_SSL_DTLS_SRTP) + else if (opt.use_srtp != 0) { size_t j = 0; mbedtls_dtls_srtp_info dtls_srtp_negotiation_result; - mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl, &dtls_srtp_negotiation_result ); - - if( dtls_srtp_negotiation_result.chosen_dtls_srtp_profile - == MBEDTLS_TLS_SRTP_UNSET ) - { - mbedtls_printf( " Unable to negotiate " - "the use of DTLS-SRTP\n" ); - } - else - { - if( ( ret = mbedtls_ssl_tls_prf( dtls_srtp_keying.tls_prf_type, - dtls_srtp_keying.master_secret, - sizeof( dtls_srtp_keying.master_secret ), - dtls_srtp_label, - dtls_srtp_keying.randbytes, - sizeof( dtls_srtp_keying.randbytes ), - dtls_srtp_key_material, - sizeof( dtls_srtp_key_material ) ) ) - != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", - (unsigned int) -ret ); + mbedtls_ssl_get_dtls_srtp_negotiation_result(&ssl, &dtls_srtp_negotiation_result); + + if (dtls_srtp_negotiation_result.chosen_dtls_srtp_profile + == MBEDTLS_TLS_SRTP_UNSET) { + mbedtls_printf(" Unable to negotiate " + "the use of DTLS-SRTP\n"); + } else { + if ((ret = mbedtls_ssl_tls_prf(dtls_srtp_keying.tls_prf_type, + dtls_srtp_keying.master_secret, + sizeof(dtls_srtp_keying.master_secret), + dtls_srtp_label, + dtls_srtp_keying.randbytes, + sizeof(dtls_srtp_keying.randbytes), + dtls_srtp_key_material, + sizeof(dtls_srtp_key_material))) + != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " DTLS-SRTP key material is:" ); - for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ ) - { - if( j % 8 == 0 ) - mbedtls_printf( "\n " ); - mbedtls_printf( "%02x ", dtls_srtp_key_material[j] ); + mbedtls_printf(" DTLS-SRTP key material is:"); + for (j = 0; j < sizeof(dtls_srtp_key_material); j++) { + if (j % 8 == 0) { + mbedtls_printf("\n "); + } + mbedtls_printf("%02x ", dtls_srtp_key_material[j]); } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); /* produce a less readable output used to perform automatic checks * - compare client and server output * - interop test with openssl which client produces this kind of output */ - mbedtls_printf( " Keying material: " ); - for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ ) - { - mbedtls_printf( "%02X", dtls_srtp_key_material[j] ); + mbedtls_printf(" Keying material: "); + for (j = 0; j < sizeof(dtls_srtp_key_material); j++) { + mbedtls_printf("%02X", dtls_srtp_key_material[j]); } - mbedtls_printf( "\n" ); - - if ( dtls_srtp_negotiation_result.mki_len > 0 ) - { - mbedtls_printf( " DTLS-SRTP mki value: " ); - for( j = 0; j < dtls_srtp_negotiation_result.mki_len; j++ ) - { - mbedtls_printf( "%02X", dtls_srtp_negotiation_result.mki_value[j] ); + mbedtls_printf("\n"); + + if (dtls_srtp_negotiation_result.mki_len > 0) { + mbedtls_printf(" DTLS-SRTP mki value: "); + for (j = 0; j < dtls_srtp_negotiation_result.mki_len; j++) { + mbedtls_printf("%02X", dtls_srtp_negotiation_result.mki_value[j]); } + } else { + mbedtls_printf(" DTLS-SRTP no mki value negotiated"); } - else - { - mbedtls_printf( " DTLS-SRTP no mki value negotiated" ); - } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); } } @@ -3473,154 +3270,140 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - ret = report_cid_usage( &ssl, "initial handshake" ); - if( ret != 0 ) + ret = report_cid_usage(&ssl, "initial handshake"); + if (ret != 0) { goto exit; + } - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled_renego, - cid_renego, cid_renego_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_cid returned %d\n\n", - ret ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled_renego, + cid_renego, cid_renego_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_cid returned %d\n\n", + ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_cur_get( ¤t_heap_memory, &heap_blocks ); - mbedtls_memory_buffer_alloc_max_get( &peak_heap_memory, &heap_blocks ); - mbedtls_printf( "Heap memory usage after handshake: %lu bytes. Peak memory usage was %lu\n", - (unsigned long) current_heap_memory, (unsigned long) peak_heap_memory ); + mbedtls_memory_buffer_alloc_cur_get(¤t_heap_memory, &heap_blocks); + mbedtls_memory_buffer_alloc_max_get(&peak_heap_memory, &heap_blocks); + mbedtls_printf("Heap memory usage after handshake: %lu bytes. Peak memory usage was %lu\n", + (unsigned long) current_heap_memory, (unsigned long) peak_heap_memory); #endif /* MBEDTLS_MEMORY_DEBUG */ - if( opt.exchanges == 0 ) + if (opt.exchanges == 0) { goto close_notify; + } exchanges_left = opt.exchanges; data_exchange: /* * 6. Read the HTTP Request */ - mbedtls_printf( " < Read from client:" ); - fflush( stdout ); + mbedtls_printf(" < Read from client:"); + fflush(stdout); /* * TLS and DTLS need different reading styles (stream vs datagram) */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { - do - { + if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) { + do { int terminated = 0; len = opt.buffer_size; - memset( buf, 0, opt.buffer_size ); - ret = mbedtls_ssl_read( &ssl, buf, len ); + memset(buf, 0, opt.buffer_size); + ret = mbedtls_ssl_read(&ssl, buf, len); - if( mbedtls_status_is_ssl_in_progress( ret ) ) - { - if( opt.event == 1 /* level triggered IO */ ) - { + if (mbedtls_status_is_ssl_in_progress(ret)) { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, ret ); + idle(&client_fd, &timer, ret); #else - idle( &client_fd, ret ); + idle(&client_fd, ret); #endif } continue; } - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); + mbedtls_printf(" connection was closed gracefully\n"); goto close_notify; case 0: case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( " connection was reset by peer\n" ); + mbedtls_printf(" connection was reset by peer\n"); ret = MBEDTLS_ERR_NET_CONN_RESET; goto reset; default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret ); + mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret); goto reset; } } - if( mbedtls_ssl_get_bytes_avail( &ssl ) == 0 ) - { + if (mbedtls_ssl_get_bytes_avail(&ssl) == 0) { len = ret; buf[len] = '\0'; - mbedtls_printf( " %d bytes read\n\n%s\n", len, (char *) buf ); + mbedtls_printf(" %d bytes read\n\n%s\n", len, (char *) buf); /* End of message should be detected according to the syntax of the * application protocol (eg HTTP), just use a dummy test here. */ - if( buf[len - 1] == '\n' ) + if (buf[len - 1] == '\n') { terminated = 1; - } - else - { + } + } else { int extra_len, ori_len; unsigned char *larger_buf; ori_len = ret; - extra_len = (int) mbedtls_ssl_get_bytes_avail( &ssl ); + extra_len = (int) mbedtls_ssl_get_bytes_avail(&ssl); - larger_buf = mbedtls_calloc( 1, ori_len + extra_len + 1 ); - if( larger_buf == NULL ) - { - mbedtls_printf( " ! memory allocation failed\n" ); + larger_buf = mbedtls_calloc(1, ori_len + extra_len + 1); + if (larger_buf == NULL) { + mbedtls_printf(" ! memory allocation failed\n"); ret = 1; goto reset; } - memset( larger_buf, 0, ori_len + extra_len ); - memcpy( larger_buf, buf, ori_len ); + memset(larger_buf, 0, ori_len + extra_len); + memcpy(larger_buf, buf, ori_len); /* This read should never fail and get the whole cached data */ - ret = mbedtls_ssl_read( &ssl, larger_buf + ori_len, extra_len ); - if( ret != extra_len || - mbedtls_ssl_get_bytes_avail( &ssl ) != 0 ) - { - mbedtls_printf( " ! mbedtls_ssl_read failed on cached data\n" ); + ret = mbedtls_ssl_read(&ssl, larger_buf + ori_len, extra_len); + if (ret != extra_len || + mbedtls_ssl_get_bytes_avail(&ssl) != 0) { + mbedtls_printf(" ! mbedtls_ssl_read failed on cached data\n"); ret = 1; goto reset; } larger_buf[ori_len + extra_len] = '\0'; - mbedtls_printf( " %d bytes read (%d + %d)\n\n%s\n", - ori_len + extra_len, ori_len, extra_len, - (char *) larger_buf ); + mbedtls_printf(" %d bytes read (%d + %d)\n\n%s\n", + ori_len + extra_len, ori_len, extra_len, + (char *) larger_buf); /* End of message should be detected according to the syntax of the * application protocol (eg HTTP), just use a dummy test here. */ - if( larger_buf[ori_len + extra_len - 1] == '\n' ) + if (larger_buf[ori_len + extra_len - 1] == '\n') { terminated = 1; + } - mbedtls_free( larger_buf ); + mbedtls_free(larger_buf); } - if( terminated ) - { + if (terminated) { ret = 0; break; } - } - while( 1 ); - } - else /* Not stream, so datagram */ - { + } while (1); + } else { /* Not stream, so datagram */ len = opt.buffer_size; - memset( buf, 0, opt.buffer_size ); + memset(buf, 0, opt.buffer_size); - do - { + do { /* Without the call to `mbedtls_ssl_check_pending`, it might * happen that the client sends application data in the same * datagram as the Finished message concluding the handshake. @@ -3633,43 +3416,39 @@ int main( int argc, char *argv[] ) */ /* For event-driven IO, wait for socket to become available */ - if( mbedtls_ssl_check_pending( &ssl ) == 0 && - opt.event == 1 /* level triggered IO */ ) - { + if (mbedtls_ssl_check_pending(&ssl) == 0 && + opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, MBEDTLS_ERR_SSL_WANT_READ ); + idle(&client_fd, &timer, MBEDTLS_ERR_SSL_WANT_READ); #else - idle( &client_fd, MBEDTLS_ERR_SSL_WANT_READ ); + idle(&client_fd, MBEDTLS_ERR_SSL_WANT_READ); #endif } - ret = mbedtls_ssl_read( &ssl, buf, len ); + ret = mbedtls_ssl_read(&ssl, buf, len); /* Note that even if `mbedtls_ssl_check_pending` returns true, * it can happen that the subsequent call to `mbedtls_ssl_read` * returns `MBEDTLS_ERR_SSL_WANT_READ`, because the pending messages * might be discarded (e.g. because they are retransmissions). */ - } - while( mbedtls_status_is_ssl_in_progress( ret ) ); + } while (mbedtls_status_is_ssl_in_progress(ret)); - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); + mbedtls_printf(" connection was closed gracefully\n"); ret = 0; goto close_notify; default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret ); + mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret); goto reset; } } len = ret; buf[len] = '\0'; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf); ret = 0; } @@ -3678,124 +3457,113 @@ int main( int argc, char *argv[] ) * (only on the first exchange, to be able to test retransmission) */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( opt.renegotiate && exchanges_left == opt.exchanges ) - { - mbedtls_printf( " . Requestion renegotiation..." ); - fflush( stdout ); + if (opt.renegotiate && exchanges_left == opt.exchanges) { + mbedtls_printf(" . Requestion renegotiation..."); + fflush(stdout); - while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 ) - { - if( ! mbedtls_status_is_ssl_in_progress( ret ) ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", ret ); + while ((ret = mbedtls_ssl_renegotiate(&ssl)) != 0) { + if (!mbedtls_status_is_ssl_in_progress(ret)) { + mbedtls_printf(" failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", ret); goto reset; } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, ret ); + idle(&client_fd, &timer, ret); #else - idle( &client_fd, ret ); + idle(&client_fd, ret); #endif } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - ret = report_cid_usage( &ssl, "after renegotiation" ); - if( ret != 0 ) + ret = report_cid_usage(&ssl, "after renegotiation"); + if (ret != 0) { goto exit; + } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ /* * 7. Write the 200 Response */ - mbedtls_printf( " > Write to client:" ); - fflush( stdout ); + mbedtls_printf(" > Write to client:"); + fflush(stdout); /* If the format of the response changes, make sure there is enough * room in buf (buf_content_size calculation above). */ - len = sprintf( (char *) buf, HTTP_RESPONSE, - mbedtls_ssl_get_ciphersuite( &ssl ) ); + len = sprintf((char *) buf, HTTP_RESPONSE, + mbedtls_ssl_get_ciphersuite(&ssl)); /* Add padding to the response to reach opt.response_size in length */ - if( opt.response_size != DFL_RESPONSE_SIZE && - len < opt.response_size ) - { - memset( buf + len, 'B', opt.response_size - len ); + if (opt.response_size != DFL_RESPONSE_SIZE && + len < opt.response_size) { + memset(buf + len, 'B', opt.response_size - len); len += opt.response_size - len; } /* Truncate if response size is smaller than the "natural" size */ - if( opt.response_size != DFL_RESPONSE_SIZE && - len > opt.response_size ) - { + if (opt.response_size != DFL_RESPONSE_SIZE && + len > opt.response_size) { len = opt.response_size; /* Still end with \r\n unless that's really not possible */ - if( len >= 2 ) buf[len - 2] = '\r'; - if( len >= 1 ) buf[len - 1] = '\n'; + if (len >= 2) { + buf[len - 2] = '\r'; + } + if (len >= 1) { + buf[len - 1] = '\n'; + } } - if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { - for( written = 0, frags = 0; written < len; written += ret, frags++ ) - { - while( ( ret = mbedtls_ssl_write( &ssl, buf + written, len - written ) ) - <= 0 ) - { - if( ret == MBEDTLS_ERR_NET_CONN_RESET ) - { - mbedtls_printf( " failed\n ! peer closed the connection\n\n" ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) { + for (written = 0, frags = 0; written < len; written += ret, frags++) { + while ((ret = mbedtls_ssl_write(&ssl, buf + written, len - written)) + <= 0) { + if (ret == MBEDTLS_ERR_NET_CONN_RESET) { + mbedtls_printf(" failed\n ! peer closed the connection\n\n"); goto reset; } - if( ! mbedtls_status_is_ssl_in_progress( ret ) ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + if (!mbedtls_status_is_ssl_in_progress(ret)) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); goto reset; } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, ret ); + idle(&client_fd, &timer, ret); #else - idle( &client_fd, ret ); + idle(&client_fd, ret); #endif } } } - } - else /* Not stream, so datagram */ - { - while( 1 ) - { - ret = mbedtls_ssl_write( &ssl, buf, len ); + } else { /* Not stream, so datagram */ + while (1) { + ret = mbedtls_ssl_write(&ssl, buf, len); - if( ! mbedtls_status_is_ssl_in_progress( ret ) ) + if (!mbedtls_status_is_ssl_in_progress(ret)) { break; + } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, ret ); + idle(&client_fd, &timer, ret); #else - idle( &client_fd, ret ); + idle(&client_fd, ret); #endif } } - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); goto reset; } @@ -3804,96 +3572,87 @@ int main( int argc, char *argv[] ) } buf[written] = '\0'; - mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf ); + mbedtls_printf(" %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf); ret = 0; /* * 7b. Simulate serialize/deserialize and go back to data exchange */ #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( opt.serialize != 0 ) - { + if (opt.serialize != 0) { size_t buf_len; - mbedtls_printf( " . Serializing live connection..." ); + mbedtls_printf(" . Serializing live connection..."); - ret = mbedtls_ssl_context_save( &ssl, NULL, 0, &buf_len ); - if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned " - "-0x%x\n\n", (unsigned int) -ret ); + ret = mbedtls_ssl_context_save(&ssl, NULL, 0, &buf_len); + if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { + mbedtls_printf(" failed\n ! mbedtls_ssl_context_save returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - if( ( context_buf = mbedtls_calloc( 1, buf_len ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Couldn't allocate buffer for " - "serialized context" ); + if ((context_buf = mbedtls_calloc(1, buf_len)) == NULL) { + mbedtls_printf(" failed\n ! Couldn't allocate buffer for " + "serialized context"); goto exit; } context_buf_len = buf_len; - if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf, - buf_len, &buf_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned " - "-0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_context_save(&ssl, context_buf, + buf_len, &buf_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_context_save returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* Save serialized context to the 'opt.context_file' as a base64 code */ - if( 0 < strlen( opt.context_file ) ) - { + if (0 < strlen(opt.context_file)) { FILE *b64_file; uint8_t *b64_buf; size_t b64_len; - mbedtls_printf( " . Save serialized context to a file... " ); + mbedtls_printf(" . Save serialized context to a file... "); - mbedtls_base64_encode( NULL, 0, &b64_len, context_buf, buf_len ); + mbedtls_base64_encode(NULL, 0, &b64_len, context_buf, buf_len); - if( ( b64_buf = mbedtls_calloc( 1, b64_len ) ) == NULL ) - { - mbedtls_printf( "failed\n ! Couldn't allocate buffer for " - "the base64 code\n" ); + if ((b64_buf = mbedtls_calloc(1, b64_len)) == NULL) { + mbedtls_printf("failed\n ! Couldn't allocate buffer for " + "the base64 code\n"); goto exit; } - if( ( ret = mbedtls_base64_encode( b64_buf, b64_len, &b64_len, - context_buf, buf_len ) ) != 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_base64_encode returned " - "-0x%x\n", (unsigned int) -ret ); - mbedtls_free( b64_buf ); + if ((ret = mbedtls_base64_encode(b64_buf, b64_len, &b64_len, + context_buf, buf_len)) != 0) { + mbedtls_printf("failed\n ! mbedtls_base64_encode returned " + "-0x%x\n", (unsigned int) -ret); + mbedtls_free(b64_buf); goto exit; } - if( ( b64_file = fopen( opt.context_file, "w" ) ) == NULL ) - { - mbedtls_printf( "failed\n ! Cannot open '%s' for writing.\n", - opt.context_file ); - mbedtls_free( b64_buf ); + if ((b64_file = fopen(opt.context_file, "w")) == NULL) { + mbedtls_printf("failed\n ! Cannot open '%s' for writing.\n", + opt.context_file); + mbedtls_free(b64_buf); goto exit; } - if( b64_len != fwrite( b64_buf, 1, b64_len, b64_file ) ) - { - mbedtls_printf( "failed\n ! fwrite(%ld bytes) failed\n", - (long) b64_len ); - mbedtls_free( b64_buf ); - fclose( b64_file ); + if (b64_len != fwrite(b64_buf, 1, b64_len, b64_file)) { + mbedtls_printf("failed\n ! fwrite(%ld bytes) failed\n", + (long) b64_len); + mbedtls_free(b64_buf); + fclose(b64_file); goto exit; } - mbedtls_free( b64_buf ); - fclose( b64_file ); + mbedtls_free(b64_buf); + fclose(b64_file); - mbedtls_printf( "ok\n" ); + mbedtls_printf("ok\n"); } /* @@ -3903,10 +3662,9 @@ int main( int argc, char *argv[] ) * case you can just reset() it, and then it's ready to receive * serialized data from another connection (or the same here). */ - if( opt.serialize == 1 ) - { + if (opt.serialize == 1) { /* nothing to do here, done by context_save() already */ - mbedtls_printf( " . Context has been reset... ok\n" ); + mbedtls_printf(" . Context has been reset... ok\n"); } /* @@ -3917,18 +3675,16 @@ int main( int argc, char *argv[] ) * teardown/startup code needed - for example, preparing the * ssl_config again (see section 3 "setup stuff" in this file). */ - if( opt.serialize == 2 ) - { - mbedtls_printf( " . Freeing and reinitializing context..." ); + if (opt.serialize == 2) { + mbedtls_printf(" . Freeing and reinitializing context..."); - mbedtls_ssl_free( &ssl ); + mbedtls_ssl_free(&ssl); - mbedtls_ssl_init( &ssl ); + mbedtls_ssl_init(&ssl); - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned " - "-0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } @@ -3938,60 +3694,62 @@ int main( int argc, char *argv[] ) * if you want to share your set up code between the case of * establishing a new connection and this case. */ - if( opt.nbio == 2 ) - mbedtls_ssl_set_bio( &ssl, &client_fd, delayed_send, - delayed_recv, NULL ); - else - mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, - mbedtls_net_recv, - opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL ); + if (opt.nbio == 2) { + mbedtls_ssl_set_bio(&ssl, &client_fd, delayed_send, + delayed_recv, NULL); + } else { + mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send, + mbedtls_net_recv, + opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL); + } #if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &ssl, &timer, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #endif /* MBEDTLS_TIMING_C */ - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } - mbedtls_printf( " . Deserializing connection..." ); + mbedtls_printf(" . Deserializing connection..."); - if( ( ret = mbedtls_ssl_context_load( &ssl, context_buf, - buf_len ) ) != 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_ssl_context_load returned " - "-0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_context_load(&ssl, context_buf, + buf_len)) != 0) { + mbedtls_printf("failed\n ! mbedtls_ssl_context_load returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_free( context_buf ); + mbedtls_free(context_buf); context_buf = NULL; context_buf_len = 0; - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ /* * 7c. Continue doing data exchanges? */ - if( --exchanges_left > 0 ) + if (--exchanges_left > 0) { goto data_exchange; + } /* * 8. Done, cleanly close the connection */ close_notify: - mbedtls_printf( " . Closing the connection..." ); + mbedtls_printf(" . Closing the connection..."); /* No error checking, the connection might be closed already */ - do ret = mbedtls_ssl_close_notify( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_close_notify(&ssl); + } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE); ret = 0; - mbedtls_printf( " done\n" ); + mbedtls_printf(" done\n"); goto reset; @@ -4000,75 +3758,73 @@ int main( int argc, char *argv[] ) */ exit: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf); } #endif - if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) - { - mbedtls_printf( " . Cleaning up..." ); - fflush( stdout ); + if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { + mbedtls_printf(" . Cleaning up..."); + fflush(stdout); } - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); + mbedtls_net_free(&client_fd); + mbedtls_net_free(&listen_fd); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free( &cache ); + mbedtls_ssl_cache_free(&cache); #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) - mbedtls_ssl_ticket_free( &ticket_ctx ); + mbedtls_ssl_ticket_free(&ticket_ctx); #endif #if defined(MBEDTLS_SSL_COOKIE_C) - mbedtls_ssl_cookie_free( &cookie_ctx ); + mbedtls_ssl_cookie_free(&cookie_ctx); #endif #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( context_buf != NULL ) - mbedtls_platform_zeroize( context_buf, context_buf_len ); - mbedtls_free( context_buf ); + if (context_buf != NULL) { + mbedtls_platform_zeroize(context_buf, context_buf_len); + } + mbedtls_free(context_buf); #endif #if defined(SNI_OPTION) - sni_free( sni_info ); + sni_free(sni_info); #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - ret = psk_free( psk_info ); - if( ( ret != 0 ) && ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) ) - mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret ); + ret = psk_free(psk_info); + if ((ret != 0) && (opt.query_config_mode == DFL_QUERY_CONFIG_MODE)) { + mbedtls_printf("Failed to list of opaque PSKs - error was %d\n", ret); + } #endif #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - mbedtls_x509_crt_free( &cacert ); - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); - mbedtls_x509_crt_free( &srvcert2 ); - mbedtls_pk_free( &pkey2 ); + mbedtls_x509_crt_free(&cacert); + mbedtls_x509_crt_free(&srvcert); + mbedtls_pk_free(&pkey); + mbedtls_x509_crt_free(&srvcert2); + mbedtls_pk_free(&pkey2); #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_destroy_key( key_slot ); - psa_destroy_key( key_slot2 ); + psa_destroy_key(key_slot); + psa_destroy_key(key_slot2); #endif #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) - mbedtls_dhm_free( &dhm ); + mbedtls_dhm_free(&dhm); #endif #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - for( i = 0; (size_t) i < ssl_async_keys.slots_used; i++ ) - { - if( ssl_async_keys.slots[i].pk_owned ) - { - mbedtls_pk_free( ssl_async_keys.slots[i].pk ); - mbedtls_free( ssl_async_keys.slots[i].pk ); + for (i = 0; (size_t) i < ssl_async_keys.slots_used; i++) { + if (ssl_async_keys.slots[i].pk_owned) { + mbedtls_pk_free(ssl_async_keys.slots[i].pk); + mbedtls_free(ssl_async_keys.slots[i].pk); ssl_async_keys.slots[i].pk = NULL; } } @@ -4076,30 +3832,28 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \ defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { + if (opt.psk_opaque != 0) { /* This is ok even if the slot hasn't been * initialized (we might have jumed here * immediately because of bad cmd line params, * for example). */ - status = psa_destroy_key( psk_slot ); - if( ( status != PSA_SUCCESS ) && - ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) ) - { - mbedtls_printf( "Failed to destroy key slot %u - error was %d", - (unsigned) psk_slot, (int) status ); + status = psa_destroy_key(psk_slot); + if ((status != PSA_SUCCESS) && + (opt.query_config_mode == DFL_QUERY_CONFIG_MODE)) { + mbedtls_printf("Failed to destroy key slot %u - error was %d", + (unsigned) psk_slot, (int) status); } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED && MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - const char* message = mbedtls_test_helper_is_psa_leaking(); - if( message ) - { - if( ret == 0 ) + const char *message = mbedtls_test_helper_is_psa_leaking(); + if (message) { + if (ret == 0) { ret = 1; - mbedtls_printf( "PSA memory leak detected: %s\n", message); + } + mbedtls_printf("PSA memory leak detected: %s\n", message); } #endif @@ -4107,27 +3861,26 @@ int main( int argc, char *argv[] ) * resources are freed by rng_free(). */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) - mbedtls_psa_crypto_free( ); + mbedtls_psa_crypto_free(); #endif - rng_free( &rng ); + rng_free(&rng); - mbedtls_free( buf ); + mbedtls_free(buf); #if defined(MBEDTLS_TEST_HOOKS) /* Let test hooks detect errors such as resource leaks. * Don't do it in query_config mode, because some test code prints * information to stdout and this gets mixed with the regular output. */ - if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) - { - if( test_hooks_failure_detected( ) ) - { - if( ret == 0 ) + if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { + if (test_hooks_failure_detected()) { + if (ret == 0) { ret = 1; - mbedtls_printf( "Test hooks detected errors.\n" ); + } + mbedtls_printf("Test hooks detected errors.\n"); } } - test_hooks_free( ); + test_hooks_free(); #endif /* MBEDTLS_TEST_HOOKS */ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) @@ -4137,23 +3890,24 @@ int main( int argc, char *argv[] ) mbedtls_memory_buffer_alloc_free(); #endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ - if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) - { - mbedtls_printf( " done.\n" ); + if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { + mbedtls_printf(" done.\n"); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif } // Shell can not handle large exit numbers -> 1 for errors - if( ret < 0 ) + if (ret < 0) { ret = 1; + } - if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) - mbedtls_exit( ret ); - else - mbedtls_exit( query_config_ret ); + if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { + mbedtls_exit(ret); + } else { + mbedtls_exit(query_config_ret); + } } #endif /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_SRV_C */ diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index f5d868046c4a..d3ce67e4dae1 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -25,44 +25,43 @@ */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) -int eap_tls_key_derivation( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ) +int eap_tls_key_derivation(void *p_expkey, + const unsigned char *ms, + const unsigned char *kb, + size_t maclen, + size_t keylen, + size_t ivlen, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type) { - eap_tls_keys *keys = (eap_tls_keys *)p_expkey; + eap_tls_keys *keys = (eap_tls_keys *) p_expkey; - ( ( void ) kb ); - memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) ); - memcpy( keys->randbytes, client_random, 32 ); - memcpy( keys->randbytes + 32, server_random, 32 ); + ((void) kb); + memcpy(keys->master_secret, ms, sizeof(keys->master_secret)); + memcpy(keys->randbytes, client_random, 32); + memcpy(keys->randbytes + 32, server_random, 32); keys->tls_prf_type = tls_prf_type; - if( opt.debug_level > 2 ) - { - mbedtls_printf("exported maclen is %u\n", (unsigned)maclen); - mbedtls_printf("exported keylen is %u\n", (unsigned)keylen); - mbedtls_printf("exported ivlen is %u\n", (unsigned)ivlen); + if (opt.debug_level > 2) { + mbedtls_printf("exported maclen is %u\n", (unsigned) maclen); + mbedtls_printf("exported keylen is %u\n", (unsigned) keylen); + mbedtls_printf("exported ivlen is %u\n", (unsigned) ivlen); } - return( 0 ); + return 0; } -int nss_keylog_export( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ) +int nss_keylog_export(void *p_expkey, + const unsigned char *ms, + const unsigned char *kb, + size_t maclen, + size_t keylen, + size_t ivlen, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type) { - char nss_keylog_line[ 200 ]; + char nss_keylog_line[200]; size_t const client_random_len = 32; size_t const master_secret_len = 48; size_t len = 0; @@ -77,138 +76,134 @@ int nss_keylog_export( void *p_expkey, ((void) server_random); ((void) tls_prf_type); - len += sprintf( nss_keylog_line + len, - "%s", "CLIENT_RANDOM " ); + len += sprintf(nss_keylog_line + len, + "%s", "CLIENT_RANDOM "); - for( j = 0; j < client_random_len; j++ ) - { - len += sprintf( nss_keylog_line + len, - "%02x", client_random[j] ); + for (j = 0; j < client_random_len; j++) { + len += sprintf(nss_keylog_line + len, + "%02x", client_random[j]); } - len += sprintf( nss_keylog_line + len, " " ); + len += sprintf(nss_keylog_line + len, " "); - for( j = 0; j < master_secret_len; j++ ) - { - len += sprintf( nss_keylog_line + len, - "%02x", ms[j] ); + for (j = 0; j < master_secret_len; j++) { + len += sprintf(nss_keylog_line + len, + "%02x", ms[j]); } - len += sprintf( nss_keylog_line + len, "\n" ); - nss_keylog_line[ len ] = '\0'; + len += sprintf(nss_keylog_line + len, "\n"); + nss_keylog_line[len] = '\0'; - mbedtls_printf( "\n" ); - mbedtls_printf( "---------------- NSS KEYLOG -----------------\n" ); - mbedtls_printf( "%s", nss_keylog_line ); - mbedtls_printf( "---------------------------------------------\n" ); + mbedtls_printf("\n"); + mbedtls_printf("---------------- NSS KEYLOG -----------------\n"); + mbedtls_printf("%s", nss_keylog_line); + mbedtls_printf("---------------------------------------------\n"); - if( opt.nss_keylog_file != NULL ) - { + if (opt.nss_keylog_file != NULL) { FILE *f; - if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL ) - { + if ((f = fopen(opt.nss_keylog_file, "a")) == NULL) { ret = -1; goto exit; } - if( fwrite( nss_keylog_line, 1, len, f ) != len ) - { + if (fwrite(nss_keylog_line, 1, len, f) != len) { ret = -1; - fclose( f ); + fclose(f); goto exit; } - fclose( f ); + fclose(f); } exit: - mbedtls_platform_zeroize( nss_keylog_line, - sizeof( nss_keylog_line ) ); - return( ret ); + mbedtls_platform_zeroize(nss_keylog_line, + sizeof(nss_keylog_line)); + return ret; } -#if defined( MBEDTLS_SSL_DTLS_SRTP ) -int dtls_srtp_key_derivation( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ) +#if defined(MBEDTLS_SSL_DTLS_SRTP) +int dtls_srtp_key_derivation(void *p_expkey, + const unsigned char *ms, + const unsigned char *kb, + size_t maclen, + size_t keylen, + size_t ivlen, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type) { - dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey; + dtls_srtp_keys *keys = (dtls_srtp_keys *) p_expkey; - ( ( void ) kb ); - memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) ); - memcpy( keys->randbytes, client_random, 32 ); - memcpy( keys->randbytes + 32, server_random, 32 ); + ((void) kb); + memcpy(keys->master_secret, ms, sizeof(keys->master_secret)); + memcpy(keys->randbytes, client_random, 32); + memcpy(keys->randbytes + 32, server_random, 32); keys->tls_prf_type = tls_prf_type; - if( opt.debug_level > 2 ) - { - mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen ); - mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen ); - mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen ); + if (opt.debug_level > 2) { + mbedtls_printf("exported maclen is %u\n", (unsigned) maclen); + mbedtls_printf("exported keylen is %u\n", (unsigned) keylen); + mbedtls_printf("exported ivlen is %u\n", (unsigned) ivlen); } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_SSL_RECORD_CHECKING) -int ssl_check_record( mbedtls_ssl_context const *ssl, - unsigned char const *buf, size_t len ) +int ssl_check_record(mbedtls_ssl_context const *ssl, + unsigned char const *buf, size_t len) { int my_ret = 0, ret_cr1, ret_cr2; unsigned char *tmp_buf; /* Record checking may modify the input buffer, * so make a copy. */ - tmp_buf = mbedtls_calloc( 1, len ); - if( tmp_buf == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - memcpy( tmp_buf, buf, len ); - - ret_cr1 = mbedtls_ssl_check_record( ssl, tmp_buf, len ); - if( ret_cr1 != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ) - { + tmp_buf = mbedtls_calloc(1, len); + if (tmp_buf == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } + memcpy(tmp_buf, buf, len); + + ret_cr1 = mbedtls_ssl_check_record(ssl, tmp_buf, len); + if (ret_cr1 != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE) { /* Test-only: Make sure that mbedtls_ssl_check_record() * doesn't alter state. */ - memcpy( tmp_buf, buf, len ); /* Restore buffer */ - ret_cr2 = mbedtls_ssl_check_record( ssl, tmp_buf, len ); - if( ret_cr2 != ret_cr1 ) - { - mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" ); + memcpy(tmp_buf, buf, len); /* Restore buffer */ + ret_cr2 = mbedtls_ssl_check_record(ssl, tmp_buf, len); + if (ret_cr2 != ret_cr1) { + mbedtls_printf("mbedtls_ssl_check_record() returned inconsistent results.\n"); my_ret = -1; goto cleanup; } - switch( ret_cr1 ) - { + switch (ret_cr1) { case 0: break; case MBEDTLS_ERR_SSL_INVALID_RECORD: - if( opt.debug_level > 1 ) - mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" ); + if (opt.debug_level > 1) { + mbedtls_printf("mbedtls_ssl_check_record() detected invalid record.\n"); + } break; case MBEDTLS_ERR_SSL_INVALID_MAC: - if( opt.debug_level > 1 ) - mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" ); + if (opt.debug_level > 1) { + mbedtls_printf("mbedtls_ssl_check_record() detected unauthentic record.\n"); + } break; case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD: - if( opt.debug_level > 1 ) - mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" ); + if (opt.debug_level > 1) { + mbedtls_printf("mbedtls_ssl_check_record() detected unexpected record.\n"); + } break; default: - mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret_cr1 ); + mbedtls_printf("mbedtls_ssl_check_record() failed fatally with -%#04x.\n", + (unsigned int) -ret_cr1); my_ret = -1; goto cleanup; } @@ -217,74 +212,78 @@ int ssl_check_record( mbedtls_ssl_context const *ssl, } cleanup: - mbedtls_free( tmp_buf ); + mbedtls_free(tmp_buf); - return( my_ret ); + return my_ret; } #endif /* MBEDTLS_SSL_RECORD_CHECKING */ -int recv_cb( void *ctx, unsigned char *buf, size_t len ) +int recv_cb(void *ctx, unsigned char *buf, size_t len) { - io_ctx_t *io_ctx = (io_ctx_t*) ctx; + io_ctx_t *io_ctx = (io_ctx_t *) ctx; size_t recv_len; int ret; - if( opt.nbio == 2 ) - ret = delayed_recv( io_ctx->net, buf, len ); - else - ret = mbedtls_net_recv( io_ctx->net, buf, len ); - if( ret < 0 ) - return( ret ); + if (opt.nbio == 2) { + ret = delayed_recv(io_ctx->net, buf, len); + } else { + ret = mbedtls_net_recv(io_ctx->net, buf, len); + } + if (ret < 0) { + return ret; + } recv_len = (size_t) ret; - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Here's the place to do any datagram/record checking * in between receiving the packet from the underlying * transport and passing it on to the TLS stack. */ #if defined(MBEDTLS_SSL_RECORD_CHECKING) - if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 ) - return( -1 ); + if (ssl_check_record(io_ctx->ssl, buf, recv_len) != 0) { + return -1; + } #endif /* MBEDTLS_SSL_RECORD_CHECKING */ } - return( (int) recv_len ); + return (int) recv_len; } -int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len, - uint32_t timeout ) +int recv_timeout_cb(void *ctx, unsigned char *buf, size_t len, + uint32_t timeout) { - io_ctx_t *io_ctx = (io_ctx_t*) ctx; + io_ctx_t *io_ctx = (io_ctx_t *) ctx; int ret; size_t recv_len; - ret = mbedtls_net_recv_timeout( io_ctx->net, buf, len, timeout ); - if( ret < 0 ) - return( ret ); + ret = mbedtls_net_recv_timeout(io_ctx->net, buf, len, timeout); + if (ret < 0) { + return ret; + } recv_len = (size_t) ret; - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Here's the place to do any datagram/record checking * in between receiving the packet from the underlying * transport and passing it on to the TLS stack. */ #if defined(MBEDTLS_SSL_RECORD_CHECKING) - if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 ) - return( -1 ); + if (ssl_check_record(io_ctx->ssl, buf, recv_len) != 0) { + return -1; + } #endif /* MBEDTLS_SSL_RECORD_CHECKING */ } - return( (int) recv_len ); + return (int) recv_len; } -int send_cb( void *ctx, unsigned char const *buf, size_t len ) +int send_cb(void *ctx, unsigned char const *buf, size_t len) { - io_ctx_t *io_ctx = (io_ctx_t*) ctx; + io_ctx_t *io_ctx = (io_ctx_t *) ctx; - if( opt.nbio == 2 ) - return( delayed_send( io_ctx->net, buf, len ) ); + if (opt.nbio == 2) { + return delayed_send(io_ctx->net, buf, len); + } - return( mbedtls_net_send( io_ctx->net, buf, len ) ); + return mbedtls_net_send(io_ctx->net, buf, len); } #if defined(MBEDTLS_X509_CRT_PARSE_C) diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c index 70cddfa75d5f..d6390035dd53 100644 --- a/programs/ssl/ssl_test_lib.c +++ b/programs/ssl/ssl_test_lib.c @@ -28,24 +28,26 @@ #if !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) -void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { const char *p, *basename; /* Extract basename from file */ - for( p = basename = file; *p != '\0'; p++ ) - if( *p == '/' || *p == '\\' ) + for (p = basename = file; *p != '\0'; p++) { + if (*p == '/' || *p == '\\') { basename = p + 1; + } + } - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s", - basename, line, level, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: |%d| %s", + basename, line, level, str); + fflush((FILE *) ctx); } #if defined(MBEDTLS_HAVE_TIME) -mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) +mbedtls_time_t dummy_constant_time(mbedtls_time_t *time) { (void) time; return 0x5af2a056; @@ -53,74 +55,72 @@ mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) #endif #if !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) -static int dummy_entropy( void *data, unsigned char *output, size_t len ) +static int dummy_entropy(void *data, unsigned char *output, size_t len) { size_t i; int ret; (void) data; - ret = mbedtls_entropy_func( data, output, len ); - for( i = 0; i < len; i++ ) - { + ret = mbedtls_entropy_func(data, output, len); + for (i = 0; i < len; i++) { //replace result with pseudo random output[i] = (unsigned char) rand(); } - return( ret ); + return ret; } #endif -void rng_init( rng_context_t *rng ) +void rng_init(rng_context_t *rng) { #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) (void) rng; - psa_crypto_init( ); + psa_crypto_init(); #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ #if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_init( &rng->drbg ); + mbedtls_ctr_drbg_init(&rng->drbg); #elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_init( &rng->drbg ); + mbedtls_hmac_drbg_init(&rng->drbg); #else #error "No DRBG available" #endif - mbedtls_entropy_init( &rng->entropy ); + mbedtls_entropy_init(&rng->entropy); #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ } -int rng_seed( rng_context_t *rng, int reproducible, const char *pers ) +int rng_seed(rng_context_t *rng, int reproducible, const char *pers) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( reproducible ) - { - mbedtls_fprintf( stderr, - "MBEDTLS_USE_PSA_CRYPTO does not support reproducible mode.\n" ); - return( -1 ); + if (reproducible) { + mbedtls_fprintf(stderr, + "MBEDTLS_USE_PSA_CRYPTO does not support reproducible mode.\n"); + return -1; } #endif #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) /* The PSA crypto RNG does its own seeding. */ (void) rng; (void) pers; - if( reproducible ) - { - mbedtls_fprintf( stderr, - "The PSA RNG does not support reproducible mode.\n" ); - return( -1 ); + if (reproducible) { + mbedtls_fprintf(stderr, + "The PSA RNG does not support reproducible mode.\n"); + return -1; } - return( 0 ); + return 0; #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ - int ( *f_entropy )( void *, unsigned char *, size_t ) = - ( reproducible ? dummy_entropy : mbedtls_entropy_func ); + int (*f_entropy)(void *, unsigned char *, size_t) = + (reproducible ? dummy_entropy : mbedtls_entropy_func); - if ( reproducible ) - srand( 1 ); + if (reproducible) { + srand(1); + } #if defined(MBEDTLS_CTR_DRBG_C) - int ret = mbedtls_ctr_drbg_seed( &rng->drbg, - f_entropy, &rng->entropy, - (const unsigned char *) pers, - strlen( pers ) ); + int ret = mbedtls_ctr_drbg_seed(&rng->drbg, + f_entropy, &rng->entropy, + (const unsigned char *) pers, + strlen(pers)); #elif defined(MBEDTLS_HMAC_DRBG_C) #if defined(MBEDTLS_SHA256_C) const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA256; @@ -129,61 +129,60 @@ int rng_seed( rng_context_t *rng, int reproducible, const char *pers ) #else #error "No message digest available for HMAC_DRBG" #endif - int ret = mbedtls_hmac_drbg_seed( &rng->drbg, - mbedtls_md_info_from_type( md_type ), - f_entropy, &rng->entropy, - (const unsigned char *) pers, - strlen( pers ) ); + int ret = mbedtls_hmac_drbg_seed(&rng->drbg, + mbedtls_md_info_from_type(md_type), + f_entropy, &rng->entropy, + (const unsigned char *) pers, + strlen(pers)); #else /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */ #error "No DRBG available" #endif /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */ - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", - (unsigned int) -ret ); - return( ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", + (unsigned int) -ret); + return ret; } #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ - return( 0 ); + return 0; } -void rng_free( rng_context_t *rng ) +void rng_free(rng_context_t *rng) { #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) (void) rng; /* Deinitialize the PSA crypto subsystem. This deactivates all PSA APIs. * This is ok because none of our applications try to do any crypto after * deinitializing the RNG. */ - mbedtls_psa_crypto_free( ); + mbedtls_psa_crypto_free(); #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ #if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_free( &rng->drbg ); + mbedtls_ctr_drbg_free(&rng->drbg); #elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_free( &rng->drbg ); + mbedtls_hmac_drbg_free(&rng->drbg); #else #error "No DRBG available" #endif - mbedtls_entropy_free( &rng->entropy ); + mbedtls_entropy_free(&rng->entropy); #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ } -int rng_get( void *p_rng, unsigned char *output, size_t output_len ) +int rng_get(void *p_rng, unsigned char *output, size_t output_len) { #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) (void) p_rng; - return( mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE, - output, output_len ) ); + return mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, + output, output_len); #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ rng_context_t *rng = p_rng; #if defined(MBEDTLS_CTR_DRBG_C) - return( mbedtls_ctr_drbg_random( &rng->drbg, output, output_len ) ); + return mbedtls_ctr_drbg_random(&rng->drbg, output, output_len); #elif defined(MBEDTLS_HMAC_DRBG_C) - return( mbedtls_hmac_drbg_random( &rng->drbg, output, output_len ) ); + return mbedtls_hmac_drbg_random(&rng->drbg, output, output_len); #else #error "No DRBG available" #endif @@ -192,8 +191,8 @@ int rng_get( void *p_rng, unsigned char *output, size_t output_len ) } #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -int ca_callback( void *data, mbedtls_x509_crt const *child, - mbedtls_x509_crt **candidates ) +int ca_callback(void *data, mbedtls_x509_crt const *child, + mbedtls_x509_crt **candidates) { int ret = 0; mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data; @@ -209,25 +208,21 @@ int ca_callback( void *data, mbedtls_x509_crt const *child, * and parent `Subject` field or matching key identifiers. */ ((void) child); - first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); - if( first == NULL ) - { + first = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); + if (first == NULL) { ret = -1; goto exit; } - mbedtls_x509_crt_init( first ); + mbedtls_x509_crt_init(first); - if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) - { + if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) { ret = -1; goto exit; } - while( ca->next != NULL ) - { + while (ca->next != NULL) { ca = ca->next; - if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) - { + if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) { ret = -1; goto exit; } @@ -235,122 +230,123 @@ int ca_callback( void *data, mbedtls_x509_crt const *child, exit: - if( ret != 0 ) - { - mbedtls_x509_crt_free( first ); - mbedtls_free( first ); + if (ret != 0) { + mbedtls_x509_crt_free(first); + mbedtls_free(first); first = NULL; } *candidates = first; - return( ret ); + return ret; } #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -int delayed_recv( void *ctx, unsigned char *buf, size_t len ) +int delayed_recv(void *ctx, unsigned char *buf, size_t len) { static int first_try = 1; int ret; - if( first_try ) - { + if (first_try) { first_try = 0; - return( MBEDTLS_ERR_SSL_WANT_READ ); + return MBEDTLS_ERR_SSL_WANT_READ; } - ret = mbedtls_net_recv( ctx, buf, len ); - if( ret != MBEDTLS_ERR_SSL_WANT_READ ) + ret = mbedtls_net_recv(ctx, buf, len); + if (ret != MBEDTLS_ERR_SSL_WANT_READ) { first_try = 1; /* Next call will be a new operation */ - return( ret ); + } + return ret; } -int delayed_send( void *ctx, const unsigned char *buf, size_t len ) +int delayed_send(void *ctx, const unsigned char *buf, size_t len) { static int first_try = 1; int ret; - if( first_try ) - { + if (first_try) { first_try = 0; - return( MBEDTLS_ERR_SSL_WANT_WRITE ); + return MBEDTLS_ERR_SSL_WANT_WRITE; } - ret = mbedtls_net_send( ctx, buf, len ); - if( ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + ret = mbedtls_net_send(ctx, buf, len); + if (ret != MBEDTLS_ERR_SSL_WANT_WRITE) { first_try = 1; /* Next call will be a new operation */ - return( ret ); + } + return ret; } #if !defined(MBEDTLS_TIMING_C) -int idle( mbedtls_net_context *fd, - int idle_reason ) +int idle(mbedtls_net_context *fd, + int idle_reason) #else -int idle( mbedtls_net_context *fd, - mbedtls_timing_delay_context *timer, - int idle_reason ) +int idle(mbedtls_net_context *fd, + mbedtls_timing_delay_context *timer, + int idle_reason) #endif { int ret; int poll_type = 0; - if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE ) + if (idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE) { poll_type = MBEDTLS_NET_POLL_WRITE; - else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ ) + } else if (idle_reason == MBEDTLS_ERR_SSL_WANT_READ) { poll_type = MBEDTLS_NET_POLL_READ; + } #if !defined(MBEDTLS_TIMING_C) - else - return( 0 ); + else { + return 0; + } #endif - while( 1 ) - { + while (1) { /* Check if timer has expired */ #if defined(MBEDTLS_TIMING_C) - if( timer != NULL && - mbedtls_timing_get_delay( timer ) == 2 ) - { + if (timer != NULL && + mbedtls_timing_get_delay(timer) == 2) { break; } #endif /* MBEDTLS_TIMING_C */ /* Check if underlying transport became available */ - if( poll_type != 0 ) - { - ret = mbedtls_net_poll( fd, poll_type, 0 ); - if( ret < 0 ) - return( ret ); - if( ret == poll_type ) + if (poll_type != 0) { + ret = mbedtls_net_poll(fd, poll_type, 0); + if (ret < 0) { + return ret; + } + if (ret == poll_type) { break; + } } } - return( 0 ); + return 0; } #if defined(MBEDTLS_TEST_HOOKS) -void test_hooks_init( void ) +void test_hooks_init(void) { - mbedtls_test_info_reset( ); + mbedtls_test_info_reset(); #if defined(MBEDTLS_TEST_MUTEX_USAGE) - mbedtls_test_mutex_usage_init( ); + mbedtls_test_mutex_usage_init(); #endif } -int test_hooks_failure_detected( void ) +int test_hooks_failure_detected(void) { #if defined(MBEDTLS_TEST_MUTEX_USAGE) /* Errors are reported via mbedtls_test_info. */ - mbedtls_test_mutex_usage_check( ); + mbedtls_test_mutex_usage_check(); #endif - if( mbedtls_test_info.result != MBEDTLS_TEST_RESULT_SUCCESS ) - return( 1 ); - return( 0 ); + if (mbedtls_test_info.result != MBEDTLS_TEST_RESULT_SUCCESS) { + return 1; + } + return 0; } -void test_hooks_free( void ) +void test_hooks_free(void) { } diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h index e02cf0a3c982..b6d199592dfb 100644 --- a/programs/ssl/ssl_test_lib.h +++ b/programs/ssl/ssl_test_lib.h @@ -32,13 +32,13 @@ #undef HAVE_RNG #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \ - ( defined(MBEDTLS_USE_PSA_CRYPTO) || \ - defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) ) + (defined(MBEDTLS_USE_PSA_CRYPTO) || \ + defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)) #define HAVE_RNG #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) #define HAVE_RNG #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_HMAC_DRBG_C) && \ - ( defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C) ) + (defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C)) #define HAVE_RNG #endif @@ -88,14 +88,13 @@ #if defined(MBEDTLS_SSL_EXPORT_KEYS) -typedef struct eap_tls_keys -{ +typedef struct eap_tls_keys { unsigned char master_secret[48]; unsigned char randbytes[64]; mbedtls_tls_prf_types tls_prf_type; } eap_tls_keys; -#if defined( MBEDTLS_SSL_DTLS_SRTP ) +#if defined(MBEDTLS_SSL_DTLS_SRTP) /* Supported SRTP mode needs a maximum of : * - 16 bytes for key (AES-128) @@ -104,8 +103,7 @@ typedef struct eap_tls_keys */ #define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60 -typedef struct dtls_srtp_keys -{ +typedef struct dtls_srtp_keys { unsigned char master_secret[48]; unsigned char randbytes[64]; mbedtls_tls_prf_types tls_prf_type; @@ -115,18 +113,17 @@ typedef struct dtls_srtp_keys #endif /* MBEDTLS_SSL_EXPORT_KEYS */ -typedef struct -{ +typedef struct { mbedtls_ssl_context *ssl; mbedtls_net_context *net; } io_ctx_t; -void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ); +void my_debug(void *ctx, int level, + const char *file, int line, + const char *str); #if defined(MBEDTLS_HAVE_TIME) -mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); +mbedtls_time_t dummy_constant_time(mbedtls_time_t *time); #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -156,8 +153,7 @@ mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); /** A context for random number generation (RNG). */ -typedef struct -{ +typedef struct { #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) unsigned char dummy; #else /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ @@ -177,7 +173,7 @@ typedef struct * This function only initializes the memory used by the RNG context. * Before using the RNG, it must be seeded with rng_seed(). */ -void rng_init( rng_context_t *rng ); +void rng_init(rng_context_t *rng); /* Seed the random number generator. * @@ -193,14 +189,14 @@ void rng_init( rng_context_t *rng ); * * return 0 on success, a negative value on error. */ -int rng_seed( rng_context_t *rng, int reproducible, const char *pers ); +int rng_seed(rng_context_t *rng, int reproducible, const char *pers); /** Deinitialize the RNG. Free any embedded resource. * * \param rng The RNG context to deinitialize. It must have been * initialized with rng_init(). */ -void rng_free( rng_context_t *rng ); +void rng_free(rng_context_t *rng); /** Generate random data. * @@ -215,7 +211,7 @@ void rng_free( rng_context_t *rng ); * \return \c 0 on success. * \return An Mbed TLS error code on error. */ -int rng_get( void *p_rng, unsigned char *output, size_t output_len ); +int rng_get(void *p_rng, unsigned char *output, size_t output_len); #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) /* The test implementation of the PSA external RNG is insecure. When @@ -226,31 +222,31 @@ int rng_get( void *p_rng, unsigned char *output, size_t output_len ); #endif #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -int ca_callback( void *data, mbedtls_x509_crt const *child, - mbedtls_x509_crt **candidates ); +int ca_callback(void *data, mbedtls_x509_crt const *child, + mbedtls_x509_crt **candidates); #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ /* * Test recv/send functions that make sure each try returns * WANT_READ/WANT_WRITE at least once before succeeding */ -int delayed_recv( void *ctx, unsigned char *buf, size_t len ); -int delayed_send( void *ctx, const unsigned char *buf, size_t len ); +int delayed_recv(void *ctx, unsigned char *buf, size_t len); +int delayed_send(void *ctx, const unsigned char *buf, size_t len); /* * Wait for an event from the underlying transport or the timer * (Used in event-driven IO mode). */ -int idle( mbedtls_net_context *fd, +int idle(mbedtls_net_context *fd, #if defined(MBEDTLS_TIMING_C) - mbedtls_timing_delay_context *timer, + mbedtls_timing_delay_context *timer, #endif - int idle_reason ); + int idle_reason); #if defined(MBEDTLS_TEST_HOOKS) /** Initialize whatever test hooks are enabled by the compile-time * configuration and make sense for the TLS test programs. */ -void test_hooks_init( void ); +void test_hooks_init(void); /** Check if any test hooks detected a problem. * @@ -268,14 +264,14 @@ void test_hooks_init( void ); * \return Nonzero if a problem was detected. * \c 0 if no problem was detected. */ -int test_hooks_failure_detected( void ); +int test_hooks_failure_detected(void); /** Free any resources allocated for the sake of test hooks. * * Call this at the end of the program so that resource leak analyzers * don't complain. */ -void test_hooks_free( void ); +void test_hooks_free(void); #endif /* !MBEDTLS_TEST_HOOKS */ diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 44e9a5851ef6..bbb704611ac5 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -26,10 +26,10 @@ #include "mbedtls/platform.h" #if !defined(MBEDTLS_TIMING_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_TIMING_C not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else @@ -78,7 +78,7 @@ int main( void ) * block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block, * so use that as our baseline. */ -#define MEM_BLOCK_OVERHEAD ( 2 * sizeof( size_t ) ) +#define MEM_BLOCK_OVERHEAD (2 * sizeof(size_t)) /* * Size to use for the alloc buffer if MEMORY_BUFFER_ALLOC_C is defined. @@ -99,45 +99,45 @@ int main( void ) #if defined(MBEDTLS_ERROR_C) #define PRINT_ERROR \ - mbedtls_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \ - mbedtls_printf( "FAILED: %s\n", tmp ); + mbedtls_strerror(ret, (char *) tmp, sizeof(tmp)); \ + mbedtls_printf("FAILED: %s\n", tmp); #else #define PRINT_ERROR \ - mbedtls_printf( "FAILED: -0x%04x\n", (unsigned int) -ret ); + mbedtls_printf("FAILED: -0x%04x\n", (unsigned int) -ret); #endif -#define TIME_AND_TSC( TITLE, CODE ) \ -do { \ - unsigned long ii, jj, tsc; \ - int ret = 0; \ +#define TIME_AND_TSC(TITLE, CODE) \ + do { \ + unsigned long ii, jj, tsc; \ + int ret = 0; \ \ - mbedtls_printf( HEADER_FORMAT, TITLE ); \ - fflush( stdout ); \ + mbedtls_printf(HEADER_FORMAT, TITLE); \ + fflush(stdout); \ \ - mbedtls_set_alarm( 1 ); \ - for( ii = 1; ret == 0 && ! mbedtls_timing_alarmed; ii++ ) \ - { \ - ret = CODE; \ - } \ + mbedtls_set_alarm(1); \ + for (ii = 1; ret == 0 && !mbedtls_timing_alarmed; ii++) \ + { \ + ret = CODE; \ + } \ \ - tsc = mbedtls_timing_hardclock(); \ - for( jj = 0; ret == 0 && jj < 1024; jj++ ) \ - { \ - ret = CODE; \ - } \ + tsc = mbedtls_timing_hardclock(); \ + for (jj = 0; ret == 0 && jj < 1024; jj++) \ + { \ + ret = CODE; \ + } \ \ - if( ret != 0 ) \ - { \ - PRINT_ERROR; \ - } \ - else \ - { \ - mbedtls_printf( "%9lu KiB/s, %9lu cycles/byte\n", \ - ii * BUFSIZE / 1024, \ - ( mbedtls_timing_hardclock() - tsc ) \ - / ( jj * BUFSIZE ) ); \ - } \ -} while( 0 ) + if (ret != 0) \ + { \ + PRINT_ERROR; \ + } \ + else \ + { \ + mbedtls_printf("%9lu KiB/s, %9lu cycles/byte\n", \ + ii * BUFSIZE / 1024, \ + (mbedtls_timing_hardclock() - tsc) \ + / (jj * BUFSIZE)); \ + } \ + } while (0) #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG) @@ -155,88 +155,89 @@ do { \ #define MEMORY_MEASURE_INIT \ size_t max_used, max_blocks, max_bytes; \ size_t prv_used, prv_blocks; \ - mbedtls_memory_buffer_alloc_cur_get( &prv_used, &prv_blocks ); \ - mbedtls_memory_buffer_alloc_max_reset( ); + mbedtls_memory_buffer_alloc_cur_get(&prv_used, &prv_blocks); \ + mbedtls_memory_buffer_alloc_max_reset(); -#define MEMORY_MEASURE_PRINT( title_len ) \ - mbedtls_memory_buffer_alloc_max_get( &max_used, &max_blocks ); \ +#define MEMORY_MEASURE_PRINT(title_len) \ + mbedtls_memory_buffer_alloc_max_get(&max_used, &max_blocks); \ ii = TITLE_SPACE > (title_len) ? TITLE_SPACE - (title_len) : 1; \ - while( ii-- ) mbedtls_printf( " " ); \ + while (ii--) mbedtls_printf(" "); \ max_used -= prv_used; \ max_blocks -= prv_blocks; \ max_bytes = max_used + MEM_BLOCK_OVERHEAD * max_blocks; \ - mbedtls_printf( "%6u heap bytes", (unsigned) max_bytes ); + mbedtls_printf("%6u heap bytes", (unsigned) max_bytes); #else #define MEMORY_MEASURE_INIT -#define MEMORY_MEASURE_PRINT( title_len ) +#define MEMORY_MEASURE_PRINT(title_len) #endif -#define TIME_PUBLIC( TITLE, TYPE, CODE ) \ -do { \ - unsigned long ii; \ - int ret; \ - MEMORY_MEASURE_INIT; \ +#define TIME_PUBLIC(TITLE, TYPE, CODE) \ + do { \ + unsigned long ii; \ + int ret; \ + MEMORY_MEASURE_INIT; \ \ - mbedtls_printf( HEADER_FORMAT, TITLE ); \ - fflush( stdout ); \ - mbedtls_set_alarm( 3 ); \ + mbedtls_printf(HEADER_FORMAT, TITLE); \ + fflush(stdout); \ + mbedtls_set_alarm(3); \ \ - ret = 0; \ - for( ii = 1; ! mbedtls_timing_alarmed && ! ret ; ii++ ) \ - { \ - CODE; \ - } \ + ret = 0; \ + for (ii = 1; !mbedtls_timing_alarmed && !ret; ii++) \ + { \ + CODE; \ + } \ \ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) \ - { \ - mbedtls_printf( "Feature Not Supported. Skipping.\n" ); \ - ret = 0; \ - } \ - else if( ret != 0 ) \ - { \ - PRINT_ERROR; \ - } \ - else \ - { \ - mbedtls_printf( "%6lu " TYPE "/s", ii / 3 ); \ - MEMORY_MEASURE_PRINT( sizeof( TYPE ) + 1 ); \ - mbedtls_printf( "\n" ); \ - } \ -} while( 0 ) - -static int myrand( void *rng_state, unsigned char *output, size_t len ) + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED) \ + { \ + mbedtls_printf("Feature Not Supported. Skipping.\n"); \ + ret = 0; \ + } \ + else if (ret != 0) \ + { \ + PRINT_ERROR; \ + } \ + else \ + { \ + mbedtls_printf("%6lu " TYPE "/s", ii / 3); \ + MEMORY_MEASURE_PRINT(sizeof(TYPE) + 1); \ + mbedtls_printf("\n"); \ + } \ + } while (0) + +static int myrand(void *rng_state, unsigned char *output, size_t len) { size_t use_len; int rnd; - if( rng_state != NULL ) + if (rng_state != NULL) { rng_state = NULL; + } - while( len > 0 ) - { + while (len > 0) { use_len = len; - if( use_len > sizeof(int) ) + if (use_len > sizeof(int)) { use_len = sizeof(int); + } rnd = rand(); - memcpy( output, &rnd, use_len ); + memcpy(output, &rnd, use_len); output += use_len; len -= use_len; } - return( 0 ); + return 0; } -#define CHECK_AND_CONTINUE( R ) \ +#define CHECK_AND_CONTINUE(R) \ { \ - int CHECK_AND_CONTINUE_ret = ( R ); \ - if( CHECK_AND_CONTINUE_ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) { \ - mbedtls_printf( "Feature not supported. Skipping.\n" ); \ + int CHECK_AND_CONTINUE_ret = (R); \ + if (CHECK_AND_CONTINUE_ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED) { \ + mbedtls_printf("Feature not supported. Skipping.\n"); \ continue; \ } \ - else if( CHECK_AND_CONTINUE_ret != 0 ) { \ - mbedtls_exit( 1 ); \ + else if (CHECK_AND_CONTINUE_ret != 0) { \ + mbedtls_exit(1); \ } \ } @@ -244,34 +245,33 @@ static int myrand( void *rng_state, unsigned char *output, size_t len ) * Clear some memory that was used to prepare the context */ #if defined(MBEDTLS_ECP_C) -void ecp_clear_precomputed( mbedtls_ecp_group *grp ) +void ecp_clear_precomputed(mbedtls_ecp_group *grp) { - if( grp->T != NULL ) - { + if (grp->T != NULL) { size_t i; - for( i = 0; i < grp->T_size; i++ ) - mbedtls_ecp_point_free( &grp->T[i] ); - mbedtls_free( grp->T ); + for (i = 0; i < grp->T_size; i++) { + mbedtls_ecp_point_free(&grp->T[i]); + } + mbedtls_free(grp->T); } grp->T = NULL; grp->T_size = 0; } #else -#define ecp_clear_precomputed( g ) +#define ecp_clear_precomputed(g) #endif #if defined(MBEDTLS_ECP_C) -static int set_ecp_curve( const char *string, mbedtls_ecp_curve_info *curve ) +static int set_ecp_curve(const char *string, mbedtls_ecp_curve_info *curve) { const mbedtls_ecp_curve_info *found = - mbedtls_ecp_curve_info_from_name( string ); - if( found != NULL ) - { + mbedtls_ecp_curve_info_from_name(string); + if (found != NULL) { *curve = *found; - return( 1 ); + return 1; + } else { + return 0; } - else - return( 0 ); } #endif @@ -289,7 +289,7 @@ typedef struct { } todo_list; -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int i; unsigned char tmp[200]; @@ -303,514 +303,498 @@ int main( int argc, char *argv[] ) { MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, { MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, }; - const mbedtls_ecp_curve_info *curve_list = mbedtls_ecp_curve_list( ); + const mbedtls_ecp_curve_info *curve_list = mbedtls_ecp_curve_list(); #endif #if defined(MBEDTLS_ECP_C) (void) curve_list; /* Unused in some configurations where no benchmark uses ECC */ #endif - if( argc <= 1 ) - { - memset( &todo, 1, sizeof( todo ) ); - } - else - { - memset( &todo, 0, sizeof( todo ) ); + if (argc <= 1) { + memset(&todo, 1, sizeof(todo)); + } else { + memset(&todo, 0, sizeof(todo)); - for( i = 1; i < argc; i++ ) - { - if( strcmp( argv[i], "md4" ) == 0 ) + for (i = 1; i < argc; i++) { + if (strcmp(argv[i], "md4") == 0) { todo.md4 = 1; - else if( strcmp( argv[i], "md5" ) == 0 ) + } else if (strcmp(argv[i], "md5") == 0) { todo.md5 = 1; - else if( strcmp( argv[i], "ripemd160" ) == 0 ) + } else if (strcmp(argv[i], "ripemd160") == 0) { todo.ripemd160 = 1; - else if( strcmp( argv[i], "sha1" ) == 0 ) + } else if (strcmp(argv[i], "sha1") == 0) { todo.sha1 = 1; - else if( strcmp( argv[i], "sha256" ) == 0 ) + } else if (strcmp(argv[i], "sha256") == 0) { todo.sha256 = 1; - else if( strcmp( argv[i], "sha512" ) == 0 ) + } else if (strcmp(argv[i], "sha512") == 0) { todo.sha512 = 1; - else if( strcmp( argv[i], "arc4" ) == 0 ) + } else if (strcmp(argv[i], "arc4") == 0) { todo.arc4 = 1; - else if( strcmp( argv[i], "des3" ) == 0 ) + } else if (strcmp(argv[i], "des3") == 0) { todo.des3 = 1; - else if( strcmp( argv[i], "des" ) == 0 ) + } else if (strcmp(argv[i], "des") == 0) { todo.des = 1; - else if( strcmp( argv[i], "aes_cbc" ) == 0 ) + } else if (strcmp(argv[i], "aes_cbc") == 0) { todo.aes_cbc = 1; - else if( strcmp( argv[i], "aes_xts" ) == 0 ) + } else if (strcmp(argv[i], "aes_xts") == 0) { todo.aes_xts = 1; - else if( strcmp( argv[i], "aes_gcm" ) == 0 ) + } else if (strcmp(argv[i], "aes_gcm") == 0) { todo.aes_gcm = 1; - else if( strcmp( argv[i], "aes_ccm" ) == 0 ) + } else if (strcmp(argv[i], "aes_ccm") == 0) { todo.aes_ccm = 1; - else if( strcmp( argv[i], "chachapoly" ) == 0 ) + } else if (strcmp(argv[i], "chachapoly") == 0) { todo.chachapoly = 1; - else if( strcmp( argv[i], "aes_cmac" ) == 0 ) + } else if (strcmp(argv[i], "aes_cmac") == 0) { todo.aes_cmac = 1; - else if( strcmp( argv[i], "des3_cmac" ) == 0 ) + } else if (strcmp(argv[i], "des3_cmac") == 0) { todo.des3_cmac = 1; - else if( strcmp( argv[i], "aria" ) == 0 ) + } else if (strcmp(argv[i], "aria") == 0) { todo.aria = 1; - else if( strcmp( argv[i], "camellia" ) == 0 ) + } else if (strcmp(argv[i], "camellia") == 0) { todo.camellia = 1; - else if( strcmp( argv[i], "blowfish" ) == 0 ) + } else if (strcmp(argv[i], "blowfish") == 0) { todo.blowfish = 1; - else if( strcmp( argv[i], "chacha20" ) == 0 ) + } else if (strcmp(argv[i], "chacha20") == 0) { todo.chacha20 = 1; - else if( strcmp( argv[i], "poly1305" ) == 0 ) + } else if (strcmp(argv[i], "poly1305") == 0) { todo.poly1305 = 1; - else if( strcmp( argv[i], "havege" ) == 0 ) + } else if (strcmp(argv[i], "havege") == 0) { todo.havege = 1; - else if( strcmp( argv[i], "ctr_drbg" ) == 0 ) + } else if (strcmp(argv[i], "ctr_drbg") == 0) { todo.ctr_drbg = 1; - else if( strcmp( argv[i], "hmac_drbg" ) == 0 ) + } else if (strcmp(argv[i], "hmac_drbg") == 0) { todo.hmac_drbg = 1; - else if( strcmp( argv[i], "rsa" ) == 0 ) + } else if (strcmp(argv[i], "rsa") == 0) { todo.rsa = 1; - else if( strcmp( argv[i], "dhm" ) == 0 ) + } else if (strcmp(argv[i], "dhm") == 0) { todo.dhm = 1; - else if( strcmp( argv[i], "ecdsa" ) == 0 ) + } else if (strcmp(argv[i], "ecdsa") == 0) { todo.ecdsa = 1; - else if( strcmp( argv[i], "ecdh" ) == 0 ) + } else if (strcmp(argv[i], "ecdh") == 0) { todo.ecdh = 1; + } #if defined(MBEDTLS_ECP_C) - else if( set_ecp_curve( argv[i], single_curve ) ) + else if (set_ecp_curve(argv[i], single_curve)) { curve_list = single_curve; + } #endif - else - { - mbedtls_printf( "Unrecognized option: %s\n", argv[i] ); - mbedtls_printf( "Available options: " OPTIONS ); + else { + mbedtls_printf("Unrecognized option: %s\n", argv[i]); + mbedtls_printf("Available options: " OPTIONS); } } } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof( alloc_buf ) ); + mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); #endif - memset( buf, 0xAA, sizeof( buf ) ); - memset( tmp, 0xBB, sizeof( tmp ) ); + memset(buf, 0xAA, sizeof(buf)); + memset(tmp, 0xBB, sizeof(tmp)); #if defined(MBEDTLS_MD4_C) - if( todo.md4 ) - TIME_AND_TSC( "MD4", mbedtls_md4_ret( buf, BUFSIZE, tmp ) ); + if (todo.md4) { + TIME_AND_TSC("MD4", mbedtls_md4_ret(buf, BUFSIZE, tmp)); + } #endif #if defined(MBEDTLS_MD5_C) - if( todo.md5 ) - TIME_AND_TSC( "MD5", mbedtls_md5_ret( buf, BUFSIZE, tmp ) ); + if (todo.md5) { + TIME_AND_TSC("MD5", mbedtls_md5_ret(buf, BUFSIZE, tmp)); + } #endif #if defined(MBEDTLS_RIPEMD160_C) - if( todo.ripemd160 ) - TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160_ret( buf, BUFSIZE, tmp ) ); + if (todo.ripemd160) { + TIME_AND_TSC("RIPEMD160", mbedtls_ripemd160_ret(buf, BUFSIZE, tmp)); + } #endif #if defined(MBEDTLS_SHA1_C) - if( todo.sha1 ) - TIME_AND_TSC( "SHA-1", mbedtls_sha1_ret( buf, BUFSIZE, tmp ) ); + if (todo.sha1) { + TIME_AND_TSC("SHA-1", mbedtls_sha1_ret(buf, BUFSIZE, tmp)); + } #endif #if defined(MBEDTLS_SHA256_C) - if( todo.sha256 ) - TIME_AND_TSC( "SHA-256", mbedtls_sha256_ret( buf, BUFSIZE, tmp, 0 ) ); + if (todo.sha256) { + TIME_AND_TSC("SHA-256", mbedtls_sha256_ret(buf, BUFSIZE, tmp, 0)); + } #endif #if defined(MBEDTLS_SHA512_C) - if( todo.sha512 ) - TIME_AND_TSC( "SHA-512", mbedtls_sha512_ret( buf, BUFSIZE, tmp, 0 ) ); + if (todo.sha512) { + TIME_AND_TSC("SHA-512", mbedtls_sha512_ret(buf, BUFSIZE, tmp, 0)); + } #endif #if defined(MBEDTLS_ARC4_C) - if( todo.arc4 ) - { + if (todo.arc4) { mbedtls_arc4_context arc4; - mbedtls_arc4_init( &arc4 ); - mbedtls_arc4_setup( &arc4, tmp, 32 ); - TIME_AND_TSC( "ARC4", mbedtls_arc4_crypt( &arc4, BUFSIZE, buf, buf ) ); - mbedtls_arc4_free( &arc4 ); + mbedtls_arc4_init(&arc4); + mbedtls_arc4_setup(&arc4, tmp, 32); + TIME_AND_TSC("ARC4", mbedtls_arc4_crypt(&arc4, BUFSIZE, buf, buf)); + mbedtls_arc4_free(&arc4); } #endif #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) - if( todo.des3 ) - { + if (todo.des3) { mbedtls_des3_context des3; - mbedtls_des3_init( &des3 ); - if( mbedtls_des3_set3key_enc( &des3, tmp ) != 0 ) - mbedtls_exit( 1 ); - TIME_AND_TSC( "3DES", - mbedtls_des3_crypt_cbc( &des3, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); - mbedtls_des3_free( &des3 ); + mbedtls_des3_init(&des3); + if (mbedtls_des3_set3key_enc(&des3, tmp) != 0) { + mbedtls_exit(1); + } + TIME_AND_TSC("3DES", + mbedtls_des3_crypt_cbc(&des3, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf)); + mbedtls_des3_free(&des3); } - if( todo.des ) - { + if (todo.des) { mbedtls_des_context des; - mbedtls_des_init( &des ); - if( mbedtls_des_setkey_enc( &des, tmp ) != 0 ) - mbedtls_exit( 1 ); - TIME_AND_TSC( "DES", - mbedtls_des_crypt_cbc( &des, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); - mbedtls_des_free( &des ); + mbedtls_des_init(&des); + if (mbedtls_des_setkey_enc(&des, tmp) != 0) { + mbedtls_exit(1); + } + TIME_AND_TSC("DES", + mbedtls_des_crypt_cbc(&des, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf)); + mbedtls_des_free(&des); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CMAC_C) - if( todo.des3_cmac ) - { + if (todo.des3_cmac) { unsigned char output[8]; const mbedtls_cipher_info_t *cipher_info; - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); - cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_DES_EDE3_ECB ); + cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_DES_EDE3_ECB); - TIME_AND_TSC( "3DES-CMAC", - mbedtls_cipher_cmac( cipher_info, tmp, 192, buf, - BUFSIZE, output ) ); + TIME_AND_TSC("3DES-CMAC", + mbedtls_cipher_cmac(cipher_info, tmp, 192, buf, + BUFSIZE, output)); } #endif /* MBEDTLS_CMAC_C */ #endif /* MBEDTLS_DES_C */ #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) - if( todo.aes_cbc ) - { + if (todo.aes_cbc) { int keysize; mbedtls_aes_context aes; - mbedtls_aes_init( &aes ); - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "AES-CBC-%d", keysize ); + mbedtls_aes_init(&aes); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "AES-CBC-%d", keysize); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - CHECK_AND_CONTINUE( mbedtls_aes_setkey_enc( &aes, tmp, keysize ) ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + CHECK_AND_CONTINUE(mbedtls_aes_setkey_enc(&aes, tmp, keysize)); - TIME_AND_TSC( title, - mbedtls_aes_crypt_cbc( &aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); + TIME_AND_TSC(title, + mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf)); } - mbedtls_aes_free( &aes ); + mbedtls_aes_free(&aes); } #endif #if defined(MBEDTLS_CIPHER_MODE_XTS) - if( todo.aes_xts ) - { + if (todo.aes_xts) { int keysize; mbedtls_aes_xts_context ctx; - mbedtls_aes_xts_init( &ctx ); - for( keysize = 128; keysize <= 256; keysize += 128 ) - { - mbedtls_snprintf( title, sizeof( title ), "AES-XTS-%d", keysize ); + mbedtls_aes_xts_init(&ctx); + for (keysize = 128; keysize <= 256; keysize += 128) { + mbedtls_snprintf(title, sizeof(title), "AES-XTS-%d", keysize); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - CHECK_AND_CONTINUE( mbedtls_aes_xts_setkey_enc( &ctx, tmp, keysize * 2 ) ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + CHECK_AND_CONTINUE(mbedtls_aes_xts_setkey_enc(&ctx, tmp, keysize * 2)); - TIME_AND_TSC( title, - mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, BUFSIZE, - tmp, buf, buf ) ); + TIME_AND_TSC(title, + mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_ENCRYPT, BUFSIZE, + tmp, buf, buf)); - mbedtls_aes_xts_free( &ctx ); + mbedtls_aes_xts_free(&ctx); } } #endif #if defined(MBEDTLS_GCM_C) - if( todo.aes_gcm ) - { + if (todo.aes_gcm) { int keysize; mbedtls_gcm_context gcm; - mbedtls_gcm_init( &gcm ); - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize ); + mbedtls_gcm_init(&gcm); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "AES-GCM-%d", keysize); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - mbedtls_gcm_setkey( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + mbedtls_gcm_setkey(&gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize); - TIME_AND_TSC( title, - mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp, - 12, NULL, 0, buf, buf, 16, tmp ) ); + TIME_AND_TSC(title, + mbedtls_gcm_crypt_and_tag(&gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp, + 12, NULL, 0, buf, buf, 16, tmp)); - mbedtls_gcm_free( &gcm ); + mbedtls_gcm_free(&gcm); } } #endif #if defined(MBEDTLS_CCM_C) - if( todo.aes_ccm ) - { + if (todo.aes_ccm) { int keysize; mbedtls_ccm_context ccm; - mbedtls_ccm_init( &ccm ); - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize ); + mbedtls_ccm_init(&ccm); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "AES-CCM-%d", keysize); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - mbedtls_ccm_setkey( &ccm, MBEDTLS_CIPHER_ID_AES, tmp, keysize ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + mbedtls_ccm_setkey(&ccm, MBEDTLS_CIPHER_ID_AES, tmp, keysize); - TIME_AND_TSC( title, - mbedtls_ccm_encrypt_and_tag( &ccm, BUFSIZE, tmp, - 12, NULL, 0, buf, buf, tmp, 16 ) ); + TIME_AND_TSC(title, + mbedtls_ccm_encrypt_and_tag(&ccm, BUFSIZE, tmp, + 12, NULL, 0, buf, buf, tmp, 16)); - mbedtls_ccm_free( &ccm ); + mbedtls_ccm_free(&ccm); } } #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if( todo.chachapoly ) - { + if (todo.chachapoly) { mbedtls_chachapoly_context chachapoly; - mbedtls_chachapoly_init( &chachapoly ); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); + mbedtls_chachapoly_init(&chachapoly); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); - mbedtls_snprintf( title, sizeof( title ), "ChaCha20-Poly1305" ); + mbedtls_snprintf(title, sizeof(title), "ChaCha20-Poly1305"); - mbedtls_chachapoly_setkey( &chachapoly, tmp ); + mbedtls_chachapoly_setkey(&chachapoly, tmp); - TIME_AND_TSC( title, - mbedtls_chachapoly_encrypt_and_tag( &chachapoly, - BUFSIZE, tmp, NULL, 0, buf, buf, tmp ) ); + TIME_AND_TSC(title, + mbedtls_chachapoly_encrypt_and_tag(&chachapoly, + BUFSIZE, tmp, NULL, 0, buf, buf, tmp)); - mbedtls_chachapoly_free( &chachapoly ); + mbedtls_chachapoly_free(&chachapoly); } #endif #if defined(MBEDTLS_CMAC_C) - if( todo.aes_cmac ) - { + if (todo.aes_cmac) { unsigned char output[16]; const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_type_t cipher_type; int keysize; - for( keysize = 128, cipher_type = MBEDTLS_CIPHER_AES_128_ECB; + for (keysize = 128, cipher_type = MBEDTLS_CIPHER_AES_128_ECB; keysize <= 256; - keysize += 64, cipher_type++ ) - { - mbedtls_snprintf( title, sizeof( title ), "AES-CMAC-%d", keysize ); + keysize += 64, cipher_type++) { + mbedtls_snprintf(title, sizeof(title), "AES-CMAC-%d", keysize); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); - cipher_info = mbedtls_cipher_info_from_type( cipher_type ); + cipher_info = mbedtls_cipher_info_from_type(cipher_type); - TIME_AND_TSC( title, - mbedtls_cipher_cmac( cipher_info, tmp, keysize, - buf, BUFSIZE, output ) ); + TIME_AND_TSC(title, + mbedtls_cipher_cmac(cipher_info, tmp, keysize, + buf, BUFSIZE, output)); } - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - TIME_AND_TSC( "AES-CMAC-PRF-128", - mbedtls_aes_cmac_prf_128( tmp, 16, buf, BUFSIZE, - output ) ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + TIME_AND_TSC("AES-CMAC-PRF-128", + mbedtls_aes_cmac_prf_128(tmp, 16, buf, BUFSIZE, + output)); } #endif /* MBEDTLS_CMAC_C */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_ARIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC) - if( todo.aria ) - { + if (todo.aria) { int keysize; mbedtls_aria_context aria; - mbedtls_aria_init( &aria ); - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "ARIA-CBC-%d", keysize ); - - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - mbedtls_aria_setkey_enc( &aria, tmp, keysize ); - - TIME_AND_TSC( title, - mbedtls_aria_crypt_cbc( &aria, MBEDTLS_ARIA_ENCRYPT, - BUFSIZE, tmp, buf, buf ) ); + mbedtls_aria_init(&aria); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "ARIA-CBC-%d", keysize); + + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + mbedtls_aria_setkey_enc(&aria, tmp, keysize); + + TIME_AND_TSC(title, + mbedtls_aria_crypt_cbc(&aria, MBEDTLS_ARIA_ENCRYPT, + BUFSIZE, tmp, buf, buf)); } - mbedtls_aria_free( &aria ); + mbedtls_aria_free(&aria); } #endif #if defined(MBEDTLS_CAMELLIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC) - if( todo.camellia ) - { + if (todo.camellia) { int keysize; mbedtls_camellia_context camellia; - mbedtls_camellia_init( &camellia ); - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize ); - - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - mbedtls_camellia_setkey_enc( &camellia, tmp, keysize ); - - TIME_AND_TSC( title, - mbedtls_camellia_crypt_cbc( &camellia, MBEDTLS_CAMELLIA_ENCRYPT, - BUFSIZE, tmp, buf, buf ) ); + mbedtls_camellia_init(&camellia); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "CAMELLIA-CBC-%d", keysize); + + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + mbedtls_camellia_setkey_enc(&camellia, tmp, keysize); + + TIME_AND_TSC(title, + mbedtls_camellia_crypt_cbc(&camellia, MBEDTLS_CAMELLIA_ENCRYPT, + BUFSIZE, tmp, buf, buf)); } - mbedtls_camellia_free( &camellia ); + mbedtls_camellia_free(&camellia); } #endif #if defined(MBEDTLS_CHACHA20_C) - if ( todo.chacha20 ) - { - TIME_AND_TSC( "ChaCha20", mbedtls_chacha20_crypt( buf, buf, 0U, BUFSIZE, buf, buf ) ); + if (todo.chacha20) { + TIME_AND_TSC("ChaCha20", mbedtls_chacha20_crypt(buf, buf, 0U, BUFSIZE, buf, buf)); } #endif #if defined(MBEDTLS_POLY1305_C) - if ( todo.poly1305 ) - { - TIME_AND_TSC( "Poly1305", mbedtls_poly1305_mac( buf, buf, BUFSIZE, buf ) ); + if (todo.poly1305) { + TIME_AND_TSC("Poly1305", mbedtls_poly1305_mac(buf, buf, BUFSIZE, buf)); } #endif #if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC) - if( todo.blowfish ) - { + if (todo.blowfish) { int keysize; mbedtls_blowfish_context blowfish; - mbedtls_blowfish_init( &blowfish ); + mbedtls_blowfish_init(&blowfish); - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize ); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "BLOWFISH-CBC-%d", keysize); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - mbedtls_blowfish_setkey( &blowfish, tmp, keysize ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + mbedtls_blowfish_setkey(&blowfish, tmp, keysize); - TIME_AND_TSC( title, - mbedtls_blowfish_crypt_cbc( &blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE, - tmp, buf, buf ) ); + TIME_AND_TSC(title, + mbedtls_blowfish_crypt_cbc(&blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE, + tmp, buf, buf)); } - mbedtls_blowfish_free( &blowfish ); + mbedtls_blowfish_free(&blowfish); } #endif #if defined(MBEDTLS_HAVEGE_C) - if( todo.havege ) - { + if (todo.havege) { mbedtls_havege_state hs; - mbedtls_havege_init( &hs ); - TIME_AND_TSC( "HAVEGE", mbedtls_havege_random( &hs, buf, BUFSIZE ) ); - mbedtls_havege_free( &hs ); + mbedtls_havege_init(&hs); + TIME_AND_TSC("HAVEGE", mbedtls_havege_random(&hs, buf, BUFSIZE)); + mbedtls_havege_free(&hs); } #endif #if defined(MBEDTLS_CTR_DRBG_C) - if( todo.ctr_drbg ) - { + if (todo.ctr_drbg) { mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ctr_drbg_init( &ctr_drbg ); - if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) + mbedtls_ctr_drbg_init(&ctr_drbg); + if (mbedtls_ctr_drbg_seed(&ctr_drbg, myrand, NULL, NULL, 0) != 0) { mbedtls_exit(1); - TIME_AND_TSC( "CTR_DRBG (NOPR)", - mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) ); - mbedtls_ctr_drbg_free( &ctr_drbg ); + } + TIME_AND_TSC("CTR_DRBG (NOPR)", + mbedtls_ctr_drbg_random(&ctr_drbg, buf, BUFSIZE)); + mbedtls_ctr_drbg_free(&ctr_drbg); - mbedtls_ctr_drbg_init( &ctr_drbg ); - if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) + mbedtls_ctr_drbg_init(&ctr_drbg); + if (mbedtls_ctr_drbg_seed(&ctr_drbg, myrand, NULL, NULL, 0) != 0) { mbedtls_exit(1); - mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON ); - TIME_AND_TSC( "CTR_DRBG (PR)", - mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) ); - mbedtls_ctr_drbg_free( &ctr_drbg ); + } + mbedtls_ctr_drbg_set_prediction_resistance(&ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON); + TIME_AND_TSC("CTR_DRBG (PR)", + mbedtls_ctr_drbg_random(&ctr_drbg, buf, BUFSIZE)); + mbedtls_ctr_drbg_free(&ctr_drbg); } #endif #if defined(MBEDTLS_HMAC_DRBG_C) && \ - ( defined(MBEDTLS_SHA1_C) || defined(MBEDTLS_SHA256_C) ) - if( todo.hmac_drbg ) - { + (defined(MBEDTLS_SHA1_C) || defined(MBEDTLS_SHA256_C)) + if (todo.hmac_drbg) { mbedtls_hmac_drbg_context hmac_drbg; const mbedtls_md_info_t *md_info; - mbedtls_hmac_drbg_init( &hmac_drbg ); + mbedtls_hmac_drbg_init(&hmac_drbg); #if defined(MBEDTLS_SHA1_C) - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) + if ((md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1)) == NULL) { mbedtls_exit(1); + } - if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) + if (mbedtls_hmac_drbg_seed(&hmac_drbg, md_info, myrand, NULL, NULL, 0) != 0) { mbedtls_exit(1); - TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)", - mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) ); + } + TIME_AND_TSC("HMAC_DRBG SHA-1 (NOPR)", + mbedtls_hmac_drbg_random(&hmac_drbg, buf, BUFSIZE)); - if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) + if (mbedtls_hmac_drbg_seed(&hmac_drbg, md_info, myrand, NULL, NULL, 0) != 0) { mbedtls_exit(1); - mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg, - MBEDTLS_HMAC_DRBG_PR_ON ); - TIME_AND_TSC( "HMAC_DRBG SHA-1 (PR)", - mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) ); + } + mbedtls_hmac_drbg_set_prediction_resistance(&hmac_drbg, + MBEDTLS_HMAC_DRBG_PR_ON); + TIME_AND_TSC("HMAC_DRBG SHA-1 (PR)", + mbedtls_hmac_drbg_random(&hmac_drbg, buf, BUFSIZE)); #endif #if defined(MBEDTLS_SHA256_C) - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL ) + if ((md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256)) == NULL) { mbedtls_exit(1); + } - if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) + if (mbedtls_hmac_drbg_seed(&hmac_drbg, md_info, myrand, NULL, NULL, 0) != 0) { mbedtls_exit(1); - TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)", - mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) ); + } + TIME_AND_TSC("HMAC_DRBG SHA-256 (NOPR)", + mbedtls_hmac_drbg_random(&hmac_drbg, buf, BUFSIZE)); - if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) + if (mbedtls_hmac_drbg_seed(&hmac_drbg, md_info, myrand, NULL, NULL, 0) != 0) { mbedtls_exit(1); - mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg, - MBEDTLS_HMAC_DRBG_PR_ON ); - TIME_AND_TSC( "HMAC_DRBG SHA-256 (PR)", - mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) ); + } + mbedtls_hmac_drbg_set_prediction_resistance(&hmac_drbg, + MBEDTLS_HMAC_DRBG_PR_ON); + TIME_AND_TSC("HMAC_DRBG SHA-256 (PR)", + mbedtls_hmac_drbg_random(&hmac_drbg, buf, BUFSIZE)); #endif - mbedtls_hmac_drbg_free( &hmac_drbg ); + mbedtls_hmac_drbg_free(&hmac_drbg); } #endif /* MBEDTLS_HMAC_DRBG_C && ( MBEDTLS_SHA1_C || MBEDTLS_SHA256_C ) */ #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) - if( todo.rsa ) - { + if (todo.rsa) { int keysize; mbedtls_rsa_context rsa; - for( keysize = 2048; keysize <= 4096; keysize *= 2 ) - { - mbedtls_snprintf( title, sizeof( title ), "RSA-%d", keysize ); + for (keysize = 2048; keysize <= 4096; keysize *= 2) { + mbedtls_snprintf(title, sizeof(title), "RSA-%d", keysize); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_rsa_gen_key( &rsa, myrand, NULL, keysize, 65537 ); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_rsa_gen_key(&rsa, myrand, NULL, keysize, 65537); - TIME_PUBLIC( title, " public", - buf[0] = 0; - ret = mbedtls_rsa_public( &rsa, buf, buf ) ); + TIME_PUBLIC(title, " public", + buf[0] = 0; + ret = mbedtls_rsa_public(&rsa, buf, buf)); - TIME_PUBLIC( title, "private", - buf[0] = 0; - ret = mbedtls_rsa_private( &rsa, myrand, NULL, buf, buf ) ); + TIME_PUBLIC(title, "private", + buf[0] = 0; + ret = mbedtls_rsa_private(&rsa, myrand, NULL, buf, buf)); - mbedtls_rsa_free( &rsa ); + mbedtls_rsa_free(&rsa); } } #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_BIGNUM_C) - if( todo.dhm ) - { + if (todo.dhm) { int dhm_sizes[] = { 2048, 3072 }; static const unsigned char dhm_P_2048[] = MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN; @@ -822,109 +806,110 @@ int main( int argc, char *argv[] ) MBEDTLS_DHM_RFC3526_MODP_3072_G_BIN; const unsigned char *dhm_P[] = { dhm_P_2048, dhm_P_3072 }; - const size_t dhm_P_size[] = { sizeof( dhm_P_2048 ), - sizeof( dhm_P_3072 ) }; + const size_t dhm_P_size[] = { sizeof(dhm_P_2048), + sizeof(dhm_P_3072) }; const unsigned char *dhm_G[] = { dhm_G_2048, dhm_G_3072 }; - const size_t dhm_G_size[] = { sizeof( dhm_G_2048 ), - sizeof( dhm_G_3072 ) }; + const size_t dhm_G_size[] = { sizeof(dhm_G_2048), + sizeof(dhm_G_3072) }; mbedtls_dhm_context dhm; size_t olen; - for( i = 0; (size_t) i < sizeof( dhm_sizes ) / sizeof( dhm_sizes[0] ); i++ ) - { - mbedtls_dhm_init( &dhm ); - - if( mbedtls_mpi_read_binary( &dhm.P, dhm_P[i], - dhm_P_size[i] ) != 0 || - mbedtls_mpi_read_binary( &dhm.G, dhm_G[i], - dhm_G_size[i] ) != 0 ) - { - mbedtls_exit( 1 ); + for (i = 0; (size_t) i < sizeof(dhm_sizes) / sizeof(dhm_sizes[0]); i++) { + mbedtls_dhm_init(&dhm); + + if (mbedtls_mpi_read_binary(&dhm.P, dhm_P[i], + dhm_P_size[i]) != 0 || + mbedtls_mpi_read_binary(&dhm.G, dhm_G[i], + dhm_G_size[i]) != 0) { + mbedtls_exit(1); } - dhm.len = mbedtls_mpi_size( &dhm.P ); - mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL ); - if( mbedtls_mpi_copy( &dhm.GY, &dhm.GX ) != 0 ) - mbedtls_exit( 1 ); + dhm.len = mbedtls_mpi_size(&dhm.P); + mbedtls_dhm_make_public(&dhm, (int) dhm.len, buf, dhm.len, myrand, NULL); + if (mbedtls_mpi_copy(&dhm.GY, &dhm.GX) != 0) { + mbedtls_exit(1); + } - mbedtls_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] ); - TIME_PUBLIC( title, "handshake", - ret |= mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, - myrand, NULL ); - ret |= mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &olen, myrand, NULL ) ); + mbedtls_snprintf(title, sizeof(title), "DHE-%d", dhm_sizes[i]); + TIME_PUBLIC(title, "handshake", + ret |= mbedtls_dhm_make_public(&dhm, (int) dhm.len, buf, dhm.len, + myrand, NULL); + ret |= + mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &olen, myrand, NULL)); - mbedtls_snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] ); - TIME_PUBLIC( title, "handshake", - ret |= mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &olen, myrand, NULL ) ); + mbedtls_snprintf(title, sizeof(title), "DH-%d", dhm_sizes[i]); + TIME_PUBLIC(title, "handshake", + ret |= + mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &olen, myrand, NULL)); - mbedtls_dhm_free( &dhm ); + mbedtls_dhm_free(&dhm); } } #endif #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_SHA256_C) - if( todo.ecdsa ) - { + if (todo.ecdsa) { mbedtls_ecdsa_context ecdsa; const mbedtls_ecp_curve_info *curve_info; size_t sig_len; - memset( buf, 0x2A, sizeof( buf ) ); + memset(buf, 0x2A, sizeof(buf)); - for( curve_info = curve_list; + for (curve_info = curve_list; curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( ! mbedtls_ecdsa_can_do( curve_info->grp_id ) ) + curve_info++) { + if (!mbedtls_ecdsa_can_do(curve_info->grp_id)) { continue; + } - mbedtls_ecdsa_init( &ecdsa ); + mbedtls_ecdsa_init(&ecdsa); - if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ) - mbedtls_exit( 1 ); - ecp_clear_precomputed( &ecdsa.grp ); + if (mbedtls_ecdsa_genkey(&ecdsa, curve_info->grp_id, myrand, NULL) != 0) { + mbedtls_exit(1); + } + ecp_clear_precomputed(&ecdsa.grp); - mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s", - curve_info->name ); - TIME_PUBLIC( title, "sign", - ret = mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size, - tmp, &sig_len, myrand, NULL ) ); + mbedtls_snprintf(title, sizeof(title), "ECDSA-%s", + curve_info->name); + TIME_PUBLIC(title, "sign", + ret = + mbedtls_ecdsa_write_signature(&ecdsa, MBEDTLS_MD_SHA256, buf, + curve_info->bit_size, + tmp, &sig_len, myrand, NULL)); - mbedtls_ecdsa_free( &ecdsa ); + mbedtls_ecdsa_free(&ecdsa); } - for( curve_info = curve_list; + for (curve_info = curve_list; curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( ! mbedtls_ecdsa_can_do( curve_info->grp_id ) ) + curve_info++) { + if (!mbedtls_ecdsa_can_do(curve_info->grp_id)) { continue; + } - mbedtls_ecdsa_init( &ecdsa ); + mbedtls_ecdsa_init(&ecdsa); - if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 || - mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size, - tmp, &sig_len, myrand, NULL ) != 0 ) - { - mbedtls_exit( 1 ); + if (mbedtls_ecdsa_genkey(&ecdsa, curve_info->grp_id, myrand, NULL) != 0 || + mbedtls_ecdsa_write_signature(&ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size, + tmp, &sig_len, myrand, NULL) != 0) { + mbedtls_exit(1); } - ecp_clear_precomputed( &ecdsa.grp ); + ecp_clear_precomputed(&ecdsa.grp); - mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s", - curve_info->name ); - TIME_PUBLIC( title, "verify", - ret = mbedtls_ecdsa_read_signature( &ecdsa, buf, curve_info->bit_size, - tmp, sig_len ) ); + mbedtls_snprintf(title, sizeof(title), "ECDSA-%s", + curve_info->name); + TIME_PUBLIC(title, "verify", + ret = mbedtls_ecdsa_read_signature(&ecdsa, buf, curve_info->bit_size, + tmp, sig_len)); - mbedtls_ecdsa_free( &ecdsa ); + mbedtls_ecdsa_free(&ecdsa); } } #endif #if defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - if( todo.ecdh ) - { + if (todo.ecdh) { mbedtls_ecdh_context ecdh; mbedtls_mpi z; const mbedtls_ecp_curve_info montgomery_curve_list[] = { @@ -941,170 +926,176 @@ int main( int argc, char *argv[] ) const mbedtls_ecp_curve_info *selected_montgomery_curve_list = montgomery_curve_list; - if( curve_list == (const mbedtls_ecp_curve_info*) &single_curve ) - { + if (curve_list == (const mbedtls_ecp_curve_info *) &single_curve) { mbedtls_ecp_group grp; - mbedtls_ecp_group_init( &grp ); - if( mbedtls_ecp_group_load( &grp, curve_list->grp_id ) != 0 ) - mbedtls_exit( 1 ); - if( mbedtls_ecp_get_type( &grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) + mbedtls_ecp_group_init(&grp); + if (mbedtls_ecp_group_load(&grp, curve_list->grp_id) != 0) { + mbedtls_exit(1); + } + if (mbedtls_ecp_get_type(&grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { selected_montgomery_curve_list = single_curve; - else /* empty list */ + } else { /* empty list */ selected_montgomery_curve_list = single_curve + 1; - mbedtls_ecp_group_free( &grp ); + } + mbedtls_ecp_group_free(&grp); } - for( curve_info = curve_list; + for (curve_info = curve_list; curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( ! mbedtls_ecdh_can_do( curve_info->grp_id ) ) + curve_info++) { + if (!mbedtls_ecdh_can_do(curve_info->grp_id)) { continue; + } - mbedtls_ecdh_init( &ecdh ); - - CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), - myrand, NULL ) ); - CHECK_AND_CONTINUE( mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) ); - ecp_clear_precomputed( &ecdh.grp ); - - mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", - curve_info->name ); - TIME_PUBLIC( title, "handshake", - CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), - myrand, NULL ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ), - myrand, NULL ) ) ); - mbedtls_ecdh_free( &ecdh ); + mbedtls_ecdh_init(&ecdh); + + CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id)); + CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf), + myrand, NULL)); + CHECK_AND_CONTINUE(mbedtls_ecp_copy(&ecdh.Qp, &ecdh.Q)); + ecp_clear_precomputed(&ecdh.grp); + + mbedtls_snprintf(title, sizeof(title), "ECDHE-%s", + curve_info->name); + TIME_PUBLIC(title, "handshake", + CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf), + myrand, NULL)); + CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh, &olen, buf, sizeof(buf), + myrand, NULL))); + mbedtls_ecdh_free(&ecdh); } /* Montgomery curves need to be handled separately */ - for ( curve_info = selected_montgomery_curve_list; - curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - mbedtls_ecdh_init( &ecdh ); - mbedtls_mpi_init( &z ); - - CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) ); - - mbedtls_snprintf( title, sizeof(title), "ECDHE-%s", - curve_info->name ); - TIME_PUBLIC( title, "handshake", - CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, - myrand, NULL ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d, - myrand, NULL ) ) ); - - mbedtls_ecdh_free( &ecdh ); - mbedtls_mpi_free( &z ); + for (curve_info = selected_montgomery_curve_list; + curve_info->grp_id != MBEDTLS_ECP_DP_NONE; + curve_info++) { + mbedtls_ecdh_init(&ecdh); + mbedtls_mpi_init(&z); + + CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id)); + CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL)); + + mbedtls_snprintf(title, sizeof(title), "ECDHE-%s", + curve_info->name); + TIME_PUBLIC(title, "handshake", + CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Q, + myrand, NULL)); + CHECK_AND_CONTINUE(mbedtls_ecdh_compute_shared(&ecdh.grp, &z, &ecdh.Qp, + &ecdh.d, + myrand, NULL))); + + mbedtls_ecdh_free(&ecdh); + mbedtls_mpi_free(&z); } - for( curve_info = curve_list; + for (curve_info = curve_list; curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( ! mbedtls_ecdh_can_do( curve_info->grp_id ) ) + curve_info++) { + if (!mbedtls_ecdh_can_do(curve_info->grp_id)) { continue; + } - mbedtls_ecdh_init( &ecdh ); - - CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), - myrand, NULL ) ); - CHECK_AND_CONTINUE( mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), - myrand, NULL ) ); - ecp_clear_precomputed( &ecdh.grp ); - - mbedtls_snprintf( title, sizeof( title ), "ECDH-%s", - curve_info->name ); - TIME_PUBLIC( title, "handshake", - CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ), - myrand, NULL ) ) ); - mbedtls_ecdh_free( &ecdh ); + mbedtls_ecdh_init(&ecdh); + + CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id)); + CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf), + myrand, NULL)); + CHECK_AND_CONTINUE(mbedtls_ecp_copy(&ecdh.Qp, &ecdh.Q)); + CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf), + myrand, NULL)); + ecp_clear_precomputed(&ecdh.grp); + + mbedtls_snprintf(title, sizeof(title), "ECDH-%s", + curve_info->name); + TIME_PUBLIC(title, "handshake", + CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh, &olen, buf, sizeof(buf), + myrand, NULL))); + mbedtls_ecdh_free(&ecdh); } /* Montgomery curves need to be handled separately */ - for ( curve_info = selected_montgomery_curve_list; - curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++) - { - mbedtls_ecdh_init( &ecdh ); - mbedtls_mpi_init( &z ); - - CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, - myrand, NULL ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) ); - - mbedtls_snprintf( title, sizeof(title), "ECDH-%s", - curve_info->name ); - TIME_PUBLIC( title, "handshake", - CHECK_AND_CONTINUE( mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d, - myrand, NULL ) ) ); - - mbedtls_ecdh_free( &ecdh ); - mbedtls_mpi_free( &z ); + for (curve_info = selected_montgomery_curve_list; + curve_info->grp_id != MBEDTLS_ECP_DP_NONE; + curve_info++) { + mbedtls_ecdh_init(&ecdh); + mbedtls_mpi_init(&z); + + CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id)); + CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Qp, + myrand, NULL)); + CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL)); + + mbedtls_snprintf(title, sizeof(title), "ECDH-%s", + curve_info->name); + TIME_PUBLIC(title, "handshake", + CHECK_AND_CONTINUE(mbedtls_ecdh_compute_shared(&ecdh.grp, &z, &ecdh.Qp, + &ecdh.d, + myrand, NULL))); + + mbedtls_ecdh_free(&ecdh); + mbedtls_mpi_free(&z); } } #endif #if defined(MBEDTLS_ECDH_C) - if( todo.ecdh ) - { + if (todo.ecdh) { mbedtls_ecdh_context ecdh_srv, ecdh_cli; unsigned char buf_srv[BUFSIZE], buf_cli[BUFSIZE]; const mbedtls_ecp_curve_info *curve_info; size_t olen; - for( curve_info = curve_list; - curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( ! mbedtls_ecdh_can_do( curve_info->grp_id ) ) + for (curve_info = curve_list; + curve_info->grp_id != MBEDTLS_ECP_DP_NONE; + curve_info++) { + if (!mbedtls_ecdh_can_do(curve_info->grp_id)) { continue; + } - mbedtls_ecdh_init( &ecdh_srv ); - mbedtls_ecdh_init( &ecdh_cli ); + mbedtls_ecdh_init(&ecdh_srv); + mbedtls_ecdh_init(&ecdh_cli); - mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); - TIME_PUBLIC( title, "full handshake", - const unsigned char * p_srv = buf_srv; + mbedtls_snprintf(title, sizeof(title), "ECDHE-%s", curve_info->name); + TIME_PUBLIC(title, + "full handshake", + const unsigned char *p_srv = buf_srv; - CHECK_AND_CONTINUE( mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_make_params( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); + CHECK_AND_CONTINUE(mbedtls_ecdh_setup(&ecdh_srv, curve_info->grp_id)); + CHECK_AND_CONTINUE(mbedtls_ecdh_make_params(&ecdh_srv, &olen, buf_srv, + sizeof(buf_srv), myrand, NULL)); - CHECK_AND_CONTINUE( mbedtls_ecdh_read_params( &ecdh_cli, &p_srv, p_srv + olen ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) ); + CHECK_AND_CONTINUE(mbedtls_ecdh_read_params(&ecdh_cli, &p_srv, + p_srv + olen)); + CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh_cli, &olen, buf_cli, + sizeof(buf_cli), myrand, NULL)); - CHECK_AND_CONTINUE( mbedtls_ecdh_read_public( &ecdh_srv, buf_cli, olen ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); + CHECK_AND_CONTINUE(mbedtls_ecdh_read_public(&ecdh_srv, buf_cli, olen)); + CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh_srv, &olen, buf_srv, + sizeof(buf_srv), myrand, NULL)); - CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) ); - mbedtls_ecdh_free( &ecdh_cli ); + CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh_cli, &olen, buf_cli, + sizeof(buf_cli), myrand, NULL)); + mbedtls_ecdh_free(&ecdh_cli); - mbedtls_ecdh_free( &ecdh_srv ); - ); + mbedtls_ecdh_free(&ecdh_srv); + ); } } #endif - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) mbedtls_memory_buffer_alloc_free(); #endif #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( 0 ); + mbedtls_exit(0); } #endif /* MBEDTLS_TIMING_C */ diff --git a/programs/test/cmake_subproject/cmake_subproject.c b/programs/test/cmake_subproject/cmake_subproject.c index 13f7c3d443fb..a83d45acf5cc 100644 --- a/programs/test/cmake_subproject/cmake_subproject.c +++ b/programs/test/cmake_subproject/cmake_subproject.c @@ -36,9 +36,9 @@ int main() /* This version string is 18 bytes long, as advised by version.h. */ char version[18]; - mbedtls_version_get_string_full( version ); + mbedtls_version_get_string_full(version); - mbedtls_printf( "Built against %s\n", version ); + mbedtls_printf("Built against %s\n", version); - return( 0 ); + return 0; } diff --git a/programs/test/dlopen.c b/programs/test/dlopen.c index b07ba665afbb..e8134f654b87 100644 --- a/programs/test/dlopen.c +++ b/programs/test/dlopen.c @@ -41,67 +41,68 @@ #include -#define CHECK_DLERROR( function, argument ) \ +#define CHECK_DLERROR(function, argument) \ do \ { \ - char *CHECK_DLERROR_error = dlerror ( ); \ - if( CHECK_DLERROR_error != NULL ) \ + char *CHECK_DLERROR_error = dlerror(); \ + if (CHECK_DLERROR_error != NULL) \ { \ - fprintf( stderr, "Dynamic loading error for %s(%s): %s\n", \ - function, argument, CHECK_DLERROR_error ); \ - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); \ + fprintf(stderr, "Dynamic loading error for %s(%s): %s\n", \ + function, argument, CHECK_DLERROR_error); \ + mbedtls_exit(MBEDTLS_EXIT_FAILURE); \ } \ } \ - while( 0 ) + while (0) -int main( void ) +int main(void) { #if defined(MBEDTLS_MD_C) || defined(MBEDTLS_SSL_TLS_C) unsigned n; #endif #if defined(MBEDTLS_SSL_TLS_C) - void *tls_so = dlopen( TLS_SO_FILENAME, RTLD_NOW ); - CHECK_DLERROR( "dlopen", TLS_SO_FILENAME ); - const int *( *ssl_list_ciphersuites )( void ) = - dlsym( tls_so, "mbedtls_ssl_list_ciphersuites" ); - CHECK_DLERROR( "dlsym", "mbedtls_ssl_list_ciphersuites" ); - const int *ciphersuites = ssl_list_ciphersuites( ); - for( n = 0; ciphersuites[n] != 0; n++ ) - /* nothing to do, we're just counting */; - mbedtls_printf( "dlopen(%s): %u ciphersuites\n", - TLS_SO_FILENAME, n ); - dlclose( tls_so ); - CHECK_DLERROR( "dlclose", TLS_SO_FILENAME ); + void *tls_so = dlopen(TLS_SO_FILENAME, RTLD_NOW); + CHECK_DLERROR("dlopen", TLS_SO_FILENAME); + const int *(*ssl_list_ciphersuites)(void) = + dlsym(tls_so, "mbedtls_ssl_list_ciphersuites"); + CHECK_DLERROR("dlsym", "mbedtls_ssl_list_ciphersuites"); + const int *ciphersuites = ssl_list_ciphersuites(); + for (n = 0; ciphersuites[n] != 0; n++) {/* nothing to do, we're just counting */ + ; + } + mbedtls_printf("dlopen(%s): %u ciphersuites\n", + TLS_SO_FILENAME, n); + dlclose(tls_so); + CHECK_DLERROR("dlclose", TLS_SO_FILENAME); #endif /* MBEDTLS_SSL_TLS_C */ #if defined(MBEDTLS_X509_CRT_PARSE_C) - void *x509_so = dlopen( X509_SO_FILENAME, RTLD_NOW ); - CHECK_DLERROR( "dlopen", X509_SO_FILENAME ); + void *x509_so = dlopen(X509_SO_FILENAME, RTLD_NOW); + CHECK_DLERROR("dlopen", X509_SO_FILENAME); const mbedtls_x509_crt_profile *profile = - dlsym( x509_so, "mbedtls_x509_crt_profile_default" ); - CHECK_DLERROR( "dlsym", "mbedtls_x509_crt_profile_default" ); - mbedtls_printf( "dlopen(%s): Allowed md mask: %08x\n", - X509_SO_FILENAME, (unsigned) profile->allowed_mds ); - dlclose( x509_so ); - CHECK_DLERROR( "dlclose", X509_SO_FILENAME ); + dlsym(x509_so, "mbedtls_x509_crt_profile_default"); + CHECK_DLERROR("dlsym", "mbedtls_x509_crt_profile_default"); + mbedtls_printf("dlopen(%s): Allowed md mask: %08x\n", + X509_SO_FILENAME, (unsigned) profile->allowed_mds); + dlclose(x509_so); + CHECK_DLERROR("dlclose", X509_SO_FILENAME); #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_MD_C) - void *crypto_so = dlopen( CRYPTO_SO_FILENAME, RTLD_NOW ); - CHECK_DLERROR( "dlopen", CRYPTO_SO_FILENAME ); - const int *( *md_list )( void ) = - dlsym( crypto_so, "mbedtls_md_list" ); - CHECK_DLERROR( "dlsym", "mbedtls_md_list" ); - const int *mds = md_list( ); - for( n = 0; mds[n] != 0; n++ ) - /* nothing to do, we're just counting */; - mbedtls_printf( "dlopen(%s): %u hashes\n", - CRYPTO_SO_FILENAME, n ); - dlclose( crypto_so ); - CHECK_DLERROR( "dlclose", CRYPTO_SO_FILENAME ); + void *crypto_so = dlopen(CRYPTO_SO_FILENAME, RTLD_NOW); + CHECK_DLERROR("dlopen", CRYPTO_SO_FILENAME); + const int *(*md_list)(void) = + dlsym(crypto_so, "mbedtls_md_list"); + CHECK_DLERROR("dlsym", "mbedtls_md_list"); + const int *mds = md_list(); + for (n = 0; mds[n] != 0; n++) {/* nothing to do, we're just counting */ + ; + } + mbedtls_printf("dlopen(%s): %u hashes\n", + CRYPTO_SO_FILENAME, n); + dlclose(crypto_so); + CHECK_DLERROR("dlclose", CRYPTO_SO_FILENAME); #endif /* MBEDTLS_MD_C */ - return( 0 ); + return 0; } - diff --git a/programs/test/query_compile_time_config.c b/programs/test/query_compile_time_config.c index d3f4e7893a12..d846031426c8 100644 --- a/programs/test/query_compile_time_config.c +++ b/programs/test/query_compile_time_config.c @@ -36,19 +36,17 @@ #include #include "query_config.h" -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { - if ( argc != 2 ) - { - mbedtls_printf( USAGE, argv[0] ); - return( MBEDTLS_EXIT_FAILURE ); + if (argc != 2) { + mbedtls_printf(USAGE, argv[0]); + return MBEDTLS_EXIT_FAILURE; } - if( strcmp( argv[1], "-l" ) == 0 ) - { + if (strcmp(argv[1], "-l") == 0) { list_config(); - return( 0 ); + return 0; } - return( query_config( argv[1] ) ); + return query_config(argv[1]); } diff --git a/programs/test/query_config.h b/programs/test/query_config.h index bcc348e53250..54e4a0f8c720 100644 --- a/programs/test/query_config.h +++ b/programs/test/query_config.h @@ -37,7 +37,7 @@ * which is automatically generated by * `scripts/generate_query_config.pl`. */ -int query_config( const char *config ); +int query_config(const char *config); /** List all enabled configuration symbols * @@ -45,6 +45,6 @@ int query_config( const char *config ); * which is automatically generated by * `scripts/generate_query_config.pl`. */ -void list_config( void ); +void list_config(void); #endif /* MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H */ diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 89299f8498a2..598c66e144da 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -70,106 +70,101 @@ /* Sanity check for malloc. This is not expected to fail, and is rather * intended to display potentially useful information about the platform, * in particular the behavior of malloc(0). */ -static int calloc_self_test( int verbose ) +static int calloc_self_test(int verbose) { int failures = 0; - void *empty1 = mbedtls_calloc( 0, 1 ); - void *empty2 = mbedtls_calloc( 0, 1 ); - void *buffer1 = mbedtls_calloc( 1, 1 ); - void *buffer2 = mbedtls_calloc( 1, 1 ); - - if( empty1 == NULL && empty2 == NULL ) - { - if( verbose ) - mbedtls_printf( " CALLOC(0): passed (NULL)\n" ); - } - else if( empty1 == NULL || empty2 == NULL ) - { - if( verbose ) - mbedtls_printf( " CALLOC(0): failed (mix of NULL and non-NULL)\n" ); + void *empty1 = mbedtls_calloc(0, 1); + void *empty2 = mbedtls_calloc(0, 1); + void *buffer1 = mbedtls_calloc(1, 1); + void *buffer2 = mbedtls_calloc(1, 1); + + if (empty1 == NULL && empty2 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(0): passed (NULL)\n"); + } + } else if (empty1 == NULL || empty2 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(0): failed (mix of NULL and non-NULL)\n"); + } ++failures; - } - else if( empty1 == empty2 ) - { - if( verbose ) - mbedtls_printf( " CALLOC(0): passed (same non-null)\n" ); - } - else - { - if( verbose ) - mbedtls_printf( " CALLOC(0): passed (distinct non-null)\n" ); + } else if (empty1 == empty2) { + if (verbose) { + mbedtls_printf(" CALLOC(0): passed (same non-null)\n"); + } + } else { + if (verbose) { + mbedtls_printf(" CALLOC(0): passed (distinct non-null)\n"); + } } - if( buffer1 == NULL || buffer2 == NULL ) - { - if( verbose ) - mbedtls_printf( " CALLOC(1): failed (NULL)\n" ); + if (buffer1 == NULL || buffer2 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(1): failed (NULL)\n"); + } ++failures; - } - else if( buffer1 == buffer2 ) - { - if( verbose ) - mbedtls_printf( " CALLOC(1): failed (same buffer twice)\n" ); + } else if (buffer1 == buffer2) { + if (verbose) { + mbedtls_printf(" CALLOC(1): failed (same buffer twice)\n"); + } ++failures; - } - else - { - if( verbose ) - mbedtls_printf( " CALLOC(1): passed\n" ); + } else { + if (verbose) { + mbedtls_printf(" CALLOC(1): passed\n"); + } } - mbedtls_free( buffer1 ); - buffer1 = mbedtls_calloc( 1, 1 ); - if( buffer1 == NULL ) - { - if( verbose ) - mbedtls_printf( " CALLOC(1 again): failed (NULL)\n" ); + mbedtls_free(buffer1); + buffer1 = mbedtls_calloc(1, 1); + if (buffer1 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(1 again): failed (NULL)\n"); + } ++failures; - } - else - { - if( verbose ) - mbedtls_printf( " CALLOC(1 again): passed\n" ); + } else { + if (verbose) { + mbedtls_printf(" CALLOC(1 again): passed\n"); + } } - if( verbose ) - mbedtls_printf( "\n" ); - mbedtls_free( empty1 ); - mbedtls_free( empty2 ); - mbedtls_free( buffer1 ); - mbedtls_free( buffer2 ); - return( failures ); + if (verbose) { + mbedtls_printf("\n"); + } + mbedtls_free(empty1); + mbedtls_free(empty2); + mbedtls_free(buffer1); + mbedtls_free(buffer2); + return failures; } #endif /* MBEDTLS_SELF_TEST */ -static int test_snprintf( size_t n, const char *ref_buf, int ref_ret ) +static int test_snprintf(size_t n, const char *ref_buf, int ref_ret) { int ret; char buf[10] = "xxxxxxxxx"; const char ref[10] = "xxxxxxxxx"; - ret = mbedtls_snprintf( buf, n, "%s", "123" ); - if( ret < 0 || (size_t) ret >= n ) + ret = mbedtls_snprintf(buf, n, "%s", "123"); + if (ret < 0 || (size_t) ret >= n) { ret = -1; + } - if( strncmp( ref_buf, buf, sizeof( buf ) ) != 0 || + if (strncmp(ref_buf, buf, sizeof(buf)) != 0 || ref_ret != ret || - memcmp( buf + n, ref + n, sizeof( buf ) - n ) != 0 ) - { - return( 1 ); + memcmp(buf + n, ref + n, sizeof(buf) - n) != 0) { + return 1; } - return( 0 ); + return 0; } -static int run_test_snprintf( void ) +static int run_test_snprintf(void) { - return( test_snprintf( 0, "xxxxxxxxx", -1 ) != 0 || - test_snprintf( 1, "", -1 ) != 0 || - test_snprintf( 2, "1", -1 ) != 0 || - test_snprintf( 3, "12", -1 ) != 0 || - test_snprintf( 4, "123", 3 ) != 0 || - test_snprintf( 5, "123", 3 ) != 0 ); + return test_snprintf(0, "xxxxxxxxx", -1) != 0 || + test_snprintf(1, "", -1) != 0 || + test_snprintf(2, "1", -1) != 0 || + test_snprintf(3, "12", -1) != 0 || + test_snprintf(4, "123", 3) != 0 || + test_snprintf(5, "123", 3) != 0; } /* @@ -179,7 +174,7 @@ static int run_test_snprintf( void ) */ #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_ENTROPY_C) #if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_NO_PLATFORM_ENTROPY) -static void create_entropy_seed_file( void ) +static void create_entropy_seed_file(void) { int result; size_t output_len = 0; @@ -187,164 +182,165 @@ static void create_entropy_seed_file( void ) /* Attempt to read the entropy seed file. If this fails - attempt to write * to the file to ensure one is present. */ - result = mbedtls_platform_std_nv_seed_read( seed_value, - MBEDTLS_ENTROPY_BLOCK_SIZE ); - if( 0 == result ) + result = mbedtls_platform_std_nv_seed_read(seed_value, + MBEDTLS_ENTROPY_BLOCK_SIZE); + if (0 == result) { return; + } - result = mbedtls_platform_entropy_poll( NULL, - seed_value, - MBEDTLS_ENTROPY_BLOCK_SIZE, - &output_len ); - if( 0 != result ) + result = mbedtls_platform_entropy_poll(NULL, + seed_value, + MBEDTLS_ENTROPY_BLOCK_SIZE, + &output_len); + if (0 != result) { return; + } - if( MBEDTLS_ENTROPY_BLOCK_SIZE != output_len ) + if (MBEDTLS_ENTROPY_BLOCK_SIZE != output_len) { return; + } - mbedtls_platform_std_nv_seed_write( seed_value, MBEDTLS_ENTROPY_BLOCK_SIZE ); + mbedtls_platform_std_nv_seed_write(seed_value, MBEDTLS_ENTROPY_BLOCK_SIZE); } #endif -int mbedtls_entropy_self_test_wrapper( int verbose ) +int mbedtls_entropy_self_test_wrapper(int verbose) { #if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_NO_PLATFORM_ENTROPY) - create_entropy_seed_file( ); + create_entropy_seed_file(); #endif - return( mbedtls_entropy_self_test( verbose ) ); + return mbedtls_entropy_self_test(verbose); } #endif #if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -int mbedtls_memory_buffer_alloc_free_and_self_test( int verbose ) +int mbedtls_memory_buffer_alloc_free_and_self_test(int verbose) { - if( verbose != 0 ) - { + if (verbose != 0) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_status( ); + mbedtls_memory_buffer_alloc_status(); #endif } - mbedtls_memory_buffer_alloc_free( ); - return( mbedtls_memory_buffer_alloc_self_test( verbose ) ); + mbedtls_memory_buffer_alloc_free(); + return mbedtls_memory_buffer_alloc_self_test(verbose); } #endif -typedef struct -{ +typedef struct { const char *name; - int ( *function )( int ); + int (*function)(int); } selftest_t; const selftest_t selftests[] = { - {"calloc", calloc_self_test}, + { "calloc", calloc_self_test }, #if defined(MBEDTLS_MD2_C) - {"md2", mbedtls_md2_self_test}, + { "md2", mbedtls_md2_self_test }, #endif #if defined(MBEDTLS_MD4_C) - {"md4", mbedtls_md4_self_test}, + { "md4", mbedtls_md4_self_test }, #endif #if defined(MBEDTLS_MD5_C) - {"md5", mbedtls_md5_self_test}, + { "md5", mbedtls_md5_self_test }, #endif #if defined(MBEDTLS_RIPEMD160_C) - {"ripemd160", mbedtls_ripemd160_self_test}, + { "ripemd160", mbedtls_ripemd160_self_test }, #endif #if defined(MBEDTLS_SHA1_C) - {"sha1", mbedtls_sha1_self_test}, + { "sha1", mbedtls_sha1_self_test }, #endif #if defined(MBEDTLS_SHA256_C) - {"sha256", mbedtls_sha256_self_test}, + { "sha256", mbedtls_sha256_self_test }, #endif #if defined(MBEDTLS_SHA512_C) - {"sha512", mbedtls_sha512_self_test}, + { "sha512", mbedtls_sha512_self_test }, #endif #if defined(MBEDTLS_ARC4_C) - {"arc4", mbedtls_arc4_self_test}, + { "arc4", mbedtls_arc4_self_test }, #endif #if defined(MBEDTLS_DES_C) - {"des", mbedtls_des_self_test}, + { "des", mbedtls_des_self_test }, #endif #if defined(MBEDTLS_AES_C) - {"aes", mbedtls_aes_self_test}, + { "aes", mbedtls_aes_self_test }, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) - {"gcm", mbedtls_gcm_self_test}, + { "gcm", mbedtls_gcm_self_test }, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) - {"ccm", mbedtls_ccm_self_test}, + { "ccm", mbedtls_ccm_self_test }, #endif #if defined(MBEDTLS_NIST_KW_C) && defined(MBEDTLS_AES_C) - {"nist_kw", mbedtls_nist_kw_self_test}, + { "nist_kw", mbedtls_nist_kw_self_test }, #endif #if defined(MBEDTLS_CMAC_C) - {"cmac", mbedtls_cmac_self_test}, + { "cmac", mbedtls_cmac_self_test }, #endif #if defined(MBEDTLS_CHACHA20_C) - {"chacha20", mbedtls_chacha20_self_test}, + { "chacha20", mbedtls_chacha20_self_test }, #endif #if defined(MBEDTLS_POLY1305_C) - {"poly1305", mbedtls_poly1305_self_test}, + { "poly1305", mbedtls_poly1305_self_test }, #endif #if defined(MBEDTLS_CHACHAPOLY_C) - {"chacha20-poly1305", mbedtls_chachapoly_self_test}, + { "chacha20-poly1305", mbedtls_chachapoly_self_test }, #endif #if defined(MBEDTLS_BASE64_C) - {"base64", mbedtls_base64_self_test}, + { "base64", mbedtls_base64_self_test }, #endif #if defined(MBEDTLS_BIGNUM_C) - {"mpi", mbedtls_mpi_self_test}, + { "mpi", mbedtls_mpi_self_test }, #endif #if defined(MBEDTLS_RSA_C) - {"rsa", mbedtls_rsa_self_test}, + { "rsa", mbedtls_rsa_self_test }, #endif #if defined(MBEDTLS_X509_USE_C) - {"x509", mbedtls_x509_self_test}, + { "x509", mbedtls_x509_self_test }, #endif #if defined(MBEDTLS_XTEA_C) - {"xtea", mbedtls_xtea_self_test}, + { "xtea", mbedtls_xtea_self_test }, #endif #if defined(MBEDTLS_CAMELLIA_C) - {"camellia", mbedtls_camellia_self_test}, + { "camellia", mbedtls_camellia_self_test }, #endif #if defined(MBEDTLS_ARIA_C) - {"aria", mbedtls_aria_self_test}, + { "aria", mbedtls_aria_self_test }, #endif #if defined(MBEDTLS_CTR_DRBG_C) - {"ctr_drbg", mbedtls_ctr_drbg_self_test}, + { "ctr_drbg", mbedtls_ctr_drbg_self_test }, #endif #if defined(MBEDTLS_HMAC_DRBG_C) - {"hmac_drbg", mbedtls_hmac_drbg_self_test}, + { "hmac_drbg", mbedtls_hmac_drbg_self_test }, #endif #if defined(MBEDTLS_ECP_C) - {"ecp", mbedtls_ecp_self_test}, + { "ecp", mbedtls_ecp_self_test }, #endif #if defined(MBEDTLS_ECJPAKE_C) - {"ecjpake", mbedtls_ecjpake_self_test}, + { "ecjpake", mbedtls_ecjpake_self_test }, #endif #if defined(MBEDTLS_DHM_C) - {"dhm", mbedtls_dhm_self_test}, + { "dhm", mbedtls_dhm_self_test }, #endif #if defined(MBEDTLS_ENTROPY_C) - {"entropy", mbedtls_entropy_self_test_wrapper}, + { "entropy", mbedtls_entropy_self_test_wrapper }, #endif #if defined(MBEDTLS_PKCS5_C) - {"pkcs5", mbedtls_pkcs5_self_test}, + { "pkcs5", mbedtls_pkcs5_self_test }, #endif /* Slower test after the faster ones */ #if defined(MBEDTLS_TIMING_C) - {"timing", mbedtls_timing_self_test}, + { "timing", mbedtls_timing_self_test }, #endif /* Heap test comes last */ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - {"memory_buffer_alloc", mbedtls_memory_buffer_alloc_free_and_self_test}, + { "memory_buffer_alloc", mbedtls_memory_buffer_alloc_free_and_self_test }, #endif - {NULL, NULL} + { NULL, NULL } }; #endif /* MBEDTLS_SELF_TEST */ -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { #if defined(MBEDTLS_SELF_TEST) const selftest_t *test; @@ -363,93 +359,77 @@ int main( int argc, char *argv[] ) * of a NULL pointer. We do however use that in our code for initializing * structures, which should work on every modern platform. Let's be sure. */ - memset( &pointer, 0, sizeof( void * ) ); - if( pointer != NULL ) - { - mbedtls_printf( "all-bits-zero is not a NULL pointer\n" ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + memset(&pointer, 0, sizeof(void *)); + if (pointer != NULL) { + mbedtls_printf("all-bits-zero is not a NULL pointer\n"); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); } /* * Make sure we have a snprintf that correctly zero-terminates */ - if( run_test_snprintf() != 0 ) - { - mbedtls_printf( "the snprintf implementation is broken\n" ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + if (run_test_snprintf() != 0) { + mbedtls_printf("the snprintf implementation is broken\n"); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); } - for( argp = argv + ( argc >= 1 ? 1 : argc ); *argp != NULL; ++argp ) - { - if( strcmp( *argp, "--quiet" ) == 0 || - strcmp( *argp, "-q" ) == 0 ) - { + for (argp = argv + (argc >= 1 ? 1 : argc); *argp != NULL; ++argp) { + if (strcmp(*argp, "--quiet") == 0 || + strcmp(*argp, "-q") == 0) { v = 0; - } - else if( strcmp( *argp, "--exclude" ) == 0 || - strcmp( *argp, "-x" ) == 0 ) - { + } else if (strcmp(*argp, "--exclude") == 0 || + strcmp(*argp, "-x") == 0) { exclude_mode = 1; - } - else + } else { break; + } } - if( v != 0 ) - mbedtls_printf( "\n" ); + if (v != 0) { + mbedtls_printf("\n"); + } #if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_init( buf, sizeof(buf) ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); #endif - if( *argp != NULL && exclude_mode == 0 ) - { + if (*argp != NULL && exclude_mode == 0) { /* Run the specified tests */ - for( ; *argp != NULL; argp++ ) - { - for( test = selftests; test->name != NULL; test++ ) - { - if( !strcmp( *argp, test->name ) ) - { - if( test->function( v ) != 0 ) - { + for (; *argp != NULL; argp++) { + for (test = selftests; test->name != NULL; test++) { + if (!strcmp(*argp, test->name)) { + if (test->function(v) != 0) { suites_failed++; } suites_tested++; break; } } - if( test->name == NULL ) - { - mbedtls_printf( " Test suite %s not available -> failed\n\n", *argp ); + if (test->name == NULL) { + mbedtls_printf(" Test suite %s not available -> failed\n\n", *argp); suites_failed++; } } - } - else - { + } else { /* Run all the tests except excluded ones */ - for( test = selftests; test->name != NULL; test++ ) - { - if( exclude_mode ) - { + for (test = selftests; test->name != NULL; test++) { + if (exclude_mode) { char **excluded; - for( excluded = argp; *excluded != NULL; ++excluded ) - { - if( !strcmp( *excluded, test->name ) ) + for (excluded = argp; *excluded != NULL; ++excluded) { + if (!strcmp(*excluded, test->name)) { break; + } } - if( *excluded ) - { - if( v ) - mbedtls_printf( " Skip: %s\n", test->name ); + if (*excluded) { + if (v) { + mbedtls_printf(" Skip: %s\n", test->name); + } continue; } } - if( test->function( v ) != 0 ) - { + if (test->function(v) != 0) { suites_failed++; } suites_tested++; @@ -458,29 +438,26 @@ int main( int argc, char *argv[] ) #else (void) exclude_mode; - mbedtls_printf( " MBEDTLS_SELF_TEST not defined.\n" ); + mbedtls_printf(" MBEDTLS_SELF_TEST not defined.\n"); #endif - if( v != 0 ) - { - mbedtls_printf( " Executed %d test suites\n\n", suites_tested ); + if (v != 0) { + mbedtls_printf(" Executed %d test suites\n\n", suites_tested); - if( suites_failed > 0) - { - mbedtls_printf( " [ %d tests FAIL ]\n\n", suites_failed ); - } - else - { - mbedtls_printf( " [ All tests PASS ]\n\n" ); + if (suites_failed > 0) { + mbedtls_printf(" [ %d tests FAIL ]\n\n", suites_failed); + } else { + mbedtls_printf(" [ All tests PASS ]\n\n"); } #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif } - if( suites_failed > 0) - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + if (suites_failed > 0) { + mbedtls_exit(MBEDTLS_EXIT_FAILURE); + } - mbedtls_exit( MBEDTLS_EXIT_SUCCESS ); + mbedtls_exit(MBEDTLS_EXIT_SUCCESS); } diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 5fcfa0fe78c7..cc0bf79fb18e 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -48,10 +48,10 @@ #endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_NET_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_NET_C not defined.\n" ); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_NET_C not defined.\n"); + mbedtls_exit(0); } #else @@ -111,20 +111,20 @@ int main( void ) " delay=%%d default: 0 (no delayed packets)\n" \ " delay about 1:N packets randomly\n" \ " delay_ccs=0/1 default: 0 (don't delay ChangeCipherSpec)\n" \ - " delay_cli=%%s Handshake message from client that should be\n"\ + " delay_cli=%%s Handshake message from client that should be\n" \ " delayed. Possible values are 'ClientHello',\n" \ " 'Certificate', 'CertificateVerify', and\n" \ " 'ClientKeyExchange'.\n" \ - " May be used multiple times, even for the same\n"\ - " message, in which case the respective message\n"\ + " May be used multiple times, even for the same\n" \ + " message, in which case the respective message\n" \ " gets delayed multiple times.\n" \ - " delay_srv=%%s Handshake message from server that should be\n"\ - " delayed. Possible values are 'HelloRequest',\n"\ - " 'ServerHello', 'ServerHelloDone', 'Certificate'\n"\ - " 'ServerKeyExchange', 'NewSessionTicket',\n"\ - " 'HelloVerifyRequest' and ''CertificateRequest'.\n"\ - " May be used multiple times, even for the same\n"\ - " message, in which case the respective message\n"\ + " delay_srv=%%s Handshake message from server that should be\n" \ + " delayed. Possible values are 'HelloRequest',\n" \ + " 'ServerHello', 'ServerHelloDone', 'Certificate'\n" \ + " 'ServerKeyExchange', 'NewSessionTicket',\n" \ + " 'HelloVerifyRequest' and ''CertificateRequest'.\n" \ + " May be used multiple times, even for the same\n" \ + " message, in which case the respective message\n" \ " gets delayed multiple times.\n" \ " drop=%%d default: 0 (no dropped packets)\n" \ " drop about 1:N packets randomly\n" \ @@ -148,8 +148,7 @@ int main( void ) #define MAX_DELAYED_HS 10 -static struct options -{ +static struct options { const char *server_addr; /* address to forward packets to */ const char *server_port; /* port to forward packets to */ const char *listen_addr; /* address for accepting client connections */ @@ -158,10 +157,10 @@ static struct options int duplicate; /* duplicate 1 in N packets (none if 0) */ int delay; /* delay 1 packet in N (none if 0) */ int delay_ccs; /* delay ChangeCipherSpec */ - char* delay_cli[MAX_DELAYED_HS]; /* handshake types of messages from + char *delay_cli[MAX_DELAYED_HS]; /* handshake types of messages from * client that should be delayed. */ uint8_t delay_cli_cnt; /* Number of entries in delay_cli. */ - char* delay_srv[MAX_DELAYED_HS]; /* handshake types of messages from + char *delay_srv[MAX_DELAYED_HS]; /* handshake types of messages from * server that should be delayed. */ uint8_t delay_srv_cnt; /* Number of entries in delay_srv. */ int drop; /* drop 1 packet in N (none if 0) */ @@ -176,18 +175,19 @@ static struct options unsigned int seed; /* seed for "random" events */ } opt; -static void exit_usage( const char *name, const char *value ) +static void exit_usage(const char *name, const char *value) { - if( value == NULL ) - mbedtls_printf( " unknown option or missing value: %s\n", name ); - else - mbedtls_printf( " option %s: illegal value: %s\n", name, value ); + if (value == NULL) { + mbedtls_printf(" unknown option or missing value: %s\n", name); + } else { + mbedtls_printf(" option %s: illegal value: %s\n", name, value); + } - mbedtls_printf( USAGE ); - mbedtls_exit( 1 ); + mbedtls_printf(USAGE); + mbedtls_exit(1); } -static void get_options( int argc, char *argv[] ) +static void get_options(int argc, char *argv[]) { int i; char *p, *q; @@ -201,200 +201,184 @@ static void get_options( int argc, char *argv[] ) opt.delay_cli_cnt = 0; opt.delay_srv_cnt = 0; - memset( opt.delay_cli, 0, sizeof( opt.delay_cli ) ); - memset( opt.delay_srv, 0, sizeof( opt.delay_srv ) ); + memset(opt.delay_cli, 0, sizeof(opt.delay_cli)); + memset(opt.delay_srv, 0, sizeof(opt.delay_srv)); - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) - exit_usage( p, NULL ); + if ((q = strchr(p, '=')) == NULL) { + exit_usage(p, NULL); + } *q++ = '\0'; - if( strcmp( p, "server_addr" ) == 0 ) + if (strcmp(p, "server_addr") == 0) { opt.server_addr = q; - else if( strcmp( p, "server_port" ) == 0 ) + } else if (strcmp(p, "server_port") == 0) { opt.server_port = q; - else if( strcmp( p, "listen_addr" ) == 0 ) + } else if (strcmp(p, "listen_addr") == 0) { opt.listen_addr = q; - else if( strcmp( p, "listen_port" ) == 0 ) + } else if (strcmp(p, "listen_port") == 0) { opt.listen_port = q; - else if( strcmp( p, "duplicate" ) == 0 ) - { - opt.duplicate = atoi( q ); - if( opt.duplicate < 0 || opt.duplicate > 20 ) - exit_usage( p, q ); - } - else if( strcmp( p, "delay" ) == 0 ) - { - opt.delay = atoi( q ); - if( opt.delay < 0 || opt.delay > 20 || opt.delay == 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "delay_ccs" ) == 0 ) - { - opt.delay_ccs = atoi( q ); - if( opt.delay_ccs < 0 || opt.delay_ccs > 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "delay_cli" ) == 0 || - strcmp( p, "delay_srv" ) == 0 ) - { + } else if (strcmp(p, "duplicate") == 0) { + opt.duplicate = atoi(q); + if (opt.duplicate < 0 || opt.duplicate > 20) { + exit_usage(p, q); + } + } else if (strcmp(p, "delay") == 0) { + opt.delay = atoi(q); + if (opt.delay < 0 || opt.delay > 20 || opt.delay == 1) { + exit_usage(p, q); + } + } else if (strcmp(p, "delay_ccs") == 0) { + opt.delay_ccs = atoi(q); + if (opt.delay_ccs < 0 || opt.delay_ccs > 1) { + exit_usage(p, q); + } + } else if (strcmp(p, "delay_cli") == 0 || + strcmp(p, "delay_srv") == 0) { uint8_t *delay_cnt; char **delay_list; size_t len; char *buf; - if( strcmp( p, "delay_cli" ) == 0 ) - { + if (strcmp(p, "delay_cli") == 0) { delay_cnt = &opt.delay_cli_cnt; delay_list = opt.delay_cli; - } - else - { + } else { delay_cnt = &opt.delay_srv_cnt; delay_list = opt.delay_srv; } - if( *delay_cnt == MAX_DELAYED_HS ) - { - mbedtls_printf( " too many uses of %s: only %d allowed\n", - p, MAX_DELAYED_HS ); - exit_usage( p, NULL ); + if (*delay_cnt == MAX_DELAYED_HS) { + mbedtls_printf(" too many uses of %s: only %d allowed\n", + p, MAX_DELAYED_HS); + exit_usage(p, NULL); } - len = strlen( q ); - buf = mbedtls_calloc( 1, len + 1 ); - if( buf == NULL ) - { - mbedtls_printf( " Allocation failure\n" ); - exit( 1 ); + len = strlen(q); + buf = mbedtls_calloc(1, len + 1); + if (buf == NULL) { + mbedtls_printf(" Allocation failure\n"); + exit(1); } - memcpy( buf, q, len + 1 ); + memcpy(buf, q, len + 1); - delay_list[ (*delay_cnt)++ ] = buf; - } - else if( strcmp( p, "drop" ) == 0 ) - { - opt.drop = atoi( q ); - if( opt.drop < 0 || opt.drop > 20 || opt.drop == 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "pack" ) == 0 ) - { + delay_list[(*delay_cnt)++] = buf; + } else if (strcmp(p, "drop") == 0) { + opt.drop = atoi(q); + if (opt.drop < 0 || opt.drop > 20 || opt.drop == 1) { + exit_usage(p, q); + } + } else if (strcmp(p, "pack") == 0) { #if defined(MBEDTLS_TIMING_C) - opt.pack = (unsigned) atoi( q ); + opt.pack = (unsigned) atoi(q); #else - mbedtls_printf( " option pack only defined if MBEDTLS_TIMING_C is enabled\n" ); - exit( 1 ); + mbedtls_printf(" option pack only defined if MBEDTLS_TIMING_C is enabled\n"); + exit(1); #endif - } - else if( strcmp( p, "mtu" ) == 0 ) - { - opt.mtu = atoi( q ); - if( opt.mtu < 0 || opt.mtu > MAX_MSG_SIZE ) - exit_usage( p, q ); - } - else if( strcmp( p, "bad_ad" ) == 0 ) - { - opt.bad_ad = atoi( q ); - if( opt.bad_ad < 0 || opt.bad_ad > 1 ) - exit_usage( p, q ); + } else if (strcmp(p, "mtu") == 0) { + opt.mtu = atoi(q); + if (opt.mtu < 0 || opt.mtu > MAX_MSG_SIZE) { + exit_usage(p, q); + } + } else if (strcmp(p, "bad_ad") == 0) { + opt.bad_ad = atoi(q); + if (opt.bad_ad < 0 || opt.bad_ad > 1) { + exit_usage(p, q); + } } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - else if( strcmp( p, "bad_cid" ) == 0 ) - { - opt.bad_cid = (unsigned) atoi( q ); + else if (strcmp(p, "bad_cid") == 0) { + opt.bad_cid = (unsigned) atoi(q); } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - else if( strcmp( p, "protect_hvr" ) == 0 ) - { - opt.protect_hvr = atoi( q ); - if( opt.protect_hvr < 0 || opt.protect_hvr > 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "protect_len" ) == 0 ) - { - opt.protect_len = atoi( q ); - if( opt.protect_len < 0 ) - exit_usage( p, q ); - } - else if( strcmp( p, "inject_clihlo" ) == 0 ) - { - opt.inject_clihlo = atoi( q ); - if( opt.inject_clihlo < 0 || opt.inject_clihlo > 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "seed" ) == 0 ) - { - opt.seed = atoi( q ); - if( opt.seed == 0 ) - exit_usage( p, q ); + else if (strcmp(p, "protect_hvr") == 0) { + opt.protect_hvr = atoi(q); + if (opt.protect_hvr < 0 || opt.protect_hvr > 1) { + exit_usage(p, q); + } + } else if (strcmp(p, "protect_len") == 0) { + opt.protect_len = atoi(q); + if (opt.protect_len < 0) { + exit_usage(p, q); + } + } else if (strcmp(p, "inject_clihlo") == 0) { + opt.inject_clihlo = atoi(q); + if (opt.inject_clihlo < 0 || opt.inject_clihlo > 1) { + exit_usage(p, q); + } + } else if (strcmp(p, "seed") == 0) { + opt.seed = atoi(q); + if (opt.seed == 0) { + exit_usage(p, q); + } + } else { + exit_usage(p, NULL); } - else - exit_usage( p, NULL ); } } -static const char *msg_type( unsigned char *msg, size_t len ) +static const char *msg_type(unsigned char *msg, size_t len) { - if( len < 1 ) return( "Invalid" ); - switch( msg[0] ) - { - case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: return( "ChangeCipherSpec" ); - case MBEDTLS_SSL_MSG_ALERT: return( "Alert" ); - case MBEDTLS_SSL_MSG_APPLICATION_DATA: return( "ApplicationData" ); - case MBEDTLS_SSL_MSG_CID: return( "CID" ); + if (len < 1) { + return "Invalid"; + } + switch (msg[0]) { + case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: return "ChangeCipherSpec"; + case MBEDTLS_SSL_MSG_ALERT: return "Alert"; + case MBEDTLS_SSL_MSG_APPLICATION_DATA: return "ApplicationData"; + case MBEDTLS_SSL_MSG_CID: return "CID"; case MBEDTLS_SSL_MSG_HANDSHAKE: break; /* See below */ - default: return( "Unknown" ); + default: return "Unknown"; } - if( len < 13 + 12 ) return( "Invalid handshake" ); + if (len < 13 + 12) { + return "Invalid handshake"; + } /* * Our handshake message are less than 2^16 bytes long, so they should * have 0 as the first byte of length, frag_offset and frag_length. * Otherwise, assume they are encrypted. */ - if( msg[14] || msg[19] || msg[22] ) return( "Encrypted handshake" ); - - switch( msg[13] ) - { - case MBEDTLS_SSL_HS_HELLO_REQUEST: return( "HelloRequest" ); - case MBEDTLS_SSL_HS_CLIENT_HELLO: return( "ClientHello" ); - case MBEDTLS_SSL_HS_SERVER_HELLO: return( "ServerHello" ); - case MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST: return( "HelloVerifyRequest" ); - case MBEDTLS_SSL_HS_NEW_SESSION_TICKET: return( "NewSessionTicket" ); - case MBEDTLS_SSL_HS_CERTIFICATE: return( "Certificate" ); - case MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE: return( "ServerKeyExchange" ); - case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST: return( "CertificateRequest" ); - case MBEDTLS_SSL_HS_SERVER_HELLO_DONE: return( "ServerHelloDone" ); - case MBEDTLS_SSL_HS_CERTIFICATE_VERIFY: return( "CertificateVerify" ); - case MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE: return( "ClientKeyExchange" ); - case MBEDTLS_SSL_HS_FINISHED: return( "Finished" ); - default: return( "Unknown handshake" ); + if (msg[14] || msg[19] || msg[22]) { + return "Encrypted handshake"; + } + + switch (msg[13]) { + case MBEDTLS_SSL_HS_HELLO_REQUEST: return "HelloRequest"; + case MBEDTLS_SSL_HS_CLIENT_HELLO: return "ClientHello"; + case MBEDTLS_SSL_HS_SERVER_HELLO: return "ServerHello"; + case MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST: return "HelloVerifyRequest"; + case MBEDTLS_SSL_HS_NEW_SESSION_TICKET: return "NewSessionTicket"; + case MBEDTLS_SSL_HS_CERTIFICATE: return "Certificate"; + case MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE: return "ServerKeyExchange"; + case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST: return "CertificateRequest"; + case MBEDTLS_SSL_HS_SERVER_HELLO_DONE: return "ServerHelloDone"; + case MBEDTLS_SSL_HS_CERTIFICATE_VERIFY: return "CertificateVerify"; + case MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE: return "ClientKeyExchange"; + case MBEDTLS_SSL_HS_FINISHED: return "Finished"; + default: return "Unknown handshake"; } } #if defined(MBEDTLS_TIMING_C) /* Return elapsed time in milliseconds since the first call */ -static unsigned elapsed_time( void ) +static unsigned elapsed_time(void) { static int initialized = 0; static struct mbedtls_timing_hr_time hires; - if( initialized == 0 ) - { - (void) mbedtls_timing_get_timer( &hires, 1 ); + if (initialized == 0) { + (void) mbedtls_timing_get_timer(&hires, 1); initialized = 1; - return( 0 ); + return 0; } - return( mbedtls_timing_get_timer( &hires, 0 ) ); + return mbedtls_timing_get_timer(&hires, 0); } -typedef struct -{ +typedef struct { mbedtls_net_context *ctx; const char *description; @@ -409,102 +393,102 @@ typedef struct static ctx_buffer outbuf[2]; -static int ctx_buffer_flush( ctx_buffer *buf ) +static int ctx_buffer_flush(ctx_buffer *buf) { int ret; - mbedtls_printf( " %05u flush %s: %u bytes, %u datagrams, last %u ms\n", - elapsed_time(), buf->description, - (unsigned) buf->len, buf->num_datagrams, - elapsed_time() - buf->packet_lifetime ); + mbedtls_printf(" %05u flush %s: %u bytes, %u datagrams, last %u ms\n", + elapsed_time(), buf->description, + (unsigned) buf->len, buf->num_datagrams, + elapsed_time() - buf->packet_lifetime); - ret = mbedtls_net_send( buf->ctx, buf->data, buf->len ); + ret = mbedtls_net_send(buf->ctx, buf->data, buf->len); buf->len = 0; buf->num_datagrams = 0; - return( ret ); + return ret; } -static unsigned ctx_buffer_time_remaining( ctx_buffer *buf ) +static unsigned ctx_buffer_time_remaining(ctx_buffer *buf) { unsigned const cur_time = elapsed_time(); - if( buf->num_datagrams == 0 ) - return( (unsigned) -1 ); + if (buf->num_datagrams == 0) { + return (unsigned) -1; + } - if( cur_time - buf->packet_lifetime >= opt.pack ) - return( 0 ); + if (cur_time - buf->packet_lifetime >= opt.pack) { + return 0; + } - return( opt.pack - ( cur_time - buf->packet_lifetime ) ); + return opt.pack - (cur_time - buf->packet_lifetime); } -static int ctx_buffer_append( ctx_buffer *buf, - const unsigned char * data, - size_t len ) +static int ctx_buffer_append(ctx_buffer *buf, + const unsigned char *data, + size_t len) { int ret; - if( len > (size_t) INT_MAX ) - return( -1 ); + if (len > (size_t) INT_MAX) { + return -1; + } - if( len > sizeof( buf->data ) ) - { - mbedtls_printf( " ! buffer size %u too large (max %u)\n", - (unsigned) len, (unsigned) sizeof( buf->data ) ); - return( -1 ); + if (len > sizeof(buf->data)) { + mbedtls_printf(" ! buffer size %u too large (max %u)\n", + (unsigned) len, (unsigned) sizeof(buf->data)); + return -1; } - if( sizeof( buf->data ) - buf->len < len ) - { - if( ( ret = ctx_buffer_flush( buf ) ) <= 0 ) - { - mbedtls_printf( "ctx_buffer_flush failed with -%#04x", (unsigned int) -ret ); - return( ret ); + if (sizeof(buf->data) - buf->len < len) { + if ((ret = ctx_buffer_flush(buf)) <= 0) { + mbedtls_printf("ctx_buffer_flush failed with -%#04x", (unsigned int) -ret); + return ret; } } - memcpy( buf->data + buf->len, data, len ); + memcpy(buf->data + buf->len, data, len); buf->len += len; - if( ++buf->num_datagrams == 1 ) + if (++buf->num_datagrams == 1) { buf->packet_lifetime = elapsed_time(); + } - return( (int) len ); + return (int) len; } #endif /* MBEDTLS_TIMING_C */ -static int dispatch_data( mbedtls_net_context *ctx, - const unsigned char * data, - size_t len ) +static int dispatch_data(mbedtls_net_context *ctx, + const unsigned char *data, + size_t len) { int ret; #if defined(MBEDTLS_TIMING_C) ctx_buffer *buf = NULL; - if( opt.pack > 0 ) - { - if( outbuf[0].ctx == ctx ) + if (opt.pack > 0) { + if (outbuf[0].ctx == ctx) { buf = &outbuf[0]; - else if( outbuf[1].ctx == ctx ) + } else if (outbuf[1].ctx == ctx) { buf = &outbuf[1]; + } - if( buf == NULL ) - return( -1 ); + if (buf == NULL) { + return -1; + } - return( ctx_buffer_append( buf, data, len ) ); + return ctx_buffer_append(buf, data, len); } #endif /* MBEDTLS_TIMING_C */ - ret = mbedtls_net_send( ctx, data, len ); - if( ret < 0 ) - { - mbedtls_printf( "net_send returned -%#04x\n", (unsigned int) -ret ); + ret = mbedtls_net_send(ctx, data, len); + if (ret < 0) { + mbedtls_printf("net_send returned -%#04x\n", (unsigned int) -ret); } - return( ret ); + return ret; } -typedef struct -{ +typedef struct { mbedtls_net_context *dst; const char *way; const char *type; @@ -513,25 +497,27 @@ typedef struct } packet; /* Print packet. Outgoing packets come with a reason (forward, dupl, etc.) */ -void print_packet( const packet *p, const char *why ) +void print_packet(const packet *p, const char *why) { #if defined(MBEDTLS_TIMING_C) - if( why == NULL ) - mbedtls_printf( " %05u dispatch %s %s (%u bytes)\n", - elapsed_time(), p->way, p->type, p->len ); - else - mbedtls_printf( " %05u dispatch %s %s (%u bytes): %s\n", - elapsed_time(), p->way, p->type, p->len, why ); + if (why == NULL) { + mbedtls_printf(" %05u dispatch %s %s (%u bytes)\n", + elapsed_time(), p->way, p->type, p->len); + } else { + mbedtls_printf(" %05u dispatch %s %s (%u bytes): %s\n", + elapsed_time(), p->way, p->type, p->len, why); + } #else - if( why == NULL ) - mbedtls_printf( " dispatch %s %s (%u bytes)\n", - p->way, p->type, p->len ); - else - mbedtls_printf( " dispatch %s %s (%u bytes): %s\n", - p->way, p->type, p->len, why ); + if (why == NULL) { + mbedtls_printf(" dispatch %s %s (%u bytes)\n", + p->way, p->type, p->len); + } else { + mbedtls_printf(" dispatch %s %s (%u bytes): %s\n", + p->way, p->type, p->len, why); + } #endif - fflush( stdout ); + fflush(stdout); } /* @@ -555,135 +541,123 @@ typedef enum { static inject_clihlo_state_t inject_clihlo_state; static packet initial_clihlo; -int send_packet( const packet *p, const char *why ) +int send_packet(const packet *p, const char *why) { int ret; mbedtls_net_context *dst = p->dst; /* save initial ClientHello? */ - if( opt.inject_clihlo != 0 && + if (opt.inject_clihlo != 0 && inject_clihlo_state == ICH_INIT && - strcmp( p->type, "ClientHello" ) == 0 ) - { - memcpy( &initial_clihlo, p, sizeof( packet ) ); + strcmp(p->type, "ClientHello") == 0) { + memcpy(&initial_clihlo, p, sizeof(packet)); inject_clihlo_state = ICH_CACHED; } /* insert corrupted CID record? */ - if( opt.bad_cid != 0 && - strcmp( p->type, "CID" ) == 0 && - ( rand() % opt.bad_cid ) == 0 ) - { + if (opt.bad_cid != 0 && + strcmp(p->type, "CID") == 0 && + (rand() % opt.bad_cid) == 0) { unsigned char buf[MAX_MSG_SIZE]; - memcpy( buf, p->buf, p->len ); + memcpy(buf, p->buf, p->len); /* The CID resides at offset 11 in the DTLS record header. */ buf[11] ^= 1; - print_packet( p, "modified CID" ); + print_packet(p, "modified CID"); - if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); + if ((ret = dispatch_data(dst, buf, p->len)) <= 0) { + mbedtls_printf(" ! dispatch returned %d\n", ret); + return ret; } } /* insert corrupted ApplicationData record? */ - if( opt.bad_ad && - strcmp( p->type, "ApplicationData" ) == 0 ) - { + if (opt.bad_ad && + strcmp(p->type, "ApplicationData") == 0) { unsigned char buf[MAX_MSG_SIZE]; - memcpy( buf, p->buf, p->len ); + memcpy(buf, p->buf, p->len); - if( p->len <= 13 ) - { - mbedtls_printf( " ! can't corrupt empty AD record" ); - } - else - { + if (p->len <= 13) { + mbedtls_printf(" ! can't corrupt empty AD record"); + } else { ++buf[13]; - print_packet( p, "corrupted" ); + print_packet(p, "corrupted"); } - if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); + if ((ret = dispatch_data(dst, buf, p->len)) <= 0) { + mbedtls_printf(" ! dispatch returned %d\n", ret); + return ret; } } - print_packet( p, why ); - if( ( ret = dispatch_data( dst, p->buf, p->len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); + print_packet(p, why); + if ((ret = dispatch_data(dst, p->buf, p->len)) <= 0) { + mbedtls_printf(" ! dispatch returned %d\n", ret); + return ret; } /* Don't duplicate Application Data, only handshake covered */ - if( opt.duplicate != 0 && - strcmp( p->type, "ApplicationData" ) != 0 && - rand() % opt.duplicate == 0 ) - { - print_packet( p, "duplicated" ); - - if( ( ret = dispatch_data( dst, p->buf, p->len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); + if (opt.duplicate != 0 && + strcmp(p->type, "ApplicationData") != 0 && + rand() % opt.duplicate == 0) { + print_packet(p, "duplicated"); + + if ((ret = dispatch_data(dst, p->buf, p->len)) <= 0) { + mbedtls_printf(" ! dispatch returned %d\n", ret); + return ret; } } /* Inject ClientHello after first ApplicationData */ - if( opt.inject_clihlo != 0 && + if (opt.inject_clihlo != 0 && inject_clihlo_state == ICH_CACHED && - strcmp( p->type, "ApplicationData" ) == 0 ) - { - print_packet( &initial_clihlo, "injected" ); - - if( ( ret = dispatch_data( dst, initial_clihlo.buf, - initial_clihlo.len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); + strcmp(p->type, "ApplicationData") == 0) { + print_packet(&initial_clihlo, "injected"); + + if ((ret = dispatch_data(dst, initial_clihlo.buf, + initial_clihlo.len)) <= 0) { + mbedtls_printf(" ! dispatch returned %d\n", ret); + return ret; } inject_clihlo_state = ICH_INJECTED; } - return( 0 ); + return 0; } #define MAX_DELAYED_MSG 5 static size_t prev_len; static packet prev[MAX_DELAYED_MSG]; -void clear_pending( void ) +void clear_pending(void) { - memset( &prev, 0, sizeof( prev ) ); + memset(&prev, 0, sizeof(prev)); prev_len = 0; } -void delay_packet( packet *delay ) +void delay_packet(packet *delay) { - if( prev_len == MAX_DELAYED_MSG ) + if (prev_len == MAX_DELAYED_MSG) { return; + } - memcpy( &prev[prev_len++], delay, sizeof( packet ) ); + memcpy(&prev[prev_len++], delay, sizeof(packet)); } int send_delayed() { uint8_t offset; int ret; - for( offset = 0; offset < prev_len; offset++ ) - { - ret = send_packet( &prev[offset], "delayed" ); - if( ret != 0 ) - return( ret ); + for (offset = 0; offset < prev_len; offset++) { + ret = send_packet(&prev[offset], "delayed"); + if (ret != 0) { + return ret; + } } clear_pending(); - return( 0 ); + return 0; } /* @@ -703,108 +677,100 @@ int send_delayed() static unsigned char held[2048] = { 0 }; #define HOLD_MAX 2 -int handle_message( const char *way, - mbedtls_net_context *dst, - mbedtls_net_context *src ) +int handle_message(const char *way, + mbedtls_net_context *dst, + mbedtls_net_context *src) { int ret; packet cur; size_t id; uint8_t delay_idx; - char ** delay_list; + char **delay_list; uint8_t delay_list_len; /* receive packet */ - if( ( ret = mbedtls_net_recv( src, cur.buf, sizeof( cur.buf ) ) ) <= 0 ) - { - mbedtls_printf( " ! mbedtls_net_recv returned %d\n", ret ); - return( ret ); + if ((ret = mbedtls_net_recv(src, cur.buf, sizeof(cur.buf))) <= 0) { + mbedtls_printf(" ! mbedtls_net_recv returned %d\n", ret); + return ret; } cur.len = ret; - cur.type = msg_type( cur.buf, cur.len ); + cur.type = msg_type(cur.buf, cur.len); cur.way = way; cur.dst = dst; - print_packet( &cur, NULL ); + print_packet(&cur, NULL); - id = cur.len % sizeof( held ); + id = cur.len % sizeof(held); - if( strcmp( way, "S <- C" ) == 0 ) - { + if (strcmp(way, "S <- C") == 0) { delay_list = opt.delay_cli; delay_list_len = opt.delay_cli_cnt; - } - else - { + } else { delay_list = opt.delay_srv; delay_list_len = opt.delay_srv_cnt; } /* Check if message type is in the list of messages * that should be delayed */ - for( delay_idx = 0; delay_idx < delay_list_len; delay_idx++ ) - { - if( delay_list[ delay_idx ] == NULL ) + for (delay_idx = 0; delay_idx < delay_list_len; delay_idx++) { + if (delay_list[delay_idx] == NULL) { continue; + } - if( strcmp( delay_list[ delay_idx ], cur.type ) == 0 ) - { + if (strcmp(delay_list[delay_idx], cur.type) == 0) { /* Delay message */ - delay_packet( &cur ); + delay_packet(&cur); /* Remove entry from list */ - mbedtls_free( delay_list[delay_idx] ); + mbedtls_free(delay_list[delay_idx]); delay_list[delay_idx] = NULL; - return( 0 ); + return 0; } } /* do we want to drop, delay, or forward it? */ - if( ( opt.mtu != 0 && - cur.len > (unsigned) opt.mtu ) || - ( opt.drop != 0 && - strcmp( cur.type, "CID" ) != 0 && - strcmp( cur.type, "ApplicationData" ) != 0 && - ! ( opt.protect_hvr && - strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) && - cur.len != (size_t) opt.protect_len && - held[id] < HOLD_MAX && - rand() % opt.drop == 0 ) ) - { + if ((opt.mtu != 0 && + cur.len > (unsigned) opt.mtu) || + (opt.drop != 0 && + strcmp(cur.type, "CID") != 0 && + strcmp(cur.type, "ApplicationData") != 0 && + !(opt.protect_hvr && + strcmp(cur.type, "HelloVerifyRequest") == 0) && + cur.len != (size_t) opt.protect_len && + held[id] < HOLD_MAX && + rand() % opt.drop == 0)) { ++held[id]; - } - else if( ( opt.delay_ccs == 1 && - strcmp( cur.type, "ChangeCipherSpec" ) == 0 ) || - ( opt.delay != 0 && - strcmp( cur.type, "CID" ) != 0 && - strcmp( cur.type, "ApplicationData" ) != 0 && - ! ( opt.protect_hvr && - strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) && - cur.len != (size_t) opt.protect_len && - held[id] < HOLD_MAX && - rand() % opt.delay == 0 ) ) - { + } else if ((opt.delay_ccs == 1 && + strcmp(cur.type, "ChangeCipherSpec") == 0) || + (opt.delay != 0 && + strcmp(cur.type, "CID") != 0 && + strcmp(cur.type, "ApplicationData") != 0 && + !(opt.protect_hvr && + strcmp(cur.type, "HelloVerifyRequest") == 0) && + cur.len != (size_t) opt.protect_len && + held[id] < HOLD_MAX && + rand() % opt.delay == 0)) { ++held[id]; - delay_packet( &cur ); - } - else - { + delay_packet(&cur); + } else { /* forward and possibly duplicate */ - if( ( ret = send_packet( &cur, "forwarded" ) ) != 0 ) - return( ret ); + if ((ret = send_packet(&cur, "forwarded")) != 0) { + return ret; + } /* send previously delayed messages if any */ ret = send_delayed(); - if( ret != 0 ) - return( ret ); + if (ret != 0) { + return ret; + } } - return( 0 ); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -812,7 +778,7 @@ int main( int argc, char *argv[] ) mbedtls_net_context listen_fd, client_fd, server_fd; -#if defined( MBEDTLS_TIMING_C ) +#if defined(MBEDTLS_TIMING_C) struct timeval tm; #endif @@ -821,11 +787,11 @@ int main( int argc, char *argv[] ) int nb_fds; fd_set read_fds; - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_net_init( &server_fd ); + mbedtls_net_init(&listen_fd); + mbedtls_net_init(&client_fd); + mbedtls_net_init(&server_fd); - get_options( argc, argv ); + get_options(argc, argv); /* * Decisions to drop/delay/duplicate packets are pseudo-random: dropping @@ -835,84 +801,81 @@ int main( int argc, char *argv[] ) * In order to be able to reproduce problems reliably, the seed may be * specified explicitly. */ - if( opt.seed == 0 ) - { + if (opt.seed == 0) { #if defined(MBEDTLS_HAVE_TIME) - opt.seed = (unsigned int) mbedtls_time( NULL ); + opt.seed = (unsigned int) mbedtls_time(NULL); #else opt.seed = 1; #endif /* MBEDTLS_HAVE_TIME */ - mbedtls_printf( " . Pseudo-random seed: %u\n", opt.seed ); + mbedtls_printf(" . Pseudo-random seed: %u\n", opt.seed); } - srand( opt.seed ); + srand(opt.seed); /* * 0. "Connect" to the server */ - mbedtls_printf( " . Connect to server on UDP/%s/%s ...", - opt.server_addr, opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, opt.server_addr, opt.server_port, - MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + mbedtls_printf(" . Connect to server on UDP/%s/%s ...", + opt.server_addr, opt.server_port); + fflush(stdout); + + if ((ret = mbedtls_net_connect(&server_fd, opt.server_addr, opt.server_port, + MBEDTLS_NET_PROTO_UDP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1. Setup the "listening" UDP socket */ - mbedtls_printf( " . Bind on UDP/%s/%s ...", - opt.listen_addr, opt.listen_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, opt.listen_addr, opt.listen_port, - MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + mbedtls_printf(" . Bind on UDP/%s/%s ...", + opt.listen_addr, opt.listen_port); + fflush(stdout); + + if ((ret = mbedtls_net_bind(&listen_fd, opt.listen_addr, opt.listen_port, + MBEDTLS_NET_PROTO_UDP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Wait until a client connects */ accept: - mbedtls_net_free( &client_fd ); + mbedtls_net_free(&client_fd); - mbedtls_printf( " . Waiting for a remote connection ..." ); - fflush( stdout ); + mbedtls_printf(" . Waiting for a remote connection ..."); + fflush(stdout); - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + NULL, 0, NULL)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_accept returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 3. Forward packets forever (kill the process to terminate it) */ clear_pending(); - memset( held, 0, sizeof( held ) ); + memset(held, 0, sizeof(held)); nb_fds = client_fd.fd; - if( nb_fds < server_fd.fd ) + if (nb_fds < server_fd.fd) { nb_fds = server_fd.fd; - if( nb_fds < listen_fd.fd ) + } + if (nb_fds < listen_fd.fd) { nb_fds = listen_fd.fd; + } ++nb_fds; #if defined(MBEDTLS_TIMING_C) - if( opt.pack > 0 ) - { + if (opt.pack > 0) { outbuf[0].ctx = &server_fd; outbuf[0].description = "S <- C"; outbuf[0].num_datagrams = 0; @@ -925,70 +888,66 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_TIMING_C */ - while( 1 ) - { + while (1) { #if defined(MBEDTLS_TIMING_C) - if( opt.pack > 0 ) - { + if (opt.pack > 0) { unsigned max_wait_server, max_wait_client, max_wait; - max_wait_server = ctx_buffer_time_remaining( &outbuf[0] ); - max_wait_client = ctx_buffer_time_remaining( &outbuf[1] ); + max_wait_server = ctx_buffer_time_remaining(&outbuf[0]); + max_wait_client = ctx_buffer_time_remaining(&outbuf[1]); max_wait = (unsigned) -1; - if( max_wait_server == 0 ) - ctx_buffer_flush( &outbuf[0] ); - else + if (max_wait_server == 0) { + ctx_buffer_flush(&outbuf[0]); + } else { max_wait = max_wait_server; + } - if( max_wait_client == 0 ) - ctx_buffer_flush( &outbuf[1] ); - else - { - if( max_wait_client < max_wait ) + if (max_wait_client == 0) { + ctx_buffer_flush(&outbuf[1]); + } else { + if (max_wait_client < max_wait) { max_wait = max_wait_client; + } } - if( max_wait != (unsigned) -1 ) - { + if (max_wait != (unsigned) -1) { tm.tv_sec = max_wait / 1000; - tm.tv_usec = ( max_wait % 1000 ) * 1000; + tm.tv_usec = (max_wait % 1000) * 1000; tm_ptr = &tm; - } - else - { + } else { tm_ptr = NULL; } } #endif /* MBEDTLS_TIMING_C */ - FD_ZERO( &read_fds ); - FD_SET( server_fd.fd, &read_fds ); - FD_SET( client_fd.fd, &read_fds ); - FD_SET( listen_fd.fd, &read_fds ); + FD_ZERO(&read_fds); + FD_SET(server_fd.fd, &read_fds); + FD_SET(client_fd.fd, &read_fds); + FD_SET(listen_fd.fd, &read_fds); - if( ( ret = select( nb_fds, &read_fds, NULL, NULL, tm_ptr ) ) < 0 ) - { - perror( "select" ); + if ((ret = select(nb_fds, &read_fds, NULL, NULL, tm_ptr)) < 0) { + perror("select"); goto exit; } - if( FD_ISSET( listen_fd.fd, &read_fds ) ) + if (FD_ISSET(listen_fd.fd, &read_fds)) { goto accept; + } - if( FD_ISSET( client_fd.fd, &read_fds ) ) - { - if( ( ret = handle_message( "S <- C", - &server_fd, &client_fd ) ) != 0 ) + if (FD_ISSET(client_fd.fd, &read_fds)) { + if ((ret = handle_message("S <- C", + &server_fd, &client_fd)) != 0) { goto accept; + } } - if( FD_ISSET( server_fd.fd, &read_fds ) ) - { - if( ( ret = handle_message( "S -> C", - &client_fd, &server_fd ) ) != 0 ) + if (FD_ISSET(server_fd.fd, &read_fds)) { + if ((ret = handle_message("S -> C", + &client_fd, &server_fd)) != 0) { goto accept; + } } } @@ -998,31 +957,29 @@ int main( int argc, char *argv[] ) exit: #ifdef MBEDTLS_ERROR_C - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { + if (exit_code != MBEDTLS_EXIT_SUCCESS) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf( "Last error was: -0x%04X - %s\n\n", (unsigned int) -ret, error_buf ); - fflush( stdout ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: -0x%04X - %s\n\n", (unsigned int) -ret, error_buf); + fflush(stdout); } #endif - for( delay_idx = 0; delay_idx < MAX_DELAYED_HS; delay_idx++ ) - { - mbedtls_free( opt.delay_cli[delay_idx] ); - mbedtls_free( opt.delay_srv[delay_idx] ); + for (delay_idx = 0; delay_idx < MAX_DELAYED_HS; delay_idx++) { + mbedtls_free(opt.delay_cli[delay_idx]); + mbedtls_free(opt.delay_srv[delay_idx]); } - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &server_fd ); - mbedtls_net_free( &listen_fd ); + mbedtls_net_free(&client_fd); + mbedtls_net_free(&server_fd); + mbedtls_net_free(&listen_fd); #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_NET_C */ diff --git a/programs/test/zeroize.c b/programs/test/zeroize.c index d46ae504fe10..3bc76fd563bd 100644 --- a/programs/test/zeroize.c +++ b/programs/test/zeroize.c @@ -39,16 +39,16 @@ #define BUFFER_LEN 1024 -void usage( void ) +void usage(void) { - mbedtls_printf( "Zeroize is a simple program to assist with testing\n" ); - mbedtls_printf( "the mbedtls_platform_zeroize() function by using the\n" ); - mbedtls_printf( "debugger. This program takes a file as input and\n" ); - mbedtls_printf( "prints the first %d characters. Usage:\n\n", BUFFER_LEN ); - mbedtls_printf( " zeroize \n" ); + mbedtls_printf("Zeroize is a simple program to assist with testing\n"); + mbedtls_printf("the mbedtls_platform_zeroize() function by using the\n"); + mbedtls_printf("debugger. This program takes a file as input and\n"); + mbedtls_printf("prints the first %d characters. Usage:\n\n", BUFFER_LEN); + mbedtls_printf(" zeroize \n"); } -int main( int argc, char** argv ) +int main(int argc, char **argv) { int exit_code = MBEDTLS_EXIT_FAILURE; FILE *fp; @@ -57,34 +57,32 @@ int main( int argc, char** argv ) char *end = p + BUFFER_LEN; int c; - if( argc != 2 ) - { - mbedtls_printf( "This program takes exactly 1 argument\n" ); + if (argc != 2) { + mbedtls_printf("This program takes exactly 1 argument\n"); usage(); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } - fp = fopen( argv[1], "r" ); - if( fp == NULL ) - { - mbedtls_printf( "Could not open file '%s'\n", argv[1] ); - mbedtls_exit( exit_code ); + fp = fopen(argv[1], "r"); + if (fp == NULL) { + mbedtls_printf("Could not open file '%s'\n", argv[1]); + mbedtls_exit(exit_code); } - while( ( c = fgetc( fp ) ) != EOF && p < end - 1 ) - *p++ = (char)c; + while ((c = fgetc(fp)) != EOF && p < end - 1) { + *p++ = (char) c; + } *p = '\0'; - if( p - buf != 0 ) - { - mbedtls_printf( "%s\n", buf ); + if (p - buf != 0) { + mbedtls_printf("%s\n", buf); exit_code = MBEDTLS_EXIT_SUCCESS; + } else { + mbedtls_printf("The file is empty!\n"); } - else - mbedtls_printf( "The file is empty!\n" ); - fclose( fp ); - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + fclose(fp); + mbedtls_platform_zeroize(buf, sizeof(buf)); - mbedtls_exit( exit_code ); // GDB_BREAK_HERE -- don't remove this comment! + mbedtls_exit(exit_code); // GDB_BREAK_HERE -- don't remove this comment! } diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c index 9f5d70a878df..b66226d56066 100644 --- a/programs/util/pem2der.c +++ b/programs/util/pem2der.c @@ -45,10 +45,10 @@ "\n" #if !defined(MBEDTLS_BASE64_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BASE64_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else @@ -56,120 +56,127 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *filename; /* filename of the input file */ const char *output_file; /* where to store the output */ } opt; -int convert_pem_to_der( const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen ) +int convert_pem_to_der(const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen) { int ret; const unsigned char *s1, *s2, *end = input + ilen; size_t len = 0; - s1 = (unsigned char *) strstr( (const char *) input, "-----BEGIN" ); - if( s1 == NULL ) - return( -1 ); + s1 = (unsigned char *) strstr((const char *) input, "-----BEGIN"); + if (s1 == NULL) { + return -1; + } - s2 = (unsigned char *) strstr( (const char *) input, "-----END" ); - if( s2 == NULL ) - return( -1 ); + s2 = (unsigned char *) strstr((const char *) input, "-----END"); + if (s2 == NULL) { + return -1; + } s1 += 10; - while( s1 < end && *s1 != '-' ) + while (s1 < end && *s1 != '-') { + s1++; + } + while (s1 < end && *s1 == '-') { + s1++; + } + if (*s1 == '\r') { s1++; - while( s1 < end && *s1 == '-' ) + } + if (*s1 == '\n') { s1++; - if( *s1 == '\r' ) s1++; - if( *s1 == '\n' ) s1++; + } - if( s2 <= s1 || s2 > end ) - return( -1 ); + if (s2 <= s1 || s2 > end) { + return -1; + } - ret = mbedtls_base64_decode( NULL, 0, &len, (const unsigned char *) s1, s2 - s1 ); - if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER ) - return( ret ); + ret = mbedtls_base64_decode(NULL, 0, &len, (const unsigned char *) s1, s2 - s1); + if (ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER) { + return ret; + } - if( len > *olen ) - return( -1 ); + if (len > *olen) { + return -1; + } - if( ( ret = mbedtls_base64_decode( output, len, &len, (const unsigned char *) s1, - s2 - s1 ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_base64_decode(output, len, &len, (const unsigned char *) s1, + s2 - s1)) != 0) { + return ret; } *olen = len; - return( 0 ); + return 0; } /* * Load all data from a file into a given buffer. */ -static int load_file( const char *path, unsigned char **buf, size_t *n ) +static int load_file(const char *path, unsigned char **buf, size_t *n) { FILE *f; long size; - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( -1 ); + if ((f = fopen(path, "rb")) == NULL) { + return -1; + } - fseek( f, 0, SEEK_END ); - if( ( size = ftell( f ) ) == -1 ) - { - fclose( f ); - return( -1 ); + fseek(f, 0, SEEK_END); + if ((size = ftell(f)) == -1) { + fclose(f); + return -1; } - fseek( f, 0, SEEK_SET ); + fseek(f, 0, SEEK_SET); *n = (size_t) size; - if( *n + 1 == 0 || - ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL ) - { - fclose( f ); - return( -1 ); + if (*n + 1 == 0 || + (*buf = mbedtls_calloc(1, *n + 1)) == NULL) { + fclose(f); + return -1; } - if( fread( *buf, 1, *n, f ) != *n ) - { - fclose( f ); - free( *buf ); + if (fread(*buf, 1, *n, f) != *n) { + fclose(f); + free(*buf); *buf = NULL; - return( -1 ); + return -1; } - fclose( f ); + fclose(f); (*buf)[*n] = '\0'; - return( 0 ); + return 0; } /* * Write buffer to a file */ -static int write_file( const char *path, unsigned char *buf, size_t n ) +static int write_file(const char *path, unsigned char *buf, size_t n) { FILE *f; - if( ( f = fopen( path, "wb" ) ) == NULL ) - return( -1 ); + if ((f = fopen(path, "wb")) == NULL) { + return -1; + } - if( fwrite( buf, 1, n, f ) != n ) - { - fclose( f ); - return( -1 ); + if (fwrite(buf, 1, n, f) != n) { + fclose(f); + return -1; } - fclose( f ); - return( 0 ); + fclose(f); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -183,100 +190,97 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - memset( buf, 0, sizeof(buf) ); - memset( der_buffer, 0, sizeof(der_buffer) ); + memset(buf, 0, sizeof(buf)); + memset(der_buffer, 0, sizeof(der_buffer)); - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc == 0) { +usage: + mbedtls_printf(USAGE); goto exit; } opt.filename = DFL_FILENAME; opt.output_file = DFL_OUTPUT_FILENAME; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "filename" ) == 0 ) + if (strcmp(p, "filename") == 0) { opt.filename = q; - else if( strcmp( p, "output_file" ) == 0 ) + } else if (strcmp(p, "output_file") == 0) { opt.output_file = q; - else + } else { goto usage; + } } /* * 1.1. Load the PEM file */ - mbedtls_printf( "\n . Loading the PEM file ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the PEM file ..."); + fflush(stdout); - ret = load_file( opt.filename, &pem_buffer, &pem_size ); + ret = load_file(opt.filename, &pem_buffer, &pem_size); - if( ret != 0 ) - { + if (ret != 0) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, 1024 ); + mbedtls_strerror(ret, buf, 1024); #endif - mbedtls_printf( " failed\n ! load_file returned %d - %s\n\n", ret, buf ); + mbedtls_printf(" failed\n ! load_file returned %d - %s\n\n", ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2. Convert from PEM to DER */ - mbedtls_printf( " . Converting from PEM to DER ..." ); - fflush( stdout ); + mbedtls_printf(" . Converting from PEM to DER ..."); + fflush(stdout); - if( ( ret = convert_pem_to_der( pem_buffer, pem_size, der_buffer, &der_size ) ) != 0 ) - { + if ((ret = convert_pem_to_der(pem_buffer, pem_size, der_buffer, &der_size)) != 0) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, 1024 ); + mbedtls_strerror(ret, buf, 1024); #endif - mbedtls_printf( " failed\n ! convert_pem_to_der %d - %s\n\n", ret, buf ); + mbedtls_printf(" failed\n ! convert_pem_to_der %d - %s\n\n", ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.3. Write the DER file */ - mbedtls_printf( " . Writing the DER file ..." ); - fflush( stdout ); + mbedtls_printf(" . Writing the DER file ..."); + fflush(stdout); - ret = write_file( opt.output_file, der_buffer, der_size ); + ret = write_file(opt.output_file, der_buffer, der_size); - if( ret != 0 ) - { + if (ret != 0) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, 1024 ); + mbedtls_strerror(ret, buf, 1024); #endif - mbedtls_printf( " failed\n ! write_file returned %d - %s\n\n", ret, buf ); + mbedtls_printf(" failed\n ! write_file returned %d - %s\n\n", ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - free( pem_buffer ); + free(pem_buffer); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BASE64_C && MBEDTLS_FS_IO */ diff --git a/programs/util/strerror.c b/programs/util/strerror.c index 7dde90d868c9..77f183109443 100644 --- a/programs/util/strerror.c +++ b/programs/util/strerror.c @@ -38,48 +38,45 @@ "\n where can be a decimal or hexadecimal (starts with 0x or -0x)\n" #if !defined(MBEDTLS_ERROR_C) && !defined(MBEDTLS_ERROR_STRERROR_DUMMY) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_ERROR_C and/or MBEDTLS_ERROR_STRERROR_DUMMY not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { long int val; char *end = argv[1]; - if( argc != 2 ) - { - mbedtls_printf( USAGE ); - mbedtls_exit( 0 ); + if (argc != 2) { + mbedtls_printf(USAGE); + mbedtls_exit(0); } - val = strtol( argv[1], &end, 10 ); - if( *end != '\0' ) - { - val = strtol( argv[1], &end, 16 ); - if( *end != '\0' ) - { - mbedtls_printf( USAGE ); - return( 0 ); + val = strtol(argv[1], &end, 10); + if (*end != '\0') { + val = strtol(argv[1], &end, 16); + if (*end != '\0') { + mbedtls_printf(USAGE); + return 0; } } - if( val > 0 ) + if (val > 0) { val = -val; + } - if( val != 0 ) - { + if (val != 0) { char error_buf[200]; - mbedtls_strerror( val, error_buf, 200 ); - mbedtls_printf("Last error was: -0x%04x - %s\n\n", (unsigned int) -val, error_buf ); + mbedtls_strerror(val, error_buf, 200); + mbedtls_printf("Last error was: -0x%04x - %s\n\n", (unsigned int) -val, error_buf); } #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( val ); + mbedtls_exit(val); } #endif /* MBEDTLS_ERROR_C */ diff --git a/programs/wince_main.c b/programs/wince_main.c index 851012c13dcc..be98eae5e5bb 100644 --- a/programs/wince_main.c +++ b/programs/wince_main.c @@ -21,23 +21,23 @@ #include -extern int main( int, const char ** ); +extern int main(int, const char **); -int _tmain( int argc, _TCHAR* targv[] ) +int _tmain(int argc, _TCHAR *targv[]) { char **argv; int i; - argv = ( char ** ) calloc( argc, sizeof( char * ) ); + argv = (char **) calloc(argc, sizeof(char *)); - for ( i = 0; i < argc; i++ ) { + for (i = 0; i < argc; i++) { size_t len; - len = _tcslen( targv[i] ) + 1; - argv[i] = ( char * ) calloc( len, sizeof( char ) ); - wcstombs( argv[i], targv[i], len ); + len = _tcslen(targv[i]) + 1; + argv[i] = (char *) calloc(len, sizeof(char)); + wcstombs(argv[i], targv[i], len); } - return main( argc, argv ); + return main(argc, argv); } #endif /* defined(_WIN32_WCE) */ diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 8b768794396a..a45802cee9f8 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -30,14 +30,14 @@ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else @@ -90,8 +90,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { int mode; /* the mode to run the application in */ const char *filename; /* filename of the certificate file */ const char *ca_file; /* the file with the CA certificate(s) */ @@ -103,37 +102,36 @@ struct options int permissive; /* permissive parsing */ } opt; -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags ) +static int my_verify(void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags) { char buf[1024]; ((void) data); - mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); - mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); - mbedtls_printf( "%s", buf ); + mbedtls_printf("\nVerify requested for (Depth %d):\n", depth); + mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt); + mbedtls_printf("%s", buf); - if ( ( *flags ) == 0 ) - mbedtls_printf( " This certificate has no flags\n" ); - else - { - mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); - mbedtls_printf( "%s\n", buf ); + if ((*flags) == 0) { + mbedtls_printf(" This certificate has no flags\n"); + } else { + mbedtls_x509_crt_verify_info(buf, sizeof(buf), " ! ", *flags); + mbedtls_printf("%s\n", buf); } - return( 0 ); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -154,23 +152,22 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_net_init( &server_fd ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_x509_crt_init( &cacert ); + mbedtls_net_init(&server_fd); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_x509_crt_init(&cacert); #if defined(MBEDTLS_X509_CRL_PARSE_C) - mbedtls_x509_crl_init( &cacrl ); + mbedtls_x509_crl_init(&cacrl); #else /* Zeroize structure as CRL parsing is not supported and we have to pass it to the verify function */ - memset( &cacrl, 0, sizeof(mbedtls_x509_crl) ); + memset(&cacrl, 0, sizeof(mbedtls_x509_crl)); #endif - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc == 0) { +usage: + mbedtls_printf(USAGE); goto exit; } @@ -184,91 +181,85 @@ int main( int argc, char *argv[] ) opt.debug_level = DFL_DEBUG_LEVEL; opt.permissive = DFL_PERMISSIVE; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - for( j = 0; p + j < q; j++ ) - { - if( argv[i][j] >= 'A' && argv[i][j] <= 'Z' ) + for (j = 0; p + j < q; j++) { + if (argv[i][j] >= 'A' && argv[i][j] <= 'Z') { argv[i][j] |= 0x20; + } } - if( strcmp( p, "mode" ) == 0 ) - { - if( strcmp( q, "file" ) == 0 ) + if (strcmp(p, "mode") == 0) { + if (strcmp(q, "file") == 0) { opt.mode = MODE_FILE; - else if( strcmp( q, "ssl" ) == 0 ) + } else if (strcmp(q, "ssl") == 0) { opt.mode = MODE_SSL; - else + } else { goto usage; - } - else if( strcmp( p, "filename" ) == 0 ) + } + } else if (strcmp(p, "filename") == 0) { opt.filename = q; - else if( strcmp( p, "ca_file" ) == 0 ) + } else if (strcmp(p, "ca_file") == 0) { opt.ca_file = q; - else if( strcmp( p, "crl_file" ) == 0 ) + } else if (strcmp(p, "crl_file") == 0) { opt.crl_file = q; - else if( strcmp( p, "ca_path" ) == 0 ) + } else if (strcmp(p, "ca_path") == 0) { opt.ca_path = q; - else if( strcmp( p, "server_name" ) == 0 ) + } else if (strcmp(p, "server_name") == 0) { opt.server_name = q; - else if( strcmp( p, "server_port" ) == 0 ) + } else if (strcmp(p, "server_port") == 0) { opt.server_port = q; - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) + } else if (strcmp(p, "debug_level") == 0) { + opt.debug_level = atoi(q); + if (opt.debug_level < 0 || opt.debug_level > 65535) { goto usage; - } - else if( strcmp( p, "permissive" ) == 0 ) - { - opt.permissive = atoi( q ); - if( opt.permissive < 0 || opt.permissive > 1 ) + } + } else if (strcmp(p, "permissive") == 0) { + opt.permissive = atoi(q); + if (opt.permissive < 0 || opt.permissive > 1) { goto usage; - } - else + } + } else { goto usage; + } } /* * 1.1. Load the trusted CA */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); - - if( strlen( opt.ca_path ) ) - { - if( ( ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ) ) < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_path returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" . Loading the CA root certificate ..."); + fflush(stdout); + + if (strlen(opt.ca_path)) { + if ((ret = mbedtls_x509_crt_parse_path(&cacert, opt.ca_path)) < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_path returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } verify = 1; - } - else if( strlen( opt.ca_file ) ) - { - if( ( ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ) ) < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", (unsigned int) -ret ); + } else if (strlen(opt.ca_file)) { + if ((ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file)) < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } verify = 1; } - mbedtls_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf(" ok (%d skipped)\n", ret); #if defined(MBEDTLS_X509_CRL_PARSE_C) - if( strlen( opt.crl_file ) ) - { - if( ( ret = mbedtls_x509_crl_parse_file( &cacrl, opt.crl_file ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse returned -0x%x\n\n", (unsigned int) -ret ); + if (strlen(opt.crl_file)) { + if ((ret = mbedtls_x509_crl_parse_file(&cacrl, opt.crl_file)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crl_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } @@ -276,52 +267,49 @@ int main( int argc, char *argv[] ) } #endif - if( opt.mode == MODE_FILE ) - { + if (opt.mode == MODE_FILE) { mbedtls_x509_crt crt; mbedtls_x509_crt *cur = &crt; - mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init(&crt); /* * 1.1. Load the certificate(s) */ - mbedtls_printf( "\n . Loading the certificate(s) ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the certificate(s) ..."); + fflush(stdout); - ret = mbedtls_x509_crt_parse_file( &crt, opt.filename ); + ret = mbedtls_x509_crt_parse_file(&crt, opt.filename); - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned %d\n\n", ret ); - mbedtls_x509_crt_free( &crt ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file returned %d\n\n", ret); + mbedtls_x509_crt_free(&crt); goto exit; } - if( opt.permissive == 0 && ret > 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse failed to parse %d certificates\n\n", ret ); - mbedtls_x509_crt_free( &crt ); + if (opt.permissive == 0 && ret > 0) { + mbedtls_printf( + " failed\n ! mbedtls_x509_crt_parse failed to parse %d certificates\n\n", + ret); + mbedtls_x509_crt_free(&crt); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2 Print the certificate(s) */ - while( cur != NULL ) - { - mbedtls_printf( " . Peer certificate information ...\n" ); - ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", - cur ); - if( ret == -1 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret ); - mbedtls_x509_crt_free( &crt ); + while (cur != NULL) { + mbedtls_printf(" . Peer certificate information ...\n"); + ret = mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ", + cur); + if (ret == -1) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret); + mbedtls_x509_crt_free(&crt); goto exit; } - mbedtls_printf( "%s\n", buf ); + mbedtls_printf("%s\n", buf); cur = cur->next; } @@ -329,161 +317,148 @@ int main( int argc, char *argv[] ) /* * 1.3 Verify the certificate */ - if( verify ) - { - mbedtls_printf( " . Verifying X.509 certificate..." ); + if (verify) { + mbedtls_printf(" . Verifying X.509 certificate..."); - if( ( ret = mbedtls_x509_crt_verify( &crt, &cacert, &cacrl, NULL, &flags, - my_verify, NULL ) ) != 0 ) - { + if ((ret = mbedtls_x509_crt_verify(&crt, &cacert, &cacrl, NULL, &flags, + my_verify, NULL)) != 0) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); + mbedtls_printf(" failed\n"); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); + } else { + mbedtls_printf(" ok\n"); } - else - mbedtls_printf( " ok\n" ); } - mbedtls_x509_crt_free( &crt ); - } - else if( opt.mode == MODE_SSL ) - { + mbedtls_x509_crt_free(&crt); + } else if (opt.mode == MODE_SSL) { /* * 1. Initialize the RNG and the session data */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto ssl_exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( opt.debug_level ); + mbedtls_debug_set_threshold(opt.debug_level); #endif /* * 2. Start the connection */ - mbedtls_printf( " . SSL connection to tcp/%s/%s...", opt.server_name, - opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name, - opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + mbedtls_printf(" . SSL connection to tcp/%s/%s...", opt.server_name, + opt.server_port); + fflush(stdout); + + if ((ret = mbedtls_net_connect(&server_fd, opt.server_name, + opt.server_port, MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret); goto ssl_exit; } /* * 3. Setup stuff */ - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } - if( verify ) - { - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED ); - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - mbedtls_ssl_conf_verify( &conf, my_verify, NULL ); + if (verify) { + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); + mbedtls_ssl_conf_verify(&conf, my_verify, NULL); + } else { + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE); } - else - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE ); - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); goto ssl_exit; } - if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret); goto ssl_exit; } - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL); /* * 4. Handshake */ - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret ); + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret); goto ssl_exit; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 5. Print the certificate */ #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_printf( " . Peer certificate information ... skipped\n" ); + mbedtls_printf(" . Peer certificate information ... skipped\n"); #else - mbedtls_printf( " . Peer certificate information ...\n" ); - ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", - mbedtls_ssl_get_peer_cert( &ssl ) ); - if( ret == -1 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret ); + mbedtls_printf(" . Peer certificate information ...\n"); + ret = mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ", + mbedtls_ssl_get_peer_cert(&ssl)); + if (ret == -1) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret); goto ssl_exit; } - mbedtls_printf( "%s\n", buf ); + mbedtls_printf("%s\n", buf); #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - mbedtls_ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify(&ssl); ssl_exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - } - else + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + } else { goto usage; + } exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_net_free( &server_fd ); - mbedtls_x509_crt_free( &cacert ); + mbedtls_net_free(&server_fd); + mbedtls_x509_crt_free(&cacert); #if defined(MBEDTLS_X509_CRL_PARSE_C) - mbedtls_x509_crl_free( &cacrl ); + mbedtls_x509_crl_free(&cacrl); #endif - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index ab046481b90e..9b854a12bdfb 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -29,13 +29,13 @@ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_PEM_WRITE_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " - "not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " + "not defined.\n"); + mbedtls_exit(0); } #else @@ -99,8 +99,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *filename; /* filename of the key file */ const char *password; /* password for the key file */ int debug_level; /* level of debugging */ @@ -113,36 +112,37 @@ struct options mbedtls_md_type_t md_alg; /* Hash algorithm used for signature. */ } opt; -int write_certificate_request( mbedtls_x509write_csr *req, const char *output_file, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int write_certificate_request(mbedtls_x509write_csr *req, const char *output_file, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret; FILE *f; unsigned char output_buf[4096]; size_t len = 0; - memset( output_buf, 0, 4096 ); - if( ( ret = mbedtls_x509write_csr_pem( req, output_buf, 4096, f_rng, p_rng ) ) < 0 ) - return( ret ); + memset(output_buf, 0, 4096); + if ((ret = mbedtls_x509write_csr_pem(req, output_buf, 4096, f_rng, p_rng)) < 0) { + return ret; + } - len = strlen( (char *) output_buf ); + len = strlen((char *) output_buf); - if( ( f = fopen( output_file, "w" ) ) == NULL ) - return( -1 ); + if ((f = fopen(output_file, "w")) == NULL) { + return -1; + } - if( fwrite( output_buf, 1, len, f ) != len ) - { - fclose( f ); - return( -1 ); + if (fwrite(output_buf, 1, len, f) != len) { + fclose(f); + return -1; } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -158,15 +158,14 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_x509write_csr_init( &req ); - mbedtls_pk_init( &key ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - memset( buf, 0, sizeof( buf ) ); - - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + mbedtls_x509write_csr_init(&req); + mbedtls_pk_init(&key); + mbedtls_ctr_drbg_init(&ctr_drbg); + memset(buf, 0, sizeof(buf)); + + if (argc == 0) { +usage: + mbedtls_printf(USAGE); goto exit; } @@ -181,214 +180,198 @@ int main( int argc, char *argv[] ) opt.force_ns_cert_type = DFL_FORCE_NS_CERT_TYPE; opt.md_alg = DFL_MD_ALG; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "filename" ) == 0 ) + if (strcmp(p, "filename") == 0) { opt.filename = q; - else if( strcmp( p, "password" ) == 0 ) + } else if (strcmp(p, "password") == 0) { opt.password = q; - else if( strcmp( p, "output_file" ) == 0 ) + } else if (strcmp(p, "output_file") == 0) { opt.output_file = q; - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) + } else if (strcmp(p, "debug_level") == 0) { + opt.debug_level = atoi(q); + if (opt.debug_level < 0 || opt.debug_level > 65535) { goto usage; - } - else if( strcmp( p, "subject_name" ) == 0 ) - { + } + } else if (strcmp(p, "subject_name") == 0) { opt.subject_name = q; - } - else if( strcmp( p, "md" ) == 0 ) - { + } else if (strcmp(p, "md") == 0) { const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_string( q ); - if( md_info == NULL ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + mbedtls_md_info_from_string(q); + if (md_info == NULL) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - opt.md_alg = mbedtls_md_get_type( md_info ); - } - else if( strcmp( p, "key_usage" ) == 0 ) - { - while( q != NULL ) - { - if( ( r = strchr( q, ',' ) ) != NULL ) + opt.md_alg = mbedtls_md_get_type(md_info); + } else if (strcmp(p, "key_usage") == 0) { + while (q != NULL) { + if ((r = strchr(q, ',')) != NULL) { *r++ = '\0'; + } - if( strcmp( q, "digital_signature" ) == 0 ) + if (strcmp(q, "digital_signature") == 0) { opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE; - else if( strcmp( q, "non_repudiation" ) == 0 ) + } else if (strcmp(q, "non_repudiation") == 0) { opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION; - else if( strcmp( q, "key_encipherment" ) == 0 ) + } else if (strcmp(q, "key_encipherment") == 0) { opt.key_usage |= MBEDTLS_X509_KU_KEY_ENCIPHERMENT; - else if( strcmp( q, "data_encipherment" ) == 0 ) + } else if (strcmp(q, "data_encipherment") == 0) { opt.key_usage |= MBEDTLS_X509_KU_DATA_ENCIPHERMENT; - else if( strcmp( q, "key_agreement" ) == 0 ) + } else if (strcmp(q, "key_agreement") == 0) { opt.key_usage |= MBEDTLS_X509_KU_KEY_AGREEMENT; - else if( strcmp( q, "key_cert_sign" ) == 0 ) + } else if (strcmp(q, "key_cert_sign") == 0) { opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN; - else if( strcmp( q, "crl_sign" ) == 0 ) + } else if (strcmp(q, "crl_sign") == 0) { opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN; - else + } else { goto usage; + } q = r; } - } - else if( strcmp( p, "force_key_usage" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "force_key_usage") == 0) { + switch (atoi(q)) { case 0: opt.force_key_usage = 0; break; case 1: opt.force_key_usage = 1; break; default: goto usage; } - } - else if( strcmp( p, "ns_cert_type" ) == 0 ) - { - while( q != NULL ) - { - if( ( r = strchr( q, ',' ) ) != NULL ) + } else if (strcmp(p, "ns_cert_type") == 0) { + while (q != NULL) { + if ((r = strchr(q, ',')) != NULL) { *r++ = '\0'; + } - if( strcmp( q, "ssl_client" ) == 0 ) + if (strcmp(q, "ssl_client") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT; - else if( strcmp( q, "ssl_server" ) == 0 ) + } else if (strcmp(q, "ssl_server") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER; - else if( strcmp( q, "email" ) == 0 ) + } else if (strcmp(q, "email") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL; - else if( strcmp( q, "object_signing" ) == 0 ) + } else if (strcmp(q, "object_signing") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING; - else if( strcmp( q, "ssl_ca" ) == 0 ) + } else if (strcmp(q, "ssl_ca") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CA; - else if( strcmp( q, "email_ca" ) == 0 ) + } else if (strcmp(q, "email_ca") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA; - else if( strcmp( q, "object_signing_ca" ) == 0 ) + } else if (strcmp(q, "object_signing_ca") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA; - else + } else { goto usage; + } q = r; } - } - else if( strcmp( p, "force_ns_cert_type" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "force_ns_cert_type") == 0) { + switch (atoi(q)) { case 0: opt.force_ns_cert_type = 0; break; case 1: opt.force_ns_cert_type = 1; break; default: goto usage; } - } - else + } else { goto usage; + } } - mbedtls_x509write_csr_set_md_alg( &req, opt.md_alg ); + mbedtls_x509write_csr_set_md_alg(&req, opt.md_alg); - if( opt.key_usage || opt.force_key_usage == 1 ) - mbedtls_x509write_csr_set_key_usage( &req, opt.key_usage ); + if (opt.key_usage || opt.force_key_usage == 1) { + mbedtls_x509write_csr_set_key_usage(&req, opt.key_usage); + } - if( opt.ns_cert_type || opt.force_ns_cert_type == 1 ) - mbedtls_x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type ); + if (opt.ns_cert_type || opt.force_ns_cert_type == 1) { + mbedtls_x509write_csr_set_ns_cert_type(&req, opt.ns_cert_type); + } /* * 0. Seed the PRNG */ - mbedtls_printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d", ret ); + mbedtls_printf(" . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.0. Check the subject name for validity */ - mbedtls_printf( " . Checking subject name..." ); - fflush( stdout ); + mbedtls_printf(" . Checking subject name..."); + fflush(stdout); - if( ( ret = mbedtls_x509write_csr_set_subject_name( &req, opt.subject_name ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509write_csr_set_subject_name returned %d", ret ); + if ((ret = mbedtls_x509write_csr_set_subject_name(&req, opt.subject_name)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509write_csr_set_subject_name returned %d", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.1. Load the key */ - mbedtls_printf( " . Loading the private key ..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the private key ..."); + fflush(stdout); - ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password ); + ret = mbedtls_pk_parse_keyfile(&key, opt.filename, opt.password); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned %d", ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned %d", ret); goto exit; } - mbedtls_x509write_csr_set_key( &req, &key ); + mbedtls_x509write_csr_set_key(&req, &key); - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2. Writing the request */ - mbedtls_printf( " . Writing the certificate request ..." ); - fflush( stdout ); + mbedtls_printf(" . Writing the certificate request ..."); + fflush(stdout); - if( ( ret = write_certificate_request( &req, opt.output_file, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! write_certificate_request %d", ret ); + if ((ret = write_certificate_request(&req, opt.output_file, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! write_certificate_request %d", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { + if (exit_code != MBEDTLS_EXIT_SUCCESS) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, sizeof( buf ) ); - mbedtls_printf( " - %s\n", buf ); + mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" - %s\n", buf); #else mbedtls_printf("\n"); #endif } - mbedtls_x509write_csr_free( &req ); - mbedtls_pk_free( &key ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_x509write_csr_free(&req); + mbedtls_pk_free(&key); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_WRITE_C */ diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 30e9e0aa49d5..ad3dacdc19d4 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -30,13 +30,13 @@ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_PEM_WRITE_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_ERROR_C not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " + "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_ERROR_C not defined.\n"); + mbedtls_exit(0); } #else @@ -104,8 +104,8 @@ int main( void ) " issuer_pwd=%%s default: (empty)\n" \ " output_file=%%s default: cert.crt\n" \ " serial=%%s default: 1\n" \ - " not_before=%%s default: 20010101000000\n"\ - " not_after=%%s default: 20301231235959\n"\ + " not_before=%%s default: 20010101000000\n" \ + " not_after=%%s default: 20301231235959\n" \ " is_ca=%%d default: 0 (disabled)\n" \ " max_pathlen=%%d default: -1 (none)\n" \ " md=%%s default: SHA256\n" \ @@ -113,16 +113,16 @@ int main( void ) " MD2, MD4, MD5, RIPEMD160, SHA1,\n" \ " SHA224, SHA256, SHA384, SHA512\n" \ " version=%%d default: 3\n" \ - " Possible values: 1, 2, 3\n"\ + " Possible values: 1, 2, 3\n" \ " subject_identifier=%%s default: 1\n" \ " Possible values: 0, 1\n" \ - " (Considered for v3 only)\n"\ + " (Considered for v3 only)\n" \ " authority_identifier=%%s default: 1\n" \ " Possible values: 0, 1\n" \ - " (Considered for v3 only)\n"\ + " (Considered for v3 only)\n" \ " basic_constraints=%%d default: 1\n" \ " Possible values: 0, 1\n" \ - " (Considered for v3 only)\n"\ + " (Considered for v3 only)\n" \ " key_usage=%%s default: (empty)\n" \ " Comma-separated-list of values:\n" \ " digital_signature\n" \ @@ -132,7 +132,7 @@ int main( void ) " key_agreement\n" \ " key_cert_sign\n" \ " crl_sign\n" \ - " (Considered for v3 only)\n"\ + " (Considered for v3 only)\n" \ " ns_cert_type=%%s default: (empty)\n" \ " Comma-separated-list of values:\n" \ " ssl_client\n" \ @@ -148,8 +148,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *issuer_crt; /* filename of the issuer certificate */ const char *request_file; /* filename of the certificate request */ const char *subject_key; /* filename of the subject key file */ @@ -174,44 +173,45 @@ struct options unsigned char ns_cert_type; /* NS cert type */ } opt; -int write_certificate( mbedtls_x509write_cert *crt, const char *output_file, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int write_certificate(mbedtls_x509write_cert *crt, const char *output_file, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret; FILE *f; unsigned char output_buf[4096]; size_t len = 0; - memset( output_buf, 0, 4096 ); - if( ( ret = mbedtls_x509write_crt_pem( crt, output_buf, 4096, - f_rng, p_rng ) ) < 0 ) - return( ret ); + memset(output_buf, 0, 4096); + if ((ret = mbedtls_x509write_crt_pem(crt, output_buf, 4096, + f_rng, p_rng)) < 0) { + return ret; + } - len = strlen( (char *) output_buf ); + len = strlen((char *) output_buf); - if( ( f = fopen( output_file, "w" ) ) == NULL ) - return( -1 ); + if ((f = fopen(output_file, "w")) == NULL) { + return -1; + } - if( fwrite( output_buf, 1, len, f ) != len ) - { - fclose( f ); - return( -1 ); + if (fwrite(output_buf, 1, len, f) != len) { + fclose(f); + return -1; } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; mbedtls_x509_crt issuer_crt; mbedtls_pk_context loaded_issuer_key, loaded_subject_key; mbedtls_pk_context *issuer_key = &loaded_issuer_key, - *subject_key = &loaded_subject_key; + *subject_key = &loaded_subject_key; char buf[1024]; char issuer_name[256]; int i; @@ -229,22 +229,21 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_x509write_crt_init( &crt ); - mbedtls_pk_init( &loaded_issuer_key ); - mbedtls_pk_init( &loaded_subject_key ); - mbedtls_mpi_init( &serial ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); + mbedtls_x509write_crt_init(&crt); + mbedtls_pk_init(&loaded_issuer_key); + mbedtls_pk_init(&loaded_subject_key); + mbedtls_mpi_init(&serial); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); #if defined(MBEDTLS_X509_CSR_PARSE_C) - mbedtls_x509_csr_init( &csr ); + mbedtls_x509_csr_init(&csr); #endif - mbedtls_x509_crt_init( &issuer_crt ); - memset( buf, 0, 1024 ); + mbedtls_x509_crt_init(&issuer_crt); + memset(buf, 0, 1024); - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc == 0) { +usage: + mbedtls_printf(USAGE); goto exit; } @@ -271,188 +270,149 @@ int main( int argc, char *argv[] ) opt.authority_identifier = DFL_AUTH_IDENT; opt.basic_constraints = DFL_CONSTRAINTS; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "request_file" ) == 0 ) + if (strcmp(p, "request_file") == 0) { opt.request_file = q; - else if( strcmp( p, "subject_key" ) == 0 ) + } else if (strcmp(p, "subject_key") == 0) { opt.subject_key = q; - else if( strcmp( p, "issuer_key" ) == 0 ) + } else if (strcmp(p, "issuer_key") == 0) { opt.issuer_key = q; - else if( strcmp( p, "subject_pwd" ) == 0 ) + } else if (strcmp(p, "subject_pwd") == 0) { opt.subject_pwd = q; - else if( strcmp( p, "issuer_pwd" ) == 0 ) + } else if (strcmp(p, "issuer_pwd") == 0) { opt.issuer_pwd = q; - else if( strcmp( p, "issuer_crt" ) == 0 ) + } else if (strcmp(p, "issuer_crt") == 0) { opt.issuer_crt = q; - else if( strcmp( p, "output_file" ) == 0 ) + } else if (strcmp(p, "output_file") == 0) { opt.output_file = q; - else if( strcmp( p, "subject_name" ) == 0 ) - { + } else if (strcmp(p, "subject_name") == 0) { opt.subject_name = q; - } - else if( strcmp( p, "issuer_name" ) == 0 ) - { + } else if (strcmp(p, "issuer_name") == 0) { opt.issuer_name = q; - } - else if( strcmp( p, "not_before" ) == 0 ) - { + } else if (strcmp(p, "not_before") == 0) { opt.not_before = q; - } - else if( strcmp( p, "not_after" ) == 0 ) - { + } else if (strcmp(p, "not_after") == 0) { opt.not_after = q; - } - else if( strcmp( p, "serial" ) == 0 ) - { + } else if (strcmp(p, "serial") == 0) { opt.serial = q; - } - else if( strcmp( p, "authority_identifier" ) == 0 ) - { - opt.authority_identifier = atoi( q ); - if( opt.authority_identifier != 0 && - opt.authority_identifier != 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else if (strcmp(p, "authority_identifier") == 0) { + opt.authority_identifier = atoi(q); + if (opt.authority_identifier != 0 && + opt.authority_identifier != 1) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - } - else if( strcmp( p, "subject_identifier" ) == 0 ) - { - opt.subject_identifier = atoi( q ); - if( opt.subject_identifier != 0 && - opt.subject_identifier != 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else if (strcmp(p, "subject_identifier") == 0) { + opt.subject_identifier = atoi(q); + if (opt.subject_identifier != 0 && + opt.subject_identifier != 1) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - } - else if( strcmp( p, "basic_constraints" ) == 0 ) - { - opt.basic_constraints = atoi( q ); - if( opt.basic_constraints != 0 && - opt.basic_constraints != 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else if (strcmp(p, "basic_constraints") == 0) { + opt.basic_constraints = atoi(q); + if (opt.basic_constraints != 0 && + opt.basic_constraints != 1) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - } - else if( strcmp( p, "md" ) == 0 ) - { + } else if (strcmp(p, "md") == 0) { const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_string( q ); - if( md_info == NULL ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + mbedtls_md_info_from_string(q); + if (md_info == NULL) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - opt.md = mbedtls_md_get_type( md_info ); - } - else if( strcmp( p, "version" ) == 0 ) - { - opt.version = atoi( q ); - if( opt.version < 1 || opt.version > 3 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + opt.md = mbedtls_md_get_type(md_info); + } else if (strcmp(p, "version") == 0) { + opt.version = atoi(q); + if (opt.version < 1 || opt.version > 3) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } opt.version--; - } - else if( strcmp( p, "selfsign" ) == 0 ) - { - opt.selfsign = atoi( q ); - if( opt.selfsign < 0 || opt.selfsign > 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else if (strcmp(p, "selfsign") == 0) { + opt.selfsign = atoi(q); + if (opt.selfsign < 0 || opt.selfsign > 1) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - } - else if( strcmp( p, "is_ca" ) == 0 ) - { - opt.is_ca = atoi( q ); - if( opt.is_ca < 0 || opt.is_ca > 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else if (strcmp(p, "is_ca") == 0) { + opt.is_ca = atoi(q); + if (opt.is_ca < 0 || opt.is_ca > 1) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - } - else if( strcmp( p, "max_pathlen" ) == 0 ) - { - opt.max_pathlen = atoi( q ); - if( opt.max_pathlen < -1 || opt.max_pathlen > 127 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else if (strcmp(p, "max_pathlen") == 0) { + opt.max_pathlen = atoi(q); + if (opt.max_pathlen < -1 || opt.max_pathlen > 127) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - } - else if( strcmp( p, "key_usage" ) == 0 ) - { - while( q != NULL ) - { - if( ( r = strchr( q, ',' ) ) != NULL ) + } else if (strcmp(p, "key_usage") == 0) { + while (q != NULL) { + if ((r = strchr(q, ',')) != NULL) { *r++ = '\0'; + } - if( strcmp( q, "digital_signature" ) == 0 ) + if (strcmp(q, "digital_signature") == 0) { opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE; - else if( strcmp( q, "non_repudiation" ) == 0 ) + } else if (strcmp(q, "non_repudiation") == 0) { opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION; - else if( strcmp( q, "key_encipherment" ) == 0 ) + } else if (strcmp(q, "key_encipherment") == 0) { opt.key_usage |= MBEDTLS_X509_KU_KEY_ENCIPHERMENT; - else if( strcmp( q, "data_encipherment" ) == 0 ) + } else if (strcmp(q, "data_encipherment") == 0) { opt.key_usage |= MBEDTLS_X509_KU_DATA_ENCIPHERMENT; - else if( strcmp( q, "key_agreement" ) == 0 ) + } else if (strcmp(q, "key_agreement") == 0) { opt.key_usage |= MBEDTLS_X509_KU_KEY_AGREEMENT; - else if( strcmp( q, "key_cert_sign" ) == 0 ) + } else if (strcmp(q, "key_cert_sign") == 0) { opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN; - else if( strcmp( q, "crl_sign" ) == 0 ) + } else if (strcmp(q, "crl_sign") == 0) { opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN; - else - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } q = r; } - } - else if( strcmp( p, "ns_cert_type" ) == 0 ) - { - while( q != NULL ) - { - if( ( r = strchr( q, ',' ) ) != NULL ) + } else if (strcmp(p, "ns_cert_type") == 0) { + while (q != NULL) { + if ((r = strchr(q, ',')) != NULL) { *r++ = '\0'; + } - if( strcmp( q, "ssl_client" ) == 0 ) + if (strcmp(q, "ssl_client") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT; - else if( strcmp( q, "ssl_server" ) == 0 ) + } else if (strcmp(q, "ssl_server") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER; - else if( strcmp( q, "email" ) == 0 ) + } else if (strcmp(q, "email") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL; - else if( strcmp( q, "object_signing" ) == 0 ) + } else if (strcmp(q, "object_signing") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING; - else if( strcmp( q, "ssl_ca" ) == 0 ) + } else if (strcmp(q, "ssl_ca") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CA; - else if( strcmp( q, "email_ca" ) == 0 ) + } else if (strcmp(q, "email_ca") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA; - else if( strcmp( q, "object_signing_ca" ) == 0 ) + } else if (strcmp(q, "object_signing_ca") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA; - else - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } q = r; } - } - else + } else { goto usage; + } } mbedtls_printf("\n"); @@ -460,339 +420,310 @@ int main( int argc, char *argv[] ) /* * 0. Seed the PRNG */ - mbedtls_printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d - %s\n", - ret, buf ); + mbedtls_printf(" . Seeding the random number generator..."); + fflush(stdout); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d - %s\n", + ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); // Parse serial to MPI // - mbedtls_printf( " . Reading serial number..." ); - fflush( stdout ); - - if( ( ret = mbedtls_mpi_read_string( &serial, 10, opt.serial ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_mpi_read_string " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + mbedtls_printf(" . Reading serial number..."); + fflush(stdout); + + if ((ret = mbedtls_mpi_read_string(&serial, 10, opt.serial)) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_mpi_read_string " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); // Parse issuer certificate if present // - if( !opt.selfsign && strlen( opt.issuer_crt ) ) - { + if (!opt.selfsign && strlen(opt.issuer_crt)) { /* * 1.0.a. Load the certificates */ - mbedtls_printf( " . Loading the issuer certificate ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_x509_crt_parse_file( &issuer_crt, opt.issuer_crt ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + mbedtls_printf(" . Loading the issuer certificate ..."); + fflush(stdout); + + if ((ret = mbedtls_x509_crt_parse_file(&issuer_crt, opt.issuer_crt)) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - ret = mbedtls_x509_dn_gets( issuer_name, sizeof(issuer_name), - &issuer_crt.subject ); - if( ret < 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + ret = mbedtls_x509_dn_gets(issuer_name, sizeof(issuer_name), + &issuer_crt.subject); + if (ret < 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509_dn_gets " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } opt.issuer_name = issuer_name; - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #if defined(MBEDTLS_X509_CSR_PARSE_C) // Parse certificate request if present // - if( !opt.selfsign && strlen( opt.request_file ) ) - { + if (!opt.selfsign && strlen(opt.request_file)) { /* * 1.0.b. Load the CSR */ - mbedtls_printf( " . Loading the certificate request ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_x509_csr_parse_file( &csr, opt.request_file ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + mbedtls_printf(" . Loading the certificate request ..."); + fflush(stdout); + + if ((ret = mbedtls_x509_csr_parse_file(&csr, opt.request_file)) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509_csr_parse_file " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - ret = mbedtls_x509_dn_gets( subject_name, sizeof(subject_name), - &csr.subject ); - if( ret < 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + ret = mbedtls_x509_dn_gets(subject_name, sizeof(subject_name), + &csr.subject); + if (ret < 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509_dn_gets " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } opt.subject_name = subject_name; subject_key = &csr.pk; - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* MBEDTLS_X509_CSR_PARSE_C */ /* * 1.1. Load the keys */ - if( !opt.selfsign && !strlen( opt.request_file ) ) - { - mbedtls_printf( " . Loading the subject key ..." ); - fflush( stdout ); - - ret = mbedtls_pk_parse_keyfile( &loaded_subject_key, opt.subject_key, - opt.subject_pwd ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + if (!opt.selfsign && !strlen(opt.request_file)) { + mbedtls_printf(" . Loading the subject key ..."); + fflush(stdout); + + ret = mbedtls_pk_parse_keyfile(&loaded_subject_key, opt.subject_key, + opt.subject_pwd); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } - mbedtls_printf( " . Loading the issuer key ..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the issuer key ..."); + fflush(stdout); - ret = mbedtls_pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key, - opt.issuer_pwd ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile " - "returned -x%02x - %s\n\n", (unsigned int) -ret, buf ); + ret = mbedtls_pk_parse_keyfile(&loaded_issuer_key, opt.issuer_key, + opt.issuer_pwd); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile " + "returned -x%02x - %s\n\n", (unsigned int) -ret, buf); goto exit; } // Check if key and issuer certificate match // - if( strlen( opt.issuer_crt ) ) - { - if( mbedtls_pk_check_pair( &issuer_crt.pk, issuer_key ) != 0 ) - { - mbedtls_printf( " failed\n ! issuer_key does not match " - "issuer certificate\n\n" ); + if (strlen(opt.issuer_crt)) { + if (mbedtls_pk_check_pair(&issuer_crt.pk, issuer_key) != 0) { + mbedtls_printf(" failed\n ! issuer_key does not match " + "issuer certificate\n\n"); goto exit; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); - if( opt.selfsign ) - { + if (opt.selfsign) { opt.subject_name = opt.issuer_name; subject_key = issuer_key; } - mbedtls_x509write_crt_set_subject_key( &crt, subject_key ); - mbedtls_x509write_crt_set_issuer_key( &crt, issuer_key ); + mbedtls_x509write_crt_set_subject_key(&crt, subject_key); + mbedtls_x509write_crt_set_issuer_key(&crt, issuer_key); /* * 1.0. Check the names for validity */ - if( ( ret = mbedtls_x509write_crt_set_subject_name( &crt, opt.subject_name ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject_name " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + if ((ret = mbedtls_x509write_crt_set_subject_name(&crt, opt.subject_name)) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_subject_name " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - if( ( ret = mbedtls_x509write_crt_set_issuer_name( &crt, opt.issuer_name ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_issuer_name " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + if ((ret = mbedtls_x509write_crt_set_issuer_name(&crt, opt.issuer_name)) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_issuer_name " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " . Setting certificate values ..." ); - fflush( stdout ); + mbedtls_printf(" . Setting certificate values ..."); + fflush(stdout); - mbedtls_x509write_crt_set_version( &crt, opt.version ); - mbedtls_x509write_crt_set_md_alg( &crt, opt.md ); + mbedtls_x509write_crt_set_version(&crt, opt.version); + mbedtls_x509write_crt_set_md_alg(&crt, opt.md); - ret = mbedtls_x509write_crt_set_serial( &crt, &serial ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_serial " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + ret = mbedtls_x509write_crt_set_serial(&crt, &serial); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_serial " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - ret = mbedtls_x509write_crt_set_validity( &crt, opt.not_before, opt.not_after ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_validity " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + ret = mbedtls_x509write_crt_set_validity(&crt, opt.not_before, opt.not_after); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_validity " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); - - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.basic_constraints != 0 ) - { - mbedtls_printf( " . Adding the Basic Constraints extension ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_basic_constraints( &crt, opt.is_ca, - opt.max_pathlen ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! x509write_crt_set_basic_constraints " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + mbedtls_printf(" ok\n"); + + if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.basic_constraints != 0) { + mbedtls_printf(" . Adding the Basic Constraints extension ..."); + fflush(stdout); + + ret = mbedtls_x509write_crt_set_basic_constraints(&crt, opt.is_ca, + opt.max_pathlen); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! x509write_crt_set_basic_constraints " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #if defined(MBEDTLS_SHA1_C) - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.subject_identifier != 0 ) - { - mbedtls_printf( " . Adding the Subject Key Identifier ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_subject_key_identifier( &crt ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject" - "_key_identifier returned -0x%04x - %s\n\n", - (unsigned int) -ret, buf ); + if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.subject_identifier != 0) { + mbedtls_printf(" . Adding the Subject Key Identifier ..."); + fflush(stdout); + + ret = mbedtls_x509write_crt_set_subject_key_identifier(&crt); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_subject" + "_key_identifier returned -0x%04x - %s\n\n", + (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.authority_identifier != 0 ) - { - mbedtls_printf( " . Adding the Authority Key Identifier ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_authority_key_identifier( &crt ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_authority_" - "key_identifier returned -0x%04x - %s\n\n", - (unsigned int) -ret, buf ); + if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.authority_identifier != 0) { + mbedtls_printf(" . Adding the Authority Key Identifier ..."); + fflush(stdout); + + ret = mbedtls_x509write_crt_set_authority_key_identifier(&crt); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_authority_" + "key_identifier returned -0x%04x - %s\n\n", + (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* MBEDTLS_SHA1_C */ - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.key_usage != 0 ) - { - mbedtls_printf( " . Adding the Key Usage extension ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_key_usage( &crt, opt.key_usage ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_key_usage " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.key_usage != 0) { + mbedtls_printf(" . Adding the Key Usage extension ..."); + fflush(stdout); + + ret = mbedtls_x509write_crt_set_key_usage(&crt, opt.key_usage); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_key_usage " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.ns_cert_type != 0 ) - { - mbedtls_printf( " . Adding the NS Cert Type extension ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_ns_cert_type( &crt, opt.ns_cert_type ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_ns_cert_type " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.ns_cert_type != 0) { + mbedtls_printf(" . Adding the NS Cert Type extension ..."); + fflush(stdout); + + ret = mbedtls_x509write_crt_set_ns_cert_type(&crt, opt.ns_cert_type); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_ns_cert_type " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } /* * 1.2. Writing the certificate */ - mbedtls_printf( " . Writing the certificate..." ); - fflush( stdout ); - - if( ( ret = write_certificate( &crt, opt.output_file, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! write_certificate -0x%04x - %s\n\n", - (unsigned int) -ret, buf ); + mbedtls_printf(" . Writing the certificate..."); + fflush(stdout); + + if ((ret = write_certificate(&crt, opt.output_file, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! write_certificate -0x%04x - %s\n\n", + (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: #if defined(MBEDTLS_X509_CSR_PARSE_C) - mbedtls_x509_csr_free( &csr ); + mbedtls_x509_csr_free(&csr); #endif /* MBEDTLS_X509_CSR_PARSE_C */ - mbedtls_x509_crt_free( &issuer_crt ); - mbedtls_x509write_crt_free( &crt ); - mbedtls_pk_free( &loaded_subject_key ); - mbedtls_pk_free( &loaded_issuer_key ); - mbedtls_mpi_free( &serial ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_x509_crt_free(&issuer_crt); + mbedtls_x509write_crt_free(&crt); + mbedtls_pk_free(&loaded_subject_key); + mbedtls_pk_free(&loaded_issuer_key); + mbedtls_mpi_free(&serial); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_X509_CRT_WRITE_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index 0a6d2611a701..4b98757102d6 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -27,11 +27,11 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -54,12 +54,11 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *filename; /* filename of the certificate file */ } opt; -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -71,72 +70,70 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_x509_crl_init( &crl ); + mbedtls_x509_crl_init(&crl); - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc == 0) { +usage: + mbedtls_printf(USAGE); goto exit; } opt.filename = DFL_FILENAME; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "filename" ) == 0 ) + if (strcmp(p, "filename") == 0) { opt.filename = q; - else + } else { goto usage; + } } /* * 1.1. Load the CRL */ - mbedtls_printf( "\n . Loading the CRL ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the CRL ..."); + fflush(stdout); - ret = mbedtls_x509_crl_parse_file( &crl, opt.filename ); + ret = mbedtls_x509_crl_parse_file(&crl, opt.filename); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse_file returned %d\n\n", ret ); - mbedtls_x509_crl_free( &crl ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crl_parse_file returned %d\n\n", ret); + mbedtls_x509_crl_free(&crl); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2 Print the CRL */ - mbedtls_printf( " . CRL information ...\n" ); - ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl ); - if( ret == -1 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crl_info returned %d\n\n", ret ); - mbedtls_x509_crl_free( &crl ); + mbedtls_printf(" . CRL information ...\n"); + ret = mbedtls_x509_crl_info((char *) buf, sizeof(buf) - 1, " ", &crl); + if (ret == -1) { + mbedtls_printf(" failed\n ! mbedtls_x509_crl_info returned %d\n\n", ret); + mbedtls_x509_crl_free(&crl); goto exit; } - mbedtls_printf( "%s\n", buf ); + mbedtls_printf("%s\n", buf); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_x509_crl_free( &crl ); + mbedtls_x509_crl_free(&crl); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CRL_PARSE_C && MBEDTLS_FS_IO */ diff --git a/programs/x509/load_roots.c b/programs/x509/load_roots.c index 611fe8830673..faf4ba90c8b6 100644 --- a/programs/x509/load_roots.c +++ b/programs/x509/load_roots.c @@ -54,11 +54,11 @@ #if !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_TIMING_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_TIMING_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_TIMING_C not defined.\n"); + mbedtls_exit(0); } #else @@ -84,55 +84,51 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char **filenames; /* NULL-terminated list of file names */ unsigned iterations; /* Number of iterations to time */ int prime_cache; /* Prime the disk read cache? */ } opt; -int read_certificates( const char *const *filenames ) +int read_certificates(const char *const *filenames) { mbedtls_x509_crt cas; int ret = 0; const char *const *cur; - mbedtls_x509_crt_init( &cas ); + mbedtls_x509_crt_init(&cas); - for( cur = filenames; *cur != NULL; cur++ ) - { - ret = mbedtls_x509_crt_parse_file( &cas, *cur ); - if( ret != 0 ) - { + for (cur = filenames; *cur != NULL; cur++) { + ret = mbedtls_x509_crt_parse_file(&cas, *cur); + if (ret != 0) { #if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY) char error_message[200]; - mbedtls_strerror( ret, error_message, sizeof( error_message ) ); - printf( "\n%s: -0x%04x (%s)\n", - *cur, (unsigned) -ret, error_message ); + mbedtls_strerror(ret, error_message, sizeof(error_message)); + printf("\n%s: -0x%04x (%s)\n", + *cur, (unsigned) -ret, error_message); #else - printf( "\n%s: -0x%04x\n", - *cur, (unsigned) -ret ); + printf("\n%s: -0x%04x\n", + *cur, (unsigned) -ret); #endif goto exit; } } exit: - mbedtls_x509_crt_free( &cas ); - return( ret == 0 ); + mbedtls_x509_crt_free(&cas); + return ret == 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int exit_code = MBEDTLS_EXIT_FAILURE; unsigned i, j; struct mbedtls_timing_hr_time timer; unsigned long ms; - if( argc <= 1 ) - { - mbedtls_printf( USAGE ); + if (argc <= 1) { + mbedtls_printf(USAGE); goto exit; } @@ -140,66 +136,61 @@ int main( int argc, char *argv[] ) opt.iterations = DFL_ITERATIONS; opt.prime_cache = DFL_PRIME_CACHE; - for( i = 1; i < (unsigned) argc; i++ ) - { + for (i = 1; i < (unsigned) argc; i++) { char *p = argv[i]; char *q = NULL; - if( strcmp( p, "--" ) == 0 ) + if (strcmp(p, "--") == 0) { break; - if( ( q = strchr( p, '=' ) ) == NULL ) + } + if ((q = strchr(p, '=')) == NULL) { break; + } *q++ = '\0'; - for( j = 0; p + j < q; j++ ) - { - if( argv[i][j] >= 'A' && argv[i][j] <= 'Z' ) + for (j = 0; p + j < q; j++) { + if (argv[i][j] >= 'A' && argv[i][j] <= 'Z') { argv[i][j] |= 0x20; + } } - if( strcmp( p, "iterations" ) == 0 ) - { - opt.iterations = atoi( q ); - } - else if( strcmp( p, "prime" ) == 0 ) - { - opt.iterations = atoi( q ) != 0; - } - else - { - mbedtls_printf( "Unknown option: %s\n", p ); - mbedtls_printf( USAGE ); + if (strcmp(p, "iterations") == 0) { + opt.iterations = atoi(q); + } else if (strcmp(p, "prime") == 0) { + opt.iterations = atoi(q) != 0; + } else { + mbedtls_printf("Unknown option: %s\n", p); + mbedtls_printf(USAGE); goto exit; } } - opt.filenames = (const char**) argv + i; - if( *opt.filenames == 0 ) - { - mbedtls_printf( "Missing list of certificate files to parse\n" ); + opt.filenames = (const char **) argv + i; + if (*opt.filenames == 0) { + mbedtls_printf("Missing list of certificate files to parse\n"); goto exit; } - mbedtls_printf( "Parsing %u certificates", argc - i ); - if( opt.prime_cache ) - { - if( ! read_certificates( opt.filenames ) ) + mbedtls_printf("Parsing %u certificates", argc - i); + if (opt.prime_cache) { + if (!read_certificates(opt.filenames)) { goto exit; - mbedtls_printf( " " ); + } + mbedtls_printf(" "); } - (void) mbedtls_timing_get_timer( &timer, 1 ); - for( i = 1; i <= opt.iterations; i++ ) - { - if( ! read_certificates( opt.filenames ) ) + (void) mbedtls_timing_get_timer(&timer, 1); + for (i = 1; i <= opt.iterations; i++) { + if (!read_certificates(opt.filenames)) { goto exit; - mbedtls_printf( "." ); + } + mbedtls_printf("."); } - ms = mbedtls_timing_get_timer( &timer, 0 ); - mbedtls_printf( "\n%u iterations -> %lu ms\n", opt.iterations, ms ); + ms = mbedtls_timing_get_timer(&timer, 0); + mbedtls_printf("\n%u iterations -> %lu ms\n", opt.iterations, ms); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* necessary configuration */ diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index 1a76f45d455a..bc9f67fbb314 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -27,11 +27,11 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -54,12 +54,11 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *filename; /* filename of the certificate request */ } opt; -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -71,72 +70,70 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_x509_csr_init( &csr ); + mbedtls_x509_csr_init(&csr); - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc == 0) { +usage: + mbedtls_printf(USAGE); goto exit; } opt.filename = DFL_FILENAME; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "filename" ) == 0 ) + if (strcmp(p, "filename") == 0) { opt.filename = q; - else + } else { goto usage; + } } /* * 1.1. Load the CSR */ - mbedtls_printf( "\n . Loading the CSR ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the CSR ..."); + fflush(stdout); - ret = mbedtls_x509_csr_parse_file( &csr, opt.filename ); + ret = mbedtls_x509_csr_parse_file(&csr, opt.filename); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file returned %d\n\n", ret ); - mbedtls_x509_csr_free( &csr ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_csr_parse_file returned %d\n\n", ret); + mbedtls_x509_csr_free(&csr); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2 Print the CSR */ - mbedtls_printf( " . CSR information ...\n" ); - ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr ); - if( ret == -1 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_csr_info returned %d\n\n", ret ); - mbedtls_x509_csr_free( &csr ); + mbedtls_printf(" . CSR information ...\n"); + ret = mbedtls_x509_csr_info((char *) buf, sizeof(buf) - 1, " ", &csr); + if (ret == -1) { + mbedtls_printf(" failed\n ! mbedtls_x509_csr_info returned %d\n\n", ret); + mbedtls_x509_csr_free(&csr); goto exit; } - mbedtls_printf( "%s\n", buf ); + mbedtls_printf("%s\n", buf); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_x509_csr_free( &csr ); + mbedtls_x509_csr_free(&csr); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CSR_PARSE_C && MBEDTLS_FS_IO */ diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index fc210b908458..077500302868 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -32,115 +32,120 @@ HEADER_INCLUDED -const char * mbedtls_high_level_strerr( int error_code ) +const char *mbedtls_high_level_strerr(int error_code) { int high_level_error_code; - if( error_code < 0 ) + if (error_code < 0) { error_code = -error_code; + } /* Extract the high-level part from the error code. */ high_level_error_code = error_code & 0xFF80; - switch( high_level_error_code ) - { - /* Begin Auto-Generated Code. */ -HIGH_LEVEL_CODE_CHECKS + switch (high_level_error_code) { + /* Begin Auto-Generated Code. */ + HIGH_LEVEL_CODE_CHECKS /* End Auto-Generated Code. */ default: break; } - return( NULL ); + return NULL; } -const char * mbedtls_low_level_strerr( int error_code ) +const char *mbedtls_low_level_strerr(int error_code) { int low_level_error_code; - if( error_code < 0 ) + if (error_code < 0) { error_code = -error_code; + } /* Extract the low-level part from the error code. */ low_level_error_code = error_code & ~0xFF80; - switch( low_level_error_code ) - { - /* Begin Auto-Generated Code. */ -LOW_LEVEL_CODE_CHECKS + switch (low_level_error_code) { + /* Begin Auto-Generated Code. */ + LOW_LEVEL_CODE_CHECKS /* End Auto-Generated Code. */ default: break; } - return( NULL ); + return NULL; } -void mbedtls_strerror( int ret, char *buf, size_t buflen ) +void mbedtls_strerror(int ret, char *buf, size_t buflen) { size_t len; int use_ret; - const char * high_level_error_description = NULL; - const char * low_level_error_description = NULL; + const char *high_level_error_description = NULL; + const char *low_level_error_description = NULL; - if( buflen == 0 ) + if (buflen == 0) { return; + } - memset( buf, 0x00, buflen ); + memset(buf, 0x00, buflen); - if( ret < 0 ) + if (ret < 0) { ret = -ret; + } - if( ret & 0xFF80 ) - { + if (ret & 0xFF80) { use_ret = ret & 0xFF80; // Translate high level error code. - high_level_error_description = mbedtls_high_level_strerr( ret ); + high_level_error_description = mbedtls_high_level_strerr(ret); - if( high_level_error_description == NULL ) - mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret ); - else - mbedtls_snprintf( buf, buflen, "%s", high_level_error_description ); + if (high_level_error_description == NULL) { + mbedtls_snprintf(buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret); + } else { + mbedtls_snprintf(buf, buflen, "%s", high_level_error_description); + } #if defined(MBEDTLS_SSL_TLS_C) // Early return in case of a fatal error - do not try to translate low // level code. - if(use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE)) + if (use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE)) { return; + } #endif /* MBEDTLS_SSL_TLS_C */ } use_ret = ret & ~0xFF80; - if( use_ret == 0 ) + if (use_ret == 0) { return; + } // If high level code is present, make a concatenation between both // error strings. // - len = strlen( buf ); + len = strlen(buf); - if( len > 0 ) - { - if( buflen - len < 5 ) + if (len > 0) { + if (buflen - len < 5) { return; + } - mbedtls_snprintf( buf + len, buflen - len, " : " ); + mbedtls_snprintf(buf + len, buflen - len, " : "); buf += len + 3; buflen -= len + 3; } // Translate low level error code. - low_level_error_description = mbedtls_low_level_strerr( ret ); + low_level_error_description = mbedtls_low_level_strerr(ret); - if( low_level_error_description == NULL ) - mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret ); - else - mbedtls_snprintf( buf, buflen, "%s", low_level_error_description ); + if (low_level_error_description == NULL) { + mbedtls_snprintf(buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret); + } else { + mbedtls_snprintf(buf, buflen, "%s", low_level_error_description); + } } #else /* MBEDTLS_ERROR_C */ @@ -148,18 +153,19 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) /* * Provide a dummy implementation when MBEDTLS_ERROR_C is not defined */ -void mbedtls_strerror( int ret, char *buf, size_t buflen ) +void mbedtls_strerror(int ret, char *buf, size_t buflen) { ((void) ret); - if( buflen > 0 ) + if (buflen > 0) { buf[0] = '\0'; + } } #endif /* MBEDTLS_ERROR_C */ #if defined(MBEDTLS_TEST_HOOKS) -void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +void (*mbedtls_test_hook_error_add)(int, int, const char *, int); #endif #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index 6ed9d4e2be97..6470ee0c839d 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -110,11 +110,12 @@ */ #define MACRO_EXPANSION_TO_STR(macro) MACRO_NAME_TO_STR(macro) #define MACRO_NAME_TO_STR(macro) \ - mbedtls_printf( "%s", strlen( #macro "" ) > 0 ? #macro "\n" : "" ) + mbedtls_printf("%s", strlen( #macro "") > 0 ? #macro "\n" : "") #define STRINGIFY(macro) #macro #define OUTPUT_MACRO_NAME_VALUE(macro) mbedtls_printf( #macro "%s\n", \ - ( STRINGIFY(macro) "" )[0] != 0 ? "=" STRINGIFY(macro) : "" ) + (STRINGIFY(macro) "")[0] != 0 ? "=" STRINGIFY( \ + macro) : "") #if defined(_MSC_VER) /* @@ -129,13 +130,13 @@ #pragma warning(disable:4003) #endif /* _MSC_VER */ -int query_config( const char *config ) +int query_config(const char *config) { -CHECK_CONFIG /* If the symbol is not found, return an error */ - return( 1 ); + CHECK_CONFIG /* If the symbol is not found, return an error */ + return 1; } -void list_config( void ) +void list_config(void) { LIST_CONFIG } diff --git a/scripts/data_files/version_features.fmt b/scripts/data_files/version_features.fmt index d4bf774462a6..d3217a1910ab 100644 --- a/scripts/data_files/version_features.fmt +++ b/scripts/data_files/version_features.fmt @@ -27,28 +27,30 @@ static const char * const features[] = { #if defined(MBEDTLS_VERSION_FEATURES) -FEATURE_DEFINES + FEATURE_DEFINES #endif /* MBEDTLS_VERSION_FEATURES */ NULL }; -int mbedtls_version_check_feature( const char *feature ) +int mbedtls_version_check_feature(const char *feature) { const char * const *idx = features; - if( *idx == NULL ) - return( -2 ); + if (*idx == NULL) { + return -2; + } - if( feature == NULL ) - return( -1 ); + if (feature == NULL) { + return -1; + } - while( *idx != NULL ) - { - if( !strcmp( *idx, feature ) ) - return( 0 ); + while (*idx != NULL) { + if (!strcmp(*idx, feature)) { + return 0; + } idx++; } - return( -1 ); + return -1; } #endif /* MBEDTLS_VERSION_C */ diff --git a/tests/configs/config-wrapper-malloc-0-null.h b/tests/configs/config-wrapper-malloc-0-null.h index add1a787b395..622ac572b74b 100644 --- a/tests/configs/config-wrapper-malloc-0-null.h +++ b/tests/configs/config-wrapper-malloc-0-null.h @@ -26,11 +26,12 @@ #include #ifndef MBEDTLS_PLATFORM_STD_CALLOC -static inline void *custom_calloc( size_t nmemb, size_t size ) +static inline void *custom_calloc(size_t nmemb, size_t size) { - if( nmemb == 0 || size == 0 ) - return( NULL ); - return( calloc( nmemb, size ) ); + if (nmemb == 0 || size == 0) { + return NULL; + } + return calloc(nmemb, size); } #define MBEDTLS_PLATFORM_MEMORY diff --git a/tests/include/spe/crypto_spe.h b/tests/include/spe/crypto_spe.h index 1aee8a5f0db2..a79ce173853c 100644 --- a/tests/include/spe/crypto_spe.h +++ b/tests/include/spe/crypto_spe.h @@ -34,110 +34,110 @@ #define PSA_FUNCTION_NAME(x) mbedcrypto__ ## x #define psa_crypto_init \ - PSA_FUNCTION_NAME(psa_crypto_init) + PSA_FUNCTION_NAME(psa_crypto_init) #define psa_key_derivation_get_capacity \ - PSA_FUNCTION_NAME(psa_key_derivation_get_capacity) + PSA_FUNCTION_NAME(psa_key_derivation_get_capacity) #define psa_key_derivation_set_capacity \ - PSA_FUNCTION_NAME(psa_key_derivation_set_capacity) + PSA_FUNCTION_NAME(psa_key_derivation_set_capacity) #define psa_key_derivation_input_bytes \ - PSA_FUNCTION_NAME(psa_key_derivation_input_bytes) + PSA_FUNCTION_NAME(psa_key_derivation_input_bytes) #define psa_key_derivation_output_bytes \ - PSA_FUNCTION_NAME(psa_key_derivation_output_bytes) + PSA_FUNCTION_NAME(psa_key_derivation_output_bytes) #define psa_key_derivation_input_key \ - PSA_FUNCTION_NAME(psa_key_derivation_input_key) + PSA_FUNCTION_NAME(psa_key_derivation_input_key) #define psa_key_derivation_output_key \ - PSA_FUNCTION_NAME(psa_key_derivation_output_key) + PSA_FUNCTION_NAME(psa_key_derivation_output_key) #define psa_key_derivation_setup \ - PSA_FUNCTION_NAME(psa_key_derivation_setup) + PSA_FUNCTION_NAME(psa_key_derivation_setup) #define psa_key_derivation_abort \ - PSA_FUNCTION_NAME(psa_key_derivation_abort) + PSA_FUNCTION_NAME(psa_key_derivation_abort) #define psa_key_derivation_key_agreement \ - PSA_FUNCTION_NAME(psa_key_derivation_key_agreement) + PSA_FUNCTION_NAME(psa_key_derivation_key_agreement) #define psa_raw_key_agreement \ - PSA_FUNCTION_NAME(psa_raw_key_agreement) + PSA_FUNCTION_NAME(psa_raw_key_agreement) #define psa_generate_random \ - PSA_FUNCTION_NAME(psa_generate_random) + PSA_FUNCTION_NAME(psa_generate_random) #define psa_aead_encrypt \ - PSA_FUNCTION_NAME(psa_aead_encrypt) + PSA_FUNCTION_NAME(psa_aead_encrypt) #define psa_aead_decrypt \ - PSA_FUNCTION_NAME(psa_aead_decrypt) + PSA_FUNCTION_NAME(psa_aead_decrypt) #define psa_open_key \ - PSA_FUNCTION_NAME(psa_open_key) + PSA_FUNCTION_NAME(psa_open_key) #define psa_close_key \ - PSA_FUNCTION_NAME(psa_close_key) + PSA_FUNCTION_NAME(psa_close_key) #define psa_import_key \ - PSA_FUNCTION_NAME(psa_import_key) + PSA_FUNCTION_NAME(psa_import_key) #define psa_destroy_key \ - PSA_FUNCTION_NAME(psa_destroy_key) + PSA_FUNCTION_NAME(psa_destroy_key) #define psa_get_key_attributes \ - PSA_FUNCTION_NAME(psa_get_key_attributes) + PSA_FUNCTION_NAME(psa_get_key_attributes) #define psa_reset_key_attributes \ - PSA_FUNCTION_NAME(psa_reset_key_attributes) + PSA_FUNCTION_NAME(psa_reset_key_attributes) #define psa_export_key \ - PSA_FUNCTION_NAME(psa_export_key) + PSA_FUNCTION_NAME(psa_export_key) #define psa_export_public_key \ - PSA_FUNCTION_NAME(psa_export_public_key) + PSA_FUNCTION_NAME(psa_export_public_key) #define psa_purge_key \ - PSA_FUNCTION_NAME(psa_purge_key) + PSA_FUNCTION_NAME(psa_purge_key) #define psa_copy_key \ - PSA_FUNCTION_NAME(psa_copy_key) + PSA_FUNCTION_NAME(psa_copy_key) #define psa_cipher_operation_init \ - PSA_FUNCTION_NAME(psa_cipher_operation_init) + PSA_FUNCTION_NAME(psa_cipher_operation_init) #define psa_cipher_generate_iv \ - PSA_FUNCTION_NAME(psa_cipher_generate_iv) + PSA_FUNCTION_NAME(psa_cipher_generate_iv) #define psa_cipher_set_iv \ - PSA_FUNCTION_NAME(psa_cipher_set_iv) + PSA_FUNCTION_NAME(psa_cipher_set_iv) #define psa_cipher_encrypt_setup \ - PSA_FUNCTION_NAME(psa_cipher_encrypt_setup) + PSA_FUNCTION_NAME(psa_cipher_encrypt_setup) #define psa_cipher_decrypt_setup \ - PSA_FUNCTION_NAME(psa_cipher_decrypt_setup) + PSA_FUNCTION_NAME(psa_cipher_decrypt_setup) #define psa_cipher_update \ - PSA_FUNCTION_NAME(psa_cipher_update) + PSA_FUNCTION_NAME(psa_cipher_update) #define psa_cipher_finish \ - PSA_FUNCTION_NAME(psa_cipher_finish) + PSA_FUNCTION_NAME(psa_cipher_finish) #define psa_cipher_abort \ - PSA_FUNCTION_NAME(psa_cipher_abort) + PSA_FUNCTION_NAME(psa_cipher_abort) #define psa_hash_operation_init \ - PSA_FUNCTION_NAME(psa_hash_operation_init) + PSA_FUNCTION_NAME(psa_hash_operation_init) #define psa_hash_setup \ - PSA_FUNCTION_NAME(psa_hash_setup) + PSA_FUNCTION_NAME(psa_hash_setup) #define psa_hash_update \ - PSA_FUNCTION_NAME(psa_hash_update) + PSA_FUNCTION_NAME(psa_hash_update) #define psa_hash_finish \ - PSA_FUNCTION_NAME(psa_hash_finish) + PSA_FUNCTION_NAME(psa_hash_finish) #define psa_hash_verify \ - PSA_FUNCTION_NAME(psa_hash_verify) + PSA_FUNCTION_NAME(psa_hash_verify) #define psa_hash_abort \ - PSA_FUNCTION_NAME(psa_hash_abort) + PSA_FUNCTION_NAME(psa_hash_abort) #define psa_hash_clone \ - PSA_FUNCTION_NAME(psa_hash_clone) + PSA_FUNCTION_NAME(psa_hash_clone) #define psa_hash_compute \ - PSA_FUNCTION_NAME(psa_hash_compute) + PSA_FUNCTION_NAME(psa_hash_compute) #define psa_hash_compare \ - PSA_FUNCTION_NAME(psa_hash_compare) + PSA_FUNCTION_NAME(psa_hash_compare) #define psa_mac_operation_init \ - PSA_FUNCTION_NAME(psa_mac_operation_init) + PSA_FUNCTION_NAME(psa_mac_operation_init) #define psa_mac_sign_setup \ - PSA_FUNCTION_NAME(psa_mac_sign_setup) + PSA_FUNCTION_NAME(psa_mac_sign_setup) #define psa_mac_verify_setup \ - PSA_FUNCTION_NAME(psa_mac_verify_setup) + PSA_FUNCTION_NAME(psa_mac_verify_setup) #define psa_mac_update \ - PSA_FUNCTION_NAME(psa_mac_update) + PSA_FUNCTION_NAME(psa_mac_update) #define psa_mac_sign_finish \ - PSA_FUNCTION_NAME(psa_mac_sign_finish) + PSA_FUNCTION_NAME(psa_mac_sign_finish) #define psa_mac_verify_finish \ - PSA_FUNCTION_NAME(psa_mac_verify_finish) + PSA_FUNCTION_NAME(psa_mac_verify_finish) #define psa_mac_abort \ - PSA_FUNCTION_NAME(psa_mac_abort) + PSA_FUNCTION_NAME(psa_mac_abort) #define psa_sign_hash \ - PSA_FUNCTION_NAME(psa_sign_hash) + PSA_FUNCTION_NAME(psa_sign_hash) #define psa_verify_hash \ - PSA_FUNCTION_NAME(psa_verify_hash) + PSA_FUNCTION_NAME(psa_verify_hash) #define psa_asymmetric_encrypt \ - PSA_FUNCTION_NAME(psa_asymmetric_encrypt) + PSA_FUNCTION_NAME(psa_asymmetric_encrypt) #define psa_asymmetric_decrypt \ - PSA_FUNCTION_NAME(psa_asymmetric_decrypt) + PSA_FUNCTION_NAME(psa_asymmetric_decrypt) #define psa_generate_key \ - PSA_FUNCTION_NAME(psa_generate_key) + PSA_FUNCTION_NAME(psa_generate_key) #endif /* CRYPTO_SPE_H */ diff --git a/tests/include/test/asn1_helpers.h b/tests/include/test/asn1_helpers.h index 91ae26026662..dee3cbda9546 100644 --- a/tests/include/test/asn1_helpers.h +++ b/tests/include/test/asn1_helpers.h @@ -43,8 +43,8 @@ * * \return \c 0 if the test failed, otherwise 1. */ -int mbedtls_test_asn1_skip_integer( unsigned char **p, const unsigned char *end, - size_t min_bits, size_t max_bits, - int must_be_odd ); +int mbedtls_test_asn1_skip_integer(unsigned char **p, const unsigned char *end, + size_t min_bits, size_t max_bits, + int must_be_odd); #endif /* ASN1_HELPERS_H */ diff --git a/tests/include/test/drivers/aead.h b/tests/include/test/drivers/aead.h index 2207cb36fe2a..182bed267773 100644 --- a/tests/include/test/drivers/aead.h +++ b/tests/include/test/drivers/aead.h @@ -41,10 +41,10 @@ typedef struct { #define MBEDTLS_TEST_DRIVER_AEAD_INIT { 0, 0, 0 } static inline mbedtls_test_driver_aead_hooks_t - mbedtls_test_driver_aead_hooks_init( void ) +mbedtls_test_driver_aead_hooks_init(void) { const mbedtls_test_driver_aead_hooks_t v = MBEDTLS_TEST_DRIVER_AEAD_INIT; - return( v ); + return v; } extern mbedtls_test_driver_aead_hooks_t mbedtls_test_driver_aead_hooks; @@ -56,7 +56,7 @@ psa_status_t mbedtls_test_transparent_aead_encrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ); + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length); psa_status_t mbedtls_test_transparent_aead_decrypt( const psa_key_attributes_t *attributes, @@ -65,7 +65,7 @@ psa_status_t mbedtls_test_transparent_aead_decrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ); + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_AEAD_H */ diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index c1aa616b52f0..2bd7b6206a91 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -45,10 +45,10 @@ typedef struct { #define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0 } static inline mbedtls_test_driver_cipher_hooks_t - mbedtls_test_driver_cipher_hooks_init( void ) +mbedtls_test_driver_cipher_hooks_init(void) { const mbedtls_test_driver_cipher_hooks_t v = MBEDTLS_TEST_DRIVER_CIPHER_INIT; - return( v ); + return v; } extern mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks; @@ -81,7 +81,7 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( psa_algorithm_t alg); psa_status_t mbedtls_test_transparent_cipher_abort( - mbedtls_transparent_test_driver_cipher_operation_t *operation ); + mbedtls_transparent_test_driver_cipher_operation_t *operation); psa_status_t mbedtls_test_transparent_cipher_set_iv( mbedtls_transparent_test_driver_cipher_operation_t *operation, diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index 865cd743306c..de7ebc54c1aa 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -41,10 +41,10 @@ typedef struct { #define MBEDTLS_TEST_DRIVER_HASH_INIT { 0, 0, 0 } static inline mbedtls_test_driver_hash_hooks_t - mbedtls_test_driver_hash_hooks_init( void ) +mbedtls_test_driver_hash_hooks_init(void) { const mbedtls_test_driver_hash_hooks_t v = MBEDTLS_TEST_DRIVER_HASH_INIT; - return( v ); + return v; } extern mbedtls_test_driver_hash_hooks_t mbedtls_test_driver_hash_hooks; @@ -52,29 +52,29 @@ extern mbedtls_test_driver_hash_hooks_t mbedtls_test_driver_hash_hooks; psa_status_t mbedtls_test_transparent_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, - uint8_t *hash, size_t hash_size, size_t *hash_length ); + uint8_t *hash, size_t hash_size, size_t *hash_length); psa_status_t mbedtls_test_transparent_hash_setup( mbedtls_transparent_test_driver_hash_operation_t *operation, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t mbedtls_test_transparent_hash_clone( const mbedtls_transparent_test_driver_hash_operation_t *source_operation, - mbedtls_transparent_test_driver_hash_operation_t *target_operation ); + mbedtls_transparent_test_driver_hash_operation_t *target_operation); psa_status_t mbedtls_test_transparent_hash_update( mbedtls_transparent_test_driver_hash_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); psa_status_t mbedtls_test_transparent_hash_finish( mbedtls_transparent_test_driver_hash_operation_t *operation, uint8_t *hash, size_t hash_size, - size_t *hash_length ); + size_t *hash_length); psa_status_t mbedtls_test_transparent_hash_abort( - mbedtls_transparent_test_driver_hash_operation_t *operation ); + mbedtls_transparent_test_driver_hash_operation_t *operation); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index c8dfbb3747b8..d10ba4bce8e1 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -52,43 +52,43 @@ typedef struct { * used as a location of an opaque test drivers. */ #define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0, 0x800000 } static inline mbedtls_test_driver_key_management_hooks_t - mbedtls_test_driver_key_management_hooks_init( void ) +mbedtls_test_driver_key_management_hooks_init(void) { const mbedtls_test_driver_key_management_hooks_t v = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT; - return( v ); + return v; } extern mbedtls_test_driver_key_management_hooks_t mbedtls_test_driver_key_management_hooks; -psa_status_t mbedtls_test_transparent_init( void ); -void mbedtls_test_transparent_free( void ); -psa_status_t mbedtls_test_opaque_init( void ); -void mbedtls_test_opaque_free( void ); +psa_status_t mbedtls_test_transparent_init(void); +void mbedtls_test_transparent_free(void); +psa_status_t mbedtls_test_opaque_init(void); +void mbedtls_test_opaque_free(void); psa_status_t mbedtls_test_transparent_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ); + uint8_t *key, size_t key_size, size_t *key_length); psa_status_t mbedtls_test_opaque_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ); + uint8_t *key, size_t key_size, size_t *key_length); psa_status_t mbedtls_test_opaque_export_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); psa_status_t mbedtls_test_transparent_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); psa_status_t mbedtls_test_opaque_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); psa_status_t mbedtls_test_transparent_import_key( const psa_key_attributes_t *attributes, @@ -102,7 +102,7 @@ psa_status_t mbedtls_test_transparent_import_key( psa_status_t mbedtls_test_opaque_get_builtin_key( psa_drv_slot_number_t slot_number, psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */ diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h index 7733dd341c9e..8af1335c24bc 100644 --- a/tests/include/test/drivers/mac.h +++ b/tests/include/test/drivers/mac.h @@ -41,10 +41,10 @@ typedef struct { #define MBEDTLS_TEST_DRIVER_MAC_INIT { 0, 0, 0 } static inline mbedtls_test_driver_mac_hooks_t - mbedtls_test_driver_mac_hooks_init( void ) +mbedtls_test_driver_mac_hooks_init(void) { const mbedtls_test_driver_mac_hooks_t v = MBEDTLS_TEST_DRIVER_MAC_INIT; - return( v ); + return v; } extern mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks; @@ -58,40 +58,40 @@ psa_status_t mbedtls_test_transparent_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); psa_status_t mbedtls_test_transparent_mac_sign_setup( mbedtls_transparent_test_driver_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t mbedtls_test_transparent_mac_verify_setup( mbedtls_transparent_test_driver_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t mbedtls_test_transparent_mac_update( mbedtls_transparent_test_driver_mac_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); psa_status_t mbedtls_test_transparent_mac_sign_finish( mbedtls_transparent_test_driver_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); psa_status_t mbedtls_test_transparent_mac_verify_finish( mbedtls_transparent_test_driver_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ); + size_t mac_length); psa_status_t mbedtls_test_transparent_mac_abort( - mbedtls_transparent_test_driver_mac_operation_t *operation ); + mbedtls_transparent_test_driver_mac_operation_t *operation); psa_status_t mbedtls_test_opaque_mac_compute( const psa_key_attributes_t *attributes, @@ -102,40 +102,40 @@ psa_status_t mbedtls_test_opaque_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); psa_status_t mbedtls_test_opaque_mac_sign_setup( mbedtls_opaque_test_driver_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t mbedtls_test_opaque_mac_verify_setup( mbedtls_opaque_test_driver_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t mbedtls_test_opaque_mac_update( mbedtls_opaque_test_driver_mac_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); psa_status_t mbedtls_test_opaque_mac_sign_finish( mbedtls_opaque_test_driver_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); psa_status_t mbedtls_test_opaque_mac_verify_finish( mbedtls_opaque_test_driver_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ); + size_t mac_length); psa_status_t mbedtls_test_opaque_mac_abort( - mbedtls_opaque_test_driver_mac_operation_t *operation ); + mbedtls_opaque_test_driver_mac_operation_t *operation); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_MAC_H */ diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index 5e64edc3c806..4a2465b6aa7f 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -42,11 +42,11 @@ typedef struct { #define MBEDTLS_TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_SUCCESS, 0 } static inline mbedtls_test_driver_signature_hooks_t - mbedtls_test_driver_signature_hooks_init( void ) +mbedtls_test_driver_signature_hooks_init(void) { const mbedtls_test_driver_signature_hooks_t v = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; - return( v ); + return v; } extern mbedtls_test_driver_signature_hooks_t @@ -63,7 +63,7 @@ psa_status_t mbedtls_test_transparent_signature_sign_message( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ); + size_t *signature_length); psa_status_t mbedtls_test_opaque_signature_sign_message( const psa_key_attributes_t *attributes, @@ -74,7 +74,7 @@ psa_status_t mbedtls_test_opaque_signature_sign_message( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ); + size_t *signature_length); psa_status_t mbedtls_test_transparent_signature_verify_message( const psa_key_attributes_t *attributes, @@ -84,7 +84,7 @@ psa_status_t mbedtls_test_transparent_signature_verify_message( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ); + size_t signature_length); psa_status_t mbedtls_test_opaque_signature_verify_message( const psa_key_attributes_t *attributes, @@ -94,35 +94,35 @@ psa_status_t mbedtls_test_opaque_signature_verify_message( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ); + size_t signature_length); psa_status_t mbedtls_test_transparent_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); psa_status_t mbedtls_test_opaque_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); psa_status_t mbedtls_test_transparent_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); psa_status_t mbedtls_test_opaque_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H */ diff --git a/tests/include/test/drivers/size.h b/tests/include/test/drivers/size.h index b2665bdda535..9d0adcf7dc9c 100644 --- a/tests/include/test/drivers/size.h +++ b/tests/include/test/drivers/size.h @@ -31,7 +31,7 @@ size_t mbedtls_test_size_function( const psa_key_type_t key_type, - const size_t key_bits ); + const size_t key_bits); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_SIZE_H */ diff --git a/tests/include/test/fake_external_rng_for_test.h b/tests/include/test/fake_external_rng_for_test.h index faeef22e86b8..ad8e1c6e00d8 100644 --- a/tests/include/test/fake_external_rng_for_test.h +++ b/tests/include/test/fake_external_rng_for_test.h @@ -44,13 +44,13 @@ * of the PSA subsystem. You may disable it temporarily to simulate a * depleted entropy source. */ -void mbedtls_test_enable_insecure_external_rng( void ); +void mbedtls_test_enable_insecure_external_rng(void); /** Disable the insecure implementation of mbedtls_psa_external_get_random(). * * See mbedtls_test_enable_insecure_external_rng(). */ -void mbedtls_test_disable_insecure_external_rng( void ); +void mbedtls_test_disable_insecure_external_rng(void); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ #endif /* FAKE_EXTERNAL_RNG_FOR_TEST_H */ diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index 7a87c5b84dfe..9d60c2034278 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -46,21 +46,18 @@ #endif /** The type of test case arguments that contain binary data. */ -typedef struct data_tag -{ - uint8_t * x; +typedef struct data_tag { + uint8_t *x; uint32_t len; } data_t; -typedef enum -{ +typedef enum { MBEDTLS_TEST_RESULT_SUCCESS = 0, MBEDTLS_TEST_RESULT_FAILED, MBEDTLS_TEST_RESULT_SKIPPED } mbedtls_test_result_t; -typedef struct -{ +typedef struct { mbedtls_test_result_t result; const char *test; const char *filename; @@ -75,8 +72,8 @@ typedef struct mbedtls_test_info_t; extern mbedtls_test_info_t mbedtls_test_info; -int mbedtls_test_platform_setup( void ); -void mbedtls_test_platform_teardown( void ); +int mbedtls_test_platform_setup(void); +void mbedtls_test_platform_teardown(void); /** * \brief Record the current test case as a failure. @@ -94,7 +91,7 @@ void mbedtls_test_platform_teardown( void ); * \param line_no Line number where the failure originated. * \param filename Filename where the failure originated. */ -void mbedtls_test_fail( const char *test, int line_no, const char* filename ); +void mbedtls_test_fail(const char *test, int line_no, const char *filename); /** * \brief Record the current test case as skipped. @@ -107,7 +104,7 @@ void mbedtls_test_fail( const char *test, int line_no, const char* filename ); * \param line_no Line number where the test case was skipped. * \param filename Filename where the test case was skipped. */ -void mbedtls_test_skip( const char *test, int line_no, const char* filename ); +void mbedtls_test_skip(const char *test, int line_no, const char *filename); /** * \brief Set the test step number for failure reports. @@ -119,12 +116,12 @@ void mbedtls_test_skip( const char *test, int line_no, const char* filename ); * * \param step The step number to report. */ -void mbedtls_test_set_step( unsigned long step ); +void mbedtls_test_set_step(unsigned long step); /** * \brief Reset mbedtls_test_info to a ready/starting state. */ -void mbedtls_test_info_reset( void ); +void mbedtls_test_info_reset(void); /** * \brief Record the current test case as a failure if two integers @@ -144,8 +141,8 @@ void mbedtls_test_info_reset( void ); * * \return \c 1 if the values are equal, otherwise \c 0. */ -int mbedtls_test_equal( const char *test, int line_no, const char* filename, - unsigned long long value1, unsigned long long value2 ); +int mbedtls_test_equal(const char *test, int line_no, const char *filename, + unsigned long long value1, unsigned long long value2); /** * \brief Record the current test case as a failure based @@ -165,8 +162,8 @@ int mbedtls_test_equal( const char *test, int line_no, const char* filename, * * \return \c 1 if \p value1 <= \p value2, otherwise \c 0. */ -int mbedtls_test_le_u( const char *test, int line_no, const char* filename, - unsigned long long value1, unsigned long long value2 ); +int mbedtls_test_le_u(const char *test, int line_no, const char *filename, + unsigned long long value1, unsigned long long value2); /** * \brief Record the current test case as a failure based @@ -186,8 +183,8 @@ int mbedtls_test_le_u( const char *test, int line_no, const char* filename, * * \return \c 1 if \p value1 <= \p value2, otherwise \c 0. */ -int mbedtls_test_le_s( const char *test, int line_no, const char* filename, - long long value1, long long value2 ); +int mbedtls_test_le_s(const char *test, int line_no, const char *filename, + long long value1, long long value2); /** * \brief This function decodes the hexadecimal representation of @@ -207,12 +204,12 @@ int mbedtls_test_le_s( const char *test, int line_no, const char* filename, * \return \c -1 if the output buffer is too small or the input string * is not a valid hexadecimal representation. */ -int mbedtls_test_unhexify( unsigned char *obuf, size_t obufmax, - const char *ibuf, size_t *len ); +int mbedtls_test_unhexify(unsigned char *obuf, size_t obufmax, + const char *ibuf, size_t *len); -void mbedtls_test_hexify( unsigned char *obuf, - const unsigned char *ibuf, - int len ); +void mbedtls_test_hexify(unsigned char *obuf, + const unsigned char *ibuf, + int len); /** * Allocate and zeroize a buffer. @@ -221,7 +218,7 @@ void mbedtls_test_hexify( unsigned char *obuf, * * For convenience, dies if allocation fails. */ -unsigned char *mbedtls_test_zero_alloc( size_t len ); +unsigned char *mbedtls_test_zero_alloc(size_t len); /** * Allocate and fill a buffer from hex data. @@ -233,15 +230,14 @@ unsigned char *mbedtls_test_zero_alloc( size_t len ); * * For convenience, dies if allocation fails. */ -unsigned char *mbedtls_test_unhexify_alloc( const char *ibuf, size_t *olen ); +unsigned char *mbedtls_test_unhexify_alloc(const char *ibuf, size_t *olen); -int mbedtls_test_hexcmp( uint8_t * a, uint8_t * b, - uint32_t a_len, uint32_t b_len ); +int mbedtls_test_hexcmp(uint8_t *a, uint8_t *b, + uint32_t a_len, uint32_t b_len); #if defined(MBEDTLS_CHECK_PARAMS) -typedef struct -{ +typedef struct { const char *failure_condition; const char *file; int line; @@ -257,7 +253,7 @@ mbedtls_test_param_failed_location_record_t; * mbedtls_param_failed() that cancels it. */ void mbedtls_test_param_failed_get_location_record( - mbedtls_test_param_failed_location_record_t *location_record ); + mbedtls_test_param_failed_location_record_t *location_record); /** * \brief State that a call to mbedtls_param_failed() is expected. @@ -266,7 +262,7 @@ void mbedtls_test_param_failed_get_location_record( * mbedtls_test_param_failed_check_expected_call() or * mbedtls_param_failed that cancel it. */ -void mbedtls_test_param_failed_expect_call( void ); +void mbedtls_test_param_failed_expect_call(void); /** * \brief Check whether mbedtls_param_failed() has been called as expected. @@ -279,7 +275,7 @@ void mbedtls_test_param_failed_expect_call( void ); * mbedtls_param_failed() has been called. * \c -1 Otherwise. */ -int mbedtls_test_param_failed_check_expected_call( void ); +int mbedtls_test_param_failed_check_expected_call(void); /** * \brief Get the address of the object of type jmp_buf holding the execution @@ -308,7 +304,7 @@ int mbedtls_test_param_failed_check_expected_call( void ); * \return Address of the object of type jmp_buf holding the execution state * information used by mbedtls_param_failed() to do a long jump. */ -void* mbedtls_test_param_failed_get_state_buf( void ); +void *mbedtls_test_param_failed_get_state_buf(void); /** * \brief Reset the execution state used by mbedtls_param_failed() to do a @@ -324,7 +320,7 @@ void* mbedtls_test_param_failed_get_state_buf( void ); * mbedtls_param_failed() will not trigger a long jump with * undefined behavior but rather a long jump that will rather fault. */ -void mbedtls_test_param_failed_reset_state( void ); +void mbedtls_test_param_failed_reset_state(void); #endif /* MBEDTLS_CHECK_PARAMS */ #if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) @@ -334,11 +330,11 @@ void mbedtls_test_param_failed_reset_state( void ); #if defined(MBEDTLS_TEST_MUTEX_USAGE) /** Permanently activate the mutex usage verification framework. See * threading_helpers.c for information. */ -void mbedtls_test_mutex_usage_init( void ); +void mbedtls_test_mutex_usage_init(void); /** Call this function after executing a test case to check for mutex usage * errors. */ -void mbedtls_test_mutex_usage_check( void ); +void mbedtls_test_mutex_usage_check(void); #endif /* MBEDTLS_TEST_MUTEX_USAGE */ #if defined(MBEDTLS_TEST_HOOKS) @@ -353,8 +349,8 @@ void mbedtls_test_mutex_usage_check( void ); * * \note If the check fails, fail the test currently being run. */ -void mbedtls_test_err_add_check( int high, int low, - const char *file, int line); +void mbedtls_test_err_add_check(int high, int low, + const char *file, int line); #endif #if defined(MBEDTLS_BIGNUM_C) @@ -379,7 +375,7 @@ void mbedtls_test_err_add_check( int high, int low, * * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise. */ -int mbedtls_test_read_mpi( mbedtls_mpi *X, const char *s ); +int mbedtls_test_read_mpi(mbedtls_mpi *X, const char *s); /** Nonzero if the current test case had an input parsed with * mbedtls_test_read_mpi() that is a negative 0 (`"-"`, `"-0"`, `"-00"`, etc., diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index f9de64643aaa..23542051fd4d 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -62,14 +62,14 @@ * * \param TEST The test expression to be tested. */ -#define TEST_ASSERT( TEST ) \ +#define TEST_ASSERT(TEST) \ do { \ - if( ! (TEST) ) \ - { \ - mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \ - goto exit; \ - } \ - } while( 0 ) + if (!(TEST)) \ + { \ + mbedtls_test_fail( #TEST, __LINE__, __FILE__); \ + goto exit; \ + } \ + } while (0) /** Evaluate two integer expressions and fail the test case if they have * different values. @@ -80,12 +80,12 @@ * \param expr1 An integral-typed expression to evaluate. * \param expr2 Another integral-typed expression to evaluate. */ -#define TEST_EQUAL( expr1, expr2 ) \ +#define TEST_EQUAL(expr1, expr2) \ do { \ - if( ! mbedtls_test_equal( #expr1 " == " #expr2, __LINE__, __FILE__, \ - expr1, expr2 ) ) \ - goto exit; \ - } while( 0 ) + if (!mbedtls_test_equal( #expr1 " == " #expr2, __LINE__, __FILE__, \ + expr1, expr2)) \ + goto exit; \ + } while (0) /** Evaluate two unsigned integer expressions and fail the test case * if they are not in increasing order (left <= right). @@ -93,12 +93,12 @@ * \param expr1 An integral-typed expression to evaluate. * \param expr2 Another integral-typed expression to evaluate. */ -#define TEST_LE_U( expr1, expr2 ) \ +#define TEST_LE_U(expr1, expr2) \ do { \ - if( ! mbedtls_test_le_u( #expr1 " <= " #expr2, __LINE__, __FILE__, \ - expr1, expr2 ) ) \ - goto exit; \ - } while( 0 ) + if (!mbedtls_test_le_u( #expr1 " <= " #expr2, __LINE__, __FILE__, \ + expr1, expr2)) \ + goto exit; \ + } while (0) /** Evaluate two signed integer expressions and fail the test case * if they are not in increasing order (left <= right). @@ -106,12 +106,12 @@ * \param expr1 An integral-typed expression to evaluate. * \param expr2 Another integral-typed expression to evaluate. */ -#define TEST_LE_S( expr1, expr2 ) \ +#define TEST_LE_S(expr1, expr2) \ do { \ - if( ! mbedtls_test_le_s( #expr1 " <= " #expr2, __LINE__, __FILE__, \ - expr1, expr2 ) ) \ - goto exit; \ - } while( 0 ) + if (!mbedtls_test_le_s( #expr1 " <= " #expr2, __LINE__, __FILE__, \ + expr1, expr2)) \ + goto exit; \ + } while (0) /** Allocate memory dynamically and fail the test case if this fails. * The allocated memory will be filled with zeros. @@ -133,36 +133,36 @@ * This expression may be evaluated multiple times. * */ -#define ASSERT_ALLOC( pointer, length ) \ +#define ASSERT_ALLOC(pointer, length) \ do \ { \ - TEST_ASSERT( ( pointer ) == NULL ); \ - if( ( length ) != 0 ) \ + TEST_ASSERT((pointer) == NULL); \ + if ((length) != 0) \ { \ - ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \ - ( length ) ); \ - TEST_ASSERT( ( pointer ) != NULL ); \ + (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ + (length)); \ + TEST_ASSERT((pointer) != NULL); \ } \ } \ - while( 0 ) + while (0) /** Allocate memory dynamically. If the allocation fails, skip the test case. * * This macro behaves like #ASSERT_ALLOC, except that if the allocation * fails, it marks the test as skipped rather than failed. */ -#define ASSERT_ALLOC_WEAK( pointer, length ) \ +#define ASSERT_ALLOC_WEAK(pointer, length) \ do \ { \ - TEST_ASSERT( ( pointer ) == NULL ); \ - if( ( length ) != 0 ) \ + TEST_ASSERT((pointer) == NULL); \ + if ((length) != 0) \ { \ - ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \ - ( length ) ); \ - TEST_ASSUME( ( pointer ) != NULL ); \ + (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ + (length)); \ + TEST_ASSUME((pointer) != NULL); \ } \ } \ - while( 0 ) + while (0) /** Compare two buffers and fail the test case if they differ. * @@ -176,14 +176,14 @@ * \param size2 Size of the second buffer in bytes. * This expression may be evaluated multiple times. */ -#define ASSERT_COMPARE( p1, size1, p2, size2 ) \ +#define ASSERT_COMPARE(p1, size1, p2, size2) \ do \ { \ - TEST_ASSERT( ( size1 ) == ( size2 ) ); \ - if( ( size1 ) != 0 ) \ - TEST_ASSERT( memcmp( ( p1 ), ( p2 ), ( size1 ) ) == 0 ); \ + TEST_ASSERT((size1) == (size2)); \ + if ((size1) != 0) \ + TEST_ASSERT(memcmp((p1), (p2), (size1)) == 0); \ } \ - while( 0 ) + while (0) /** * \brief This macro tests the expression passed to it and skips the @@ -191,14 +191,14 @@ * * \param TEST The test expression to be tested. */ -#define TEST_ASSUME( TEST ) \ +#define TEST_ASSUME(TEST) \ do { \ - if( ! (TEST) ) \ + if (!(TEST)) \ { \ - mbedtls_test_skip( #TEST, __LINE__, __FILE__ ); \ + mbedtls_test_skip( #TEST, __LINE__, __FILE__); \ goto exit; \ } \ - } while( 0 ) + } while (0) #if defined(MBEDTLS_CHECK_PARAMS) && !defined(MBEDTLS_PARAM_FAILED_ALT) /** @@ -221,17 +221,17 @@ * * \param TEST The test expression to be tested. */ -#define TEST_INVALID_PARAM_RET( PARAM_ERR_VALUE, TEST ) \ +#define TEST_INVALID_PARAM_RET(PARAM_ERR_VALUE, TEST) \ do { \ - mbedtls_test_param_failed_expect_call( ); \ - if( ( ( TEST ) != ( PARAM_ERR_VALUE ) ) || \ - ( mbedtls_test_param_failed_check_expected_call( ) != 0 ) ) \ + mbedtls_test_param_failed_expect_call(); \ + if (((TEST) != (PARAM_ERR_VALUE)) || \ + (mbedtls_test_param_failed_check_expected_call() != 0)) \ { \ - mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \ + mbedtls_test_fail( #TEST, __LINE__, __FILE__); \ goto exit; \ } \ - mbedtls_test_param_failed_check_expected_call( ); \ - } while( 0 ) + mbedtls_test_param_failed_check_expected_call(); \ + } while (0) /** * \brief This macro tests the statement passed to it as a test step or @@ -253,18 +253,18 @@ * * \param TEST The test expression to be tested. */ -#define TEST_INVALID_PARAM( TEST ) \ +#define TEST_INVALID_PARAM(TEST) \ do { \ - memcpy( jmp_tmp, mbedtls_test_param_failed_get_state_buf( ), \ - sizeof( jmp_tmp ) ); \ - if( setjmp( mbedtls_test_param_failed_get_state_buf( ) ) == 0 ) \ + memcpy(jmp_tmp, mbedtls_test_param_failed_get_state_buf(), \ + sizeof(jmp_tmp)); \ + if (setjmp(mbedtls_test_param_failed_get_state_buf()) == 0) \ { \ TEST; \ - mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \ + mbedtls_test_fail( #TEST, __LINE__, __FILE__); \ goto exit; \ } \ - mbedtls_test_param_failed_reset_state( ); \ - } while( 0 ) + mbedtls_test_param_failed_reset_state(); \ + } while (0) #endif /* MBEDTLS_CHECK_PARAMS && !MBEDTLS_PARAM_FAILED_ALT */ /** @@ -298,15 +298,15 @@ * * \param TEST The test expression to be tested. */ -#define TEST_VALID_PARAM( TEST ) \ - TEST_ASSERT( ( TEST, 1 ) ); +#define TEST_VALID_PARAM(TEST) \ + TEST_ASSERT((TEST, 1)); -#define TEST_HELPER_ASSERT(a) if( !( a ) ) \ -{ \ - mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n", \ - __FILE__, __LINE__, #a ); \ - mbedtls_exit( 1 ); \ -} +#define TEST_HELPER_ASSERT(a) if (!(a)) \ + { \ + mbedtls_fprintf(stderr, "Assertion Failed at %s:%d - %s\n", \ + __FILE__, __LINE__, #a); \ + mbedtls_exit(1); \ + } /** \def ARRAY_LENGTH * Return the number of elements of a static or stack array. @@ -317,34 +317,34 @@ */ /* A correct implementation of ARRAY_LENGTH, but which silently gives * a nonsensical result if called with a pointer rather than an array. */ -#define ARRAY_LENGTH_UNSAFE( array ) \ - ( sizeof( array ) / sizeof( *( array ) ) ) +#define ARRAY_LENGTH_UNSAFE(array) \ + (sizeof(array) / sizeof(*(array))) #if defined(__GNUC__) /* Test if arg and &(arg)[0] have the same type. This is true if arg is * an array but not if it's a pointer. */ -#define IS_ARRAY_NOT_POINTER( arg ) \ - ( ! __builtin_types_compatible_p( __typeof__( arg ), \ - __typeof__( &( arg )[0] ) ) ) +#define IS_ARRAY_NOT_POINTER(arg) \ + (!__builtin_types_compatible_p(__typeof__(arg), \ + __typeof__(&(arg)[0]))) /* A compile-time constant with the value 0. If `const_expr` is not a * compile-time constant with a nonzero value, cause a compile-time error. */ -#define STATIC_ASSERT_EXPR( const_expr ) \ - ( 0 && sizeof( struct { unsigned int STATIC_ASSERT : 1 - 2 * ! ( const_expr ); } ) ) +#define STATIC_ASSERT_EXPR(const_expr) \ + (0 && sizeof(struct { unsigned int STATIC_ASSERT : 1 - 2 * !(const_expr); })) /* Return the scalar value `value` (possibly promoted). This is a compile-time * constant if `value` is. `condition` must be a compile-time constant. * If `condition` is false, arrange to cause a compile-time error. */ -#define STATIC_ASSERT_THEN_RETURN( condition, value ) \ - ( STATIC_ASSERT_EXPR( condition ) ? 0 : ( value ) ) +#define STATIC_ASSERT_THEN_RETURN(condition, value) \ + (STATIC_ASSERT_EXPR(condition) ? 0 : (value)) -#define ARRAY_LENGTH( array ) \ - ( STATIC_ASSERT_THEN_RETURN( IS_ARRAY_NOT_POINTER( array ), \ - ARRAY_LENGTH_UNSAFE( array ) ) ) +#define ARRAY_LENGTH(array) \ + (STATIC_ASSERT_THEN_RETURN(IS_ARRAY_NOT_POINTER(array), \ + ARRAY_LENGTH_UNSAFE(array))) #else /* If we aren't sure the compiler supports our non-standard tricks, * fall back to the unsafe implementation. */ -#define ARRAY_LENGTH( array ) ARRAY_LENGTH_UNSAFE( array ) +#define ARRAY_LENGTH(array) ARRAY_LENGTH_UNSAFE(array) #endif /** Return the smaller of two values. @@ -354,7 +354,7 @@ * * \return The smaller of \p x and \p y. */ -#define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) ) +#define MIN(x, y) ((x) < (y) ? (x) : (y)) /** Return the larger of two values. * @@ -363,29 +363,29 @@ * * \return The larger of \p x and \p y. */ -#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) ) +#define MAX(x, y) ((x) > (y) ? (x) : (y)) /* * 32-bit integer manipulation macros (big endian) */ #ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} +#define GET_UINT32_BE(n, b, i) \ + { \ + (n) = ((uint32_t) (b)[(i)] << 24) \ + | ((uint32_t) (b)[(i) + 1] << 16) \ + | ((uint32_t) (b)[(i) + 2] << 8) \ + | ((uint32_t) (b)[(i) + 3]); \ + } #endif #ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} +#define PUT_UINT32_BE(n, b, i) \ + { \ + (b)[(i)] = (unsigned char) ((n) >> 24); \ + (b)[(i) + 1] = (unsigned char) ((n) >> 16); \ + (b)[(i) + 2] = (unsigned char) ((n) >> 8); \ + (b)[(i) + 3] = (unsigned char) ((n)); \ + } #endif #endif /* TEST_MACROS_H */ diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 7dc829b36766..08179e2b05d2 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -36,11 +36,11 @@ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) /* Internal function for #TEST_USES_KEY_ID. Return 1 on success, 0 on failure. */ -int mbedtls_test_uses_key_id( mbedtls_svc_key_id_t key_id ); +int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id); /** Destroy persistent keys recorded with #TEST_USES_KEY_ID. */ -void mbedtls_test_psa_purge_key_storage( void ); +void mbedtls_test_psa_purge_key_storage(void); /** Purge the in-memory cache of persistent keys recorded with * #TEST_USES_KEY_ID. @@ -48,7 +48,7 @@ void mbedtls_test_psa_purge_key_storage( void ); * Call this function before calling PSA_DONE() if it's ok for * persistent keys to still exist at this point. */ -void mbedtls_test_psa_purge_key_cache( void ); +void mbedtls_test_psa_purge_key_cache(void); /** \def TEST_USES_KEY_ID * @@ -75,18 +75,18 @@ void mbedtls_test_psa_purge_key_cache( void ); * * \param key_id The PSA key identifier to record. */ -#define TEST_USES_KEY_ID( key_id ) \ - TEST_ASSERT( mbedtls_test_uses_key_id( key_id ) ) +#define TEST_USES_KEY_ID(key_id) \ + TEST_ASSERT(mbedtls_test_uses_key_id(key_id)) #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -#define TEST_USES_KEY_ID( key_id ) ( (void) ( key_id ) ) -#define mbedtls_test_psa_purge_key_storage( ) ( (void) 0 ) -#define mbedtls_test_psa_purge_key_cache( ) ( (void) 0 ) +#define TEST_USES_KEY_ID(key_id) ((void) (key_id)) +#define mbedtls_test_psa_purge_key_storage() ((void) 0) +#define mbedtls_test_psa_purge_key_cache() ((void) 0) #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) ) +#define PSA_INIT() PSA_ASSERT(psa_crypto_init()) /** Check for things that have not been cleaned up properly in the * PSA subsystem. @@ -95,7 +95,7 @@ void mbedtls_test_psa_purge_key_cache( void ); * \return A string literal explaining what has not been cleaned up * if applicable. */ -const char *mbedtls_test_helper_is_psa_leaking( void ); +const char *mbedtls_test_helper_is_psa_leaking(void); /** Check that no PSA Crypto key slots are in use. * @@ -104,13 +104,13 @@ const char *mbedtls_test_helper_is_psa_leaking( void ); * `TEST_ASSERT( ! mbedtls_test_helper_is_psa_leaking( ) )` * but with a more informative message. */ -#define ASSERT_PSA_PRISTINE( ) \ +#define ASSERT_PSA_PRISTINE() \ do \ { \ - if( test_fail_if_psa_leaking( __LINE__, __FILE__ ) ) \ - goto exit; \ + if (test_fail_if_psa_leaking(__LINE__, __FILE__)) \ + goto exit; \ } \ - while( 0 ) + while (0) /** Shut down the PSA Crypto subsystem and destroy persistent keys. * Expect a clean shutdown, with no slots in use. @@ -122,14 +122,14 @@ const char *mbedtls_test_helper_is_psa_leaking( void ); * \note Persistent keys must be recorded with #TEST_USES_KEY_ID before * creating them. */ -#define PSA_DONE( ) \ +#define PSA_DONE() \ do \ { \ - test_fail_if_psa_leaking( __LINE__, __FILE__ ); \ - mbedtls_test_psa_purge_key_storage( ); \ - mbedtls_psa_crypto_free( ); \ + test_fail_if_psa_leaking(__LINE__, __FILE__); \ + mbedtls_test_psa_purge_key_storage(); \ + mbedtls_psa_crypto_free(); \ } \ - while( 0 ) + while (0) /** Shut down the PSA Crypto subsystem, allowing persistent keys to survive. * Expect a clean shutdown, with no slots in use. @@ -137,22 +137,22 @@ const char *mbedtls_test_helper_is_psa_leaking( void ); * If some key slots are still in use, record the test case as failed and * jump to the `exit` label. */ -#define PSA_SESSION_DONE( ) \ +#define PSA_SESSION_DONE() \ do \ { \ - mbedtls_test_psa_purge_key_cache( ); \ - ASSERT_PSA_PRISTINE( ); \ - mbedtls_psa_crypto_free( ); \ + mbedtls_test_psa_purge_key_cache(); \ + ASSERT_PSA_PRISTINE(); \ + mbedtls_psa_crypto_free(); \ } \ - while( 0 ) + while (0) #if defined(RECORD_PSA_STATUS_COVERAGE_LOG) -psa_status_t mbedtls_test_record_status( psa_status_t status, - const char *func, - const char *file, int line, - const char *expr ); +psa_status_t mbedtls_test_record_status(psa_status_t status, + const char *func, + const char *file, int line, + const char *expr); /** Return value logging wrapper macro. * @@ -178,8 +178,8 @@ psa_status_t mbedtls_test_record_status( psa_status_t status, * a value of type #psa_status_t. * \return The value of \p expr. */ -#define RECORD_STATUS( string, expr ) \ - mbedtls_test_record_status( ( expr ), string, __FILE__, __LINE__, #expr ) +#define RECORD_STATUS(string, expr) \ + mbedtls_test_record_status((expr), string, __FILE__, __LINE__, #expr) #include "instrument_record_status.h" @@ -191,7 +191,7 @@ psa_status_t mbedtls_test_record_status( psa_status_t status, * permissions of other usage policies * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSAGE). */ -psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags ); +psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags); /** Skip a test case if the given key is a 192 bits AES key and the AES * implementation is at least partially provided by an accelerator or @@ -220,18 +220,18 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags #define MBEDTLS_TEST_HAVE_ALT_AES 0 #endif -#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192( key_type, key_bits ) \ +#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_bits) \ do \ { \ - if( ( MBEDTLS_TEST_HAVE_ALT_AES ) && \ - ( ( key_type ) == PSA_KEY_TYPE_AES ) && \ - ( key_bits == 192 ) ) \ + if ((MBEDTLS_TEST_HAVE_ALT_AES) && \ + ((key_type) == PSA_KEY_TYPE_AES) && \ + (key_bits == 192)) \ { \ - mbedtls_test_skip( "AES-192 not supported", __LINE__, __FILE__ ); \ + mbedtls_test_skip("AES-192 not supported", __LINE__, __FILE__); \ goto exit; \ } \ } \ - while( 0 ) + while (0) /** Skip a test case if a GCM operation with a nonce length different from * 12 bytes fails and was performed by an accelerator or alternative @@ -262,20 +262,20 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags #define MBEDTLS_TEST_HAVE_ALT_GCM 0 #endif -#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE( alg, \ - nonce_length ) \ +#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, \ + nonce_length) \ do \ { \ - if( ( MBEDTLS_TEST_HAVE_ALT_GCM ) && \ - ( PSA_ALG_AEAD_WITH_SHORTENED_TAG( ( alg ) , 0 ) == \ - PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ) ) && \ - ( ( nonce_length ) != 12 ) ) \ + if ((MBEDTLS_TEST_HAVE_ALT_GCM) && \ + (PSA_ALG_AEAD_WITH_SHORTENED_TAG((alg), 0) == \ + PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0)) && \ + ((nonce_length) != 12)) \ { \ - mbedtls_test_skip( "GCM with non-12-byte IV is not supported", __LINE__, __FILE__ ); \ + mbedtls_test_skip("GCM with non-12-byte IV is not supported", __LINE__, __FILE__); \ goto exit; \ } \ } \ - while( 0 ) + while (0) #endif /* MBEDTLS_PSA_CRYPTO_C */ @@ -292,14 +292,14 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags * #MBEDTLS_USE_PSA_CRYPTO is disabled. */ #if defined(MBEDTLS_USE_PSA_CRYPTO) -#define USE_PSA_INIT( ) PSA_INIT( ) -#define USE_PSA_DONE( ) PSA_DONE( ) +#define USE_PSA_INIT() PSA_INIT() +#define USE_PSA_DONE() PSA_DONE() #else /* MBEDTLS_USE_PSA_CRYPTO */ /* Define empty macros so that we can use them in the preamble and teardown * of every test function that uses PSA conditionally based on * MBEDTLS_USE_PSA_CRYPTO. */ -#define USE_PSA_INIT( ) ( (void) 0 ) -#define USE_PSA_DONE( ) ( (void) 0 ) +#define USE_PSA_INIT() ((void) 0) +#define USE_PSA_DONE() ((void) 0) #endif /* !MBEDTLS_USE_PSA_CRYPTO */ #endif /* PSA_CRYPTO_HELPERS_H */ diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index 4306c1abb813..179df18e9c3e 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -109,7 +109,7 @@ * This is used in some smoke tests. */ #if defined(KNOWN_SUPPORTED_HASH_ALG) && defined(PSA_WANT_ALG_HMAC) -#define KNOWN_SUPPORTED_MAC_ALG ( PSA_ALG_HMAC( KNOWN_SUPPORTED_HASH_ALG ) ) +#define KNOWN_SUPPORTED_MAC_ALG (PSA_ALG_HMAC(KNOWN_SUPPORTED_HASH_ALG)) #define KNOWN_SUPPORTED_MAC_KEY_TYPE PSA_KEY_TYPE_HMAC #elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CMAC_C) #define KNOWN_SUPPORTED_MAC_ALG PSA_ALG_CMAC @@ -168,12 +168,12 @@ * \return \c 1 on success, \c 0 on failure. */ int mbedtls_test_psa_setup_key_derivation_wrap( - psa_key_derivation_operation_t* operation, + psa_key_derivation_operation_t *operation, mbedtls_svc_key_id_t key, psa_algorithm_t alg, - const unsigned char* input1, size_t input1_length, - const unsigned char* input2, size_t input2_length, - size_t capacity ); + const unsigned char *input1, size_t input1_length, + const unsigned char *input2, size_t input2_length, + size_t capacity); /** Perform a key agreement using the given key pair against its public key * using psa_raw_key_agreement(). @@ -189,7 +189,7 @@ int mbedtls_test_psa_setup_key_derivation_wrap( */ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( psa_algorithm_t alg, - mbedtls_svc_key_id_t key ); + mbedtls_svc_key_id_t key); /** Perform a key agreement using the given key pair against its public key * using psa_key_derivation_raw_key(). @@ -208,7 +208,7 @@ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( */ psa_status_t mbedtls_test_psa_key_agreement_with_self( psa_key_derivation_operation_t *operation, - mbedtls_svc_key_id_t key ); + mbedtls_svc_key_id_t key); /** Perform sanity checks on the given key representation. * @@ -230,7 +230,7 @@ psa_status_t mbedtls_test_psa_key_agreement_with_self( */ int mbedtls_test_psa_exported_key_sanity_check( psa_key_type_t type, size_t bits, - const uint8_t *exported, size_t exported_length ); + const uint8_t *exported, size_t exported_length); /** Do smoke tests on a key. * @@ -259,11 +259,11 @@ int mbedtls_test_psa_exported_key_sanity_check( * \retval 0 The key failed the smoke tests. * \retval 1 The key passed the smoke tests. */ -int mbedtls_test_psa_exercise_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ); +int mbedtls_test_psa_exercise_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg); -psa_key_usage_t mbedtls_test_psa_usage_to_exercise( psa_key_type_t type, - psa_algorithm_t alg ); +psa_key_usage_t mbedtls_test_psa_usage_to_exercise(psa_key_type_t type, + psa_algorithm_t alg); #endif /* PSA_EXERCISE_KEY_H */ diff --git a/tests/include/test/psa_helpers.h b/tests/include/test/psa_helpers.h index f438a71fb6c6..2665fac3949f 100644 --- a/tests/include/test/psa_helpers.h +++ b/tests/include/test/psa_helpers.h @@ -31,6 +31,6 @@ * to a \c psa_xxx function that returns a value of type * #psa_status_t. */ -#define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS ) +#define PSA_ASSERT(expr) TEST_EQUAL((expr), PSA_SUCCESS) #endif /* PSA_HELPERS_H */ diff --git a/tests/include/test/random.h b/tests/include/test/random.h index 642828078098..4f7b55cf7b84 100644 --- a/tests/include/test/random.h +++ b/tests/include/test/random.h @@ -34,12 +34,11 @@ #include #include -typedef struct -{ +typedef struct { unsigned char *buf; /* Pointer to a buffer of length bytes. */ size_t length; /* If fallback_f_rng is NULL, fail after delivering length bytes. */ - int ( *fallback_f_rng )( void*, unsigned char *, size_t ); + int (*fallback_f_rng)(void *, unsigned char *, size_t); void *fallback_p_rng; } mbedtls_test_rnd_buf_info; @@ -50,8 +49,7 @@ typedef struct * Do not forget endianness! * State( v0, v1 ) should be set to zero. */ -typedef struct -{ +typedef struct { uint32_t key[16]; uint32_t v0, v1; } mbedtls_test_rnd_pseudo_info; @@ -65,18 +63,18 @@ typedef struct * * rng_state shall be NULL. */ -int mbedtls_test_rnd_std_rand( void *rng_state, - unsigned char *output, - size_t len ); +int mbedtls_test_rnd_std_rand(void *rng_state, + unsigned char *output, + size_t len); /** * This function only returns zeros. * * \p rng_state shall be \c NULL. */ -int mbedtls_test_rnd_zero_rand( void *rng_state, - unsigned char *output, - size_t len ); +int mbedtls_test_rnd_zero_rand(void *rng_state, + unsigned char *output, + size_t len); /** * This function returns random data based on a buffer it receives. @@ -90,9 +88,9 @@ int mbedtls_test_rnd_zero_rand( void *rng_state, * #mbedtls_test_rnd_buf_info structure if there is one, and * will return #MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise. */ -int mbedtls_test_rnd_buffer_rand( void *rng_state, - unsigned char *output, - size_t len ); +int mbedtls_test_rnd_buffer_rand(void *rng_state, + unsigned char *output, + size_t len); /** * This function returns random based on a pseudo random function. @@ -102,8 +100,8 @@ int mbedtls_test_rnd_buffer_rand( void *rng_state, * * \p rng_state shall be a pointer to a #mbedtls_test_rnd_pseudo_info structure. */ -int mbedtls_test_rnd_pseudo_rand( void *rng_state, - unsigned char *output, - size_t len ); +int mbedtls_test_rnd_pseudo_rand(void *rng_state, + unsigned char *output, + size_t len); #endif /* TEST_RANDOM_H */ diff --git a/tests/src/asn1_helpers.c b/tests/src/asn1_helpers.c index 79aa166ce6a1..aaf7587aa7f8 100644 --- a/tests/src/asn1_helpers.c +++ b/tests/src/asn1_helpers.c @@ -27,48 +27,48 @@ #include -int mbedtls_test_asn1_skip_integer( unsigned char **p, const unsigned char *end, - size_t min_bits, size_t max_bits, - int must_be_odd ) +int mbedtls_test_asn1_skip_integer(unsigned char **p, const unsigned char *end, + size_t min_bits, size_t max_bits, + int must_be_odd) { size_t len; size_t actual_bits; unsigned char msb; - TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_INTEGER ), - 0 ); + TEST_EQUAL(mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_INTEGER), + 0); /* Check if the retrieved length doesn't extend the actual buffer's size. * It is assumed here, that end >= p, which validates casting to size_t. */ - TEST_ASSERT( len <= (size_t)( end - *p) ); + TEST_ASSERT(len <= (size_t) (end - *p)); /* Tolerate a slight departure from DER encoding: * - 0 may be represented by an empty string or a 1-byte string. * - The sign bit may be used as a value bit. */ - if( ( len == 1 && ( *p )[0] == 0 ) || - ( len > 1 && ( *p )[0] == 0 && ( ( *p )[1] & 0x80 ) != 0 ) ) - { - ++( *p ); + if ((len == 1 && (*p)[0] == 0) || + (len > 1 && (*p)[0] == 0 && ((*p)[1] & 0x80) != 0)) { + ++(*p); --len; } - if( min_bits == 0 && len == 0 ) - return( 1 ); - msb = ( *p )[0]; - TEST_ASSERT( msb != 0 ); - actual_bits = 8 * ( len - 1 ); - while( msb != 0 ) - { + if (min_bits == 0 && len == 0) { + return 1; + } + msb = (*p)[0]; + TEST_ASSERT(msb != 0); + actual_bits = 8 * (len - 1); + while (msb != 0) { msb >>= 1; ++actual_bits; } - TEST_ASSERT( actual_bits >= min_bits ); - TEST_ASSERT( actual_bits <= max_bits ); - if( must_be_odd ) - TEST_ASSERT( ( ( *p )[len-1] & 1 ) != 0 ); + TEST_ASSERT(actual_bits >= min_bits); + TEST_ASSERT(actual_bits <= max_bits); + if (must_be_odd) { + TEST_ASSERT(((*p)[len-1] & 1) != 0); + } *p += len; - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } #endif /* MBEDTLS_ASN1_PARSE_C */ diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index 0d59bee405d4..9cfb70769736 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -38,28 +38,25 @@ mbedtls_test_driver_hash_hooks_t psa_status_t mbedtls_test_transparent_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, - uint8_t *hash, size_t hash_size, size_t *hash_length ) + uint8_t *hash, size_t hash_size, size_t *hash_length) { mbedtls_test_driver_hash_hooks.hits++; - if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_test_driver_hash_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_compute( alg, input, input_length, - hash, hash_size, hash_length ); + hash, hash_size, hash_length); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_psa_hash_compute( alg, input, input_length, - hash, hash_size, hash_length ); + hash, hash_size, hash_length); #else (void) alg; (void) input; @@ -71,29 +68,26 @@ psa_status_t mbedtls_test_transparent_hash_compute( #endif } - return( mbedtls_test_driver_hash_hooks.driver_status ); + return mbedtls_test_driver_hash_hooks.driver_status; } psa_status_t mbedtls_test_transparent_hash_setup( mbedtls_transparent_test_driver_hash_operation_t *operation, - psa_algorithm_t alg ) + psa_algorithm_t alg) { mbedtls_test_driver_hash_hooks.hits++; - if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_test_driver_hash_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - libtestdriver1_mbedtls_psa_hash_setup( operation, alg ); + libtestdriver1_mbedtls_psa_hash_setup(operation, alg); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_psa_hash_setup( operation, alg ); + mbedtls_psa_hash_setup(operation, alg); #else (void) operation; (void) alg; @@ -101,30 +95,27 @@ psa_status_t mbedtls_test_transparent_hash_setup( #endif } - return( mbedtls_test_driver_hash_hooks.driver_status ); + return mbedtls_test_driver_hash_hooks.driver_status; } psa_status_t mbedtls_test_transparent_hash_clone( const mbedtls_transparent_test_driver_hash_operation_t *source_operation, - mbedtls_transparent_test_driver_hash_operation_t *target_operation ) + mbedtls_transparent_test_driver_hash_operation_t *target_operation) { mbedtls_test_driver_hash_hooks.hits++; - if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_test_driver_hash_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - libtestdriver1_mbedtls_psa_hash_clone( source_operation, - target_operation ); + libtestdriver1_mbedtls_psa_hash_clone(source_operation, + target_operation); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_psa_hash_clone( source_operation, target_operation ); + mbedtls_psa_hash_clone(source_operation, target_operation); #else (void) source_operation; (void) target_operation; @@ -132,31 +123,28 @@ psa_status_t mbedtls_test_transparent_hash_clone( #endif } - return( mbedtls_test_driver_hash_hooks.driver_status ); + return mbedtls_test_driver_hash_hooks.driver_status; } psa_status_t mbedtls_test_transparent_hash_update( mbedtls_transparent_test_driver_hash_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { mbedtls_test_driver_hash_hooks.hits++; - if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_test_driver_hash_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_update( - operation, input, input_length ); + operation, input, input_length); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_psa_hash_update( operation, input, input_length ); + mbedtls_psa_hash_update(operation, input, input_length); #else (void) operation; (void) input; @@ -165,32 +153,29 @@ psa_status_t mbedtls_test_transparent_hash_update( #endif } - return( mbedtls_test_driver_hash_hooks.driver_status ); + return mbedtls_test_driver_hash_hooks.driver_status; } psa_status_t mbedtls_test_transparent_hash_finish( mbedtls_transparent_test_driver_hash_operation_t *operation, uint8_t *hash, size_t hash_size, - size_t *hash_length ) + size_t *hash_length) { mbedtls_test_driver_hash_hooks.hits++; - if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_test_driver_hash_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_finish( - operation, hash, hash_size, hash_length ); + operation, hash, hash_size, hash_length); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_psa_hash_finish( operation, hash, hash_size, hash_length ); + mbedtls_psa_hash_finish(operation, hash, hash_size, hash_length); #else (void) operation; (void) hash; @@ -200,34 +185,31 @@ psa_status_t mbedtls_test_transparent_hash_finish( #endif } - return( mbedtls_test_driver_hash_hooks.driver_status ); + return mbedtls_test_driver_hash_hooks.driver_status; } psa_status_t mbedtls_test_transparent_hash_abort( - mbedtls_transparent_test_driver_hash_operation_t *operation ) + mbedtls_transparent_test_driver_hash_operation_t *operation) { mbedtls_test_driver_hash_hooks.hits++; - if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_test_driver_hash_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - libtestdriver1_mbedtls_psa_hash_abort( operation ); + libtestdriver1_mbedtls_psa_hash_abort(operation); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_psa_hash_abort( operation ); + mbedtls_psa_hash_abort(operation); #else (void) operation; mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; #endif } - return( mbedtls_test_driver_hash_hooks.driver_status ); + return mbedtls_test_driver_hash_hooks.driver_status; } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c index 759fa78309d2..f0734108e526 100644 --- a/tests/src/drivers/platform_builtin_keys.c +++ b/tests/src/drivers/platform_builtin_keys.c @@ -27,8 +27,7 @@ #include #endif -typedef struct -{ +typedef struct { psa_key_id_t builtin_key_id; psa_key_lifetime_t lifetime; psa_drv_slot_number_t slot_number; @@ -40,52 +39,50 @@ static const mbedtls_psa_builtin_key_description_t builtin_keys[] = { * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */ { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), - PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT}, + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT }, { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, #else - {0, 0, 0} + { 0, 0, 0 } #endif }; psa_status_t mbedtls_psa_platform_get_builtin_key( mbedtls_svc_key_id_t key_id, psa_key_lifetime_t *lifetime, - psa_drv_slot_number_t *slot_number ) + psa_drv_slot_number_t *slot_number) { - psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key_id ); + psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id); const mbedtls_psa_builtin_key_description_t *builtin_key; - for( size_t i = 0; - i < ( sizeof( builtin_keys ) / sizeof( builtin_keys[0] ) ); i++ ) - { + for (size_t i = 0; + i < (sizeof(builtin_keys) / sizeof(builtin_keys[0])); i++) { builtin_key = &builtin_keys[i]; - if( builtin_key->builtin_key_id == app_key_id ) - { + if (builtin_key->builtin_key_id == app_key_id) { *lifetime = builtin_key->lifetime; *slot_number = builtin_key->slot_number; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } } - return( PSA_ERROR_DOES_NOT_EXIST ); + return PSA_ERROR_DOES_NOT_EXIST; } diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c index e249ec37d4e8..ebee4f842a2c 100644 --- a/tests/src/drivers/test_driver_aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -42,28 +42,25 @@ psa_status_t mbedtls_test_transparent_aead_encrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ) + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length) { mbedtls_test_driver_aead_hooks.hits++; - if( mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_aead_hooks.driver_status = - mbedtls_test_driver_aead_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = libtestdriver1_mbedtls_psa_aead_encrypt( - (const libtestdriver1_psa_key_attributes_t *)attributes, + (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, alg, nonce, nonce_length, additional_data, additional_data_length, plaintext, plaintext_length, - ciphertext, ciphertext_size, ciphertext_length ); + ciphertext, ciphertext_size, ciphertext_length); #elif defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_encrypt( @@ -72,7 +69,7 @@ psa_status_t mbedtls_test_transparent_aead_encrypt( nonce, nonce_length, additional_data, additional_data_length, plaintext, plaintext_length, - ciphertext, ciphertext_size, ciphertext_length ); + ciphertext, ciphertext_size, ciphertext_length); #else (void) attributes; (void) key_buffer; @@ -90,7 +87,7 @@ psa_status_t mbedtls_test_transparent_aead_encrypt( mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; #endif } - return( mbedtls_test_driver_aead_hooks.driver_status ); + return mbedtls_test_driver_aead_hooks.driver_status; } psa_status_t mbedtls_test_transparent_aead_decrypt( @@ -100,28 +97,25 @@ psa_status_t mbedtls_test_transparent_aead_decrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ) + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length) { mbedtls_test_driver_aead_hooks.hits++; - if( mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_aead_hooks.driver_status = - mbedtls_test_driver_aead_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = libtestdriver1_mbedtls_psa_aead_decrypt( - (const libtestdriver1_psa_key_attributes_t *)attributes, + (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, alg, nonce, nonce_length, additional_data, additional_data_length, ciphertext, ciphertext_length, - plaintext, plaintext_size, plaintext_length ); + plaintext, plaintext_size, plaintext_length); #elif defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_decrypt( @@ -130,7 +124,7 @@ psa_status_t mbedtls_test_transparent_aead_decrypt( nonce, nonce_length, additional_data, additional_data_length, ciphertext, ciphertext_length, - plaintext, plaintext_size, plaintext_length ); + plaintext, plaintext_size, plaintext_length); #else (void) attributes; (void) key_buffer; @@ -148,7 +142,7 @@ psa_status_t mbedtls_test_transparent_aead_decrypt( mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; #endif } - return( mbedtls_test_driver_aead_hooks.driver_status ); + return mbedtls_test_driver_aead_hooks.driver_status; } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 30a8119aab26..42eb74da6d65 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -54,41 +54,42 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { mbedtls_test_driver_cipher_hooks.hits++; - if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) - { - if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } - memcpy( output, - mbedtls_test_driver_cipher_hooks.forced_output, - mbedtls_test_driver_cipher_hooks.forced_output_length ); + memcpy(output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length); *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( mbedtls_test_driver_cipher_hooks.forced_status ); + return mbedtls_test_driver_cipher_hooks.forced_status; } - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_encrypt( - (const libtestdriver1_psa_key_attributes_t *)attributes, - key_buffer, key_buffer_size, - alg, iv, iv_length, input, input_length, - output, output_size, output_length ) ); + return libtestdriver1_mbedtls_psa_cipher_encrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, iv, iv_length, input, input_length, + output, output_size, output_length); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_encrypt( - attributes, key_buffer, key_buffer_size, - alg, iv, iv_length, input, input_length, - output, output_size, output_length ) ); + return mbedtls_psa_cipher_encrypt( + attributes, key_buffer, key_buffer_size, + alg, iv, iv_length, input, input_length, + output, output_size, output_length); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_cipher_decrypt( @@ -100,41 +101,42 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { - mbedtls_test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; - if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) - { - if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } - memcpy( output, - mbedtls_test_driver_cipher_hooks.forced_output, - mbedtls_test_driver_cipher_hooks.forced_output_length ); + memcpy(output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length); *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( mbedtls_test_driver_cipher_hooks.forced_status ); + return mbedtls_test_driver_cipher_hooks.forced_status; } - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_decrypt( - (const libtestdriver1_psa_key_attributes_t *)attributes, - key_buffer, key_buffer_size, - alg, input, input_length, - output, output_size, output_length ) ); + return libtestdriver1_mbedtls_psa_cipher_decrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_decrypt( - attributes, key_buffer, key_buffer_size, - alg, input, input_length, - output, output_size, output_length ) ); + return mbedtls_psa_cipher_decrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( @@ -149,23 +151,24 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( * useful for the test suite, since it gives a chance of catching memory * corruption errors should the core not have allocated (enough) memory for * our context struct. */ - memset( operation, 0, sizeof( *operation ) ); + memset(operation, 0, sizeof(*operation)); - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_encrypt_setup( - operation, - (const libtestdriver1_psa_key_attributes_t *)attributes, - key, key_length, alg ) ); + return libtestdriver1_mbedtls_psa_cipher_encrypt_setup( + operation, + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_length, alg); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_encrypt_setup( - operation, attributes, key, key_length, alg ) ); + return mbedtls_psa_cipher_encrypt_setup( + operation, attributes, key, key_length, alg); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( @@ -176,21 +179,22 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( { mbedtls_test_driver_cipher_hooks.hits++; - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_decrypt_setup( - operation, - (const libtestdriver1_psa_key_attributes_t *)attributes, - key, key_length, alg ) ); + return libtestdriver1_mbedtls_psa_cipher_decrypt_setup( + operation, + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_length, alg); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_decrypt_setup( - operation, attributes, key, key_length, alg ) ); + return mbedtls_psa_cipher_decrypt_setup( + operation, attributes, key, key_length, alg); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_cipher_abort( @@ -198,23 +202,24 @@ psa_status_t mbedtls_test_transparent_cipher_abort( { mbedtls_test_driver_cipher_hooks.hits++; - if( operation->alg == 0 ) - return( PSA_SUCCESS ); + if (operation->alg == 0) { + return PSA_SUCCESS; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - libtestdriver1_mbedtls_psa_cipher_abort( operation ); + libtestdriver1_mbedtls_psa_cipher_abort(operation); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - mbedtls_psa_cipher_abort( operation ); + mbedtls_psa_cipher_abort(operation); #endif /* Wiping the entire struct here, instead of member-by-member. This is * useful for the test suite, since it gives a chance of catching memory * corruption errors should the core not have allocated (enough) memory for * our context struct. */ - memset( operation, 0, sizeof( *operation ) ); + memset(operation, 0, sizeof(*operation)); - return( mbedtls_test_driver_cipher_hooks.forced_status ); + return mbedtls_test_driver_cipher_hooks.forced_status; } psa_status_t mbedtls_test_transparent_cipher_set_iv( @@ -224,18 +229,19 @@ psa_status_t mbedtls_test_transparent_cipher_set_iv( { mbedtls_test_driver_cipher_hooks.hits++; - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_set_iv( - operation, iv, iv_length ) ); + return libtestdriver1_mbedtls_psa_cipher_set_iv( + operation, iv, iv_length); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_set_iv( operation, iv, iv_length ) ); + return mbedtls_psa_cipher_set_iv(operation, iv, iv_length); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_cipher_update( @@ -248,34 +254,35 @@ psa_status_t mbedtls_test_transparent_cipher_update( { mbedtls_test_driver_cipher_hooks.hits++; - if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) - { - if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) + if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { return PSA_ERROR_BUFFER_TOO_SMALL; + } - memcpy( output, - mbedtls_test_driver_cipher_hooks.forced_output, - mbedtls_test_driver_cipher_hooks.forced_output_length ); + memcpy(output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length); *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( mbedtls_test_driver_cipher_hooks.forced_status ); + return mbedtls_test_driver_cipher_hooks.forced_status; } - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_update( - operation, input, input_length, - output, output_size, output_length ) ); + return libtestdriver1_mbedtls_psa_cipher_update( + operation, input, input_length, + output, output_size, output_length); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_update( - operation, input, input_length, - output, output_size, output_length ) ); + return mbedtls_psa_cipher_update( + operation, input, input_length, + output, output_size, output_length); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_cipher_finish( @@ -286,32 +293,33 @@ psa_status_t mbedtls_test_transparent_cipher_finish( { mbedtls_test_driver_cipher_hooks.hits++; - if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) - { - if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) + if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { return PSA_ERROR_BUFFER_TOO_SMALL; + } - memcpy( output, - mbedtls_test_driver_cipher_hooks.forced_output, - mbedtls_test_driver_cipher_hooks.forced_output_length ); + memcpy(output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length); *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( mbedtls_test_driver_cipher_hooks.forced_status ); + return mbedtls_test_driver_cipher_hooks.forced_status; } - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_finish( - operation, output, output_size, output_length ) ); + return libtestdriver1_mbedtls_psa_cipher_finish( + operation, output, output_size, output_length); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_finish( - operation, output, output_size, output_length ) ); + return mbedtls_psa_cipher_finish( + operation, output, output_size, output_length); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } /* @@ -336,7 +344,7 @@ psa_status_t mbedtls_test_opaque_cipher_encrypt( (void) output; (void) output_size; (void) output_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_decrypt( @@ -355,7 +363,7 @@ psa_status_t mbedtls_test_opaque_cipher_decrypt( (void) output; (void) output_size; (void) output_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_encrypt_setup( @@ -369,7 +377,7 @@ psa_status_t mbedtls_test_opaque_cipher_encrypt_setup( (void) key; (void) key_length; (void) alg; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_decrypt_setup( @@ -383,14 +391,14 @@ psa_status_t mbedtls_test_opaque_cipher_decrypt_setup( (void) key; (void) key_length; (void) alg; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_abort( - mbedtls_opaque_test_driver_cipher_operation_t *operation ) + mbedtls_opaque_test_driver_cipher_operation_t *operation) { (void) operation; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_set_iv( @@ -401,7 +409,7 @@ psa_status_t mbedtls_test_opaque_cipher_set_iv( (void) operation; (void) iv; (void) iv_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_update( @@ -418,7 +426,7 @@ psa_status_t mbedtls_test_opaque_cipher_update( (void) output; (void) output_size; (void) output_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_finish( @@ -431,6 +439,6 @@ psa_status_t mbedtls_test_opaque_cipher_finish( (void) output; (void) output_size; (void) output_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 89cb8b9097f9..f337e42d782c 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -48,116 +48,115 @@ mbedtls_test_driver_key_management_hooks_t mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT; const uint8_t mbedtls_test_driver_aes_key[16] = - { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46, - 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 }; +{ 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46, + 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 }; const uint8_t mbedtls_test_driver_ecdsa_key[32] = - { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63, - 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18, - 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7, - 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a }; +{ 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63, + 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18, + 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7, + 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a }; const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] = - { 0x04, - 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c, - 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44, - 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a, - 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19, - 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31, - 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b, - 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, - 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; - -psa_status_t mbedtls_test_transparent_init( void ) +{ 0x04, + 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c, + 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44, + 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a, + 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19, + 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31, + 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b, + 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, + 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; + +psa_status_t mbedtls_test_transparent_init(void) { -psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) - status = libtestdriver1_psa_crypto_init( ); - if( status != PSA_SUCCESS ) - return( status ); + status = libtestdriver1_psa_crypto_init(); + if (status != PSA_SUCCESS) { + return status; + } #endif - (void)status; - return( PSA_SUCCESS ); + (void) status; + return PSA_SUCCESS; } -void mbedtls_test_transparent_free( void ) +void mbedtls_test_transparent_free(void) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) - libtestdriver1_mbedtls_psa_crypto_free( ); + libtestdriver1_mbedtls_psa_crypto_free(); #endif return; } -psa_status_t mbedtls_test_opaque_init( void ) +psa_status_t mbedtls_test_opaque_init(void) { - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -void mbedtls_test_opaque_free( void ) +void mbedtls_test_opaque_free(void) { return; } psa_status_t mbedtls_test_transparent_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ) + uint8_t *key, size_t key_size, size_t *key_length) { ++mbedtls_test_driver_key_management_hooks.hits; - if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_key_management_hooks.forced_status ); + if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_key_management_hooks.forced_status; + } - if( mbedtls_test_driver_key_management_hooks.forced_output != NULL ) - { - if( mbedtls_test_driver_key_management_hooks.forced_output_length > - key_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( key, mbedtls_test_driver_key_management_hooks.forced_output, - mbedtls_test_driver_key_management_hooks.forced_output_length ); + if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) { + if (mbedtls_test_driver_key_management_hooks.forced_output_length > + key_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(key, mbedtls_test_driver_key_management_hooks.forced_output, + mbedtls_test_driver_key_management_hooks.forced_output_length); *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } - if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) ) - && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) - { + if (PSA_KEY_TYPE_IS_ECC(psa_get_key_type(attributes)) + && PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) - return( libtestdriver1_mbedtls_psa_ecp_generate_key( - (const libtestdriver1_psa_key_attributes_t *)attributes, - key, key_size, key_length ) ); + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) + return libtestdriver1_mbedtls_psa_ecp_generate_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_size, key_length); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) - return( mbedtls_psa_ecp_generate_key( - attributes, key, key_size, key_length ) ); + return mbedtls_psa_ecp_generate_key( + attributes, key, key_size, key_length); #endif - } - else if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { + } else if (psa_get_key_type(attributes) == PSA_KEY_TYPE_RSA_KEY_PAIR) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) - return( libtestdriver1_mbedtls_psa_rsa_generate_key( - (const libtestdriver1_psa_key_attributes_t *)attributes, - key, key_size, key_length ) ); + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) + return libtestdriver1_mbedtls_psa_rsa_generate_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_size, key_length); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) - return( mbedtls_psa_rsa_generate_key( - attributes, key, key_size, key_length ) ); + return mbedtls_psa_rsa_generate_key( + attributes, key, key_size, key_length); #endif } - (void)attributes; - return( PSA_ERROR_NOT_SUPPORTED ); + (void) attributes; + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ) + uint8_t *key, size_t key_size, size_t *key_length) { (void) attributes; (void) key; (void) key_size; (void) key_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_import_key( @@ -169,231 +168,237 @@ psa_status_t mbedtls_test_transparent_import_key( size_t *key_buffer_length, size_t *bits) { - psa_key_type_t type = psa_get_key_type( attributes ); + psa_key_type_t type = psa_get_key_type(attributes); ++mbedtls_test_driver_key_management_hooks.hits; mbedtls_test_driver_key_management_hooks.location = PSA_KEY_LOCATION_LOCAL_STORAGE; - if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_key_management_hooks.forced_status ); + if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_key_management_hooks.forced_status; + } - if( PSA_KEY_TYPE_IS_ECC( type ) ) - { + if (PSA_KEY_TYPE_IS_ECC(type)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ) - return( libtestdriver1_mbedtls_psa_ecp_import_key( - (const libtestdriver1_psa_key_attributes_t *)attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_ecp_import_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) - return( mbedtls_psa_ecp_import_key( - attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return mbedtls_psa_ecp_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); #endif - } - else if( PSA_KEY_TYPE_IS_RSA( type ) ) - { + } else if (PSA_KEY_TYPE_IS_RSA(type)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) ) - return( libtestdriver1_mbedtls_psa_rsa_import_key( - (const libtestdriver1_psa_key_attributes_t *)attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_rsa_import_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - return( mbedtls_psa_rsa_import_key( - attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return mbedtls_psa_rsa_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); #endif } - (void)data; - (void)data_length; - (void)key_buffer; - (void)key_buffer_size; - (void)key_buffer_length; - (void)bits; - (void)type; + (void) data; + (void) data_length; + (void) key_buffer; + (void) key_buffer_size; + (void) key_buffer_length; + (void) bits; + (void) type; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_export_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { /* Assume this is a builtin key based on the key material length. */ - psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); + psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key); - if( key_length != sizeof( psa_drv_slot_number_t ) ) - { + if (key_length != sizeof(psa_drv_slot_number_t)) { /* Test driver does not support generic opaque key handling yet. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - switch( slot_number ) - { + switch (slot_number) { case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: /* This is the ECDSA slot. Verify the key's attributes before * returning the private key. */ - if( psa_get_key_type( attributes ) != - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 256 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != - PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( ( psa_get_key_usage_flags( attributes ) & - PSA_KEY_USAGE_EXPORT ) == 0 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - - if( data_size < sizeof( mbedtls_test_driver_ecdsa_key ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - memcpy( data, mbedtls_test_driver_ecdsa_key, - sizeof( mbedtls_test_driver_ecdsa_key ) ); - *data_length = sizeof( mbedtls_test_driver_ecdsa_key ); - return( PSA_SUCCESS ); + if (psa_get_key_type(attributes) != + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_bits(attributes) != 256) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_algorithm(attributes) != + PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if ((psa_get_key_usage_flags(attributes) & + PSA_KEY_USAGE_EXPORT) == 0) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + + if (data_size < sizeof(mbedtls_test_driver_ecdsa_key)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(data, mbedtls_test_driver_ecdsa_key, + sizeof(mbedtls_test_driver_ecdsa_key)); + *data_length = sizeof(mbedtls_test_driver_ecdsa_key); + return PSA_SUCCESS; case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: /* This is the AES slot. Verify the key's attributes before * returning the key. */ - if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 128 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( ( psa_get_key_usage_flags( attributes ) & - PSA_KEY_USAGE_EXPORT ) == 0 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - - if( data_size < sizeof( mbedtls_test_driver_aes_key ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - memcpy( data, mbedtls_test_driver_aes_key, - sizeof( mbedtls_test_driver_aes_key ) ); - *data_length = sizeof( mbedtls_test_driver_aes_key ); - return( PSA_SUCCESS ); + if (psa_get_key_type(attributes) != PSA_KEY_TYPE_AES) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_bits(attributes) != 128) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_algorithm(attributes) != PSA_ALG_CTR) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if ((psa_get_key_usage_flags(attributes) & + PSA_KEY_USAGE_EXPORT) == 0) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + + if (data_size < sizeof(mbedtls_test_driver_aes_key)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(data, mbedtls_test_driver_aes_key, + sizeof(mbedtls_test_driver_aes_key)); + *data_length = sizeof(mbedtls_test_driver_aes_key); + return PSA_SUCCESS; default: - return( PSA_ERROR_DOES_NOT_EXIST ); + return PSA_ERROR_DOES_NOT_EXIST; } } psa_status_t mbedtls_test_transparent_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { ++mbedtls_test_driver_key_management_hooks.hits; - if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_key_management_hooks.forced_status ); + if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_key_management_hooks.forced_status; + } - if( mbedtls_test_driver_key_management_hooks.forced_output != NULL ) - { - if( mbedtls_test_driver_key_management_hooks.forced_output_length > - data_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, mbedtls_test_driver_key_management_hooks.forced_output, - mbedtls_test_driver_key_management_hooks.forced_output_length ); + if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) { + if (mbedtls_test_driver_key_management_hooks.forced_output_length > + data_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(data, mbedtls_test_driver_key_management_hooks.forced_output, + mbedtls_test_driver_key_management_hooks.forced_output_length); *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } - psa_key_type_t key_type = psa_get_key_type( attributes ); + psa_key_type_t key_type = psa_get_key_type(attributes); - if( PSA_KEY_TYPE_IS_ECC( key_type ) ) - { + if (PSA_KEY_TYPE_IS_ECC(key_type)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ) - return( libtestdriver1_mbedtls_psa_ecp_export_public_key( - (const libtestdriver1_psa_key_attributes_t *)attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_ecp_export_public_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) - return( mbedtls_psa_ecp_export_public_key( - attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return mbedtls_psa_ecp_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); #endif - } - else if( PSA_KEY_TYPE_IS_RSA( key_type ) ) - { + } else if (PSA_KEY_TYPE_IS_RSA(key_type)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) ) - return( libtestdriver1_mbedtls_psa_rsa_export_public_key( - (const libtestdriver1_psa_key_attributes_t *)attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_rsa_export_public_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - return( mbedtls_psa_rsa_export_public_key( - attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return mbedtls_psa_rsa_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); #endif } - (void)key_buffer; - (void)key_buffer_size; - (void)key_type; + (void) key_buffer; + (void) key_buffer_size; + (void) key_type; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { - if( key_length != sizeof( psa_drv_slot_number_t ) ) - { + if (key_length != sizeof(psa_drv_slot_number_t)) { /* Test driver does not support generic opaque key handling yet. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } /* Assume this is a builtin key based on the key material length. */ - psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); - switch( slot_number ) - { + psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key); + switch (slot_number) { case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: /* This is the ECDSA slot. Verify the key's attributes before * returning the public key. */ - if( psa_get_key_type( attributes ) != - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 256 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != - PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - - if( data_size < sizeof( mbedtls_test_driver_ecdsa_pubkey ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - memcpy( data, mbedtls_test_driver_ecdsa_pubkey, - sizeof( mbedtls_test_driver_ecdsa_pubkey ) ); - *data_length = sizeof( mbedtls_test_driver_ecdsa_pubkey ); - return( PSA_SUCCESS ); + if (psa_get_key_type(attributes) != + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_bits(attributes) != 256) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_algorithm(attributes) != + PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + + if (data_size < sizeof(mbedtls_test_driver_ecdsa_pubkey)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(data, mbedtls_test_driver_ecdsa_pubkey, + sizeof(mbedtls_test_driver_ecdsa_pubkey)); + *data_length = sizeof(mbedtls_test_driver_ecdsa_pubkey); + return PSA_SUCCESS; default: - return( PSA_ERROR_DOES_NOT_EXIST ); + return PSA_ERROR_DOES_NOT_EXIST; } } @@ -410,49 +415,50 @@ psa_status_t mbedtls_test_opaque_export_public_key( psa_status_t mbedtls_test_opaque_get_builtin_key( psa_drv_slot_number_t slot_number, psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { - switch( slot_number ) - { + switch (slot_number) { case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: - psa_set_key_type( attributes, PSA_KEY_TYPE_AES ); - psa_set_key_bits( attributes, 128 ); + psa_set_key_type(attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(attributes, 128); psa_set_key_usage_flags( attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | - PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( attributes, PSA_ALG_CTR ); + PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(attributes, PSA_ALG_CTR); - if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (key_buffer_size < sizeof(psa_drv_slot_number_t)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } - *( (psa_drv_slot_number_t*) key_buffer ) = + *((psa_drv_slot_number_t *) key_buffer) = PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT; - *key_buffer_length = sizeof( psa_drv_slot_number_t ); - return( PSA_SUCCESS ); + *key_buffer_length = sizeof(psa_drv_slot_number_t); + return PSA_SUCCESS; case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: psa_set_key_type( attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); - psa_set_key_bits( attributes, 256 ); + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); + psa_set_key_bits(attributes, 256); psa_set_key_usage_flags( attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | - PSA_KEY_USAGE_EXPORT ); + PSA_KEY_USAGE_EXPORT); psa_set_key_algorithm( - attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ); + attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); - if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (key_buffer_size < sizeof(psa_drv_slot_number_t)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } - *( (psa_drv_slot_number_t*) key_buffer ) = + *((psa_drv_slot_number_t *) key_buffer) = PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT; - *key_buffer_length = sizeof( psa_drv_slot_number_t ); - return( PSA_SUCCESS ); + *key_buffer_length = sizeof(psa_drv_slot_number_t); + return PSA_SUCCESS; default: - return( PSA_ERROR_DOES_NOT_EXIST ); + return PSA_ERROR_DOES_NOT_EXIST; } } diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 06b6eb77ab7a..362cc43a1d7f 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -44,31 +44,28 @@ psa_status_t mbedtls_test_transparent_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_compute( - (const libtestdriver1_psa_key_attributes_t *)attributes, + (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, alg, input, input_length, - mac, mac_size, mac_length ); + mac, mac_size, mac_length); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_compute( attributes, key_buffer, key_buffer_size, alg, input, input_length, - mac, mac_size, mac_length ); + mac, mac_size, mac_length); #else (void) attributes; (void) key_buffer; @@ -83,7 +80,7 @@ psa_status_t mbedtls_test_transparent_mac_compute( #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_transparent_mac_sign_setup( @@ -91,28 +88,25 @@ psa_status_t mbedtls_test_transparent_mac_sign_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_sign_setup( operation, - (const libtestdriver1_psa_key_attributes_t *)attributes, - key_buffer, key_buffer_size, alg ); + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, alg); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_sign_setup( - operation, attributes, key_buffer, key_buffer_size, alg ); + operation, attributes, key_buffer, key_buffer_size, alg); #else (void) operation; (void) attributes; @@ -123,7 +117,7 @@ psa_status_t mbedtls_test_transparent_mac_sign_setup( #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_transparent_mac_verify_setup( @@ -131,28 +125,25 @@ psa_status_t mbedtls_test_transparent_mac_verify_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_verify_setup( operation, - (const libtestdriver1_psa_key_attributes_t *)attributes, - key_buffer, key_buffer_size, alg ); + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, alg); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_verify_setup( - operation, attributes, key_buffer, key_buffer_size, alg ); + operation, attributes, key_buffer, key_buffer_size, alg); #else (void) operation; (void) attributes; @@ -163,32 +154,29 @@ psa_status_t mbedtls_test_transparent_mac_verify_setup( #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_transparent_mac_update( mbedtls_transparent_test_driver_mac_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_update( - operation, input, input_length ); + operation, input, input_length); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_update( - operation, input, input_length ); + operation, input, input_length); #else (void) operation; (void) input; @@ -197,33 +185,30 @@ psa_status_t mbedtls_test_transparent_mac_update( #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_transparent_mac_sign_finish( mbedtls_transparent_test_driver_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_sign_finish( - operation, mac, mac_size, mac_length ); + operation, mac, mac_size, mac_length); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_sign_finish( - operation, mac, mac_size, mac_length ); + operation, mac, mac_size, mac_length); #else (void) operation; (void) mac; @@ -233,32 +218,29 @@ psa_status_t mbedtls_test_transparent_mac_sign_finish( #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_transparent_mac_verify_finish( mbedtls_transparent_test_driver_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ) + size_t mac_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_verify_finish( - operation, mac, mac_length ); + operation, mac, mac_length); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_verify_finish( - operation, mac, mac_length ); + operation, mac, mac_length); #else (void) operation; (void) mac; @@ -267,35 +249,32 @@ psa_status_t mbedtls_test_transparent_mac_verify_finish( #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_transparent_mac_abort( - mbedtls_transparent_test_driver_mac_operation_t *operation ) + mbedtls_transparent_test_driver_mac_operation_t *operation) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = - libtestdriver1_mbedtls_psa_mac_abort( operation ); + libtestdriver1_mbedtls_psa_mac_abort(operation); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_psa_mac_abort( operation ); + mbedtls_psa_mac_abort(operation); #else (void) operation; mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_compute( @@ -307,17 +286,14 @@ psa_status_t mbedtls_test_opaque_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) attributes; (void) key_buffer; (void) key_buffer_size; @@ -330,7 +306,7 @@ psa_status_t mbedtls_test_opaque_mac_compute( mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_sign_setup( @@ -338,17 +314,14 @@ psa_status_t mbedtls_test_opaque_mac_sign_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) operation; (void) attributes; (void) key_buffer; @@ -357,7 +330,7 @@ psa_status_t mbedtls_test_opaque_mac_sign_setup( mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_verify_setup( @@ -365,17 +338,14 @@ psa_status_t mbedtls_test_opaque_mac_verify_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) operation; (void) attributes; (void) key_buffer; @@ -384,47 +354,41 @@ psa_status_t mbedtls_test_opaque_mac_verify_setup( mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_update( mbedtls_opaque_test_driver_mac_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) operation; (void) input; (void) input_length; mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_sign_finish( mbedtls_opaque_test_driver_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) operation; (void) mac; (void) mac_size; @@ -432,49 +396,43 @@ psa_status_t mbedtls_test_opaque_mac_sign_finish( mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_verify_finish( mbedtls_opaque_test_driver_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ) + size_t mac_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) operation; (void) mac; (void) mac_length; mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_abort( - mbedtls_opaque_test_driver_mac_operation_t *operation ) + mbedtls_opaque_test_driver_mac_operation_t *operation) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) operation; mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 3de43a8adece..75d770380f2e 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -64,72 +64,63 @@ psa_status_t sign_hash( size_t hash_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ) + size_t *signature_length) { - if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || - PSA_ALG_IS_RSA_PSS( alg) ) - { + if (attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR) { + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || + PSA_ALG_IS_RSA_PSS(alg)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ) - return( libtestdriver1_mbedtls_psa_rsa_sign_hash( - (const libtestdriver1_psa_key_attributes_t *) attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)) + return libtestdriver1_mbedtls_psa_rsa_sign_hash( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - return( mbedtls_psa_rsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return mbedtls_psa_rsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); #endif + } else { + return PSA_ERROR_INVALID_ARGUMENT; } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); - } - } - else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) - { - if( PSA_ALG_IS_ECDSA( alg ) ) - { + } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) { + if (PSA_ALG_IS_ECDSA(alg)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ) - return( libtestdriver1_mbedtls_psa_ecdsa_sign_hash( - (const libtestdriver1_psa_key_attributes_t *) attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) + return libtestdriver1_mbedtls_psa_ecdsa_sign_hash( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); #elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - return( mbedtls_psa_ecdsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return mbedtls_psa_ecdsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); #endif - } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); + } else { + return PSA_ERROR_INVALID_ARGUMENT; } } - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_size; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_size; + (void) signature_length; + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t verify_hash( @@ -140,71 +131,62 @@ psa_status_t verify_hash( const uint8_t *hash, size_t hash_length, const uint8_t *signature, - size_t signature_length ) + size_t signature_length) { - if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) ) - { - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || - PSA_ALG_IS_RSA_PSS( alg) ) - { + if (PSA_KEY_TYPE_IS_RSA(attributes->core.type)) { + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || + PSA_ALG_IS_RSA_PSS(alg)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ) - return( libtestdriver1_mbedtls_psa_rsa_verify_hash( - (const libtestdriver1_psa_key_attributes_t *) attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)) + return libtestdriver1_mbedtls_psa_rsa_verify_hash( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - return( mbedtls_psa_rsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return mbedtls_psa_rsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); #endif + } else { + return PSA_ERROR_INVALID_ARGUMENT; } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); - } - } - else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) - { - if( PSA_ALG_IS_ECDSA( alg ) ) - { + } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) { + if (PSA_ALG_IS_ECDSA(alg)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ) - return( libtestdriver1_mbedtls_psa_ecdsa_verify_hash( - (const libtestdriver1_psa_key_attributes_t *) attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) + return libtestdriver1_mbedtls_psa_ecdsa_verify_hash( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); #elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - return( mbedtls_psa_ecdsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return mbedtls_psa_ecdsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); #endif - } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); + } else { + return PSA_ERROR_INVALID_ARGUMENT; } } - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_length; + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_signature_sign_message( @@ -216,7 +198,7 @@ psa_status_t mbedtls_test_transparent_signature_sign_message( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ) + size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t hash_length; @@ -224,41 +206,43 @@ psa_status_t mbedtls_test_transparent_signature_sign_message( ++mbedtls_test_driver_signature_sign_hooks.hits; - if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_signature_sign_hooks.forced_status ); + if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_signature_sign_hooks.forced_status; + } - if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL ) - { - if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) { + if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } - memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output, - mbedtls_test_driver_signature_sign_hooks.forced_output_length ); + memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output, + mbedtls_test_driver_signature_sign_hooks.forced_output_length); *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) status = libtestdriver1_mbedtls_psa_hash_compute( - PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, - hash, sizeof( hash ), &hash_length ); + PSA_ALG_SIGN_GET_HASH(alg), input, input_length, + hash, sizeof(hash), &hash_length); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) status = mbedtls_psa_hash_compute( - PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, - hash, sizeof( hash ), &hash_length ); + PSA_ALG_SIGN_GET_HASH(alg), input, input_length, + hash, sizeof(hash), &hash_length); #else (void) input; (void) input_length; status = PSA_ERROR_NOT_SUPPORTED; #endif - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { return status; + } - return( sign_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + return sign_hash(attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); } psa_status_t mbedtls_test_opaque_signature_sign_message( @@ -270,7 +254,7 @@ psa_status_t mbedtls_test_opaque_signature_sign_message( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ) + size_t *signature_length) { (void) attributes; (void) key; @@ -282,7 +266,7 @@ psa_status_t mbedtls_test_opaque_signature_sign_message( (void) signature_size; (void) signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_signature_verify_message( @@ -293,7 +277,7 @@ psa_status_t mbedtls_test_transparent_signature_verify_message( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ) + size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t hash_length; @@ -301,29 +285,31 @@ psa_status_t mbedtls_test_transparent_signature_verify_message( ++mbedtls_test_driver_signature_verify_hooks.hits; - if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_signature_verify_hooks.forced_status ); + if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_signature_verify_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) status = libtestdriver1_mbedtls_psa_hash_compute( - PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, - hash, sizeof( hash ), &hash_length ); + PSA_ALG_SIGN_GET_HASH(alg), input, input_length, + hash, sizeof(hash), &hash_length); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) status = mbedtls_psa_hash_compute( - PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, - hash, sizeof( hash ), &hash_length ); + PSA_ALG_SIGN_GET_HASH(alg), input, input_length, + hash, sizeof(hash), &hash_length); #else (void) input; (void) input_length; status = PSA_ERROR_NOT_SUPPORTED; #endif - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { return status; + } - return( verify_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + return verify_hash(attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); } psa_status_t mbedtls_test_opaque_signature_verify_message( @@ -334,7 +320,7 @@ psa_status_t mbedtls_test_opaque_signature_verify_message( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ) + size_t signature_length) { (void) attributes; (void) key; @@ -345,7 +331,7 @@ psa_status_t mbedtls_test_opaque_signature_verify_message( (void) signature; (void) signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_signature_sign_hash( @@ -353,26 +339,27 @@ psa_status_t mbedtls_test_transparent_signature_sign_hash( const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + uint8_t *signature, size_t signature_size, size_t *signature_length) { ++mbedtls_test_driver_signature_sign_hooks.hits; - if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_signature_sign_hooks.forced_status ); + if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_signature_sign_hooks.forced_status; + } - if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL ) - { - if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output, - mbedtls_test_driver_signature_sign_hooks.forced_output_length ); + if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) { + if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output, + mbedtls_test_driver_signature_sign_hooks.forced_output_length); *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } - return( sign_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + return sign_hash(attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); } psa_status_t mbedtls_test_opaque_signature_sign_hash( @@ -380,7 +367,7 @@ psa_status_t mbedtls_test_opaque_signature_sign_hash( const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + uint8_t *signature, size_t signature_size, size_t *signature_length) { (void) attributes; (void) key; @@ -392,7 +379,7 @@ psa_status_t mbedtls_test_opaque_signature_sign_hash( (void) signature_size; (void) signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_signature_verify_hash( @@ -400,16 +387,17 @@ psa_status_t mbedtls_test_transparent_signature_verify_hash( const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) + const uint8_t *signature, size_t signature_length) { ++mbedtls_test_driver_signature_verify_hooks.hits; - if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_signature_verify_hooks.forced_status ); + if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_signature_verify_hooks.forced_status; + } - return verify_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ); + return verify_hash(attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); } psa_status_t mbedtls_test_opaque_signature_verify_hash( @@ -417,7 +405,7 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash( const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) + const uint8_t *signature, size_t signature_length) { (void) attributes; (void) key; @@ -427,7 +415,7 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash( (void) hash_length; (void) signature; (void) signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_size.c b/tests/src/drivers/test_driver_size.c index d8bcaee38169..e0226dd6d660 100644 --- a/tests/src/drivers/test_driver_size.c +++ b/tests/src/drivers/test_driver_size.c @@ -37,7 +37,7 @@ typedef struct { * This macro returns the base size for the key context. It is the size of the * driver specific information stored in each key context. */ -#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE sizeof( test_driver_key_context_t ) +#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE sizeof(test_driver_key_context_t) /* * Number of bytes included in every key context for a key pair. @@ -70,32 +70,27 @@ typedef struct { size_t mbedtls_test_size_function( const psa_key_type_t key_type, - const size_t key_bits ) + const size_t key_bits) { size_t key_buffer_size = 0; - if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) ) - { + if (PSA_KEY_TYPE_IS_KEY_PAIR(key_type)) { int public_key_overhead = - ( ( TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) - ? PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) : 0 ); + ((TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1) + ? PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits) : 0); key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE + public_key_overhead; - } - else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( key_type ) ) - { + } else if (PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) { key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE; - } - else if ( !PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) && - !PSA_KEY_TYPE_IS_PUBLIC_KEY ( key_type ) ) - { + } else if (!PSA_KEY_TYPE_IS_KEY_PAIR(key_type) && + !PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) { key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + - ( TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR * - ( ( key_bits + 7 ) / 8 ) ); + (TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR * + ((key_bits + 7) / 8)); } - return( key_buffer_size ); + return key_buffer_size; } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/fake_external_rng_for_test.c b/tests/src/fake_external_rng_for_test.c index 9c2195bf0c12..89af7d34f527 100644 --- a/tests/src/fake_external_rng_for_test.c +++ b/tests/src/fake_external_rng_for_test.c @@ -28,29 +28,30 @@ static int test_insecure_external_rng_enabled = 0; -void mbedtls_test_enable_insecure_external_rng( void ) +void mbedtls_test_enable_insecure_external_rng(void) { test_insecure_external_rng_enabled = 1; } -void mbedtls_test_disable_insecure_external_rng( void ) +void mbedtls_test_disable_insecure_external_rng(void) { test_insecure_external_rng_enabled = 0; } psa_status_t mbedtls_psa_external_get_random( mbedtls_psa_external_random_context_t *context, - uint8_t *output, size_t output_size, size_t *output_length ) + uint8_t *output, size_t output_size, size_t *output_length) { (void) context; - if( !test_insecure_external_rng_enabled ) - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + if (!test_insecure_external_rng_enabled) { + return PSA_ERROR_INSUFFICIENT_ENTROPY; + } /* This implementation is for test purposes only! * Use the libc non-cryptographic random generator. */ - mbedtls_test_rnd_std_rand( NULL, output, output_size ); + mbedtls_test_rnd_std_rand(NULL, output, output_size); *output_length = output_size; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 77b4d942dbc2..6c215d1c0a7d 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -28,8 +28,7 @@ /* Static global variables */ #if defined(MBEDTLS_CHECK_PARAMS) -typedef struct -{ +typedef struct { uint8_t expected_call; uint8_t expected_call_happened; @@ -50,40 +49,40 @@ mbedtls_test_info_t mbedtls_test_info; /*----------------------------------------------------------------------------*/ /* Helper Functions */ -int mbedtls_test_platform_setup( void ) +int mbedtls_test_platform_setup(void) { int ret = 0; #if defined(MBEDTLS_PLATFORM_C) - ret = mbedtls_platform_setup( &platform_ctx ); + ret = mbedtls_platform_setup(&platform_ctx); #endif /* MBEDTLS_PLATFORM_C */ - return( ret ); + return ret; } -void mbedtls_test_platform_teardown( void ) +void mbedtls_test_platform_teardown(void) { #if defined(MBEDTLS_PLATFORM_C) - mbedtls_platform_teardown( &platform_ctx ); + mbedtls_platform_teardown(&platform_ctx); #endif /* MBEDTLS_PLATFORM_C */ } static int ascii2uc(const char c, unsigned char *uc) { - if( ( c >= '0' ) && ( c <= '9' ) ) + if ((c >= '0') && (c <= '9')) { *uc = c - '0'; - else if( ( c >= 'a' ) && ( c <= 'f' ) ) + } else if ((c >= 'a') && (c <= 'f')) { *uc = c - 'a' + 10; - else if( ( c >= 'A' ) && ( c <= 'F' ) ) + } else if ((c >= 'A') && (c <= 'F')) { *uc = c - 'A' + 10; - else - return( -1 ); + } else { + return -1; + } - return( 0 ); + return 0; } -void mbedtls_test_fail( const char *test, int line_no, const char* filename ) +void mbedtls_test_fail(const char *test, int line_no, const char *filename) { - if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED ) - { + if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED) { /* We've already recorded the test as having failed. Don't * overwrite any previous information about the failure. */ return; @@ -94,7 +93,7 @@ void mbedtls_test_fail( const char *test, int line_no, const char* filename ) mbedtls_test_info.filename = filename; } -void mbedtls_test_skip( const char *test, int line_no, const char* filename ) +void mbedtls_test_skip(const char *test, int line_no, const char *filename) { mbedtls_test_info.result = MBEDTLS_TEST_RESULT_SKIPPED; mbedtls_test_info.test = test; @@ -102,7 +101,7 @@ void mbedtls_test_skip( const char *test, int line_no, const char* filename ) mbedtls_test_info.filename = filename; } -void mbedtls_test_set_step( unsigned long step ) +void mbedtls_test_set_step(unsigned long step) { mbedtls_test_info.step = step; } @@ -111,201 +110,205 @@ void mbedtls_test_set_step( unsigned long step ) unsigned mbedtls_test_case_uses_negative_0 = 0; #endif -void mbedtls_test_info_reset( void ) +void mbedtls_test_info_reset(void) { mbedtls_test_info.result = MBEDTLS_TEST_RESULT_SUCCESS; - mbedtls_test_info.step = (unsigned long)( -1 ); + mbedtls_test_info.step = (unsigned long) (-1); mbedtls_test_info.test = 0; mbedtls_test_info.line_no = 0; mbedtls_test_info.filename = 0; - memset( mbedtls_test_info.line1, 0, sizeof( mbedtls_test_info.line1 ) ); - memset( mbedtls_test_info.line2, 0, sizeof( mbedtls_test_info.line2 ) ); + memset(mbedtls_test_info.line1, 0, sizeof(mbedtls_test_info.line1)); + memset(mbedtls_test_info.line2, 0, sizeof(mbedtls_test_info.line2)); #if defined(MBEDTLS_BIGNUM_C) mbedtls_test_case_uses_negative_0 = 0; #endif } -int mbedtls_test_equal( const char *test, int line_no, const char* filename, - unsigned long long value1, unsigned long long value2 ) +int mbedtls_test_equal(const char *test, int line_no, const char *filename, + unsigned long long value1, unsigned long long value2) { - TEST_CF_PUBLIC( &value1, sizeof( value1 ) ); - TEST_CF_PUBLIC( &value2, sizeof( value2 ) ); + TEST_CF_PUBLIC(&value1, sizeof(value1)); + TEST_CF_PUBLIC(&value2, sizeof(value2)); - if( value1 == value2 ) - return( 1 ); + if (value1 == value2) { + return 1; + } - if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED ) - { + if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED) { /* We've already recorded the test as having failed. Don't * overwrite any previous information about the failure. */ - return( 0 ); + return 0; } - mbedtls_test_fail( test, line_no, filename ); - (void) mbedtls_snprintf( mbedtls_test_info.line1, - sizeof( mbedtls_test_info.line1 ), - "lhs = 0x%016llx = %lld", - value1, (long long) value1 ); - (void) mbedtls_snprintf( mbedtls_test_info.line2, - sizeof( mbedtls_test_info.line2 ), - "rhs = 0x%016llx = %lld", - value2, (long long) value2 ); - return( 0 ); + mbedtls_test_fail(test, line_no, filename); + (void) mbedtls_snprintf(mbedtls_test_info.line1, + sizeof(mbedtls_test_info.line1), + "lhs = 0x%016llx = %lld", + value1, (long long) value1); + (void) mbedtls_snprintf(mbedtls_test_info.line2, + sizeof(mbedtls_test_info.line2), + "rhs = 0x%016llx = %lld", + value2, (long long) value2); + return 0; } -int mbedtls_test_le_u( const char *test, int line_no, const char* filename, - unsigned long long value1, unsigned long long value2 ) +int mbedtls_test_le_u(const char *test, int line_no, const char *filename, + unsigned long long value1, unsigned long long value2) { - TEST_CF_PUBLIC( &value1, sizeof( value1 ) ); - TEST_CF_PUBLIC( &value2, sizeof( value2 ) ); + TEST_CF_PUBLIC(&value1, sizeof(value1)); + TEST_CF_PUBLIC(&value2, sizeof(value2)); - if( value1 <= value2 ) - return( 1 ); + if (value1 <= value2) { + return 1; + } - if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED ) - { + if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED) { /* We've already recorded the test as having failed. Don't * overwrite any previous information about the failure. */ - return( 0 ); + return 0; } - mbedtls_test_fail( test, line_no, filename ); - (void) mbedtls_snprintf( mbedtls_test_info.line1, - sizeof( mbedtls_test_info.line1 ), - "lhs = 0x%016llx = %llu", - value1, value1 ); - (void) mbedtls_snprintf( mbedtls_test_info.line2, - sizeof( mbedtls_test_info.line2 ), - "rhs = 0x%016llx = %llu", - value2, value2 ); - return( 0 ); + mbedtls_test_fail(test, line_no, filename); + (void) mbedtls_snprintf(mbedtls_test_info.line1, + sizeof(mbedtls_test_info.line1), + "lhs = 0x%016llx = %llu", + value1, value1); + (void) mbedtls_snprintf(mbedtls_test_info.line2, + sizeof(mbedtls_test_info.line2), + "rhs = 0x%016llx = %llu", + value2, value2); + return 0; } -int mbedtls_test_le_s( const char *test, int line_no, const char* filename, - long long value1, long long value2 ) +int mbedtls_test_le_s(const char *test, int line_no, const char *filename, + long long value1, long long value2) { - TEST_CF_PUBLIC( &value1, sizeof( value1 ) ); - TEST_CF_PUBLIC( &value2, sizeof( value2 ) ); + TEST_CF_PUBLIC(&value1, sizeof(value1)); + TEST_CF_PUBLIC(&value2, sizeof(value2)); - if( value1 <= value2 ) - return( 1 ); + if (value1 <= value2) { + return 1; + } - if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED ) - { + if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED) { /* We've already recorded the test as having failed. Don't * overwrite any previous information about the failure. */ - return( 0 ); + return 0; } - mbedtls_test_fail( test, line_no, filename ); - (void) mbedtls_snprintf( mbedtls_test_info.line1, - sizeof( mbedtls_test_info.line1 ), - "lhs = 0x%016llx = %lld", - (unsigned long long) value1, value1 ); - (void) mbedtls_snprintf( mbedtls_test_info.line2, - sizeof( mbedtls_test_info.line2 ), - "rhs = 0x%016llx = %lld", - (unsigned long long) value2, value2 ); - return( 0 ); + mbedtls_test_fail(test, line_no, filename); + (void) mbedtls_snprintf(mbedtls_test_info.line1, + sizeof(mbedtls_test_info.line1), + "lhs = 0x%016llx = %lld", + (unsigned long long) value1, value1); + (void) mbedtls_snprintf(mbedtls_test_info.line2, + sizeof(mbedtls_test_info.line2), + "rhs = 0x%016llx = %lld", + (unsigned long long) value2, value2); + return 0; } -int mbedtls_test_unhexify( unsigned char *obuf, - size_t obufmax, - const char *ibuf, - size_t *len ) +int mbedtls_test_unhexify(unsigned char *obuf, + size_t obufmax, + const char *ibuf, + size_t *len) { unsigned char uc, uc2; - *len = strlen( ibuf ); + *len = strlen(ibuf); /* Must be even number of bytes. */ - if ( ( *len ) & 1 ) - return( -1 ); + if ((*len) & 1) { + return -1; + } *len /= 2; - if ( (*len) > obufmax ) - return( -1 ); + if ((*len) > obufmax) { + return -1; + } - while( *ibuf != 0 ) - { - if ( ascii2uc( *(ibuf++), &uc ) != 0 ) - return( -1 ); + while (*ibuf != 0) { + if (ascii2uc(*(ibuf++), &uc) != 0) { + return -1; + } - if ( ascii2uc( *(ibuf++), &uc2 ) != 0 ) - return( -1 ); + if (ascii2uc(*(ibuf++), &uc2) != 0) { + return -1; + } - *(obuf++) = ( uc << 4 ) | uc2; + *(obuf++) = (uc << 4) | uc2; } - return( 0 ); + return 0; } -void mbedtls_test_hexify( unsigned char *obuf, - const unsigned char *ibuf, - int len ) +void mbedtls_test_hexify(unsigned char *obuf, + const unsigned char *ibuf, + int len) { unsigned char l, h; - while( len != 0 ) - { + while (len != 0) { h = *ibuf / 16; l = *ibuf % 16; - if( h < 10 ) + if (h < 10) { *obuf++ = '0' + h; - else + } else { *obuf++ = 'a' + h - 10; + } - if( l < 10 ) + if (l < 10) { *obuf++ = '0' + l; - else + } else { *obuf++ = 'a' + l - 10; + } ++ibuf; len--; } } -unsigned char *mbedtls_test_zero_alloc( size_t len ) +unsigned char *mbedtls_test_zero_alloc(size_t len) { void *p; - size_t actual_len = ( len != 0 ) ? len : 1; + size_t actual_len = (len != 0) ? len : 1; - p = mbedtls_calloc( 1, actual_len ); - TEST_HELPER_ASSERT( p != NULL ); + p = mbedtls_calloc(1, actual_len); + TEST_HELPER_ASSERT(p != NULL); - memset( p, 0x00, actual_len ); + memset(p, 0x00, actual_len); - return( p ); + return p; } -unsigned char *mbedtls_test_unhexify_alloc( const char *ibuf, size_t *olen ) +unsigned char *mbedtls_test_unhexify_alloc(const char *ibuf, size_t *olen) { unsigned char *obuf; size_t len; - *olen = strlen( ibuf ) / 2; + *olen = strlen(ibuf) / 2; - if( *olen == 0 ) - return( mbedtls_test_zero_alloc( *olen ) ); + if (*olen == 0) { + return mbedtls_test_zero_alloc(*olen); + } - obuf = mbedtls_calloc( 1, *olen ); - TEST_HELPER_ASSERT( obuf != NULL ); - TEST_HELPER_ASSERT( mbedtls_test_unhexify( obuf, *olen, ibuf, &len ) == 0 ); + obuf = mbedtls_calloc(1, *olen); + TEST_HELPER_ASSERT(obuf != NULL); + TEST_HELPER_ASSERT(mbedtls_test_unhexify(obuf, *olen, ibuf, &len) == 0); - return( obuf ); + return obuf; } -int mbedtls_test_hexcmp( uint8_t * a, uint8_t * b, - uint32_t a_len, uint32_t b_len ) +int mbedtls_test_hexcmp(uint8_t *a, uint8_t *b, + uint32_t a_len, uint32_t b_len) { int ret = 0; uint32_t i = 0; - if( a_len != b_len ) - return( -1 ); + if (a_len != b_len) { + return -1; + } - for( i = 0; i < a_len; i++ ) - { - if( a[i] != b[i] ) - { + for (i = 0; i < a_len; i++) { + if (a[i] != b[i]) { ret = -1; break; } @@ -315,40 +318,41 @@ int mbedtls_test_hexcmp( uint8_t * a, uint8_t * b, #if defined(MBEDTLS_CHECK_PARAMS) void mbedtls_test_param_failed_get_location_record( - mbedtls_test_param_failed_location_record_t *location_record ) + mbedtls_test_param_failed_location_record_t *location_record) { *location_record = param_failed_ctx.location_record; } -void mbedtls_test_param_failed_expect_call( void ) +void mbedtls_test_param_failed_expect_call(void) { param_failed_ctx.expected_call_happened = 0; param_failed_ctx.expected_call = 1; } -int mbedtls_test_param_failed_check_expected_call( void ) +int mbedtls_test_param_failed_check_expected_call(void) { param_failed_ctx.expected_call = 0; - if( param_failed_ctx.expected_call_happened != 0 ) - return( 0 ); + if (param_failed_ctx.expected_call_happened != 0) { + return 0; + } - return( -1 ); + return -1; } -void* mbedtls_test_param_failed_get_state_buf( void ) +void *mbedtls_test_param_failed_get_state_buf(void) { return ¶m_failed_ctx.state; } -void mbedtls_test_param_failed_reset_state( void ) +void mbedtls_test_param_failed_reset_state(void) { - memset( param_failed_ctx.state, 0, sizeof( param_failed_ctx.state ) ); + memset(param_failed_ctx.state, 0, sizeof(param_failed_ctx.state)); } -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) +void mbedtls_param_failed(const char *failure_condition, + const char *file, + int line) { /* Record the location of the failure */ param_failed_ctx.location_record.failure_condition = failure_condition; @@ -356,27 +360,24 @@ void mbedtls_param_failed( const char *failure_condition, param_failed_ctx.location_record.line = line; /* If we are testing the callback function... */ - if( param_failed_ctx.expected_call != 0 ) - { + if (param_failed_ctx.expected_call != 0) { param_failed_ctx.expected_call = 0; param_failed_ctx.expected_call_happened = 1; - } - else - { + } else { /* ...else try a long jump. If the execution state has not been set-up * or reset then the long jump buffer is all zero's and the call will * with high probability fault, emphasizing there is something to look * at. */ - longjmp( param_failed_ctx.state, 1 ); + longjmp(param_failed_ctx.state, 1); } } #endif /* MBEDTLS_CHECK_PARAMS */ #if defined(MBEDTLS_TEST_HOOKS) -void mbedtls_test_err_add_check( int high, int low, - const char *file, int line ) +void mbedtls_test_err_add_check(int high, int low, + const char *file, int line) { /* Error codes are always negative (a value of zero is a success) however * their positive opposites can be easier to understand. The following @@ -390,74 +391,64 @@ void mbedtls_test_err_add_check( int high, int low, * and module-dependent error code (bits 7..11)). * l = low level error code. */ - if ( high > -0x1000 && high != 0 ) - /* high < 0001000000000000 - * No high level module ID bits are set. - */ - { - mbedtls_test_fail( "'high' is not a high-level error code", - line, file ); - } - else if ( high < -0x7F80 ) - /* high > 0111111110000000 - * Error code is greater than the largest allowed high level module ID. - */ - { - mbedtls_test_fail( "'high' error code is greater than 15 bits", - line, file ); - } - else if ( ( high & 0x7F ) != 0 ) - /* high & 0000000001111111 - * Error code contains low level error code bits. - */ - { - mbedtls_test_fail( "'high' contains a low-level error code", - line, file ); - } - else if ( low < -0x007F ) - /* low > 0000000001111111 - * Error code contains high or module level error code bits. - */ - { - mbedtls_test_fail( "'low' error code is greater than 7 bits", - line, file ); - } - else if ( low > 0 ) - { - mbedtls_test_fail( "'low' error code is greater than zero", - line, file ); + if (high > -0x1000 && high != 0) { + /* high < 0001000000000000 + * No high level module ID bits are set. + */ + mbedtls_test_fail("'high' is not a high-level error code", + line, file); + } else if (high < -0x7F80) { + /* high > 0111111110000000 + * Error code is greater than the largest allowed high level module ID. + */ + mbedtls_test_fail("'high' error code is greater than 15 bits", + line, file); + } else if ((high & 0x7F) != 0) { + /* high & 0000000001111111 + * Error code contains low level error code bits. + */ + mbedtls_test_fail("'high' contains a low-level error code", + line, file); + } else if (low < -0x007F) { + /* low > 0000000001111111 + * Error code contains high or module level error code bits. + */ + mbedtls_test_fail("'low' error code is greater than 7 bits", + line, file); + } else if (low > 0) { + mbedtls_test_fail("'low' error code is greater than zero", + line, file); } } #endif /* MBEDTLS_TEST_HOOKS */ #if defined(MBEDTLS_BIGNUM_C) -int mbedtls_test_read_mpi( mbedtls_mpi *X, const char *s ) +int mbedtls_test_read_mpi(mbedtls_mpi *X, const char *s) { int negative = 0; /* Always set the sign bit to -1 if the input has a minus sign, even for 0. * This creates an invalid representation, which mbedtls_mpi_read_string() * avoids but we want to be able to create that in test data. */ - if( s[0] == '-' ) - { + if (s[0] == '-') { ++s; negative = 1; } /* mbedtls_mpi_read_string() currently retains leading zeros. * It always allocates at least one limb for the value 0. */ - if( s[0] == 0 ) - { - mbedtls_mpi_free( X ); - return( 0 ); + if (s[0] == 0) { + mbedtls_mpi_free(X); + return 0; + } + int ret = mbedtls_mpi_read_string(X, 16, s); + if (ret != 0) { + return ret; } - int ret = mbedtls_mpi_read_string( X, 16, s ); - if( ret != 0 ) - return( ret ); - if( negative ) - { - if( mbedtls_mpi_cmp_int( X, 0 ) == 0 ) + if (negative) { + if (mbedtls_mpi_cmp_int(X, 0) == 0) { ++mbedtls_test_case_uses_negative_0; + } X->s = -1; } - return( 0 ); + return 0; } #endif diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c index 299b6d125da6..06274d388c8c 100644 --- a/tests/src/psa_crypto_helpers.c +++ b/tests/src/psa_crypto_helpers.c @@ -36,96 +36,106 @@ static mbedtls_svc_key_id_t key_ids_used_in_test[9]; static size_t num_key_ids_used; -int mbedtls_test_uses_key_id( mbedtls_svc_key_id_t key_id ) +int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id) { size_t i; - if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key_id ) > - PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) - { + if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id) > + PSA_MAX_PERSISTENT_KEY_IDENTIFIER) { /* Don't touch key id values that designate non-key files. */ - return( 1 ); + return 1; } - for( i = 0; i < num_key_ids_used ; i++ ) - { - if( mbedtls_svc_key_id_equal( key_id, key_ids_used_in_test[i] ) ) - return( 1 ); + for (i = 0; i < num_key_ids_used; i++) { + if (mbedtls_svc_key_id_equal(key_id, key_ids_used_in_test[i])) { + return 1; + } + } + if (num_key_ids_used == ARRAY_LENGTH(key_ids_used_in_test)) { + return 0; } - if( num_key_ids_used == ARRAY_LENGTH( key_ids_used_in_test ) ) - return( 0 ); key_ids_used_in_test[num_key_ids_used] = key_id; ++num_key_ids_used; - return( 1 ); + return 1; } -void mbedtls_test_psa_purge_key_storage( void ) +void mbedtls_test_psa_purge_key_storage(void) { size_t i; - for( i = 0; i < num_key_ids_used; i++ ) - psa_destroy_persistent_key( key_ids_used_in_test[i] ); + for (i = 0; i < num_key_ids_used; i++) { + psa_destroy_persistent_key(key_ids_used_in_test[i]); + } num_key_ids_used = 0; } -void mbedtls_test_psa_purge_key_cache( void ) +void mbedtls_test_psa_purge_key_cache(void) { size_t i; - for( i = 0; i < num_key_ids_used; i++ ) - psa_purge_key( key_ids_used_in_test[i] ); + for (i = 0; i < num_key_ids_used; i++) { + psa_purge_key(key_ids_used_in_test[i]); + } } #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -const char *mbedtls_test_helper_is_psa_leaking( void ) +const char *mbedtls_test_helper_is_psa_leaking(void) { mbedtls_psa_stats_t stats; - mbedtls_psa_get_stats( &stats ); + mbedtls_psa_get_stats(&stats); - if( stats.volatile_slots != 0 ) - return( "A volatile slot has not been closed properly." ); - if( stats.persistent_slots != 0 ) - return( "A persistent slot has not been closed properly." ); - if( stats.external_slots != 0 ) - return( "An external slot has not been closed properly." ); - if( stats.half_filled_slots != 0 ) - return( "A half-filled slot has not been cleared properly." ); - if( stats.locked_slots != 0 ) - return( "Some slots are still marked as locked." ); + if (stats.volatile_slots != 0) { + return "A volatile slot has not been closed properly."; + } + if (stats.persistent_slots != 0) { + return "A persistent slot has not been closed properly."; + } + if (stats.external_slots != 0) { + return "An external slot has not been closed properly."; + } + if (stats.half_filled_slots != 0) { + return "A half-filled slot has not been cleared properly."; + } + if (stats.locked_slots != 0) { + return "Some slots are still marked as locked."; + } - return( NULL ); + return NULL; } #if defined(RECORD_PSA_STATUS_COVERAGE_LOG) /** Name of the file where return statuses are logged by #RECORD_STATUS. */ #define STATUS_LOG_FILE_NAME "statuses.log" -psa_status_t mbedtls_test_record_status( psa_status_t status, - const char *func, - const char *file, int line, - const char *expr ) +psa_status_t mbedtls_test_record_status(psa_status_t status, + const char *func, + const char *file, int line, + const char *expr) { /* We open the log file on first use. * We never close the log file, so the record_status feature is not * compatible with resource leak detectors such as Asan. */ static FILE *log; - if( log == NULL ) - log = fopen( STATUS_LOG_FILE_NAME, "a" ); - fprintf( log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr ); - return( status ); + if (log == NULL) { + log = fopen(STATUS_LOG_FILE_NAME, "a"); + } + fprintf(log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr); + return status; } #endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */ -psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags ) +psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags) { psa_key_usage_t updated_usage = usage_flags; - if( usage_flags & PSA_KEY_USAGE_SIGN_HASH ) + if (usage_flags & PSA_KEY_USAGE_SIGN_HASH) { updated_usage |= PSA_KEY_USAGE_SIGN_MESSAGE; + } - if( usage_flags & PSA_KEY_USAGE_VERIFY_HASH ) + if (usage_flags & PSA_KEY_USAGE_VERIFY_HASH) { updated_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; + } - return( updated_usage ); + return updated_usage; } #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index d1650f182561..0843e24473e6 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -33,14 +33,14 @@ #include #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -static int lifetime_is_dynamic_secure_element( psa_key_lifetime_t lifetime ) +static int lifetime_is_dynamic_secure_element(psa_key_lifetime_t lifetime) { - return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) != - PSA_KEY_LOCATION_LOCAL_STORAGE ); + return PSA_KEY_LIFETIME_GET_LOCATION(lifetime) != + PSA_KEY_LOCATION_LOCAL_STORAGE; } #endif -static int check_key_attributes_sanity( mbedtls_svc_key_id_t key ) +static int check_key_attributes_sanity(mbedtls_svc_key_id_t key) { int ok = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -49,58 +49,54 @@ static int check_key_attributes_sanity( mbedtls_svc_key_id_t key ) psa_key_type_t type; size_t bits; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - lifetime = psa_get_key_lifetime( &attributes ); - id = psa_get_key_id( &attributes ); - type = psa_get_key_type( &attributes ); - bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + lifetime = psa_get_key_lifetime(&attributes); + id = psa_get_key_id(&attributes); + type = psa_get_key_type(&attributes); + bits = psa_get_key_bits(&attributes); /* Persistence */ - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { TEST_ASSERT( - ( PSA_KEY_ID_VOLATILE_MIN <= - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) && - ( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <= - PSA_KEY_ID_VOLATILE_MAX ) ); - } - else - { + (PSA_KEY_ID_VOLATILE_MIN <= + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id)) && + (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) <= + PSA_KEY_ID_VOLATILE_MAX)); + } else { TEST_ASSERT( - ( PSA_KEY_ID_USER_MIN <= MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) && - ( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <= PSA_KEY_ID_USER_MAX ) ); + (PSA_KEY_ID_USER_MIN <= MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id)) && + (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) <= PSA_KEY_ID_USER_MAX)); } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* randomly-generated 64-bit constant, should never appear in test data */ psa_key_slot_number_t slot_number = 0xec94d4a5058a1a21; - psa_status_t status = psa_get_key_slot_number( &attributes, &slot_number ); - if( lifetime_is_dynamic_secure_element( lifetime ) ) - { + psa_status_t status = psa_get_key_slot_number(&attributes, &slot_number); + if (lifetime_is_dynamic_secure_element(lifetime)) { /* Mbed Crypto currently always exposes the slot number to * applications. This is not mandated by the PSA specification * and may change in future versions. */ - TEST_EQUAL( status, 0 ); - TEST_ASSERT( slot_number != 0xec94d4a5058a1a21 ); - } - else - { - TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL(status, 0); + TEST_ASSERT(slot_number != 0xec94d4a5058a1a21); + } else { + TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT); } #endif /* Type and size */ - TEST_ASSERT( type != 0 ); - TEST_ASSERT( bits != 0 ); - TEST_ASSERT( bits <= PSA_MAX_KEY_BITS ); - if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) - TEST_ASSERT( bits % 8 == 0 ); + TEST_ASSERT(type != 0); + TEST_ASSERT(bits != 0); + TEST_ASSERT(bits <= PSA_MAX_KEY_BITS); + if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) { + TEST_ASSERT(bits % 8 == 0); + } /* MAX macros concerning specific key types */ - if( PSA_KEY_TYPE_IS_ECC( type ) ) - TEST_ASSERT( bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS ); - else if( PSA_KEY_TYPE_IS_RSA( type ) ) - TEST_ASSERT( bits <= PSA_VENDOR_RSA_MAX_KEY_BITS ); - TEST_ASSERT( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ) <= PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE ); + if (PSA_KEY_TYPE_IS_ECC(type)) { + TEST_ASSERT(bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS); + } else if (PSA_KEY_TYPE_IS_RSA(type)) { + TEST_ASSERT(bits <= PSA_VENDOR_RSA_MAX_KEY_BITS); + } + TEST_ASSERT(PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) <= PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE); ok = 1; @@ -109,410 +105,389 @@ static int check_key_attributes_sanity( mbedtls_svc_key_id_t key ) * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - return( ok ); + return ok; } -static int exercise_mac_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_mac_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; const unsigned char input[] = "foo"; - unsigned char mac[PSA_MAC_MAX_SIZE] = {0}; - size_t mac_length = sizeof( mac ); + unsigned char mac[PSA_MAC_MAX_SIZE] = { 0 }; + size_t mac_length = sizeof(mac); /* Convert wildcard algorithm to exercisable algorithm */ - if( alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) - { - alg = PSA_ALG_TRUNCATED_MAC( alg, PSA_MAC_TRUNCATED_LENGTH( alg ) ); + if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) { + alg = PSA_ALG_TRUNCATED_MAC(alg, PSA_MAC_TRUNCATED_LENGTH(alg)); } - if( usage & PSA_KEY_USAGE_SIGN_HASH ) - { - PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input, sizeof( input ) ) ); - PSA_ASSERT( psa_mac_sign_finish( &operation, - mac, sizeof( mac ), - &mac_length ) ); + if (usage & PSA_KEY_USAGE_SIGN_HASH) { + PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input, sizeof(input))); + PSA_ASSERT(psa_mac_sign_finish(&operation, + mac, sizeof(mac), + &mac_length)); } - if( usage & PSA_KEY_USAGE_VERIFY_HASH ) - { + if (usage & PSA_KEY_USAGE_VERIFY_HASH) { psa_status_t verify_status = - ( usage & PSA_KEY_USAGE_SIGN_HASH ? - PSA_SUCCESS : - PSA_ERROR_INVALID_SIGNATURE ); - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input, sizeof( input ) ) ); - TEST_EQUAL( psa_mac_verify_finish( &operation, mac, mac_length ), - verify_status ); + (usage & PSA_KEY_USAGE_SIGN_HASH ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input, sizeof(input))); + TEST_EQUAL(psa_mac_verify_finish(&operation, mac, mac_length), + verify_status); } - return( 1 ); + return 1; exit: - psa_mac_abort( &operation ); - return( 0 ); + psa_mac_abort(&operation); + return 0; } -static int exercise_cipher_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_cipher_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - unsigned char iv[PSA_CIPHER_IV_MAX_SIZE] = {0}; + unsigned char iv[PSA_CIPHER_IV_MAX_SIZE] = { 0 }; size_t iv_length; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type; const unsigned char plaintext[16] = "Hello, world..."; unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)"; - size_t ciphertext_length = sizeof( ciphertext ); - unsigned char decrypted[sizeof( ciphertext )]; + size_t ciphertext_length = sizeof(ciphertext); + unsigned char decrypted[sizeof(ciphertext)]; size_t part_length; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_type = psa_get_key_type( &attributes ); - iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_type = psa_get_key_type(&attributes); + iv_length = PSA_CIPHER_IV_LENGTH(key_type, alg); - if( usage & PSA_KEY_USAGE_ENCRYPT ) - { - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - if( iv_length != 0 ) - { - PSA_ASSERT( psa_cipher_generate_iv( &operation, - iv, sizeof( iv ), - &iv_length ) ); + if (usage & PSA_KEY_USAGE_ENCRYPT) { + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + if (iv_length != 0) { + PSA_ASSERT(psa_cipher_generate_iv(&operation, + iv, sizeof(iv), + &iv_length)); } - PSA_ASSERT( psa_cipher_update( &operation, - plaintext, sizeof( plaintext ), - ciphertext, sizeof( ciphertext ), - &ciphertext_length ) ); - PSA_ASSERT( psa_cipher_finish( &operation, - ciphertext + ciphertext_length, - sizeof( ciphertext ) - ciphertext_length, - &part_length ) ); + PSA_ASSERT(psa_cipher_update(&operation, + plaintext, sizeof(plaintext), + ciphertext, sizeof(ciphertext), + &ciphertext_length)); + PSA_ASSERT(psa_cipher_finish(&operation, + ciphertext + ciphertext_length, + sizeof(ciphertext) - ciphertext_length, + &part_length)); ciphertext_length += part_length; } - if( usage & PSA_KEY_USAGE_DECRYPT ) - { + if (usage & PSA_KEY_USAGE_DECRYPT) { psa_status_t status; int maybe_invalid_padding = 0; - if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) ) - { - maybe_invalid_padding = ! PSA_ALG_IS_STREAM_CIPHER( alg ); + if (!(usage & PSA_KEY_USAGE_ENCRYPT)) { + maybe_invalid_padding = !PSA_ALG_IS_STREAM_CIPHER(alg); } - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - if( iv_length != 0 ) - { - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, iv_length ) ); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); + if (iv_length != 0) { + PSA_ASSERT(psa_cipher_set_iv(&operation, + iv, iv_length)); } - PSA_ASSERT( psa_cipher_update( &operation, - ciphertext, ciphertext_length, - decrypted, sizeof( decrypted ), - &part_length ) ); - status = psa_cipher_finish( &operation, - decrypted + part_length, - sizeof( decrypted ) - part_length, - &part_length ); + PSA_ASSERT(psa_cipher_update(&operation, + ciphertext, ciphertext_length, + decrypted, sizeof(decrypted), + &part_length)); + status = psa_cipher_finish(&operation, + decrypted + part_length, + sizeof(decrypted) - part_length, + &part_length); /* For a stream cipher, all inputs are valid. For a block cipher, * if the input is some arbitrary data rather than an actual - ciphertext, a padding error is likely. */ - if( maybe_invalid_padding ) - TEST_ASSERT( status == PSA_SUCCESS || - status == PSA_ERROR_INVALID_PADDING ); - else - PSA_ASSERT( status ); + ciphertext, a padding error is likely. */ + if (maybe_invalid_padding) { + TEST_ASSERT(status == PSA_SUCCESS || + status == PSA_ERROR_INVALID_PADDING); + } else { + PSA_ASSERT(status); + } } - return( 1 ); + return 1; exit: - psa_cipher_abort( &operation ); - psa_reset_key_attributes( &attributes ); - return( 0 ); + psa_cipher_abort(&operation); + psa_reset_key_attributes(&attributes); + return 0; } -static int exercise_aead_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_aead_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { - unsigned char nonce[PSA_AEAD_NONCE_MAX_SIZE] = {0}; + unsigned char nonce[PSA_AEAD_NONCE_MAX_SIZE] = { 0 }; size_t nonce_length; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type; unsigned char plaintext[16] = "Hello, world..."; unsigned char ciphertext[48] = "(wabblewebblewibblewobblewubble)"; - size_t ciphertext_length = sizeof( ciphertext ); - size_t plaintext_length = sizeof( ciphertext ); + size_t ciphertext_length = sizeof(ciphertext); + size_t plaintext_length = sizeof(ciphertext); /* Convert wildcard algorithm to exercisable algorithm */ - if( alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) - { - alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) ); + if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) { + alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, PSA_ALG_AEAD_GET_TAG_LENGTH(alg)); } - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_type = psa_get_key_type( &attributes ); - nonce_length = PSA_AEAD_NONCE_LENGTH( key_type, alg ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_type = psa_get_key_type(&attributes); + nonce_length = PSA_AEAD_NONCE_LENGTH(key_type, alg); - if( usage & PSA_KEY_USAGE_ENCRYPT ) - { - PSA_ASSERT( psa_aead_encrypt( key, alg, - nonce, nonce_length, - NULL, 0, - plaintext, sizeof( plaintext ), - ciphertext, sizeof( ciphertext ), - &ciphertext_length ) ); + if (usage & PSA_KEY_USAGE_ENCRYPT) { + PSA_ASSERT(psa_aead_encrypt(key, alg, + nonce, nonce_length, + NULL, 0, + plaintext, sizeof(plaintext), + ciphertext, sizeof(ciphertext), + &ciphertext_length)); } - if( usage & PSA_KEY_USAGE_DECRYPT ) - { + if (usage & PSA_KEY_USAGE_DECRYPT) { psa_status_t verify_status = - ( usage & PSA_KEY_USAGE_ENCRYPT ? - PSA_SUCCESS : - PSA_ERROR_INVALID_SIGNATURE ); - TEST_EQUAL( psa_aead_decrypt( key, alg, - nonce, nonce_length, - NULL, 0, - ciphertext, ciphertext_length, - plaintext, sizeof( plaintext ), - &plaintext_length ), - verify_status ); + (usage & PSA_KEY_USAGE_ENCRYPT ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE); + TEST_EQUAL(psa_aead_decrypt(key, alg, + nonce, nonce_length, + NULL, 0, + ciphertext, ciphertext_length, + plaintext, sizeof(plaintext), + &plaintext_length), + verify_status); } - return( 1 ); + return 1; exit: - psa_reset_key_attributes( &attributes ); - return( 0 ); + psa_reset_key_attributes(&attributes); + return 0; } -static int can_sign_or_verify_message( psa_key_usage_t usage, - psa_algorithm_t alg ) +static int can_sign_or_verify_message(psa_key_usage_t usage, + psa_algorithm_t alg) { /* Sign-the-unspecified-hash algorithms can only be used with * {sign,verify}_hash, not with {sign,verify}_message. */ - if( alg == PSA_ALG_ECDSA_ANY || alg == PSA_ALG_RSA_PKCS1V15_SIGN_RAW ) - return( 0 ); - return( usage & ( PSA_KEY_USAGE_SIGN_MESSAGE | - PSA_KEY_USAGE_VERIFY_MESSAGE ) ); + if (alg == PSA_ALG_ECDSA_ANY || alg == PSA_ALG_RSA_PKCS1V15_SIGN_RAW) { + return 0; + } + return usage & (PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_VERIFY_MESSAGE); } -static int exercise_signature_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_signature_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { - if( usage & ( PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ) ) - { - unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; + if (usage & (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH)) { + unsigned char payload[PSA_HASH_MAX_SIZE] = { 1 }; size_t payload_length = 16; - unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; - size_t signature_length = sizeof( signature ); - psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); + unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 }; + size_t signature_length = sizeof(signature); + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg); /* If the policy allows signing with any hash, just pick one. */ - if( PSA_ALG_IS_SIGN_HASH( alg ) && hash_alg == PSA_ALG_ANY_HASH ) - { + if (PSA_ALG_IS_SIGN_HASH(alg) && hash_alg == PSA_ALG_ANY_HASH) { #if defined(KNOWN_MBEDTLS_SUPPORTED_HASH_ALG) hash_alg = KNOWN_MBEDTLS_SUPPORTED_HASH_ALG; alg ^= PSA_ALG_ANY_HASH ^ hash_alg; #else - TEST_ASSERT( ! "No hash algorithm for hash-and-sign testing" ); + TEST_ASSERT(!"No hash algorithm for hash-and-sign testing"); #endif } /* Some algorithms require the payload to have the size of * the hash encoded in the algorithm. Use this input size * even for algorithms that allow other input sizes. */ - if( hash_alg != 0 ) - payload_length = PSA_HASH_LENGTH( hash_alg ); + if (hash_alg != 0) { + payload_length = PSA_HASH_LENGTH(hash_alg); + } - if( usage & PSA_KEY_USAGE_SIGN_HASH ) - { - PSA_ASSERT( psa_sign_hash( key, alg, - payload, payload_length, - signature, sizeof( signature ), - &signature_length ) ); + if (usage & PSA_KEY_USAGE_SIGN_HASH) { + PSA_ASSERT(psa_sign_hash(key, alg, + payload, payload_length, + signature, sizeof(signature), + &signature_length)); } - if( usage & PSA_KEY_USAGE_VERIFY_HASH ) - { + if (usage & PSA_KEY_USAGE_VERIFY_HASH) { psa_status_t verify_status = - ( usage & PSA_KEY_USAGE_SIGN_HASH ? - PSA_SUCCESS : - PSA_ERROR_INVALID_SIGNATURE ); - TEST_EQUAL( psa_verify_hash( key, alg, - payload, payload_length, - signature, signature_length ), - verify_status ); + (usage & PSA_KEY_USAGE_SIGN_HASH ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE); + TEST_EQUAL(psa_verify_hash(key, alg, + payload, payload_length, + signature, signature_length), + verify_status); } } - if( can_sign_or_verify_message( usage, alg ) ) - { + if (can_sign_or_verify_message(usage, alg)) { unsigned char message[256] = "Hello, world..."; - unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; + unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 }; size_t message_length = 16; - size_t signature_length = sizeof( signature ); + size_t signature_length = sizeof(signature); - if( usage & PSA_KEY_USAGE_SIGN_MESSAGE ) - { - PSA_ASSERT( psa_sign_message( key, alg, - message, message_length, - signature, sizeof( signature ), - &signature_length ) ); + if (usage & PSA_KEY_USAGE_SIGN_MESSAGE) { + PSA_ASSERT(psa_sign_message(key, alg, + message, message_length, + signature, sizeof(signature), + &signature_length)); } - if( usage & PSA_KEY_USAGE_VERIFY_MESSAGE ) - { + if (usage & PSA_KEY_USAGE_VERIFY_MESSAGE) { psa_status_t verify_status = - ( usage & PSA_KEY_USAGE_SIGN_MESSAGE ? - PSA_SUCCESS : - PSA_ERROR_INVALID_SIGNATURE ); - TEST_EQUAL( psa_verify_message( key, alg, - message, message_length, - signature, signature_length ), - verify_status ); + (usage & PSA_KEY_USAGE_SIGN_MESSAGE ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE); + TEST_EQUAL(psa_verify_message(key, alg, + message, message_length, + signature, signature_length), + verify_status); } } - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } -static int exercise_asymmetric_encryption_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_asymmetric_encryption_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { unsigned char plaintext[256] = "Hello, world..."; unsigned char ciphertext[256] = "(wabblewebblewibblewobblewubble)"; - size_t ciphertext_length = sizeof( ciphertext ); + size_t ciphertext_length = sizeof(ciphertext); size_t plaintext_length = 16; - if( usage & PSA_KEY_USAGE_ENCRYPT ) - { - PSA_ASSERT( psa_asymmetric_encrypt( key, alg, - plaintext, plaintext_length, - NULL, 0, - ciphertext, sizeof( ciphertext ), - &ciphertext_length ) ); + if (usage & PSA_KEY_USAGE_ENCRYPT) { + PSA_ASSERT(psa_asymmetric_encrypt(key, alg, + plaintext, plaintext_length, + NULL, 0, + ciphertext, sizeof(ciphertext), + &ciphertext_length)); } - if( usage & PSA_KEY_USAGE_DECRYPT ) - { + if (usage & PSA_KEY_USAGE_DECRYPT) { psa_status_t status = - psa_asymmetric_decrypt( key, alg, - ciphertext, ciphertext_length, - NULL, 0, - plaintext, sizeof( plaintext ), - &plaintext_length ); - TEST_ASSERT( status == PSA_SUCCESS || - ( ( usage & PSA_KEY_USAGE_ENCRYPT ) == 0 && - ( status == PSA_ERROR_INVALID_ARGUMENT || - status == PSA_ERROR_INVALID_PADDING ) ) ); + psa_asymmetric_decrypt(key, alg, + ciphertext, ciphertext_length, + NULL, 0, + plaintext, sizeof(plaintext), + &plaintext_length); + TEST_ASSERT(status == PSA_SUCCESS || + ((usage & PSA_KEY_USAGE_ENCRYPT) == 0 && + (status == PSA_ERROR_INVALID_ARGUMENT || + status == PSA_ERROR_INVALID_PADDING))); } - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } int mbedtls_test_psa_setup_key_derivation_wrap( - psa_key_derivation_operation_t* operation, + psa_key_derivation_operation_t *operation, mbedtls_svc_key_id_t key, psa_algorithm_t alg, - const unsigned char* input1, size_t input1_length, - const unsigned char* input2, size_t input2_length, - size_t capacity ) + const unsigned char *input1, size_t input1_length, + const unsigned char *input2, size_t input2_length, + size_t capacity) { - PSA_ASSERT( psa_key_derivation_setup( operation, alg ) ); - if( PSA_ALG_IS_HKDF( alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( operation, - PSA_KEY_DERIVATION_INPUT_SALT, - input1, input1_length ) ); - PSA_ASSERT( psa_key_derivation_input_key( operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - key ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( operation, - PSA_KEY_DERIVATION_INPUT_INFO, - input2, - input2_length ) ); - } - else if( PSA_ALG_IS_TLS12_PRF( alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( operation, - PSA_KEY_DERIVATION_INPUT_SEED, - input1, input1_length ) ); - PSA_ASSERT( psa_key_derivation_input_key( operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - key ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( operation, - PSA_KEY_DERIVATION_INPUT_LABEL, - input2, input2_length ) ); - } - else - { - TEST_ASSERT( ! "Key derivation algorithm not supported" ); - } - - if( capacity != SIZE_MAX ) - PSA_ASSERT( psa_key_derivation_set_capacity( operation, capacity ) ); - - return( 1 ); + PSA_ASSERT(psa_key_derivation_setup(operation, alg)); + if (PSA_ALG_IS_HKDF(alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SALT, + input1, input1_length)); + PSA_ASSERT(psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key)); + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_INFO, + input2, + input2_length)); + } else if (PSA_ALG_IS_TLS12_PRF(alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SEED, + input1, input1_length)); + PSA_ASSERT(psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key)); + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_LABEL, + input2, input2_length)); + } else { + TEST_ASSERT(!"Key derivation algorithm not supported"); + } + + if (capacity != SIZE_MAX) { + PSA_ASSERT(psa_key_derivation_set_capacity(operation, capacity)); + } + + return 1; exit: - return( 0 ); + return 0; } -static int exercise_key_derivation_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_key_derivation_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char input1[] = "Input 1"; - size_t input1_length = sizeof( input1 ); + size_t input1_length = sizeof(input1); unsigned char input2[] = "Input 2"; - size_t input2_length = sizeof( input2 ); + size_t input2_length = sizeof(input2); unsigned char output[1]; - size_t capacity = sizeof( output ); + size_t capacity = sizeof(output); - if( usage & PSA_KEY_USAGE_DERIVE ) - { - if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, key, alg, - input1, input1_length, - input2, input2_length, - capacity ) ) + if (usage & PSA_KEY_USAGE_DERIVE) { + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, key, alg, + input1, input1_length, + input2, input2_length, + capacity)) { goto exit; + } - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output, - capacity ) ); - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output, + capacity)); + PSA_ASSERT(psa_key_derivation_abort(&operation)); } - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ psa_status_t mbedtls_test_psa_key_agreement_with_self( psa_key_derivation_operation_t *operation, - mbedtls_svc_key_id_t key ) + mbedtls_svc_key_id_t key) { psa_key_type_t private_key_type; psa_key_type_t public_key_type; @@ -525,34 +500,34 @@ psa_status_t mbedtls_test_psa_key_agreement_with_self( psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - private_key_type = psa_get_key_type( &attributes ); - key_bits = psa_get_key_bits( &attributes ); - public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type ); - public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_key_type, key_bits ); - ASSERT_ALLOC( public_key, public_key_length ); - PSA_ASSERT( psa_export_public_key( key, public_key, public_key_length, - &public_key_length ) ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + private_key_type = psa_get_key_type(&attributes); + key_bits = psa_get_key_bits(&attributes); + public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type); + public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits); + ASSERT_ALLOC(public_key, public_key_length); + PSA_ASSERT(psa_export_public_key(key, public_key, public_key_length, + &public_key_length)); status = psa_key_derivation_key_agreement( operation, PSA_KEY_DERIVATION_INPUT_SECRET, key, - public_key, public_key_length ); + public_key, public_key_length); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( public_key ); - return( status ); + mbedtls_free(public_key); + return status; } /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( psa_algorithm_t alg, - mbedtls_svc_key_id_t key ) + mbedtls_svc_key_id_t key) { psa_key_type_t private_key_type; psa_key_type_t public_key_type; @@ -567,26 +542,25 @@ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - private_key_type = psa_get_key_type( &attributes ); - key_bits = psa_get_key_bits( &attributes ); - public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type ); - public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_key_type, key_bits ); - ASSERT_ALLOC( public_key, public_key_length ); - PSA_ASSERT( psa_export_public_key( key, - public_key, public_key_length, - &public_key_length ) ); - - status = psa_raw_key_agreement( alg, key, - public_key, public_key_length, - output, sizeof( output ), &output_length ); - if ( status == PSA_SUCCESS ) - { - TEST_ASSERT( output_length <= - PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( private_key_type, - key_bits ) ); - TEST_ASSERT( output_length <= - PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + private_key_type = psa_get_key_type(&attributes); + key_bits = psa_get_key_bits(&attributes); + public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type); + public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits); + ASSERT_ALLOC(public_key, public_key_length); + PSA_ASSERT(psa_export_public_key(key, + public_key, public_key_length, + &public_key_length)); + + status = psa_raw_key_agreement(alg, key, + public_key, public_key_length, + output, sizeof(output), &output_length); + if (status == PSA_SUCCESS) { + TEST_ASSERT(output_length <= + PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(private_key_type, + key_bits)); + TEST_ASSERT(output_length <= + PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE); } exit: @@ -594,93 +568,86 @@ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( public_key ); - return( status ); + mbedtls_free(public_key); + return status; } -static int exercise_raw_key_agreement_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_raw_key_agreement_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { int ok = 0; - if( usage & PSA_KEY_USAGE_DERIVE ) - { + if (usage & PSA_KEY_USAGE_DERIVE) { /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ - PSA_ASSERT( mbedtls_test_psa_raw_key_agreement_with_self( alg, key ) ); + PSA_ASSERT(mbedtls_test_psa_raw_key_agreement_with_self(alg, key)); } ok = 1; exit: - return( ok ); + return ok; } -static int exercise_key_agreement_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_key_agreement_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char input[1]; unsigned char output[1]; int ok = 0; - psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ); + psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg); - if( usage & PSA_KEY_USAGE_DERIVE ) - { + if (usage & PSA_KEY_USAGE_DERIVE) { /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_SEED, - input, sizeof( input ) ) ); + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); + if (PSA_ALG_IS_TLS12_PRF(kdf_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_SEED, + input, sizeof(input))); } - PSA_ASSERT( mbedtls_test_psa_key_agreement_with_self( &operation, key ) ); - - if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_LABEL, - input, sizeof( input ) ) ); - } - else if( PSA_ALG_IS_HKDF( kdf_alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_INFO, - input, sizeof( input ) ) ); + PSA_ASSERT(mbedtls_test_psa_key_agreement_with_self(&operation, key)); + + if (PSA_ALG_IS_TLS12_PRF(kdf_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_LABEL, + input, sizeof(input))); + } else if (PSA_ALG_IS_HKDF(kdf_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + input, sizeof(input))); } - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output, - sizeof( output ) ) ); - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output, + sizeof(output))); + PSA_ASSERT(psa_key_derivation_abort(&operation)); } ok = 1; exit: - return( ok ); + return ok; } int mbedtls_test_psa_exported_key_sanity_check( psa_key_type_t type, size_t bits, - const uint8_t *exported, size_t exported_length ) + const uint8_t *exported, size_t exported_length) { - TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_OUTPUT_SIZE( type, bits ) ); + TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_OUTPUT_SIZE(type, bits)); - if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) - TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) ); - else + if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) { + TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits)); + } else #if defined(MBEDTLS_ASN1_PARSE_C) - if( type == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { - uint8_t *p = (uint8_t*) exported; + if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) { + uint8_t *p = (uint8_t *) exported; const uint8_t *end = exported + exported_length; size_t len; /* RSAPrivateKey ::= SEQUENCE { @@ -695,140 +662,139 @@ int mbedtls_test_psa_exported_key_sanity_check( * coefficient INTEGER, -- (inverse of q) mod p * } */ - TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ), 0 ); - TEST_EQUAL( len, end - p ); - if( ! mbedtls_test_asn1_skip_integer( &p, end, 0, 0, 0 ) ) + TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED), 0); + TEST_EQUAL(len, end - p); + if (!mbedtls_test_asn1_skip_integer(&p, end, 0, 0, 0)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, bits, bits, 1 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, 2, bits, 1 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 2, bits, 1)) { goto exit; + } /* Require d to be at least half the size of n. */ - if( ! mbedtls_test_asn1_skip_integer( &p, end, bits / 2, bits, 1 ) ) + if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits, 1)) { goto exit; + } /* Require p and q to be at most half the size of n, rounded up. */ - if( ! mbedtls_test_asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) ) + if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits / 2 + 1, 1)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits / 2 + 1, 1)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) { goto exit; - TEST_EQUAL( p - end, 0 ); + } + TEST_EQUAL(p - end, 0); - TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE ); - } - else + TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE); + } else #endif /* MBEDTLS_ASN1_PARSE_C */ #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) - { + if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { /* Just the secret value */ - TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) ); + TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits)); - TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE ); - } - else + TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE); + } else #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_ASN1_PARSE_C) - if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) - { - uint8_t *p = (uint8_t*) exported; + if (type == PSA_KEY_TYPE_RSA_PUBLIC_KEY) { + uint8_t *p = (uint8_t *) exported; const uint8_t *end = exported + exported_length; size_t len; /* RSAPublicKey ::= SEQUENCE { * modulus INTEGER, -- n * publicExponent INTEGER } -- e */ - TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ), - 0 ); - TEST_EQUAL( len, end - p ); - if( ! mbedtls_test_asn1_skip_integer( &p, end, bits, bits, 1 ) ) + TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED), + 0); + TEST_EQUAL(len, end - p); + if (!mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, 2, bits, 1 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 2, bits, 1)) { goto exit; - TEST_EQUAL( p - end, 0 ); + } + TEST_EQUAL(p - end, 0); - TEST_ASSERT( exported_length <= - PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( type, bits ) ); - TEST_ASSERT( exported_length <= - PSA_EXPORT_PUBLIC_KEY_MAX_SIZE ); - } - else + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits)); + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + } else #endif /* MBEDTLS_ASN1_PARSE_C */ #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ) - { + if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) { - TEST_ASSERT( exported_length <= - PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( type, bits ) ); - TEST_ASSERT( exported_length <= - PSA_EXPORT_PUBLIC_KEY_MAX_SIZE ); + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits)); + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); - if( PSA_KEY_TYPE_ECC_GET_FAMILY( type ) == PSA_ECC_FAMILY_MONTGOMERY ) - { + if (PSA_KEY_TYPE_ECC_GET_FAMILY(type) == PSA_ECC_FAMILY_MONTGOMERY) { /* The representation of an ECC Montgomery public key is * the raw compressed point */ - TEST_EQUAL( PSA_BITS_TO_BYTES( bits ), exported_length ); - } - else - { + TEST_EQUAL(PSA_BITS_TO_BYTES(bits), exported_length); + } else { /* The representation of an ECC Weierstrass public key is: * - The byte 0x04; * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; * - `y_P` as a `ceiling(m/8)`-byte string, big-endian; * - where m is the bit size associated with the curve. */ - TEST_EQUAL( 1 + 2 * PSA_BITS_TO_BYTES( bits ), exported_length ); - TEST_EQUAL( exported[0], 4 ); + TEST_EQUAL(1 + 2 * PSA_BITS_TO_BYTES(bits), exported_length); + TEST_EQUAL(exported[0], 4); } - } - else + } else #endif /* MBEDTLS_ECP_C */ { (void) exported; - TEST_ASSERT( ! "Sanity check not implemented for this key type" ); + TEST_ASSERT(!"Sanity check not implemented for this key type"); } #if defined(MBEDTLS_DES_C) - if( type == PSA_KEY_TYPE_DES ) - { + if (type == PSA_KEY_TYPE_DES) { /* Check the parity bits. */ unsigned i; - for( i = 0; i < bits / 8; i++ ) - { + for (i = 0; i < bits / 8; i++) { unsigned bit_count = 0; unsigned m; - for( m = 1; m <= 0x100; m <<= 1 ) - { - if( exported[i] & m ) + for (m = 1; m <= 0x100; m <<= 1) { + if (exported[i] & m) { ++bit_count; + } } - TEST_ASSERT( bit_count % 2 != 0 ); + TEST_ASSERT(bit_count % 2 != 0); } } #endif - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } -static int exercise_export_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage ) +static int exercise_export_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *exported = NULL; @@ -836,42 +802,41 @@ static int exercise_export_key( mbedtls_svc_key_id_t key, size_t exported_length = 0; int ok = 0; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE( - psa_get_key_type( &attributes ), - psa_get_key_bits( &attributes ) ); - ASSERT_ALLOC( exported, exported_size ); - - if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 && - ! PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( &attributes ) ) ) - { - TEST_EQUAL( psa_export_key( key, exported, - exported_size, &exported_length ), - PSA_ERROR_NOT_PERMITTED ); + psa_get_key_type(&attributes), + psa_get_key_bits(&attributes)); + ASSERT_ALLOC(exported, exported_size); + + if ((usage & PSA_KEY_USAGE_EXPORT) == 0 && + !PSA_KEY_TYPE_IS_PUBLIC_KEY(psa_get_key_type(&attributes))) { + TEST_EQUAL(psa_export_key(key, exported, + exported_size, &exported_length), + PSA_ERROR_NOT_PERMITTED); ok = 1; goto exit; } - PSA_ASSERT( psa_export_key( key, - exported, exported_size, - &exported_length ) ); + PSA_ASSERT(psa_export_key(key, + exported, exported_size, + &exported_length)); ok = mbedtls_test_psa_exported_key_sanity_check( - psa_get_key_type( &attributes ), psa_get_key_bits( &attributes ), - exported, exported_length ); + psa_get_key_type(&attributes), psa_get_key_bits(&attributes), + exported, exported_length); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( exported ); - return( ok ); + mbedtls_free(exported); + return ok; } -static int exercise_export_public_key( mbedtls_svc_key_id_t key ) +static int exercise_export_public_key(mbedtls_svc_key_id_t key) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t public_type; @@ -880,119 +845,113 @@ static int exercise_export_public_key( mbedtls_svc_key_id_t key ) size_t exported_length = 0; int ok = 0; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( psa_get_key_type( &attributes ) ) ) - { + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + if (!PSA_KEY_TYPE_IS_ASYMMETRIC(psa_get_key_type(&attributes))) { exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE( - psa_get_key_type( &attributes ), - psa_get_key_bits( &attributes ) ); - ASSERT_ALLOC( exported, exported_size ); + psa_get_key_type(&attributes), + psa_get_key_bits(&attributes)); + ASSERT_ALLOC(exported, exported_size); - TEST_EQUAL( psa_export_public_key( key, exported, - exported_size, &exported_length ), - PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL(psa_export_public_key(key, exported, + exported_size, &exported_length), + PSA_ERROR_INVALID_ARGUMENT); ok = 1; goto exit; } public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( - psa_get_key_type( &attributes ) ); - exported_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_type, - psa_get_key_bits( &attributes ) ); - ASSERT_ALLOC( exported, exported_size ); - - PSA_ASSERT( psa_export_public_key( key, - exported, exported_size, - &exported_length ) ); + psa_get_key_type(&attributes)); + exported_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_type, + psa_get_key_bits(&attributes)); + ASSERT_ALLOC(exported, exported_size); + + PSA_ASSERT(psa_export_public_key(key, + exported, exported_size, + &exported_length)); ok = mbedtls_test_psa_exported_key_sanity_check( - public_type, psa_get_key_bits( &attributes ), - exported, exported_length ); + public_type, psa_get_key_bits(&attributes), + exported, exported_length); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( exported ); - return( ok ); + mbedtls_free(exported); + return ok; } -int mbedtls_test_psa_exercise_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +int mbedtls_test_psa_exercise_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { int ok = 0; - if( ! check_key_attributes_sanity( key ) ) - return( 0 ); + if (!check_key_attributes_sanity(key)) { + return 0; + } - if( alg == 0 ) + if (alg == 0) { ok = 1; /* If no algorithm, do nothing (used for raw data "keys"). */ - else if( PSA_ALG_IS_MAC( alg ) ) - ok = exercise_mac_key( key, usage, alg ); - else if( PSA_ALG_IS_CIPHER( alg ) ) - ok = exercise_cipher_key( key, usage, alg ); - else if( PSA_ALG_IS_AEAD( alg ) ) - ok = exercise_aead_key( key, usage, alg ); - else if( PSA_ALG_IS_SIGN( alg ) ) - ok = exercise_signature_key( key, usage, alg ); - else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) - ok = exercise_asymmetric_encryption_key( key, usage, alg ); - else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) - ok = exercise_key_derivation_key( key, usage, alg ); - else if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) ) - ok = exercise_raw_key_agreement_key( key, usage, alg ); - else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) - ok = exercise_key_agreement_key( key, usage, alg ); - else - TEST_ASSERT( ! "No code to exercise this category of algorithm" ); - - ok = ok && exercise_export_key( key, usage ); - ok = ok && exercise_export_public_key( key ); + } else if (PSA_ALG_IS_MAC(alg)) { + ok = exercise_mac_key(key, usage, alg); + } else if (PSA_ALG_IS_CIPHER(alg)) { + ok = exercise_cipher_key(key, usage, alg); + } else if (PSA_ALG_IS_AEAD(alg)) { + ok = exercise_aead_key(key, usage, alg); + } else if (PSA_ALG_IS_SIGN(alg)) { + ok = exercise_signature_key(key, usage, alg); + } else if (PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)) { + ok = exercise_asymmetric_encryption_key(key, usage, alg); + } else if (PSA_ALG_IS_KEY_DERIVATION(alg)) { + ok = exercise_key_derivation_key(key, usage, alg); + } else if (PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { + ok = exercise_raw_key_agreement_key(key, usage, alg); + } else if (PSA_ALG_IS_KEY_AGREEMENT(alg)) { + ok = exercise_key_agreement_key(key, usage, alg); + } else { + TEST_ASSERT(!"No code to exercise this category of algorithm"); + } + + ok = ok && exercise_export_key(key, usage); + ok = ok && exercise_export_public_key(key); exit: - return( ok ); + return ok; } -psa_key_usage_t mbedtls_test_psa_usage_to_exercise( psa_key_type_t type, - psa_algorithm_t alg ) +psa_key_usage_t mbedtls_test_psa_usage_to_exercise(psa_key_type_t type, + psa_algorithm_t alg) { - if( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) ) - { - if( PSA_ALG_IS_SIGN_HASH( alg ) ) - { - if( PSA_ALG_SIGN_GET_HASH( alg ) ) - return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE: - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | - PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE ); + if (PSA_ALG_IS_MAC(alg) || PSA_ALG_IS_SIGN(alg)) { + if (PSA_ALG_IS_SIGN_HASH(alg)) { + if (PSA_ALG_SIGN_GET_HASH(alg)) { + return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ? + PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE : + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE; + } + } else if (PSA_ALG_IS_SIGN_MESSAGE(alg)) { + return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ? + PSA_KEY_USAGE_VERIFY_MESSAGE : + PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE; } - else if( PSA_ALG_IS_SIGN_MESSAGE( alg) ) - return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_VERIFY_MESSAGE : - PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE ); - - return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_VERIFY_HASH : - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); - } - else if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) || - PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) - { - return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_ENCRYPT : - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - } - else if( PSA_ALG_IS_KEY_DERIVATION( alg ) || - PSA_ALG_IS_KEY_AGREEMENT( alg ) ) - { - return( PSA_KEY_USAGE_DERIVE ); - } - else - { - return( 0 ); + + return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ? + PSA_KEY_USAGE_VERIFY_HASH : + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH; + } else if (PSA_ALG_IS_CIPHER(alg) || PSA_ALG_IS_AEAD(alg) || + PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)) { + return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ? + PSA_KEY_USAGE_ENCRYPT : + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; + } else if (PSA_ALG_IS_KEY_DERIVATION(alg) || + PSA_ALG_IS_KEY_AGREEMENT(alg)) { + return PSA_KEY_USAGE_DERIVE; + } else { + return 0; } } diff --git a/tests/src/random.c b/tests/src/random.c index 7f3f40166ccf..e74e6895499e 100644 --- a/tests/src/random.c +++ b/tests/src/random.c @@ -37,109 +37,111 @@ #include -int mbedtls_test_rnd_std_rand( void *rng_state, - unsigned char *output, - size_t len ) +int mbedtls_test_rnd_std_rand(void *rng_state, + unsigned char *output, + size_t len) { #if !defined(__OpenBSD__) && !defined(__NetBSD__) size_t i; - if( rng_state != NULL ) + if (rng_state != NULL) { rng_state = NULL; + } - for( i = 0; i < len; ++i ) + for (i = 0; i < len; ++i) { output[i] = rand(); + } #else - if( rng_state != NULL ) + if (rng_state != NULL) { rng_state = NULL; + } - arc4random_buf( output, len ); + arc4random_buf(output, len); #endif /* !OpenBSD && !NetBSD */ - return( 0 ); + return 0; } -int mbedtls_test_rnd_zero_rand( void *rng_state, - unsigned char *output, - size_t len ) +int mbedtls_test_rnd_zero_rand(void *rng_state, + unsigned char *output, + size_t len) { - if( rng_state != NULL ) + if (rng_state != NULL) { rng_state = NULL; + } - memset( output, 0, len ); + memset(output, 0, len); - return( 0 ); + return 0; } -int mbedtls_test_rnd_buffer_rand( void *rng_state, - unsigned char *output, - size_t len ) +int mbedtls_test_rnd_buffer_rand(void *rng_state, + unsigned char *output, + size_t len) { mbedtls_test_rnd_buf_info *info = (mbedtls_test_rnd_buf_info *) rng_state; size_t use_len; - if( rng_state == NULL ) - return( mbedtls_test_rnd_std_rand( NULL, output, len ) ); + if (rng_state == NULL) { + return mbedtls_test_rnd_std_rand(NULL, output, len); + } use_len = len; - if( len > info->length ) + if (len > info->length) { use_len = info->length; + } - if( use_len ) - { - memcpy( output, info->buf, use_len ); + if (use_len) { + memcpy(output, info->buf, use_len); info->buf += use_len; info->length -= use_len; } - if( len - use_len > 0 ) - { - if( info->fallback_f_rng != NULL ) - { - return( info->fallback_f_rng( info->fallback_p_rng, - output + use_len, - len - use_len ) ); + if (len - use_len > 0) { + if (info->fallback_f_rng != NULL) { + return info->fallback_f_rng(info->fallback_p_rng, + output + use_len, + len - use_len); + } else { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } - else - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); } - return( 0 ); + return 0; } -int mbedtls_test_rnd_pseudo_rand( void *rng_state, - unsigned char *output, - size_t len ) +int mbedtls_test_rnd_pseudo_rand(void *rng_state, + unsigned char *output, + size_t len) { mbedtls_test_rnd_pseudo_info *info = (mbedtls_test_rnd_pseudo_info *) rng_state; - uint32_t i, *k, sum, delta=0x9E3779B9; + uint32_t i, *k, sum, delta = 0x9E3779B9; unsigned char result[4], *out = output; - if( rng_state == NULL ) - return( mbedtls_test_rnd_std_rand( NULL, output, len ) ); + if (rng_state == NULL) { + return mbedtls_test_rnd_std_rand(NULL, output, len); + } k = info->key; - while( len > 0 ) - { - size_t use_len = ( len > 4 ) ? 4 : len; + while (len > 0) { + size_t use_len = (len > 4) ? 4 : len; sum = 0; - for( i = 0; i < 32; i++ ) - { - info->v0 += ( ( ( info->v1 << 4 ) ^ ( info->v1 >> 5 ) ) - + info->v1 ) ^ ( sum + k[sum & 3] ); + for (i = 0; i < 32; i++) { + info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + + info->v1) ^ (sum + k[sum & 3]); sum += delta; - info->v1 += ( ( ( info->v0 << 4 ) ^ ( info->v0 >> 5 ) ) - + info->v0 ) ^ ( sum + k[( sum>>11 ) & 3] ); + info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + + info->v0) ^ (sum + k[(sum>>11) & 3]); } - PUT_UINT32_BE( info->v0, result, 0 ); - memcpy( out, result, use_len ); + PUT_UINT32_BE(info->v0, result, 0); + memcpy(out, result, use_len); len -= use_len; out += 4; } - return( 0 ); + return 0; } diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c index ca91b7933a5c..ae6e59072a1d 100644 --- a/tests/src/threading_helpers.c +++ b/tests/src/threading_helpers.c @@ -70,8 +70,7 @@ * indicate the exact location of the problematic call. To locate the error, * use a debugger and set a breakpoint on mbedtls_test_mutex_usage_error(). */ -enum value_of_mutex_is_valid_field -{ +enum value_of_mutex_is_valid_field { /* Potential values for the is_valid field of mbedtls_threading_mutex_t. * Note that MUTEX_FREED must be 0 and MUTEX_IDLE must be 1 for * compatibility with threading_mutex_init_pthread() and @@ -82,12 +81,11 @@ enum value_of_mutex_is_valid_field MUTEX_LOCKED = 2, //!< Set by our lock }; -typedef struct -{ - void (*init)( mbedtls_threading_mutex_t * ); - void (*free)( mbedtls_threading_mutex_t * ); - int (*lock)( mbedtls_threading_mutex_t * ); - int (*unlock)( mbedtls_threading_mutex_t * ); +typedef struct { + void (*init)(mbedtls_threading_mutex_t *); + void (*free)(mbedtls_threading_mutex_t *); + int (*lock)(mbedtls_threading_mutex_t *); + int (*unlock)(mbedtls_threading_mutex_t *); } mutex_functions_t; static mutex_functions_t mutex_functions; @@ -98,94 +96,96 @@ static mutex_functions_t mutex_functions; */ static int live_mutexes; -static void mbedtls_test_mutex_usage_error( mbedtls_threading_mutex_t *mutex, - const char *msg ) +static void mbedtls_test_mutex_usage_error(mbedtls_threading_mutex_t *mutex, + const char *msg) { (void) mutex; - if( mbedtls_test_info.mutex_usage_error == NULL ) + if (mbedtls_test_info.mutex_usage_error == NULL) { mbedtls_test_info.mutex_usage_error = msg; - mbedtls_fprintf( stdout, "[mutex: %s] ", msg ); + } + mbedtls_fprintf(stdout, "[mutex: %s] ", msg); /* Don't mark the test as failed yet. This way, if the test fails later * for a functional reason, the test framework will report the message * and location for this functional reason. If the test passes, * mbedtls_test_mutex_usage_check() will mark it as failed. */ } -static void mbedtls_test_wrap_mutex_init( mbedtls_threading_mutex_t *mutex ) +static void mbedtls_test_wrap_mutex_init(mbedtls_threading_mutex_t *mutex) { - mutex_functions.init( mutex ); - if( mutex->is_valid ) + mutex_functions.init(mutex); + if (mutex->is_valid) { ++live_mutexes; + } } -static void mbedtls_test_wrap_mutex_free( mbedtls_threading_mutex_t *mutex ) +static void mbedtls_test_wrap_mutex_free(mbedtls_threading_mutex_t *mutex) { - switch( mutex->is_valid ) - { + switch (mutex->is_valid) { case MUTEX_FREED: - mbedtls_test_mutex_usage_error( mutex, "free without init or double free" ); + mbedtls_test_mutex_usage_error(mutex, "free without init or double free"); break; case MUTEX_IDLE: /* Do nothing. The underlying free function will reset is_valid * to 0. */ break; case MUTEX_LOCKED: - mbedtls_test_mutex_usage_error( mutex, "free without unlock" ); + mbedtls_test_mutex_usage_error(mutex, "free without unlock"); break; default: - mbedtls_test_mutex_usage_error( mutex, "corrupted state" ); + mbedtls_test_mutex_usage_error(mutex, "corrupted state"); break; } - if( mutex->is_valid ) + if (mutex->is_valid) { --live_mutexes; - mutex_functions.free( mutex ); + } + mutex_functions.free(mutex); } -static int mbedtls_test_wrap_mutex_lock( mbedtls_threading_mutex_t *mutex ) +static int mbedtls_test_wrap_mutex_lock(mbedtls_threading_mutex_t *mutex) { - int ret = mutex_functions.lock( mutex ); - switch( mutex->is_valid ) - { + int ret = mutex_functions.lock(mutex); + switch (mutex->is_valid) { case MUTEX_FREED: - mbedtls_test_mutex_usage_error( mutex, "lock without init" ); + mbedtls_test_mutex_usage_error(mutex, "lock without init"); break; case MUTEX_IDLE: - if( ret == 0 ) + if (ret == 0) { mutex->is_valid = 2; + } break; case MUTEX_LOCKED: - mbedtls_test_mutex_usage_error( mutex, "double lock" ); + mbedtls_test_mutex_usage_error(mutex, "double lock"); break; default: - mbedtls_test_mutex_usage_error( mutex, "corrupted state" ); + mbedtls_test_mutex_usage_error(mutex, "corrupted state"); break; } - return( ret ); + return ret; } -static int mbedtls_test_wrap_mutex_unlock( mbedtls_threading_mutex_t *mutex ) +static int mbedtls_test_wrap_mutex_unlock(mbedtls_threading_mutex_t *mutex) { - int ret = mutex_functions.unlock( mutex ); - switch( mutex->is_valid ) - { + int ret = mutex_functions.unlock(mutex); + switch (mutex->is_valid) { case MUTEX_FREED: - mbedtls_test_mutex_usage_error( mutex, "unlock without init" ); + mbedtls_test_mutex_usage_error(mutex, "unlock without init"); break; case MUTEX_IDLE: - mbedtls_test_mutex_usage_error( mutex, "unlock without lock" ); + mbedtls_test_mutex_usage_error(mutex, "unlock without lock"); break; case MUTEX_LOCKED: - if( ret == 0 ) + if (ret == 0) { mutex->is_valid = MUTEX_IDLE; + } break; default: - mbedtls_test_mutex_usage_error( mutex, "corrupted state" ); + mbedtls_test_mutex_usage_error(mutex, "corrupted state"); break; } - return( ret ); + return ret; } -void mbedtls_test_mutex_usage_init( void ) +void mbedtls_test_mutex_usage_init(void) { mutex_functions.init = mbedtls_mutex_init; mutex_functions.free = mbedtls_mutex_free; @@ -197,25 +197,24 @@ void mbedtls_test_mutex_usage_init( void ) mbedtls_mutex_unlock = &mbedtls_test_wrap_mutex_unlock; } -void mbedtls_test_mutex_usage_check( void ) +void mbedtls_test_mutex_usage_check(void) { - if( live_mutexes != 0 ) - { + if (live_mutexes != 0) { /* A positive number (more init than free) means that a mutex resource * is leaking (on platforms where a mutex consumes more than the * mbedtls_threading_mutex_t object itself). The rare case of a * negative number means a missing init somewhere. */ - mbedtls_fprintf( stdout, "[mutex: %d leaked] ", live_mutexes ); + mbedtls_fprintf(stdout, "[mutex: %d leaked] ", live_mutexes); live_mutexes = 0; - if( mbedtls_test_info.mutex_usage_error == NULL ) + if (mbedtls_test_info.mutex_usage_error == NULL) { mbedtls_test_info.mutex_usage_error = "missing free"; + } } - if( mbedtls_test_info.mutex_usage_error != NULL && - mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED ) - { + if (mbedtls_test_info.mutex_usage_error != NULL && + mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED) { /* Functionally, the test passed. But there was a mutex usage error, * so mark the test as failed after all. */ - mbedtls_test_fail( "Mutex usage error", __LINE__, __FILE__ ); + mbedtls_test_fail("Mutex usage error", __LINE__, __FILE__); } mbedtls_test_info.mutex_usage_error = NULL; } diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index c085b18846dc..eb0dc03fb484 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -68,11 +68,11 @@ jmp_buf jmp_tmp; /* Indicates whether we expect mbedtls_entropy_init * to initialize some strong entropy source. */ #if defined(MBEDTLS_TEST_NULL_ENTROPY) || \ - ( !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \ - ( !defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \ - defined(MBEDTLS_HAVEGE_C) || \ - defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \ - defined(ENTROPY_NV_SEED) ) ) + (!defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \ + (!defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \ + defined(MBEDTLS_HAVEGE_C) || \ + defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \ + defined(ENTROPY_NV_SEED))) #define ENTROPY_HAVE_STRONG #endif @@ -87,65 +87,60 @@ jmp_buf jmp_tmp; * * \return 0 if the key store is empty, 1 otherwise. */ -int test_fail_if_psa_leaking( int line_no, const char *filename ) +int test_fail_if_psa_leaking(int line_no, const char *filename) { - const char *msg = mbedtls_test_helper_is_psa_leaking( ); - if( msg == NULL ) + const char *msg = mbedtls_test_helper_is_psa_leaking(); + if (msg == NULL) { return 0; - else - { - mbedtls_test_fail( msg, line_no, filename ); + } else { + mbedtls_test_fail(msg, line_no, filename); return 1; } } #endif /* defined(MBEDTLS_PSA_CRYPTO_C) */ #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) -static int redirect_output( FILE* out_stream, const char* path ) +static int redirect_output(FILE *out_stream, const char *path) { int out_fd, dup_fd; - FILE* path_stream; + FILE *path_stream; - out_fd = fileno( out_stream ); - dup_fd = dup( out_fd ); + out_fd = fileno(out_stream); + dup_fd = dup(out_fd); - if( dup_fd == -1 ) - { - return( -1 ); + if (dup_fd == -1) { + return -1; } - path_stream = fopen( path, "w" ); - if( path_stream == NULL ) - { - close( dup_fd ); - return( -1 ); + path_stream = fopen(path, "w"); + if (path_stream == NULL) { + close(dup_fd); + return -1; } - fflush( out_stream ); - if( dup2( fileno( path_stream ), out_fd ) == -1 ) - { - close( dup_fd ); - fclose( path_stream ); - return( -1 ); + fflush(out_stream); + if (dup2(fileno(path_stream), out_fd) == -1) { + close(dup_fd); + fclose(path_stream); + return -1; } - fclose( path_stream ); - return( dup_fd ); + fclose(path_stream); + return dup_fd; } -static int restore_output( FILE* out_stream, int dup_fd ) +static int restore_output(FILE *out_stream, int dup_fd) { - int out_fd = fileno( out_stream ); - - fflush( out_stream ); - if( dup2( dup_fd, out_fd ) == -1 ) - { - close( out_fd ); - close( dup_fd ); - return( -1 ); + int out_fd = fileno(out_stream); + + fflush(out_stream); + if (dup2(dup_fd, out_fd) == -1) { + close(out_fd); + close(dup_fd); + return -1; } - close( dup_fd ); - return( 0 ); + close(dup_fd); + return 0; } #endif /* __unix__ || __APPLE__ __MACH__ */ diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index bb06822836be..475a9c835bf6 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -8,20 +8,19 @@ * * \return 0 if success else 1 */ -int verify_string( char **str ) +int verify_string(char **str) { - if( ( *str )[0] != '"' || - ( *str )[strlen( *str ) - 1] != '"' ) - { - mbedtls_fprintf( stderr, - "Expected string (with \"\") for parameter and got: %s\n", *str ); - return( -1 ); + if ((*str)[0] != '"' || + (*str)[strlen(*str) - 1] != '"') { + mbedtls_fprintf(stderr, + "Expected string (with \"\") for parameter and got: %s\n", *str); + return -1; } - ( *str )++; - ( *str )[strlen( *str ) - 1] = '\0'; + (*str)++; + (*str)[strlen(*str) - 1] = '\0'; - return( 0 ); + return 0; } /** @@ -33,50 +32,46 @@ int verify_string( char **str ) * * \return 0 if success else 1 */ -int verify_int( char *str, int32_t *value ) +int verify_int(char *str, int32_t *value) { size_t i; int minus = 0; int digits = 1; int hex = 0; - for( i = 0; i < strlen( str ); i++ ) - { - if( i == 0 && str[i] == '-' ) - { + for (i = 0; i < strlen(str); i++) { + if (i == 0 && str[i] == '-') { minus = 1; continue; } - if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) && - str[i - 1] == '0' && ( str[i] == 'x' || str[i] == 'X' ) ) - { + if (((minus && i == 2) || (!minus && i == 1)) && + str[i - 1] == '0' && (str[i] == 'x' || str[i] == 'X')) { hex = 1; continue; } - if( ! ( ( str[i] >= '0' && str[i] <= '9' ) || - ( hex && ( ( str[i] >= 'a' && str[i] <= 'f' ) || - ( str[i] >= 'A' && str[i] <= 'F' ) ) ) ) ) - { + if (!((str[i] >= '0' && str[i] <= '9') || + (hex && ((str[i] >= 'a' && str[i] <= 'f') || + (str[i] >= 'A' && str[i] <= 'F'))))) { digits = 0; break; } } - if( digits ) - { - if( hex ) - *value = strtol( str, NULL, 16 ); - else - *value = strtol( str, NULL, 10 ); + if (digits) { + if (hex) { + *value = strtol(str, NULL, 16); + } else { + *value = strtol(str, NULL, 10); + } - return( 0 ); + return 0; } - mbedtls_fprintf( stderr, - "Expected integer for parameter and got: %s\n", str ); - return( KEY_VALUE_MAPPING_NOT_FOUND ); + mbedtls_fprintf(stderr, + "Expected integer for parameter and got: %s\n", str); + return KEY_VALUE_MAPPING_NOT_FOUND; } @@ -107,44 +102,45 @@ int verify_int( char *str, int32_t *value ) * * \return 0 if success else -1 */ -int get_line( FILE *f, char *buf, size_t len ) +int get_line(FILE *f, char *buf, size_t len) { char *ret; int i = 0, str_len = 0, has_string = 0; /* Read until we get a valid line */ - do - { - ret = fgets( buf, len, f ); - if( ret == NULL ) - return( -1 ); + do { + ret = fgets(buf, len, f); + if (ret == NULL) { + return -1; + } - str_len = strlen( buf ); + str_len = strlen(buf); /* Skip empty line and comment */ - if ( str_len == 0 || buf[0] == '#' ) + if (str_len == 0 || buf[0] == '#') { continue; + } has_string = 0; - for ( i = 0; i < str_len; i++ ) - { + for (i = 0; i < str_len; i++) { char c = buf[i]; - if ( c != ' ' && c != '\t' && c != '\n' && - c != '\v' && c != '\f' && c != '\r' ) - { + if (c != ' ' && c != '\t' && c != '\n' && + c != '\v' && c != '\f' && c != '\r') { has_string = 1; break; } } - } while( !has_string ); + } while (!has_string); /* Strip new line and carriage return */ - ret = buf + strlen( buf ); - if( ret-- > buf && *ret == '\n' ) + ret = buf + strlen(buf); + if (ret-- > buf && *ret == '\n') { *ret = '\0'; - if( ret-- > buf && *ret == '\r' ) + } + if (ret-- > buf && *ret == '\r') { *ret = '\0'; + } - return( 0 ); + return 0; } /** @@ -157,8 +153,8 @@ int get_line( FILE *f, char *buf, size_t len ) * * \return Count of strings found. */ -static int parse_arguments( char *buf, size_t len, char **params, - size_t params_len ) +static int parse_arguments(char *buf, size_t len, char **params, + size_t params_len) { size_t cnt = 0, i; char *cur = buf; @@ -166,20 +162,16 @@ static int parse_arguments( char *buf, size_t len, char **params, params[cnt++] = cur; - while( *p != '\0' && p < ( buf + len ) ) - { - if( *p == '\\' ) - { + while (*p != '\0' && p < (buf + len)) { + if (*p == '\\') { p++; p++; continue; } - if( *p == ':' ) - { - if( p + 1 < buf + len ) - { + if (*p == ':') { + if (p + 1 < buf + len) { cur = p + 1; - TEST_HELPER_ASSERT( cnt < params_len ); + TEST_HELPER_ASSERT(cnt < params_len); params[cnt++] = cur; } *p = '\0'; @@ -189,35 +181,28 @@ static int parse_arguments( char *buf, size_t len, char **params, } /* Replace newlines, question marks and colons in strings */ - for( i = 0; i < cnt; i++ ) - { + for (i = 0; i < cnt; i++) { p = params[i]; q = params[i]; - while( *p != '\0' ) - { - if( *p == '\\' && *( p + 1 ) == 'n' ) - { + while (*p != '\0') { + if (*p == '\\' && *(p + 1) == 'n') { p += 2; - *( q++ ) = '\n'; - } - else if( *p == '\\' && *( p + 1 ) == ':' ) - { + *(q++) = '\n'; + } else if (*p == '\\' && *(p + 1) == ':') { p += 2; - *( q++ ) = ':'; - } - else if( *p == '\\' && *( p + 1 ) == '?' ) - { + *(q++) = ':'; + } else if (*p == '\\' && *(p + 1) == '?') { p += 2; - *( q++ ) = '?'; + *(q++) = '?'; + } else { + *(q++) = *(p++); } - else - *( q++ ) = *( p++ ); } *q = '\0'; } - return( cnt ); + return cnt; } /** @@ -238,81 +223,59 @@ static int parse_arguments( char *buf, size_t len, char **params, * * \return 0 for success else 1 */ -static int convert_params( size_t cnt , char ** params , int32_t * int_params_store ) +static int convert_params(size_t cnt, char **params, int32_t *int_params_store) { - char ** cur = params; - char ** out = params; + char **cur = params; + char **out = params; int ret = DISPATCH_TEST_SUCCESS; - while ( cur < params + cnt ) - { - char * type = *cur++; - char * val = *cur++; + while (cur < params + cnt) { + char *type = *cur++; + char *val = *cur++; - if ( strcmp( type, "char*" ) == 0 ) - { - if ( verify_string( &val ) == 0 ) - { - *out++ = val; - } - else - { - ret = ( DISPATCH_INVALID_TEST_DATA ); + if (strcmp(type, "char*") == 0) { + if (verify_string(&val) == 0) { + *out++ = val; + } else { + ret = (DISPATCH_INVALID_TEST_DATA); break; } - } - else if ( strcmp( type, "int" ) == 0 ) - { - if ( verify_int( val, int_params_store ) == 0 ) - { - *out++ = (char *) int_params_store++; - } - else - { - ret = ( DISPATCH_INVALID_TEST_DATA ); + } else if (strcmp(type, "int") == 0) { + if (verify_int(val, int_params_store) == 0) { + *out++ = (char *) int_params_store++; + } else { + ret = (DISPATCH_INVALID_TEST_DATA); break; } - } - else if ( strcmp( type, "hex" ) == 0 ) - { - if ( verify_string( &val ) == 0 ) - { + } else if (strcmp(type, "hex") == 0) { + if (verify_string(&val) == 0) { size_t len; TEST_HELPER_ASSERT( - mbedtls_test_unhexify( (unsigned char *) val, strlen( val ), - val, &len ) == 0 ); + mbedtls_test_unhexify((unsigned char *) val, strlen(val), + val, &len) == 0); *int_params_store = len; *out++ = val; - *out++ = (char *)(int_params_store++); - } - else - { - ret = ( DISPATCH_INVALID_TEST_DATA ); + *out++ = (char *) (int_params_store++); + } else { + ret = (DISPATCH_INVALID_TEST_DATA); break; } - } - else if ( strcmp( type, "exp" ) == 0 ) - { - int exp_id = strtol( val, NULL, 10 ); - if ( get_expression ( exp_id, int_params_store ) == 0 ) - { - *out++ = (char *)int_params_store++; - } - else - { - ret = ( DISPATCH_INVALID_TEST_DATA ); - break; + } else if (strcmp(type, "exp") == 0) { + int exp_id = strtol(val, NULL, 10); + if (get_expression(exp_id, int_params_store) == 0) { + *out++ = (char *) int_params_store++; + } else { + ret = (DISPATCH_INVALID_TEST_DATA); + break; } - } - else - { - ret = ( DISPATCH_INVALID_TEST_DATA ); - break; + } else { + ret = (DISPATCH_INVALID_TEST_DATA); + break; } } - return( ret ); + return ret; } /** @@ -335,26 +298,27 @@ static int convert_params( size_t cnt , char ** params , int32_t * int_params_st #if defined(__GNUC__) __attribute__((__noinline__)) #endif -static int test_snprintf( size_t n, const char *ref_buf, int ref_ret ) +static int test_snprintf(size_t n, const char *ref_buf, int ref_ret) { int ret; char buf[10] = "xxxxxxxxx"; const char ref[10] = "xxxxxxxxx"; - if( n >= sizeof( buf ) ) - return( -1 ); - ret = mbedtls_snprintf( buf, n, "%s", "123" ); - if( ret < 0 || (size_t) ret >= n ) + if (n >= sizeof(buf)) { + return -1; + } + ret = mbedtls_snprintf(buf, n, "%s", "123"); + if (ret < 0 || (size_t) ret >= n) { ret = -1; + } - if( strncmp( ref_buf, buf, sizeof( buf ) ) != 0 || + if (strncmp(ref_buf, buf, sizeof(buf)) != 0 || ref_ret != ret || - memcmp( buf + n, ref + n, sizeof( buf ) - n ) != 0 ) - { - return( 1 ); + memcmp(buf + n, ref + n, sizeof(buf) - n) != 0) { + return 1; } - return( 0 ); + return 0; } /** @@ -362,14 +326,14 @@ static int test_snprintf( size_t n, const char *ref_buf, int ref_ret ) * * \return 0 for success else 1 */ -static int run_test_snprintf( void ) +static int run_test_snprintf(void) { - return( test_snprintf( 0, "xxxxxxxxx", -1 ) != 0 || - test_snprintf( 1, "", -1 ) != 0 || - test_snprintf( 2, "1", -1 ) != 0 || - test_snprintf( 3, "12", -1 ) != 0 || - test_snprintf( 4, "123", 3 ) != 0 || - test_snprintf( 5, "123", 3 ) != 0 ); + return test_snprintf(0, "xxxxxxxxx", -1) != 0 || + test_snprintf(1, "", -1) != 0 || + test_snprintf(2, "1", -1) != 0 || + test_snprintf(3, "12", -1) != 0 || + test_snprintf(4, "123", 3) != 0 || + test_snprintf(5, "123", 3) != 0; } /** \brief Write the description of the test case to the outcome CSV file. @@ -379,43 +343,44 @@ static int run_test_snprintf( void ) * \param argv0 The test suite name. * \param test_case The test case description. */ -static void write_outcome_entry( FILE *outcome_file, - const char *argv0, - const char *test_case ) +static void write_outcome_entry(FILE *outcome_file, + const char *argv0, + const char *test_case) { /* The non-varying fields are initialized on first use. */ static const char *platform = NULL; static const char *configuration = NULL; static const char *test_suite = NULL; - if( outcome_file == NULL ) + if (outcome_file == NULL) { return; + } - if( platform == NULL ) - { - platform = getenv( "MBEDTLS_TEST_PLATFORM" ); - if( platform == NULL ) + if (platform == NULL) { + platform = getenv("MBEDTLS_TEST_PLATFORM"); + if (platform == NULL) { platform = "unknown"; + } } - if( configuration == NULL ) - { - configuration = getenv( "MBEDTLS_TEST_CONFIGURATION" ); - if( configuration == NULL ) + if (configuration == NULL) { + configuration = getenv("MBEDTLS_TEST_CONFIGURATION"); + if (configuration == NULL) { configuration = "unknown"; + } } - if( test_suite == NULL ) - { - test_suite = strrchr( argv0, '/' ); - if( test_suite != NULL ) + if (test_suite == NULL) { + test_suite = strrchr(argv0, '/'); + if (test_suite != NULL) { test_suite += 1; // skip the '/' - else + } else { test_suite = argv0; + } } /* Write the beginning of the outcome line. * Ignore errors: writing the outcome file is on a best-effort basis. */ - mbedtls_fprintf( outcome_file, "%s;%s;%s;%s;", - platform, configuration, test_suite, test_case ); + mbedtls_fprintf(outcome_file, "%s;%s;%s;%s;", + platform, configuration, test_suite, test_case); } /** \brief Write the result of the test case to the outcome CSV file. @@ -429,65 +394,63 @@ static void write_outcome_entry( FILE *outcome_file, * \param ret The test dispatch status (DISPATCH_xxx). * \param info A pointer to the test info structure. */ -static void write_outcome_result( FILE *outcome_file, - size_t unmet_dep_count, - int unmet_dependencies[], - int missing_unmet_dependencies, - int ret, - const mbedtls_test_info_t *info ) +static void write_outcome_result(FILE *outcome_file, + size_t unmet_dep_count, + int unmet_dependencies[], + int missing_unmet_dependencies, + int ret, + const mbedtls_test_info_t *info) { - if( outcome_file == NULL ) + if (outcome_file == NULL) { return; + } /* Write the end of the outcome line. * Ignore errors: writing the outcome file is on a best-effort basis. */ - switch( ret ) - { + switch (ret) { case DISPATCH_TEST_SUCCESS: - if( unmet_dep_count > 0 ) - { + if (unmet_dep_count > 0) { size_t i; - mbedtls_fprintf( outcome_file, "SKIP" ); - for( i = 0; i < unmet_dep_count; i++ ) - { - mbedtls_fprintf( outcome_file, "%c%d", - i == 0 ? ';' : ':', - unmet_dependencies[i] ); + mbedtls_fprintf(outcome_file, "SKIP"); + for (i = 0; i < unmet_dep_count; i++) { + mbedtls_fprintf(outcome_file, "%c%d", + i == 0 ? ';' : ':', + unmet_dependencies[i]); + } + if (missing_unmet_dependencies) { + mbedtls_fprintf(outcome_file, ":..."); } - if( missing_unmet_dependencies ) - mbedtls_fprintf( outcome_file, ":..." ); break; } - switch( info->result ) - { + switch (info->result) { case MBEDTLS_TEST_RESULT_SUCCESS: - mbedtls_fprintf( outcome_file, "PASS;" ); + mbedtls_fprintf(outcome_file, "PASS;"); break; case MBEDTLS_TEST_RESULT_SKIPPED: - mbedtls_fprintf( outcome_file, "SKIP;Runtime skip" ); + mbedtls_fprintf(outcome_file, "SKIP;Runtime skip"); break; default: - mbedtls_fprintf( outcome_file, "FAIL;%s:%d:%s", - info->filename, info->line_no, - info->test ); + mbedtls_fprintf(outcome_file, "FAIL;%s:%d:%s", + info->filename, info->line_no, + info->test); break; } break; case DISPATCH_TEST_FN_NOT_FOUND: - mbedtls_fprintf( outcome_file, "FAIL;Test function not found" ); + mbedtls_fprintf(outcome_file, "FAIL;Test function not found"); break; case DISPATCH_INVALID_TEST_DATA: - mbedtls_fprintf( outcome_file, "FAIL;Invalid test data" ); + mbedtls_fprintf(outcome_file, "FAIL;Invalid test data"); break; case DISPATCH_UNSUPPORTED_SUITE: - mbedtls_fprintf( outcome_file, "SKIP;Unsupported suite" ); + mbedtls_fprintf(outcome_file, "SKIP;Unsupported suite"); break; default: - mbedtls_fprintf( outcome_file, "FAIL;Unknown cause" ); + mbedtls_fprintf(outcome_file, "FAIL;Unknown cause"); break; } - mbedtls_fprintf( outcome_file, "\n" ); - fflush( outcome_file ); + mbedtls_fprintf(outcome_file, "\n"); + fflush(outcome_file); } /** @@ -500,7 +463,7 @@ static void write_outcome_result( FILE *outcome_file, * * \return Program exit status. */ -int execute_tests( int argc , const char ** argv ) +int execute_tests(int argc, const char **argv) { /* Local Configurations and options */ const char *default_filename = "DATA_FILE"; @@ -525,17 +488,17 @@ int execute_tests( int argc , const char ** argv ) #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) int stdout_fd = -1; #endif /* __unix__ || __APPLE__ __MACH__ */ - const char *outcome_file_name = getenv( "MBEDTLS_TEST_OUTCOME_FILE" ); + const char *outcome_file_name = getenv("MBEDTLS_TEST_OUTCOME_FILE"); FILE *outcome_file = NULL; #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC) unsigned char alloc_buf[1000000]; - mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof( alloc_buf ) ); + mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); #endif #if defined(MBEDTLS_TEST_MUTEX_USAGE) - mbedtls_test_mutex_usage_init( ); + mbedtls_test_mutex_usage_init(); #endif /* @@ -543,52 +506,42 @@ int execute_tests( int argc , const char ** argv ) * of a NULL pointer. We do however use that in our code for initializing * structures, which should work on every modern platform. Let's be sure. */ - memset( &pointer, 0, sizeof( void * ) ); - if( pointer != NULL ) - { - mbedtls_fprintf( stderr, "all-bits-zero is not a NULL pointer\n" ); - return( 1 ); + memset(&pointer, 0, sizeof(void *)); + if (pointer != NULL) { + mbedtls_fprintf(stderr, "all-bits-zero is not a NULL pointer\n"); + return 1; } /* * Make sure we have a snprintf that correctly zero-terminates */ - if( run_test_snprintf() != 0 ) - { - mbedtls_fprintf( stderr, "the snprintf implementation is broken\n" ); - return( 1 ); + if (run_test_snprintf() != 0) { + mbedtls_fprintf(stderr, "the snprintf implementation is broken\n"); + return 1; } - if( outcome_file_name != NULL && *outcome_file_name != '\0' ) - { - outcome_file = fopen( outcome_file_name, "a" ); - if( outcome_file == NULL ) - { - mbedtls_fprintf( stderr, "Unable to open outcome file. Continuing anyway.\n" ); + if (outcome_file_name != NULL && *outcome_file_name != '\0') { + outcome_file = fopen(outcome_file_name, "a"); + if (outcome_file == NULL) { + mbedtls_fprintf(stderr, "Unable to open outcome file. Continuing anyway.\n"); } } - while( arg_index < argc ) - { + while (arg_index < argc) { next_arg = argv[arg_index]; - if( strcmp( next_arg, "--verbose" ) == 0 || - strcmp( next_arg, "-v" ) == 0 ) - { + if (strcmp(next_arg, "--verbose") == 0 || + strcmp(next_arg, "-v") == 0) { option_verbose = 1; - } - else if( strcmp(next_arg, "--help" ) == 0 || - strcmp(next_arg, "-h" ) == 0 ) - { - mbedtls_fprintf( stdout, USAGE ); - mbedtls_exit( EXIT_SUCCESS ); - } - else - { + } else if (strcmp(next_arg, "--help") == 0 || + strcmp(next_arg, "-h") == 0) { + mbedtls_fprintf(stdout, USAGE); + mbedtls_exit(EXIT_SUCCESS); + } else { /* Not an option, therefore treat all further arguments as the file * list. */ - test_files = &argv[ arg_index ]; + test_files = &argv[arg_index]; testfile_count = argc - arg_index; break; } @@ -597,226 +550,204 @@ int execute_tests( int argc , const char ** argv ) } /* If no files were specified, assume a default */ - if ( test_files == NULL || testfile_count == 0 ) - { + if (test_files == NULL || testfile_count == 0) { test_files = &default_filename; testfile_count = 1; } /* Initialize the struct that holds information about the last test */ - mbedtls_test_info_reset( ); + mbedtls_test_info_reset(); /* Now begin to execute the tests in the testfiles */ - for ( testfile_index = 0; - testfile_index < testfile_count; - testfile_index++ ) - { + for (testfile_index = 0; + testfile_index < testfile_count; + testfile_index++) { size_t unmet_dep_count = 0; int unmet_dependencies[20]; int missing_unmet_dependencies = 0; - test_filename = test_files[ testfile_index ]; + test_filename = test_files[testfile_index]; - file = fopen( test_filename, "r" ); - if( file == NULL ) - { - mbedtls_fprintf( stderr, "Failed to open test file: %s\n", - test_filename ); - if( outcome_file != NULL ) - fclose( outcome_file ); - return( 1 ); + file = fopen(test_filename, "r"); + if (file == NULL) { + mbedtls_fprintf(stderr, "Failed to open test file: %s\n", + test_filename); + if (outcome_file != NULL) { + fclose(outcome_file); + } + return 1; } - while( !feof( file ) ) - { - if( unmet_dep_count > 0 ) - { - mbedtls_fprintf( stderr, - "FATAL: Dep count larger than zero at start of loop\n" ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + while (!feof(file)) { + if (unmet_dep_count > 0) { + mbedtls_fprintf(stderr, + "FATAL: Dep count larger than zero at start of loop\n"); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); } unmet_dep_count = 0; missing_unmet_dependencies = 0; - if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 ) + if ((ret = get_line(file, buf, sizeof(buf))) != 0) { break; - mbedtls_fprintf( stdout, "%s%.66s", - mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED ? - "\n" : "", buf ); - mbedtls_fprintf( stdout, " " ); - for( i = strlen( buf ) + 1; i < 67; i++ ) - mbedtls_fprintf( stdout, "." ); - mbedtls_fprintf( stdout, " " ); - fflush( stdout ); - write_outcome_entry( outcome_file, argv[0], buf ); + } + mbedtls_fprintf(stdout, "%s%.66s", + mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED ? + "\n" : "", buf); + mbedtls_fprintf(stdout, " "); + for (i = strlen(buf) + 1; i < 67; i++) { + mbedtls_fprintf(stdout, "."); + } + mbedtls_fprintf(stdout, " "); + fflush(stdout); + write_outcome_entry(outcome_file, argv[0], buf); total_tests++; - if( ( ret = get_line( file, buf, sizeof( buf ) ) ) != 0 ) + if ((ret = get_line(file, buf, sizeof(buf))) != 0) { break; - cnt = parse_arguments( buf, strlen( buf ), params, - sizeof( params ) / sizeof( params[0] ) ); - - if( strcmp( params[0], "depends_on" ) == 0 ) - { - for( i = 1; i < cnt; i++ ) - { - int dep_id = strtol( params[i], NULL, 10 ); - if( dep_check( dep_id ) != DEPENDENCY_SUPPORTED ) - { - if( unmet_dep_count < - ARRAY_LENGTH( unmet_dependencies ) ) - { + } + cnt = parse_arguments(buf, strlen(buf), params, + sizeof(params) / sizeof(params[0])); + + if (strcmp(params[0], "depends_on") == 0) { + for (i = 1; i < cnt; i++) { + int dep_id = strtol(params[i], NULL, 10); + if (dep_check(dep_id) != DEPENDENCY_SUPPORTED) { + if (unmet_dep_count < + ARRAY_LENGTH(unmet_dependencies)) { unmet_dependencies[unmet_dep_count] = dep_id; unmet_dep_count++; - } - else - { + } else { missing_unmet_dependencies = 1; } } } - if( ( ret = get_line( file, buf, sizeof( buf ) ) ) != 0 ) + if ((ret = get_line(file, buf, sizeof(buf))) != 0) { break; - cnt = parse_arguments( buf, strlen( buf ), params, - sizeof( params ) / sizeof( params[0] ) ); + } + cnt = parse_arguments(buf, strlen(buf), params, + sizeof(params) / sizeof(params[0])); } // If there are no unmet dependencies execute the test - if( unmet_dep_count == 0 ) - { - mbedtls_test_info_reset( ); + if (unmet_dep_count == 0) { + mbedtls_test_info_reset(); #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) /* Suppress all output from the library unless we're verbose * mode */ - if( !option_verbose ) - { - stdout_fd = redirect_output( stdout, "/dev/null" ); - if( stdout_fd == -1 ) - { + if (!option_verbose) { + stdout_fd = redirect_output(stdout, "/dev/null"); + if (stdout_fd == -1) { /* Redirection has failed with no stdout so exit */ - exit( 1 ); + exit(1); } } #endif /* __unix__ || __APPLE__ __MACH__ */ - function_id = strtoul( params[0], NULL, 10 ); - if ( (ret = check_test( function_id )) == DISPATCH_TEST_SUCCESS ) - { - ret = convert_params( cnt - 1, params + 1, int_params ); - if ( DISPATCH_TEST_SUCCESS == ret ) - { - ret = dispatch_test( function_id, (void **)( params + 1 ) ); + function_id = strtoul(params[0], NULL, 10); + if ((ret = check_test(function_id)) == DISPATCH_TEST_SUCCESS) { + ret = convert_params(cnt - 1, params + 1, int_params); + if (DISPATCH_TEST_SUCCESS == ret) { + ret = dispatch_test(function_id, (void **) (params + 1)); } } #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) - if( !option_verbose && restore_output( stdout, stdout_fd ) ) - { - /* Redirection has failed with no stdout so exit */ - exit( 1 ); + if (!option_verbose && restore_output(stdout, stdout_fd)) { + /* Redirection has failed with no stdout so exit */ + exit(1); } #endif /* __unix__ || __APPLE__ __MACH__ */ } - write_outcome_result( outcome_file, - unmet_dep_count, unmet_dependencies, - missing_unmet_dependencies, - ret, &mbedtls_test_info ); - if( unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE ) - { + write_outcome_result(outcome_file, + unmet_dep_count, unmet_dependencies, + missing_unmet_dependencies, + ret, &mbedtls_test_info); + if (unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE) { total_skipped++; - mbedtls_fprintf( stdout, "----" ); + mbedtls_fprintf(stdout, "----"); - if( 1 == option_verbose && ret == DISPATCH_UNSUPPORTED_SUITE ) - { - mbedtls_fprintf( stdout, "\n Test Suite not enabled" ); + if (1 == option_verbose && ret == DISPATCH_UNSUPPORTED_SUITE) { + mbedtls_fprintf(stdout, "\n Test Suite not enabled"); } - if( 1 == option_verbose && unmet_dep_count > 0 ) - { - mbedtls_fprintf( stdout, "\n Unmet dependencies: " ); - for( i = 0; i < unmet_dep_count; i++ ) - { - mbedtls_fprintf( stdout, "%d ", - unmet_dependencies[i] ); + if (1 == option_verbose && unmet_dep_count > 0) { + mbedtls_fprintf(stdout, "\n Unmet dependencies: "); + for (i = 0; i < unmet_dep_count; i++) { + mbedtls_fprintf(stdout, "%d ", + unmet_dependencies[i]); + } + if (missing_unmet_dependencies) { + mbedtls_fprintf(stdout, "..."); } - if( missing_unmet_dependencies ) - mbedtls_fprintf( stdout, "..." ); } - mbedtls_fprintf( stdout, "\n" ); - fflush( stdout ); + mbedtls_fprintf(stdout, "\n"); + fflush(stdout); unmet_dep_count = 0; missing_unmet_dependencies = 0; - } - else if( ret == DISPATCH_TEST_SUCCESS ) - { - if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SUCCESS ) - { - mbedtls_fprintf( stdout, "PASS\n" ); - } - else if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SKIPPED ) - { - mbedtls_fprintf( stdout, "----\n" ); + } else if (ret == DISPATCH_TEST_SUCCESS) { + if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SUCCESS) { + mbedtls_fprintf(stdout, "PASS\n"); + } else if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SKIPPED) { + mbedtls_fprintf(stdout, "----\n"); total_skipped++; - } - else - { + } else { total_errors++; - mbedtls_fprintf( stdout, "FAILED\n" ); - mbedtls_fprintf( stdout, " %s\n at ", - mbedtls_test_info.test ); - if( mbedtls_test_info.step != (unsigned long)( -1 ) ) - { - mbedtls_fprintf( stdout, "step %lu, ", - mbedtls_test_info.step ); + mbedtls_fprintf(stdout, "FAILED\n"); + mbedtls_fprintf(stdout, " %s\n at ", + mbedtls_test_info.test); + if (mbedtls_test_info.step != (unsigned long) (-1)) { + mbedtls_fprintf(stdout, "step %lu, ", + mbedtls_test_info.step); + } + mbedtls_fprintf(stdout, "line %d, %s", + mbedtls_test_info.line_no, + mbedtls_test_info.filename); + if (mbedtls_test_info.line1[0] != 0) { + mbedtls_fprintf(stdout, "\n %s", + mbedtls_test_info.line1); + } + if (mbedtls_test_info.line2[0] != 0) { + mbedtls_fprintf(stdout, "\n %s", + mbedtls_test_info.line2); } - mbedtls_fprintf( stdout, "line %d, %s", - mbedtls_test_info.line_no, - mbedtls_test_info.filename ); - if( mbedtls_test_info.line1[0] != 0 ) - mbedtls_fprintf( stdout, "\n %s", - mbedtls_test_info.line1 ); - if( mbedtls_test_info.line2[0] != 0 ) - mbedtls_fprintf( stdout, "\n %s", - mbedtls_test_info.line2 ); } - fflush( stdout ); - } - else if( ret == DISPATCH_INVALID_TEST_DATA ) - { - mbedtls_fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" ); - fclose( file ); - mbedtls_exit( 2 ); - } - else if( ret == DISPATCH_TEST_FN_NOT_FOUND ) - { - mbedtls_fprintf( stderr, "FAILED: FATAL TEST FUNCTION NOT FOUND\n" ); - fclose( file ); - mbedtls_exit( 2 ); - } - else + fflush(stdout); + } else if (ret == DISPATCH_INVALID_TEST_DATA) { + mbedtls_fprintf(stderr, "FAILED: FATAL PARSE ERROR\n"); + fclose(file); + mbedtls_exit(2); + } else if (ret == DISPATCH_TEST_FN_NOT_FOUND) { + mbedtls_fprintf(stderr, "FAILED: FATAL TEST FUNCTION NOT FOUND\n"); + fclose(file); + mbedtls_exit(2); + } else { total_errors++; + } } - fclose( file ); + fclose(file); } - if( outcome_file != NULL ) - fclose( outcome_file ); + if (outcome_file != NULL) { + fclose(outcome_file); + } - mbedtls_fprintf( stdout, "\n----------------------------------------------------------------------------\n\n"); - if( total_errors == 0 ) - mbedtls_fprintf( stdout, "PASSED" ); - else - mbedtls_fprintf( stdout, "FAILED" ); + mbedtls_fprintf(stdout, + "\n----------------------------------------------------------------------------\n\n"); + if (total_errors == 0) { + mbedtls_fprintf(stdout, "PASSED"); + } else { + mbedtls_fprintf(stdout, "FAILED"); + } - mbedtls_fprintf( stdout, " (%u / %u tests (%u skipped))\n", - total_tests - total_errors, total_tests, total_skipped ); + mbedtls_fprintf(stdout, " (%u / %u tests (%u skipped))\n", + total_tests - total_errors, total_tests, total_skipped); #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC) @@ -826,5 +757,5 @@ int execute_tests( int argc , const char ** argv ) mbedtls_memory_buffer_alloc_free(); #endif - return( total_errors != 0 ); + return total_errors != 0; } diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 65c7083ed381..1e5c666ff82e 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -81,24 +81,23 @@ __MBEDTLS_TEST_TEMPLATE__FUNCTIONS_CODE * * \return 0 if exp_id is found. 1 otherwise. */ -int get_expression( int32_t exp_id, int32_t * out_value ) +int get_expression(int32_t exp_id, int32_t *out_value) { int ret = KEY_VALUE_MAPPING_FOUND; (void) exp_id; (void) out_value; - switch( exp_id ) - { -__MBEDTLS_TEST_TEMPLATE__EXPRESSION_CODE + switch (exp_id) { + __MBEDTLS_TEST_TEMPLATE__EXPRESSION_CODE #line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function" default: - { - ret = KEY_VALUE_MAPPING_NOT_FOUND; - } - break; + { + ret = KEY_VALUE_MAPPING_NOT_FOUND; + } + break; } - return( ret ); + return ret; } @@ -113,20 +112,19 @@ __MBEDTLS_TEST_TEMPLATE__EXPRESSION_CODE * * \return DEPENDENCY_SUPPORTED if set else DEPENDENCY_NOT_SUPPORTED */ -int dep_check( int dep_id ) +int dep_check(int dep_id) { int ret = DEPENDENCY_NOT_SUPPORTED; (void) dep_id; - switch( dep_id ) - { -__MBEDTLS_TEST_TEMPLATE__DEP_CHECK_CODE + switch (dep_id) { + __MBEDTLS_TEST_TEMPLATE__DEP_CHECK_CODE #line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function" default: break; } - return( ret ); + return ret; } @@ -143,7 +141,7 @@ __MBEDTLS_TEST_TEMPLATE__DEP_CHECK_CODE * dereferences. Each wrapper function hard-codes the * number and types of the parameters. */ -typedef void (*TestWrapper_t)( void **param_array ); +typedef void (*TestWrapper_t)(void **param_array); /** @@ -154,7 +152,7 @@ typedef void (*TestWrapper_t)( void **param_array ); */ TestWrapper_t test_funcs[] = { -__MBEDTLS_TEST_TEMPLATE__DISPATCH_CODE + __MBEDTLS_TEST_TEMPLATE__DISPATCH_CODE #line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function" }; @@ -173,32 +171,29 @@ __MBEDTLS_TEST_TEMPLATE__DISPATCH_CODE void execute_function_ptr(TestWrapper_t fp, void **params) { #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - mbedtls_test_enable_insecure_external_rng( ); + mbedtls_test_enable_insecure_external_rng(); #endif #if defined(MBEDTLS_CHECK_PARAMS) mbedtls_test_param_failed_location_record_t location_record; - if ( setjmp( mbedtls_test_param_failed_get_state_buf( ) ) == 0 ) - { - fp( params ); - } - else - { + if (setjmp(mbedtls_test_param_failed_get_state_buf()) == 0) { + fp(params); + } else { /* Unexpected parameter validation error */ - mbedtls_test_param_failed_get_location_record( &location_record ); - mbedtls_test_fail( location_record.failure_condition, - location_record.line, - location_record.file ); + mbedtls_test_param_failed_get_location_record(&location_record); + mbedtls_test_fail(location_record.failure_condition, + location_record.line, + location_record.file); } - mbedtls_test_param_failed_reset_state( ); + mbedtls_test_param_failed_reset_state(); #else - fp( params ); + fp(params); #endif #if defined(MBEDTLS_TEST_MUTEX_USAGE) - mbedtls_test_mutex_usage_check( ); + mbedtls_test_mutex_usage_check(); #endif /* MBEDTLS_TEST_MUTEX_USAGE */ } @@ -213,25 +208,23 @@ void execute_function_ptr(TestWrapper_t fp, void **params) * DISPATCH_TEST_FN_NOT_FOUND if not found * DISPATCH_UNSUPPORTED_SUITE if not compile time enabled. */ -int dispatch_test( size_t func_idx, void ** params ) +int dispatch_test(size_t func_idx, void **params) { int ret = DISPATCH_TEST_SUCCESS; TestWrapper_t fp = NULL; - if ( func_idx < (int)( sizeof( test_funcs ) / sizeof( TestWrapper_t ) ) ) - { + if (func_idx < (int) (sizeof(test_funcs) / sizeof(TestWrapper_t))) { fp = test_funcs[func_idx]; - if ( fp ) + if (fp) { execute_function_ptr(fp, params); - else + } else { ret = DISPATCH_UNSUPPORTED_SUITE; - } - else - { + } + } else { ret = DISPATCH_TEST_FN_NOT_FOUND; } - return( ret ); + return ret; } @@ -245,23 +238,21 @@ int dispatch_test( size_t func_idx, void ** params ) * DISPATCH_TEST_FN_NOT_FOUND if not found * DISPATCH_UNSUPPORTED_SUITE if not compile time enabled. */ -int check_test( size_t func_idx ) +int check_test(size_t func_idx) { int ret = DISPATCH_TEST_SUCCESS; TestWrapper_t fp = NULL; - if ( func_idx < (int)( sizeof(test_funcs)/sizeof( TestWrapper_t ) ) ) - { + if (func_idx < (int) (sizeof(test_funcs)/sizeof(TestWrapper_t))) { fp = test_funcs[func_idx]; - if ( fp == NULL ) + if (fp == NULL) { ret = DISPATCH_UNSUPPORTED_SUITE; - } - else - { + } + } else { ret = DISPATCH_TEST_FN_NOT_FOUND; } - return( ret ); + return ret; } @@ -281,22 +272,21 @@ __MBEDTLS_TEST_TEMPLATE__PLATFORM_CODE * * \return Exit code. */ -int main( int argc, const char *argv[] ) +int main(int argc, const char *argv[]) { -#if defined(MBEDTLS_TEST_HOOKS) && defined (MBEDTLS_ERROR_C) +#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ERROR_C) mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; #endif int ret = mbedtls_test_platform_setup(); - if( ret != 0 ) - { - mbedtls_fprintf( stderr, - "FATAL: Failed to initialize platform - error %d\n", - ret ); - return( -1 ); + if (ret != 0) { + mbedtls_fprintf(stderr, + "FATAL: Failed to initialize platform - error %d\n", + ret); + return -1; } - ret = execute_tests( argc, argv ); + ret = execute_tests(argc, argv); mbedtls_test_platform_teardown(); - return( ret ); + return ret; } diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index 57b8b92de581..6b92b870b11f 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -8,107 +8,105 @@ */ /* BEGIN_CASE */ -void aes_encrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) +void aes_encrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst, int setkey_result) { unsigned char output[100]; mbedtls_aes_context ctx; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_ENCRYPT, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == setkey_result); + if (setkey_result == 0) { + TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_ENCRYPT, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); } exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void aes_decrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) +void aes_decrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst, int setkey_result) { unsigned char output[100]; mbedtls_aes_context ctx; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_DECRYPT, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_dec(&ctx, key_str->x, key_str->len * 8) == setkey_result); + if (setkey_result == 0) { + TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_DECRYPT, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); } exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void aes_encrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) +void aes_encrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, + int cbc_result) { unsigned char output[100]; mbedtls_aes_context ctx; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0 ) - { + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); } exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void aes_decrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) +void aes_decrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, + int cbc_result) { unsigned char output[100]; mbedtls_aes_context ctx; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0) - { + TEST_ASSERT(mbedtls_aes_setkey_dec(&ctx, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); } exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */ -void aes_encrypt_xts( char *hex_key_string, char *hex_data_unit_string, - char *hex_src_string, char *hex_dst_string ) +void aes_encrypt_xts(char *hex_key_string, char *hex_data_unit_string, + char *hex_src_string, char *hex_dst_string) { enum { AES_BLOCK_SIZE = 16 }; unsigned char *data_unit = NULL; @@ -119,40 +117,40 @@ void aes_encrypt_xts( char *hex_key_string, char *hex_data_unit_string, mbedtls_aes_xts_context ctx; size_t key_len, src_len, dst_len, data_unit_len; - mbedtls_aes_xts_init( &ctx ); + mbedtls_aes_xts_init(&ctx); - data_unit = mbedtls_test_unhexify_alloc( hex_data_unit_string, - &data_unit_len ); - TEST_ASSERT( data_unit_len == AES_BLOCK_SIZE ); + data_unit = mbedtls_test_unhexify_alloc(hex_data_unit_string, + &data_unit_len); + TEST_ASSERT(data_unit_len == AES_BLOCK_SIZE); - key = mbedtls_test_unhexify_alloc( hex_key_string, &key_len ); - TEST_ASSERT( key_len % 2 == 0 ); + key = mbedtls_test_unhexify_alloc(hex_key_string, &key_len); + TEST_ASSERT(key_len % 2 == 0); - src = mbedtls_test_unhexify_alloc( hex_src_string, &src_len ); - dst = mbedtls_test_unhexify_alloc( hex_dst_string, &dst_len ); - TEST_ASSERT( src_len == dst_len ); + src = mbedtls_test_unhexify_alloc(hex_src_string, &src_len); + dst = mbedtls_test_unhexify_alloc(hex_dst_string, &dst_len); + TEST_ASSERT(src_len == dst_len); - output = mbedtls_test_zero_alloc( dst_len ); + output = mbedtls_test_zero_alloc(dst_len); - TEST_ASSERT( mbedtls_aes_xts_setkey_enc( &ctx, key, key_len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, src_len, - data_unit, src, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_xts_setkey_enc(&ctx, key, key_len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_ENCRYPT, src_len, + data_unit, src, output) == 0); - TEST_ASSERT( memcmp( output, dst, dst_len ) == 0 ); + TEST_ASSERT(memcmp(output, dst, dst_len) == 0); exit: - mbedtls_aes_xts_free( &ctx ); - mbedtls_free( data_unit ); - mbedtls_free( key ); - mbedtls_free( src ); - mbedtls_free( dst ); - mbedtls_free( output ); + mbedtls_aes_xts_free(&ctx); + mbedtls_free(data_unit); + mbedtls_free(key); + mbedtls_free(src); + mbedtls_free(dst); + mbedtls_free(output); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */ -void aes_decrypt_xts( char *hex_key_string, char *hex_data_unit_string, - char *hex_dst_string, char *hex_src_string ) +void aes_decrypt_xts(char *hex_key_string, char *hex_data_unit_string, + char *hex_dst_string, char *hex_src_string) { enum { AES_BLOCK_SIZE = 16 }; unsigned char *data_unit = NULL; @@ -163,39 +161,39 @@ void aes_decrypt_xts( char *hex_key_string, char *hex_data_unit_string, mbedtls_aes_xts_context ctx; size_t key_len, src_len, dst_len, data_unit_len; - mbedtls_aes_xts_init( &ctx ); + mbedtls_aes_xts_init(&ctx); - data_unit = mbedtls_test_unhexify_alloc( hex_data_unit_string, - &data_unit_len ); - TEST_ASSERT( data_unit_len == AES_BLOCK_SIZE ); + data_unit = mbedtls_test_unhexify_alloc(hex_data_unit_string, + &data_unit_len); + TEST_ASSERT(data_unit_len == AES_BLOCK_SIZE); - key = mbedtls_test_unhexify_alloc( hex_key_string, &key_len ); - TEST_ASSERT( key_len % 2 == 0 ); + key = mbedtls_test_unhexify_alloc(hex_key_string, &key_len); + TEST_ASSERT(key_len % 2 == 0); - src = mbedtls_test_unhexify_alloc( hex_src_string, &src_len ); - dst = mbedtls_test_unhexify_alloc( hex_dst_string, &dst_len ); - TEST_ASSERT( src_len == dst_len ); + src = mbedtls_test_unhexify_alloc(hex_src_string, &src_len); + dst = mbedtls_test_unhexify_alloc(hex_dst_string, &dst_len); + TEST_ASSERT(src_len == dst_len); - output = mbedtls_test_zero_alloc( dst_len ); + output = mbedtls_test_zero_alloc(dst_len); - TEST_ASSERT( mbedtls_aes_xts_setkey_dec( &ctx, key, key_len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, src_len, - data_unit, src, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_xts_setkey_dec(&ctx, key, key_len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_DECRYPT, src_len, + data_unit, src, output) == 0); - TEST_ASSERT( memcmp( output, dst, dst_len ) == 0 ); + TEST_ASSERT(memcmp(output, dst, dst_len) == 0); exit: - mbedtls_aes_xts_free( &ctx ); - mbedtls_free( data_unit ); - mbedtls_free( key ); - mbedtls_free( src ); - mbedtls_free( dst ); - mbedtls_free( output ); + mbedtls_aes_xts_free(&ctx); + mbedtls_free(data_unit); + mbedtls_free(key); + mbedtls_free(src); + mbedtls_free(dst); + mbedtls_free(output); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */ -void aes_crypt_xts_size( int size, int retval ) +void aes_crypt_xts_size(int size, int retval) { mbedtls_aes_xts_context ctx; const unsigned char src[16] = { 0 }; @@ -203,166 +201,171 @@ void aes_crypt_xts_size( int size, int retval ) unsigned char data_unit[16]; size_t length = size; - mbedtls_aes_xts_init( &ctx ); - memset( data_unit, 0x00, sizeof( data_unit ) ); + mbedtls_aes_xts_init(&ctx); + memset(data_unit, 0x00, sizeof(data_unit)); /* Valid pointers are passed for builds with MBEDTLS_CHECK_PARAMS, as * otherwise we wouldn't get to the size check we're interested in. */ - TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval ); + TEST_ASSERT(mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, + output) == retval); exit: - mbedtls_aes_xts_free( &ctx ); + mbedtls_aes_xts_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */ -void aes_crypt_xts_keysize( int size, int retval ) +void aes_crypt_xts_keysize(int size, int retval) { mbedtls_aes_xts_context ctx; const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; size_t key_len = size; - mbedtls_aes_xts_init( &ctx ); + mbedtls_aes_xts_init(&ctx); - TEST_ASSERT( mbedtls_aes_xts_setkey_enc( &ctx, key, key_len * 8 ) == retval ); - TEST_ASSERT( mbedtls_aes_xts_setkey_dec( &ctx, key, key_len * 8 ) == retval ); + TEST_ASSERT(mbedtls_aes_xts_setkey_enc(&ctx, key, key_len * 8) == retval); + TEST_ASSERT(mbedtls_aes_xts_setkey_dec(&ctx, key, key_len * 8) == retval); exit: - mbedtls_aes_xts_free( &ctx ); + mbedtls_aes_xts_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void aes_encrypt_cfb128( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void aes_encrypt_cfb128(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_aes_context ctx; size_t iv_offset = 0; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_ENCRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_cfb128(&ctx, MBEDTLS_AES_ENCRYPT, 16, &iv_offset, iv_str->x, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void aes_decrypt_cfb128( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void aes_decrypt_cfb128(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_aes_context ctx; size_t iv_offset = 0; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_DECRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_cfb128(&ctx, MBEDTLS_AES_DECRYPT, 16, &iv_offset, iv_str->x, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void aes_encrypt_cfb8( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void aes_encrypt_cfb8(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_aes_context ctx; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_cfb8(&ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void aes_decrypt_cfb8( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void aes_decrypt_cfb8(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_aes_context ctx; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_cfb8(&ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_OFB */ -void aes_encrypt_ofb( int fragment_size, data_t *key_str, - data_t *iv_str, data_t *src_str, - data_t *expected_output ) +void aes_encrypt_ofb(int fragment_size, data_t *key_str, + data_t *iv_str, data_t *src_str, + data_t *expected_output) { unsigned char output[32]; mbedtls_aes_context ctx; size_t iv_offset = 0; int in_buffer_len; - unsigned char* src_str_next; + unsigned char *src_str_next; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aes_init( &ctx ); + memset(output, 0x00, sizeof(output)); + mbedtls_aes_init(&ctx); - TEST_ASSERT( (size_t)fragment_size < sizeof( output ) ); + TEST_ASSERT((size_t) fragment_size < sizeof(output)); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, - key_str->len * 8 ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, + key_str->len * 8) == 0); in_buffer_len = src_str->len; src_str_next = src_str->x; - while( in_buffer_len > 0 ) - { - TEST_ASSERT( mbedtls_aes_crypt_ofb( &ctx, fragment_size, &iv_offset, - iv_str->x, src_str_next, output ) == 0 ); + while (in_buffer_len > 0) { + TEST_ASSERT(mbedtls_aes_crypt_ofb(&ctx, fragment_size, &iv_offset, + iv_str->x, src_str_next, output) == 0); - TEST_ASSERT( memcmp( output, expected_output->x, fragment_size ) == 0 ); + TEST_ASSERT(memcmp(output, expected_output->x, fragment_size) == 0); in_buffer_len -= fragment_size; expected_output->x += fragment_size; src_str_next += fragment_size; - if( in_buffer_len < fragment_size ) + if (in_buffer_len < fragment_size) { fragment_size = in_buffer_len; + } } exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void aes_check_params( ) +void aes_check_params() { mbedtls_aes_context aes_ctx; #if defined(MBEDTLS_CIPHER_MODE_XTS) @@ -375,185 +378,185 @@ void aes_check_params( ) const int valid_mode = MBEDTLS_AES_ENCRYPT; const int invalid_mode = 42; - TEST_INVALID_PARAM( mbedtls_aes_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_aes_init(NULL)); #if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_INVALID_PARAM( mbedtls_aes_xts_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_aes_xts_init(NULL)); #endif - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_setkey_enc( NULL, key, 128 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_setkey_enc( &aes_ctx, NULL, 128 ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_setkey_enc(NULL, key, 128)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_setkey_enc(&aes_ctx, NULL, 128)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_setkey_dec( NULL, key, 128 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_setkey_dec( &aes_ctx, NULL, 128 ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_setkey_dec(NULL, key, 128)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_setkey_dec(&aes_ctx, NULL, 128)); #if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_xts_setkey_enc( NULL, key, 128 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_xts_setkey_enc( &xts_ctx, NULL, 128 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_xts_setkey_dec( NULL, key, 128 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_xts_setkey_dec( &xts_ctx, NULL, 128 ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_xts_setkey_enc(NULL, key, 128)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_xts_setkey_enc(&xts_ctx, NULL, 128)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_xts_setkey_dec(NULL, key, 128)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_xts_setkey_dec(&xts_ctx, NULL, 128)); #endif - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ecb( NULL, - valid_mode, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ecb( &aes_ctx, - invalid_mode, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ecb( &aes_ctx, - valid_mode, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ecb( &aes_ctx, - valid_mode, in, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb(NULL, + valid_mode, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb(&aes_ctx, + invalid_mode, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb(&aes_ctx, + valid_mode, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb(&aes_ctx, + valid_mode, in, NULL)); #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( NULL, - valid_mode, 16, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( &aes_ctx, - invalid_mode, 16, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( &aes_ctx, - valid_mode, 16, - NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( &aes_ctx, - valid_mode, 16, - out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( &aes_ctx, - valid_mode, 16, - out, in, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cbc(NULL, + valid_mode, 16, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cbc(&aes_ctx, + invalid_mode, 16, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cbc(&aes_ctx, + valid_mode, 16, + NULL, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cbc(&aes_ctx, + valid_mode, 16, + out, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cbc(&aes_ctx, + valid_mode, 16, + out, in, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( NULL, - valid_mode, 16, - in, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( &xts_ctx, - invalid_mode, 16, - in, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( &xts_ctx, - valid_mode, 16, - NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( &xts_ctx, - valid_mode, 16, - in, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( &xts_ctx, - valid_mode, 16, - in, in, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_xts(NULL, + valid_mode, 16, + in, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_xts(&xts_ctx, + invalid_mode, 16, + in, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_xts(&xts_ctx, + valid_mode, 16, + NULL, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_xts(&xts_ctx, + valid_mode, 16, + in, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_xts(&xts_ctx, + valid_mode, 16, + in, in, NULL)); #endif /* MBEDTLS_CIPHER_MODE_XTS */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( NULL, - valid_mode, 16, - &size, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - invalid_mode, 16, - &size, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - valid_mode, 16, - NULL, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - valid_mode, 16, - &size, NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - valid_mode, 16, - &size, out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - valid_mode, 16, - &size, out, in, NULL ) ); - - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( NULL, + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128(NULL, valid_mode, 16, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( &aes_ctx, + &size, out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128(&aes_ctx, invalid_mode, 16, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( &aes_ctx, + &size, out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128(&aes_ctx, valid_mode, 16, - NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( &aes_ctx, + NULL, out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128(&aes_ctx, valid_mode, 16, - out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( &aes_ctx, + &size, NULL, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128(&aes_ctx, valid_mode, 16, - out, in, NULL ) ); + &size, out, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128(&aes_ctx, + valid_mode, 16, + &size, out, in, NULL)); + + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8(NULL, + valid_mode, 16, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8(&aes_ctx, + invalid_mode, 16, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8(&aes_ctx, + valid_mode, 16, + NULL, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8(&aes_ctx, + valid_mode, 16, + out, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8(&aes_ctx, + valid_mode, 16, + out, in, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( NULL, 16, - &size, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( &aes_ctx, 16, - NULL, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( &aes_ctx, 16, - &size, NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( &aes_ctx, 16, - &size, out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( &aes_ctx, 16, - &size, out, in, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ofb(NULL, 16, + &size, out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ofb(&aes_ctx, 16, + NULL, out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ofb(&aes_ctx, 16, + &size, NULL, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ofb(&aes_ctx, 16, + &size, out, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ofb(&aes_ctx, 16, + &size, out, in, NULL)); #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( NULL, 16, &size, out, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, NULL, out, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, NULL, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out, - NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out, - out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out, - out, in, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ctr(NULL, 16, &size, out, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ctr(&aes_ctx, 16, NULL, out, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ctr(&aes_ctx, 16, &size, NULL, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ctr(&aes_ctx, 16, &size, out, + NULL, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ctr(&aes_ctx, 16, &size, out, + out, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ctr(&aes_ctx, 16, &size, out, + out, in, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CTR */ } /* END_CASE */ /* BEGIN_CASE */ -void aes_misc_params( ) +void aes_misc_params() { #if defined(MBEDTLS_CIPHER_MODE_CBC) || \ defined(MBEDTLS_CIPHER_MODE_XTS) || \ @@ -565,7 +568,7 @@ void aes_misc_params( ) #if defined(MBEDTLS_CIPHER_MODE_CBC) || \ defined(MBEDTLS_CIPHER_MODE_CFB) || \ defined(MBEDTLS_CIPHER_MODE_OFB) -mbedtls_aes_context aes_ctx; + mbedtls_aes_context aes_ctx; #endif #if defined(MBEDTLS_CIPHER_MODE_XTS) mbedtls_aes_xts_context xts_ctx; @@ -576,51 +579,51 @@ mbedtls_aes_context aes_ctx; #endif /* These calls accept NULL */ - TEST_VALID_PARAM( mbedtls_aes_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_aes_free(NULL)); #if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_VALID_PARAM( mbedtls_aes_xts_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_aes_xts_free(NULL)); #endif #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT, - 15, - out, in, out ) - == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); - TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT, - 17, - out, in, out ) - == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); + TEST_ASSERT(mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT, + 15, + out, in, out) + == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH); + TEST_ASSERT(mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT, + 17, + out, in, out) + == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH); #endif #if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_ASSERT( mbedtls_aes_crypt_xts( &xts_ctx, MBEDTLS_AES_ENCRYPT, - 15, - in, in, out ) - == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); - TEST_ASSERT( mbedtls_aes_crypt_xts( &xts_ctx, MBEDTLS_AES_ENCRYPT, - (1 << 24) + 1, - in, in, out ) - == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); + TEST_ASSERT(mbedtls_aes_crypt_xts(&xts_ctx, MBEDTLS_AES_ENCRYPT, + 15, + in, in, out) + == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH); + TEST_ASSERT(mbedtls_aes_crypt_xts(&xts_ctx, MBEDTLS_AES_ENCRYPT, + (1 << 24) + 1, + in, in, out) + == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH); #endif #if defined(MBEDTLS_CIPHER_MODE_CFB) size = 16; - TEST_ASSERT( mbedtls_aes_crypt_cfb128( &aes_ctx, MBEDTLS_AES_ENCRYPT, 16, - &size, out, in, out ) - == MBEDTLS_ERR_AES_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_aes_crypt_cfb128(&aes_ctx, MBEDTLS_AES_ENCRYPT, 16, + &size, out, in, out) + == MBEDTLS_ERR_AES_BAD_INPUT_DATA); #endif #if defined(MBEDTLS_CIPHER_MODE_OFB) size = 16; - TEST_ASSERT( mbedtls_aes_crypt_ofb( &aes_ctx, 16, &size, out, in, out ) - == MBEDTLS_ERR_AES_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_aes_crypt_ofb(&aes_ctx, 16, &size, out, in, out) + == MBEDTLS_ERR_AES_BAD_INPUT_DATA); #endif } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void aes_selftest( ) +void aes_selftest() { - TEST_ASSERT( mbedtls_aes_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_aes_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_arc4.function b/tests/suites/test_suite_arc4.function index c1e2386656ad..c1b19d579802 100644 --- a/tests/suites/test_suite_arc4.function +++ b/tests/suites/test_suite_arc4.function @@ -8,30 +8,30 @@ */ /* BEGIN_CASE */ -void mbedtls_arc4_crypt( data_t * src_str, data_t * key_str, data_t * dst ) +void mbedtls_arc4_crypt(data_t *src_str, data_t *key_str, data_t *dst) { unsigned char dst_str[1000]; mbedtls_arc4_context ctx; memset(dst_str, 0x00, 1000); - mbedtls_arc4_init( &ctx ); + mbedtls_arc4_init(&ctx); mbedtls_arc4_setup(&ctx, key_str->x, key_str->len); - TEST_ASSERT( mbedtls_arc4_crypt(&ctx, src_str->len, - src_str->x, dst_str ) == 0 ); + TEST_ASSERT(mbedtls_arc4_crypt(&ctx, src_str->len, + src_str->x, dst_str) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( dst_str, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(dst_str, dst->x, + src_str->len, dst->len) == 0); exit: - mbedtls_arc4_free( &ctx ); + mbedtls_arc4_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void arc4_selftest( ) +void arc4_selftest() { - TEST_ASSERT( mbedtls_arc4_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_arc4_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function index 11af9a3295d8..ed3338943cae 100644 --- a/tests/suites/test_suite_aria.function +++ b/tests/suites/test_suite_aria.function @@ -6,9 +6,9 @@ #define ARIA_MAX_DATASIZE 160 /* Maximum sizes of hexified things */ -#define ARIA_MAX_KEY_STR ( 2 * MBEDTLS_ARIA_MAX_KEYSIZE + 1 ) -#define ARIA_BLOCK_STR ( 2 * MBEDTLS_ARIA_BLOCKSIZE + 1 ) -#define ARIA_MAX_DATA_STR ( 2 * ARIA_MAX_DATASIZE + 1 ) +#define ARIA_MAX_KEY_STR (2 * MBEDTLS_ARIA_MAX_KEYSIZE + 1) +#define ARIA_BLOCK_STR (2 * MBEDTLS_ARIA_BLOCKSIZE + 1) +#define ARIA_MAX_DATA_STR (2 * ARIA_MAX_DATASIZE + 1) /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -17,14 +17,14 @@ */ /* BEGIN_CASE */ -void aria_valid_param( ) +void aria_valid_param() { - TEST_VALID_PARAM( mbedtls_aria_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_aria_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void aria_invalid_param( ) +void aria_invalid_param() { mbedtls_aria_context ctx; unsigned char key[128 / 8] = { 0 }; @@ -36,167 +36,167 @@ void aria_invalid_param( ) ((void) iv_off); ((void) iv); - TEST_INVALID_PARAM( mbedtls_aria_init( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_setkey_enc( NULL, key, - sizeof( key ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_setkey_enc( &ctx, NULL, - sizeof( key ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_setkey_dec( NULL, key, - sizeof( key ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_setkey_dec( &ctx, NULL, - sizeof( key ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ecb( NULL, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ecb( &ctx, NULL, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ecb( &ctx, input, NULL ) ); + TEST_INVALID_PARAM(mbedtls_aria_init(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_setkey_enc(NULL, key, + sizeof(key))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_setkey_enc(&ctx, NULL, + sizeof(key))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_setkey_dec(NULL, key, + sizeof(key))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_setkey_dec(&ctx, NULL, + sizeof(key))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ecb(NULL, input, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ecb(&ctx, NULL, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ecb(&ctx, input, NULL)); #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( NULL, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( &ctx, - 42 /* invalid mode */, - sizeof( input ), - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - NULL, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - iv, - NULL, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - iv, - input, - NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cbc(NULL, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cbc(&ctx, + 42 /* invalid mode */, + sizeof(input), + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cbc(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + NULL, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cbc(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + iv, + NULL, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cbc(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + iv, + input, + NULL)); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( NULL, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - &iv_off, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - 42, /* invalid mode */ - sizeof( input ), - &iv_off, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - NULL, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - &iv_off, - NULL, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - &iv_off, - iv, - NULL, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - &iv_off, - iv, - input, - NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cfb128(NULL, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + &iv_off, + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cfb128(&ctx, + 42, /* invalid mode */ + sizeof(input), + &iv_off, + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cfb128(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + NULL, + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cfb128(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + &iv_off, + NULL, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cfb128(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + &iv_off, + iv, + NULL, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cfb128(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + &iv_off, + iv, + input, + NULL)); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( NULL, - sizeof( input ), - &iv_off, - iv, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - NULL, - iv, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - &iv_off, - NULL, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - &iv_off, - iv, - NULL, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - &iv_off, - iv, - iv, - NULL, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - &iv_off, - iv, - iv, - input, - NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ctr(NULL, + sizeof(input), + &iv_off, + iv, + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ctr(&ctx, + sizeof(input), + NULL, + iv, + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ctr(&ctx, + sizeof(input), + &iv_off, + NULL, + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ctr(&ctx, + sizeof(input), + &iv_off, + iv, + NULL, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ctr(&ctx, + sizeof(input), + &iv_off, + iv, + iv, + NULL, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ctr(&ctx, + sizeof(input), + &iv_off, + iv, + iv, + input, + NULL)); #endif /* MBEDTLS_CIPHER_MODE_CTR */ exit: @@ -206,224 +206,218 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void aria_encrypt_ecb( data_t *key_str, data_t *src_str, - data_t *expected_output, int setkey_result ) +void aria_encrypt_ecb(data_t *key_str, data_t *src_str, + data_t *expected_output, int setkey_result) { unsigned char output[ARIA_MAX_DATASIZE]; mbedtls_aria_context ctx; size_t i; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); - - TEST_ASSERT( mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) - == setkey_result ); - if( setkey_result == 0 ) - { - for( i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE ) - { - TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str->x + i, - output + i ) == 0 ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); + + TEST_ASSERT(mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8) + == setkey_result); + if (setkey_result == 0) { + for (i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE) { + TEST_ASSERT(mbedtls_aria_crypt_ecb(&ctx, src_str->x + i, + output + i) == 0); } - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + ASSERT_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); } exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void aria_decrypt_ecb( data_t *key_str, data_t *src_str, - data_t *expected_output, int setkey_result ) +void aria_decrypt_ecb(data_t *key_str, data_t *src_str, + data_t *expected_output, int setkey_result) { unsigned char output[ARIA_MAX_DATASIZE]; mbedtls_aria_context ctx; size_t i; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); - - TEST_ASSERT( mbedtls_aria_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) - == setkey_result ); - if( setkey_result == 0 ) - { - for( i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE ) - { - TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str->x + i, - output + i ) == 0 ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); + + TEST_ASSERT(mbedtls_aria_setkey_dec(&ctx, key_str->x, key_str->len * 8) + == setkey_result); + if (setkey_result == 0) { + for (i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE) { + TEST_ASSERT(mbedtls_aria_crypt_ecb(&ctx, src_str->x + i, + output + i) == 0); } - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + ASSERT_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); } exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void aria_encrypt_cbc( data_t *key_str, data_t *iv_str, - data_t *src_str, data_t *expected_output, - int cbc_result ) +void aria_encrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *expected_output, + int cbc_result) { unsigned char output[ARIA_MAX_DATASIZE]; mbedtls_aria_context ctx; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); - - mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, - src_str->len, iv_str->x, src_str->x, - output ) == cbc_result ); - if( cbc_result == 0 ) - { - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); + + mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_ENCRYPT, + src_str->len, iv_str->x, src_str->x, + output) == cbc_result); + if (cbc_result == 0) { + ASSERT_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); } exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void aria_decrypt_cbc( data_t *key_str, data_t *iv_str, - data_t *src_str, data_t *expected_output, - int cbc_result ) +void aria_decrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *expected_output, + int cbc_result) { unsigned char output[ARIA_MAX_DATASIZE]; mbedtls_aria_context ctx; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); - - mbedtls_aria_setkey_dec( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, - src_str->len, iv_str->x, src_str->x, - output ) == cbc_result ); - if( cbc_result == 0 ) - { - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); + + mbedtls_aria_setkey_dec(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_DECRYPT, + src_str->len, iv_str->x, src_str->x, + output) == cbc_result); + if (cbc_result == 0) { + ASSERT_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); } exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void aria_encrypt_cfb128( data_t *key_str, data_t *iv_str, - data_t *src_str, data_t *expected_output, - int result ) +void aria_encrypt_cfb128(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *expected_output, + int result) { unsigned char output[ARIA_MAX_DATASIZE]; mbedtls_aria_context ctx; size_t iv_offset = 0; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); - mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, - src_str->len, &iv_offset, - iv_str->x, src_str->x, output ) - == result ); + mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_ENCRYPT, + src_str->len, &iv_offset, + iv_str->x, src_str->x, output) + == result); - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + ASSERT_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void aria_decrypt_cfb128( data_t *key_str, data_t *iv_str, - data_t *src_str, data_t *expected_output, - int result ) +void aria_decrypt_cfb128(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *expected_output, + int result) { unsigned char output[ARIA_MAX_DATASIZE]; mbedtls_aria_context ctx; size_t iv_offset = 0; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); - mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, - src_str->len, &iv_offset, - iv_str->x, src_str->x, output ) - == result ); + mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_DECRYPT, + src_str->len, &iv_offset, + iv_str->x, src_str->x, output) + == result); - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + ASSERT_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */ -void aria_encrypt_ctr( data_t *key_str, data_t *iv_str, - data_t *src_str, data_t *expected_output, - int result ) +void aria_encrypt_ctr(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *expected_output, + int result) { unsigned char output[ARIA_MAX_DATASIZE]; unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE]; mbedtls_aria_context ctx; size_t iv_offset = 0; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); - mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str->len, &iv_offset, - iv_str->x, blk, src_str->x, output ) - == result ); + mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_aria_crypt_ctr(&ctx, src_str->len, &iv_offset, + iv_str->x, blk, src_str->x, output) + == result); - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + ASSERT_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */ -void aria_decrypt_ctr( data_t *key_str, data_t *iv_str, - data_t *src_str, data_t *expected_output, - int result ) +void aria_decrypt_ctr(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *expected_output, + int result) { unsigned char output[ARIA_MAX_DATASIZE]; unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE]; mbedtls_aria_context ctx; size_t iv_offset = 0; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); - mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str->len, &iv_offset, - iv_str->x, blk, src_str->x, output ) - == result ); + mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_aria_crypt_ctr(&ctx, src_str->len, &iv_offset, + iv_str->x, blk, src_str->x, output) + == result); - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + ASSERT_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void aria_selftest() { - TEST_ASSERT( mbedtls_aria_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_aria_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index 4cc0f17e32f5..7c546c10f916 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -16,8 +16,8 @@ * should not be checked. */ #define UNPREDICTABLE_RESULT 0x5552 -static int nested_parse( unsigned char **const p, - const unsigned char *const end ) +static int nested_parse(unsigned char **const p, + const unsigned char *const end) { int ret; size_t len = 0; @@ -28,31 +28,32 @@ static int nested_parse( unsigned char **const p, /* First get the length, skipping over the tag. */ content_start = start + 1; - ret = mbedtls_asn1_get_len( &content_start, end, &len ); - TEST_ASSERT( content_start <= end ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_asn1_get_len(&content_start, end, &len); + TEST_ASSERT(content_start <= end); + if (ret != 0) { + return ret; + } /* Since we have a valid element start (tag and length), retrieve and * check the tag. */ tag = start[0]; - TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len2, tag ^ 1 ), - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + TEST_EQUAL(mbedtls_asn1_get_tag(p, end, &len2, tag ^ 1), + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); *p = start; - TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len2, tag ), 0 ); - TEST_EQUAL( len, len2 ); - TEST_ASSERT( *p == content_start ); + TEST_EQUAL(mbedtls_asn1_get_tag(p, end, &len2, tag), 0); + TEST_EQUAL(len, len2); + TEST_ASSERT(*p == content_start); *p = content_start; - switch( tag & 0x1f ) - { + switch (tag & 0x1f) { case MBEDTLS_ASN1_BOOLEAN: { int val = -257; *p = start; - ret = mbedtls_asn1_get_bool( p, end, &val ); - if( ret == 0 ) - TEST_ASSERT( val == 0 || val == 1 ); + ret = mbedtls_asn1_get_bool(p, end, &val); + if (ret == 0) { + TEST_ASSERT(val == 0 || val == 1); + } break; } @@ -60,23 +61,22 @@ static int nested_parse( unsigned char **const p, { #if defined(MBEDTLS_BIGNUM_C) mbedtls_mpi mpi; - mbedtls_mpi_init( &mpi ); + mbedtls_mpi_init(&mpi); *p = start; - ret = mbedtls_asn1_get_mpi( p, end, &mpi ); - mbedtls_mpi_free( &mpi ); + ret = mbedtls_asn1_get_mpi(p, end, &mpi); + mbedtls_mpi_free(&mpi); #else *p = start + 1; - ret = mbedtls_asn1_get_len( p, end, &len ); + ret = mbedtls_asn1_get_len(p, end, &len); *p += len; #endif /* If we're sure that the number fits in an int, also * call mbedtls_asn1_get_int(). */ - if( ret == 0 && len < sizeof( int ) ) - { + if (ret == 0 && len < sizeof(int)) { int val = -257; unsigned char *q = start; - ret = mbedtls_asn1_get_int( &q, end, &val ); - TEST_ASSERT( *p == q ); + ret = mbedtls_asn1_get_int(&q, end, &val); + TEST_ASSERT(*p == q); } break; } @@ -85,14 +85,15 @@ static int nested_parse( unsigned char **const p, { mbedtls_asn1_bitstring bs; *p = start; - ret = mbedtls_asn1_get_bitstring( p, end, &bs ); + ret = mbedtls_asn1_get_bitstring(p, end, &bs); break; } case MBEDTLS_ASN1_SEQUENCE: { - while( *p <= end && *p < content_start + len && ret == 0 ) - ret = nested_parse( p, content_start + len ); + while (*p <= end && *p < content_start + len && ret == 0) { + ret = nested_parse(p, content_start + len); + } break; } @@ -111,18 +112,18 @@ static int nested_parse( unsigned char **const p, default: /* No further testing implemented for this tag. */ *p += len; - return( 0 ); + return 0; } - TEST_ASSERT( *p <= end ); - return( ret ); + TEST_ASSERT(*p <= end); + return ret; exit: - return( ERR_PARSE_INCONSISTENCY ); + return ERR_PARSE_INCONSISTENCY; } -int get_len_step( const data_t *input, size_t buffer_size, - size_t actual_length ) +int get_len_step(const data_t *input, size_t buffer_size, + size_t actual_length) { unsigned char *buf = NULL; unsigned char *p = NULL; @@ -130,53 +131,43 @@ int get_len_step( const data_t *input, size_t buffer_size, size_t parsed_length; int ret; - mbedtls_test_set_step( buffer_size ); + mbedtls_test_set_step(buffer_size); /* Allocate a new buffer of exactly the length to parse each time. * This gives memory sanitizers a chance to catch buffer overreads. */ - if( buffer_size == 0 ) - { - ASSERT_ALLOC( buf, 1 ); + if (buffer_size == 0) { + ASSERT_ALLOC(buf, 1); end = buf + 1; p = end; - } - else - { - ASSERT_ALLOC_WEAK( buf, buffer_size ); - if( buffer_size > input->len ) - { - memcpy( buf, input->x, input->len ); - memset( buf + input->len, 'A', buffer_size - input->len ); - } - else - { - memcpy( buf, input->x, buffer_size ); + } else { + ASSERT_ALLOC_WEAK(buf, buffer_size); + if (buffer_size > input->len) { + memcpy(buf, input->x, input->len); + memset(buf + input->len, 'A', buffer_size - input->len); + } else { + memcpy(buf, input->x, buffer_size); } p = buf; end = buf + buffer_size; } - ret = mbedtls_asn1_get_len( &p, end, &parsed_length ); + ret = mbedtls_asn1_get_len(&p, end, &parsed_length); - if( buffer_size >= input->len + actual_length ) - { - TEST_EQUAL( ret, 0 ); - TEST_ASSERT( p == buf + input->len ); - TEST_EQUAL( parsed_length, actual_length ); + if (buffer_size >= input->len + actual_length) { + TEST_EQUAL(ret, 0); + TEST_ASSERT(p == buf + input->len); + TEST_EQUAL(parsed_length, actual_length); + } else { + TEST_EQUAL(ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA); } - else - { - TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - } - mbedtls_free( buf ); - return( 1 ); + mbedtls_free(buf); + return 1; exit: - mbedtls_free( buf ); - return( 0 ); + mbedtls_free(buf); + return 0; } -typedef struct -{ +typedef struct { const unsigned char *input_start; const char *description; } traverse_state_t; @@ -188,38 +179,40 @@ typedef struct #define RET_TRAVERSE_ERROR 2 -static int traverse_callback( void *ctx, int tag, - unsigned char *content, size_t len ) +static int traverse_callback(void *ctx, int tag, + unsigned char *content, size_t len) { traverse_state_t *state = ctx; size_t offset; const char *rest = state->description; unsigned long n; - TEST_ASSERT( content > state->input_start ); + TEST_ASSERT(content > state->input_start); offset = content - state->input_start; - mbedtls_test_set_step( offset ); + mbedtls_test_set_step(offset); - if( *rest == 0 ) - return( RET_TRAVERSE_STOP ); - n = strtoul( rest, (char **) &rest, 0 ); - TEST_EQUAL( n, offset ); - TEST_EQUAL( *rest, ',' ); + if (*rest == 0) { + return RET_TRAVERSE_STOP; + } + n = strtoul(rest, (char **) &rest, 0); + TEST_EQUAL(n, offset); + TEST_EQUAL(*rest, ','); ++rest; - n = strtoul( rest, (char **) &rest, 0 ); - TEST_EQUAL( n, (unsigned) tag ); - TEST_EQUAL( *rest, ',' ); + n = strtoul(rest, (char **) &rest, 0); + TEST_EQUAL(n, (unsigned) tag); + TEST_EQUAL(*rest, ','); ++rest; - n = strtoul( rest, (char **) &rest, 0 ); - TEST_EQUAL( n, len ); - if( *rest == ',' ) + n = strtoul(rest, (char **) &rest, 0); + TEST_EQUAL(n, len); + if (*rest == ',') { ++rest; + } state->description = rest; - return( 0 ); + return 0; exit: - return( RET_TRAVERSE_ERROR ); + return RET_TRAVERSE_ERROR; } /* END_HEADER */ @@ -230,9 +223,9 @@ exit: */ /* BEGIN_CASE */ -void parse_prefixes( const data_t *input, - int full_result, - int overfull_result ) +void parse_prefixes(const data_t *input, + int full_result, + int overfull_result) { /* full_result: expected result from parsing the given string. */ /* overfull_result: expected_result from parsing the given string plus @@ -250,45 +243,42 @@ void parse_prefixes( const data_t *input, * we wouldn't know what to parse the input as. * Also test the input followed by an extra byte. */ - for( buffer_size = 1; buffer_size <= input->len + 1; buffer_size++ ) - { - mbedtls_test_set_step( buffer_size ); + for (buffer_size = 1; buffer_size <= input->len + 1; buffer_size++) { + mbedtls_test_set_step(buffer_size); /* Allocate a new buffer of exactly the length to parse each time. * This gives memory sanitizers a chance to catch buffer overreads. */ - ASSERT_ALLOC( buf, buffer_size ); - memcpy( buf, input->x, buffer_size ); + ASSERT_ALLOC(buf, buffer_size); + memcpy(buf, input->x, buffer_size); p = buf; - ret = nested_parse( &p, buf + buffer_size ); + ret = nested_parse(&p, buf + buffer_size); - if( ret == ERR_PARSE_INCONSISTENCY ) + if (ret == ERR_PARSE_INCONSISTENCY) { goto exit; - if( buffer_size < input->len ) - { - TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA ); } - else if( buffer_size == input->len ) - { - TEST_EQUAL( ret, full_result ); + if (buffer_size < input->len) { + TEST_EQUAL(ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } else if (buffer_size == input->len) { + TEST_EQUAL(ret, full_result); + } else { /* ( buffer_size > input->len ) */ + if (overfull_result != UNPREDICTABLE_RESULT) { + TEST_EQUAL(ret, overfull_result); + } } - else /* ( buffer_size > input->len ) */ - { - if( overfull_result != UNPREDICTABLE_RESULT ) - TEST_EQUAL( ret, overfull_result ); + if (ret == 0) { + TEST_ASSERT(p == buf + input->len); } - if( ret == 0 ) - TEST_ASSERT( p == buf + input->len ); - mbedtls_free( buf ); + mbedtls_free(buf); buf = NULL; } exit: - mbedtls_free( buf ); + mbedtls_free(buf); } /* END_CASE */ /* BEGIN_CASE */ -void get_len( const data_t *input, int actual_length_arg ) +void get_len(const data_t *input, int actual_length_arg) { size_t actual_length = actual_length_arg; size_t buffer_size; @@ -299,37 +289,38 @@ void get_len( const data_t *input, int actual_length_arg ) * the payload is truncated more than one byte away from either end, * and we only test the empty string on a 1-byte input. */ - for( buffer_size = 1; buffer_size <= input->len + 1; buffer_size++ ) - { - if( ! get_len_step( input, buffer_size, actual_length ) ) + for (buffer_size = 1; buffer_size <= input->len + 1; buffer_size++) { + if (!get_len_step(input, buffer_size, actual_length)) { goto exit; + } } - if( ! get_len_step( input, input->len + actual_length - 1, actual_length ) ) + if (!get_len_step(input, input->len + actual_length - 1, actual_length)) { goto exit; - if( ! get_len_step( input, input->len + actual_length, actual_length ) ) + } + if (!get_len_step(input, input->len + actual_length, actual_length)) { goto exit; + } } /* END_CASE */ /* BEGIN_CASE */ -void get_boolean( const data_t *input, - int expected_value, int expected_result ) +void get_boolean(const data_t *input, + int expected_value, int expected_result) { unsigned char *p = input->x; int val; int ret; - ret = mbedtls_asn1_get_bool( &p, input->x + input->len, &val ); - TEST_EQUAL( ret, expected_result ); - if( expected_result == 0 ) - { - TEST_EQUAL( val, expected_value ); - TEST_ASSERT( p == input->x + input->len ); + ret = mbedtls_asn1_get_bool(&p, input->x + input->len, &val); + TEST_EQUAL(ret, expected_result); + if (expected_result == 0) { + TEST_EQUAL(val, expected_value); + TEST_ASSERT(p == input->x + input->len); } } /* END_CASE */ /* BEGIN_CASE */ -void empty_integer( const data_t *input ) +void empty_integer(const data_t *input) { unsigned char *p; #if defined(MBEDTLS_BIGNUM_C) @@ -338,34 +329,34 @@ void empty_integer( const data_t *input ) int val; #if defined(MBEDTLS_BIGNUM_C) - mbedtls_mpi_init( & actual_mpi ); + mbedtls_mpi_init(&actual_mpi); #endif /* An INTEGER with no content is not valid. */ p = input->x; - TEST_EQUAL( mbedtls_asn1_get_int( &p, input->x + input->len, &val ), - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + TEST_EQUAL(mbedtls_asn1_get_int(&p, input->x + input->len, &val), + MBEDTLS_ERR_ASN1_INVALID_LENGTH); #if defined(MBEDTLS_BIGNUM_C) /* INTEGERs are sometimes abused as bitstrings, so the library accepts * an INTEGER with empty content and gives it the value 0. */ p = input->x; - TEST_EQUAL( mbedtls_asn1_get_mpi( &p, input->x + input->len, &actual_mpi ), - 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &actual_mpi, 0 ), 0 ); + TEST_EQUAL(mbedtls_asn1_get_mpi(&p, input->x + input->len, &actual_mpi), + 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&actual_mpi, 0), 0); #endif exit: #if defined(MBEDTLS_BIGNUM_C) - mbedtls_mpi_free( &actual_mpi ); + mbedtls_mpi_free(&actual_mpi); #endif - /*empty cleanup in some configurations*/ ; + /*empty cleanup in some configurations*/; } /* END_CASE */ /* BEGIN_CASE */ -void get_integer( const data_t *input, - const char *expected_hex, int expected_result ) +void get_integer(const data_t *input, + const char *expected_hex, int expected_result) { unsigned char *p; #if defined(MBEDTLS_BIGNUM_C) @@ -380,26 +371,24 @@ void get_integer( const data_t *input, int ret; #if defined(MBEDTLS_BIGNUM_C) - mbedtls_mpi_init( &expected_mpi ); - mbedtls_mpi_init( &actual_mpi ); - mbedtls_mpi_init( &complement ); + mbedtls_mpi_init(&expected_mpi); + mbedtls_mpi_init(&actual_mpi); + mbedtls_mpi_init(&complement); #endif errno = 0; - expected_value = strtol( expected_hex, NULL, 16 ); - if( expected_result == 0 && - ( errno == ERANGE + expected_value = strtol(expected_hex, NULL, 16); + if (expected_result == 0 && + (errno == ERANGE #if LONG_MAX > INT_MAX - || expected_value > INT_MAX || expected_value < INT_MIN + || expected_value > INT_MAX || expected_value < INT_MIN #endif - ) ) - { + )) { /* The library returns the dubious error code INVALID_LENGTH * for integers that are out of range. */ expected_result_for_int = MBEDTLS_ERR_ASN1_INVALID_LENGTH; } - if( expected_result == 0 && expected_value < 0 ) - { + if (expected_result == 0 && expected_value < 0) { /* The library does not support negative INTEGERs and * returns the dubious error code INVALID_LENGTH. * Test that we preserve the historical behavior. If we @@ -408,34 +397,28 @@ void get_integer( const data_t *input, } p = input->x; - ret = mbedtls_asn1_get_int( &p, input->x + input->len, &val ); - TEST_EQUAL( ret, expected_result_for_int ); - if( ret == 0 ) - { - TEST_EQUAL( val, expected_value ); - TEST_ASSERT( p == input->x + input->len ); + ret = mbedtls_asn1_get_int(&p, input->x + input->len, &val); + TEST_EQUAL(ret, expected_result_for_int); + if (ret == 0) { + TEST_EQUAL(val, expected_value); + TEST_ASSERT(p == input->x + input->len); } #if defined(MBEDTLS_BIGNUM_C) - ret = mbedtls_test_read_mpi( &expected_mpi, expected_hex ); - TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - if( ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA ) - { + ret = mbedtls_test_read_mpi(&expected_mpi, expected_hex); + TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA); + if (ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA) { /* The data overflows the maximum MPI size. */ expected_result_for_mpi = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } p = input->x; - ret = mbedtls_asn1_get_mpi( &p, input->x + input->len, &actual_mpi ); - TEST_EQUAL( ret, expected_result_for_mpi ); - if( ret == 0 ) - { - if( expected_value >= 0 ) - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &actual_mpi, - &expected_mpi ) == 0 ); - } - else - { + ret = mbedtls_asn1_get_mpi(&p, input->x + input->len, &actual_mpi); + TEST_EQUAL(ret, expected_result_for_mpi); + if (ret == 0) { + if (expected_value >= 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&actual_mpi, + &expected_mpi) == 0); + } else { /* The library ignores the sign bit in ASN.1 INTEGERs * (which makes sense insofar as INTEGERs are sometimes * abused as bit strings), so the result of parsing them @@ -448,32 +431,32 @@ void get_integer( const data_t *input, * negative INTEGERs, we'll fix this test code. */ unsigned char *q = input->x + 1; size_t len; - TEST_ASSERT( mbedtls_asn1_get_len( &q, input->x + input->len, - &len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lset( &complement, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_l( &complement, len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_mpi( &complement, &complement, - &expected_mpi ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &complement, - &actual_mpi ) == 0 ); + TEST_ASSERT(mbedtls_asn1_get_len(&q, input->x + input->len, + &len) == 0); + TEST_ASSERT(mbedtls_mpi_lset(&complement, 1) == 0); + TEST_ASSERT(mbedtls_mpi_shift_l(&complement, len * 8) == 0); + TEST_ASSERT(mbedtls_mpi_add_mpi(&complement, &complement, + &expected_mpi) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&complement, + &actual_mpi) == 0); } - TEST_ASSERT( p == input->x + input->len ); + TEST_ASSERT(p == input->x + input->len); } #endif exit: #if defined(MBEDTLS_BIGNUM_C) - mbedtls_mpi_free( &expected_mpi ); - mbedtls_mpi_free( &actual_mpi ); - mbedtls_mpi_free( &complement ); + mbedtls_mpi_free(&expected_mpi); + mbedtls_mpi_free(&actual_mpi); + mbedtls_mpi_free(&complement); #endif - /*empty cleanup in some configurations*/ ; + /*empty cleanup in some configurations*/; } /* END_CASE */ /* BEGIN_CASE */ -void get_enum( const data_t *input, - const char *expected_hex, int expected_result ) +void get_enum(const data_t *input, + const char *expected_hex, int expected_result) { unsigned char *p; long expected_value; @@ -482,20 +465,18 @@ void get_enum( const data_t *input, int ret; errno = 0; - expected_value = strtol( expected_hex, NULL, 16 ); - if( expected_result == 0 && - ( errno == ERANGE + expected_value = strtol(expected_hex, NULL, 16); + if (expected_result == 0 && + (errno == ERANGE #if LONG_MAX > INT_MAX - || expected_value > INT_MAX || expected_value < INT_MIN + || expected_value > INT_MAX || expected_value < INT_MIN #endif - ) ) - { + )) { /* The library returns the dubious error code INVALID_LENGTH * for integers that are out of range. */ expected_result_for_enum = MBEDTLS_ERR_ASN1_INVALID_LENGTH; } - if( expected_result == 0 && expected_value < 0 ) - { + if (expected_result == 0 && expected_value < 0) { /* The library does not support negative INTEGERs and * returns the dubious error code INVALID_LENGTH. * Test that we preserve the historical behavior. If we @@ -504,18 +485,17 @@ void get_enum( const data_t *input, } p = input->x; - ret = mbedtls_asn1_get_enum( &p, input->x + input->len, &val ); - TEST_EQUAL( ret, expected_result_for_enum ); - if( ret == 0 ) - { - TEST_EQUAL( val, expected_value ); - TEST_ASSERT( p == input->x + input->len ); + ret = mbedtls_asn1_get_enum(&p, input->x + input->len, &val); + TEST_EQUAL(ret, expected_result_for_enum); + if (ret == 0) { + TEST_EQUAL(val, expected_value); + TEST_ASSERT(p == input->x + input->len); } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ -void get_mpi_too_large( ) +void get_mpi_too_large() { unsigned char *buf = NULL; unsigned char *p; @@ -524,63 +504,62 @@ void get_mpi_too_large( ) MBEDTLS_MPI_MAX_LIMBS * sizeof(mbedtls_mpi_uint) + 1; size_t size = too_many_octets + 6; - mbedtls_mpi_init( &actual_mpi ); + mbedtls_mpi_init(&actual_mpi); - ASSERT_ALLOC( buf, size ); + ASSERT_ALLOC(buf, size); buf[0] = 0x02; /* tag: INTEGER */ buf[1] = 0x84; /* 4-octet length */ - buf[2] = ( too_many_octets >> 24 ) & 0xff; - buf[3] = ( too_many_octets >> 16 ) & 0xff; - buf[4] = ( too_many_octets >> 8 ) & 0xff; + buf[2] = (too_many_octets >> 24) & 0xff; + buf[3] = (too_many_octets >> 16) & 0xff; + buf[4] = (too_many_octets >> 8) & 0xff; buf[5] = too_many_octets & 0xff; buf[6] = 0x01; /* most significant octet */ p = buf; - TEST_EQUAL( mbedtls_asn1_get_mpi( &p, buf + size, &actual_mpi ), - MBEDTLS_ERR_MPI_ALLOC_FAILED ); + TEST_EQUAL(mbedtls_asn1_get_mpi(&p, buf + size, &actual_mpi), + MBEDTLS_ERR_MPI_ALLOC_FAILED); exit: - mbedtls_mpi_free( &actual_mpi ); - mbedtls_free( buf ); + mbedtls_mpi_free(&actual_mpi); + mbedtls_free(buf); } /* END_CASE */ /* BEGIN_CASE */ -void get_bitstring( const data_t *input, - int expected_length, int expected_unused_bits, - int expected_result, int expected_result_null ) +void get_bitstring(const data_t *input, + int expected_length, int expected_unused_bits, + int expected_result, int expected_result_null) { mbedtls_asn1_bitstring bs = { 0xdead, 0x21, NULL }; unsigned char *p = input->x; - TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, input->x + input->len, &bs ), - expected_result ); - if( expected_result == 0 ) - { - TEST_EQUAL( bs.len, (size_t) expected_length ); - TEST_EQUAL( bs.unused_bits, expected_unused_bits ); - TEST_ASSERT( bs.p != NULL ); - TEST_EQUAL( bs.p - input->x + bs.len, input->len ); - TEST_ASSERT( p == input->x + input->len ); + TEST_EQUAL(mbedtls_asn1_get_bitstring(&p, input->x + input->len, &bs), + expected_result); + if (expected_result == 0) { + TEST_EQUAL(bs.len, (size_t) expected_length); + TEST_EQUAL(bs.unused_bits, expected_unused_bits); + TEST_ASSERT(bs.p != NULL); + TEST_EQUAL(bs.p - input->x + bs.len, input->len); + TEST_ASSERT(p == input->x + input->len); } p = input->x; - TEST_EQUAL( mbedtls_asn1_get_bitstring_null( &p, input->x + input->len, - &bs.len ), - expected_result_null ); - if( expected_result_null == 0 ) - { - TEST_EQUAL( bs.len, (size_t) expected_length ); - if( expected_result == 0 ) - TEST_ASSERT( p == input->x + input->len - bs.len ); + TEST_EQUAL(mbedtls_asn1_get_bitstring_null(&p, input->x + input->len, + &bs.len), + expected_result_null); + if (expected_result_null == 0) { + TEST_EQUAL(bs.len, (size_t) expected_length); + if (expected_result == 0) { + TEST_ASSERT(p == input->x + input->len - bs.len); + } } } /* END_CASE */ /* BEGIN_CASE */ -void get_sequence_of( const data_t *input, int tag, - const char *description, - int expected_result ) +void get_sequence_of(const data_t *input, int tag, + const char *description, + int expected_result) { /* The description string is a comma-separated list of integers. * For each element in the SEQUENCE in input, description contains @@ -596,53 +575,49 @@ void get_sequence_of( const data_t *input, int tag, unsigned long n; unsigned int step = 0; - TEST_EQUAL( mbedtls_asn1_get_sequence_of( &p, input->x + input->len, - &head, tag ), - expected_result ); - if( expected_result == 0 ) - { - TEST_ASSERT( p == input->x + input->len ); - - if( ! *rest ) - { - TEST_EQUAL( head.buf.tag, 0 ); - TEST_ASSERT( head.buf.p == NULL ); - TEST_EQUAL( head.buf.len, 0 ); - TEST_ASSERT( head.next == NULL ); - } - else - { + TEST_EQUAL(mbedtls_asn1_get_sequence_of(&p, input->x + input->len, + &head, tag), + expected_result); + if (expected_result == 0) { + TEST_ASSERT(p == input->x + input->len); + + if (!*rest) { + TEST_EQUAL(head.buf.tag, 0); + TEST_ASSERT(head.buf.p == NULL); + TEST_EQUAL(head.buf.len, 0); + TEST_ASSERT(head.next == NULL); + } else { cur = &head; - while( *rest ) - { - mbedtls_test_set_step( step ); - TEST_ASSERT( cur != NULL ); - TEST_EQUAL( cur->buf.tag, tag ); - n = strtoul( rest, (char **) &rest, 0 ); - TEST_EQUAL( n, (size_t)( cur->buf.p - input->x ) ); + while (*rest) { + mbedtls_test_set_step(step); + TEST_ASSERT(cur != NULL); + TEST_EQUAL(cur->buf.tag, tag); + n = strtoul(rest, (char **) &rest, 0); + TEST_EQUAL(n, (size_t) (cur->buf.p - input->x)); ++rest; - n = strtoul( rest, (char **) &rest, 0 ); - TEST_EQUAL( n, cur->buf.len ); - if( *rest ) + n = strtoul(rest, (char **) &rest, 0); + TEST_EQUAL(n, cur->buf.len); + if (*rest) { ++rest; + } cur = cur->next; ++step; } - TEST_ASSERT( cur == NULL ); + TEST_ASSERT(cur == NULL); } } exit: - mbedtls_asn1_sequence_free( head.next ); + mbedtls_asn1_sequence_free(head.next); } /* END_CASE */ /* BEGIN_CASE */ -void traverse_sequence_of( const data_t *input, - int tag_must_mask, int tag_must_val, - int tag_may_mask, int tag_may_val, - const char *description, - int expected_result ) +void traverse_sequence_of(const data_t *input, + int tag_must_mask, int tag_must_val, + int tag_may_mask, int tag_may_val, + const char *description, + int expected_result) { /* The description string is a comma-separated list of integers. * For each element in the SEQUENCE in input, description contains @@ -652,144 +627,148 @@ void traverse_sequence_of( const data_t *input, * "offset1,tag1,length1,..." */ unsigned char *p = input->x; - traverse_state_t traverse_state = {input->x, description}; + traverse_state_t traverse_state = { input->x, description }; int ret; - ret = mbedtls_asn1_traverse_sequence_of( &p, input->x + input->len, - (uint8_t) tag_must_mask, (uint8_t) tag_must_val, - (uint8_t) tag_may_mask, (uint8_t) tag_may_val, - traverse_callback, &traverse_state ); - if( ret == RET_TRAVERSE_ERROR ) + ret = mbedtls_asn1_traverse_sequence_of(&p, input->x + input->len, + (uint8_t) tag_must_mask, (uint8_t) tag_must_val, + (uint8_t) tag_may_mask, (uint8_t) tag_may_val, + traverse_callback, &traverse_state); + if (ret == RET_TRAVERSE_ERROR) { goto exit; - TEST_EQUAL( ret, expected_result ); - TEST_EQUAL( *traverse_state.description, 0 ); + } + TEST_EQUAL(ret, expected_result); + TEST_EQUAL(*traverse_state.description, 0); } /* END_CASE */ /* BEGIN_CASE */ -void get_alg( const data_t *input, - int oid_offset, int oid_length, - int params_tag, int params_offset, int params_length, - int total_length, - int expected_result ) +void get_alg(const data_t *input, + int oid_offset, int oid_length, + int params_tag, int params_offset, int params_length, + int total_length, + int expected_result) { mbedtls_asn1_buf oid = { -1, 0, NULL }; mbedtls_asn1_buf params = { -1, 0, NULL }; unsigned char *p = input->x; int ret; - TEST_EQUAL( mbedtls_asn1_get_alg( &p, input->x + input->len, - &oid, ¶ms ), - expected_result ); - if( expected_result == 0 ) - { - TEST_EQUAL( oid.tag, MBEDTLS_ASN1_OID ); - TEST_EQUAL( oid.p - input->x, oid_offset ); - TEST_EQUAL( oid.len, (size_t) oid_length ); - TEST_EQUAL( params.tag, params_tag ); - if( params_offset != 0 ) - TEST_EQUAL( params.p - input->x, params_offset ); - else - TEST_ASSERT( params.p == NULL ); - TEST_EQUAL( params.len, (size_t) params_length ); - TEST_EQUAL( p - input->x, total_length ); + TEST_EQUAL(mbedtls_asn1_get_alg(&p, input->x + input->len, + &oid, ¶ms), + expected_result); + if (expected_result == 0) { + TEST_EQUAL(oid.tag, MBEDTLS_ASN1_OID); + TEST_EQUAL(oid.p - input->x, oid_offset); + TEST_EQUAL(oid.len, (size_t) oid_length); + TEST_EQUAL(params.tag, params_tag); + if (params_offset != 0) { + TEST_EQUAL(params.p - input->x, params_offset); + } else { + TEST_ASSERT(params.p == NULL); + } + TEST_EQUAL(params.len, (size_t) params_length); + TEST_EQUAL(p - input->x, total_length); } - ret = mbedtls_asn1_get_alg_null( &p, input->x + input->len, &oid ); - if( expected_result == 0 && params_offset == 0 ) - { - TEST_EQUAL( oid.tag, MBEDTLS_ASN1_OID ); - TEST_EQUAL( oid.p - input->x, oid_offset ); - TEST_EQUAL( oid.len, (size_t) oid_length ); - TEST_EQUAL( p - input->x, total_length ); + ret = mbedtls_asn1_get_alg_null(&p, input->x + input->len, &oid); + if (expected_result == 0 && params_offset == 0) { + TEST_EQUAL(oid.tag, MBEDTLS_ASN1_OID); + TEST_EQUAL(oid.p - input->x, oid_offset); + TEST_EQUAL(oid.len, (size_t) oid_length); + TEST_EQUAL(p - input->x, total_length); + } else { + TEST_ASSERT(ret != 0); } - else - TEST_ASSERT( ret != 0 ); } /* END_CASE */ /* BEGIN_CASE */ -void find_named_data( data_t *oid0, data_t *oid1, data_t *oid2, data_t *oid3, - data_t *needle, int from, int position ) +void find_named_data(data_t *oid0, data_t *oid1, data_t *oid2, data_t *oid3, + data_t *needle, int from, int position) { - mbedtls_asn1_named_data nd[] ={ - { {0x06, oid0->len, oid0->x}, {0, 0, NULL}, NULL, 0 }, - { {0x06, oid1->len, oid1->x}, {0, 0, NULL}, NULL, 0 }, - { {0x06, oid2->len, oid2->x}, {0, 0, NULL}, NULL, 0 }, - { {0x06, oid3->len, oid3->x}, {0, 0, NULL}, NULL, 0 }, + mbedtls_asn1_named_data nd[] = { + { { 0x06, oid0->len, oid0->x }, { 0, 0, NULL }, NULL, 0 }, + { { 0x06, oid1->len, oid1->x }, { 0, 0, NULL }, NULL, 0 }, + { { 0x06, oid2->len, oid2->x }, { 0, 0, NULL }, NULL, 0 }, + { { 0x06, oid3->len, oid3->x }, { 0, 0, NULL }, NULL, 0 }, }; - mbedtls_asn1_named_data *pointers[ARRAY_LENGTH( nd ) + 1]; + mbedtls_asn1_named_data *pointers[ARRAY_LENGTH(nd) + 1]; size_t i; mbedtls_asn1_named_data *found; - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + for (i = 0; i < ARRAY_LENGTH(nd); i++) { pointers[i] = &nd[i]; - pointers[ARRAY_LENGTH( nd )] = NULL; - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + } + pointers[ARRAY_LENGTH(nd)] = NULL; + for (i = 0; i < ARRAY_LENGTH(nd); i++) { nd[i].next = pointers[i+1]; + } - found = mbedtls_asn1_find_named_data( pointers[from], - (const char *) needle->x, - needle->len ); - TEST_ASSERT( found == pointers[position] ); + found = mbedtls_asn1_find_named_data(pointers[from], + (const char *) needle->x, + needle->len); + TEST_ASSERT(found == pointers[position]); } /* END_CASE */ /* BEGIN_CASE */ -void free_named_data_null( ) +void free_named_data_null() { - mbedtls_asn1_free_named_data( NULL ); + mbedtls_asn1_free_named_data(NULL); goto exit; /* Silence unused label warning */ } /* END_CASE */ /* BEGIN_CASE */ -void free_named_data( int with_oid, int with_val, int with_next ) +void free_named_data(int with_oid, int with_val, int with_next) { mbedtls_asn1_named_data next = - { {0x06, 0, NULL}, {0, 0xcafe, NULL}, NULL, 0 }; + { { 0x06, 0, NULL }, { 0, 0xcafe, NULL }, NULL, 0 }; mbedtls_asn1_named_data head = - { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }; + { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 }; - if( with_oid ) - ASSERT_ALLOC( head.oid.p, 1 ); - if( with_val ) - ASSERT_ALLOC( head.val.p, 1 ); - if( with_next ) + if (with_oid) { + ASSERT_ALLOC(head.oid.p, 1); + } + if (with_val) { + ASSERT_ALLOC(head.val.p, 1); + } + if (with_next) { head.next = &next; + } - mbedtls_asn1_free_named_data( &head ); - TEST_ASSERT( head.oid.p == NULL ); - TEST_ASSERT( head.val.p == NULL ); - TEST_ASSERT( head.next == NULL ); - TEST_ASSERT( next.val.len == 0xcafe ); + mbedtls_asn1_free_named_data(&head); + TEST_ASSERT(head.oid.p == NULL); + TEST_ASSERT(head.val.p == NULL); + TEST_ASSERT(head.next == NULL); + TEST_ASSERT(next.val.len == 0xcafe); exit: - mbedtls_free( head.oid.p ); - mbedtls_free( head.val.p ); + mbedtls_free(head.oid.p); + mbedtls_free(head.val.p); } /* END_CASE */ /* BEGIN_CASE */ -void free_named_data_list( int length ) +void free_named_data_list(int length) { mbedtls_asn1_named_data *head = NULL; int i; - for( i = 0; i < length; i++ ) - { + for (i = 0; i < length; i++) { mbedtls_asn1_named_data *new = NULL; - ASSERT_ALLOC( new, 1 ); + ASSERT_ALLOC(new, 1); new->next = head; head = new; } - mbedtls_asn1_free_named_data_list( &head ); - TEST_ASSERT( head == NULL ); + mbedtls_asn1_free_named_data_list(&head); + TEST_ASSERT(head == NULL); /* Most of the point of the test is that it doesn't leak memory. * So this test is only really useful under a memory leak detection * framework. */ exit: - mbedtls_asn1_free_named_data_list( &head ); + mbedtls_asn1_free_named_data_list(&head); } /* END_CASE */ diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function index 5aa4cbe07426..06b9edf65ff2 100644 --- a/tests/suites/test_suite_asn1write.function +++ b/tests/suites/test_suite_asn1write.function @@ -4,8 +4,7 @@ #define GUARD_LEN 4 #define GUARD_VAL 0x2a -typedef struct -{ +typedef struct { unsigned char *output; unsigned char *start; unsigned char *end; @@ -13,41 +12,38 @@ typedef struct size_t size; } generic_write_data_t; -int generic_write_start_step( generic_write_data_t *data ) +int generic_write_start_step(generic_write_data_t *data) { - mbedtls_test_set_step( data->size ); - mbedtls_free( data->output ); + mbedtls_test_set_step(data->size); + mbedtls_free(data->output); data->output = NULL; - ASSERT_ALLOC( data->output, data->size == 0 ? 1 : data->size ); + ASSERT_ALLOC(data->output, data->size == 0 ? 1 : data->size); data->end = data->output + data->size; data->p = data->end; data->start = data->end - data->size; - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } -int generic_write_finish_step( generic_write_data_t *data, - const data_t *expected, int ret ) +int generic_write_finish_step(generic_write_data_t *data, + const data_t *expected, int ret) { int ok = 0; - if( data->size < expected->len ) - { - TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - } - else - { - TEST_EQUAL( ret, data->end - data->p ); - TEST_ASSERT( data->p >= data->start ); - TEST_ASSERT( data->p <= data->end ); - ASSERT_COMPARE( data->p, (size_t)( data->end - data->p ), - expected->x, expected->len ); + if (data->size < expected->len) { + TEST_EQUAL(ret, MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); + } else { + TEST_EQUAL(ret, data->end - data->p); + TEST_ASSERT(data->p >= data->start); + TEST_ASSERT(data->p <= data->end); + ASSERT_COMPARE(data->p, (size_t) (data->end - data->p), + expected->x, expected->len); } ok = 1; exit: - return( ok ); + return ok; } /* END_HEADER */ @@ -58,206 +54,209 @@ exit: */ /* BEGIN_CASE */ -void mbedtls_asn1_write_null( data_t *expected ) +void mbedtls_asn1_write_null(data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - for( data.size = 0; data.size <= expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - ret = mbedtls_asn1_write_null( &data.p, data.start ); - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + ret = mbedtls_asn1_write_null(&data.p, data.start); + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } /* There's no parsing function for NULL. */ } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_asn1_write_bool( int val, data_t *expected ) +void mbedtls_asn1_write_bool(int val, data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - for( data.size = 0; data.size <= expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - ret = mbedtls_asn1_write_bool( &data.p, data.start, val ); - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + ret = mbedtls_asn1_write_bool(&data.p, data.start, val); + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } #if defined(MBEDTLS_ASN1_PARSE_C) - if( ret >= 0 ) - { + if (ret >= 0) { int read = 0xdeadbeef; - TEST_EQUAL( mbedtls_asn1_get_bool( &data.p, data.end, &read ), 0 ); - TEST_EQUAL( val, read ); + TEST_EQUAL(mbedtls_asn1_get_bool(&data.p, data.end, &read), 0); + TEST_EQUAL(val, read); } #endif /* MBEDTLS_ASN1_PARSE_C */ } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_asn1_write_int( int val, data_t *expected ) +void mbedtls_asn1_write_int(int val, data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - for( data.size = 0; data.size <= expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - ret = mbedtls_asn1_write_int( &data.p, data.start, val ); - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + ret = mbedtls_asn1_write_int(&data.p, data.start, val); + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } #if defined(MBEDTLS_ASN1_PARSE_C) - if( ret >= 0 ) - { + if (ret >= 0) { int read = 0xdeadbeef; - TEST_EQUAL( mbedtls_asn1_get_int( &data.p, data.end, &read ), 0 ); - TEST_EQUAL( val, read ); + TEST_EQUAL(mbedtls_asn1_get_int(&data.p, data.end, &read), 0); + TEST_EQUAL(val, read); } #endif /* MBEDTLS_ASN1_PARSE_C */ } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_asn1_write_enum( int val, data_t *expected ) +void mbedtls_asn1_write_enum(int val, data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - for( data.size = 0; data.size <= expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - ret = mbedtls_asn1_write_enum( &data.p, data.start, val ); - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + ret = mbedtls_asn1_write_enum(&data.p, data.start, val); + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } #if defined(MBEDTLS_ASN1_PARSE_C) - if( ret >= 0 ) - { + if (ret >= 0) { int read = 0xdeadbeef; - TEST_EQUAL( mbedtls_asn1_get_enum( &data.p, data.end, &read ), 0 ); - TEST_EQUAL( val, read ); + TEST_EQUAL(mbedtls_asn1_get_enum(&data.p, data.end, &read), 0); + TEST_EQUAL(val, read); } #endif /* MBEDTLS_ASN1_PARSE_C */ } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ -void mbedtls_asn1_write_mpi( data_t *val, data_t *expected ) +void mbedtls_asn1_write_mpi(data_t *val, data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; mbedtls_mpi mpi, read; int ret; - mbedtls_mpi_init( &mpi ); - mbedtls_mpi_init( &read ); - TEST_ASSERT( mbedtls_mpi_read_binary( &mpi, val->x, val->len ) == 0 ); + mbedtls_mpi_init(&mpi); + mbedtls_mpi_init(&read); + TEST_ASSERT(mbedtls_mpi_read_binary(&mpi, val->x, val->len) == 0); - for( data.size = 0; data.size <= expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - ret = mbedtls_asn1_write_mpi( &data.p, data.start, &mpi ); - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + ret = mbedtls_asn1_write_mpi(&data.p, data.start, &mpi); + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } #if defined(MBEDTLS_ASN1_PARSE_C) - if( ret >= 0 ) - { - TEST_EQUAL( mbedtls_asn1_get_mpi( &data.p, data.end, &read ), 0 ); - TEST_EQUAL( 0, mbedtls_mpi_cmp_mpi( &mpi, &read ) ); + if (ret >= 0) { + TEST_EQUAL(mbedtls_asn1_get_mpi(&data.p, data.end, &read), 0); + TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(&mpi, &read)); } #endif /* MBEDTLS_ASN1_PARSE_C */ /* Skip some intermediate lengths, they're boring. */ - if( expected->len > 10 && data.size == 8 ) + if (expected->len > 10 && data.size == 8) { data.size = expected->len - 2; + } } exit: - mbedtls_mpi_free( &mpi ); - mbedtls_mpi_free( &read ); - mbedtls_free( data.output ); + mbedtls_mpi_free(&mpi); + mbedtls_mpi_free(&read); + mbedtls_free(data.output); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_asn1_write_string( int tag, data_t *content, data_t *expected ) +void mbedtls_asn1_write_string(int tag, data_t *content, data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - for( data.size = 0; data.size <= expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - switch( tag ) - { + } + switch (tag) { case MBEDTLS_ASN1_OCTET_STRING: ret = mbedtls_asn1_write_octet_string( - &data.p, data.start, content->x, content->len ); + &data.p, data.start, content->x, content->len); break; case MBEDTLS_ASN1_OID: ret = mbedtls_asn1_write_oid( &data.p, data.start, - (const char *) content->x, content->len ); + (const char *) content->x, content->len); break; case MBEDTLS_ASN1_UTF8_STRING: ret = mbedtls_asn1_write_utf8_string( &data.p, data.start, - (const char *) content->x, content->len ); + (const char *) content->x, content->len); break; case MBEDTLS_ASN1_PRINTABLE_STRING: ret = mbedtls_asn1_write_printable_string( &data.p, data.start, - (const char *) content->x, content->len ); + (const char *) content->x, content->len); break; case MBEDTLS_ASN1_IA5_STRING: ret = mbedtls_asn1_write_ia5_string( &data.p, data.start, - (const char *) content->x, content->len ); + (const char *) content->x, content->len); break; default: ret = mbedtls_asn1_write_tagged_string( &data.p, data.start, tag, - (const char *) content->x, content->len ); + (const char *) content->x, content->len); } - if( ! generic_write_finish_step( &data, expected, ret ) ) + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } /* There's no parsing function for octet or character strings. */ /* Skip some intermediate lengths, they're boring. */ - if( expected->len > 10 && data.size == 8 ) + if (expected->len > 10 && data.size == 8) { data.size = expected->len - 2; + } } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_asn1_write_algorithm_identifier( data_t *oid, - int par_len, - data_t *expected ) +void mbedtls_asn1_write_algorithm_identifier(data_t *oid, + int par_len, + data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; @@ -265,29 +264,30 @@ void mbedtls_asn1_write_algorithm_identifier( data_t *oid, unsigned char *buf_complete = NULL; #endif /* MBEDTLS_ASN1_PARSE_C */ - for( data.size = 0; data.size <= expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; + } ret = mbedtls_asn1_write_algorithm_identifier( &data.p, data.start, - (const char *) oid->x, oid->len, par_len ); + (const char *) oid->x, oid->len, par_len); /* If params_len != 0, mbedtls_asn1_write_algorithm_identifier() * assumes that the parameters are already present in the buffer * and returns a length that accounts for this, but our test * data omits the parameters. */ - if( ret >= 0 ) + if (ret >= 0) { ret -= par_len; - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } #if defined(MBEDTLS_ASN1_PARSE_C) /* Only do a parse-back test if the parameters aren't too large for * a small-heap environment. The boundary is somewhat arbitrary. */ - if( ret >= 0 && par_len <= 1234 ) - { - mbedtls_asn1_buf alg = {0, 0, NULL}; - mbedtls_asn1_buf params = {0, 0, NULL}; + if (ret >= 0 && par_len <= 1234) { + mbedtls_asn1_buf alg = { 0, 0, NULL }; + mbedtls_asn1_buf params = { 0, 0, NULL }; /* The writing function doesn't write the parameters unless * they're null: it only takes their length as input. But the * parsing function requires the parameters to be present. @@ -296,59 +296,52 @@ void mbedtls_asn1_write_algorithm_identifier( data_t *oid, size_t len_complete = data_len + par_len; unsigned char expected_params_tag; size_t expected_params_len; - ASSERT_ALLOC( buf_complete, len_complete ); + ASSERT_ALLOC(buf_complete, len_complete); unsigned char *end_complete = buf_complete + len_complete; - memcpy( buf_complete, data.p, data_len ); - if( par_len == 0 ) - { + memcpy(buf_complete, data.p, data_len); + if (par_len == 0) { /* mbedtls_asn1_write_algorithm_identifier() wrote a NULL */ expected_params_tag = 0x05; expected_params_len = 0; - } - else if( par_len >= 2 && par_len < 2 + 128 ) - { + } else if (par_len >= 2 && par_len < 2 + 128) { /* Write an OCTET STRING with a short length encoding */ expected_params_tag = buf_complete[data_len] = 0x04; expected_params_len = par_len - 2; buf_complete[data_len + 1] = (unsigned char) expected_params_len; - } - else if( par_len >= 4 + 128 && par_len < 3 + 256 * 256 ) - { + } else if (par_len >= 4 + 128 && par_len < 3 + 256 * 256) { /* Write an OCTET STRING with a two-byte length encoding */ expected_params_tag = buf_complete[data_len] = 0x04; expected_params_len = par_len - 4; buf_complete[data_len + 1] = 0x82; - buf_complete[data_len + 2] = (unsigned char) ( expected_params_len >> 8 ); - buf_complete[data_len + 3] = (unsigned char) ( expected_params_len ); - } - else - { - TEST_ASSERT( ! "Bad test data: invalid length of ASN.1 element" ); + buf_complete[data_len + 2] = (unsigned char) (expected_params_len >> 8); + buf_complete[data_len + 3] = (unsigned char) (expected_params_len); + } else { + TEST_ASSERT(!"Bad test data: invalid length of ASN.1 element"); } unsigned char *p = buf_complete; - TEST_EQUAL( mbedtls_asn1_get_alg( &p, end_complete, - &alg, ¶ms ), 0 ); - TEST_EQUAL( alg.tag, MBEDTLS_ASN1_OID ); - ASSERT_COMPARE( alg.p, alg.len, oid->x, oid->len ); - TEST_EQUAL( params.tag, expected_params_tag ); - TEST_EQUAL( params.len, expected_params_len ); - mbedtls_free( buf_complete ); + TEST_EQUAL(mbedtls_asn1_get_alg(&p, end_complete, + &alg, ¶ms), 0); + TEST_EQUAL(alg.tag, MBEDTLS_ASN1_OID); + ASSERT_COMPARE(alg.p, alg.len, oid->x, oid->len); + TEST_EQUAL(params.tag, expected_params_tag); + TEST_EQUAL(params.len, expected_params_len); + mbedtls_free(buf_complete); buf_complete = NULL; } #endif /* MBEDTLS_ASN1_PARSE_C */ } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); #if defined(MBEDTLS_ASN1_PARSE_C) - mbedtls_free( buf_complete ); + mbedtls_free(buf_complete); #endif /* MBEDTLS_ASN1_PARSE_C */ } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ -void mbedtls_asn1_write_len( int len, data_t * asn1, int buf_len, - int result ) +void mbedtls_asn1_write_len(int len, data_t *asn1, int buf_len, + int result) { int ret; unsigned char buf[150]; @@ -356,260 +349,253 @@ void mbedtls_asn1_write_len( int len, data_t * asn1, int buf_len, size_t i; size_t read_len; - memset( buf, GUARD_VAL, sizeof( buf ) ); + memset(buf, GUARD_VAL, sizeof(buf)); p = buf + GUARD_LEN + buf_len; - ret = mbedtls_asn1_write_len( &p, buf + GUARD_LEN, (size_t) len ); + ret = mbedtls_asn1_write_len(&p, buf + GUARD_LEN, (size_t) len); - TEST_ASSERT( ret == result ); + TEST_ASSERT(ret == result); /* Check for buffer overwrite on both sides */ - for( i = 0; i < GUARD_LEN; i++ ) - { - TEST_ASSERT( buf[i] == GUARD_VAL ); - TEST_ASSERT( buf[GUARD_LEN + buf_len + i] == GUARD_VAL ); + for (i = 0; i < GUARD_LEN; i++) { + TEST_ASSERT(buf[i] == GUARD_VAL); + TEST_ASSERT(buf[GUARD_LEN + buf_len + i] == GUARD_VAL); } - if( result >= 0 ) - { - TEST_ASSERT( p + asn1->len == buf + GUARD_LEN + buf_len ); + if (result >= 0) { + TEST_ASSERT(p + asn1->len == buf + GUARD_LEN + buf_len); - TEST_ASSERT( memcmp( p, asn1->x, asn1->len ) == 0 ); + TEST_ASSERT(memcmp(p, asn1->x, asn1->len) == 0); /* Read back with mbedtls_asn1_get_len() to check */ - ret = mbedtls_asn1_get_len( &p, buf + GUARD_LEN + buf_len, &read_len ); + ret = mbedtls_asn1_get_len(&p, buf + GUARD_LEN + buf_len, &read_len); - if( len == 0 ) - { - TEST_ASSERT( ret == 0 ); - } - else - { + if (len == 0) { + TEST_ASSERT(ret == 0); + } else { /* Return will be MBEDTLS_ERR_ASN1_OUT_OF_DATA because the rest of * the buffer is missing */ - TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_OUT_OF_DATA); } - TEST_ASSERT( read_len == (size_t) len ); - TEST_ASSERT( p == buf + GUARD_LEN + buf_len ); + TEST_ASSERT(read_len == (size_t) len); + TEST_ASSERT(p == buf + GUARD_LEN + buf_len); } } /* END_CASE */ /* BEGIN_CASE */ -void test_asn1_write_bitstrings( data_t *bitstring, int bits, - data_t *expected, int is_named ) +void test_asn1_write_bitstrings(data_t *bitstring, int bits, + data_t *expected, int is_named) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - int ( *func )( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t bits ) = - ( is_named ? mbedtls_asn1_write_named_bitstring : - mbedtls_asn1_write_bitstring ); + int (*func)(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t bits) = + (is_named ? mbedtls_asn1_write_named_bitstring : + mbedtls_asn1_write_bitstring); #if defined(MBEDTLS_ASN1_PARSE_C) unsigned char *masked_bitstring = NULL; #endif /* MBEDTLS_ASN1_PARSE_C */ /* The API expects `bitstring->x` to contain `bits` bits. */ - size_t byte_length = ( bits + 7 ) / 8; - TEST_ASSERT( bitstring->len >= byte_length ); + size_t byte_length = (bits + 7) / 8; + TEST_ASSERT(bitstring->len >= byte_length); #if defined(MBEDTLS_ASN1_PARSE_C) - ASSERT_ALLOC( masked_bitstring, byte_length ); - if( byte_length != 0 ) - { - memcpy( masked_bitstring, bitstring->x, byte_length ); - if( bits % 8 != 0 ) - masked_bitstring[byte_length - 1] &= ~( 0xff >> ( bits % 8 ) ); + ASSERT_ALLOC(masked_bitstring, byte_length); + if (byte_length != 0) { + memcpy(masked_bitstring, bitstring->x, byte_length); + if (bits % 8 != 0) { + masked_bitstring[byte_length - 1] &= ~(0xff >> (bits % 8)); + } } size_t value_bits = bits; - if( is_named ) - { + if (is_named) { /* In a named bit string, all trailing 0 bits are removed. */ - while( byte_length > 0 && masked_bitstring[byte_length - 1] == 0 ) + while (byte_length > 0 && masked_bitstring[byte_length - 1] == 0) { --byte_length; + } value_bits = 8 * byte_length; - if( byte_length > 0 ) - { + if (byte_length > 0) { unsigned char last_byte = masked_bitstring[byte_length - 1]; - for( unsigned b = 1; b < 0xff && ( last_byte & b ) == 0; b <<= 1 ) + for (unsigned b = 1; b < 0xff && (last_byte & b) == 0; b <<= 1) { --value_bits; + } } } #endif /* MBEDTLS_ASN1_PARSE_C */ - for( data.size = 0; data.size <= expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - ret = ( *func )( &data.p, data.start, bitstring->x, bits ); - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + ret = (*func)(&data.p, data.start, bitstring->x, bits); + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } #if defined(MBEDTLS_ASN1_PARSE_C) - if( ret >= 0 ) - { - mbedtls_asn1_bitstring read = {0, 0, NULL}; - TEST_EQUAL( mbedtls_asn1_get_bitstring( &data.p, data.end, - &read ), 0 ); - ASSERT_COMPARE( read.p, read.len, - masked_bitstring, byte_length ); - TEST_EQUAL( read.unused_bits, 8 * byte_length - value_bits ); + if (ret >= 0) { + mbedtls_asn1_bitstring read = { 0, 0, NULL }; + TEST_EQUAL(mbedtls_asn1_get_bitstring(&data.p, data.end, + &read), 0); + ASSERT_COMPARE(read.p, read.len, + masked_bitstring, byte_length); + TEST_EQUAL(read.unused_bits, 8 * byte_length - value_bits); } #endif /* MBEDTLS_ASN1_PARSE_C */ } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); #if defined(MBEDTLS_ASN1_PARSE_C) - mbedtls_free( masked_bitstring ); + mbedtls_free(masked_bitstring); #endif /* MBEDTLS_ASN1_PARSE_C */ } /* END_CASE */ /* BEGIN_CASE */ -void store_named_data_find( data_t *oid0, data_t *oid1, - data_t *oid2, data_t *oid3, - data_t *needle, int from, int position ) +void store_named_data_find(data_t *oid0, data_t *oid1, + data_t *oid2, data_t *oid3, + data_t *needle, int from, int position) { - data_t *oid[4] = {oid0, oid1, oid2, oid3}; - mbedtls_asn1_named_data nd[] ={ - { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }, - { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }, - { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }, - { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }, + data_t *oid[4] = { oid0, oid1, oid2, oid3 }; + mbedtls_asn1_named_data nd[] = { + { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 }, + { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 }, + { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 }, + { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 }, }; - mbedtls_asn1_named_data *pointers[ARRAY_LENGTH( nd ) + 1]; + mbedtls_asn1_named_data *pointers[ARRAY_LENGTH(nd) + 1]; size_t i; mbedtls_asn1_named_data *head = NULL; mbedtls_asn1_named_data *found = NULL; - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + for (i = 0; i < ARRAY_LENGTH(nd); i++) { pointers[i] = &nd[i]; - pointers[ARRAY_LENGTH( nd )] = NULL; - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) - { - ASSERT_ALLOC( nd[i].oid.p, oid[i]->len ); - memcpy( nd[i].oid.p, oid[i]->x, oid[i]->len ); + } + pointers[ARRAY_LENGTH(nd)] = NULL; + for (i = 0; i < ARRAY_LENGTH(nd); i++) { + ASSERT_ALLOC(nd[i].oid.p, oid[i]->len); + memcpy(nd[i].oid.p, oid[i]->x, oid[i]->len); nd[i].oid.len = oid[i]->len; nd[i].next = pointers[i+1]; } head = pointers[from]; - found = mbedtls_asn1_store_named_data( &head, - (const char *) needle->x, - needle->len, - NULL, 0 ); + found = mbedtls_asn1_store_named_data(&head, + (const char *) needle->x, + needle->len, + NULL, 0); /* In any case, the existing list structure must be unchanged. */ - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) - TEST_ASSERT( nd[i].next == pointers[i+1] ); + for (i = 0; i < ARRAY_LENGTH(nd); i++) { + TEST_ASSERT(nd[i].next == pointers[i+1]); + } - if( position >= 0 ) - { + if (position >= 0) { /* position should have been found and modified. */ - TEST_ASSERT( head == pointers[from] ); - TEST_ASSERT( found == pointers[position] ); - } - else - { + TEST_ASSERT(head == pointers[from]); + TEST_ASSERT(found == pointers[position]); + } else { /* A new entry should have been created. */ - TEST_ASSERT( found == head ); - TEST_ASSERT( head->next == pointers[from] ); - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) - TEST_ASSERT( found != &nd[i] ); + TEST_ASSERT(found == head); + TEST_ASSERT(head->next == pointers[from]); + for (i = 0; i < ARRAY_LENGTH(nd); i++) { + TEST_ASSERT(found != &nd[i]); + } } exit: - if( found != NULL && found == head && found != pointers[from] ) - { - mbedtls_free( found->oid.p ); - mbedtls_free( found ); + if (found != NULL && found == head && found != pointers[from]) { + mbedtls_free(found->oid.p); + mbedtls_free(found); + } + for (i = 0; i < ARRAY_LENGTH(nd); i++) { + mbedtls_free(nd[i].oid.p); } - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) - mbedtls_free( nd[i].oid.p ); } /* END_CASE */ /* BEGIN_CASE */ -void store_named_data_val_found( int old_len, int new_len ) +void store_named_data_val_found(int old_len, int new_len) { mbedtls_asn1_named_data nd = - { {0x06, 3, (unsigned char *) "OID"}, {0, 0, NULL}, NULL, 0 }; + { { 0x06, 3, (unsigned char *) "OID" }, { 0, 0, NULL }, NULL, 0 }; mbedtls_asn1_named_data *head = &nd; mbedtls_asn1_named_data *found = NULL; unsigned char *old_val = NULL; unsigned char *new_val = (unsigned char *) "new value"; - if( old_len != 0 ) - { - ASSERT_ALLOC( nd.val.p, (size_t) old_len ); + if (old_len != 0) { + ASSERT_ALLOC(nd.val.p, (size_t) old_len); old_val = nd.val.p; nd.val.len = old_len; - memset( old_val, 'x', old_len ); + memset(old_val, 'x', old_len); } - if( new_len <= 0 ) - { - new_len = - new_len; + if (new_len <= 0) { + new_len = -new_len; new_val = NULL; } - found = mbedtls_asn1_store_named_data( &head, "OID", 3, - new_val, new_len ); - TEST_ASSERT( head == &nd ); - TEST_ASSERT( found == head ); - - if( new_val != NULL) - ASSERT_COMPARE( found->val.p, found->val.len, - new_val, (size_t) new_len ); - if( new_len == 0) - TEST_ASSERT( found->val.p == NULL ); - else if( new_len == old_len ) - TEST_ASSERT( found->val.p == old_val ); - else - TEST_ASSERT( found->val.p != old_val ); + found = mbedtls_asn1_store_named_data(&head, "OID", 3, + new_val, new_len); + TEST_ASSERT(head == &nd); + TEST_ASSERT(found == head); + + if (new_val != NULL) { + ASSERT_COMPARE(found->val.p, found->val.len, + new_val, (size_t) new_len); + } + if (new_len == 0) { + TEST_ASSERT(found->val.p == NULL); + } else if (new_len == old_len) { + TEST_ASSERT(found->val.p == old_val); + } else { + TEST_ASSERT(found->val.p != old_val); + } exit: - mbedtls_free( nd.val.p ); + mbedtls_free(nd.val.p); } /* END_CASE */ /* BEGIN_CASE */ -void store_named_data_val_new( int new_len, int set_new_val ) +void store_named_data_val_new(int new_len, int set_new_val) { mbedtls_asn1_named_data *head = NULL; mbedtls_asn1_named_data *found = NULL; const unsigned char *oid = (unsigned char *) "OID"; - size_t oid_len = strlen( (const char *) oid ); + size_t oid_len = strlen((const char *) oid); const unsigned char *new_val = (unsigned char *) "new value"; - if( set_new_val == 0 ) + if (set_new_val == 0) { new_val = NULL; + } - found = mbedtls_asn1_store_named_data( &head, - (const char *) oid, oid_len, - new_val, (size_t) new_len ); - TEST_ASSERT( found != NULL ); - TEST_ASSERT( found == head ); - TEST_ASSERT( found->oid.p != oid ); - ASSERT_COMPARE( found->oid.p, found->oid.len, oid, oid_len ); - if( new_len == 0 ) - TEST_ASSERT( found->val.p == NULL ); - else if( new_val == NULL ) - TEST_ASSERT( found->val.p != NULL ); - else - { - TEST_ASSERT( found->val.p != new_val ); - ASSERT_COMPARE( found->val.p, found->val.len, - new_val, (size_t) new_len ); + found = mbedtls_asn1_store_named_data(&head, + (const char *) oid, oid_len, + new_val, (size_t) new_len); + TEST_ASSERT(found != NULL); + TEST_ASSERT(found == head); + TEST_ASSERT(found->oid.p != oid); + ASSERT_COMPARE(found->oid.p, found->oid.len, oid, oid_len); + if (new_len == 0) { + TEST_ASSERT(found->val.p == NULL); + } else if (new_val == NULL) { + TEST_ASSERT(found->val.p != NULL); + } else { + TEST_ASSERT(found->val.p != new_val); + ASSERT_COMPARE(found->val.p, found->val.len, + new_val, (size_t) new_len); } exit: - if( found != NULL ) - { - mbedtls_free( found->oid.p ); - mbedtls_free( found->val.p ); + if (found != NULL) { + mbedtls_free(found->oid.p); + mbedtls_free(found->val.p); } - mbedtls_free( found ); + mbedtls_free(found); } /* END_CASE */ diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function index 7baa3d501c80..ce6bd42b7e8d 100644 --- a/tests/suites/test_suite_base64.function +++ b/tests/suites/test_suite_base64.function @@ -17,67 +17,66 @@ static const char base64_digits[] = */ /* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */ -void mask_of_range( int low_arg, int high_arg ) +void mask_of_range(int low_arg, int high_arg) { unsigned char low = low_arg, high = high_arg; unsigned c; - for( c = 0; c <= 0xff; c++ ) - { - mbedtls_test_set_step( c ); - TEST_CF_SECRET( &c, sizeof( c ) ); - unsigned char m = mbedtls_ct_uchar_mask_of_range( low, high, c ); - TEST_CF_PUBLIC( &c, sizeof( c ) ); - TEST_CF_PUBLIC( &m, sizeof( m ) ); - if( low <= c && c <= high ) - TEST_EQUAL( m, 0xff ); - else - TEST_EQUAL( m, 0 ); + for (c = 0; c <= 0xff; c++) { + mbedtls_test_set_step(c); + TEST_CF_SECRET(&c, sizeof(c)); + unsigned char m = mbedtls_ct_uchar_mask_of_range(low, high, c); + TEST_CF_PUBLIC(&c, sizeof(c)); + TEST_CF_PUBLIC(&m, sizeof(m)); + if (low <= c && c <= high) { + TEST_EQUAL(m, 0xff); + } else { + TEST_EQUAL(m, 0); + } } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */ -void enc_chars( ) +void enc_chars() { - for( unsigned value = 0; value < 64; value++ ) - { - mbedtls_test_set_step( value ); - TEST_CF_SECRET( &value, sizeof( value ) ); - unsigned char digit = mbedtls_ct_base64_enc_char( value ); - TEST_CF_PUBLIC( &value, sizeof( value ) ); - TEST_CF_PUBLIC( &digit, sizeof( digit ) ); - TEST_EQUAL( digit, base64_digits[value] ); + for (unsigned value = 0; value < 64; value++) { + mbedtls_test_set_step(value); + TEST_CF_SECRET(&value, sizeof(value)); + unsigned char digit = mbedtls_ct_base64_enc_char(value); + TEST_CF_PUBLIC(&value, sizeof(value)); + TEST_CF_PUBLIC(&digit, sizeof(digit)); + TEST_EQUAL(digit, base64_digits[value]); } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */ -void dec_chars( ) +void dec_chars() { char *p; signed char expected; - for( unsigned c = 0; c <= 0xff; c++ ) - { - mbedtls_test_set_step( c ); + for (unsigned c = 0; c <= 0xff; c++) { + mbedtls_test_set_step(c); /* base64_digits is 0-terminated. sizeof()-1 excludes the trailing 0. */ - p = memchr( base64_digits, c, sizeof( base64_digits ) - 1 ); - if( p == NULL ) + p = memchr(base64_digits, c, sizeof(base64_digits) - 1); + if (p == NULL) { expected = -1; - else + } else { expected = p - base64_digits; - TEST_CF_SECRET( &c, sizeof( c ) ); - signed char actual = mbedtls_ct_base64_dec_value( c ); - TEST_CF_PUBLIC( &c, sizeof( c ) ); - TEST_CF_PUBLIC( &actual, sizeof( actual ) ); - TEST_EQUAL( actual, expected ); + } + TEST_CF_SECRET(&c, sizeof(c)); + signed char actual = mbedtls_ct_base64_dec_value(c); + TEST_CF_PUBLIC(&c, sizeof(c)); + TEST_CF_PUBLIC(&actual, sizeof(actual)); + TEST_EQUAL(actual, expected); } } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_base64_encode( char * src_string, char * dst_string, - int dst_buf_size, int result ) +void mbedtls_base64_encode(char *src_string, char *dst_string, + int dst_buf_size, int result) { unsigned char src_str[1000]; unsigned char dst_str[1000]; @@ -86,26 +85,25 @@ void mbedtls_base64_encode( char * src_string, char * dst_string, memset(src_str, 0x00, 1000); memset(dst_str, 0x00, 1000); - strncpy( (char *) src_str, src_string, sizeof(src_str) - 1 ); - src_len = strlen( (char *) src_str ); + strncpy((char *) src_str, src_string, sizeof(src_str) - 1); + src_len = strlen((char *) src_str); - TEST_CF_SECRET( src_str, sizeof( src_str ) ); - TEST_ASSERT( mbedtls_base64_encode( dst_str, dst_buf_size, &len, src_str, src_len) == result ); - TEST_CF_PUBLIC( src_str, sizeof( src_str ) ); + TEST_CF_SECRET(src_str, sizeof(src_str)); + TEST_ASSERT(mbedtls_base64_encode(dst_str, dst_buf_size, &len, src_str, src_len) == result); + TEST_CF_PUBLIC(src_str, sizeof(src_str)); /* dest_str will have had tainted data copied to it, prevent the TEST_ASSERT below from triggering CF failures by unmarking it. */ - TEST_CF_PUBLIC( dst_str, len ); + TEST_CF_PUBLIC(dst_str, len); - if( result == 0 ) - { - TEST_ASSERT( strcmp( (char *) dst_str, dst_string ) == 0 ); + if (result == 0) { + TEST_ASSERT(strcmp((char *) dst_str, dst_string) == 0); } } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_base64_decode( char * src_string, char * dst_string, int result ) +void mbedtls_base64_decode(char *src_string, char *dst_string, int result) { unsigned char src_str[1000]; unsigned char dst_str[1000]; @@ -115,77 +113,73 @@ void mbedtls_base64_decode( char * src_string, char * dst_string, int result ) memset(src_str, 0x00, 1000); memset(dst_str, 0x00, 1000); - strncpy( (char *) src_str, src_string, sizeof(src_str) - 1 ); - res = mbedtls_base64_decode( dst_str, sizeof( dst_str ), &len, src_str, strlen( (char *) src_str ) ); - TEST_ASSERT( res == result ); - if( result == 0 ) - { - TEST_ASSERT( strcmp( (char *) dst_str, dst_string ) == 0 ); + strncpy((char *) src_str, src_string, sizeof(src_str) - 1); + res = mbedtls_base64_decode(dst_str, sizeof(dst_str), &len, src_str, strlen((char *) src_str)); + TEST_ASSERT(res == result); + if (result == 0) { + TEST_ASSERT(strcmp((char *) dst_str, dst_string) == 0); } } /* END_CASE */ /* BEGIN_CASE */ -void base64_encode_hex( data_t * src, char * dst, int dst_buf_size, - int result ) +void base64_encode_hex(data_t *src, char *dst, int dst_buf_size, + int result) { unsigned char *res = NULL; size_t len; - res = mbedtls_test_zero_alloc( dst_buf_size ); + res = mbedtls_test_zero_alloc(dst_buf_size); - TEST_CF_SECRET( src->x, src->len ); - TEST_ASSERT( mbedtls_base64_encode( res, dst_buf_size, &len, src->x, src->len ) == result ); - TEST_CF_PUBLIC( src->x, src->len ); + TEST_CF_SECRET(src->x, src->len); + TEST_ASSERT(mbedtls_base64_encode(res, dst_buf_size, &len, src->x, src->len) == result); + TEST_CF_PUBLIC(src->x, src->len); /* res will have had tainted data copied to it, prevent the TEST_ASSERT below from triggering CF failures by unmarking it. */ - TEST_CF_PUBLIC( res, len ); + TEST_CF_PUBLIC(res, len); - if( result == 0 ) - { - TEST_ASSERT( len == strlen( dst ) ); - TEST_ASSERT( memcmp( dst, res, len ) == 0 ); + if (result == 0) { + TEST_ASSERT(len == strlen(dst)); + TEST_ASSERT(memcmp(dst, res, len) == 0); } exit: - mbedtls_free( res ); + mbedtls_free(res); } /* END_CASE */ /* BEGIN_CASE */ -void base64_decode_hex( char * src, data_t * dst, int dst_buf_size, - int result ) +void base64_decode_hex(char *src, data_t *dst, int dst_buf_size, + int result) { unsigned char *res = NULL; size_t len; - res = mbedtls_test_zero_alloc( dst_buf_size ); + res = mbedtls_test_zero_alloc(dst_buf_size); - TEST_ASSERT( mbedtls_base64_decode( res, dst_buf_size, &len, (unsigned char *) src, - strlen( src ) ) == result ); - if( result == 0 ) - { - TEST_ASSERT( len == dst->len ); - TEST_ASSERT( memcmp( dst->x, res, len ) == 0 ); + TEST_ASSERT(mbedtls_base64_decode(res, dst_buf_size, &len, (unsigned char *) src, + strlen(src)) == result); + if (result == 0) { + TEST_ASSERT(len == dst->len); + TEST_ASSERT(memcmp(dst->x, res, len) == 0); } exit: - mbedtls_free( res ); + mbedtls_free(res); } /* END_CASE */ /* BEGIN_CASE */ -void base64_decode_hex_src( data_t * src, char * dst_ref, int result ) +void base64_decode_hex_src(data_t *src, char *dst_ref, int result) { unsigned char dst[1000] = { 0 }; size_t len; - TEST_ASSERT( mbedtls_base64_decode( dst, sizeof( dst ), &len, src->x, src->len ) == result ); - if( result == 0 ) - { - TEST_ASSERT( len == strlen( dst_ref ) ); - TEST_ASSERT( memcmp( dst, dst_ref, len ) == 0 ); + TEST_ASSERT(mbedtls_base64_decode(dst, sizeof(dst), &len, src->x, src->len) == result); + if (result == 0) { + TEST_ASSERT(len == strlen(dst_ref)); + TEST_ASSERT(memcmp(dst, dst_ref, len) == 0); } exit: @@ -194,8 +188,8 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void base64_selftest( ) +void base64_selftest() { - TEST_ASSERT( mbedtls_base64_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_base64_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_bignum.function b/tests/suites/test_suite_bignum.function index 35952f02a783..9afebbaef9e1 100644 --- a/tests/suites/test_suite_bignum.function +++ b/tests/suites/test_suite_bignum.function @@ -9,28 +9,27 @@ /* Check the validity of the sign bit in an MPI object. Reject representations * that are not supported by the rest of the library and indicate a bug when * constructing the value. */ -static int sign_is_valid( const mbedtls_mpi *X ) +static int sign_is_valid(const mbedtls_mpi *X) { /* Only +1 and -1 are valid sign bits, not e.g. 0 */ - if( X->s != 1 && X->s != -1 ) - return( 0 ); + if (X->s != 1 && X->s != -1) { + return 0; + } /* The value 0 must be represented with the sign +1. A "negative zero" * with s=-1 is an invalid representation. Forbid that. As an exception, * we sometimes test the robustness of library functions when given * a negative zero input. If a test case has a negative zero as input, * we don't mind if the function has a negative zero output. */ - if( ! mbedtls_test_case_uses_negative_0 && - mbedtls_mpi_bitlen( X ) == 0 && X->s != 1 ) - { - return( 0 ); + if (!mbedtls_test_case_uses_negative_0 && + mbedtls_mpi_bitlen(X) == 0 && X->s != 1) { + return 0; } - return( 1 ); + return 1; } -typedef struct mbedtls_test_mpi_random -{ +typedef struct mbedtls_test_mpi_random { data_t *data; size_t pos; size_t chunk_len; @@ -42,49 +41,49 @@ typedef struct mbedtls_test_mpi_random * test) are stored in the data member of the state structure. Each number is in * the format that mbedtls_mpi_read_string understands and is chunk_len long. */ -int mbedtls_test_mpi_miller_rabin_determinizer( void* state, - unsigned char* buf, - size_t len ) +int mbedtls_test_mpi_miller_rabin_determinizer(void *state, + unsigned char *buf, + size_t len) { - mbedtls_test_mpi_random *random = (mbedtls_test_mpi_random*) state; + mbedtls_test_mpi_random *random = (mbedtls_test_mpi_random *) state; - if( random == NULL || random->data->x == NULL || buf == NULL ) - return( -1 ); + if (random == NULL || random->data->x == NULL || buf == NULL) { + return -1; + } - if( random->pos + random->chunk_len > random->data->len - || random->chunk_len > len ) - { - return( -1 ); + if (random->pos + random->chunk_len > random->data->len + || random->chunk_len > len) { + return -1; } - memset( buf, 0, len ); + memset(buf, 0, len); /* The witness is written to the end of the buffer, since the buffer is * used as big endian, unsigned binary data in mbedtls_mpi_read_binary. * Writing the witness to the start of the buffer would result in the * buffer being 'witness 000...000', which would be treated as * witness * 2^n for some n. */ - memcpy( buf + len - random->chunk_len, &random->data->x[random->pos], - random->chunk_len ); + memcpy(buf + len - random->chunk_len, &random->data->x[random->pos], + random->chunk_len); random->pos += random->chunk_len; - return( 0 ); + return 0; } /* Random generator that is told how many bytes to return. */ -static int f_rng_bytes_left( void *state, unsigned char *buf, size_t len ) +static int f_rng_bytes_left(void *state, unsigned char *buf, size_t len) { size_t *bytes_left = state; size_t i; - for( i = 0; i < len; i++ ) - { - if( *bytes_left == 0 ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + for (i = 0; i < len; i++) { + if (*bytes_left == 0) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } buf[i] = *bytes_left & 0xff; - --( *bytes_left ); + --(*bytes_left); } - return( 0 ); + return 0; } /* Test whether bytes represents (in big-endian base 256) a number b that @@ -98,37 +97,39 @@ static int f_rng_bytes_left( void *state, unsigned char *buf, size_t len ) * number is above some threshold A. The threshold value is heuristic and * based on the needs of mpi_random_many(). */ -static int is_significantly_above_a_power_of_2( data_t *bytes ) +static int is_significantly_above_a_power_of_2(data_t *bytes) { const uint8_t *p = bytes->x; size_t len = bytes->len; unsigned x; /* Skip leading null bytes */ - while( len > 0 && p[0] == 0 ) - { + while (len > 0 && p[0] == 0) { ++p; --len; } /* 0 is not significantly above a power of 2 */ - if( len == 0 ) - return( 0 ); + if (len == 0) { + return 0; + } /* Extract the (up to) 2 most significant bytes */ - if( len == 1 ) + if (len == 1) { x = p[0]; - else - x = ( p[0] << 8 ) | p[1]; + } else { + x = (p[0] << 8) | p[1]; + } /* Shift the most significant bit of x to position 8 and mask it out */ - while( ( x & 0xfe00 ) != 0 ) + while ((x & 0xfe00) != 0) { x >>= 1; + } x &= 0x00ff; /* At this point, x = floor((b - 2^n) / 2^(n-8)). b is significantly above * a power of 2 iff x is significantly above 0 compared to 2^8. * Testing x >= 2^4 amounts to picking A = 1/16 in the function * description above. */ - return( x >= 0x10 ); + return x >= 0x10; } /* END_HEADER */ @@ -139,14 +140,14 @@ static int is_significantly_above_a_power_of_2( data_t *bytes ) */ /* BEGIN_CASE */ -void mpi_valid_param( ) +void mpi_valid_param() { - TEST_VALID_PARAM( mbedtls_mpi_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_mpi_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void mpi_invalid_param( ) +void mpi_invalid_param() { mbedtls_mpi X; const char *s_in = "00101000101010"; @@ -156,197 +157,197 @@ void mpi_invalid_param( ) size_t olen; mbedtls_mpi_uint mpi_uint; - TEST_INVALID_PARAM( mbedtls_mpi_init( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_grow( NULL, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_copy( NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_copy( &X, NULL ) ); - - TEST_INVALID_PARAM( mbedtls_mpi_swap( NULL, &X ) ); - TEST_INVALID_PARAM( mbedtls_mpi_swap( &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_safe_cond_assign( NULL, &X, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_safe_cond_assign( &X, NULL, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_safe_cond_swap( NULL, &X, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_safe_cond_swap( &X, NULL, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_lset( NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_get_bit( NULL, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_set_bit( NULL, 42, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_string( NULL, 2, s_in ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_string( &X, 2, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_string( NULL, 2, - s_out, sizeof( s_out ), - &olen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_string( &X, 2, - NULL, sizeof( s_out ), - &olen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_string( &X, 2, - s_out, sizeof( s_out ), - NULL ) ); + TEST_INVALID_PARAM(mbedtls_mpi_init(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_grow(NULL, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_copy(NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_copy(&X, NULL)); + + TEST_INVALID_PARAM(mbedtls_mpi_swap(NULL, &X)); + TEST_INVALID_PARAM(mbedtls_mpi_swap(&X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_safe_cond_assign(NULL, &X, 0)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_safe_cond_assign(&X, NULL, 0)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_safe_cond_swap(NULL, &X, 0)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_safe_cond_swap(&X, NULL, 0)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_lset(NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_get_bit(NULL, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_set_bit(NULL, 42, 0)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_read_string(NULL, 2, s_in)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_read_string(&X, 2, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_write_string(NULL, 2, + s_out, sizeof(s_out), + &olen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_write_string(&X, 2, + NULL, sizeof(s_out), + &olen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_write_string(&X, 2, + s_out, sizeof(s_out), + NULL)); #if defined(MBEDTLS_FS_IO) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_file( NULL, 2, stdin ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_file( &X, 2, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_read_file(NULL, 2, stdin)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_read_file(&X, 2, NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_file( "", NULL, 2, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_write_file("", NULL, 2, NULL)); #endif /* MBEDTLS_FS_IO */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_binary( NULL, u_in, - sizeof( u_in ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_binary( &X, NULL, - sizeof( u_in ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_binary( NULL, u_out, - sizeof( u_out ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_binary( &X, NULL, - sizeof( u_out ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_shift_l( NULL, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_shift_r( NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_abs( NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_abs( &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_mpi( NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_mpi( &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_int( NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_abs( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_abs( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_abs( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_abs( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_abs( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_abs( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_mpi( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_mpi( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_mpi( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_mpi( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_mpi( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_mpi( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_int( NULL, &X, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_int( &X, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_int( NULL, &X, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_int( &X, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_mpi( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_mpi( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_mpi( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_int( NULL, &X, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_int( &X, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_div_mpi( &X, &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_div_mpi( &X, &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_div_int( &X, &X, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( 0, mbedtls_mpi_lsb( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_mpi( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_mpi( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_mpi( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_int( NULL, &X, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_int( &mpi_uint, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_exp_mod( NULL, &X, &X, &X, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_exp_mod( &X, NULL, &X, &X, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_exp_mod( &X, &X, NULL, &X, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_exp_mod( &X, &X, &X, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_fill_random( NULL, 42, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_fill_random( &X, 42, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_gcd( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_gcd( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_gcd( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_inv_mod( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_inv_mod( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_inv_mod( &X, &X, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_read_binary(NULL, u_in, + sizeof(u_in))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_read_binary(&X, NULL, + sizeof(u_in))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_write_binary(NULL, u_out, + sizeof(u_out))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_write_binary(&X, NULL, + sizeof(u_out))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_shift_l(NULL, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_shift_r(NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_cmp_abs(NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_cmp_abs(&X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_cmp_mpi(NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_cmp_mpi(&X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_cmp_int(NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_abs(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_abs(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_abs(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_abs(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_abs(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_abs(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_mpi(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_mpi(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_mpi(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_mpi(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_mpi(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_mpi(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_int(NULL, &X, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_int(&X, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_int(NULL, &X, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_int(&X, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mul_mpi(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mul_mpi(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mul_mpi(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mul_int(NULL, &X, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mul_int(&X, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_div_mpi(&X, &X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_div_mpi(&X, &X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_div_int(&X, &X, NULL, 42)); + + TEST_INVALID_PARAM_RET(0, mbedtls_mpi_lsb(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mod_mpi(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mod_mpi(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mod_mpi(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mod_int(NULL, &X, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mod_int(&mpi_uint, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_exp_mod(NULL, &X, &X, &X, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_exp_mod(&X, NULL, &X, &X, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_exp_mod(&X, &X, NULL, &X, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_exp_mod(&X, &X, &X, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_fill_random(NULL, 42, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_fill_random(&X, 42, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_gcd(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_gcd(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_gcd(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_inv_mod(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_inv_mod(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_inv_mod(&X, &X, NULL)); exit: return; @@ -354,158 +355,156 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mpi_null( ) +void mpi_null() { mbedtls_mpi X, Y, Z; - mbedtls_mpi_init( &X ); - mbedtls_mpi_init( &Y ); - mbedtls_mpi_init( &Z ); + mbedtls_mpi_init(&X); + mbedtls_mpi_init(&Y); + mbedtls_mpi_init(&Z); - TEST_ASSERT( mbedtls_mpi_get_bit( &X, 42 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lsb( &X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_size( &X ) == 0 ); + TEST_ASSERT(mbedtls_mpi_get_bit(&X, 42) == 0); + TEST_ASSERT(mbedtls_mpi_lsb(&X) == 0); + TEST_ASSERT(mbedtls_mpi_bitlen(&X) == 0); + TEST_ASSERT(mbedtls_mpi_size(&X) == 0); exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mpi_read_write_string( int radix_X, char * input_X, int radix_A, - char * input_A, int output_size, int result_read, - int result_write ) +void mpi_read_write_string(int radix_X, char *input_X, int radix_A, + char *input_A, int output_size, int result_read, + int result_write) { mbedtls_mpi X; char str[1000]; size_t len; - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - memset( str, '!', sizeof( str ) ); + memset(str, '!', sizeof(str)); - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == result_read ); - if( result_read == 0 ) - { - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, output_size, &len ) == result_write ); - if( result_write == 0 ) - { - TEST_ASSERT( strcasecmp( str, input_A ) == 0 ); - TEST_ASSERT( str[len] == '!' ); + TEST_ASSERT(mbedtls_mpi_read_string(&X, radix_X, input_X) == result_read); + if (result_read == 0) { + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_write_string(&X, radix_A, str, output_size, &len) == result_write); + if (result_write == 0) { + TEST_ASSERT(strcasecmp(str, input_A) == 0); + TEST_ASSERT(str[len] == '!'); } } exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_read_binary( data_t * buf, char * input_A ) +void mbedtls_mpi_read_binary(data_t *buf, char *input_A) { mbedtls_mpi X; char str[1000]; size_t len; - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - TEST_ASSERT( mbedtls_mpi_read_binary( &X, buf->x, buf->len ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_write_string( &X, 16, str, sizeof( str ), &len ) == 0 ); - TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&X, buf->x, buf->len) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_write_string(&X, 16, str, sizeof(str), &len) == 0); + TEST_ASSERT(strcmp((char *) str, input_A) == 0); exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_read_binary_le( data_t * buf, char * input_A ) +void mbedtls_mpi_read_binary_le(data_t *buf, char *input_A) { mbedtls_mpi X; char str[1000]; size_t len; - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, buf->x, buf->len ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_write_string( &X, 16, str, sizeof( str ), &len ) == 0 ); - TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary_le(&X, buf->x, buf->len) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_write_string(&X, 16, str, sizeof(str), &len) == 0); + TEST_ASSERT(strcmp((char *) str, input_A) == 0); exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_write_binary( char * input_X, data_t * input_A, - int output_size, int result ) +void mbedtls_mpi_write_binary(char *input_X, data_t *input_A, + int output_size, int result) { mbedtls_mpi X; unsigned char buf[1000]; size_t buflen; - memset( buf, 0x00, 1000 ); + memset(buf, 0x00, 1000); - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); - buflen = mbedtls_mpi_size( &X ); - if( buflen > (size_t) output_size ) + buflen = mbedtls_mpi_size(&X); + if (buflen > (size_t) output_size) { buflen = (size_t) output_size; + } - TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == result ); - if( result == 0) - { + TEST_ASSERT(mbedtls_mpi_write_binary(&X, buf, buflen) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x, - buflen, input_A->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x, + buflen, input_A->len) == 0); } exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_write_binary_le( char * input_X, data_t * input_A, - int output_size, int result ) +void mbedtls_mpi_write_binary_le(char *input_X, data_t *input_A, + int output_size, int result) { mbedtls_mpi X; unsigned char buf[1000]; size_t buflen; - memset( buf, 0x00, 1000 ); + memset(buf, 0x00, 1000); - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); - buflen = mbedtls_mpi_size( &X ); - if( buflen > (size_t) output_size ) + buflen = mbedtls_mpi_size(&X); + if (buflen > (size_t) output_size) { buflen = (size_t) output_size; + } - TEST_ASSERT( mbedtls_mpi_write_binary_le( &X, buf, buflen ) == result ); - if( result == 0) - { + TEST_ASSERT(mbedtls_mpi_write_binary_le(&X, buf, buflen) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x, - buflen, input_A->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x, + buflen, input_A->len) == 0); } exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void mbedtls_mpi_read_file( char * input_file, data_t * input_A, int result ) +void mbedtls_mpi_read_file(char *input_file, data_t *input_A, int result) { mbedtls_mpi X; unsigned char buf[1000]; @@ -513,678 +512,677 @@ void mbedtls_mpi_read_file( char * input_file, data_t * input_A, int result ) FILE *file; int ret; - memset( buf, 0x00, 1000 ); + memset(buf, 0x00, 1000); - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - file = fopen( input_file, "r" ); - TEST_ASSERT( file != NULL ); - ret = mbedtls_mpi_read_file( &X, 16, file ); + file = fopen(input_file, "r"); + TEST_ASSERT(file != NULL); + ret = mbedtls_mpi_read_file(&X, 16, file); fclose(file); - TEST_ASSERT( ret == result ); + TEST_ASSERT(ret == result); - if( result == 0 ) - { - TEST_ASSERT( sign_is_valid( &X ) ); - buflen = mbedtls_mpi_size( &X ); - TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == 0 ); + if (result == 0) { + TEST_ASSERT(sign_is_valid(&X)); + buflen = mbedtls_mpi_size(&X); + TEST_ASSERT(mbedtls_mpi_write_binary(&X, buf, buflen) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x, - buflen, input_A->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x, + buflen, input_A->len) == 0); } exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void mbedtls_mpi_write_file( char * input_X, char * output_file ) +void mbedtls_mpi_write_file(char *input_X, char *output_file) { mbedtls_mpi X, Y; FILE *file_out, *file_in; int ret; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); - file_out = fopen( output_file, "w" ); - TEST_ASSERT( file_out != NULL ); - ret = mbedtls_mpi_write_file( NULL, &X, 16, file_out ); + file_out = fopen(output_file, "w"); + TEST_ASSERT(file_out != NULL); + ret = mbedtls_mpi_write_file(NULL, &X, 16, file_out); fclose(file_out); - TEST_ASSERT( ret == 0 ); + TEST_ASSERT(ret == 0); - file_in = fopen( output_file, "r" ); - TEST_ASSERT( file_in != NULL ); - ret = mbedtls_mpi_read_file( &Y, 16, file_in ); + file_in = fopen(output_file, "r"); + TEST_ASSERT(file_in != NULL); + ret = mbedtls_mpi_read_file(&Y, 16, file_in); fclose(file_in); - TEST_ASSERT( ret == 0 ); + TEST_ASSERT(ret == 0); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 ); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y) == 0); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_get_bit( char * input_X, int pos, int val ) +void mbedtls_mpi_get_bit(char *input_X, int pos, int val) { mbedtls_mpi X; - mbedtls_mpi_init( &X ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_get_bit( &X, pos ) == val ); + mbedtls_mpi_init(&X); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_get_bit(&X, pos) == val); exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_set_bit( char * input_X, int pos, int val, - char * output_Y, int result ) +void mbedtls_mpi_set_bit(char *input_X, int pos, int val, + char *output_Y, int result) { mbedtls_mpi X, Y; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, output_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_set_bit( &X, pos, val ) == result ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, output_Y) == 0); + TEST_ASSERT(mbedtls_mpi_set_bit(&X, pos, val) == result); - if( result == 0 ) - { - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 ); + if (result == 0) { + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y) == 0); } exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_lsb( char * input_X, int nr_bits ) +void mbedtls_mpi_lsb(char *input_X, int nr_bits) { mbedtls_mpi X; - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lsb( &X ) == (size_t) nr_bits ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_lsb(&X) == (size_t) nr_bits); exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_bitlen( char * input_X, int nr_bits ) +void mbedtls_mpi_bitlen(char *input_X, int nr_bits) { mbedtls_mpi X; - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == (size_t) nr_bits ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_bitlen(&X) == (size_t) nr_bits); exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_gcd( char * input_X, char * input_Y, - char * input_A ) +void mbedtls_mpi_gcd(char *input_X, char *input_Y, + char *input_A) { mbedtls_mpi A, X, Y, Z; - mbedtls_mpi_init( &A ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); + mbedtls_mpi_init(&A); mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_gcd( &Z, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_gcd(&Z, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); exit: - mbedtls_mpi_free( &A ); mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); + mbedtls_mpi_free(&A); mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_cmp_int( int input_X, int input_A, int result_CMP ) +void mbedtls_mpi_cmp_int(int input_X, int input_A, int result_CMP) { mbedtls_mpi X; - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0); - TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_A ) == result_CMP); + TEST_ASSERT(mbedtls_mpi_lset(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_int(&X, input_A) == result_CMP); exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_cmp_mpi( char * input_X, char * input_Y, - int input_A ) +void mbedtls_mpi_cmp_mpi(char *input_X, char *input_Y, + int input_A) { mbedtls_mpi X, Y; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == input_A ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y) == input_A); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_lt_mpi_ct( int size_X, char * input_X, - int size_Y, char * input_Y, - int input_ret, int input_err ) +void mbedtls_mpi_lt_mpi_ct(int size_X, char *input_X, + int size_Y, char *input_Y, + int input_ret, int input_err) { unsigned ret = -1; unsigned input_uret = input_ret; mbedtls_mpi X, Y; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); - TEST_ASSERT( mbedtls_mpi_grow( &X, size_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_grow( &Y, size_Y ) == 0 ); + TEST_ASSERT(mbedtls_mpi_grow(&X, size_X) == 0); + TEST_ASSERT(mbedtls_mpi_grow(&Y, size_Y) == 0); - TEST_ASSERT( mbedtls_mpi_lt_mpi_ct( &X, &Y, &ret ) == input_err ); - if( input_err == 0 ) - TEST_ASSERT( ret == input_uret ); + TEST_ASSERT(mbedtls_mpi_lt_mpi_ct(&X, &Y, &ret) == input_err); + if (input_err == 0) { + TEST_ASSERT(ret == input_uret); + } exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_cmp_abs( char * input_X, char * input_Y, - int input_A ) +void mbedtls_mpi_cmp_abs(char *input_X, char *input_Y, + int input_A) { mbedtls_mpi X, Y; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_abs( &X, &Y ) == input_A ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_abs(&X, &Y) == input_A); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_copy( char *src_hex, char *dst_hex ) +void mbedtls_mpi_copy(char *src_hex, char *dst_hex) { mbedtls_mpi src, dst, ref; - mbedtls_mpi_init( &src ); - mbedtls_mpi_init( &dst ); - mbedtls_mpi_init( &ref ); + mbedtls_mpi_init(&src); + mbedtls_mpi_init(&dst); + mbedtls_mpi_init(&ref); - TEST_ASSERT( mbedtls_test_read_mpi( &src, src_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &ref, dst_hex ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&src, src_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&ref, dst_hex) == 0); /* mbedtls_mpi_copy() */ - TEST_ASSERT( mbedtls_test_read_mpi( &dst, dst_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_copy( &dst, &src ) == 0 ); - TEST_ASSERT( sign_is_valid( &dst ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&dst, dst_hex) == 0); + TEST_ASSERT(mbedtls_mpi_copy(&dst, &src) == 0); + TEST_ASSERT(sign_is_valid(&dst)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&dst, &src) == 0); /* mbedtls_mpi_safe_cond_assign(), assignment done */ - mbedtls_mpi_free( &dst ); - TEST_ASSERT( mbedtls_test_read_mpi( &dst, dst_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 1 ) == 0 ); - TEST_ASSERT( sign_is_valid( &dst ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 ); + mbedtls_mpi_free(&dst); + TEST_ASSERT(mbedtls_test_read_mpi(&dst, dst_hex) == 0); + TEST_ASSERT(mbedtls_mpi_safe_cond_assign(&dst, &src, 1) == 0); + TEST_ASSERT(sign_is_valid(&dst)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&dst, &src) == 0); /* mbedtls_mpi_safe_cond_assign(), assignment not done */ - mbedtls_mpi_free( &dst ); - TEST_ASSERT( mbedtls_test_read_mpi( &dst, dst_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 0 ) == 0 ); - TEST_ASSERT( sign_is_valid( &dst ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &ref ) == 0 ); + mbedtls_mpi_free(&dst); + TEST_ASSERT(mbedtls_test_read_mpi(&dst, dst_hex) == 0); + TEST_ASSERT(mbedtls_mpi_safe_cond_assign(&dst, &src, 0) == 0); + TEST_ASSERT(sign_is_valid(&dst)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&dst, &ref) == 0); exit: - mbedtls_mpi_free( &src ); - mbedtls_mpi_free( &dst ); - mbedtls_mpi_free( &ref ); + mbedtls_mpi_free(&src); + mbedtls_mpi_free(&dst); + mbedtls_mpi_free(&ref); } /* END_CASE */ /* BEGIN_CASE */ -void mpi_copy_self( char *input_X ) +void mpi_copy_self(char *input_X) { mbedtls_mpi X, A; - mbedtls_mpi_init( &A ); - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&A); + mbedtls_mpi_init(&X); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_copy(&X, &X) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_X ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_X) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); exit: - mbedtls_mpi_free( &A ); - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&A); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_swap( char *X_hex, char *Y_hex ) +void mbedtls_mpi_swap(char *X_hex, char *Y_hex) { mbedtls_mpi X, Y, X0, Y0; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); + mbedtls_mpi_init(&X0); mbedtls_mpi_init(&Y0); - TEST_ASSERT( mbedtls_test_read_mpi( &X0, X_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y0, Y_hex ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X0, X_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y0, Y_hex) == 0); /* mbedtls_mpi_swap() */ - TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, Y_hex ) == 0 ); - mbedtls_mpi_swap( &X, &Y ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, X_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, Y_hex) == 0); + mbedtls_mpi_swap(&X, &Y); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(sign_is_valid(&Y)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y0) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &X0) == 0); /* mbedtls_mpi_safe_cond_swap(), swap done */ - mbedtls_mpi_free( &X ); - mbedtls_mpi_free( &Y ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, Y_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); + mbedtls_mpi_free(&X); + mbedtls_mpi_free(&Y); + TEST_ASSERT(mbedtls_test_read_mpi(&X, X_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, Y_hex) == 0); + TEST_ASSERT(mbedtls_mpi_safe_cond_swap(&X, &Y, 1) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(sign_is_valid(&Y)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y0) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &X0) == 0); /* mbedtls_mpi_safe_cond_swap(), swap not done */ - mbedtls_mpi_free( &X ); - mbedtls_mpi_free( &Y ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, Y_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &Y0 ) == 0 ); + mbedtls_mpi_free(&X); + mbedtls_mpi_free(&Y); + TEST_ASSERT(mbedtls_test_read_mpi(&X, X_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, Y_hex) == 0); + TEST_ASSERT(mbedtls_mpi_safe_cond_swap(&X, &Y, 0) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(sign_is_valid(&Y)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &X0) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &Y0) == 0); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); - mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); + mbedtls_mpi_free(&X0); mbedtls_mpi_free(&Y0); } /* END_CASE */ /* BEGIN_CASE */ -void mpi_swap_self( char *X_hex ) +void mpi_swap_self(char *X_hex) { mbedtls_mpi X, X0; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&X0); - TEST_ASSERT( mbedtls_test_read_mpi( &X, X_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X0, X_hex ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, X_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&X0, X_hex) == 0); - mbedtls_mpi_swap( &X, &X ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); + mbedtls_mpi_swap(&X, &X); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &X0) == 0); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&X0); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_shrink( int before, int used, int min, int after ) +void mbedtls_mpi_shrink(int before, int used, int min, int after) { mbedtls_mpi X; - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - TEST_ASSERT( mbedtls_mpi_grow( &X, before ) == 0 ); - if( used > 0 ) - { - size_t used_bit_count = used * 8 * sizeof( mbedtls_mpi_uint ); - TEST_ASSERT( mbedtls_mpi_set_bit( &X, used_bit_count - 1, 1 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_grow(&X, before) == 0); + if (used > 0) { + size_t used_bit_count = used * 8 * sizeof(mbedtls_mpi_uint); + TEST_ASSERT(mbedtls_mpi_set_bit(&X, used_bit_count - 1, 1) == 0); } - TEST_EQUAL( X.n, (size_t) before ); - TEST_ASSERT( mbedtls_mpi_shrink( &X, min ) == 0 ); - TEST_EQUAL( X.n, (size_t) after ); + TEST_EQUAL(X.n, (size_t) before); + TEST_ASSERT(mbedtls_mpi_shrink(&X, min) == 0); + TEST_EQUAL(X.n, (size_t) after); exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_add_mpi( char * input_X, char * input_Y, - char * input_A ) +void mbedtls_mpi_add_mpi(char *input_X, char *input_Y, + char *input_A) { mbedtls_mpi X, Y, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_add_mpi(&Z, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); /* result == first operand */ - TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); + TEST_ASSERT(mbedtls_mpi_add_mpi(&X, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); /* result == second operand */ - TEST_ASSERT( mbedtls_mpi_add_mpi( &Y, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); + TEST_ASSERT(mbedtls_mpi_add_mpi(&Y, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Y)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_add_mpi_inplace( char * input_X, char * input_A ) +void mbedtls_mpi_add_mpi_inplace(char *input_X, char *input_A) { mbedtls_mpi X, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&A); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &X, 0 ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_sub_abs(&X, &X, &X) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_int(&X, 0) == 0); + TEST_ASSERT(sign_is_valid(&X)); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &X ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_add_abs(&X, &X, &X) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &X ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_add_mpi(&X, &X, &X) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_add_abs( char * input_X, char * input_Y, - char * input_A ) +void mbedtls_mpi_add_abs(char *input_X, char *input_Y, + char *input_A) { mbedtls_mpi X, Y, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_add_abs(&Z, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); /* result == first operand */ - TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); + TEST_ASSERT(mbedtls_mpi_add_abs(&X, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); /* result == second operand */ - TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); + TEST_ASSERT(mbedtls_mpi_add_abs(&Y, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Y)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_add_int( char * input_X, int input_Y, - char * input_A ) +void mbedtls_mpi_add_int(char *input_X, int input_Y, + char *input_A) { mbedtls_mpi X, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_int( &Z, &X, input_Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_add_int(&Z, &X, input_Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_sub_mpi( char * input_X, char * input_Y, - char * input_A ) +void mbedtls_mpi_sub_mpi(char *input_X, char *input_Y, + char *input_A) { mbedtls_mpi X, Y, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_sub_mpi(&Z, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); /* result == first operand */ - TEST_ASSERT( mbedtls_mpi_sub_mpi( &X, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); + TEST_ASSERT(mbedtls_mpi_sub_mpi(&X, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); /* result == second operand */ - TEST_ASSERT( mbedtls_mpi_sub_mpi( &Y, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); + TEST_ASSERT(mbedtls_mpi_sub_mpi(&Y, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Y)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_sub_abs( char * input_X, char * input_Y, - char * input_A, int sub_result ) +void mbedtls_mpi_sub_abs(char *input_X, char *input_Y, + char *input_A, int sub_result) { mbedtls_mpi X, Y, Z, A; int res; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); - res = mbedtls_mpi_sub_abs( &Z, &X, &Y ); - TEST_ASSERT( res == sub_result ); - TEST_ASSERT( sign_is_valid( &Z ) ); - if( res == 0 ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); + res = mbedtls_mpi_sub_abs(&Z, &X, &Y); + TEST_ASSERT(res == sub_result); + TEST_ASSERT(sign_is_valid(&Z)); + if (res == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); + } /* result == first operand */ - TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &Y ) == sub_result ); - TEST_ASSERT( sign_is_valid( &X ) ); - if( sub_result == 0 ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); + TEST_ASSERT(mbedtls_mpi_sub_abs(&X, &X, &Y) == sub_result); + TEST_ASSERT(sign_is_valid(&X)); + if (sub_result == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + } + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); /* result == second operand */ - TEST_ASSERT( mbedtls_mpi_sub_abs( &Y, &X, &Y ) == sub_result ); - TEST_ASSERT( sign_is_valid( &Y ) ); - if( sub_result == 0 ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); + TEST_ASSERT(mbedtls_mpi_sub_abs(&Y, &X, &Y) == sub_result); + TEST_ASSERT(sign_is_valid(&Y)); + if (sub_result == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0); + } exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_sub_int( char * input_X, int input_Y, - char * input_A ) +void mbedtls_mpi_sub_int(char *input_X, int input_Y, + char *input_A) { mbedtls_mpi X, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_sub_int( &Z, &X, input_Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_sub_int(&Z, &X, input_Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_mul_mpi( char * input_X, char * input_Y, - char * input_A ) +void mbedtls_mpi_mul_mpi(char *input_X, char *input_Y, + char *input_A) { mbedtls_mpi X, Y, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_mul_mpi( &Z, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_mul_mpi(&Z, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_mul_int( char * input_X, int input_Y, - char * input_A, char * result_comparison ) +void mbedtls_mpi_mul_int(char *input_X, int input_Y, + char *input_A, char *result_comparison) { mbedtls_mpi X, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_mul_int( &Z, &X, input_Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - if( strcmp( result_comparison, "==" ) == 0 ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); - else if( strcmp( result_comparison, "!=" ) == 0 ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) != 0 ); - else - TEST_ASSERT( "unknown operator" == 0 ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_mul_int(&Z, &X, input_Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + if (strcmp(result_comparison, "==") == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); + } else if (strcmp(result_comparison, "!=") == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) != 0); + } else { + TEST_ASSERT("unknown operator" == 0); + } exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_div_mpi( char * input_X, char * input_Y, - char * input_A, char * input_B, - int div_result ) +void mbedtls_mpi_div_mpi(char *input_X, char *input_Y, + char *input_A, char *input_B, + int div_result) { mbedtls_mpi X, Y, Q, R, A, B; int res; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); - mbedtls_mpi_init( &A ); mbedtls_mpi_init( &B ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &B, input_B ) == 0 ); - res = mbedtls_mpi_div_mpi( &Q, &R, &X, &Y ); - TEST_ASSERT( res == div_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &Q ) ); - TEST_ASSERT( sign_is_valid( &R ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&R); + mbedtls_mpi_init(&A); mbedtls_mpi_init(&B); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&B, input_B) == 0); + res = mbedtls_mpi_div_mpi(&Q, &R, &X, &Y); + TEST_ASSERT(res == div_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&Q)); + TEST_ASSERT(sign_is_valid(&R)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Q, &A) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &B) == 0); } exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &R ); - mbedtls_mpi_free( &A ); mbedtls_mpi_free( &B ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&R); + mbedtls_mpi_free(&A); mbedtls_mpi_free(&B); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_div_int( char * input_X, int input_Y, - char * input_A, char * input_B, - int div_result ) +void mbedtls_mpi_div_int(char *input_X, int input_Y, + char *input_A, char *input_B, + int div_result) { mbedtls_mpi X, Q, R, A, B; int res; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &A ); - mbedtls_mpi_init( &B ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &B, input_B ) == 0 ); - res = mbedtls_mpi_div_int( &Q, &R, &X, input_Y ); - TEST_ASSERT( res == div_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &Q ) ); - TEST_ASSERT( sign_is_valid( &R ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&R); mbedtls_mpi_init(&A); + mbedtls_mpi_init(&B); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&B, input_B) == 0); + res = mbedtls_mpi_div_int(&Q, &R, &X, input_Y); + TEST_ASSERT(res == div_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&Q)); + TEST_ASSERT(sign_is_valid(&R)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Q, &A) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &B) == 0); } exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &R ); mbedtls_mpi_free( &A ); - mbedtls_mpi_free( &B ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&R); mbedtls_mpi_free(&A); + mbedtls_mpi_free(&B); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_mod_mpi( char * input_X, char * input_Y, - char * input_A, int div_result ) +void mbedtls_mpi_mod_mpi(char *input_X, char *input_Y, + char *input_A, int div_result) { mbedtls_mpi X, Y, A; int res; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - res = mbedtls_mpi_mod_mpi( &X, &X, &Y ); - TEST_ASSERT( res == div_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + res = mbedtls_mpi_mod_mpi(&X, &X, &Y); + TEST_ASSERT(res == div_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); } exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_mod_int( char * input_X, char * input_Y, - char * input_A, int mod_result ) +void mbedtls_mpi_mod_int(char *input_X, char *input_Y, + char *input_A, int mod_result) { mbedtls_mpi X; mbedtls_mpi Y; @@ -1192,18 +1190,18 @@ void mbedtls_mpi_mod_int( char * input_X, char * input_Y, int res; mbedtls_mpi_uint r; - mbedtls_mpi_init( &X ); - mbedtls_mpi_init( &Y ); - mbedtls_mpi_init( &A ); + mbedtls_mpi_init(&X); + mbedtls_mpi_init(&Y); + mbedtls_mpi_init(&A); /* We use MPIs to read Y and A since the test framework limits us to * ints, so we can't have 64-bit values */ - TEST_EQUAL( mbedtls_test_read_mpi( &X, input_X ), 0 ); - TEST_EQUAL( mbedtls_test_read_mpi( &Y, input_Y ), 0 ); - TEST_EQUAL( mbedtls_test_read_mpi( &A, input_A ), 0 ); + TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&Y, input_Y), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&A, input_A), 0); - TEST_EQUAL( Y.n, 1 ); - TEST_EQUAL( A.n, 1 ); + TEST_EQUAL(Y.n, 1); + TEST_EQUAL(A.n, 1); /* Convert the MPIs for Y and A to (signed) mbedtls_mpi_sints */ @@ -1214,301 +1212,297 @@ void mbedtls_mpi_mod_int( char * input_X, char * input_Y, * easy to test for, and this helps guard against human error. */ mbedtls_mpi_sint y = (mbedtls_mpi_sint) Y.p[0]; - TEST_ASSERT( y >= 0 ); /* If y < 0 here, we can't make negative y */ - if( Y.s == -1 ) + TEST_ASSERT(y >= 0); /* If y < 0 here, we can't make negative y */ + if (Y.s == -1) { y = -y; + } mbedtls_mpi_sint a = (mbedtls_mpi_sint) A.p[0]; - TEST_ASSERT( a >= 0 ); /* Same goes for a */ - if( A.s == -1 ) + TEST_ASSERT(a >= 0); /* Same goes for a */ + if (A.s == -1) { a = -a; + } - res = mbedtls_mpi_mod_int( &r, &X, y ); - TEST_EQUAL( res, mod_result ); - if( res == 0 ) - { - TEST_EQUAL( r, a ); + res = mbedtls_mpi_mod_int(&r, &X, y); + TEST_EQUAL(res, mod_result); + if (res == 0) { + TEST_EQUAL(r, a); } exit: - mbedtls_mpi_free( &X ); - mbedtls_mpi_free( &Y ); - mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); + mbedtls_mpi_free(&Y); + mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_exp_mod( char * input_A, char * input_E, - char * input_N, char * input_X, - int exp_result ) +void mbedtls_mpi_exp_mod(char *input_A, char *input_E, + char *input_N, char *input_X, + int exp_result) { mbedtls_mpi A, E, N, RR, Z, X; int res; - mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &X ); - - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - - res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, NULL ); - TEST_ASSERT( res == exp_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 ); + mbedtls_mpi_init(&A); mbedtls_mpi_init(&E); mbedtls_mpi_init(&N); + mbedtls_mpi_init(&RR); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&X); + + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + + res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, NULL); + TEST_ASSERT(res == exp_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &X) == 0); } /* Now test again with the speed-up parameter supplied as an output. */ - res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ); - TEST_ASSERT( res == exp_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 ); + res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR); + TEST_ASSERT(res == exp_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &X) == 0); } /* Now test again with the speed-up parameter supplied in calculated form. */ - res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ); - TEST_ASSERT( res == exp_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 ); + res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR); + TEST_ASSERT(res == exp_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &X) == 0); } exit: - mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&A); mbedtls_mpi_free(&E); mbedtls_mpi_free(&N); + mbedtls_mpi_free(&RR); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_exp_mod_size( int A_bytes, int E_bytes, int N_bytes, - char * input_RR, int exp_result ) +void mbedtls_mpi_exp_mod_size(int A_bytes, int E_bytes, int N_bytes, + char *input_RR, int exp_result) { mbedtls_mpi A, E, N, RR, Z; - mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z ); + mbedtls_mpi_init(&A); mbedtls_mpi_init(&E); mbedtls_mpi_init(&N); + mbedtls_mpi_init(&RR); mbedtls_mpi_init(&Z); /* Set A to 2^(A_bytes - 1) + 1 */ - TEST_ASSERT( mbedtls_mpi_lset( &A, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_l( &A, ( A_bytes * 8 ) - 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_set_bit( &A, 0, 1 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_lset(&A, 1) == 0); + TEST_ASSERT(mbedtls_mpi_shift_l(&A, (A_bytes * 8) - 1) == 0); + TEST_ASSERT(mbedtls_mpi_set_bit(&A, 0, 1) == 0); /* Set E to 2^(E_bytes - 1) + 1 */ - TEST_ASSERT( mbedtls_mpi_lset( &E, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_l( &E, ( E_bytes * 8 ) - 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 1 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_lset(&E, 1) == 0); + TEST_ASSERT(mbedtls_mpi_shift_l(&E, (E_bytes * 8) - 1) == 0); + TEST_ASSERT(mbedtls_mpi_set_bit(&E, 0, 1) == 0); /* Set N to 2^(N_bytes - 1) + 1 */ - TEST_ASSERT( mbedtls_mpi_lset( &N, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_l( &N, ( N_bytes * 8 ) - 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_set_bit( &N, 0, 1 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_lset(&N, 1) == 0); + TEST_ASSERT(mbedtls_mpi_shift_l(&N, (N_bytes * 8) - 1) == 0); + TEST_ASSERT(mbedtls_mpi_set_bit(&N, 0, 1) == 0); - if( strlen( input_RR ) ) - TEST_ASSERT( mbedtls_test_read_mpi( &RR, input_RR ) == 0 ); + if (strlen(input_RR)) { + TEST_ASSERT(mbedtls_test_read_mpi(&RR, input_RR) == 0); + } - TEST_ASSERT( mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ) == exp_result ); + TEST_ASSERT(mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR) == exp_result); exit: - mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z ); + mbedtls_mpi_free(&A); mbedtls_mpi_free(&E); mbedtls_mpi_free(&N); + mbedtls_mpi_free(&RR); mbedtls_mpi_free(&Z); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_inv_mod( char * input_X, char * input_Y, - char * input_A, int div_result ) +void mbedtls_mpi_inv_mod(char *input_X, char *input_Y, + char *input_A, int div_result) { mbedtls_mpi X, Y, Z, A; int res; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - res = mbedtls_mpi_inv_mod( &Z, &X, &Y ); - TEST_ASSERT( res == div_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + res = mbedtls_mpi_inv_mod(&Z, &X, &Y); + TEST_ASSERT(res == div_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); } exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ -void mbedtls_mpi_is_prime( char * input_X, int div_result ) +void mbedtls_mpi_is_prime(char *input_X, int div_result) { mbedtls_mpi X; int res; - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - res = mbedtls_mpi_is_prime_ext( &X, 40, mbedtls_test_rnd_std_rand, NULL ); - TEST_ASSERT( res == div_result ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + res = mbedtls_mpi_is_prime_ext(&X, 40, mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(res == div_result); exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ -void mbedtls_mpi_is_prime_det( data_t * input_X, data_t * witnesses, - int chunk_len, int rounds ) +void mbedtls_mpi_is_prime_det(data_t *input_X, data_t *witnesses, + int chunk_len, int rounds) { mbedtls_mpi X; int res; mbedtls_test_mpi_random rand; - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); rand.data = witnesses; rand.pos = 0; rand.chunk_len = chunk_len; - TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 ); - res = mbedtls_mpi_is_prime_ext( &X, rounds - 1, - mbedtls_test_mpi_miller_rabin_determinizer, - &rand ); - TEST_ASSERT( res == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&X, input_X->x, input_X->len) == 0); + res = mbedtls_mpi_is_prime_ext(&X, rounds - 1, + mbedtls_test_mpi_miller_rabin_determinizer, + &rand); + TEST_ASSERT(res == 0); rand.data = witnesses; rand.pos = 0; rand.chunk_len = chunk_len; - res = mbedtls_mpi_is_prime_ext( &X, rounds, - mbedtls_test_mpi_miller_rabin_determinizer, - &rand ); - TEST_ASSERT( res == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); + res = mbedtls_mpi_is_prime_ext(&X, rounds, + mbedtls_test_mpi_miller_rabin_determinizer, + &rand); + TEST_ASSERT(res == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE); exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ -void mbedtls_mpi_gen_prime( int bits, int flags, int ref_ret ) +void mbedtls_mpi_gen_prime(int bits, int flags, int ref_ret) { mbedtls_mpi X; int my_ret; - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - my_ret = mbedtls_mpi_gen_prime( &X, bits, flags, - mbedtls_test_rnd_std_rand, NULL ); - TEST_ASSERT( my_ret == ref_ret ); + my_ret = mbedtls_mpi_gen_prime(&X, bits, flags, + mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(my_ret == ref_ret); - if( ref_ret == 0 ) - { - size_t actual_bits = mbedtls_mpi_bitlen( &X ); + if (ref_ret == 0) { + size_t actual_bits = mbedtls_mpi_bitlen(&X); - TEST_ASSERT( actual_bits >= (size_t) bits ); - TEST_ASSERT( actual_bits <= (size_t) bits + 1 ); - TEST_ASSERT( sign_is_valid( &X ) ); + TEST_ASSERT(actual_bits >= (size_t) bits); + TEST_ASSERT(actual_bits <= (size_t) bits + 1); + TEST_ASSERT(sign_is_valid(&X)); - TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40, - mbedtls_test_rnd_std_rand, - NULL ) == 0 ); - if( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH ) - { + TEST_ASSERT(mbedtls_mpi_is_prime_ext(&X, 40, + mbedtls_test_rnd_std_rand, + NULL) == 0); + if (flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH) { /* X = ( X - 1 ) / 2 */ - TEST_ASSERT( mbedtls_mpi_shift_r( &X, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40, - mbedtls_test_rnd_std_rand, - NULL ) == 0 ); + TEST_ASSERT(mbedtls_mpi_shift_r(&X, 1) == 0); + TEST_ASSERT(mbedtls_mpi_is_prime_ext(&X, 40, + mbedtls_test_rnd_std_rand, + NULL) == 0); } } exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_shift_l( char * input_X, int shift_X, - char * input_A ) +void mbedtls_mpi_shift_l(char *input_X, int shift_X, + char *input_A) { mbedtls_mpi X, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&A); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_l( &X, shift_X ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_shift_l(&X, shift_X) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_mpi_shift_r( char * input_X, int shift_X, - char * input_A ) +void mbedtls_mpi_shift_r(char *input_X, int shift_X, + char *input_A) { mbedtls_mpi X, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&A); - TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_r( &X, shift_X ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_shift_r(&X, shift_X) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&A); } /* END_CASE */ /* BEGIN_CASE */ -void mpi_fill_random( int wanted_bytes, int rng_bytes, - int before, int expected_ret ) +void mpi_fill_random(int wanted_bytes, int rng_bytes, + int before, int expected_ret) { mbedtls_mpi X; int ret; size_t bytes_left = rng_bytes; - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&X); - if( before != 0 ) - { + if (before != 0) { /* Set X to sign(before) * 2^(|before|-1) */ - TEST_ASSERT( mbedtls_mpi_lset( &X, before > 0 ? 1 : -1 ) == 0 ); - if( before < 0 ) - before = - before; - TEST_ASSERT( mbedtls_mpi_shift_l( &X, before - 1 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_lset(&X, before > 0 ? 1 : -1) == 0); + if (before < 0) { + before = -before; + } + TEST_ASSERT(mbedtls_mpi_shift_l(&X, before - 1) == 0); } - ret = mbedtls_mpi_fill_random( &X, wanted_bytes, - f_rng_bytes_left, &bytes_left ); - TEST_ASSERT( ret == expected_ret ); + ret = mbedtls_mpi_fill_random(&X, wanted_bytes, + f_rng_bytes_left, &bytes_left); + TEST_ASSERT(ret == expected_ret); - if( expected_ret == 0 ) - { + if (expected_ret == 0) { /* mbedtls_mpi_fill_random is documented to use bytes from the RNG * as a big-endian representation of the number. We know when * our RNG function returns null bytes, so we know how many * leading zero bytes the number has. */ size_t leading_zeros = 0; - if( wanted_bytes > 0 && rng_bytes % 256 == 0 ) + if (wanted_bytes > 0 && rng_bytes % 256 == 0) { leading_zeros = 1; - TEST_ASSERT( mbedtls_mpi_size( &X ) + leading_zeros == - (size_t) wanted_bytes ); - TEST_ASSERT( (int) bytes_left == rng_bytes - wanted_bytes ); - TEST_ASSERT( sign_is_valid( &X ) ); + } + TEST_ASSERT(mbedtls_mpi_size(&X) + leading_zeros == + (size_t) wanted_bytes); + TEST_ASSERT((int) bytes_left == rng_bytes - wanted_bytes); + TEST_ASSERT(sign_is_valid(&X)); } exit: - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE */ -void mpi_random_many( int min, data_t *bound_bytes, int iterations ) +void mpi_random_many(int min, data_t *bound_bytes, int iterations) { /* Generate numbers in the range 1..bound-1. Do it iterations times. * This function assumes that the value of bound is at least 2 and @@ -1528,71 +1522,60 @@ void mpi_random_many( int min, data_t *bound_bytes, int iterations ) int full_stats; size_t i; - mbedtls_mpi_init( &upper_bound ); - mbedtls_mpi_init( &result ); + mbedtls_mpi_init(&upper_bound); + mbedtls_mpi_init(&result); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound, - bound_bytes->x, bound_bytes->len ) ); - n_bits = mbedtls_mpi_bitlen( &upper_bound ); + TEST_EQUAL(0, mbedtls_mpi_read_binary(&upper_bound, + bound_bytes->x, bound_bytes->len)); + n_bits = mbedtls_mpi_bitlen(&upper_bound); /* Consider a bound "small" if it's less than 2^5. This value is chosen * to be small enough that the probability of missing one value is * negligible given the number of iterations. It must be less than * 256 because some of the code below assumes that "small" values * fit in a byte. */ - if( n_bits <= 5 ) - { + if (n_bits <= 5) { full_stats = 1; stats_len = bound_bytes->x[bound_bytes->len - 1]; - } - else - { + } else { full_stats = 0; stats_len = n_bits; } - ASSERT_ALLOC( stats, stats_len ); - - for( i = 0; i < (size_t) iterations; i++ ) - { - mbedtls_test_set_step( i ); - TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_ASSERT( sign_is_valid( &result ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 ); - if( full_stats ) - { + ASSERT_ALLOC(stats, stats_len); + + for (i = 0; i < (size_t) iterations; i++) { + mbedtls_test_set_step(i); + TEST_EQUAL(0, mbedtls_mpi_random(&result, min, &upper_bound, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_ASSERT(sign_is_valid(&result)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&result, &upper_bound) < 0); + TEST_ASSERT(mbedtls_mpi_cmp_int(&result, min) >= 0); + if (full_stats) { uint8_t value; - TEST_EQUAL( 0, mbedtls_mpi_write_binary( &result, &value, 1 ) ); - TEST_ASSERT( value < stats_len ); + TEST_EQUAL(0, mbedtls_mpi_write_binary(&result, &value, 1)); + TEST_ASSERT(value < stats_len); ++stats[value]; - } - else - { - for( b = 0; b < n_bits; b++ ) - stats[b] += mbedtls_mpi_get_bit( &result, b ); + } else { + for (b = 0; b < n_bits; b++) { + stats[b] += mbedtls_mpi_get_bit(&result, b); + } } } - if( full_stats ) - { - for( b = min; b < stats_len; b++ ) - { - mbedtls_test_set_step( 1000000 + b ); + if (full_stats) { + for (b = min; b < stats_len; b++) { + mbedtls_test_set_step(1000000 + b); /* Assert that each value has been reached at least once. * This is almost guaranteed if the iteration count is large * enough. This is a very crude way of checking the distribution. */ - TEST_ASSERT( stats[b] > 0 ); + TEST_ASSERT(stats[b] > 0); } - } - else - { + } else { int statistically_safe_all_the_way = - is_significantly_above_a_power_of_2( bound_bytes ); - for( b = 0; b < n_bits; b++ ) - { - mbedtls_test_set_step( 1000000 + b ); + is_significantly_above_a_power_of_2(bound_bytes); + for (b = 0; b < n_bits; b++) { + mbedtls_test_set_step(1000000 + b); /* Assert that each bit has been set in at least one result and * clear in at least one result. Provided that iterations is not * too small, it would be extremely unlikely for this not to be @@ -1601,78 +1584,77 @@ void mpi_random_many( int min, data_t *bound_bytes, int iterations ) * As an exception, the top bit may legitimately never be set * if bound is a power of 2 or only slightly above. */ - if( statistically_safe_all_the_way || b != n_bits - 1 ) - { - TEST_ASSERT( stats[b] > 0 ); + if (statistically_safe_all_the_way || b != n_bits - 1) { + TEST_ASSERT(stats[b] > 0); } - TEST_ASSERT( stats[b] < (size_t) iterations ); + TEST_ASSERT(stats[b] < (size_t) iterations); } } exit: - mbedtls_mpi_free( &upper_bound ); - mbedtls_mpi_free( &result ); - mbedtls_free( stats ); + mbedtls_mpi_free(&upper_bound); + mbedtls_mpi_free(&result); + mbedtls_free(stats); } /* END_CASE */ /* BEGIN_CASE */ -void mpi_random_sizes( int min, data_t *bound_bytes, int nlimbs, int before ) +void mpi_random_sizes(int min, data_t *bound_bytes, int nlimbs, int before) { mbedtls_mpi upper_bound; mbedtls_mpi result; - mbedtls_mpi_init( &upper_bound ); - mbedtls_mpi_init( &result ); + mbedtls_mpi_init(&upper_bound); + mbedtls_mpi_init(&result); - if( before != 0 ) - { + if (before != 0) { /* Set result to sign(before) * 2^(|before|-1) */ - TEST_ASSERT( mbedtls_mpi_lset( &result, before > 0 ? 1 : -1 ) == 0 ); - if( before < 0 ) - before = - before; - TEST_ASSERT( mbedtls_mpi_shift_l( &result, before - 1 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_lset(&result, before > 0 ? 1 : -1) == 0); + if (before < 0) { + before = -before; + } + TEST_ASSERT(mbedtls_mpi_shift_l(&result, before - 1) == 0); } - TEST_EQUAL( 0, mbedtls_mpi_grow( &result, nlimbs ) ); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound, - bound_bytes->x, bound_bytes->len ) ); - TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound, - mbedtls_test_rnd_std_rand, NULL ) ); - TEST_ASSERT( sign_is_valid( &result ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 ); + TEST_EQUAL(0, mbedtls_mpi_grow(&result, nlimbs)); + TEST_EQUAL(0, mbedtls_mpi_read_binary(&upper_bound, + bound_bytes->x, bound_bytes->len)); + TEST_EQUAL(0, mbedtls_mpi_random(&result, min, &upper_bound, + mbedtls_test_rnd_std_rand, NULL)); + TEST_ASSERT(sign_is_valid(&result)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&result, &upper_bound) < 0); + TEST_ASSERT(mbedtls_mpi_cmp_int(&result, min) >= 0); exit: - mbedtls_mpi_free( &upper_bound ); - mbedtls_mpi_free( &result ); + mbedtls_mpi_free(&upper_bound); + mbedtls_mpi_free(&result); } /* END_CASE */ /* BEGIN_CASE */ -void mpi_random_fail( int min, data_t *bound_bytes, int expected_ret ) +void mpi_random_fail(int min, data_t *bound_bytes, int expected_ret) { mbedtls_mpi upper_bound; mbedtls_mpi result; int actual_ret; - mbedtls_mpi_init( &upper_bound ); - mbedtls_mpi_init( &result ); + mbedtls_mpi_init(&upper_bound); + mbedtls_mpi_init(&result); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound, - bound_bytes->x, bound_bytes->len ) ); - actual_ret = mbedtls_mpi_random( &result, min, &upper_bound, - mbedtls_test_rnd_std_rand, NULL ); - TEST_EQUAL( expected_ret, actual_ret ); + TEST_EQUAL(0, mbedtls_mpi_read_binary(&upper_bound, + bound_bytes->x, bound_bytes->len)); + actual_ret = mbedtls_mpi_random(&result, min, &upper_bound, + mbedtls_test_rnd_std_rand, NULL); + TEST_EQUAL(expected_ret, actual_ret); exit: - mbedtls_mpi_free( &upper_bound ); - mbedtls_mpi_free( &result ); + mbedtls_mpi_free(&upper_bound); + mbedtls_mpi_free(&result); } /* END_CASE */ /* BEGIN_CASE */ -void most_negative_mpi_sint( ) +void most_negative_mpi_sint() { /* Ad hoc tests for n = -p = -2^(biL-1) as a mbedtls_mpi_sint. We * guarantee that mbedtls_mpi_sint is a two's complement type, so this @@ -1690,134 +1672,134 @@ void most_negative_mpi_sint( ) */ mbedtls_mpi A, R, X; - mbedtls_mpi_init( &A ); - mbedtls_mpi_init( &R ); - mbedtls_mpi_init( &X ); + mbedtls_mpi_init(&A); + mbedtls_mpi_init(&R); + mbedtls_mpi_init(&X); - const size_t biL = 8 * sizeof( mbedtls_mpi_sint ); - mbedtls_mpi_uint most_positive_plus_1 = (mbedtls_mpi_uint) 1 << ( biL - 1 ); + const size_t biL = 8 * sizeof(mbedtls_mpi_sint); + mbedtls_mpi_uint most_positive_plus_1 = (mbedtls_mpi_uint) 1 << (biL - 1); const mbedtls_mpi_sint most_positive = most_positive_plus_1 - 1; - const mbedtls_mpi_sint most_negative = - most_positive - 1; - TEST_EQUAL( (mbedtls_mpi_uint) most_negative, - (mbedtls_mpi_uint) 1 << ( biL - 1 ) ); - TEST_EQUAL( (mbedtls_mpi_uint) most_negative << 1, 0 ); + const mbedtls_mpi_sint most_negative = -most_positive - 1; + TEST_EQUAL((mbedtls_mpi_uint) most_negative, + (mbedtls_mpi_uint) 1 << (biL - 1)); + TEST_EQUAL((mbedtls_mpi_uint) most_negative << 1, 0); /* Test mbedtls_mpi_lset() */ - TEST_EQUAL( mbedtls_mpi_lset( &A, most_negative ), 0 ); - TEST_EQUAL( A.s, -1 ); - TEST_EQUAL( A.n, 1 ); - TEST_EQUAL( A.p[0], most_positive_plus_1 ); + TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0); + TEST_EQUAL(A.s, -1); + TEST_EQUAL(A.n, 1); + TEST_EQUAL(A.p[0], most_positive_plus_1); /* Test mbedtls_mpi_cmp_int(): -p == -p */ - TEST_EQUAL( mbedtls_mpi_cmp_int( &A, most_negative ), 0 ); + TEST_EQUAL(mbedtls_mpi_cmp_int(&A, most_negative), 0); /* Test mbedtls_mpi_cmp_int(): -(p+1) < -p */ A.p[0] = most_positive_plus_1 + 1; - TEST_EQUAL( mbedtls_mpi_cmp_int( &A, most_negative ), -1 ); + TEST_EQUAL(mbedtls_mpi_cmp_int(&A, most_negative), -1); /* Test mbedtls_mpi_cmp_int(): -(p-1) > -p */ A.p[0] = most_positive_plus_1 - 1; - TEST_EQUAL( mbedtls_mpi_cmp_int( &A, most_negative ), 1 ); + TEST_EQUAL(mbedtls_mpi_cmp_int(&A, most_negative), 1); /* Test mbedtls_mpi_add_int(): (p-1) + (-p) */ - TEST_EQUAL( mbedtls_mpi_lset( &A, most_positive ), 0 ); - TEST_EQUAL( mbedtls_mpi_add_int( &X, &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &X, -1 ), 0 ); + TEST_EQUAL(mbedtls_mpi_lset(&A, most_positive), 0); + TEST_EQUAL(mbedtls_mpi_add_int(&X, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, -1), 0); /* Test mbedtls_mpi_add_int(): (0) + (-p) */ - TEST_EQUAL( mbedtls_mpi_lset( &A, 0 ), 0 ); - TEST_EQUAL( mbedtls_mpi_add_int( &X, &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &X, most_negative ), 0 ); + TEST_EQUAL(mbedtls_mpi_lset(&A, 0), 0); + TEST_EQUAL(mbedtls_mpi_add_int(&X, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, most_negative), 0); /* Test mbedtls_mpi_add_int(): (-p) + (-p) */ - TEST_EQUAL( mbedtls_mpi_lset( &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_add_int( &X, &A, most_negative ), 0 ); - TEST_EQUAL( X.s, -1 ); - TEST_EQUAL( X.n, 2 ); - TEST_EQUAL( X.p[0], 0 ); - TEST_EQUAL( X.p[1], 1 ); + TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_add_int(&X, &A, most_negative), 0); + TEST_EQUAL(X.s, -1); + TEST_EQUAL(X.n, 2); + TEST_EQUAL(X.p[0], 0); + TEST_EQUAL(X.p[1], 1); /* Test mbedtls_mpi_sub_int(): (p) - (-p) */ - mbedtls_mpi_free( &X ); - TEST_EQUAL( mbedtls_mpi_lset( &A, most_positive ), 0 ); - TEST_EQUAL( mbedtls_mpi_sub_int( &X, &A, most_negative ), 0 ); - TEST_EQUAL( X.s, 1 ); - TEST_EQUAL( X.n, 1 ); - TEST_EQUAL( X.p[0], ~(mbedtls_mpi_uint)0 ); + mbedtls_mpi_free(&X); + TEST_EQUAL(mbedtls_mpi_lset(&A, most_positive), 0); + TEST_EQUAL(mbedtls_mpi_sub_int(&X, &A, most_negative), 0); + TEST_EQUAL(X.s, 1); + TEST_EQUAL(X.n, 1); + TEST_EQUAL(X.p[0], ~(mbedtls_mpi_uint) 0); /* Test mbedtls_mpi_sub_int(): (0) - (-p) */ - TEST_EQUAL( mbedtls_mpi_lset( &A, 0 ), 0 ); - TEST_EQUAL( mbedtls_mpi_sub_int( &X, &A, most_negative ), 0 ); - TEST_EQUAL( X.s, 1 ); - TEST_EQUAL( X.n, 1 ); - TEST_EQUAL( X.p[0], most_positive_plus_1 ); + TEST_EQUAL(mbedtls_mpi_lset(&A, 0), 0); + TEST_EQUAL(mbedtls_mpi_sub_int(&X, &A, most_negative), 0); + TEST_EQUAL(X.s, 1); + TEST_EQUAL(X.n, 1); + TEST_EQUAL(X.p[0], most_positive_plus_1); /* Test mbedtls_mpi_sub_int(): (-p) - (-p) */ - TEST_EQUAL( mbedtls_mpi_lset( &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_sub_int( &X, &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &X, 0 ), 0 ); + TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_sub_int(&X, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 0), 0); /* Test mbedtls_mpi_div_int(): (-p+1) / (-p) */ - TEST_EQUAL( mbedtls_mpi_lset( &A, -most_positive ), 0 ); - TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &X, 0 ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &R, -most_positive ), 0 ); + TEST_EQUAL(mbedtls_mpi_lset(&A, -most_positive), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 0), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, -most_positive), 0); /* Test mbedtls_mpi_div_int(): (-p) / (-p) */ - TEST_EQUAL( mbedtls_mpi_lset( &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &X, 1 ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &R, 0 ), 0 ); + TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 1), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0); /* Test mbedtls_mpi_div_int(): (-2*p) / (-p) */ - TEST_EQUAL( mbedtls_mpi_shift_l( &A, 1 ), 0 ); - TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &X, 2 ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &R, 0 ), 0 ); + TEST_EQUAL(mbedtls_mpi_shift_l(&A, 1), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 2), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0); /* Test mbedtls_mpi_div_int(): (-2*p+1) / (-p) */ - TEST_EQUAL( mbedtls_mpi_add_int( &A, &A, 1 ), 0 ); - TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &X, 1 ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &R, -most_positive ), 0 ); + TEST_EQUAL(mbedtls_mpi_add_int(&A, &A, 1), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 1), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, -most_positive), 0); /* Test mbedtls_mpi_div_int(): (p-1) / (-p) */ - TEST_EQUAL( mbedtls_mpi_lset( &A, most_positive ), 0 ); - TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &X, 0 ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &R, most_positive ), 0 ); + TEST_EQUAL(mbedtls_mpi_lset(&A, most_positive), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 0), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, most_positive), 0); /* Test mbedtls_mpi_div_int(): (p) / (-p) */ - TEST_EQUAL( mbedtls_mpi_add_int( &A, &A, 1 ), 0 ); - TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &X, -1 ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &R, 0 ), 0 ); + TEST_EQUAL(mbedtls_mpi_add_int(&A, &A, 1), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, -1), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0); /* Test mbedtls_mpi_div_int(): (2*p) / (-p) */ - TEST_EQUAL( mbedtls_mpi_shift_l( &A, 1 ), 0 ); - TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &X, -2 ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &R, 0 ), 0 ); + TEST_EQUAL(mbedtls_mpi_shift_l(&A, 1), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, -2), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0); /* Test mbedtls_mpi_mod_int(): never valid */ - TEST_EQUAL( mbedtls_mpi_mod_int( X.p, &A, most_negative ), - MBEDTLS_ERR_MPI_NEGATIVE_VALUE ); + TEST_EQUAL(mbedtls_mpi_mod_int(X.p, &A, most_negative), + MBEDTLS_ERR_MPI_NEGATIVE_VALUE); /* Test mbedtls_mpi_random(): never valid */ - TEST_EQUAL( mbedtls_mpi_random( &X, most_negative, &A, - mbedtls_test_rnd_std_rand, NULL ), - MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_mpi_random(&X, most_negative, &A, + mbedtls_test_rnd_std_rand, NULL), + MBEDTLS_ERR_MPI_BAD_INPUT_DATA); exit: - mbedtls_mpi_free( &A ); - mbedtls_mpi_free( &R ); - mbedtls_mpi_free( &X ); + mbedtls_mpi_free(&A); + mbedtls_mpi_free(&R); + mbedtls_mpi_free(&X); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void mpi_selftest( ) +void mpi_selftest() { - TEST_ASSERT( mbedtls_mpi_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_blowfish.function b/tests/suites/test_suite_blowfish.function index f89353ce9520..95417113dd8b 100644 --- a/tests/suites/test_suite_blowfish.function +++ b/tests/suites/test_suite_blowfish.function @@ -8,156 +8,156 @@ */ /* BEGIN_CASE */ -void blowfish_valid_param( ) +void blowfish_valid_param() { - TEST_VALID_PARAM( mbedtls_blowfish_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_blowfish_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void blowfish_invalid_param( ) +void blowfish_invalid_param() { mbedtls_blowfish_context ctx; unsigned char buf[16] = { 0 }; - size_t const valid_keylength = sizeof( buf ) * 8; + size_t const valid_keylength = sizeof(buf) * 8; size_t valid_mode = MBEDTLS_BLOWFISH_ENCRYPT; size_t invalid_mode = 42; size_t off; ((void) off); - TEST_INVALID_PARAM( mbedtls_blowfish_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_blowfish_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_setkey( NULL, - buf, - valid_keylength ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_setkey( &ctx, - NULL, - valid_keylength ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ecb( NULL, - valid_mode, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ecb( &ctx, - invalid_mode, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ecb( &ctx, - valid_mode, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ecb( &ctx, - valid_mode, - buf, NULL ) ); + TEST_INVALID_PARAM(mbedtls_blowfish_init(NULL)); + TEST_VALID_PARAM(mbedtls_blowfish_free(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_setkey(NULL, + buf, + valid_keylength)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_setkey(&ctx, + NULL, + valid_keylength)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ecb(NULL, + valid_mode, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ecb(&ctx, + invalid_mode, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ecb(&ctx, + valid_mode, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ecb(&ctx, + valid_mode, + buf, NULL)); #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( NULL, + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cbc(NULL, + valid_mode, + sizeof(buf), + buf, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cbc(&ctx, + invalid_mode, + sizeof(buf), + buf, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cbc(&ctx, + valid_mode, + sizeof(buf), + NULL, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cbc(&ctx, + valid_mode, + sizeof(buf), + buf, NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cbc(&ctx, + valid_mode, + sizeof(buf), + buf, buf, NULL)); +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_CIPHER_MODE_CFB) + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cfb64(NULL, valid_mode, - sizeof( buf ), - buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( &ctx, + sizeof(buf), + &off, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cfb64(&ctx, invalid_mode, - sizeof( buf ), - buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( &ctx, + sizeof(buf), + &off, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cfb64(&ctx, valid_mode, - sizeof( buf ), - NULL, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( &ctx, + sizeof(buf), + NULL, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cfb64(&ctx, valid_mode, - sizeof( buf ), - buf, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( &ctx, + sizeof(buf), + &off, NULL, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cfb64(&ctx, valid_mode, - sizeof( buf ), - buf, buf, NULL ) ); -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( NULL, - valid_mode, - sizeof( buf ), - &off, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - invalid_mode, - sizeof( buf ), - &off, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - valid_mode, - sizeof( buf ), - NULL, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - valid_mode, - sizeof( buf ), - &off, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - valid_mode, - sizeof( buf ), - &off, buf, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - valid_mode, - sizeof( buf ), - &off, buf, - buf, NULL ) ); + sizeof(buf), + &off, buf, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cfb64(&ctx, + valid_mode, + sizeof(buf), + &off, buf, + buf, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( NULL, - sizeof( buf ), - &off, - buf, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - NULL, - buf, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - &off, - NULL, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, buf, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, buf, - buf, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ctr(NULL, + sizeof(buf), + &off, + buf, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ctr(&ctx, + sizeof(buf), + NULL, + buf, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ctr(&ctx, + sizeof(buf), + &off, + NULL, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ctr(&ctx, + sizeof(buf), + &off, + buf, NULL, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ctr(&ctx, + sizeof(buf), + &off, + buf, buf, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ctr(&ctx, + sizeof(buf), + &off, + buf, buf, + buf, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CTR */ exit: @@ -166,155 +166,157 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void blowfish_encrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) +void blowfish_encrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst, int setkey_result) { unsigned char output[100]; mbedtls_blowfish_context ctx; memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8) == setkey_result); + if (setkey_result == 0) { + TEST_ASSERT(mbedtls_blowfish_crypt_ecb(&ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->x, + output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); } exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void blowfish_decrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) +void blowfish_decrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst, int setkey_result) { unsigned char output[100]; mbedtls_blowfish_context ctx; memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8) == setkey_result); + if (setkey_result == 0) { + TEST_ASSERT(mbedtls_blowfish_crypt_ecb(&ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->x, + output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); } exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void blowfish_encrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) +void blowfish_encrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, + int cbc_result) { unsigned char output[100]; mbedtls_blowfish_context ctx; memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); + mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8); - TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0 ) - { + TEST_ASSERT(mbedtls_blowfish_crypt_cbc(&ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); } exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void blowfish_decrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) +void blowfish_decrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, + int cbc_result) { unsigned char output[100]; mbedtls_blowfish_context ctx; memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0) - { + mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_blowfish_crypt_cbc(&ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); } exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void blowfish_encrypt_cfb64( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void blowfish_encrypt_cfb64(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_blowfish_context ctx; size_t iv_offset = 0; memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); + mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_blowfish_crypt_cfb64(&ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len, + &iv_offset, iv_str->x, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void blowfish_decrypt_cfb64( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void blowfish_decrypt_cfb64(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_blowfish_context ctx; size_t iv_offset = 0; memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); + mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_blowfish_crypt_cfb64(&ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len, + &iv_offset, iv_str->x, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */ -void blowfish_encrypt_ctr( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void blowfish_encrypt_ctr(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char stream_str[100]; unsigned char output[100]; @@ -323,16 +325,17 @@ void blowfish_encrypt_ctr( data_t * key_str, data_t * iv_str, memset(stream_str, 0x00, 100); memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_blowfish_crypt_ctr( &ctx, src_str->len, &iv_offset, iv_str->x, stream_str, src_str->x, output ) == 0 ); + mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_blowfish_crypt_ctr(&ctx, src_str->len, &iv_offset, iv_str->x, stream_str, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ diff --git a/tests/suites/test_suite_camellia.function b/tests/suites/test_suite_camellia.function index 312495c9ae2b..da4276a85a09 100644 --- a/tests/suites/test_suite_camellia.function +++ b/tests/suites/test_suite_camellia.function @@ -8,14 +8,14 @@ */ /* BEGIN_CASE */ -void camellia_valid_param( ) +void camellia_valid_param() { - TEST_VALID_PARAM( mbedtls_camellia_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_camellia_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void camellia_invalid_param( ) +void camellia_invalid_param() { mbedtls_camellia_context ctx; unsigned char buf[16] = { 0 }; @@ -25,147 +25,147 @@ void camellia_invalid_param( ) size_t off; ((void) off); - TEST_INVALID_PARAM( mbedtls_camellia_init( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_setkey_enc( NULL, - buf, - valid_keybits ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_setkey_enc( &ctx, - NULL, - valid_keybits ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_setkey_dec( NULL, - buf, - valid_keybits ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_setkey_dec( &ctx, - NULL, - valid_keybits ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ecb( NULL, - valid_mode, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ecb( &ctx, - invalid_mode, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ecb( &ctx, - valid_mode, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ecb( &ctx, - valid_mode, - buf, NULL ) ); + TEST_INVALID_PARAM(mbedtls_camellia_init(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_setkey_enc(NULL, + buf, + valid_keybits)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_setkey_enc(&ctx, + NULL, + valid_keybits)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_setkey_dec(NULL, + buf, + valid_keybits)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_setkey_dec(&ctx, + NULL, + valid_keybits)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ecb(NULL, + valid_mode, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ecb(&ctx, + invalid_mode, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ecb(&ctx, + valid_mode, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ecb(&ctx, + valid_mode, + buf, NULL)); #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( NULL, - valid_mode, - sizeof( buf ), - buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( &ctx, - invalid_mode, - sizeof( buf ), - buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( &ctx, - valid_mode, - sizeof( buf ), - NULL, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( &ctx, - valid_mode, - sizeof( buf ), - buf, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( &ctx, - valid_mode, - sizeof( buf ), - buf, buf, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cbc(NULL, + valid_mode, + sizeof(buf), + buf, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cbc(&ctx, + invalid_mode, + sizeof(buf), + buf, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cbc(&ctx, + valid_mode, + sizeof(buf), + NULL, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cbc(&ctx, + valid_mode, + sizeof(buf), + buf, NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cbc(&ctx, + valid_mode, + sizeof(buf), + buf, buf, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( NULL, - valid_mode, - sizeof( buf ), - &off, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - invalid_mode, - sizeof( buf ), - &off, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - valid_mode, - sizeof( buf ), - NULL, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - valid_mode, - sizeof( buf ), - &off, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - valid_mode, - sizeof( buf ), - &off, buf, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - valid_mode, - sizeof( buf ), - &off, buf, - buf, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cfb128(NULL, + valid_mode, + sizeof(buf), + &off, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cfb128(&ctx, + invalid_mode, + sizeof(buf), + &off, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cfb128(&ctx, + valid_mode, + sizeof(buf), + NULL, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cfb128(&ctx, + valid_mode, + sizeof(buf), + &off, NULL, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cfb128(&ctx, + valid_mode, + sizeof(buf), + &off, buf, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cfb128(&ctx, + valid_mode, + sizeof(buf), + &off, buf, + buf, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( NULL, - sizeof( buf ), - &off, - buf, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - NULL, - buf, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - &off, - NULL, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, buf, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, buf, - buf, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ctr(NULL, + sizeof(buf), + &off, + buf, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ctr(&ctx, + sizeof(buf), + NULL, + buf, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ctr(&ctx, + sizeof(buf), + &off, + NULL, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ctr(&ctx, + sizeof(buf), + &off, + buf, NULL, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ctr(&ctx, + sizeof(buf), + &off, + buf, buf, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ctr(&ctx, + sizeof(buf), + &off, + buf, buf, + buf, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CTR */ exit: @@ -174,152 +174,154 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void camellia_encrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) +void camellia_encrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst, int setkey_result) { unsigned char output[100]; mbedtls_camellia_context ctx; memset(output, 0x00, 100); - mbedtls_camellia_init( &ctx ); + mbedtls_camellia_init(&ctx); - TEST_ASSERT( mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_camellia_crypt_ecb( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_camellia_setkey_enc(&ctx, key_str->x, key_str->len * 8) == setkey_result); + if (setkey_result == 0) { + TEST_ASSERT(mbedtls_camellia_crypt_ecb(&ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->x, + output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); } exit: - mbedtls_camellia_free( &ctx ); + mbedtls_camellia_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void camellia_decrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) +void camellia_decrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst, int setkey_result) { unsigned char output[100]; mbedtls_camellia_context ctx; memset(output, 0x00, 100); - mbedtls_camellia_init( &ctx ); + mbedtls_camellia_init(&ctx); - TEST_ASSERT( mbedtls_camellia_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_camellia_crypt_ecb( &ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_camellia_setkey_dec(&ctx, key_str->x, key_str->len * 8) == setkey_result); + if (setkey_result == 0) { + TEST_ASSERT(mbedtls_camellia_crypt_ecb(&ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->x, + output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); } exit: - mbedtls_camellia_free( &ctx ); + mbedtls_camellia_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void camellia_encrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, int cbc_result ) +void camellia_encrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, int cbc_result) { unsigned char output[100]; mbedtls_camellia_context ctx; memset(output, 0x00, 100); - mbedtls_camellia_init( &ctx ); + mbedtls_camellia_init(&ctx); - mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_camellia_crypt_cbc( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->len, iv_str->x, src_str->x, output) == cbc_result ); - if( cbc_result == 0 ) - { + mbedtls_camellia_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_camellia_crypt_cbc(&ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); } exit: - mbedtls_camellia_free( &ctx ); + mbedtls_camellia_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void camellia_decrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) +void camellia_decrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, + int cbc_result) { unsigned char output[100]; mbedtls_camellia_context ctx; memset(output, 0x00, 100); - mbedtls_camellia_init( &ctx ); + mbedtls_camellia_init(&ctx); - mbedtls_camellia_setkey_dec( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_camellia_crypt_cbc( &ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0 ) - { + mbedtls_camellia_setkey_dec(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_camellia_crypt_cbc(&ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); } exit: - mbedtls_camellia_free( &ctx ); + mbedtls_camellia_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void camellia_encrypt_cfb128( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void camellia_encrypt_cfb128(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_camellia_context ctx; size_t iv_offset = 0; memset(output, 0x00, 100); - mbedtls_camellia_init( &ctx ); + mbedtls_camellia_init(&ctx); - mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_camellia_crypt_cfb128( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); + mbedtls_camellia_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_camellia_crypt_cfb128(&ctx, MBEDTLS_CAMELLIA_ENCRYPT, 16, &iv_offset, + iv_str->x, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); exit: - mbedtls_camellia_free( &ctx ); + mbedtls_camellia_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void camellia_decrypt_cfb128( data_t * key_str, data_t * iv_str, - data_t * src_str, - data_t * dst ) +void camellia_decrypt_cfb128(data_t *key_str, data_t *iv_str, + data_t *src_str, + data_t *dst) { unsigned char output[100]; mbedtls_camellia_context ctx; size_t iv_offset = 0; memset(output, 0x00, 100); - mbedtls_camellia_init( &ctx ); + mbedtls_camellia_init(&ctx); - mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_camellia_crypt_cfb128( &ctx, MBEDTLS_CAMELLIA_DECRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); + mbedtls_camellia_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_camellia_crypt_cfb128(&ctx, MBEDTLS_CAMELLIA_DECRYPT, 16, &iv_offset, + iv_str->x, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); exit: - mbedtls_camellia_free( &ctx ); + mbedtls_camellia_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void camellia_selftest( ) +void camellia_selftest() { - TEST_ASSERT( mbedtls_camellia_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_camellia_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 5a3726e07bb1..735c9aa283f3 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -8,34 +8,34 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ -void mbedtls_ccm_self_test( ) +void mbedtls_ccm_self_test() { - TEST_ASSERT( mbedtls_ccm_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_ccm_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_setkey( int cipher_id, int key_size, int result ) +void mbedtls_ccm_setkey(int cipher_id, int key_size, int result) { mbedtls_ccm_context ctx; unsigned char key[32]; int ret; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - memset( key, 0x2A, sizeof( key ) ); - TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) ); + memset(key, 0x2A, sizeof(key)); + TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key)); - ret = mbedtls_ccm_setkey( &ctx, cipher_id, key, key_size ); - TEST_ASSERT( ret == result ); + ret = mbedtls_ccm_setkey(&ctx, cipher_id, key, key_size); + TEST_ASSERT(ret == result); exit: - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ -void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res ) +void ccm_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res) { mbedtls_ccm_context ctx; unsigned char key[16]; @@ -46,38 +46,39 @@ void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res ) unsigned char tag[18]; int decrypt_ret; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - ASSERT_ALLOC_WEAK( add, add_len ); - memset( key, 0, sizeof( key ) ); - memset( msg, 0, sizeof( msg ) ); - memset( iv, 0, sizeof( iv ) ); - memset( out, 0, sizeof( out ) ); - memset( tag, 0, sizeof( tag ) ); + ASSERT_ALLOC_WEAK(add, add_len); + memset(key, 0, sizeof(key)); + memset(msg, 0, sizeof(msg)); + memset(iv, 0, sizeof(iv)); + memset(out, 0, sizeof(out)); + memset(tag, 0, sizeof(tag)); - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - key, 8 * sizeof( key ) ) == 0 ); + TEST_ASSERT(mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + key, 8 * sizeof(key)) == 0); - TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len, - msg, out, tag, tag_len ) == res ); + TEST_ASSERT(mbedtls_ccm_encrypt_and_tag(&ctx, msg_len, iv, iv_len, add, add_len, + msg, out, tag, tag_len) == res); - decrypt_ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len, - msg, out, tag, tag_len ); + decrypt_ret = mbedtls_ccm_auth_decrypt(&ctx, msg_len, iv, iv_len, add, add_len, + msg, out, tag, tag_len); - if( res == 0 ) - TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED ); - else - TEST_ASSERT( decrypt_ret == res ); + if (res == 0) { + TEST_ASSERT(decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED); + } else { + TEST_ASSERT(decrypt_ret == res); + } exit: - mbedtls_free( add ); - mbedtls_ccm_free( &ctx ); + mbedtls_free(add); + mbedtls_ccm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ -void ccm_star_lengths( int msg_len, int iv_len, int add_len, int tag_len, - int res ) +void ccm_star_lengths(int msg_len, int iv_len, int add_len, int tag_len, + int res) { mbedtls_ccm_context ctx; unsigned char key[16]; @@ -88,115 +89,115 @@ void ccm_star_lengths( int msg_len, int iv_len, int add_len, int tag_len, unsigned char tag[18]; int decrypt_ret; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - memset( key, 0, sizeof( key ) ); - memset( msg, 0, sizeof( msg ) ); - memset( iv, 0, sizeof( iv ) ); - memset( add, 0, sizeof( add ) ); - memset( out, 0, sizeof( out ) ); - memset( tag, 0, sizeof( tag ) ); + memset(key, 0, sizeof(key)); + memset(msg, 0, sizeof(msg)); + memset(iv, 0, sizeof(iv)); + memset(add, 0, sizeof(add)); + memset(out, 0, sizeof(out)); + memset(tag, 0, sizeof(tag)); - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - key, 8 * sizeof( key ) ) == 0 ); + TEST_ASSERT(mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + key, 8 * sizeof(key)) == 0); - TEST_ASSERT( mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len, - add, add_len, msg, out, tag, tag_len ) == res ); + TEST_ASSERT(mbedtls_ccm_star_encrypt_and_tag(&ctx, msg_len, iv, iv_len, + add, add_len, msg, out, tag, tag_len) == res); - decrypt_ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len, add, - add_len, msg, out, tag, tag_len ); + decrypt_ret = mbedtls_ccm_star_auth_decrypt(&ctx, msg_len, iv, iv_len, add, + add_len, msg, out, tag, tag_len); - if( res == 0 && tag_len != 0 ) - TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED ); - else - TEST_ASSERT( decrypt_ret == res ); + if (res == 0 && tag_len != 0) { + TEST_ASSERT(decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED); + } else { + TEST_ASSERT(decrypt_ret == res); + } exit: - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key, - data_t * msg, data_t * iv, - data_t * add, data_t * result ) +void mbedtls_ccm_encrypt_and_tag(int cipher_id, data_t *key, + data_t *msg, data_t *iv, + data_t *add, data_t *result) { mbedtls_ccm_context ctx; size_t tag_len; - uint8_t * msg_n_tag = (uint8_t *)malloc( result->len + 2 ); + uint8_t *msg_n_tag = (uint8_t *) malloc(result->len + 2); - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - memset( msg_n_tag, 0, result->len + 2 ); - memcpy( msg_n_tag, msg->x, msg->len ); + memset(msg_n_tag, 0, result->len + 2); + memcpy(msg_n_tag, msg->x, msg->len); tag_len = result->len - msg->len; - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 ); + TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0); /* Test with input == output */ - TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg->len, iv->x, iv->len, add->x, add->len, - msg_n_tag, msg_n_tag, msg_n_tag + msg->len, tag_len ) == 0 ); + TEST_ASSERT(mbedtls_ccm_encrypt_and_tag(&ctx, msg->len, iv->x, iv->len, add->x, add->len, + msg_n_tag, msg_n_tag, msg_n_tag + msg->len, + tag_len) == 0); - TEST_ASSERT( memcmp( msg_n_tag, result->x, result->len ) == 0 ); + TEST_ASSERT(memcmp(msg_n_tag, result->x, result->len) == 0); /* Check we didn't write past the end */ - TEST_ASSERT( msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0 ); + TEST_ASSERT(msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0); exit: - mbedtls_ccm_free( &ctx ); - free( msg_n_tag ); + mbedtls_ccm_free(&ctx); + free(msg_n_tag); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key, - data_t * msg, data_t * iv, - data_t * add, int tag_len, int result, - data_t * expected_msg ) +void mbedtls_ccm_auth_decrypt(int cipher_id, data_t *key, + data_t *msg, data_t *iv, + data_t *add, int tag_len, int result, + data_t *expected_msg) { unsigned char tag[16]; mbedtls_ccm_context ctx; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - memset( tag, 0x00, sizeof( tag ) ); + memset(tag, 0x00, sizeof(tag)); msg->len -= tag_len; - memcpy( tag, msg->x + msg->len, tag_len ); + memcpy(tag, msg->x + msg->len, tag_len); - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 ); + TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0); /* Test with input == output */ - TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg->len, iv->x, iv->len, add->x, add->len, - msg->x, msg->x, msg->x + msg->len, tag_len ) == result ); + TEST_ASSERT(mbedtls_ccm_auth_decrypt(&ctx, msg->len, iv->x, iv->len, add->x, add->len, + msg->x, msg->x, msg->x + msg->len, tag_len) == result); - if( result == 0 ) - { - TEST_ASSERT( memcmp( msg->x, expected_msg->x, expected_msg->len ) == 0 ); - } - else - { + if (result == 0) { + TEST_ASSERT(memcmp(msg->x, expected_msg->x, expected_msg->len) == 0); + } else { size_t i; - for( i = 0; i < msg->len; i++ ) - TEST_ASSERT( msg->x[i] == 0 ); + for (i = 0; i < msg->len; i++) { + TEST_ASSERT(msg->x[i] == 0); + } } /* Check we didn't write past the end (where the original tag is) */ - TEST_ASSERT( memcmp( msg->x + msg->len, tag, tag_len ) == 0 ); + TEST_ASSERT(memcmp(msg->x + msg->len, tag, tag_len) == 0); exit: - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_star_encrypt_and_tag( int cipher_id, - data_t *key, data_t *msg, - data_t *source_address, data_t *frame_counter, - int sec_level, data_t *add, - data_t *expected_result, int output_ret ) +void mbedtls_ccm_star_encrypt_and_tag(int cipher_id, + data_t *key, data_t *msg, + data_t *source_address, data_t *frame_counter, + int sec_level, data_t *add, + data_t *expected_result, int output_ret) { unsigned char iv[13]; unsigned char result[50]; @@ -204,49 +205,50 @@ void mbedtls_ccm_star_encrypt_and_tag( int cipher_id, size_t iv_len, tag_len; int ret; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - memset( result, 0x00, sizeof( result ) ); + memset(result, 0x00, sizeof(result)); - if( sec_level % 4 == 0) + if (sec_level % 4 == 0) { tag_len = 0; - else - tag_len = 1 << ( sec_level % 4 + 1); + } else { + tag_len = 1 << (sec_level % 4 + 1); + } - TEST_ASSERT( source_address->len == 8 ); - TEST_ASSERT( frame_counter->len == 4 ); - memcpy( iv, source_address->x, source_address->len ); - memcpy( iv + source_address->len, frame_counter->x, frame_counter->len ); + TEST_ASSERT(source_address->len == 8); + TEST_ASSERT(frame_counter->len == 4); + memcpy(iv, source_address->x, source_address->len); + memcpy(iv + source_address->len, frame_counter->x, frame_counter->len); iv[source_address->len + frame_counter->len] = sec_level; - iv_len = sizeof( iv ); + iv_len = sizeof(iv); - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, - key->x, key->len * 8 ) == 0 ); + TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, + key->x, key->len * 8) == 0); - ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg->len, iv, iv_len, - add->x, add->len, msg->x, - result, result + msg->len, tag_len ); + ret = mbedtls_ccm_star_encrypt_and_tag(&ctx, msg->len, iv, iv_len, + add->x, add->len, msg->x, + result, result + msg->len, tag_len); - TEST_ASSERT( ret == output_ret ); + TEST_ASSERT(ret == output_ret); - TEST_ASSERT( memcmp( result, - expected_result->x, expected_result->len ) == 0 ); + TEST_ASSERT(memcmp(result, + expected_result->x, expected_result->len) == 0); /* Check we didn't write past the end */ - TEST_ASSERT( result[expected_result->len] == 0 && - result[expected_result->len + 1] == 0 ); + TEST_ASSERT(result[expected_result->len] == 0 && + result[expected_result->len + 1] == 0); exit: - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_star_auth_decrypt( int cipher_id, - data_t *key, data_t *msg, - data_t *source_address, data_t *frame_counter, - int sec_level, data_t *add, - data_t *expected_result, int output_ret ) +void mbedtls_ccm_star_auth_decrypt(int cipher_id, + data_t *key, data_t *msg, + data_t *source_address, data_t *frame_counter, + int sec_level, data_t *add, + data_t *expected_result, int output_ret) { unsigned char iv[13]; unsigned char result[50]; @@ -254,46 +256,47 @@ void mbedtls_ccm_star_auth_decrypt( int cipher_id, size_t iv_len, tag_len; int ret; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - memset( iv, 0x00, sizeof( iv ) ); - memset( result, '+', sizeof( result ) ); + memset(iv, 0x00, sizeof(iv)); + memset(result, '+', sizeof(result)); - if( sec_level % 4 == 0) + if (sec_level % 4 == 0) { tag_len = 0; - else - tag_len = 1 << ( sec_level % 4 + 1); + } else { + tag_len = 1 << (sec_level % 4 + 1); + } - TEST_ASSERT( source_address->len == 8 ); - TEST_ASSERT( frame_counter->len == 4 ); - memcpy( iv, source_address->x, source_address->len ); - memcpy( iv + source_address->len, frame_counter->x, frame_counter->len ); + TEST_ASSERT(source_address->len == 8); + TEST_ASSERT(frame_counter->len == 4); + memcpy(iv, source_address->x, source_address->len); + memcpy(iv + source_address->len, frame_counter->x, frame_counter->len); iv[source_address->len + frame_counter->len] = sec_level; - iv_len = sizeof( iv ); + iv_len = sizeof(iv); - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 ); + TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0); - ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg->len - tag_len, iv, iv_len, - add->x, add->len, msg->x, result, - msg->x + msg->len - tag_len, tag_len ); + ret = mbedtls_ccm_star_auth_decrypt(&ctx, msg->len - tag_len, iv, iv_len, + add->x, add->len, msg->x, result, + msg->x + msg->len - tag_len, tag_len); - TEST_ASSERT( ret == output_ret ); + TEST_ASSERT(ret == output_ret); - TEST_ASSERT( memcmp( result, expected_result->x, - expected_result->len ) == 0 ); + TEST_ASSERT(memcmp(result, expected_result->x, + expected_result->len) == 0); /* Check we didn't write past the end (where the original tag is) */ - TEST_ASSERT( ( msg->len + 2 ) <= sizeof( result ) ); - TEST_EQUAL( result[msg->len], '+' ); - TEST_EQUAL( result[msg->len + 1], '+' ); + TEST_ASSERT((msg->len + 2) <= sizeof(result)); + TEST_EQUAL(result[msg->len], '+'); + TEST_EQUAL(result[msg->len + 1], '+'); exit: - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void ccm_invalid_param( ) +void ccm_invalid_param() { struct mbedtls_ccm_context ctx; unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; @@ -301,205 +304,205 @@ void ccm_invalid_param( ) int valid_len = sizeof(valid_buffer); int valid_bitlen = valid_len * 8; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); /* mbedtls_ccm_init() */ - TEST_INVALID_PARAM( mbedtls_ccm_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_ccm_init(NULL)); /* mbedtls_ccm_setkey() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_setkey( NULL, valid_cipher, valid_buffer, valid_bitlen ) ); + mbedtls_ccm_setkey(NULL, valid_cipher, valid_buffer, valid_bitlen)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_setkey( &ctx, valid_cipher, NULL, valid_bitlen ) ); + mbedtls_ccm_setkey(&ctx, valid_cipher, NULL, valid_bitlen)); /* mbedtls_ccm_encrypt_and_tag() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_encrypt_and_tag(NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_buffer, valid_len ) ); + mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, NULL, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - NULL, valid_len ) ); + mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + NULL, valid_len)); /* mbedtls_ccm_star_encrypt_and_tag() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len) ); + mbedtls_ccm_star_encrypt_and_tag(NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, NULL, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - NULL, valid_len ) ); + mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + NULL, valid_len)); /* mbedtls_ccm_auth_decrypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_auth_decrypt(NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_auth_decrypt(&ctx, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_buffer, valid_len ) ); + mbedtls_ccm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, NULL, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - NULL, valid_len ) ); + mbedtls_ccm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + NULL, valid_len)); /* mbedtls_ccm_star_auth_decrypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_auth_decrypt(NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, NULL, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - NULL, valid_len ) ); + mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + NULL, valid_len)); exit: - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); return; } /* END_CASE */ /* BEGIN_CASE */ -void ccm_valid_param( ) +void ccm_valid_param() { - TEST_VALID_PARAM( mbedtls_ccm_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_ccm_free(NULL)); exit: return; } diff --git a/tests/suites/test_suite_chacha20.function b/tests/suites/test_suite_chacha20.function index 67c8de2ec1b6..7f4956176402 100644 --- a/tests/suites/test_suite_chacha20.function +++ b/tests/suites/test_suite_chacha20.function @@ -8,43 +8,44 @@ */ /* BEGIN_CASE */ -void chacha20_crypt( data_t *key_str, - data_t *nonce_str, - int counter, - data_t *src_str, - data_t *expected_output_str ) +void chacha20_crypt(data_t *key_str, + data_t *nonce_str, + int counter, + data_t *src_str, + data_t *expected_output_str) { unsigned char output[375]; mbedtls_chacha20_context ctx; - memset( output, 0x00, sizeof( output ) ); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( src_str->len == expected_output_str->len ); - TEST_ASSERT( key_str->len == 32U ); - TEST_ASSERT( nonce_str->len == 12U ); + TEST_ASSERT(src_str->len == expected_output_str->len); + TEST_ASSERT(key_str->len == 32U); + TEST_ASSERT(nonce_str->len == 12U); /* * Test the integrated API */ - TEST_ASSERT( mbedtls_chacha20_crypt( key_str->x, nonce_str->x, counter, src_str->len, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_chacha20_crypt(key_str->x, nonce_str->x, counter, src_str->len, src_str->x, + output) == 0); - ASSERT_COMPARE( output, expected_output_str->len, - expected_output_str->x, expected_output_str->len ); + ASSERT_COMPARE(output, expected_output_str->len, + expected_output_str->x, expected_output_str->len); /* * Test the streaming API */ - mbedtls_chacha20_init( &ctx ); + mbedtls_chacha20_init(&ctx); - TEST_ASSERT( mbedtls_chacha20_setkey( &ctx, key_str->x ) == 0 ); + TEST_ASSERT(mbedtls_chacha20_setkey(&ctx, key_str->x) == 0); - TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str->x, counter ) == 0 ); + TEST_ASSERT(mbedtls_chacha20_starts(&ctx, nonce_str->x, counter) == 0); - memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_str->len, src_str->x, output ) == 0 ); + memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_chacha20_update(&ctx, src_str->len, src_str->x, output) == 0); - ASSERT_COMPARE( output, expected_output_str->len, - expected_output_str->x, expected_output_str->len ); + ASSERT_COMPARE(output, expected_output_str->len, + expected_output_str->x, expected_output_str->len); /* * Test the streaming API again, piecewise @@ -52,17 +53,17 @@ void chacha20_crypt( data_t *key_str, /* Don't free/init the context nor set the key again, * in order to test that starts() does the right thing. */ - TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str->x, counter ) == 0 ); + TEST_ASSERT(mbedtls_chacha20_starts(&ctx, nonce_str->x, counter) == 0); - memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_chacha20_update( &ctx, 1, src_str->x, output ) == 0 ); - TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_str->len - 1, - src_str->x + 1, output + 1 ) == 0 ); + memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_chacha20_update(&ctx, 1, src_str->x, output) == 0); + TEST_ASSERT(mbedtls_chacha20_update(&ctx, src_str->len - 1, + src_str->x + 1, output + 1) == 0); - ASSERT_COMPARE( output, expected_output_str->len, - expected_output_str->x, expected_output_str->len ); + ASSERT_COMPARE(output, expected_output_str->len, + expected_output_str->x, expected_output_str->len); - mbedtls_chacha20_free( &ctx ); + mbedtls_chacha20_free(&ctx); } /* END_CASE */ @@ -74,37 +75,37 @@ void chacha20_bad_params() unsigned char src[1]; unsigned char dst[1]; uint32_t counter = 0; - size_t len = sizeof( src ); + size_t len = sizeof(src); mbedtls_chacha20_context ctx; - TEST_INVALID_PARAM( mbedtls_chacha20_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_chacha20_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_setkey( NULL, key ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_setkey( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_starts( NULL, nonce, counter ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_starts( &ctx, NULL, counter ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_update( NULL, 0, src, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_update( &ctx, len, NULL, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_update( &ctx, len, src, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_crypt( NULL, nonce, counter, 0, src, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_crypt( key, NULL, counter, 0, src, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_crypt( key, nonce, counter, len, NULL, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_crypt( key, nonce, counter, len, src, NULL ) ); + TEST_INVALID_PARAM(mbedtls_chacha20_init(NULL)); + TEST_VALID_PARAM(mbedtls_chacha20_free(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_setkey(NULL, key)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_setkey(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_starts(NULL, nonce, counter)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_starts(&ctx, NULL, counter)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_update(NULL, 0, src, dst)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_update(&ctx, len, NULL, dst)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_update(&ctx, len, src, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_crypt(NULL, nonce, counter, 0, src, dst)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_crypt(key, NULL, counter, 0, src, dst)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_crypt(key, nonce, counter, len, NULL, dst)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_crypt(key, nonce, counter, len, src, NULL)); exit: return; @@ -115,6 +116,6 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void chacha20_self_test() { - TEST_ASSERT( mbedtls_chacha20_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_chacha20_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_chachapoly.function b/tests/suites/test_suite_chachapoly.function index 96128e4ec35d..906e3f5ade9c 100644 --- a/tests/suites/test_suite_chachapoly.function +++ b/tests/suites/test_suite_chachapoly.function @@ -8,61 +8,71 @@ */ /* BEGIN_CASE */ -void mbedtls_chachapoly_enc( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str ) +void mbedtls_chachapoly_enc(data_t *key_str, + data_t *nonce_str, + data_t *aad_str, + data_t *input_str, + data_t *output_str, + data_t *mac_str) { unsigned char output[265]; unsigned char mac[16]; /* size set by the standard */ mbedtls_chachapoly_context ctx; - TEST_ASSERT( key_str->len == 32 ); - TEST_ASSERT( nonce_str->len == 12 ); - TEST_ASSERT( mac_str->len == 16 ); + TEST_ASSERT(key_str->len == 32); + TEST_ASSERT(nonce_str->len == 12); + TEST_ASSERT(mac_str->len == 16); - mbedtls_chachapoly_init( &ctx ); + mbedtls_chachapoly_init(&ctx); - TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 ); + TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key_str->x) == 0); - TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx, - input_str->len, nonce_str->x, - aad_str->x, aad_str->len, - input_str->x, output, mac ) == 0 ); + TEST_ASSERT(mbedtls_chachapoly_encrypt_and_tag(&ctx, + input_str->len, nonce_str->x, + aad_str->x, aad_str->len, + input_str->x, output, mac) == 0); - TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 ); - TEST_ASSERT( memcmp( mac_str->x, mac, 16U ) == 0 ); + TEST_ASSERT(memcmp(output_str->x, output, output_str->len) == 0); + TEST_ASSERT(memcmp(mac_str->x, mac, 16U) == 0); exit: - mbedtls_chachapoly_free( &ctx ); + mbedtls_chachapoly_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_chachapoly_dec( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str, int ret_exp ) +void mbedtls_chachapoly_dec(data_t *key_str, + data_t *nonce_str, + data_t *aad_str, + data_t *input_str, + data_t *output_str, + data_t *mac_str, + int ret_exp) { unsigned char output[265]; int ret; mbedtls_chachapoly_context ctx; - TEST_ASSERT( key_str->len == 32 ); - TEST_ASSERT( nonce_str->len == 12 ); - TEST_ASSERT( mac_str->len == 16 ); + TEST_ASSERT(key_str->len == 32); + TEST_ASSERT(nonce_str->len == 12); + TEST_ASSERT(mac_str->len == 16); - mbedtls_chachapoly_init( &ctx ); + mbedtls_chachapoly_init(&ctx); - TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 ); + TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key_str->x) == 0); - ret = mbedtls_chachapoly_auth_decrypt( &ctx, - input_str->len, nonce_str->x, - aad_str->x, aad_str->len, - mac_str->x, input_str->x, output ); + ret = mbedtls_chachapoly_auth_decrypt(&ctx, + input_str->len, nonce_str->x, + aad_str->x, aad_str->len, + mac_str->x, input_str->x, output); - TEST_ASSERT( ret == ret_exp ); - if( ret_exp == 0 ) - { - TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 ); + TEST_ASSERT(ret == ret_exp); + if (ret_exp == 0) { + TEST_ASSERT(memcmp(output_str->x, output, output_str->len) == 0); } exit: - mbedtls_chachapoly_free( &ctx ); + mbedtls_chachapoly_free(&ctx); } /* END_CASE */ @@ -75,122 +85,122 @@ void chachapoly_bad_params() unsigned char input[1]; unsigned char output[1]; unsigned char mac[16]; - size_t input_len = sizeof( input ); - size_t aad_len = sizeof( aad ); + size_t input_len = sizeof(input); + size_t aad_len = sizeof(aad); mbedtls_chachapoly_context ctx; - memset( key, 0x00, sizeof( key ) ); - memset( nonce, 0x00, sizeof( nonce ) ); - memset( aad, 0x00, sizeof( aad ) ); - memset( input, 0x00, sizeof( input ) ); - memset( output, 0x00, sizeof( output ) ); - memset( mac, 0x00, sizeof( mac ) ); + memset(key, 0x00, sizeof(key)); + memset(nonce, 0x00, sizeof(nonce)); + memset(aad, 0x00, sizeof(aad)); + memset(input, 0x00, sizeof(input)); + memset(output, 0x00, sizeof(output)); + memset(mac, 0x00, sizeof(mac)); - TEST_INVALID_PARAM( mbedtls_chachapoly_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_chachapoly_free( NULL ) ); + TEST_INVALID_PARAM(mbedtls_chachapoly_init(NULL)); + TEST_VALID_PARAM(mbedtls_chachapoly_free(NULL)); /* setkey */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_setkey( NULL, key ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_setkey( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_setkey(NULL, key)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_setkey(&ctx, NULL)); /* encrypt_and_tag */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( NULL, - 0, nonce, - aad, 0, - input, output, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - 0, NULL, - aad, 0, - input, output, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - 0, nonce, - NULL, aad_len, - input, output, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - input_len, nonce, - aad, 0, - NULL, output, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - input_len, nonce, - aad, 0, - input, NULL, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - 0, nonce, - aad, 0, - input, output, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_encrypt_and_tag(NULL, + 0, nonce, + aad, 0, + input, output, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_encrypt_and_tag(&ctx, + 0, NULL, + aad, 0, + input, output, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_encrypt_and_tag(&ctx, + 0, nonce, + NULL, aad_len, + input, output, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_encrypt_and_tag(&ctx, + input_len, nonce, + aad, 0, + NULL, output, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_encrypt_and_tag(&ctx, + input_len, nonce, + aad, 0, + input, NULL, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_encrypt_and_tag(&ctx, + 0, nonce, + aad, 0, + input, output, NULL)); /* auth_decrypt */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( NULL, - 0, nonce, - aad, 0, - mac, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - 0, NULL, - aad, 0, - mac, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - 0, nonce, - NULL, aad_len, - mac, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - 0, nonce, - aad, 0, - NULL, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - input_len, nonce, - aad, 0, - mac, NULL, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - input_len, nonce, - aad, 0, - mac, input, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_auth_decrypt(NULL, + 0, nonce, + aad, 0, + mac, input, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_auth_decrypt(&ctx, + 0, NULL, + aad, 0, + mac, input, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_auth_decrypt(&ctx, + 0, nonce, + NULL, aad_len, + mac, input, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_auth_decrypt(&ctx, + 0, nonce, + aad, 0, + NULL, input, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_auth_decrypt(&ctx, + input_len, nonce, + aad, 0, + mac, NULL, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_auth_decrypt(&ctx, + input_len, nonce, + aad, 0, + mac, input, NULL)); /* starts */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_starts( NULL, nonce, - MBEDTLS_CHACHAPOLY_ENCRYPT ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_starts( &ctx, NULL, - MBEDTLS_CHACHAPOLY_ENCRYPT ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_starts(NULL, nonce, + MBEDTLS_CHACHAPOLY_ENCRYPT)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_starts(&ctx, NULL, + MBEDTLS_CHACHAPOLY_ENCRYPT)); /* update_aad */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update_aad( NULL, aad, - aad_len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update_aad( &ctx, NULL, - aad_len ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_update_aad(NULL, aad, + aad_len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_update_aad(&ctx, NULL, + aad_len)); /* update */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update( NULL, input_len, - input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update( &ctx, input_len, - NULL, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update( &ctx, input_len, - input, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_update(NULL, input_len, + input, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_update(&ctx, input_len, + NULL, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_update(&ctx, input_len, + input, NULL)); /* finish */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_finish( NULL, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_finish( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_finish(NULL, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_finish(&ctx, NULL)); exit: return; @@ -206,80 +216,80 @@ void chachapoly_state() unsigned char input[1]; unsigned char output[1]; unsigned char mac[16]; - size_t input_len = sizeof( input ); - size_t aad_len = sizeof( aad ); + size_t input_len = sizeof(input); + size_t aad_len = sizeof(aad); mbedtls_chachapoly_context ctx; - memset( key, 0x00, sizeof( key ) ); - memset( nonce, 0x00, sizeof( nonce ) ); - memset( aad, 0x00, sizeof( aad ) ); - memset( input, 0x00, sizeof( input ) ); - memset( output, 0x00, sizeof( output ) ); - memset( mac, 0x00, sizeof( mac ) ); + memset(key, 0x00, sizeof(key)); + memset(nonce, 0x00, sizeof(nonce)); + memset(aad, 0x00, sizeof(aad)); + memset(input, 0x00, sizeof(input)); + memset(output, 0x00, sizeof(output)); + memset(mac, 0x00, sizeof(mac)); /* Initial state: finish, update, update_aad forbidden */ - mbedtls_chachapoly_init( &ctx ); + mbedtls_chachapoly_init(&ctx); - TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); - TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); - TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); + TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); + TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); /* Still initial state: finish, update, update_aad forbidden */ - TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key ) - == 0 ); + TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key) + == 0); - TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); - TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); - TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); + TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); + TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); /* Starts -> finish OK */ - TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT ) - == 0 ); - TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac ) - == 0 ); + TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT) + == 0); + TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac) + == 0); /* After finish: update, update_aad forbidden */ - TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); - TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); + TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); /* Starts -> update* OK */ - TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT ) - == 0 ); - TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output ) - == 0 ); - TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output ) - == 0 ); + TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT) + == 0); + TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output) + == 0); + TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output) + == 0); /* After update: update_aad forbidden */ - TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); /* Starts -> update_aad* -> finish OK */ - TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT ) - == 0 ); - TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len ) - == 0 ); - TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len ) - == 0 ); - TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac ) - == 0 ); + TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT) + == 0); + TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len) + == 0); + TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len) + == 0); + TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac) + == 0); exit: - mbedtls_chachapoly_free( &ctx ); + mbedtls_chachapoly_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void chachapoly_selftest() { - TEST_ASSERT( mbedtls_chachapoly_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_chachapoly_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 4fe54c0c4049..ef9ff0aa2f21 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -20,35 +20,33 @@ * individual ciphers, and it doesn't work with the PSA wrappers. So don't do * it, and instead start with a fresh context. */ -static int cipher_reset_key( mbedtls_cipher_context_t *ctx, int cipher_id, - int use_psa, size_t tag_len, const data_t *key, int direction ) +static int cipher_reset_key(mbedtls_cipher_context_t *ctx, int cipher_id, + int use_psa, size_t tag_len, const data_t *key, int direction) { - mbedtls_cipher_free( ctx ); - mbedtls_cipher_init( ctx ); + mbedtls_cipher_free(ctx); + mbedtls_cipher_init(ctx); #if !defined(MBEDTLS_USE_PSA_CRYPTO) (void) use_psa; (void) tag_len; #else - if( use_psa == 1 ) - { - TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( ctx, - mbedtls_cipher_info_from_type( cipher_id ), - tag_len ) ); - } - else + if (use_psa == 1) { + TEST_ASSERT(0 == mbedtls_cipher_setup_psa(ctx, + mbedtls_cipher_info_from_type(cipher_id), + tag_len)); + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ { - TEST_ASSERT( 0 == mbedtls_cipher_setup( ctx, - mbedtls_cipher_info_from_type( cipher_id ) ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(ctx, + mbedtls_cipher_info_from_type(cipher_id))); } - TEST_ASSERT( 0 == mbedtls_cipher_setkey( ctx, key->x, 8 * key->len, - direction ) ); - return( 1 ); + TEST_ASSERT(0 == mbedtls_cipher_setkey(ctx, key->x, 8 * key->len, + direction)); + return 1; exit: - return( 0 ); + return 0; } /* @@ -56,11 +54,13 @@ exit: * return 1 if it is, * 0 if it isn't. */ -int buffer_is_all_zero( const uint8_t *buf, size_t size ) +int buffer_is_all_zero(const uint8_t *buf, size_t size) { - for( size_t i = 0; i < size; i++ ) - if( buf[i] != 0 ) + for (size_t i = 0; i < size; i++) { + if (buf[i] != 0) { return 0; + } + } return 1; } #endif /* MBEDTLS_CIPHER_AUTH_CRYPT */ @@ -73,17 +73,18 @@ int buffer_is_all_zero( const uint8_t *buf, size_t size ) */ /* BEGIN_CASE */ -void mbedtls_cipher_list( ) +void mbedtls_cipher_list() { const int *cipher_type; - for( cipher_type = mbedtls_cipher_list(); *cipher_type != 0; cipher_type++ ) - TEST_ASSERT( mbedtls_cipher_info_from_type( *cipher_type ) != NULL ); + for (cipher_type = mbedtls_cipher_list(); *cipher_type != 0; cipher_type++) { + TEST_ASSERT(mbedtls_cipher_info_from_type(*cipher_type) != NULL); + } } /* END_CASE */ /* BEGIN_CASE */ -void cipher_invalid_param_unconditional( ) +void cipher_invalid_param_unconditional() { mbedtls_cipher_context_t valid_ctx; mbedtls_cipher_context_t invalid_ctx; @@ -93,120 +94,120 @@ void cipher_invalid_param_unconditional( ) int valid_size = sizeof(valid_buffer); int valid_bitlen = valid_size * 8; const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type( - *( mbedtls_cipher_list() ) ); + *(mbedtls_cipher_list())); size_t size_t_var; - (void)valid_mode; /* In some configurations this is unused */ + (void) valid_mode; /* In some configurations this is unused */ - mbedtls_cipher_init( &valid_ctx ); - mbedtls_cipher_init( &invalid_ctx ); + mbedtls_cipher_init(&valid_ctx); + mbedtls_cipher_init(&invalid_ctx); - TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, valid_info ) == 0 ); + TEST_ASSERT(mbedtls_cipher_setup(&valid_ctx, valid_info) == 0); /* mbedtls_cipher_setup() */ - TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, NULL ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_setup(&valid_ctx, NULL) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); /* mbedtls_cipher_get_block_size() */ - TEST_ASSERT( mbedtls_cipher_get_block_size( &invalid_ctx ) == 0 ); + TEST_ASSERT(mbedtls_cipher_get_block_size(&invalid_ctx) == 0); /* mbedtls_cipher_get_cipher_mode() */ - TEST_ASSERT( mbedtls_cipher_get_cipher_mode( &invalid_ctx ) == - MBEDTLS_MODE_NONE ); + TEST_ASSERT(mbedtls_cipher_get_cipher_mode(&invalid_ctx) == + MBEDTLS_MODE_NONE); /* mbedtls_cipher_get_iv_size() */ - TEST_ASSERT( mbedtls_cipher_get_iv_size( &invalid_ctx ) == 0 ); + TEST_ASSERT(mbedtls_cipher_get_iv_size(&invalid_ctx) == 0); /* mbedtls_cipher_get_type() */ TEST_ASSERT( - mbedtls_cipher_get_type( &invalid_ctx ) == + mbedtls_cipher_get_type(&invalid_ctx) == MBEDTLS_CIPHER_NONE); /* mbedtls_cipher_get_name() */ - TEST_ASSERT( mbedtls_cipher_get_name( &invalid_ctx ) == 0 ); + TEST_ASSERT(mbedtls_cipher_get_name(&invalid_ctx) == 0); /* mbedtls_cipher_get_key_bitlen() */ - TEST_ASSERT( mbedtls_cipher_get_key_bitlen( &invalid_ctx ) == - MBEDTLS_KEY_LENGTH_NONE ); + TEST_ASSERT(mbedtls_cipher_get_key_bitlen(&invalid_ctx) == + MBEDTLS_KEY_LENGTH_NONE); /* mbedtls_cipher_get_operation() */ - TEST_ASSERT( mbedtls_cipher_get_operation( &invalid_ctx ) == - MBEDTLS_OPERATION_NONE ); + TEST_ASSERT(mbedtls_cipher_get_operation(&invalid_ctx) == + MBEDTLS_OPERATION_NONE); /* mbedtls_cipher_setkey() */ TEST_ASSERT( - mbedtls_cipher_setkey( &invalid_ctx, - valid_buffer, - valid_bitlen, - valid_operation ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_setkey(&invalid_ctx, + valid_buffer, + valid_bitlen, + valid_operation) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); /* mbedtls_cipher_set_iv() */ TEST_ASSERT( - mbedtls_cipher_set_iv( &invalid_ctx, - valid_buffer, - valid_size ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_set_iv(&invalid_ctx, + valid_buffer, + valid_size) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); /* mbedtls_cipher_reset() */ - TEST_ASSERT( mbedtls_cipher_reset( &invalid_ctx ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_reset(&invalid_ctx) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /* mbedtls_cipher_update_ad() */ TEST_ASSERT( - mbedtls_cipher_update_ad( &invalid_ctx, - valid_buffer, - valid_size ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_update_ad(&invalid_ctx, + valid_buffer, + valid_size) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); #endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */ #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /* mbedtls_cipher_set_padding_mode() */ - TEST_ASSERT( mbedtls_cipher_set_padding_mode( &invalid_ctx, valid_mode ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_set_padding_mode(&invalid_ctx, valid_mode) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); #endif /* mbedtls_cipher_update() */ TEST_ASSERT( - mbedtls_cipher_update( &invalid_ctx, - valid_buffer, - valid_size, - valid_buffer, - &size_t_var ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_update(&invalid_ctx, + valid_buffer, + valid_size, + valid_buffer, + &size_t_var) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); /* mbedtls_cipher_finish() */ TEST_ASSERT( - mbedtls_cipher_finish( &invalid_ctx, - valid_buffer, - &size_t_var ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_finish(&invalid_ctx, + valid_buffer, + &size_t_var) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /* mbedtls_cipher_write_tag() */ TEST_ASSERT( - mbedtls_cipher_write_tag( &invalid_ctx, - valid_buffer, - valid_size ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_write_tag(&invalid_ctx, + valid_buffer, + valid_size) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); /* mbedtls_cipher_check_tag() */ TEST_ASSERT( - mbedtls_cipher_check_tag( &invalid_ctx, - valid_buffer, - valid_size ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_check_tag(&invalid_ctx, + valid_buffer, + valid_size) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); #endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */ exit: - mbedtls_cipher_free( &invalid_ctx ); - mbedtls_cipher_free( &valid_ctx ); + mbedtls_cipher_free(&invalid_ctx); + mbedtls_cipher_free(&valid_ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void cipher_invalid_param_conditional( ) +void cipher_invalid_param_conditional() { mbedtls_cipher_context_t valid_ctx; @@ -217,488 +218,488 @@ void cipher_invalid_param_conditional( ) int valid_size = sizeof(valid_buffer); int valid_bitlen = valid_size * 8; const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type( - *( mbedtls_cipher_list() ) ); + *(mbedtls_cipher_list())); size_t size_t_var; - (void)valid_mode; /* In some configurations this is unused */ + (void) valid_mode; /* In some configurations this is unused */ /* mbedtls_cipher_init() */ - TEST_VALID_PARAM( mbedtls_cipher_init( &valid_ctx ) ); - TEST_INVALID_PARAM( mbedtls_cipher_init( NULL ) ); + TEST_VALID_PARAM(mbedtls_cipher_init(&valid_ctx)); + TEST_INVALID_PARAM(mbedtls_cipher_init(NULL)); /* mbedtls_cipher_setup() */ - TEST_VALID_PARAM( mbedtls_cipher_setup( &valid_ctx, valid_info ) ); + TEST_VALID_PARAM(mbedtls_cipher_setup(&valid_ctx, valid_info)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_setup( NULL, valid_info ) ); + mbedtls_cipher_setup(NULL, valid_info)); /* mbedtls_cipher_get_block_size() */ - TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_block_size( NULL ) ); + TEST_INVALID_PARAM_RET(0, mbedtls_cipher_get_block_size(NULL)); /* mbedtls_cipher_get_cipher_mode() */ TEST_INVALID_PARAM_RET( MBEDTLS_MODE_NONE, - mbedtls_cipher_get_cipher_mode( NULL ) ); + mbedtls_cipher_get_cipher_mode(NULL)); /* mbedtls_cipher_get_iv_size() */ - TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_iv_size( NULL ) ); + TEST_INVALID_PARAM_RET(0, mbedtls_cipher_get_iv_size(NULL)); /* mbedtls_cipher_get_type() */ TEST_INVALID_PARAM_RET( MBEDTLS_CIPHER_NONE, - mbedtls_cipher_get_type( NULL ) ); + mbedtls_cipher_get_type(NULL)); /* mbedtls_cipher_get_name() */ - TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_name( NULL ) ); + TEST_INVALID_PARAM_RET(0, mbedtls_cipher_get_name(NULL)); /* mbedtls_cipher_get_key_bitlen() */ TEST_INVALID_PARAM_RET( MBEDTLS_KEY_LENGTH_NONE, - mbedtls_cipher_get_key_bitlen( NULL ) ); + mbedtls_cipher_get_key_bitlen(NULL)); /* mbedtls_cipher_get_operation() */ TEST_INVALID_PARAM_RET( MBEDTLS_OPERATION_NONE, - mbedtls_cipher_get_operation( NULL ) ); + mbedtls_cipher_get_operation(NULL)); /* mbedtls_cipher_setkey() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_setkey( NULL, - valid_buffer, - valid_bitlen, - valid_operation ) ); + mbedtls_cipher_setkey(NULL, + valid_buffer, + valid_bitlen, + valid_operation)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_setkey( &valid_ctx, - NULL, - valid_bitlen, - valid_operation ) ); + mbedtls_cipher_setkey(&valid_ctx, + NULL, + valid_bitlen, + valid_operation)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_setkey( &valid_ctx, - valid_buffer, - valid_bitlen, - invalid_operation ) ); + mbedtls_cipher_setkey(&valid_ctx, + valid_buffer, + valid_bitlen, + invalid_operation)); /* mbedtls_cipher_set_iv() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_set_iv( NULL, - valid_buffer, - valid_size ) ); + mbedtls_cipher_set_iv(NULL, + valid_buffer, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_set_iv( &valid_ctx, - NULL, - valid_size ) ); + mbedtls_cipher_set_iv(&valid_ctx, + NULL, + valid_size)); /* mbedtls_cipher_reset() */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_reset( NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + mbedtls_cipher_reset(NULL)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /* mbedtls_cipher_update_ad() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update_ad( NULL, - valid_buffer, - valid_size ) ); + mbedtls_cipher_update_ad(NULL, + valid_buffer, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update_ad( &valid_ctx, - NULL, - valid_size ) ); + mbedtls_cipher_update_ad(&valid_ctx, + NULL, + valid_size)); #endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */ #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /* mbedtls_cipher_set_padding_mode() */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_set_padding_mode( NULL, valid_mode ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + mbedtls_cipher_set_padding_mode(NULL, valid_mode)); #endif /* mbedtls_cipher_update() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update( NULL, - valid_buffer, - valid_size, - valid_buffer, - &size_t_var ) ); + mbedtls_cipher_update(NULL, + valid_buffer, + valid_size, + valid_buffer, + &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update( &valid_ctx, - NULL, valid_size, - valid_buffer, - &size_t_var ) ); + mbedtls_cipher_update(&valid_ctx, + NULL, valid_size, + valid_buffer, + &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update( &valid_ctx, - valid_buffer, valid_size, - NULL, - &size_t_var ) ); + mbedtls_cipher_update(&valid_ctx, + valid_buffer, valid_size, + NULL, + &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, - NULL ) ); + mbedtls_cipher_update(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, + NULL)); /* mbedtls_cipher_finish() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_finish( NULL, - valid_buffer, - &size_t_var ) ); + mbedtls_cipher_finish(NULL, + valid_buffer, + &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_finish( &valid_ctx, - NULL, - &size_t_var ) ); + mbedtls_cipher_finish(&valid_ctx, + NULL, + &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_finish( &valid_ctx, - valid_buffer, - NULL ) ); + mbedtls_cipher_finish(&valid_ctx, + valid_buffer, + NULL)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /* mbedtls_cipher_write_tag() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_write_tag( NULL, - valid_buffer, - valid_size ) ); + mbedtls_cipher_write_tag(NULL, + valid_buffer, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_write_tag( &valid_ctx, - NULL, - valid_size ) ); + mbedtls_cipher_write_tag(&valid_ctx, + NULL, + valid_size)); /* mbedtls_cipher_check_tag() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_check_tag( NULL, - valid_buffer, - valid_size ) ); + mbedtls_cipher_check_tag(NULL, + valid_buffer, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_check_tag( &valid_ctx, - NULL, - valid_size ) ); + mbedtls_cipher_check_tag(&valid_ctx, + NULL, + valid_size)); #endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */ /* mbedtls_cipher_crypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var ) ); + mbedtls_cipher_crypt(NULL, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var ) ); + mbedtls_cipher_crypt(&valid_ctx, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, &size_t_var ) ); + mbedtls_cipher_crypt(&valid_ctx, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, &size_t_var ) ); + mbedtls_cipher_crypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, NULL ) ); + mbedtls_cipher_crypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, NULL)); #if defined(MBEDTLS_CIPHER_MODE_AEAD) /* mbedtls_cipher_auth_encrypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_encrypt(NULL, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_encrypt(&valid_ctx, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_encrypt(&valid_ctx, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_encrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_encrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, NULL, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_encrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, NULL, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - NULL, valid_size ) ); + mbedtls_cipher_auth_encrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + NULL, valid_size)); /* mbedtls_cipher_auth_decrypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_decrypt(NULL, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_decrypt(&valid_ctx, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_decrypt(&valid_ctx, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_decrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_decrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, NULL, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_decrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, NULL, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - NULL, valid_size ) ); + mbedtls_cipher_auth_decrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + NULL, valid_size)); #endif /* defined(MBEDTLS_CIPHER_MODE_AEAD) */ #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) /* mbedtls_cipher_auth_encrypt_ext */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_encrypt_ext(NULL, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_encrypt_ext(&valid_ctx, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_encrypt_ext(&valid_ctx, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_encrypt_ext(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_encrypt_ext(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, NULL, - valid_size ) ); + mbedtls_cipher_auth_encrypt_ext(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, NULL, + valid_size)); /* mbedtls_cipher_auth_decrypt_ext */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_decrypt_ext(NULL, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_decrypt_ext(&valid_ctx, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_decrypt_ext(&valid_ctx, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_decrypt_ext(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_decrypt_ext(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, NULL, - valid_size ) ); + mbedtls_cipher_auth_decrypt_ext(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, NULL, + valid_size)); #endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ /* mbedtls_cipher_free() */ - TEST_VALID_PARAM( mbedtls_cipher_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_cipher_free(NULL)); exit: - TEST_VALID_PARAM( mbedtls_cipher_free( &valid_ctx ) ); + TEST_VALID_PARAM(mbedtls_cipher_free(&valid_ctx)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ -void cipher_special_behaviours( ) +void cipher_special_behaviours() { const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; unsigned char input[32]; unsigned char output[32]; -#if defined (MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) unsigned char iv[32]; #endif size_t olen = 0; - mbedtls_cipher_init( &ctx ); - memset( input, 0, sizeof( input ) ); - memset( output, 0, sizeof( output ) ); + mbedtls_cipher_init(&ctx); + memset(input, 0, sizeof(input)); + memset(output, 0, sizeof(output)); #if defined(MBEDTLS_CIPHER_MODE_CBC) - memset( iv, 0, sizeof( iv ) ); + memset(iv, 0, sizeof(iv)); /* Check and get info structures */ - cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_CBC ); - TEST_ASSERT( NULL != cipher_info ); + cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_CBC); + TEST_ASSERT(NULL != cipher_info); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, cipher_info)); /* IV too big */ - TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, MBEDTLS_MAX_IV_LENGTH + 1 ) - == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + TEST_ASSERT(mbedtls_cipher_set_iv(&ctx, iv, MBEDTLS_MAX_IV_LENGTH + 1) + == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE); /* IV too small */ - TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, 0 ) - == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_set_iv(&ctx, iv, 0) + == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - mbedtls_cipher_free( &ctx ); - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_free(&ctx); + mbedtls_cipher_init(&ctx); #endif /* MBEDTLS_CIPHER_MODE_CBC */ - cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB ); - TEST_ASSERT( NULL != cipher_info ); + cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB); + TEST_ASSERT(NULL != cipher_info); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, cipher_info)); /* Update ECB with partial block */ - TEST_ASSERT( mbedtls_cipher_update( &ctx, input, 1, output, &olen ) - == MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + TEST_ASSERT(mbedtls_cipher_update(&ctx, input, 1, output, &olen) + == MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED); exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void enc_dec_buf( int cipher_id, char * cipher_string, int key_len, - int length_val, int pad_mode ) +void enc_dec_buf(int cipher_id, char *cipher_string, int key_len, + int length_val, int pad_mode) { size_t length = length_val, outlen, total_len, i, block_size, iv_len; unsigned char key[64]; @@ -716,28 +717,27 @@ void enc_dec_buf( int cipher_id, char * cipher_string, int key_len, /* * Prepare contexts */ - mbedtls_cipher_init( &ctx_dec ); - mbedtls_cipher_init( &ctx_enc ); + mbedtls_cipher_init(&ctx_dec); + mbedtls_cipher_init(&ctx_enc); - memset( key, 0x2a, sizeof( key ) ); + memset(key, 0x2a, sizeof(key)); /* Check and get info structures */ - cipher_info = mbedtls_cipher_info_from_type( cipher_id ); - TEST_ASSERT( NULL != cipher_info ); - TEST_ASSERT( mbedtls_cipher_info_from_string( cipher_string ) == cipher_info ); + cipher_info = mbedtls_cipher_info_from_type(cipher_id); + TEST_ASSERT(NULL != cipher_info); + TEST_ASSERT(mbedtls_cipher_info_from_string(cipher_string) == cipher_info); /* Initialise enc and dec contexts */ - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info)); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_enc, cipher_info)); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) ); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec, key, key_len, MBEDTLS_DECRYPT)); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_enc, key, key_len, MBEDTLS_ENCRYPT)); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - if( -1 != pad_mode ) - { - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) ); - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) ); + if (-1 != pad_mode) { + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_dec, pad_mode)); + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_enc, pad_mode)); } #else (void) pad_mode; @@ -746,90 +746,90 @@ void enc_dec_buf( int cipher_id, char * cipher_string, int key_len, /* * Do a few encode/decode cycles */ - for( i = 0; i < 3; i++ ) - { - memset( iv , 0x00 + i, sizeof( iv ) ); - memset( ad, 0x10 + i, sizeof( ad ) ); - memset( inbuf, 0x20 + i, sizeof( inbuf ) ); - - memset( encbuf, 0, sizeof( encbuf ) ); - memset( decbuf, 0, sizeof( decbuf ) ); - memset( tag, 0, sizeof( tag ) ); - - if( cipher_info->type == MBEDTLS_CIPHER_CHACHA20 || - cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 ) - iv_len = 12; - else - iv_len = sizeof(iv); + for (i = 0; i < 3; i++) { + memset(iv, 0x00 + i, sizeof(iv)); + memset(ad, 0x10 + i, sizeof(ad)); + memset(inbuf, 0x20 + i, sizeof(inbuf)); + + memset(encbuf, 0, sizeof(encbuf)); + memset(decbuf, 0, sizeof(decbuf)); + memset(tag, 0, sizeof(tag)); + + if (cipher_info->type == MBEDTLS_CIPHER_CHACHA20 || + cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) { + iv_len = 12; + } else { + iv_len = sizeof(iv); + } - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, iv_len ) ); - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, iv_len ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len)); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_enc, iv, iv_len)); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) ); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) ); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_dec)); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_enc)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) ); - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) ); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_dec, ad, sizeof(ad) - i)); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_enc, ad, sizeof(ad) - i)); #endif - block_size = mbedtls_cipher_get_block_size( &ctx_enc ); - TEST_ASSERT( block_size != 0 ); + block_size = mbedtls_cipher_get_block_size(&ctx_enc); + TEST_ASSERT(block_size != 0); - /* encode length number of bytes from inbuf */ - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) ); - total_len = outlen; + /* encode length number of bytes from inbuf */ + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx_enc, inbuf, length, encbuf, &outlen)); + total_len = outlen; - TEST_ASSERT( total_len == length || - ( total_len % block_size == 0 && - total_len < length && - total_len + block_size > length ) ); + TEST_ASSERT(total_len == length || + (total_len % block_size == 0 && + total_len < length && + total_len + block_size > length)); - TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) ); - total_len += outlen; + TEST_ASSERT(0 == mbedtls_cipher_finish(&ctx_enc, encbuf + outlen, &outlen)); + total_len += outlen; #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) ); + TEST_ASSERT(0 == mbedtls_cipher_write_tag(&ctx_enc, tag, sizeof(tag))); #endif - TEST_ASSERT( total_len == length || - ( total_len % block_size == 0 && - total_len > length && - total_len <= length + block_size ) ); + TEST_ASSERT(total_len == length || + (total_len % block_size == 0 && + total_len > length && + total_len <= length + block_size)); - /* decode the previously encoded string */ - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, total_len, decbuf, &outlen ) ); - total_len = outlen; + /* decode the previously encoded string */ + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx_dec, encbuf, total_len, decbuf, &outlen)); + total_len = outlen; - TEST_ASSERT( total_len == length || - ( total_len % block_size == 0 && - total_len < length && - total_len + block_size >= length ) ); + TEST_ASSERT(total_len == length || + (total_len % block_size == 0 && + total_len < length && + total_len + block_size >= length)); - TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) ); - total_len += outlen; + TEST_ASSERT(0 == mbedtls_cipher_finish(&ctx_dec, decbuf + outlen, &outlen)); + total_len += outlen; #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) ); + TEST_ASSERT(0 == mbedtls_cipher_check_tag(&ctx_dec, tag, sizeof(tag))); #endif - /* check result */ - TEST_ASSERT( total_len == length ); - TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) ); + /* check result */ + TEST_ASSERT(total_len == length); + TEST_ASSERT(0 == memcmp(inbuf, decbuf, length)); } /* * Done */ exit: - mbedtls_cipher_free( &ctx_dec ); - mbedtls_cipher_free( &ctx_enc ); + mbedtls_cipher_free(&ctx_dec); + mbedtls_cipher_free(&ctx_enc); } /* END_CASE */ /* BEGIN_CASE */ -void enc_fail( int cipher_id, int pad_mode, int key_len, int length_val, - int ret ) +void enc_fail(int cipher_id, int pad_mode, int key_len, int length_val, + int ret) { size_t length = length_val; unsigned char key[32]; @@ -843,46 +843,46 @@ void enc_fail( int cipher_id, int pad_mode, int key_len, int length_val, size_t outlen = 0; - memset( key, 0, 32 ); - memset( iv , 0, 16 ); + memset(key, 0, 32); + memset(iv, 0, 16); - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - memset( inbuf, 5, 64 ); - memset( encbuf, 0, 64 ); + memset(inbuf, 5, 64); + memset(encbuf, 0, 64); /* Check and get info structures */ - cipher_info = mbedtls_cipher_info_from_type( cipher_id ); - TEST_ASSERT( NULL != cipher_info ); + cipher_info = mbedtls_cipher_info_from_type(cipher_id); + TEST_ASSERT(NULL != cipher_info); /* Initialise context */ - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, key_len, MBEDTLS_ENCRYPT ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, cipher_info)); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx, key, key_len, MBEDTLS_ENCRYPT)); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx, pad_mode)); #else (void) pad_mode; #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv, 16 ) ); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx, iv, 16)); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, NULL, 0 ) ); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx, NULL, 0)); #endif /* encode length number of bytes from inbuf */ - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, inbuf, length, encbuf, &outlen ) ); - TEST_ASSERT( ret == mbedtls_cipher_finish( &ctx, encbuf + outlen, &outlen ) ); + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx, inbuf, length, encbuf, &outlen)); + TEST_ASSERT(ret == mbedtls_cipher_finish(&ctx, encbuf + outlen, &outlen)); /* done */ exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void dec_empty_buf( int cipher, - int expected_update_ret, - int expected_finish_ret ) +void dec_empty_buf(int cipher, + int expected_update_ret, + int expected_finish_ret) { unsigned char key[32]; unsigned char iv[16]; @@ -896,47 +896,47 @@ void dec_empty_buf( int cipher, size_t outlen = 0; - memset( key, 0, 32 ); - memset( iv , 0, 16 ); + memset(key, 0, 32); + memset(iv, 0, 16); - mbedtls_cipher_init( &ctx_dec ); + mbedtls_cipher_init(&ctx_dec); - memset( encbuf, 0, 64 ); - memset( decbuf, 0, 64 ); + memset(encbuf, 0, 64); + memset(decbuf, 0, 64); /* Initialise context */ - cipher_info = mbedtls_cipher_info_from_type( cipher ); - TEST_ASSERT( NULL != cipher_info); + cipher_info = mbedtls_cipher_info_from_type(cipher); + TEST_ASSERT(NULL != cipher_info); - if( cipher_info->type == MBEDTLS_CIPHER_CHACHA20 || - cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 ) + if (cipher_info->type == MBEDTLS_CIPHER_CHACHA20 || + cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) { iv_len = 12; + } - TEST_ASSERT( sizeof(key) * 8 >= cipher_info->key_bitlen ); + TEST_ASSERT(sizeof(key) * 8 >= cipher_info->key_bitlen); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info)); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, - key, cipher_info->key_bitlen, - MBEDTLS_DECRYPT ) ); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec, + key, cipher_info->key_bitlen, + MBEDTLS_DECRYPT)); - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, iv_len ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len)); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) ); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_dec)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) ); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_dec, NULL, 0)); #endif /* decode 0-byte string */ - TEST_ASSERT( expected_update_ret == - mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) ); - TEST_ASSERT( 0 == outlen ); + TEST_ASSERT(expected_update_ret == + mbedtls_cipher_update(&ctx_dec, encbuf, 0, decbuf, &outlen)); + TEST_ASSERT(0 == outlen); - if ( expected_finish_ret == 0 && - ( cipher_info->mode == MBEDTLS_MODE_CBC || - cipher_info->mode == MBEDTLS_MODE_ECB ) ) - { + if (expected_finish_ret == 0 && + (cipher_info->mode == MBEDTLS_MODE_CBC || + cipher_info->mode == MBEDTLS_MODE_ECB)) { /* Non-CBC and non-ECB ciphers are OK with decrypting empty buffers and * return success, not MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED, when * decrypting an empty buffer. @@ -945,20 +945,20 @@ void dec_empty_buf( int cipher, expected_finish_ret = MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; } - TEST_ASSERT( expected_finish_ret == mbedtls_cipher_finish( - &ctx_dec, decbuf + outlen, &outlen ) ); - TEST_ASSERT( 0 == outlen ); + TEST_ASSERT(expected_finish_ret == mbedtls_cipher_finish( + &ctx_dec, decbuf + outlen, &outlen)); + TEST_ASSERT(0 == outlen); exit: - mbedtls_cipher_free( &ctx_dec ); + mbedtls_cipher_free(&ctx_dec); } /* END_CASE */ /* BEGIN_CASE */ -void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val, - int second_length_val, int pad_mode, - int first_encrypt_output_len, int second_encrypt_output_len, - int first_decrypt_output_len, int second_decrypt_output_len ) +void enc_dec_buf_multipart(int cipher_id, int key_len, int first_length_val, + int second_length_val, int pad_mode, + int first_encrypt_output_len, int second_encrypt_output_len, + int first_decrypt_output_len, int second_decrypt_output_len) { size_t first_length = first_length_val; size_t second_length = second_length_val; @@ -978,115 +978,121 @@ void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val, size_t outlen = 0; size_t totaloutlen = 0; - memset( key, 0, 32 ); - memset( iv , 0, 16 ); + memset(key, 0, 32); + memset(iv, 0, 16); - mbedtls_cipher_init( &ctx_dec ); - mbedtls_cipher_init( &ctx_enc ); + mbedtls_cipher_init(&ctx_dec); + mbedtls_cipher_init(&ctx_enc); - memset( inbuf, 5, 64 ); - memset( encbuf, 0, 64 ); - memset( decbuf, 0, 64 ); + memset(inbuf, 5, 64); + memset(encbuf, 0, 64); + memset(decbuf, 0, 64); /* Initialise enc and dec contexts */ - cipher_info = mbedtls_cipher_info_from_type( cipher_id ); - TEST_ASSERT( NULL != cipher_info); + cipher_info = mbedtls_cipher_info_from_type(cipher_id); + TEST_ASSERT(NULL != cipher_info); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info)); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_enc, cipher_info)); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) ); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec, key, key_len, MBEDTLS_DECRYPT)); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_enc, key, key_len, MBEDTLS_ENCRYPT)); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - if( -1 != pad_mode ) - { - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) ); - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) ); + if (-1 != pad_mode) { + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_dec, pad_mode)); + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_enc, pad_mode)); } #else (void) pad_mode; #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ - if( cipher_info->type == MBEDTLS_CIPHER_CHACHA20 || - cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 ) + if (cipher_info->type == MBEDTLS_CIPHER_CHACHA20 || + cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) { iv_len = 12; - else + } else { iv_len = sizeof(iv); + } - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, iv_len ) ); - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, iv_len ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len)); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_enc, iv, iv_len)); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) ); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) ); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_dec)); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_enc)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) ); - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, NULL, 0 ) ); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_dec, NULL, 0)); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_enc, NULL, 0)); #endif - block_size = mbedtls_cipher_get_block_size( &ctx_enc ); - TEST_ASSERT( block_size != 0 ); + block_size = mbedtls_cipher_get_block_size(&ctx_enc); + TEST_ASSERT(block_size != 0); /* encode length number of bytes from inbuf */ - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) ); - TEST_ASSERT( (size_t)first_encrypt_output_len == outlen ); + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx_enc, inbuf, first_length, encbuf, &outlen)); + TEST_ASSERT((size_t) first_encrypt_output_len == outlen); totaloutlen = outlen; - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf + first_length, second_length, encbuf + totaloutlen, &outlen ) ); - TEST_ASSERT( (size_t)second_encrypt_output_len == outlen ); + TEST_ASSERT(0 == + mbedtls_cipher_update(&ctx_enc, inbuf + first_length, second_length, + encbuf + totaloutlen, + &outlen)); + TEST_ASSERT((size_t) second_encrypt_output_len == outlen); totaloutlen += outlen; - TEST_ASSERT( totaloutlen == length || - ( totaloutlen % block_size == 0 && - totaloutlen < length && - totaloutlen + block_size > length ) ); + TEST_ASSERT(totaloutlen == length || + (totaloutlen % block_size == 0 && + totaloutlen < length && + totaloutlen + block_size > length)); - TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + totaloutlen, &outlen ) ); + TEST_ASSERT(0 == mbedtls_cipher_finish(&ctx_enc, encbuf + totaloutlen, &outlen)); totaloutlen += outlen; - TEST_ASSERT( totaloutlen == length || - ( totaloutlen % block_size == 0 && - totaloutlen > length && - totaloutlen <= length + block_size ) ); + TEST_ASSERT(totaloutlen == length || + (totaloutlen % block_size == 0 && + totaloutlen > length && + totaloutlen <= length + block_size)); /* decode the previously encoded string */ second_length = totaloutlen - first_length; - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, first_length, decbuf, &outlen ) ); - TEST_ASSERT( (size_t)first_decrypt_output_len == outlen ); + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx_dec, encbuf, first_length, decbuf, &outlen)); + TEST_ASSERT((size_t) first_decrypt_output_len == outlen); totaloutlen = outlen; - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf + first_length, second_length, decbuf + totaloutlen, &outlen ) ); - TEST_ASSERT( (size_t)second_decrypt_output_len == outlen ); + TEST_ASSERT(0 == + mbedtls_cipher_update(&ctx_dec, encbuf + first_length, second_length, + decbuf + totaloutlen, + &outlen)); + TEST_ASSERT((size_t) second_decrypt_output_len == outlen); totaloutlen += outlen; - TEST_ASSERT( totaloutlen == length || - ( totaloutlen % block_size == 0 && - totaloutlen < length && - totaloutlen + block_size >= length ) ); + TEST_ASSERT(totaloutlen == length || + (totaloutlen % block_size == 0 && + totaloutlen < length && + totaloutlen + block_size >= length)); - TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + totaloutlen, &outlen ) ); + TEST_ASSERT(0 == mbedtls_cipher_finish(&ctx_dec, decbuf + totaloutlen, &outlen)); totaloutlen += outlen; - TEST_ASSERT( totaloutlen == length ); + TEST_ASSERT(totaloutlen == length); - TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) ); + TEST_ASSERT(0 == memcmp(inbuf, decbuf, length)); exit: - mbedtls_cipher_free( &ctx_dec ); - mbedtls_cipher_free( &ctx_enc ); + mbedtls_cipher_free(&ctx_dec); + mbedtls_cipher_free(&ctx_enc); } /* END_CASE */ /* BEGIN_CASE */ -void decrypt_test_vec( int cipher_id, int pad_mode, data_t * key, - data_t * iv, data_t * cipher, - data_t * clear, data_t * ad, data_t * tag, - int finish_result, int tag_result ) +void decrypt_test_vec(int cipher_id, int pad_mode, data_t *key, + data_t *iv, data_t *cipher, + data_t *clear, data_t *ad, data_t *tag, + int finish_result, int tag_result) { unsigned char output[265]; mbedtls_cipher_context_t ctx; size_t outlen, total_len; - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - memset( output, 0x00, sizeof( output ) ); + memset(output, 0x00, sizeof(output)); #if !defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CHACHAPOLY_C) ((void) ad); @@ -1094,48 +1100,48 @@ void decrypt_test_vec( int cipher_id, int pad_mode, data_t * key, #endif /* Prepare context */ - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, - mbedtls_cipher_info_from_type( cipher_id ) ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, + mbedtls_cipher_info_from_type(cipher_id))); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT)); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - if( pad_mode != -1 ) - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); + if (pad_mode != -1) { + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx, pad_mode)); + } #else (void) pad_mode; #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv->x, iv->len ) ); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx, iv->x, iv->len)); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, ad->x, ad->len ) ); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx, ad->x, ad->len)); #endif /* decode buffer and check tag->x */ total_len = 0; - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, cipher->x, cipher->len, output, &outlen ) ); + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx, cipher->x, cipher->len, output, &outlen)); total_len += outlen; - TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen, - &outlen ) ); + TEST_ASSERT(finish_result == mbedtls_cipher_finish(&ctx, output + outlen, + &outlen)); total_len += outlen; #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( tag_result == mbedtls_cipher_check_tag( &ctx, tag->x, tag->len ) ); + TEST_ASSERT(tag_result == mbedtls_cipher_check_tag(&ctx, tag->x, tag->len)); #endif /* check plaintext only if everything went fine */ - if( 0 == finish_result && 0 == tag_result ) - { - TEST_ASSERT( total_len == clear->len ); - TEST_ASSERT( 0 == memcmp( output, clear->x, clear->len ) ); + if (0 == finish_result && 0 == tag_result) { + TEST_ASSERT(total_len == clear->len); + TEST_ASSERT(0 == memcmp(output, clear->x, clear->len)); } exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_AUTH_CRYPT */ -void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, - data_t * ad, data_t * cipher, data_t * tag, - char * result, data_t * clear, int use_psa ) +void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, + data_t *ad, data_t *cipher, data_t *tag, + char *result, data_t *clear, int use_psa) { /* * Take an AEAD ciphertext + tag and perform a pair @@ -1172,19 +1178,23 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, /* Null pointers are documented as valid for inputs of length 0. * The test framework passes non-null pointers, so set them to NULL. * key, cipher and tag can't be empty. */ - if( iv->len == 0 ) + if (iv->len == 0) { iv->x = NULL; - if( ad->len == 0 ) + } + if (ad->len == 0) { ad->x = NULL; - if( clear->len == 0 ) + } + if (clear->len == 0) { clear->x = NULL; + } - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); /* Initialize PSA Crypto */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( use_psa == 1 ) - PSA_ASSERT( psa_crypto_init( ) ); + if (use_psa == 1) { + PSA_ASSERT(psa_crypto_init()); + } #else (void) use_psa; #endif @@ -1209,125 +1219,121 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, /* * Prepare context for decryption */ - if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, - MBEDTLS_DECRYPT ) ) + if (!cipher_reset_key(&ctx, cipher_id, use_psa, tag->len, key, + MBEDTLS_DECRYPT)) { goto exit; + } /* * prepare buffer for decryption * (we need the tag appended to the ciphertext) */ cipher_plus_tag_len = cipher->len + tag->len; - ASSERT_ALLOC( cipher_plus_tag, cipher_plus_tag_len ); - memcpy( cipher_plus_tag, cipher->x, cipher->len ); - memcpy( cipher_plus_tag + cipher->len, tag->x, tag->len ); + ASSERT_ALLOC(cipher_plus_tag, cipher_plus_tag_len); + memcpy(cipher_plus_tag, cipher->x, cipher->len); + memcpy(cipher_plus_tag + cipher->len, tag->x, tag->len); /* * Compute length of output buffer according to the documentation */ - if( using_nist_kw ) + if (using_nist_kw) { decrypt_buf_len = cipher_plus_tag_len - 8; - else + } else { decrypt_buf_len = cipher_plus_tag_len - tag->len; + } /* * Try decrypting to a buffer that's 1B too small */ - if( decrypt_buf_len != 0 ) - { - ASSERT_ALLOC( decrypt_buf, decrypt_buf_len - 1 ); + if (decrypt_buf_len != 0) { + ASSERT_ALLOC(decrypt_buf, decrypt_buf_len - 1); outlen = 0; - ret = mbedtls_cipher_auth_decrypt_ext( &ctx, iv->x, iv->len, - ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len, - decrypt_buf, decrypt_buf_len - 1, &outlen, tag->len ); - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + ret = mbedtls_cipher_auth_decrypt_ext(&ctx, iv->x, iv->len, + ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len, + decrypt_buf, decrypt_buf_len - 1, &outlen, tag->len); + TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - mbedtls_free( decrypt_buf ); + mbedtls_free(decrypt_buf); decrypt_buf = NULL; } /* * Authenticate and decrypt, and check result */ - ASSERT_ALLOC( decrypt_buf, decrypt_buf_len ); + ASSERT_ALLOC(decrypt_buf, decrypt_buf_len); outlen = 0; - ret = mbedtls_cipher_auth_decrypt_ext( &ctx, iv->x, iv->len, - ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len, - decrypt_buf, decrypt_buf_len, &outlen, tag->len ); - - if( strcmp( result, "FAIL" ) == 0 ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ); - TEST_ASSERT( buffer_is_all_zero( decrypt_buf, decrypt_buf_len ) ); - } - else - { - TEST_ASSERT( ret == 0 ); - ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len ); + ret = mbedtls_cipher_auth_decrypt_ext(&ctx, iv->x, iv->len, + ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len, + decrypt_buf, decrypt_buf_len, &outlen, tag->len); + + if (strcmp(result, "FAIL") == 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED); + TEST_ASSERT(buffer_is_all_zero(decrypt_buf, decrypt_buf_len)); + } else { + TEST_ASSERT(ret == 0); + ASSERT_COMPARE(decrypt_buf, outlen, clear->x, clear->len); } /* Free this, but keep cipher_plus_tag for deprecated function with PSA */ - mbedtls_free( decrypt_buf ); + mbedtls_free(decrypt_buf); decrypt_buf = NULL; /* * Encrypt back if test data was authentic */ - if( strcmp( result, "FAIL" ) != 0 ) - { + if (strcmp(result, "FAIL") != 0) { /* prepare context for encryption */ - if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, - MBEDTLS_ENCRYPT ) ) + if (!cipher_reset_key(&ctx, cipher_id, use_psa, tag->len, key, + MBEDTLS_ENCRYPT)) { goto exit; + } /* * Compute size of output buffer according to documentation */ - if( using_nist_kw ) - { + if (using_nist_kw) { encrypt_buf_len = clear->len + 8; - if( using_nist_kw_padding && encrypt_buf_len % 8 != 0 ) + if (using_nist_kw_padding && encrypt_buf_len % 8 != 0) { encrypt_buf_len += 8 - encrypt_buf_len % 8; - } - else - { + } + } else { encrypt_buf_len = clear->len + tag->len; } /* * Try encrypting with an output buffer that's 1B too small */ - ASSERT_ALLOC( encrypt_buf, encrypt_buf_len - 1 ); + ASSERT_ALLOC(encrypt_buf, encrypt_buf_len - 1); outlen = 0; - ret = mbedtls_cipher_auth_encrypt_ext( &ctx, iv->x, iv->len, - ad->x, ad->len, clear->x, clear->len, - encrypt_buf, encrypt_buf_len - 1, &outlen, tag->len ); - TEST_ASSERT( ret != 0 ); + ret = mbedtls_cipher_auth_encrypt_ext(&ctx, iv->x, iv->len, + ad->x, ad->len, clear->x, clear->len, + encrypt_buf, encrypt_buf_len - 1, &outlen, tag->len); + TEST_ASSERT(ret != 0); - mbedtls_free( encrypt_buf ); + mbedtls_free(encrypt_buf); encrypt_buf = NULL; /* * Encrypt and check the result */ - ASSERT_ALLOC( encrypt_buf, encrypt_buf_len ); + ASSERT_ALLOC(encrypt_buf, encrypt_buf_len); outlen = 0; - ret = mbedtls_cipher_auth_encrypt_ext( &ctx, iv->x, iv->len, - ad->x, ad->len, clear->x, clear->len, - encrypt_buf, encrypt_buf_len, &outlen, tag->len ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_cipher_auth_encrypt_ext(&ctx, iv->x, iv->len, + ad->x, ad->len, clear->x, clear->len, + encrypt_buf, encrypt_buf_len, &outlen, tag->len); + TEST_ASSERT(ret == 0); - TEST_ASSERT( outlen == cipher->len + tag->len ); - TEST_ASSERT( memcmp( encrypt_buf, cipher->x, cipher->len ) == 0 ); - TEST_ASSERT( memcmp( encrypt_buf + cipher->len, - tag->x, tag->len ) == 0 ); + TEST_ASSERT(outlen == cipher->len + tag->len); + TEST_ASSERT(memcmp(encrypt_buf, cipher->x, cipher->len) == 0); + TEST_ASSERT(memcmp(encrypt_buf + cipher->len, + tag->x, tag->len) == 0); - mbedtls_free( encrypt_buf ); + mbedtls_free(encrypt_buf); encrypt_buf = NULL; } @@ -1343,22 +1349,21 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, /* * Prepare context for decryption */ - if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, - MBEDTLS_DECRYPT ) ) + if (!cipher_reset_key(&ctx, cipher_id, use_psa, tag->len, key, + MBEDTLS_DECRYPT)) { goto exit; + } /* * Prepare pointers for decryption */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( use_psa == 1 ) - { + if (use_psa == 1) { /* PSA requires that the tag immediately follows the ciphertext. * Fortunately, we already have that from testing the new API. */ tmp_cipher = cipher_plus_tag; tmp_tag = tmp_cipher + cipher->len; - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ { tmp_cipher = cipher->x; @@ -1369,58 +1374,51 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, * Authenticate and decrypt, and check result */ - ASSERT_ALLOC( decrypt_buf, cipher->len ); + ASSERT_ALLOC(decrypt_buf, cipher->len); outlen = 0; - ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len, - tmp_cipher, cipher->len, decrypt_buf, &outlen, - tmp_tag, tag->len ); + ret = mbedtls_cipher_auth_decrypt(&ctx, iv->x, iv->len, ad->x, ad->len, + tmp_cipher, cipher->len, decrypt_buf, &outlen, + tmp_tag, tag->len); - if( using_nist_kw ) - { + if (using_nist_kw) { /* NIST_KW with legacy API */ - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - } - else if( strcmp( result, "FAIL" ) == 0 ) - { + TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE); + } else if (strcmp(result, "FAIL") == 0) { /* unauthentic message */ - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ); - TEST_ASSERT( buffer_is_all_zero( decrypt_buf, cipher->len ) ); - } - else - { + TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED); + TEST_ASSERT(buffer_is_all_zero(decrypt_buf, cipher->len)); + } else { /* authentic message: is the plaintext correct? */ - TEST_ASSERT( ret == 0 ); - ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len ); + TEST_ASSERT(ret == 0); + ASSERT_COMPARE(decrypt_buf, outlen, clear->x, clear->len); } - mbedtls_free( decrypt_buf ); + mbedtls_free(decrypt_buf); decrypt_buf = NULL; - mbedtls_free( cipher_plus_tag ); + mbedtls_free(cipher_plus_tag); cipher_plus_tag = NULL; /* * Encrypt back if test data was authentic */ - if( strcmp( result, "FAIL" ) != 0 ) - { + if (strcmp(result, "FAIL") != 0) { /* prepare context for encryption */ - if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, - MBEDTLS_ENCRYPT ) ) + if (!cipher_reset_key(&ctx, cipher_id, use_psa, tag->len, key, + MBEDTLS_ENCRYPT)) { goto exit; + } /* prepare buffers for encryption */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( use_psa ) - { - ASSERT_ALLOC( cipher_plus_tag, cipher->len + tag->len ); + if (use_psa) { + ASSERT_ALLOC(cipher_plus_tag, cipher->len + tag->len); tmp_cipher = cipher_plus_tag; tmp_tag = cipher_plus_tag + cipher->len; - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ { - ASSERT_ALLOC( encrypt_buf, cipher->len ); - ASSERT_ALLOC( tag_buf, tag->len ); + ASSERT_ALLOC(encrypt_buf, cipher->len); + ASSERT_ALLOC(tag_buf, tag->len); tmp_cipher = encrypt_buf; tmp_tag = tag_buf; } @@ -1429,22 +1427,20 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, * Encrypt and check the result */ outlen = 0; - ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len, - clear->x, clear->len, tmp_cipher, &outlen, - tmp_tag, tag->len ); - - if( using_nist_kw ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - } - else - { - TEST_ASSERT( ret == 0 ); - - TEST_ASSERT( outlen == cipher->len ); - if( cipher->len != 0 ) - TEST_ASSERT( memcmp( tmp_cipher, cipher->x, cipher->len ) == 0 ); - TEST_ASSERT( memcmp( tmp_tag, tag->x, tag->len ) == 0 ); + ret = mbedtls_cipher_auth_encrypt(&ctx, iv->x, iv->len, ad->x, ad->len, + clear->x, clear->len, tmp_cipher, &outlen, + tmp_tag, tag->len); + + if (using_nist_kw) { + TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE); + } else { + TEST_ASSERT(ret == 0); + + TEST_ASSERT(outlen == cipher->len); + if (cipher->len != 0) { + TEST_ASSERT(memcmp(tmp_cipher, cipher->x, cipher->len) == 0); + } + TEST_ASSERT(memcmp(tmp_tag, tag->x, tag->len) == 0); } } @@ -1452,158 +1448,161 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, exit: - mbedtls_cipher_free( &ctx ); - mbedtls_free( decrypt_buf ); - mbedtls_free( encrypt_buf ); - mbedtls_free( cipher_plus_tag ); + mbedtls_cipher_free(&ctx); + mbedtls_free(decrypt_buf); + mbedtls_free(encrypt_buf); + mbedtls_free(cipher_plus_tag); #if !defined(MBEDTLS_DEPRECATED_WARNING) && \ !defined(MBEDTLS_DEPRECATED_REMOVED) - mbedtls_free( tag_buf ); + mbedtls_free(tag_buf); #endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( use_psa == 1 ) - PSA_DONE( ); + if (use_psa == 1) { + PSA_DONE(); + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ } /* END_CASE */ /* BEGIN_CASE */ -void test_vec_ecb( int cipher_id, int operation, data_t * key, - data_t * input, data_t * result, int finish_result - ) +void test_vec_ecb(int cipher_id, int operation, data_t *key, + data_t *input, data_t *result, int finish_result + ) { mbedtls_cipher_context_t ctx; unsigned char output[32]; size_t outlen; - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - memset( output, 0x00, sizeof( output ) ); + memset(output, 0x00, sizeof(output)); /* Prepare context */ - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, - mbedtls_cipher_info_from_type( cipher_id ) ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, + mbedtls_cipher_info_from_type(cipher_id))); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) ); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx, key->x, 8 * key->len, operation)); - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, input->x, - mbedtls_cipher_get_block_size( &ctx ), - output, &outlen ) ); - TEST_ASSERT( outlen == mbedtls_cipher_get_block_size( &ctx ) ); - TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen, - &outlen ) ); - TEST_ASSERT( 0 == outlen ); + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx, input->x, + mbedtls_cipher_get_block_size(&ctx), + output, &outlen)); + TEST_ASSERT(outlen == mbedtls_cipher_get_block_size(&ctx)); + TEST_ASSERT(finish_result == mbedtls_cipher_finish(&ctx, output + outlen, + &outlen)); + TEST_ASSERT(0 == outlen); /* check plaintext only if everything went fine */ - if( 0 == finish_result ) - TEST_ASSERT( 0 == memcmp( output, result->x, - mbedtls_cipher_get_block_size( &ctx ) ) ); + if (0 == finish_result) { + TEST_ASSERT(0 == memcmp(output, result->x, + mbedtls_cipher_get_block_size(&ctx))); + } exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */ -void test_vec_crypt( int cipher_id, int operation, data_t *key, - data_t *iv, data_t *input, data_t *result, - int finish_result, int use_psa ) +void test_vec_crypt(int cipher_id, int operation, data_t *key, + data_t *iv, data_t *input, data_t *result, + int finish_result, int use_psa) { mbedtls_cipher_context_t ctx; unsigned char output[32]; size_t outlen; - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - memset( output, 0x00, sizeof( output ) ); + memset(output, 0x00, sizeof(output)); /* Prepare context */ #if !defined(MBEDTLS_USE_PSA_CRYPTO) (void) use_psa; #else - if( use_psa == 1 ) - { - PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx, - mbedtls_cipher_info_from_type( cipher_id ), 0 ) ); - } - else + if (use_psa == 1) { + PSA_ASSERT(psa_crypto_init()); + TEST_ASSERT(0 == mbedtls_cipher_setup_psa(&ctx, + mbedtls_cipher_info_from_type(cipher_id), 0)); + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, - mbedtls_cipher_info_from_type( cipher_id ) ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, + mbedtls_cipher_info_from_type(cipher_id))); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) ); - if( MBEDTLS_MODE_CBC == ctx.cipher_info->mode ) - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, MBEDTLS_PADDING_NONE ) ); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx, key->x, 8 * key->len, operation)); + if (MBEDTLS_MODE_CBC == ctx.cipher_info->mode) { + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_NONE)); + } - TEST_ASSERT( finish_result == mbedtls_cipher_crypt( &ctx, iv->len ? iv->x : NULL, - iv->len, input->x, input->len, - output, &outlen ) ); - TEST_ASSERT( result->len == outlen ); + TEST_ASSERT(finish_result == mbedtls_cipher_crypt(&ctx, iv->len ? iv->x : NULL, + iv->len, input->x, input->len, + output, &outlen)); + TEST_ASSERT(result->len == outlen); /* check plaintext only if everything went fine */ - if( 0 == finish_result ) - TEST_ASSERT( 0 == memcmp( output, result->x, outlen ) ); + if (0 == finish_result) { + TEST_ASSERT(0 == memcmp(output, result->x, outlen)); + } exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); #if defined(MBEDTLS_USE_PSA_CRYPTO) - PSA_DONE( ); + PSA_DONE(); #endif /* MBEDTLS_USE_PSA_CRYPTO */ } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */ -void set_padding( int cipher_id, int pad_mode, int ret ) +void set_padding(int cipher_id, int pad_mode, int ret) { const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - cipher_info = mbedtls_cipher_info_from_type( cipher_id ); - TEST_ASSERT( NULL != cipher_info ); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); + cipher_info = mbedtls_cipher_info_from_type(cipher_id); + TEST_ASSERT(NULL != cipher_info); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, cipher_info)); - TEST_ASSERT( ret == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); + TEST_ASSERT(ret == mbedtls_cipher_set_padding_mode(&ctx, pad_mode)); exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void check_padding( int pad_mode, data_t * input, int ret, int dlen_check - ) +void check_padding(int pad_mode, data_t *input, int ret, int dlen_check + ) { mbedtls_cipher_info_t cipher_info; mbedtls_cipher_context_t ctx; size_t dlen; /* build a fake context just for getting access to get_padding */ - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); cipher_info.mode = MBEDTLS_MODE_CBC; ctx.cipher_info = &cipher_info; - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx, pad_mode)); - TEST_ASSERT( ret == ctx.get_padding( input->x, input->len, &dlen ) ); - if( 0 == ret ) - TEST_ASSERT( dlen == (size_t) dlen_check ); + TEST_ASSERT(ret == ctx.get_padding(input->x, input->len, &dlen)); + if (0 == ret) { + TEST_ASSERT(dlen == (size_t) dlen_check); + } } /* END_CASE */ /* BEGIN_CASE */ -void iv_len_validity( int cipher_id, char * cipher_string, - int iv_len_val, int ret ) +void iv_len_validity(int cipher_id, char *cipher_string, + int iv_len_val, int ret) { size_t iv_len = iv_len_val; unsigned char iv[16]; /* Initialise iv buffer */ - memset( iv, 0, sizeof( iv ) ); + memset(iv, 0, sizeof(iv)); const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx_dec; @@ -1612,23 +1611,23 @@ void iv_len_validity( int cipher_id, char * cipher_string, /* * Prepare contexts */ - mbedtls_cipher_init( &ctx_dec ); - mbedtls_cipher_init( &ctx_enc ); + mbedtls_cipher_init(&ctx_dec); + mbedtls_cipher_init(&ctx_enc); /* Check and get info structures */ - cipher_info = mbedtls_cipher_info_from_type( cipher_id ); - TEST_ASSERT( NULL != cipher_info ); - TEST_ASSERT( mbedtls_cipher_info_from_string( cipher_string ) == cipher_info ); + cipher_info = mbedtls_cipher_info_from_type(cipher_id); + TEST_ASSERT(NULL != cipher_info); + TEST_ASSERT(mbedtls_cipher_info_from_string(cipher_string) == cipher_info); /* Initialise enc and dec contexts */ - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info)); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_enc, cipher_info)); - TEST_ASSERT( ret == mbedtls_cipher_set_iv( &ctx_dec, iv, iv_len ) ); - TEST_ASSERT( ret == mbedtls_cipher_set_iv( &ctx_enc, iv, iv_len ) ); + TEST_ASSERT(ret == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len)); + TEST_ASSERT(ret == mbedtls_cipher_set_iv(&ctx_enc, iv, iv_len)); exit: - mbedtls_cipher_free( &ctx_dec ); - mbedtls_cipher_free( &ctx_enc ); + mbedtls_cipher_free(&ctx_dec); + mbedtls_cipher_free(&ctx_enc); } /* END_CASE */ diff --git a/tests/suites/test_suite_cmac.function b/tests/suites/test_suite_cmac.function index c3d7da43d8d3..9624e8fea084 100644 --- a/tests/suites/test_suite_cmac.function +++ b/tests/suites/test_suite_cmac.function @@ -9,14 +9,14 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void mbedtls_cmac_self_test( ) +void mbedtls_cmac_self_test() { - TEST_ASSERT( mbedtls_cmac_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_cmac_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_cmac_null_args( ) +void mbedtls_cmac_null_args() { mbedtls_cipher_context_t ctx; const mbedtls_cipher_info_t *cipher_info; @@ -24,108 +24,108 @@ void mbedtls_cmac_null_args( ) unsigned char test_data[MBEDTLS_CIPHER_BLKSIZE_MAX]; unsigned char test_output[MBEDTLS_CIPHER_BLKSIZE_MAX]; - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); /* Test NULL cipher info */ - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, test_data, 16 ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, test_data, 16) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB ); - TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 ); + cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB); + TEST_ASSERT(mbedtls_cipher_setup(&ctx, cipher_info) == 0); - TEST_ASSERT( mbedtls_cipher_cmac_starts( NULL, test_key, 128 ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_cmac_starts(NULL, test_key, 128) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, NULL, 128 ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_cmac_starts(&ctx, NULL, 128) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_cipher_cmac_update( NULL, test_data, 16 ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_cmac_update(NULL, test_data, 16) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, NULL, 16 ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, NULL, 16) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_cipher_cmac_finish( NULL, test_output ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_cmac_finish(NULL, test_output) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, NULL ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_cmac_finish(&ctx, NULL) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_cipher_cmac_reset( NULL ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_cmac_reset(NULL) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_cipher_cmac( NULL, - test_key, 128, - test_data, 16, - test_output ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_cmac(NULL, + test_key, 128, + test_data, 16, + test_output) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_cipher_cmac( cipher_info, - NULL, 128, - test_data, 16, - test_output ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_cmac(cipher_info, + NULL, 128, + test_data, 16, + test_output) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_cipher_cmac( cipher_info, - test_key, 128, - NULL, 16, - test_output ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_cmac(cipher_info, + test_key, 128, + NULL, 16, + test_output) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_cipher_cmac( cipher_info, - test_key, 128, - test_data, 16, - NULL ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_cmac(cipher_info, + test_key, 128, + test_data, 16, + NULL) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); #if defined(MBEDTLS_AES_C) - TEST_ASSERT( mbedtls_aes_cmac_prf_128( NULL, 16, - test_data, 16, - test_output ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16, - NULL, 16, - test_output ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16, - test_data, 16, - NULL ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_aes_cmac_prf_128(NULL, 16, + test_data, 16, + test_output) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_aes_cmac_prf_128(test_key, 16, + NULL, 16, + test_output) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_aes_cmac_prf_128(test_key, 16, + test_data, 16, + NULL) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); #endif exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_cmac_setkey( int cipher_type, int key_size, int result ) +void mbedtls_cmac_setkey(int cipher_type, int key_size, int result) { const mbedtls_cipher_info_t *cipher_info; unsigned char key[32]; unsigned char buf[16]; unsigned char tmp[16]; - memset( key, 0x2A, sizeof( key ) ); - TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) ); + memset(key, 0x2A, sizeof(key)); + TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key)); - TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) ) - != NULL ); + TEST_ASSERT((cipher_info = mbedtls_cipher_info_from_type(cipher_type)) + != NULL); - memset( buf, 0x2A, sizeof( buf ) ); - TEST_ASSERT( ( result == mbedtls_cipher_cmac( cipher_info, key, key_size, - buf, 16, tmp ) ) != 0 ); + memset(buf, 0x2A, sizeof(buf)); + TEST_ASSERT((result == mbedtls_cipher_cmac(cipher_info, key, key_size, + buf, 16, tmp)) != 0); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_cmac_multiple_blocks( int cipher_type, data_t * key, - int keybits, int block_size, - data_t * block1, int block1_len, - data_t * block2, int block2_len, - data_t * block3, int block3_len, - data_t * block4, int block4_len, - data_t * expected_result ) +void mbedtls_cmac_multiple_blocks(int cipher_type, data_t *key, + int keybits, int block_size, + data_t *block1, int block1_len, + data_t *block2, int block2_len, + data_t *block3, int block3_len, + data_t *block4, int block4_len, + data_t *expected_result) { const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; @@ -133,74 +133,78 @@ void mbedtls_cmac_multiple_blocks( int cipher_type, data_t * key, /* Convert the test parameters to binary data */ - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); /* Validate the test inputs */ - TEST_ASSERT( block1_len <= 100 ); - TEST_ASSERT( block2_len <= 100 ); - TEST_ASSERT( block3_len <= 100 ); - TEST_ASSERT( block4_len <= 100 ); + TEST_ASSERT(block1_len <= 100); + TEST_ASSERT(block2_len <= 100); + TEST_ASSERT(block3_len <= 100); + TEST_ASSERT(block4_len <= 100); /* Set up */ - TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) ) - != NULL ); + TEST_ASSERT((cipher_info = mbedtls_cipher_info_from_type(cipher_type)) + != NULL); - TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 ); + TEST_ASSERT(mbedtls_cipher_setup(&ctx, cipher_info) == 0); - TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, - (const unsigned char*)key->x, - keybits ) == 0 ); + TEST_ASSERT(mbedtls_cipher_cmac_starts(&ctx, + (const unsigned char *) key->x, + keybits) == 0); /* Multiple partial and complete blocks. A negative length means skip the * update operation */ - if( block1_len >= 0) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block1->x, - block1_len ) == 0); - - if( block2_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block2->x, - block2_len ) == 0); - - if( block3_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block3->x, - block3_len ) == 0); - - if( block4_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block4->x, - block4_len ) == 0); - - TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 ); - - TEST_ASSERT( memcmp( output, expected_result->x, block_size ) == 0 ); + if (block1_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block1->x, + block1_len) == 0); + } + + if (block2_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block2->x, + block2_len) == 0); + } + + if (block3_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block3->x, + block3_len) == 0); + } + + if (block4_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block4->x, + block4_len) == 0); + } + + TEST_ASSERT(mbedtls_cipher_cmac_finish(&ctx, output) == 0); + + TEST_ASSERT(memcmp(output, expected_result->x, block_size) == 0); exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_cmac_multiple_operations_same_key( int cipher_type, - data_t * key, int keybits, - int block_size, - data_t * block_a1, - int block_a1_len, - data_t * block_a2, - int block_a2_len, - data_t * block_a3, - int block_a3_len, - data_t * expected_result_a, - data_t * block_b1, - int block_b1_len, - data_t * block_b2, - int block_b2_len, - data_t * block_b3, - int block_b3_len, - data_t * expected_result_b - ) +void mbedtls_cmac_multiple_operations_same_key(int cipher_type, + data_t *key, int keybits, + int block_size, + data_t *block_a1, + int block_a1_len, + data_t *block_a2, + int block_a2_len, + data_t *block_a3, + int block_a3_len, + data_t *expected_result_a, + data_t *block_b1, + int block_b1_len, + data_t *block_b2, + int block_b2_len, + data_t *block_b3, + int block_b3_len, + data_t *expected_result_b + ) { const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; @@ -210,77 +214,82 @@ void mbedtls_cmac_multiple_operations_same_key( int cipher_type, - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); /* Validate the test inputs */ - TEST_ASSERT( block_a1_len <= 100 ); - TEST_ASSERT( block_a2_len <= 100 ); - TEST_ASSERT( block_a3_len <= 100 ); + TEST_ASSERT(block_a1_len <= 100); + TEST_ASSERT(block_a2_len <= 100); + TEST_ASSERT(block_a3_len <= 100); - TEST_ASSERT( block_b1_len <= 100 ); - TEST_ASSERT( block_b2_len <= 100 ); - TEST_ASSERT( block_b3_len <= 100 ); + TEST_ASSERT(block_b1_len <= 100); + TEST_ASSERT(block_b2_len <= 100); + TEST_ASSERT(block_b3_len <= 100); /* Set up */ - TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) ) - != NULL ); + TEST_ASSERT((cipher_info = mbedtls_cipher_info_from_type(cipher_type)) + != NULL); - TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 ); + TEST_ASSERT(mbedtls_cipher_setup(&ctx, cipher_info) == 0); - TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, - (const unsigned char*)key->x, - keybits ) == 0 ); + TEST_ASSERT(mbedtls_cipher_cmac_starts(&ctx, + (const unsigned char *) key->x, + keybits) == 0); /* Sequence A */ /* Multiple partial and complete blocks. A negative length means skip the * update operation */ - if( block_a1_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block_a1->x, - block_a1_len ) == 0); + if (block_a1_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block_a1->x, + block_a1_len) == 0); + } - if( block_a2_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block_a2->x, - block_a2_len ) == 0); + if (block_a2_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block_a2->x, + block_a2_len) == 0); + } - if( block_a3_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block_a3->x, - block_a3_len ) == 0); + if (block_a3_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block_a3->x, + block_a3_len) == 0); + } - TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 ); + TEST_ASSERT(mbedtls_cipher_cmac_finish(&ctx, output) == 0); - TEST_ASSERT( memcmp( output, expected_result_a->x, block_size ) == 0 ); + TEST_ASSERT(memcmp(output, expected_result_a->x, block_size) == 0); - TEST_ASSERT( mbedtls_cipher_cmac_reset( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_cipher_cmac_reset(&ctx) == 0); /* Sequence B */ /* Multiple partial and complete blocks. A negative length means skip the * update operation */ - if( block_b1_len >= 0) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block_b1->x, - block_b1_len ) == 0); + if (block_b1_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block_b1->x, + block_b1_len) == 0); + } - if( block_b2_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block_b2->x, - block_b2_len ) == 0); + if (block_b2_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block_b2->x, + block_b2_len) == 0); + } - if( block_b3_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block_b3->x, - block_b3_len ) == 0); + if (block_b3_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block_b3->x, + block_b3_len) == 0); + } - TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 ); + TEST_ASSERT(mbedtls_cipher_cmac_finish(&ctx, output) == 0); - TEST_ASSERT( memcmp( output, expected_result_b->x, block_size ) == 0 ); + TEST_ASSERT(memcmp(output, expected_result_b->x, block_size) == 0); exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ - diff --git a/tests/suites/test_suite_constant_time.function b/tests/suites/test_suite_constant_time.function index a3673b717937..a40149ab439e 100644 --- a/tests/suites/test_suite_constant_time.function +++ b/tests/suites/test_suite_constant_time.function @@ -16,34 +16,33 @@ /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */ -void ssl_cf_memcpy_offset( int offset_min, int offset_max, int len ) +void ssl_cf_memcpy_offset(int offset_min, int offset_max, int len) { unsigned char *dst = NULL; unsigned char *src = NULL; size_t src_len = offset_max + len; size_t secret; - ASSERT_ALLOC( dst, len ); - ASSERT_ALLOC( src, src_len ); + ASSERT_ALLOC(dst, len); + ASSERT_ALLOC(src, src_len); /* Fill src in a way that we can detect if we copied the right bytes */ - mbedtls_test_rnd_std_rand( NULL, src, src_len ); + mbedtls_test_rnd_std_rand(NULL, src, src_len); - for( secret = offset_min; secret <= (size_t) offset_max; secret++ ) - { - mbedtls_test_set_step( (int) secret ); + for (secret = offset_min; secret <= (size_t) offset_max; secret++) { + mbedtls_test_set_step((int) secret); - TEST_CF_SECRET( &secret, sizeof( secret ) ); - mbedtls_ct_memcpy_offset( dst, src, secret, - offset_min, offset_max, len ); - TEST_CF_PUBLIC( &secret, sizeof( secret ) ); - TEST_CF_PUBLIC( dst, len ); + TEST_CF_SECRET(&secret, sizeof(secret)); + mbedtls_ct_memcpy_offset(dst, src, secret, + offset_min, offset_max, len); + TEST_CF_PUBLIC(&secret, sizeof(secret)); + TEST_CF_PUBLIC(dst, len); - ASSERT_COMPARE( dst, len, src + secret, len ); + ASSERT_COMPARE(dst, len, src + secret, len); } exit: - mbedtls_free( dst ); - mbedtls_free( src ); + mbedtls_free(dst); + mbedtls_free(src); } /* END_CASE */ diff --git a/tests/suites/test_suite_constant_time_hmac.function b/tests/suites/test_suite_constant_time_hmac.function index c19cde92d4d0..57d5a4e4ff59 100644 --- a/tests/suites/test_suite_constant_time_hmac.function +++ b/tests/suites/test_suite_constant_time_hmac.function @@ -8,7 +8,7 @@ /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */ -void ssl_cf_hmac( int hash ) +void ssl_cf_hmac(int hash) { /* * Test the function mbedtls_ct_hmac() against a reference @@ -25,78 +25,77 @@ void ssl_cf_hmac( int hash ) unsigned char *out = NULL; unsigned char rec_num = 0; - mbedtls_md_init( &ctx ); - mbedtls_md_init( &ref_ctx ); + mbedtls_md_init(&ctx); + mbedtls_md_init(&ref_ctx); - md_info = mbedtls_md_info_from_type( hash ); - TEST_ASSERT( md_info != NULL ); - out_len = mbedtls_md_get_size( md_info ); - TEST_ASSERT( out_len != 0 ); + md_info = mbedtls_md_info_from_type(hash); + TEST_ASSERT(md_info != NULL); + out_len = mbedtls_md_get_size(md_info); + TEST_ASSERT(out_len != 0); block_size = hash == MBEDTLS_MD_SHA384 ? 128 : 64; /* Use allocated out buffer to catch overwrites */ - ASSERT_ALLOC( out, out_len ); + ASSERT_ALLOC(out, out_len); /* Set up contexts with the given hash and a dummy key */ - TEST_EQUAL( 0, mbedtls_md_setup( &ctx, md_info, 1 ) ); - TEST_EQUAL( 0, mbedtls_md_setup( &ref_ctx, md_info, 1 ) ); - memset( ref_out, 42, sizeof( ref_out ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_starts( &ctx, ref_out, out_len ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_starts( &ref_ctx, ref_out, out_len ) ); - memset( ref_out, 0, sizeof( ref_out ) ); + TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 1)); + TEST_EQUAL(0, mbedtls_md_setup(&ref_ctx, md_info, 1)); + memset(ref_out, 42, sizeof(ref_out)); + TEST_EQUAL(0, mbedtls_md_hmac_starts(&ctx, ref_out, out_len)); + TEST_EQUAL(0, mbedtls_md_hmac_starts(&ref_ctx, ref_out, out_len)); + memset(ref_out, 0, sizeof(ref_out)); /* * Test all possible lengths up to a point. The difference between * max_in_len and min_in_len is at most 255, and make sure they both vary * by at least one block size. */ - for( max_in_len = 0; max_in_len <= 255 + block_size; max_in_len++ ) - { - mbedtls_test_set_step( max_in_len * 10000 ); + for (max_in_len = 0; max_in_len <= 255 + block_size; max_in_len++) { + mbedtls_test_set_step(max_in_len * 10000); /* Use allocated in buffer to catch overreads */ - ASSERT_ALLOC( data, max_in_len ); + ASSERT_ALLOC(data, max_in_len); min_in_len = max_in_len > 255 ? max_in_len - 255 : 0; - for( in_len = min_in_len; in_len <= max_in_len; in_len++ ) - { - mbedtls_test_set_step( max_in_len * 10000 + in_len ); + for (in_len = min_in_len; in_len <= max_in_len; in_len++) { + mbedtls_test_set_step(max_in_len * 10000 + in_len); /* Set up dummy data and add_data */ rec_num++; - memset( add_data, rec_num, sizeof( add_data ) ); - for( i = 0; i < in_len; i++ ) - data[i] = ( i & 0xff ) ^ rec_num; + memset(add_data, rec_num, sizeof(add_data)); + for (i = 0; i < in_len; i++) { + data[i] = (i & 0xff) ^ rec_num; + } /* Get the function's result */ - TEST_CF_SECRET( &in_len, sizeof( in_len ) ); - TEST_EQUAL( 0, mbedtls_ct_hmac( &ctx, add_data, sizeof( add_data ), - data, in_len, - min_in_len, max_in_len, - out ) ); - TEST_CF_PUBLIC( &in_len, sizeof( in_len ) ); - TEST_CF_PUBLIC( out, out_len ); + TEST_CF_SECRET(&in_len, sizeof(in_len)); + TEST_EQUAL(0, mbedtls_ct_hmac(&ctx, add_data, sizeof(add_data), + data, in_len, + min_in_len, max_in_len, + out)); + TEST_CF_PUBLIC(&in_len, sizeof(in_len)); + TEST_CF_PUBLIC(out, out_len); /* Compute the reference result */ - TEST_EQUAL( 0, mbedtls_md_hmac_update( &ref_ctx, add_data, - sizeof( add_data ) ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_update( &ref_ctx, data, in_len ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_finish( &ref_ctx, ref_out ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_reset( &ref_ctx ) ); + TEST_EQUAL(0, mbedtls_md_hmac_update(&ref_ctx, add_data, + sizeof(add_data))); + TEST_EQUAL(0, mbedtls_md_hmac_update(&ref_ctx, data, in_len)); + TEST_EQUAL(0, mbedtls_md_hmac_finish(&ref_ctx, ref_out)); + TEST_EQUAL(0, mbedtls_md_hmac_reset(&ref_ctx)); /* Compare */ - ASSERT_COMPARE( out, out_len, ref_out, out_len ); + ASSERT_COMPARE(out, out_len, ref_out, out_len); } - mbedtls_free( data ); + mbedtls_free(data); data = NULL; } exit: - mbedtls_md_free( &ref_ctx ); - mbedtls_md_free( &ctx ); + mbedtls_md_free(&ref_ctx); + mbedtls_md_free(&ctx); - mbedtls_free( data ); - mbedtls_free( out ); + mbedtls_free(data); + mbedtls_free(out); } /* END_CASE */ diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index c3ffe3b47b10..29753ff5495a 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -4,8 +4,7 @@ #include "string.h" /* Modes for ctr_drbg_validate */ -enum reseed_mode -{ +enum reseed_mode { RESEED_NEVER, /* never reseed */ RESEED_FIRST, /* instantiate, reseed, generate, generate */ RESEED_SECOND, /* instantiate, generate, reseed, generate */ @@ -14,83 +13,83 @@ enum reseed_mode static size_t test_offset_idx = 0; static size_t test_max_idx = 0; -static int mbedtls_test_entropy_func( void *data, unsigned char *buf, size_t len ) +static int mbedtls_test_entropy_func(void *data, unsigned char *buf, size_t len) { const unsigned char *p = (unsigned char *) data; - if( test_offset_idx + len > test_max_idx ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - memcpy( buf, p + test_offset_idx, len ); + if (test_offset_idx + len > test_max_idx) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } + memcpy(buf, p + test_offset_idx, len); test_offset_idx += len; - return( 0 ); + return 0; } -static void ctr_drbg_validate_internal( int reseed_mode, data_t * nonce, - int entropy_len_arg, data_t * entropy, - data_t * reseed, - data_t * add1, data_t * add2, - data_t * result ) +static void ctr_drbg_validate_internal(int reseed_mode, data_t *nonce, + int entropy_len_arg, data_t *entropy, + data_t *reseed, + data_t *add1, data_t *add2, + data_t *result) { mbedtls_ctr_drbg_context ctx; unsigned char buf[64]; size_t entropy_chunk_len = (size_t) entropy_len_arg; - TEST_ASSERT( entropy_chunk_len <= sizeof( buf ) ); + TEST_ASSERT(entropy_chunk_len <= sizeof(buf)); test_offset_idx = 0; - mbedtls_ctr_drbg_init( &ctx ); + mbedtls_ctr_drbg_init(&ctx); test_max_idx = entropy->len; /* CTR_DRBG_Instantiate(entropy[:entropy->len], nonce, perso, ) * where nonce||perso = nonce[nonce->len] */ - mbedtls_ctr_drbg_set_entropy_len( &ctx, entropy_chunk_len ); - mbedtls_ctr_drbg_set_nonce_len( &ctx, 0 ); - TEST_ASSERT( mbedtls_ctr_drbg_seed( - &ctx, - mbedtls_test_entropy_func, entropy->x, - nonce->x, nonce->len ) == 0 ); - if( reseed_mode == RESEED_ALWAYS ) + mbedtls_ctr_drbg_set_entropy_len(&ctx, entropy_chunk_len); + mbedtls_ctr_drbg_set_nonce_len(&ctx, 0); + TEST_ASSERT(mbedtls_ctr_drbg_seed( + &ctx, + mbedtls_test_entropy_func, entropy->x, + nonce->x, nonce->len) == 0); + if (reseed_mode == RESEED_ALWAYS) { mbedtls_ctr_drbg_set_prediction_resistance( &ctx, - MBEDTLS_CTR_DRBG_PR_ON ); + MBEDTLS_CTR_DRBG_PR_ON); + } - if( reseed_mode == RESEED_FIRST ) - { + if (reseed_mode == RESEED_FIRST) { /* CTR_DRBG_Reseed(entropy[idx:idx+entropy->len], * reseed[:reseed->len]) */ - TEST_ASSERT( mbedtls_ctr_drbg_reseed( - &ctx, - reseed->x, reseed->len ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_reseed( + &ctx, + reseed->x, reseed->len) == 0); } /* CTR_DRBG_Generate(result->len * 8 bits, add1[:add1->len]) -> buf */ /* Then reseed if prediction resistance is enabled. */ - TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( - &ctx, - buf, result->len, - add1->x, add1->len ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_random_with_add( + &ctx, + buf, result->len, + add1->x, add1->len) == 0); - if( reseed_mode == RESEED_SECOND ) - { + if (reseed_mode == RESEED_SECOND) { /* CTR_DRBG_Reseed(entropy[idx:idx+entropy->len], * reseed[:reseed->len]) */ - TEST_ASSERT( mbedtls_ctr_drbg_reseed( - &ctx, - reseed->x, reseed->len ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_reseed( + &ctx, + reseed->x, reseed->len) == 0); } /* CTR_DRBG_Generate(result->len * 8 bits, add2->x[:add2->len]) -> buf */ /* Then reseed if prediction resistance is enabled. */ - TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( - &ctx, - buf, result->len, - add2->x, add2->len ) == 0 ); - TEST_ASSERT( memcmp( buf, result->x, result->len ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_random_with_add( + &ctx, + buf, result->len, + add2->x, add2->len) == 0); + TEST_ASSERT(memcmp(buf, result->x, result->len) == 0); exit: - mbedtls_ctr_drbg_free( &ctx ); + mbedtls_ctr_drbg_free(&ctx); } /* END_HEADER */ @@ -101,127 +100,127 @@ exit: */ /* BEGIN_CASE */ -void ctr_drbg_special_behaviours( ) +void ctr_drbg_special_behaviours() { mbedtls_ctr_drbg_context ctx; unsigned char output[512]; unsigned char additional[512]; - mbedtls_ctr_drbg_init( &ctx ); - memset( output, 0, sizeof( output ) ); - memset( additional, 0, sizeof( additional ) ); - - TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, - output, MBEDTLS_CTR_DRBG_MAX_REQUEST + 1, - additional, 16 ) == - MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG ); - TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, - output, 16, - additional, MBEDTLS_CTR_DRBG_MAX_INPUT + 1 ) == - MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - - TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, additional, - MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + 1 ) == - MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - - mbedtls_ctr_drbg_set_entropy_len( &ctx, ~0 ); - TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, additional, - MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) == - MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + mbedtls_ctr_drbg_init(&ctx); + memset(output, 0, sizeof(output)); + memset(additional, 0, sizeof(additional)); + + TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(&ctx, + output, MBEDTLS_CTR_DRBG_MAX_REQUEST + 1, + additional, 16) == + MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG); + TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(&ctx, + output, 16, + additional, MBEDTLS_CTR_DRBG_MAX_INPUT + 1) == + MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG); + + TEST_ASSERT(mbedtls_ctr_drbg_reseed(&ctx, additional, + MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + 1) == + MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG); + + mbedtls_ctr_drbg_set_entropy_len(&ctx, ~0); + TEST_ASSERT(mbedtls_ctr_drbg_reseed(&ctx, additional, + MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) == + MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG); exit: - mbedtls_ctr_drbg_free( &ctx ); + mbedtls_ctr_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void ctr_drbg_validate_no_reseed( data_t * add_init, data_t * entropy, - data_t * add1, data_t * add2, - data_t * result_string ) +void ctr_drbg_validate_no_reseed(data_t *add_init, data_t *entropy, + data_t *add1, data_t *add2, + data_t *result_string) { data_t empty = { 0, 0 }; - ctr_drbg_validate_internal( RESEED_NEVER, add_init, - entropy->len, entropy, - &empty, add1, add2, - result_string ); + ctr_drbg_validate_internal(RESEED_NEVER, add_init, + entropy->len, entropy, + &empty, add1, add2, + result_string); goto exit; // goto is needed to avoid warning ( no test assertions in func) } /* END_CASE */ /* BEGIN_CASE */ -void ctr_drbg_validate_pr( data_t * add_init, data_t * entropy, - data_t * add1, data_t * add2, - data_t * result_string ) +void ctr_drbg_validate_pr(data_t *add_init, data_t *entropy, + data_t *add1, data_t *add2, + data_t *result_string) { data_t empty = { 0, 0 }; - ctr_drbg_validate_internal( RESEED_ALWAYS, add_init, - entropy->len / 3, entropy, - &empty, add1, add2, - result_string ); + ctr_drbg_validate_internal(RESEED_ALWAYS, add_init, + entropy->len / 3, entropy, + &empty, add1, add2, + result_string); goto exit; // goto is needed to avoid warning ( no test assertions in func) } /* END_CASE */ /* BEGIN_CASE */ -void ctr_drbg_validate_reseed_between( data_t * add_init, data_t * entropy, - data_t * add1, data_t * add_reseed, - data_t * add2, data_t * result_string ) +void ctr_drbg_validate_reseed_between(data_t *add_init, data_t *entropy, + data_t *add1, data_t *add_reseed, + data_t *add2, data_t *result_string) { - ctr_drbg_validate_internal( RESEED_SECOND, add_init, - entropy->len / 2, entropy, - add_reseed, add1, add2, - result_string ); + ctr_drbg_validate_internal(RESEED_SECOND, add_init, + entropy->len / 2, entropy, + add_reseed, add1, add2, + result_string); goto exit; // goto is needed to avoid warning ( no test assertions in func) } /* END_CASE */ /* BEGIN_CASE */ -void ctr_drbg_validate_reseed_first( data_t * add_init, data_t * entropy, - data_t * add1, data_t * add_reseed, - data_t * add2, data_t * result_string ) +void ctr_drbg_validate_reseed_first(data_t *add_init, data_t *entropy, + data_t *add1, data_t *add_reseed, + data_t *add2, data_t *result_string) { - ctr_drbg_validate_internal( RESEED_FIRST, add_init, - entropy->len / 2, entropy, - add_reseed, add1, add2, - result_string ); + ctr_drbg_validate_internal(RESEED_FIRST, add_init, + entropy->len / 2, entropy, + add_reseed, add1, add2, + result_string); goto exit; // goto is needed to avoid warning ( no test assertions in func) } /* END_CASE */ /* BEGIN_CASE */ -void ctr_drbg_entropy_strength( int expected_bit_strength ) +void ctr_drbg_entropy_strength(int expected_bit_strength) { unsigned char entropy[/*initial entropy*/ MBEDTLS_CTR_DRBG_ENTROPY_LEN + - /*nonce*/ MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN + - /*reseed*/ MBEDTLS_CTR_DRBG_ENTROPY_LEN]; + /*nonce*/ MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN + + /*reseed*/ MBEDTLS_CTR_DRBG_ENTROPY_LEN]; mbedtls_ctr_drbg_context ctx; size_t last_idx; size_t byte_strength = expected_bit_strength / 8; - mbedtls_ctr_drbg_init( &ctx ); + mbedtls_ctr_drbg_init(&ctx); test_offset_idx = 0; - test_max_idx = sizeof( entropy ); - memset( entropy, 0, sizeof( entropy ) ); + test_max_idx = sizeof(entropy); + memset(entropy, 0, sizeof(entropy)); /* The initial seeding must grab at least byte_strength bytes of entropy * for the entropy input and byte_strength/2 bytes for a nonce. */ - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, - mbedtls_test_entropy_func, entropy, - NULL, 0 ) == 0 ); - TEST_ASSERT( test_offset_idx >= ( byte_strength * 3 + 1 ) / 2 ); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctx, + mbedtls_test_entropy_func, entropy, + NULL, 0) == 0); + TEST_ASSERT(test_offset_idx >= (byte_strength * 3 + 1) / 2); last_idx = test_offset_idx; /* A reseed must grab at least byte_strength bytes of entropy. */ - TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) == 0 ); - TEST_ASSERT( test_offset_idx - last_idx >= byte_strength ); + TEST_ASSERT(mbedtls_ctr_drbg_reseed(&ctx, NULL, 0) == 0); + TEST_ASSERT(test_offset_idx - last_idx >= byte_strength); exit: - mbedtls_ctr_drbg_free( &ctx ); + mbedtls_ctr_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void ctr_drbg_entropy_usage( int entropy_nonce_len ) +void ctr_drbg_entropy_usage(int entropy_nonce_len) { unsigned char out[16]; unsigned char add[16]; @@ -230,109 +229,109 @@ void ctr_drbg_entropy_usage( int entropy_nonce_len ) size_t i, reps = 10; size_t expected_idx = 0; - mbedtls_ctr_drbg_init( &ctx ); + mbedtls_ctr_drbg_init(&ctx); test_offset_idx = 0; - test_max_idx = sizeof( entropy ); - memset( entropy, 0, sizeof( entropy ) ); - memset( out, 0, sizeof( out ) ); - memset( add, 0, sizeof( add ) ); + test_max_idx = sizeof(entropy); + memset(entropy, 0, sizeof(entropy)); + memset(out, 0, sizeof(out)); + memset(add, 0, sizeof(add)); - if( entropy_nonce_len >= 0 ) - TEST_ASSERT( mbedtls_ctr_drbg_set_nonce_len( &ctx, entropy_nonce_len ) == 0 ); + if (entropy_nonce_len >= 0) { + TEST_ASSERT(mbedtls_ctr_drbg_set_nonce_len(&ctx, entropy_nonce_len) == 0); + } /* Set reseed interval before seed */ - mbedtls_ctr_drbg_set_reseed_interval( &ctx, 2 * reps ); + mbedtls_ctr_drbg_set_reseed_interval(&ctx, 2 * reps); /* Init must use entropy */ - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, mbedtls_test_entropy_func, entropy, NULL, 0 ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_entropy_func, entropy, NULL, 0) == 0); expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN; - if( entropy_nonce_len >= 0 ) + if (entropy_nonce_len >= 0) { expected_idx += entropy_nonce_len; - else + } else { expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN; - TEST_EQUAL( test_offset_idx, expected_idx ); + } + TEST_EQUAL(test_offset_idx, expected_idx); /* By default, PR is off, and reseed interval was set to * 2 * reps so the next few calls should not use entropy */ - for( i = 0; i < reps; i++ ) - { - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) - 4 ) == 0 ); - TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, out, sizeof( out ) - 4, - add, sizeof( add ) ) == 0 ); + for (i = 0; i < reps; i++) { + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out) - 4) == 0); + TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(&ctx, out, sizeof(out) - 4, + add, sizeof(add)) == 0); } - TEST_EQUAL( test_offset_idx, expected_idx ); + TEST_EQUAL(test_offset_idx, expected_idx); /* While at it, make sure we didn't write past the requested length */ - TEST_ASSERT( out[sizeof( out ) - 4] == 0 ); - TEST_ASSERT( out[sizeof( out ) - 3] == 0 ); - TEST_ASSERT( out[sizeof( out ) - 2] == 0 ); - TEST_ASSERT( out[sizeof( out ) - 1] == 0 ); + TEST_ASSERT(out[sizeof(out) - 4] == 0); + TEST_ASSERT(out[sizeof(out) - 3] == 0); + TEST_ASSERT(out[sizeof(out) - 2] == 0); + TEST_ASSERT(out[sizeof(out) - 1] == 0); /* There have been 2 * reps calls to random. The next call should reseed */ - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0); expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN; - TEST_EQUAL( test_offset_idx, expected_idx ); + TEST_EQUAL(test_offset_idx, expected_idx); /* Set reseed interval after seed */ - mbedtls_ctr_drbg_set_reseed_interval( &ctx, 4 * reps + 1 ); + mbedtls_ctr_drbg_set_reseed_interval(&ctx, 4 * reps + 1); /* The next few calls should not reseed */ - for( i = 0; i < (2 * reps); i++ ) - { - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); - TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, out, sizeof( out ) , - add, sizeof( add ) ) == 0 ); + for (i = 0; i < (2 * reps); i++) { + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0); + TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(&ctx, out, sizeof(out), + add, sizeof(add)) == 0); } - TEST_EQUAL( test_offset_idx, expected_idx ); + TEST_EQUAL(test_offset_idx, expected_idx); /* Call update with too much data (sizeof entropy > MAX(_SEED)_INPUT). * Make sure it's detected as an error and doesn't cause memory * corruption. */ - TEST_ASSERT( mbedtls_ctr_drbg_update_ret( - &ctx, entropy, sizeof( entropy ) ) != 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_update_ret( + &ctx, entropy, sizeof(entropy)) != 0); /* Now enable PR, so the next few calls should all reseed */ - mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON ); - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_ON); + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0); expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN; - TEST_EQUAL( test_offset_idx, expected_idx ); + TEST_EQUAL(test_offset_idx, expected_idx); /* Finally, check setting entropy_len */ - mbedtls_ctr_drbg_set_entropy_len( &ctx, 42 ); - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + mbedtls_ctr_drbg_set_entropy_len(&ctx, 42); + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0); expected_idx += 42; - TEST_EQUAL( test_offset_idx, expected_idx ); + TEST_EQUAL(test_offset_idx, expected_idx); - mbedtls_ctr_drbg_set_entropy_len( &ctx, 13 ); - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + mbedtls_ctr_drbg_set_entropy_len(&ctx, 13); + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0); expected_idx += 13; - TEST_EQUAL( test_offset_idx, expected_idx ); + TEST_EQUAL(test_offset_idx, expected_idx); exit: - mbedtls_ctr_drbg_free( &ctx ); + mbedtls_ctr_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void ctr_drbg_seed_file( char * path, int ret ) +void ctr_drbg_seed_file(char *path, int ret) { mbedtls_ctr_drbg_context ctx; - mbedtls_ctr_drbg_init( &ctx ); + mbedtls_ctr_drbg_init(&ctx); - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, mbedtls_test_rnd_std_rand, - NULL, NULL, 0 ) == 0 ); - TEST_ASSERT( mbedtls_ctr_drbg_write_seed_file( &ctx, path ) == ret ); - TEST_ASSERT( mbedtls_ctr_drbg_update_seed_file( &ctx, path ) == ret ); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_rnd_std_rand, + NULL, NULL, 0) == 0); + TEST_ASSERT(mbedtls_ctr_drbg_write_seed_file(&ctx, path) == ret); + TEST_ASSERT(mbedtls_ctr_drbg_update_seed_file(&ctx, path) == ret); exit: - mbedtls_ctr_drbg_free( &ctx ); + mbedtls_ctr_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void ctr_drbg_selftest( ) +void ctr_drbg_selftest() { - TEST_ASSERT( mbedtls_ctr_drbg_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index cadc947e155b..cbb3a63f1a1d 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -2,8 +2,7 @@ #include "mbedtls/debug.h" #include "string.h" -struct buffer_data -{ +struct buffer_data { char buf[2000]; char *ptr; }; @@ -14,29 +13,32 @@ void string_debug(void *data, int level, const char *file, int line, const char char *p = buffer->ptr; ((void) level); - memcpy( p, file, strlen( file ) ); - p += strlen( file ); + memcpy(p, file, strlen(file)); + p += strlen(file); *p++ = '('; - *p++ = '0' + ( line / 1000 ) % 10; - *p++ = '0' + ( line / 100 ) % 10; - *p++ = '0' + ( line / 10 ) % 10; - *p++ = '0' + ( line / 1 ) % 10; + *p++ = '0' + (line / 1000) % 10; + *p++ = '0' + (line / 100) % 10; + *p++ = '0' + (line / 10) % 10; + *p++ = '0' + (line / 1) % 10; *p++ = ')'; *p++ = ':'; *p++ = ' '; #if defined(MBEDTLS_THREADING_C) /* Skip "thread ID" (up to the first space) as it is not predictable */ - while( *str++ != ' ' ); + while (*str++ != ' ') { + ; + } #endif - memcpy( p, str, strlen( str ) ); - p += strlen( str ); + memcpy(p, str, strlen(str)); + p += strlen(str); /* Detect if debug messages output partial lines and mark them */ - if( p[-1] != '\n' ) + if (p[-1] != '\n') { *p++ = '*'; + } buffer->ptr = p; } @@ -48,148 +50,148 @@ void string_debug(void *data, int level, const char *file, int line, const char */ /* BEGIN_CASE */ -void debug_print_msg_threshold( int threshold, int level, char * file, - int line, char * result_str ) +void debug_print_msg_threshold(int threshold, int level, char *file, + int line, char *result_str) { mbedtls_ssl_context ssl; mbedtls_ssl_config conf; struct buffer_data buffer; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( buffer.buf, 0, 2000 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + memset(buffer.buf, 0, 2000); buffer.ptr = buffer.buf; - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); - mbedtls_debug_set_threshold( threshold ); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + mbedtls_debug_set_threshold(threshold); + mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer); - mbedtls_debug_print_msg( &ssl, level, file, line, - "Text message, 2 == %d", 2 ); + mbedtls_debug_print_msg(&ssl, level, file, line, + "Text message, 2 == %d", 2); - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buffer.buf, result_str) == 0); exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_debug_print_ret( char * file, int line, char * text, int value, - char * result_str ) +void mbedtls_debug_print_ret(char *file, int line, char *text, int value, + char *result_str) { mbedtls_ssl_context ssl; mbedtls_ssl_config conf; struct buffer_data buffer; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( buffer.buf, 0, 2000 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + memset(buffer.buf, 0, 2000); buffer.ptr = buffer.buf; - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer); - mbedtls_debug_print_ret( &ssl, 0, file, line, text, value); + mbedtls_debug_print_ret(&ssl, 0, file, line, text, value); - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buffer.buf, result_str) == 0); exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_debug_print_buf( char * file, int line, char * text, - data_t * data, char * result_str ) +void mbedtls_debug_print_buf(char *file, int line, char *text, + data_t *data, char *result_str) { mbedtls_ssl_context ssl; mbedtls_ssl_config conf; struct buffer_data buffer; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( buffer.buf, 0, 2000 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + memset(buffer.buf, 0, 2000); buffer.ptr = buffer.buf; - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer); - mbedtls_debug_print_buf( &ssl, 0, file, line, text, data->x, data->len ); + mbedtls_debug_print_buf(&ssl, 0, file, line, text, data->x, data->len); - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buffer.buf, result_str) == 0); exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_debug_print_crt( char * crt_file, char * file, int line, - char * prefix, char * result_str ) +void mbedtls_debug_print_crt(char *crt_file, char *file, int line, + char *prefix, char *result_str) { mbedtls_x509_crt crt; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; struct buffer_data buffer; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_x509_crt_init( &crt ); - memset( buffer.buf, 0, 2000 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_x509_crt_init(&crt); + memset(buffer.buf, 0, 2000); buffer.ptr = buffer.buf; - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - mbedtls_debug_print_crt( &ssl, 0, file, line, prefix, &crt); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + mbedtls_debug_print_crt(&ssl, 0, file, line, prefix, &crt); - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buffer.buf, result_str) == 0); exit: - mbedtls_x509_crt_free( &crt ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_x509_crt_free(&crt); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ -void mbedtls_debug_print_mpi( char * value, char * file, int line, - char * prefix, char * result_str ) +void mbedtls_debug_print_mpi(char *value, char *file, int line, + char *prefix, char *result_str) { mbedtls_ssl_context ssl; mbedtls_ssl_config conf; struct buffer_data buffer; mbedtls_mpi val; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_mpi_init( &val ); - memset( buffer.buf, 0, 2000 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_mpi_init(&val); + memset(buffer.buf, 0, 2000); buffer.ptr = buffer.buf; - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &val, value ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&val, value) == 0); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer); - mbedtls_debug_print_mpi( &ssl, 0, file, line, prefix, &val); + mbedtls_debug_print_mpi(&ssl, 0, file, line, prefix, &val); - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buffer.buf, result_str) == 0); exit: - mbedtls_mpi_free( &val ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_mpi_free(&val); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); } /* END_CASE */ diff --git a/tests/suites/test_suite_des.function b/tests/suites/test_suite_des.function index 7256fb5376ef..b846d777a053 100644 --- a/tests/suites/test_suite_des.function +++ b/tests/suites/test_suite_des.function @@ -8,269 +8,273 @@ */ /* BEGIN_CASE */ -void des_check_weak( data_t * key, int ret ) +void des_check_weak(data_t *key, int ret) { - TEST_ASSERT( mbedtls_des_key_check_weak( key->x ) == ret ); + TEST_ASSERT(mbedtls_des_key_check_weak(key->x) == ret); } /* END_CASE */ /* BEGIN_CASE */ -void des_encrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst ) +void des_encrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_des_context ctx; memset(output, 0x00, 100); - mbedtls_des_init( &ctx ); + mbedtls_des_init(&ctx); - TEST_ASSERT( mbedtls_des_setkey_enc( &ctx, key_str->x ) == 0 ); - TEST_ASSERT( mbedtls_des_crypt_ecb( &ctx, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_des_setkey_enc(&ctx, key_str->x) == 0); + TEST_ASSERT(mbedtls_des_crypt_ecb(&ctx, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); exit: - mbedtls_des_free( &ctx ); + mbedtls_des_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void des_decrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst ) +void des_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_des_context ctx; memset(output, 0x00, 100); - mbedtls_des_init( &ctx ); + mbedtls_des_init(&ctx); - TEST_ASSERT( mbedtls_des_setkey_dec( &ctx, key_str->x ) == 0 ); - TEST_ASSERT( mbedtls_des_crypt_ecb( &ctx, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_des_setkey_dec(&ctx, key_str->x) == 0); + TEST_ASSERT(mbedtls_des_crypt_ecb(&ctx, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); exit: - mbedtls_des_free( &ctx ); + mbedtls_des_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void des_encrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, int cbc_result ) +void des_encrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, int cbc_result) { unsigned char output[100]; mbedtls_des_context ctx; memset(output, 0x00, 100); - mbedtls_des_init( &ctx ); + mbedtls_des_init(&ctx); - TEST_ASSERT( mbedtls_des_setkey_enc( &ctx, key_str->x ) == 0 ); - TEST_ASSERT( mbedtls_des_crypt_cbc( &ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0 ) - { + TEST_ASSERT(mbedtls_des_setkey_enc(&ctx, key_str->x) == 0); + TEST_ASSERT(mbedtls_des_crypt_cbc(&ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); } exit: - mbedtls_des_free( &ctx ); + mbedtls_des_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void des_decrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) +void des_decrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, + int cbc_result) { unsigned char output[100]; mbedtls_des_context ctx; memset(output, 0x00, 100); - mbedtls_des_init( &ctx ); + mbedtls_des_init(&ctx); - TEST_ASSERT( mbedtls_des_setkey_dec( &ctx, key_str->x ) == 0 ); - TEST_ASSERT( mbedtls_des_crypt_cbc( &ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0 ) - { + TEST_ASSERT(mbedtls_des_setkey_dec(&ctx, key_str->x) == 0); + TEST_ASSERT(mbedtls_des_crypt_cbc(&ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); } exit: - mbedtls_des_free( &ctx ); + mbedtls_des_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void des3_encrypt_ecb( int key_count, data_t * key_str, - data_t * src_str, data_t * dst ) +void des3_encrypt_ecb(int key_count, data_t *key_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_des3_context ctx; memset(output, 0x00, 100); - mbedtls_des3_init( &ctx ); + mbedtls_des3_init(&ctx); - if( key_count == 2 ) - TEST_ASSERT( mbedtls_des3_set2key_enc( &ctx, key_str->x ) == 0 ); - else if( key_count == 3 ) - TEST_ASSERT( mbedtls_des3_set3key_enc( &ctx, key_str->x ) == 0 ); - else - TEST_ASSERT( 0 ); + if (key_count == 2) { + TEST_ASSERT(mbedtls_des3_set2key_enc(&ctx, key_str->x) == 0); + } else if (key_count == 3) { + TEST_ASSERT(mbedtls_des3_set3key_enc(&ctx, key_str->x) == 0); + } else { + TEST_ASSERT(0); + } - TEST_ASSERT( mbedtls_des3_crypt_ecb( &ctx, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_des3_crypt_ecb(&ctx, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); exit: - mbedtls_des3_free( &ctx ); + mbedtls_des3_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void des3_decrypt_ecb( int key_count, data_t * key_str, - data_t * src_str, data_t * dst ) +void des3_decrypt_ecb(int key_count, data_t *key_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_des3_context ctx; memset(output, 0x00, 100); - mbedtls_des3_init( &ctx ); + mbedtls_des3_init(&ctx); - if( key_count == 2 ) - TEST_ASSERT( mbedtls_des3_set2key_dec( &ctx, key_str->x ) == 0 ); - else if( key_count == 3 ) - TEST_ASSERT( mbedtls_des3_set3key_dec( &ctx, key_str->x ) == 0 ); - else - TEST_ASSERT( 0 ); + if (key_count == 2) { + TEST_ASSERT(mbedtls_des3_set2key_dec(&ctx, key_str->x) == 0); + } else if (key_count == 3) { + TEST_ASSERT(mbedtls_des3_set3key_dec(&ctx, key_str->x) == 0); + } else { + TEST_ASSERT(0); + } - TEST_ASSERT( mbedtls_des3_crypt_ecb( &ctx, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_des3_crypt_ecb(&ctx, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); exit: - mbedtls_des3_free( &ctx ); + mbedtls_des3_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void des3_encrypt_cbc( int key_count, data_t * key_str, - data_t * iv_str, data_t * src_str, - data_t * dst, int cbc_result ) +void des3_encrypt_cbc(int key_count, data_t *key_str, + data_t *iv_str, data_t *src_str, + data_t *dst, int cbc_result) { unsigned char output[100]; mbedtls_des3_context ctx; memset(output, 0x00, 100); - mbedtls_des3_init( &ctx ); + mbedtls_des3_init(&ctx); - if( key_count == 2 ) - TEST_ASSERT( mbedtls_des3_set2key_enc( &ctx, key_str->x ) == 0 ); - else if( key_count == 3 ) - TEST_ASSERT( mbedtls_des3_set3key_enc( &ctx, key_str->x ) == 0 ); - else - TEST_ASSERT( 0 ); + if (key_count == 2) { + TEST_ASSERT(mbedtls_des3_set2key_enc(&ctx, key_str->x) == 0); + } else if (key_count == 3) { + TEST_ASSERT(mbedtls_des3_set3key_enc(&ctx, key_str->x) == 0); + } else { + TEST_ASSERT(0); + } - TEST_ASSERT( mbedtls_des3_crypt_cbc( &ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); + TEST_ASSERT(mbedtls_des3_crypt_cbc(&ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); - if( cbc_result == 0 ) - { + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); } exit: - mbedtls_des3_free( &ctx ); + mbedtls_des3_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void des3_decrypt_cbc( int key_count, data_t * key_str, - data_t * iv_str, data_t * src_str, - data_t * dst, int cbc_result ) +void des3_decrypt_cbc(int key_count, data_t *key_str, + data_t *iv_str, data_t *src_str, + data_t *dst, int cbc_result) { unsigned char output[100]; mbedtls_des3_context ctx; memset(output, 0x00, 100); - mbedtls_des3_init( &ctx ); + mbedtls_des3_init(&ctx); - if( key_count == 2 ) - TEST_ASSERT( mbedtls_des3_set2key_dec( &ctx, key_str->x ) == 0 ); - else if( key_count == 3 ) - TEST_ASSERT( mbedtls_des3_set3key_dec( &ctx, key_str->x ) == 0 ); - else - TEST_ASSERT( 0 ); + if (key_count == 2) { + TEST_ASSERT(mbedtls_des3_set2key_dec(&ctx, key_str->x) == 0); + } else if (key_count == 3) { + TEST_ASSERT(mbedtls_des3_set3key_dec(&ctx, key_str->x) == 0); + } else { + TEST_ASSERT(0); + } - TEST_ASSERT( mbedtls_des3_crypt_cbc( &ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); + TEST_ASSERT(mbedtls_des3_crypt_cbc(&ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); - if( cbc_result == 0 ) - { + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); } exit: - mbedtls_des3_free( &ctx ); + mbedtls_des3_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void des_key_parity_run( ) +void des_key_parity_run() { int i, j, cnt; unsigned char key[MBEDTLS_DES_KEY_SIZE]; unsigned int parity; - memset( key, 0, MBEDTLS_DES_KEY_SIZE ); + memset(key, 0, MBEDTLS_DES_KEY_SIZE); cnt = 0; // Iterate through all possible byte values // - for( i = 0; i < 32; i++ ) - { - for( j = 0; j < 8; j++ ) + for (i = 0; i < 32; i++) { + for (j = 0; j < 8; j++) { key[j] = cnt++; + } // Set the key parity according to the table // - mbedtls_des_key_set_parity( key ); + mbedtls_des_key_set_parity(key); // Check the parity with a function // - for( j = 0; j < 8; j++ ) - { - parity = key[j] ^ ( key[j] >> 4 ); + for (j = 0; j < 8; j++) { + parity = key[j] ^ (key[j] >> 4); parity = parity ^ - ( parity >> 1 ) ^ - ( parity >> 2 ) ^ - ( parity >> 3 ); + (parity >> 1) ^ + (parity >> 2) ^ + (parity >> 3); parity &= 1; - if( parity != 1 ) - TEST_ASSERT( 0 ); + if (parity != 1) { + TEST_ASSERT(0); + } } // Check the parity with the table // - TEST_ASSERT( mbedtls_des_key_check_key_parity( key ) == 0 ); + TEST_ASSERT(mbedtls_des_key_check_key_parity(key) == 0); } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void des_selftest( ) +void des_selftest() { - TEST_ASSERT( mbedtls_des_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_des_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function index 5d82fe6e5d9c..1251723b1a4a 100644 --- a/tests/suites/test_suite_dhm.function +++ b/tests/suites/test_suite_dhm.function @@ -4,63 +4,66 @@ /* Sanity checks on a Diffie-Hellman parameter: check the length-value * syntax and check that the value is the expected one (taken from the * DHM context by the caller). */ -static int check_dhm_param_output( const mbedtls_mpi *expected, - const unsigned char *buffer, - size_t size, - size_t *offset ) +static int check_dhm_param_output(const mbedtls_mpi *expected, + const unsigned char *buffer, + size_t size, + size_t *offset) { size_t n; mbedtls_mpi actual; int ok = 0; - mbedtls_mpi_init( &actual ); + mbedtls_mpi_init(&actual); ++mbedtls_test_info.step; - TEST_ASSERT( size >= *offset + 2 ); - n = ( buffer[*offset] << 8 ) | buffer[*offset + 1]; + TEST_ASSERT(size >= *offset + 2); + n = (buffer[*offset] << 8) | buffer[*offset + 1]; *offset += 2; /* The DHM param output from Mbed TLS has leading zeros stripped, as * permitted but not required by RFC 5246 \S4.4. */ - TEST_EQUAL( n, mbedtls_mpi_size( expected ) ); - TEST_ASSERT( size >= *offset + n ); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &actual, buffer + *offset, n ) ); - TEST_EQUAL( 0, mbedtls_mpi_cmp_mpi( expected, &actual ) ); + TEST_EQUAL(n, mbedtls_mpi_size(expected)); + TEST_ASSERT(size >= *offset + n); + TEST_EQUAL(0, mbedtls_mpi_read_binary(&actual, buffer + *offset, n)); + TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(expected, &actual)); *offset += n; ok = 1; exit: - mbedtls_mpi_free( &actual ); - return( ok ); + mbedtls_mpi_free(&actual); + return ok; } /* Sanity checks on Diffie-Hellman parameters: syntax, range, and comparison * against the context. */ -static int check_dhm_params( const mbedtls_dhm_context *ctx, - size_t x_size, - const unsigned char *ske, size_t ske_len ) +static int check_dhm_params(const mbedtls_dhm_context *ctx, + size_t x_size, + const unsigned char *ske, size_t ske_len) { size_t offset = 0; /* Check that ctx->X and ctx->GX are within range. */ - TEST_ASSERT( mbedtls_mpi_cmp_int( &ctx->X, 1 ) > 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) < 0 ); - TEST_ASSERT( mbedtls_mpi_size( &ctx->X ) <= x_size ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &ctx->GX, 1 ) > 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx->GX, &ctx->P ) < 0 ); + TEST_ASSERT(mbedtls_mpi_cmp_int(&ctx->X, 1) > 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx->X, &ctx->P) < 0); + TEST_ASSERT(mbedtls_mpi_size(&ctx->X) <= x_size); + TEST_ASSERT(mbedtls_mpi_cmp_int(&ctx->GX, 1) > 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx->GX, &ctx->P) < 0); /* Check ske: it must contain P, G and G^X, each prefixed with a * 2-byte size. */ - if( !check_dhm_param_output( &ctx->P, ske, ske_len, &offset ) ) + if (!check_dhm_param_output(&ctx->P, ske, ske_len, &offset)) { goto exit; - if( !check_dhm_param_output( &ctx->G, ske, ske_len, &offset ) ) + } + if (!check_dhm_param_output(&ctx->G, ske, ske_len, &offset)) { goto exit; - if( !check_dhm_param_output( &ctx->GX, ske, ske_len, &offset ) ) + } + if (!check_dhm_param_output(&ctx->GX, ske, ske_len, &offset)) { goto exit; - TEST_EQUAL( offset, ske_len ); + } + TEST_EQUAL(offset, ske_len); - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } /* END_HEADER */ @@ -71,104 +74,104 @@ exit: */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void dhm_invalid_params( ) +void dhm_invalid_params() { mbedtls_dhm_context ctx; unsigned char buf[42] = { 0 }; unsigned char *buf_null = NULL; mbedtls_mpi X; - size_t const buflen = sizeof( buf ); + size_t const buflen = sizeof(buf); size_t len; - TEST_INVALID_PARAM( mbedtls_dhm_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_dhm_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_params( NULL, - (unsigned char**) &buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_params( &ctx, &buf_null, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_params( &ctx, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_params( &ctx, - (unsigned char**) &buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_params( NULL, buflen, - buf, &len, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_params( &ctx, buflen, - NULL, &len, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_params( &ctx, buflen, - buf, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_params( &ctx, buflen, - buf, &len, - NULL, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_set_group( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_set_group( &ctx, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_set_group( &ctx, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_public( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_public( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_public( NULL, buflen, - buf, buflen, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_public( &ctx, buflen, - NULL, buflen, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_public( &ctx, buflen, - buf, buflen, - NULL, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_calc_secret( NULL, buf, buflen, &len, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_calc_secret( &ctx, NULL, buflen, &len, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_calc_secret( &ctx, buf, buflen, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); + TEST_INVALID_PARAM(mbedtls_dhm_init(NULL)); + TEST_VALID_PARAM(mbedtls_dhm_free(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_read_params(NULL, + (unsigned char **) &buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_read_params(&ctx, &buf_null, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_read_params(&ctx, NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_read_params(&ctx, + (unsigned char **) &buf, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_params(NULL, buflen, + buf, &len, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_params(&ctx, buflen, + NULL, &len, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_params(&ctx, buflen, + buf, NULL, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_params(&ctx, buflen, + buf, &len, + NULL, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_set_group(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_set_group(&ctx, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_set_group(&ctx, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_read_public(NULL, buf, buflen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_read_public(&ctx, NULL, buflen)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_public(NULL, buflen, + buf, buflen, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_public(&ctx, buflen, + NULL, buflen, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_public(&ctx, buflen, + buf, buflen, + NULL, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_calc_secret(NULL, buf, buflen, &len, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_calc_secret(&ctx, NULL, buflen, &len, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_calc_secret(&ctx, buf, buflen, NULL, + mbedtls_test_rnd_std_rand, + NULL)); #if defined(MBEDTLS_ASN1_PARSE_C) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_parse_dhm( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_parse_dhm( &ctx, NULL, buflen ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_parse_dhm(NULL, buf, buflen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_parse_dhm(&ctx, NULL, buflen)); #if defined(MBEDTLS_FS_IO) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_parse_dhmfile( NULL, "" ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_parse_dhmfile( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_parse_dhmfile(NULL, "")); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_parse_dhmfile(&ctx, NULL)); #endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_ASN1_PARSE_C */ @@ -178,8 +181,8 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void dhm_do_dhm( char *input_P, int x_size, - char *input_G, int result ) +void dhm_do_dhm(char *input_P, int x_size, + char *input_G, int result) { mbedtls_dhm_context ctx_srv; mbedtls_dhm_context ctx_cli; @@ -195,65 +198,67 @@ void dhm_do_dhm( char *input_P, int x_size, int i; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_dhm_init( &ctx_srv ); - mbedtls_dhm_init( &ctx_cli ); - memset( ske, 0x00, 1000 ); - memset( pub_cli, 0x00, 1000 ); - memset( sec_srv, 0x00, 1000 ); - memset( sec_cli, 0x00, 1000 ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_dhm_init(&ctx_srv); + mbedtls_dhm_init(&ctx_cli); + memset(ske, 0x00, 1000); + memset(pub_cli, 0x00, 1000); + memset(sec_srv, 0x00, 1000); + memset(sec_cli, 0x00, 1000); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); /* * Set params */ - TEST_ASSERT( mbedtls_test_read_mpi( &ctx_srv.P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &ctx_srv.G, input_G ) == 0 ); - pub_cli_len = mbedtls_mpi_size( &ctx_srv.P ); + TEST_ASSERT(mbedtls_test_read_mpi(&ctx_srv.P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&ctx_srv.G, input_G) == 0); + pub_cli_len = mbedtls_mpi_size(&ctx_srv.P); /* * First key exchange */ - mbedtls_test_set_step( 10 ); - TEST_ASSERT( mbedtls_dhm_make_params( &ctx_srv, x_size, ske, &ske_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == result ); - if ( result != 0 ) + mbedtls_test_set_step(10); + TEST_ASSERT(mbedtls_dhm_make_params(&ctx_srv, x_size, ske, &ske_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == result); + if (result != 0) { goto exit; - if( !check_dhm_params( &ctx_srv, x_size, ske, ske_len ) ) + } + if (!check_dhm_params(&ctx_srv, x_size, ske, ske_len)) { goto exit; + } ske[ske_len++] = 0; ske[ske_len++] = 0; - TEST_ASSERT( mbedtls_dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 ); + TEST_ASSERT(mbedtls_dhm_read_params(&ctx_cli, &p, ske + ske_len) == 0); - TEST_ASSERT( mbedtls_dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 ); + TEST_ASSERT(mbedtls_dhm_make_public(&ctx_cli, x_size, pub_cli, pub_cli_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_dhm_read_public(&ctx_srv, pub_cli, pub_cli_len) == 0); - TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv, sizeof( sec_srv ), - &sec_srv_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_srv, sec_srv, sizeof(sec_srv), + &sec_srv_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_cli, sec_cli, sizeof(sec_cli), &sec_cli_len, NULL, + NULL) == 0); - TEST_ASSERT( sec_srv_len == sec_cli_len ); - TEST_ASSERT( sec_srv_len != 0 ); - TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 ); + TEST_ASSERT(sec_srv_len == sec_cli_len); + TEST_ASSERT(sec_srv_len != 0); + TEST_ASSERT(memcmp(sec_srv, sec_cli, sec_srv_len) == 0); /* Re-do calc_secret on server a few times to test update of blinding values */ - for( i = 0; i < 3; i++ ) - { - mbedtls_test_set_step( 20 + i ); + for (i = 0; i < 3; i++) { + mbedtls_test_set_step(20 + i); sec_srv_len = 1000; - TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv, - sizeof( sec_srv ), &sec_srv_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - - TEST_ASSERT( sec_srv_len == sec_cli_len ); - TEST_ASSERT( sec_srv_len != 0 ); - TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 ); + TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_srv, sec_srv, + sizeof(sec_srv), &sec_srv_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + + TEST_ASSERT(sec_srv_len == sec_cli_len); + TEST_ASSERT(sec_srv_len != 0); + TEST_ASSERT(memcmp(sec_srv, sec_cli, sec_srv_len) == 0); } /* @@ -261,94 +266,96 @@ void dhm_do_dhm( char *input_P, int x_size, */ p = ske; - mbedtls_test_set_step( 30 ); - TEST_ASSERT( mbedtls_dhm_make_params( &ctx_srv, x_size, ske, &ske_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - if( !check_dhm_params( &ctx_srv, x_size, ske, ske_len ) ) + mbedtls_test_set_step(30); + TEST_ASSERT(mbedtls_dhm_make_params(&ctx_srv, x_size, ske, &ske_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + if (!check_dhm_params(&ctx_srv, x_size, ske, ske_len)) { goto exit; + } ske[ske_len++] = 0; ske[ske_len++] = 0; - TEST_ASSERT( mbedtls_dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 ); + TEST_ASSERT(mbedtls_dhm_read_params(&ctx_cli, &p, ske + ske_len) == 0); - TEST_ASSERT( mbedtls_dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 ); + TEST_ASSERT(mbedtls_dhm_make_public(&ctx_cli, x_size, pub_cli, pub_cli_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_dhm_read_public(&ctx_srv, pub_cli, pub_cli_len) == 0); - TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv, sizeof( sec_srv ), - &sec_srv_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_srv, sec_srv, sizeof(sec_srv), + &sec_srv_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_cli, sec_cli, sizeof(sec_cli), &sec_cli_len, NULL, + NULL) == 0); - TEST_ASSERT( sec_srv_len == sec_cli_len ); - TEST_ASSERT( sec_srv_len != 0 ); - TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 ); + TEST_ASSERT(sec_srv_len == sec_cli_len); + TEST_ASSERT(sec_srv_len != 0); + TEST_ASSERT(memcmp(sec_srv, sec_cli, sec_srv_len) == 0); exit: - mbedtls_dhm_free( &ctx_srv ); - mbedtls_dhm_free( &ctx_cli ); + mbedtls_dhm_free(&ctx_srv); + mbedtls_dhm_free(&ctx_cli); } /* END_CASE */ /* BEGIN_CASE */ -void dhm_make_public( int P_bytes, char *input_G, int result ) +void dhm_make_public(int P_bytes, char *input_G, int result) { mbedtls_mpi P, G; mbedtls_dhm_context ctx; unsigned char output[MBEDTLS_MPI_MAX_SIZE]; - mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &G ); - mbedtls_dhm_init( &ctx ); + mbedtls_mpi_init(&P); + mbedtls_mpi_init(&G); + mbedtls_dhm_init(&ctx); - TEST_ASSERT( mbedtls_mpi_lset( &P, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_l( &P, ( P_bytes * 8 ) - 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_set_bit( &P, 0, 1 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_lset(&P, 1) == 0); + TEST_ASSERT(mbedtls_mpi_shift_l(&P, (P_bytes * 8) - 1) == 0); + TEST_ASSERT(mbedtls_mpi_set_bit(&P, 0, 1) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &G, input_G ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&G, input_G) == 0); - TEST_ASSERT( mbedtls_dhm_set_group( &ctx, &P, &G ) == 0 ); - TEST_ASSERT( mbedtls_dhm_make_public( &ctx, (int) mbedtls_mpi_size( &P ), - output, sizeof(output), - &mbedtls_test_rnd_pseudo_rand, - NULL ) == result ); + TEST_ASSERT(mbedtls_dhm_set_group(&ctx, &P, &G) == 0); + TEST_ASSERT(mbedtls_dhm_make_public(&ctx, (int) mbedtls_mpi_size(&P), + output, sizeof(output), + &mbedtls_test_rnd_pseudo_rand, + NULL) == result); exit: - mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &G ); - mbedtls_dhm_free( &ctx ); + mbedtls_mpi_free(&P); + mbedtls_mpi_free(&G); + mbedtls_dhm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void dhm_file( char * filename, char * p, char * g, int len ) +void dhm_file(char *filename, char *p, char *g, int len) { mbedtls_dhm_context ctx; mbedtls_mpi P, G; - mbedtls_dhm_init( &ctx ); - mbedtls_mpi_init( &P ); mbedtls_mpi_init( &G ); + mbedtls_dhm_init(&ctx); + mbedtls_mpi_init(&P); mbedtls_mpi_init(&G); - TEST_ASSERT( mbedtls_test_read_mpi( &P, p ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &G, g ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, p) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&G, g) == 0); - TEST_ASSERT( mbedtls_dhm_parse_dhmfile( &ctx, filename ) == 0 ); + TEST_ASSERT(mbedtls_dhm_parse_dhmfile(&ctx, filename) == 0); - TEST_ASSERT( ctx.len == (size_t) len ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.G, &G ) == 0 ); + TEST_ASSERT(ctx.len == (size_t) len); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx.P, &P) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx.G, &G) == 0); exit: - mbedtls_mpi_free( &P ); mbedtls_mpi_free( &G ); - mbedtls_dhm_free( &ctx ); + mbedtls_mpi_free(&P); mbedtls_mpi_free(&G); + mbedtls_dhm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void dhm_selftest( ) +void dhm_selftest() { - TEST_ASSERT( mbedtls_dhm_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_dhm_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function index cd1b3684c906..0de7c08dcba5 100644 --- a/tests/suites/test_suite_ecdh.function +++ b/tests/suites/test_suite_ecdh.function @@ -1,39 +1,39 @@ /* BEGIN_HEADER */ #include "mbedtls/ecdh.h" -static int load_public_key( int grp_id, data_t *point, - mbedtls_ecp_keypair *ecp ) +static int load_public_key(int grp_id, data_t *point, + mbedtls_ecp_keypair *ecp) { int ok = 0; - TEST_ASSERT( mbedtls_ecp_group_load( &ecp->grp, grp_id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_binary( &ecp->grp, - &ecp->Q, - point->x, - point->len ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &ecp->grp, - &ecp->Q ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&ecp->grp, grp_id) == 0); + TEST_ASSERT(mbedtls_ecp_point_read_binary(&ecp->grp, + &ecp->Q, + point->x, + point->len) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&ecp->grp, + &ecp->Q) == 0); ok = 1; exit: - return( ok ); + return ok; } -static int load_private_key( int grp_id, data_t *private_key, - mbedtls_ecp_keypair *ecp, - mbedtls_test_rnd_pseudo_info *rnd_info ) +static int load_private_key(int grp_id, data_t *private_key, + mbedtls_ecp_keypair *ecp, + mbedtls_test_rnd_pseudo_info *rnd_info) { int ok = 0; - TEST_ASSERT( mbedtls_ecp_read_key( grp_id, ecp, - private_key->x, - private_key->len ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_privkey( &ecp->grp, &ecp->d ) == 0 ); + TEST_ASSERT(mbedtls_ecp_read_key(grp_id, ecp, + private_key->x, + private_key->len) == 0); + TEST_ASSERT(mbedtls_ecp_check_privkey(&ecp->grp, &ecp->d) == 0); /* Calculate the public key from the private key. */ - TEST_ASSERT( mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, - &ecp->grp.G, - &mbedtls_test_rnd_pseudo_rand, - rnd_info ) == 0 ); + TEST_ASSERT(mbedtls_ecp_mul(&ecp->grp, &ecp->Q, &ecp->d, + &ecp->grp.G, + &mbedtls_test_rnd_pseudo_rand, + rnd_info) == 0); ok = 1; exit: - return( ok ); + return ok; } /* END_HEADER */ @@ -44,14 +44,14 @@ exit: */ /* BEGIN_CASE */ -void ecdh_valid_param( ) +void ecdh_valid_param() { - TEST_VALID_PARAM( mbedtls_ecdh_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_ecdh_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void ecdh_invalid_param( ) +void ecdh_invalid_param() { mbedtls_ecp_group grp; mbedtls_ecdh_context ctx; @@ -61,124 +61,124 @@ void ecdh_invalid_param( ) size_t olen; unsigned char buf[42] = { 0 }; const unsigned char *buf_null = NULL; - size_t const buflen = sizeof( buf ); + size_t const buflen = sizeof(buf); int invalid_side = 42; mbedtls_ecp_group_id valid_grp = MBEDTLS_ECP_DP_SECP192R1; - mbedtls_ecp_keypair_init( &kp ); - mbedtls_ecdh_init( &ctx ); - TEST_INVALID_PARAM( mbedtls_ecdh_init( NULL ) ); + mbedtls_ecp_keypair_init(&kp); + mbedtls_ecdh_init(&ctx); + TEST_INVALID_PARAM(mbedtls_ecdh_init(NULL)); #if defined(MBEDTLS_ECP_RESTARTABLE) - TEST_INVALID_PARAM( mbedtls_ecdh_enable_restart( NULL ) ); + TEST_INVALID_PARAM(mbedtls_ecdh_enable_restart(NULL)); #endif /* MBEDTLS_ECP_RESTARTABLE */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_gen_public( NULL, &m, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_gen_public( &grp, NULL, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_gen_public( &grp, &m, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_gen_public( &grp, &m, &P, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_compute_shared( NULL, &m, &P, &m, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_compute_shared( &grp, NULL, &P, &m, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_compute_shared( &grp, &m, NULL, &m, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_compute_shared( &grp, &m, &P, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_setup( NULL, valid_grp ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_params( NULL, &olen, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_params( &ctx, NULL, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_params( &ctx, &olen, NULL, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_params( &ctx, &olen, buf, buflen, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_params( NULL, - (const unsigned char**) &buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_params( &ctx, &buf_null, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_params( &ctx, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_params( &ctx, - (const unsigned char**) &buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_get_params( NULL, &kp, - MBEDTLS_ECDH_OURS ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_get_params( &ctx, NULL, - MBEDTLS_ECDH_OURS ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_get_params( &ctx, &kp, - invalid_side ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_public( NULL, &olen, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_public( &ctx, NULL, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_public( &ctx, &olen, NULL, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_public( &ctx, &olen, buf, buflen, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_public( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_public( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_calc_secret( NULL, &olen, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_calc_secret( &ctx, NULL, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_calc_secret( &ctx, &olen, NULL, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_gen_public(NULL, &m, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_gen_public(&grp, NULL, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_gen_public(&grp, &m, NULL, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_gen_public(&grp, &m, &P, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_compute_shared(NULL, &m, &P, &m, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_compute_shared(&grp, NULL, &P, &m, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_compute_shared(&grp, &m, NULL, &m, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_compute_shared(&grp, &m, &P, NULL, + mbedtls_test_rnd_std_rand, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_setup(NULL, valid_grp)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_params(NULL, &olen, buf, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_params(&ctx, NULL, buf, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_params(&ctx, &olen, NULL, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_params(&ctx, &olen, buf, buflen, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_read_params(NULL, + (const unsigned char **) &buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_read_params(&ctx, &buf_null, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_read_params(&ctx, NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_read_params(&ctx, + (const unsigned char **) &buf, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_get_params(NULL, &kp, + MBEDTLS_ECDH_OURS)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_get_params(&ctx, NULL, + MBEDTLS_ECDH_OURS)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_get_params(&ctx, &kp, + invalid_side)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_public(NULL, &olen, buf, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_public(&ctx, NULL, buf, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_public(&ctx, &olen, NULL, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_public(&ctx, &olen, buf, buflen, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_read_public(NULL, buf, buflen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_read_public(&ctx, NULL, buflen)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_calc_secret(NULL, &olen, buf, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_calc_secret(&ctx, NULL, buf, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_calc_secret(&ctx, &olen, NULL, buflen, + mbedtls_test_rnd_std_rand, NULL)); exit: return; @@ -186,59 +186,59 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void ecdh_primitive_random( int id ) +void ecdh_primitive_random(int id) { mbedtls_ecp_group grp; mbedtls_ecp_point qA, qB; mbedtls_mpi dA, dB, zA, zB; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &qA ); mbedtls_ecp_point_init( &qB ); - mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &dB ); - mbedtls_mpi_init( &zA ); mbedtls_mpi_init( &zB ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&qA); mbedtls_ecp_point_init(&qB); + mbedtls_mpi_init(&dA); mbedtls_mpi_init(&dB); + mbedtls_mpi_init(&zA); mbedtls_mpi_init(&zB); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dA, &qA, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dB, &qB, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB, - NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_gen_public(&grp, &dA, &qA, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_gen_public(&grp, &dB, &qB, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_compute_shared(&grp, &zA, &qB, &dA, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_compute_shared(&grp, &zB, &qA, &dB, + NULL, NULL) == 0); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &zB ) == 0 ); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&zA, &zB) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &qA ); mbedtls_ecp_point_free( &qB ); - mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &dB ); - mbedtls_mpi_free( &zA ); mbedtls_mpi_free( &zB ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&qA); mbedtls_ecp_point_free(&qB); + mbedtls_mpi_free(&dA); mbedtls_mpi_free(&dB); + mbedtls_mpi_free(&zA); mbedtls_mpi_free(&zB); } /* END_CASE */ /* BEGIN_CASE */ -void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str, - char * yA_str, data_t * rnd_buf_B, - char * xB_str, char * yB_str, char * z_str ) +void ecdh_primitive_testvec(int id, data_t *rnd_buf_A, char *xA_str, + char *yA_str, data_t *rnd_buf_B, + char *xB_str, char *yB_str, char *z_str) { mbedtls_ecp_group grp; mbedtls_ecp_point qA, qB; mbedtls_mpi dA, dB, zA, zB, check; mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &qA ); mbedtls_ecp_point_init( &qB ); - mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &dB ); - mbedtls_mpi_init( &zA ); mbedtls_mpi_init( &zB ); mbedtls_mpi_init( &check ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&qA); mbedtls_ecp_point_init(&qB); + mbedtls_mpi_init(&dA); mbedtls_mpi_init(&dB); + mbedtls_mpi_init(&zA); mbedtls_mpi_init(&zB); mbedtls_mpi_init(&check); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); rnd_info_A.buf = rnd_buf_A->x; rnd_info_A.length = rnd_buf_A->len; @@ -246,14 +246,14 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str, rnd_info_A.fallback_p_rng = NULL; /* Fix rnd_buf_A->x by shifting it left if necessary */ - if( grp.nbits % 8 != 0 ) - { - unsigned char shift = 8 - ( grp.nbits % 8 ); + if (grp.nbits % 8 != 0) { + unsigned char shift = 8 - (grp.nbits % 8); size_t i; - for( i = 0; i < rnd_info_A.length - 1; i++ ) + for (i = 0; i < rnd_info_A.length - 1; i++) { rnd_buf_A->x[i] = rnd_buf_A->x[i] << shift - | rnd_buf_A->x[i+1] >> ( 8 - shift ); + | rnd_buf_A->x[i+1] >> (8 - shift); + } rnd_buf_A->x[rnd_info_A.length-1] <<= shift; } @@ -264,52 +264,52 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str, rnd_info_B.fallback_p_rng = NULL; /* Fix rnd_buf_B->x by shifting it left if necessary */ - if( grp.nbits % 8 != 0 ) - { - unsigned char shift = 8 - ( grp.nbits % 8 ); + if (grp.nbits % 8 != 0) { + unsigned char shift = 8 - (grp.nbits % 8); size_t i; - for( i = 0; i < rnd_info_B.length - 1; i++ ) + for (i = 0; i < rnd_info_B.length - 1; i++) { rnd_buf_B->x[i] = rnd_buf_B->x[i] << shift - | rnd_buf_B->x[i+1] >> ( 8 - shift ); + | rnd_buf_B->x[i+1] >> (8 - shift); + } rnd_buf_B->x[rnd_info_B.length-1] <<= shift; } - TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dA, &qA, - mbedtls_test_rnd_buffer_rand, - &rnd_info_A ) == 0 ); - TEST_ASSERT( ! mbedtls_ecp_is_zero( &qA ) ); - TEST_ASSERT( mbedtls_test_read_mpi( &check, xA_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.X, &check ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &check, yA_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.Y, &check ) == 0 ); - - TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dB, &qB, - mbedtls_test_rnd_buffer_rand, - &rnd_info_B ) == 0 ); - TEST_ASSERT( ! mbedtls_ecp_is_zero( &qB ) ); - TEST_ASSERT( mbedtls_test_read_mpi( &check, xB_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.X, &check ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &check, yB_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.Y, &check ) == 0 ); - - TEST_ASSERT( mbedtls_test_read_mpi( &check, z_str ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &check ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zB, &check ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_gen_public(&grp, &dA, &qA, + mbedtls_test_rnd_buffer_rand, + &rnd_info_A) == 0); + TEST_ASSERT(!mbedtls_ecp_is_zero(&qA)); + TEST_ASSERT(mbedtls_test_read_mpi(&check, xA_str) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&qA.X, &check) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&check, yA_str) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&qA.Y, &check) == 0); + + TEST_ASSERT(mbedtls_ecdh_gen_public(&grp, &dB, &qB, + mbedtls_test_rnd_buffer_rand, + &rnd_info_B) == 0); + TEST_ASSERT(!mbedtls_ecp_is_zero(&qB)); + TEST_ASSERT(mbedtls_test_read_mpi(&check, xB_str) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&qB.X, &check) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&check, yB_str) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&qB.Y, &check) == 0); + + TEST_ASSERT(mbedtls_test_read_mpi(&check, z_str) == 0); + TEST_ASSERT(mbedtls_ecdh_compute_shared(&grp, &zA, &qB, &dA, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&zA, &check) == 0); + TEST_ASSERT(mbedtls_ecdh_compute_shared(&grp, &zB, &qA, &dB, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&zB, &check) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &qA ); mbedtls_ecp_point_free( &qB ); - mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &dB ); - mbedtls_mpi_free( &zA ); mbedtls_mpi_free( &zB ); mbedtls_mpi_free( &check ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&qA); mbedtls_ecp_point_free(&qB); + mbedtls_mpi_free(&dA); mbedtls_mpi_free(&dB); + mbedtls_mpi_free(&zA); mbedtls_mpi_free(&zB); mbedtls_mpi_free(&check); } /* END_CASE */ /* BEGIN_CASE */ -void ecdh_exchange( int id ) +void ecdh_exchange(int id) { mbedtls_ecdh_context srv, cli; unsigned char buf[1000]; @@ -319,41 +319,41 @@ void ecdh_exchange( int id ) unsigned char res_buf[1000]; size_t res_len; - mbedtls_ecdh_init( &srv ); - mbedtls_ecdh_init( &cli ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecdh_init(&srv); + mbedtls_ecdh_init(&cli); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecdh_setup( &srv, id ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_setup(&srv, id) == 0); - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecdh_make_params( &srv, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_read_params( &cli, &vbuf, buf + len ) == 0 ); + memset(buf, 0x00, sizeof(buf)); vbuf = buf; + TEST_ASSERT(mbedtls_ecdh_make_params(&srv, &len, buf, 1000, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_read_params(&cli, &vbuf, buf + len) == 0); - memset( buf, 0x00, sizeof( buf ) ); - TEST_ASSERT( mbedtls_ecdh_make_public( &cli, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_read_public( &srv, buf, len ) == 0 ); + memset(buf, 0x00, sizeof(buf)); + TEST_ASSERT(mbedtls_ecdh_make_public(&cli, &len, buf, 1000, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_read_public(&srv, buf, len) == 0); - TEST_ASSERT( mbedtls_ecdh_calc_secret( &srv, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_calc_secret( &cli, &res_len, res_buf, 1000, - NULL, NULL ) == 0 ); - TEST_ASSERT( len == res_len ); - TEST_ASSERT( memcmp( buf, res_buf, len ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_calc_secret(&srv, &len, buf, 1000, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_calc_secret(&cli, &res_len, res_buf, 1000, + NULL, NULL) == 0); + TEST_ASSERT(len == res_len); + TEST_ASSERT(memcmp(buf, res_buf, len) == 0); exit: - mbedtls_ecdh_free( &srv ); - mbedtls_ecdh_free( &cli ); + mbedtls_ecdh_free(&srv); + mbedtls_ecdh_free(&cli); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ -void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z, - int enable, int max_ops, int min_restart, int max_restart ) +void ecdh_restart(int id, data_t *dA, data_t *dB, data_t *z, + int enable, int max_ops, int min_restart, int max_restart) { int ret; mbedtls_ecdh_context srv, cli; @@ -364,9 +364,9 @@ void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z, int cnt_restart; mbedtls_ecp_group grp; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecdh_init( &srv ); - mbedtls_ecdh_init( &cli ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecdh_init(&srv); + mbedtls_ecdh_init(&cli); rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand; rnd_info_A.fallback_p_rng = NULL; @@ -380,103 +380,102 @@ void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z, /* The ECDH context is not guaranteed to have an mbedtls_ecp_group structure * in every configuration, therefore we load it separately. */ - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); /* Otherwise we would have to fix the random buffer, * as in ecdh_primitive_testvec. */ - TEST_ASSERT( grp.nbits % 8 == 0 ); + TEST_ASSERT(grp.nbits % 8 == 0); - TEST_ASSERT( mbedtls_ecdh_setup( &srv, id ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_setup(&srv, id) == 0); /* set up restart parameters */ - mbedtls_ecp_set_max_ops( max_ops ); + mbedtls_ecp_set_max_ops(max_ops); - if( enable ) - { - mbedtls_ecdh_enable_restart( &srv ); - mbedtls_ecdh_enable_restart( &cli ); + if (enable) { + mbedtls_ecdh_enable_restart(&srv); + mbedtls_ecdh_enable_restart(&cli); } /* server writes its parameters */ - memset( buf, 0x00, sizeof( buf ) ); + memset(buf, 0x00, sizeof(buf)); len = 0; cnt_restart = 0; do { - ret = mbedtls_ecdh_make_params( &srv, &len, buf, sizeof( buf ), - mbedtls_test_rnd_buffer_rand, - &rnd_info_A ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_ecdh_make_params(&srv, &len, buf, sizeof(buf), + mbedtls_test_rnd_buffer_rand, + &rnd_info_A); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); /* client read server params */ vbuf = buf; - TEST_ASSERT( mbedtls_ecdh_read_params( &cli, &vbuf, buf + len ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_read_params(&cli, &vbuf, buf + len) == 0); /* client writes its key share */ - memset( buf, 0x00, sizeof( buf ) ); + memset(buf, 0x00, sizeof(buf)); len = 0; cnt_restart = 0; do { - ret = mbedtls_ecdh_make_public( &cli, &len, buf, sizeof( buf ), - mbedtls_test_rnd_buffer_rand, - &rnd_info_B ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_ecdh_make_public(&cli, &len, buf, sizeof(buf), + mbedtls_test_rnd_buffer_rand, + &rnd_info_B); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); /* server reads client key share */ - TEST_ASSERT( mbedtls_ecdh_read_public( &srv, buf, len ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_read_public(&srv, buf, len) == 0); /* server computes shared secret */ - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); len = 0; cnt_restart = 0; do { - ret = mbedtls_ecdh_calc_secret( &srv, &len, buf, sizeof( buf ), - NULL, NULL ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_ecdh_calc_secret(&srv, &len, buf, sizeof(buf), + NULL, NULL); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); - TEST_ASSERT( len == z->len ); - TEST_ASSERT( memcmp( buf, z->x, len ) == 0 ); + TEST_ASSERT(len == z->len); + TEST_ASSERT(memcmp(buf, z->x, len) == 0); /* client computes shared secret */ - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); len = 0; cnt_restart = 0; do { - ret = mbedtls_ecdh_calc_secret( &cli, &len, buf, sizeof( buf ), - NULL, NULL ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_ecdh_calc_secret(&cli, &len, buf, sizeof(buf), + NULL, NULL); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); - TEST_ASSERT( len == z->len ); - TEST_ASSERT( memcmp( buf, z->x, len ) == 0 ); + TEST_ASSERT(len == z->len); + TEST_ASSERT(memcmp(buf, z->x, len) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecdh_free( &srv ); - mbedtls_ecdh_free( &cli ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecdh_free(&srv); + mbedtls_ecdh_free(&cli); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECDH_LEGACY_CONTEXT */ -void ecdh_exchange_legacy( int id ) +void ecdh_exchange_legacy(int id) { mbedtls_ecdh_context srv, cli; unsigned char buf[1000]; @@ -485,43 +484,43 @@ void ecdh_exchange_legacy( int id ) mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecdh_init( &srv ); - mbedtls_ecdh_init( &cli ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecdh_init(&srv); + mbedtls_ecdh_init(&cli); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecp_group_load( &srv.grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&srv.grp, id) == 0); - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecdh_make_params( &srv, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_read_params( &cli, &vbuf, buf + len ) == 0 ); + memset(buf, 0x00, sizeof(buf)); vbuf = buf; + TEST_ASSERT(mbedtls_ecdh_make_params(&srv, &len, buf, 1000, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_read_params(&cli, &vbuf, buf + len) == 0); - memset( buf, 0x00, sizeof( buf ) ); - TEST_ASSERT( mbedtls_ecdh_make_public( &cli, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_read_public( &srv, buf, len ) == 0 ); + memset(buf, 0x00, sizeof(buf)); + TEST_ASSERT(mbedtls_ecdh_make_public(&cli, &len, buf, 1000, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_read_public(&srv, buf, len) == 0); - TEST_ASSERT( mbedtls_ecdh_calc_secret( &srv, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_calc_secret( &cli, &len, buf, 1000, NULL, - NULL ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &srv.z, &cli.z ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_calc_secret(&srv, &len, buf, 1000, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_calc_secret(&cli, &len, buf, 1000, NULL, + NULL) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&srv.z, &cli.z) == 0); exit: - mbedtls_ecdh_free( &srv ); - mbedtls_ecdh_free( &cli ); + mbedtls_ecdh_free(&srv); + mbedtls_ecdh_free(&cli); } /* END_CASE */ /* BEGIN_CASE */ -void ecdh_exchange_calc_secret( int grp_id, - data_t *our_private_key, - data_t *their_point, - int ours_first, - data_t *expected ) +void ecdh_exchange_calc_secret(int grp_id, + data_t *our_private_key, + data_t *their_point, + int ours_first, + data_t *expected) { mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_ecp_keypair our_key; @@ -530,92 +529,90 @@ void ecdh_exchange_calc_secret( int grp_id, unsigned char shared_secret[MBEDTLS_ECP_MAX_BYTES]; size_t shared_secret_length = 0; - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - mbedtls_ecdh_init( &ecdh ); - mbedtls_ecp_keypair_init( &our_key ); - mbedtls_ecp_keypair_init( &their_key ); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + mbedtls_ecdh_init(&ecdh); + mbedtls_ecp_keypair_init(&our_key); + mbedtls_ecp_keypair_init(&their_key); - if( ! load_private_key( grp_id, our_private_key, &our_key, &rnd_info ) ) + if (!load_private_key(grp_id, our_private_key, &our_key, &rnd_info)) { goto exit; - if( ! load_public_key( grp_id, their_point, &their_key ) ) + } + if (!load_public_key(grp_id, their_point, &their_key)) { goto exit; + } /* Import the keys to the ECDH calculation. */ - if( ours_first ) - { - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == 0 ); - } - else - { - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == 0 ); + if (ours_first) { + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &our_key, MBEDTLS_ECDH_OURS) == 0); + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &their_key, MBEDTLS_ECDH_THEIRS) == 0); + } else { + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &their_key, MBEDTLS_ECDH_THEIRS) == 0); + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &our_key, MBEDTLS_ECDH_OURS) == 0); } /* Perform the ECDH calculation. */ - TEST_ASSERT( mbedtls_ecdh_calc_secret( - &ecdh, - &shared_secret_length, - shared_secret, sizeof( shared_secret ), - &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); - TEST_ASSERT( shared_secret_length == expected->len ); - TEST_ASSERT( memcmp( expected->x, shared_secret, - shared_secret_length ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_calc_secret( + &ecdh, + &shared_secret_length, + shared_secret, sizeof(shared_secret), + &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0); + TEST_ASSERT(shared_secret_length == expected->len); + TEST_ASSERT(memcmp(expected->x, shared_secret, + shared_secret_length) == 0); exit: - mbedtls_ecdh_free( &ecdh ); - mbedtls_ecp_keypair_free( &our_key ); - mbedtls_ecp_keypair_free( &their_key ); + mbedtls_ecdh_free(&ecdh); + mbedtls_ecp_keypair_free(&our_key); + mbedtls_ecp_keypair_free(&their_key); } /* END_CASE */ /* BEGIN_CASE */ -void ecdh_exchange_get_params_fail( int our_grp_id, - data_t *our_private_key, - int their_grp_id, - data_t *their_point, - int ours_first, - int expected_ret ) +void ecdh_exchange_get_params_fail(int our_grp_id, + data_t *our_private_key, + int their_grp_id, + data_t *their_point, + int ours_first, + int expected_ret) { mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_ecp_keypair our_key; mbedtls_ecp_keypair their_key; mbedtls_ecdh_context ecdh; - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - mbedtls_ecdh_init( &ecdh ); - mbedtls_ecp_keypair_init( &our_key ); - mbedtls_ecp_keypair_init( &their_key ); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + mbedtls_ecdh_init(&ecdh); + mbedtls_ecp_keypair_init(&our_key); + mbedtls_ecp_keypair_init(&their_key); - if( ! load_private_key( our_grp_id, our_private_key, &our_key, &rnd_info ) ) + if (!load_private_key(our_grp_id, our_private_key, &our_key, &rnd_info)) { goto exit; - if( ! load_public_key( their_grp_id, their_point, &their_key ) ) + } + if (!load_public_key(their_grp_id, their_point, &their_key)) { goto exit; - - if( ours_first ) - { - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == - expected_ret ); } - else - { - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == - expected_ret ); + + if (ours_first) { + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &our_key, MBEDTLS_ECDH_OURS) == 0); + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &their_key, MBEDTLS_ECDH_THEIRS) == + expected_ret); + } else { + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &their_key, MBEDTLS_ECDH_THEIRS) == 0); + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &our_key, MBEDTLS_ECDH_OURS) == + expected_ret); } exit: - mbedtls_ecdh_free( &ecdh ); - mbedtls_ecp_keypair_free( &our_key ); - mbedtls_ecp_keypair_free( &their_key ); + mbedtls_ecdh_free(&ecdh); + mbedtls_ecp_keypair_free(&our_key); + mbedtls_ecp_keypair_free(&their_key); } /* END_CASE */ diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 1ca7c39712e7..470495dff5f5 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -8,7 +8,7 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void ecdsa_invalid_param( ) +void ecdsa_invalid_param() { mbedtls_ecdsa_context ctx; mbedtls_ecp_keypair key; @@ -20,204 +20,204 @@ void ecdsa_invalid_param( ) size_t slen; unsigned char buf[42] = { 0 }; - mbedtls_ecdsa_init( &ctx ); - mbedtls_ecp_keypair_init( &key ); - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &P ); - mbedtls_mpi_init( &m ); + mbedtls_ecdsa_init(&ctx); + mbedtls_ecp_keypair_init(&key); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&P); + mbedtls_mpi_init(&m); - TEST_INVALID_PARAM( mbedtls_ecdsa_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecdsa_free( NULL ) ); + TEST_INVALID_PARAM(mbedtls_ecdsa_init(NULL)); + TEST_VALID_PARAM(mbedtls_ecdsa_free(NULL)); #if defined(MBEDTLS_ECP_RESTARTABLE) - TEST_INVALID_PARAM( mbedtls_ecdsa_restart_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecdsa_restart_free( NULL ) ); + TEST_INVALID_PARAM(mbedtls_ecdsa_restart_init(NULL)); + TEST_VALID_PARAM(mbedtls_ecdsa_restart_free(NULL)); #endif /* MBEDTLS_ECP_RESTARTABLE */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( NULL, &m, &m, &m, - buf, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, NULL, &m, &m, - buf, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, &m, NULL, &m, - buf, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, &m, &m, NULL, - buf, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, &m, &m, &m, - NULL, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, &m, &m, &m, - buf, sizeof( buf ), - NULL, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign(NULL, &m, &m, &m, + buf, sizeof(buf), + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign(&grp, NULL, &m, &m, + buf, sizeof(buf), + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign(&grp, &m, NULL, &m, + buf, sizeof(buf), + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign(&grp, &m, &m, NULL, + buf, sizeof(buf), + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign(&grp, &m, &m, &m, + NULL, sizeof(buf), + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign(&grp, &m, &m, &m, + buf, sizeof(buf), + NULL, NULL)); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( NULL, &m, &m, &m, - buf, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( &grp, NULL, &m, &m, - buf, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( &grp, &m, NULL, &m, - buf, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( &grp, &m, &m, NULL, - buf, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( &grp, &m, &m, &m, - NULL, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign_det_ext(NULL, &m, &m, &m, + buf, sizeof(buf), + valid_md, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign_det_ext(&grp, NULL, &m, &m, + buf, sizeof(buf), + valid_md, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign_det_ext(&grp, &m, NULL, &m, + buf, sizeof(buf), + valid_md, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign_det_ext(&grp, &m, &m, NULL, + buf, sizeof(buf), + valid_md, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign_det_ext(&grp, &m, &m, &m, + NULL, sizeof(buf), + valid_md, + mbedtls_test_rnd_std_rand, + NULL)); #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( NULL, - buf, sizeof( buf ), - &P, &m, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( &grp, - NULL, sizeof( buf ), - &P, &m, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( &grp, - buf, sizeof( buf ), - NULL, &m, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( &grp, - buf, sizeof( buf ), - &P, NULL, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( &grp, - buf, sizeof( buf ), - &P, &m, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature( NULL, valid_md, buf, sizeof( buf ), - buf, &slen, mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature( &ctx, valid_md, NULL, sizeof( buf ), - buf, &slen, mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature( &ctx, valid_md, buf, sizeof( buf ), - NULL, &slen, mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature( &ctx, valid_md, buf, sizeof( buf ), - buf, NULL, mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature_restartable( NULL, valid_md, buf, - sizeof( buf ), buf, &slen, - mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature_restartable( &ctx, valid_md, NULL, - sizeof( buf ), buf, &slen, - mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature_restartable( &ctx, valid_md, buf, - sizeof( buf ), NULL, &slen, - mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature_restartable( &ctx, valid_md, buf, - sizeof( buf ), buf, NULL, - mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature( NULL, - buf, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature( &ctx, - NULL, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature( &ctx, - buf, sizeof( buf ), - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature_restartable( NULL, - buf, sizeof( buf ), - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature_restartable( &ctx, - NULL, sizeof( buf ), - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature_restartable( &ctx, - buf, sizeof( buf ), - NULL, sizeof( buf ), - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_genkey( NULL, valid_group, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_genkey( &ctx, valid_group, - NULL, NULL ) ); - - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_from_keypair( NULL, &key ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_from_keypair( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_verify(NULL, + buf, sizeof(buf), + &P, &m, &m)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_verify(&grp, + NULL, sizeof(buf), + &P, &m, &m)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_verify(&grp, + buf, sizeof(buf), + NULL, &m, &m)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_verify(&grp, + buf, sizeof(buf), + &P, NULL, &m)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_verify(&grp, + buf, sizeof(buf), + &P, &m, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature(NULL, valid_md, buf, sizeof(buf), + buf, &slen, mbedtls_test_rnd_std_rand, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature(&ctx, valid_md, NULL, sizeof(buf), + buf, &slen, mbedtls_test_rnd_std_rand, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature(&ctx, valid_md, buf, sizeof(buf), + NULL, &slen, mbedtls_test_rnd_std_rand, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature(&ctx, valid_md, buf, sizeof(buf), + buf, NULL, mbedtls_test_rnd_std_rand, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature_restartable(NULL, valid_md, buf, + sizeof(buf), buf, &slen, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature_restartable(&ctx, valid_md, NULL, + sizeof(buf), buf, &slen, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature_restartable(&ctx, valid_md, buf, + sizeof(buf), NULL, &slen, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature_restartable(&ctx, valid_md, buf, + sizeof(buf), buf, NULL, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_read_signature(NULL, + buf, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_read_signature(&ctx, + NULL, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_read_signature(&ctx, + buf, sizeof(buf), + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_read_signature_restartable(NULL, + buf, sizeof(buf), + buf, sizeof(buf), + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_read_signature_restartable(&ctx, + NULL, sizeof(buf), + buf, sizeof(buf), + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_read_signature_restartable(&ctx, + buf, sizeof(buf), + NULL, sizeof(buf), + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_genkey(NULL, valid_group, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_genkey(&ctx, valid_group, + NULL, NULL)); + + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_from_keypair(NULL, &key)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_from_keypair(&ctx, NULL)); exit: - mbedtls_ecdsa_free( &ctx ); - mbedtls_ecp_keypair_free( &key ); - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &P ); - mbedtls_mpi_free( &m ); + mbedtls_ecdsa_free(&ctx); + mbedtls_ecp_keypair_free(&key); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&P); + mbedtls_mpi_free(&m); return; } /* END_CASE */ /* BEGIN_CASE */ -void ecdsa_prim_zero( int id ) +void ecdsa_prim_zero(int id) { mbedtls_ecp_group grp; mbedtls_ecp_point Q; @@ -225,31 +225,31 @@ void ecdsa_prim_zero( int id ) mbedtls_test_rnd_pseudo_info rnd_info; unsigned char buf[MBEDTLS_MD_MAX_SIZE]; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &Q ); - mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - memset( buf, 0, sizeof( buf ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&Q); + mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + memset(buf, 0, sizeof(buf)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(mbedtls_ecp_gen_keypair(&grp, &d, &Q, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); - TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, buf, sizeof( buf ), - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdsa_verify( &grp, buf, sizeof( buf ), &Q, &r, &s ) == 0 ); + TEST_ASSERT(mbedtls_ecdsa_sign(&grp, &r, &s, &d, buf, sizeof(buf), + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdsa_verify(&grp, buf, sizeof(buf), &Q, &r, &s) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &Q ); - mbedtls_mpi_free( &d ); mbedtls_mpi_free( &r ); mbedtls_mpi_free( &s ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&Q); + mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s); } /* END_CASE */ /* BEGIN_CASE */ -void ecdsa_prim_random( int id ) +void ecdsa_prim_random(int id) { mbedtls_ecp_group grp; mbedtls_ecp_point Q; @@ -257,152 +257,151 @@ void ecdsa_prim_random( int id ) mbedtls_test_rnd_pseudo_info rnd_info; unsigned char buf[MBEDTLS_MD_MAX_SIZE]; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &Q ); - mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - memset( buf, 0, sizeof( buf ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&Q); + mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + memset(buf, 0, sizeof(buf)); /* prepare material for signature */ - TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info, - buf, sizeof( buf ) ) == 0 ); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - - TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, buf, sizeof( buf ), - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdsa_verify( &grp, buf, sizeof( buf ), &Q, &r, &s ) == 0 ); + TEST_ASSERT(mbedtls_test_rnd_pseudo_rand(&rnd_info, + buf, sizeof(buf)) == 0); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(mbedtls_ecp_gen_keypair(&grp, &d, &Q, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + + TEST_ASSERT(mbedtls_ecdsa_sign(&grp, &r, &s, &d, buf, sizeof(buf), + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdsa_verify(&grp, buf, sizeof(buf), &Q, &r, &s) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &Q ); - mbedtls_mpi_free( &d ); mbedtls_mpi_free( &r ); mbedtls_mpi_free( &s ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&Q); + mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s); } /* END_CASE */ /* BEGIN_CASE */ -void ecdsa_prim_test_vectors( int id, char * d_str, char * xQ_str, - char * yQ_str, data_t * rnd_buf, - data_t * hash, char * r_str, char * s_str, - int result ) +void ecdsa_prim_test_vectors(int id, char *d_str, char *xQ_str, + char *yQ_str, data_t *rnd_buf, + data_t *hash, char *r_str, char *s_str, + int result) { mbedtls_ecp_group grp; mbedtls_ecp_point Q; mbedtls_mpi d, r, s, r_check, s_check, zero; mbedtls_test_rnd_buf_info rnd_info; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &Q ); - mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); - mbedtls_mpi_init( &r_check ); mbedtls_mpi_init( &s_check ); - mbedtls_mpi_init( &zero ); - - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_string( &Q, 16, xQ_str, yQ_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &d, d_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &r_check, r_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &s_check, s_str ) == 0 ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&Q); + mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s); + mbedtls_mpi_init(&r_check); mbedtls_mpi_init(&s_check); + mbedtls_mpi_init(&zero); + + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(mbedtls_ecp_point_read_string(&Q, 16, xQ_str, yQ_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&d, d_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&r_check, r_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&s_check, s_str) == 0); rnd_info.fallback_f_rng = mbedtls_test_rnd_std_rand; rnd_info.fallback_p_rng = NULL; rnd_info.buf = rnd_buf->x; rnd_info.length = rnd_buf->len; /* Fix rnd_buf->x by shifting it left if necessary */ - if( grp.nbits % 8 != 0 ) - { - unsigned char shift = 8 - ( grp.nbits % 8 ); + if (grp.nbits % 8 != 0) { + unsigned char shift = 8 - (grp.nbits % 8); size_t i; - for( i = 0; i < rnd_info.length - 1; i++ ) - rnd_buf->x[i] = rnd_buf->x[i] << shift | rnd_buf->x[i+1] >> ( 8 - shift ); + for (i = 0; i < rnd_info.length - 1; i++) { + rnd_buf->x[i] = rnd_buf->x[i] << shift | rnd_buf->x[i+1] >> (8 - shift); + } rnd_buf->x[rnd_info.length-1] <<= shift; } - TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, hash->x, hash->len, - mbedtls_test_rnd_buffer_rand, &rnd_info ) == result ); + TEST_ASSERT(mbedtls_ecdsa_sign(&grp, &r, &s, &d, hash->x, hash->len, + mbedtls_test_rnd_buffer_rand, &rnd_info) == result); - if ( result == 0) - { + if (result == 0) { /* Check we generated the expected values */ - TEST_EQUAL( mbedtls_mpi_cmp_mpi( &r, &r_check ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_mpi( &s, &s_check ), 0 ); + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&r, &r_check), 0); + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&s, &s_check), 0); /* Valid signature */ - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, - &Q, &r_check, &s_check ), 0 ); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, + &Q, &r_check, &s_check), 0); /* Invalid signature: wrong public key (G instead of Q) */ - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, - &grp.G, &r_check, &s_check ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, + &grp.G, &r_check, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED); /* Invalid signatures: r or s or both one off */ - TEST_EQUAL( mbedtls_mpi_sub_int( &r, &r_check, 1 ), 0 ); - TEST_EQUAL( mbedtls_mpi_add_int( &s, &s_check, 1 ), 0 ); + TEST_EQUAL(mbedtls_mpi_sub_int(&r, &r_check, 1), 0); + TEST_EQUAL(mbedtls_mpi_add_int(&s, &s_check, 1), 0); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &r, &s_check ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &r_check, &s ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &r, &s ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r_check, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED); /* Invalid signatures: r, s or both (CVE-2022-21449) are zero */ - TEST_EQUAL( mbedtls_mpi_lset( &zero, 0 ), 0 ); + TEST_EQUAL(mbedtls_mpi_lset(&zero, 0), 0); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &zero, &s_check ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &r_check, &zero ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &zero, &zero ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &zero, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r_check, &zero), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &zero, &zero), MBEDTLS_ERR_ECP_VERIFY_FAILED); /* Invalid signatures: r, s or both are == N */ - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &grp.N, &s_check ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &r_check, &grp.N ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &grp.N, &grp.N ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &grp.N, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r_check, &grp.N), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &grp.N, &grp.N), MBEDTLS_ERR_ECP_VERIFY_FAILED); /* Invalid signatures: r, s or both are negative */ - TEST_EQUAL( mbedtls_mpi_sub_mpi( &r, &r_check, &grp.N ), 0 ); - TEST_EQUAL( mbedtls_mpi_sub_mpi( &s, &s_check, &grp.N ), 0 ); + TEST_EQUAL(mbedtls_mpi_sub_mpi(&r, &r_check, &grp.N), 0); + TEST_EQUAL(mbedtls_mpi_sub_mpi(&s, &s_check, &grp.N), 0); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &r, &s_check ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &r_check, &s ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &r, &s ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r_check, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED); /* Invalid signatures: r or s or both are > N */ - TEST_EQUAL( mbedtls_mpi_add_mpi( &r, &r_check, &grp.N ), 0 ); - TEST_EQUAL( mbedtls_mpi_add_mpi( &s, &s_check, &grp.N ), 0 ); - - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &r, &s_check ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &r_check, &s ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); - TEST_EQUAL( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, - &r, &s ), MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_EQUAL(mbedtls_mpi_add_mpi(&r, &r_check, &grp.N), 0); + TEST_EQUAL(mbedtls_mpi_add_mpi(&s, &s_check, &grp.N), 0); + + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r_check, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED); } exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &Q ); - mbedtls_mpi_free( &d ); mbedtls_mpi_free( &r ); mbedtls_mpi_free( &s ); - mbedtls_mpi_free( &r_check ); mbedtls_mpi_free( &s_check ); - mbedtls_mpi_free( &zero ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&Q); + mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s); + mbedtls_mpi_free(&r_check); mbedtls_mpi_free(&s_check); + mbedtls_mpi_free(&zero); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECDSA_DETERMINISTIC */ -void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg, - char * r_str, char * s_str ) +void ecdsa_det_test_vectors(int id, char *d_str, int md_alg, char *msg, + char *r_str, char *s_str) { mbedtls_ecp_group grp; mbedtls_mpi d, r, s, r_check, s_check; @@ -410,40 +409,40 @@ void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg, size_t hlen; const mbedtls_md_info_t *md_info; - mbedtls_ecp_group_init( &grp ); - mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); - mbedtls_mpi_init( &r_check ); mbedtls_mpi_init( &s_check ); - memset( hash, 0, sizeof( hash ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s); + mbedtls_mpi_init(&r_check); mbedtls_mpi_init(&s_check); + memset(hash, 0, sizeof(hash)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &d, d_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &r_check, r_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &s_check, s_str ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&d, d_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&r_check, r_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&s_check, s_str) == 0); - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); - hlen = mbedtls_md_get_size( md_info ); - TEST_ASSERT( mbedtls_md( md_info, (const unsigned char *) msg, - strlen( msg ), hash ) == 0 ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); + hlen = mbedtls_md_get_size(md_info); + TEST_ASSERT(mbedtls_md(md_info, (const unsigned char *) msg, + strlen(msg), hash) == 0); TEST_ASSERT( - mbedtls_ecdsa_sign_det_ext( &grp, &r, &s, &d, hash, hlen, - md_alg, mbedtls_test_rnd_std_rand, - NULL ) - == 0 ); + mbedtls_ecdsa_sign_det_ext(&grp, &r, &s, &d, hash, hlen, + md_alg, mbedtls_test_rnd_std_rand, + NULL) + == 0); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &r, &r_check ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &s, &s_check ) == 0 ); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&r, &r_check) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&s, &s_check) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_mpi_free( &d ); mbedtls_mpi_free( &r ); mbedtls_mpi_free( &s ); - mbedtls_mpi_free( &r_check ); mbedtls_mpi_free( &s_check ); + mbedtls_ecp_group_free(&grp); + mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s); + mbedtls_mpi_free(&r_check); mbedtls_mpi_free(&s_check); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void ecdsa_write_read_zero( int id ) +void ecdsa_write_read_zero(int id) { mbedtls_ecdsa_context ctx; mbedtls_test_rnd_pseudo_info rnd_info; @@ -451,59 +450,60 @@ void ecdsa_write_read_zero( int id ) unsigned char sig[200]; size_t sig_len, i; - mbedtls_ecdsa_init( &ctx ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - memset( hash, 0, sizeof( hash ) ); - memset( sig, 0x2a, sizeof( sig ) ); + mbedtls_ecdsa_init(&ctx); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + memset(hash, 0, sizeof(hash)); + memset(sig, 0x2a, sizeof(sig)); /* generate signing key */ - TEST_ASSERT( mbedtls_ecdsa_genkey( &ctx, id, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); + TEST_ASSERT(mbedtls_ecdsa_genkey(&ctx, id, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); /* generate and write signature, then read and verify it */ - TEST_ASSERT( mbedtls_ecdsa_write_signature( &ctx, MBEDTLS_MD_SHA256, - hash, sizeof( hash ), - sig, &sig_len, &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) == 0 ); + TEST_ASSERT(mbedtls_ecdsa_write_signature(&ctx, MBEDTLS_MD_SHA256, + hash, sizeof(hash), + sig, &sig_len, &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) == 0); /* check we didn't write past the announced length */ - for( i = sig_len; i < sizeof( sig ); i++ ) - TEST_ASSERT( sig[i] == 0x2a ); + for (i = sig_len; i < sizeof(sig); i++) { + TEST_ASSERT(sig[i] == 0x2a); + } /* try verification with invalid length */ - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len - 1 ) != 0 ); - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len + 1 ) != 0 ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len - 1) != 0); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len + 1) != 0); /* try invalid sequence tag */ sig[0]++; - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) != 0 ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) != 0); sig[0]--; /* try modifying r */ sig[10]++; - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) == MBEDTLS_ERR_ECP_VERIFY_FAILED); sig[10]--; /* try modifying s */ sig[sig_len - 1]++; - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) == MBEDTLS_ERR_ECP_VERIFY_FAILED); sig[sig_len - 1]--; exit: - mbedtls_ecdsa_free( &ctx ); + mbedtls_ecdsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void ecdsa_write_read_random( int id ) +void ecdsa_write_read_random(int id) { mbedtls_ecdsa_context ctx; mbedtls_test_rnd_pseudo_info rnd_info; @@ -511,127 +511,131 @@ void ecdsa_write_read_random( int id ) unsigned char sig[200]; size_t sig_len, i; - mbedtls_ecdsa_init( &ctx ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - memset( hash, 0, sizeof( hash ) ); - memset( sig, 0x2a, sizeof( sig ) ); + mbedtls_ecdsa_init(&ctx); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + memset(hash, 0, sizeof(hash)); + memset(sig, 0x2a, sizeof(sig)); /* prepare material for signature */ - TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info, - hash, sizeof( hash ) ) == 0 ); + TEST_ASSERT(mbedtls_test_rnd_pseudo_rand(&rnd_info, + hash, sizeof(hash)) == 0); /* generate signing key */ - TEST_ASSERT( mbedtls_ecdsa_genkey( &ctx, id, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); + TEST_ASSERT(mbedtls_ecdsa_genkey(&ctx, id, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); /* generate and write signature, then read and verify it */ - TEST_ASSERT( mbedtls_ecdsa_write_signature( &ctx, MBEDTLS_MD_SHA256, - hash, sizeof( hash ), - sig, &sig_len, &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) == 0 ); + TEST_ASSERT(mbedtls_ecdsa_write_signature(&ctx, MBEDTLS_MD_SHA256, + hash, sizeof(hash), + sig, &sig_len, &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) == 0); /* check we didn't write past the announced length */ - for( i = sig_len; i < sizeof( sig ); i++ ) - TEST_ASSERT( sig[i] == 0x2a ); + for (i = sig_len; i < sizeof(sig); i++) { + TEST_ASSERT(sig[i] == 0x2a); + } /* try verification with invalid length */ - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len - 1 ) != 0 ); - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len + 1 ) != 0 ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len - 1) != 0); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len + 1) != 0); /* try invalid sequence tag */ sig[0]++; - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) != 0 ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) != 0); sig[0]--; /* try modifying r */ sig[10]++; - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) == MBEDTLS_ERR_ECP_VERIFY_FAILED); sig[10]--; /* try modifying s */ sig[sig_len - 1]++; - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) == MBEDTLS_ERR_ECP_VERIFY_FAILED); sig[sig_len - 1]--; exit: - mbedtls_ecdsa_free( &ctx ); + mbedtls_ecdsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ -void ecdsa_read_restart( int id, data_t *pk, data_t *hash, data_t *sig, - int max_ops, int min_restart, int max_restart ) +void ecdsa_read_restart(int id, data_t *pk, data_t *hash, data_t *sig, + int max_ops, int min_restart, int max_restart) { mbedtls_ecdsa_context ctx; mbedtls_ecdsa_restart_ctx rs_ctx; int ret, cnt_restart; - mbedtls_ecdsa_init( &ctx ); - mbedtls_ecdsa_restart_init( &rs_ctx ); + mbedtls_ecdsa_init(&ctx); + mbedtls_ecdsa_restart_init(&rs_ctx); - TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_binary( &ctx.grp, &ctx.Q, - pk->x, pk->len ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&ctx.grp, id) == 0); + TEST_ASSERT(mbedtls_ecp_point_read_binary(&ctx.grp, &ctx.Q, + pk->x, pk->len) == 0); - mbedtls_ecp_set_max_ops( max_ops ); + mbedtls_ecp_set_max_ops(max_ops); cnt_restart = 0; do { - ret = mbedtls_ecdsa_read_signature_restartable( &ctx, - hash->x, hash->len, sig->x, sig->len, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_ecdsa_read_signature_restartable(&ctx, + hash->x, hash->len, sig->x, sig->len, + &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); /* try modifying r */ - TEST_ASSERT( sig->len > 10 ); + TEST_ASSERT(sig->len > 10); sig->x[10]++; do { - ret = mbedtls_ecdsa_read_signature_restartable( &ctx, - hash->x, hash->len, sig->x, sig->len, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + ret = mbedtls_ecdsa_read_signature_restartable(&ctx, + hash->x, hash->len, sig->x, sig->len, + &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_VERIFY_FAILED); sig->x[10]--; /* try modifying s */ sig->x[sig->len - 1]++; do { - ret = mbedtls_ecdsa_read_signature_restartable( &ctx, - hash->x, hash->len, sig->x, sig->len, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + ret = mbedtls_ecdsa_read_signature_restartable(&ctx, + hash->x, hash->len, sig->x, sig->len, + &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_VERIFY_FAILED); sig->x[sig->len - 1]--; /* Do we leak memory when aborting an operation? * This test only makes sense when we actually restart */ - if( min_restart > 0 ) - { - ret = mbedtls_ecdsa_read_signature_restartable( &ctx, - hash->x, hash->len, sig->x, sig->len, &rs_ctx ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + if (min_restart > 0) { + ret = mbedtls_ecdsa_read_signature_restartable(&ctx, + hash->x, hash->len, sig->x, sig->len, + &rs_ctx); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); } exit: - mbedtls_ecdsa_free( &ctx ); - mbedtls_ecdsa_restart_free( &rs_ctx ); + mbedtls_ecdsa_free(&ctx); + mbedtls_ecdsa_restart_free(&rs_ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_DETERMINISTIC */ -void ecdsa_write_restart( int id, char *d_str, int md_alg, - char *msg, data_t *sig_check, - int max_ops, int min_restart, int max_restart ) +void ecdsa_write_restart(int id, char *d_str, int md_alg, + char *msg, data_t *sig_check, + int max_ops, int min_restart, int max_restart) { int ret, cnt_restart; mbedtls_ecdsa_restart_ctx rs_ctx; @@ -641,86 +645,99 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, size_t hlen, slen; const mbedtls_md_info_t *md_info; - mbedtls_ecdsa_restart_init( &rs_ctx ); - mbedtls_ecdsa_init( &ctx ); - memset( hash, 0, sizeof( hash ) ); - memset( sig, 0, sizeof( sig ) ); + mbedtls_ecdsa_restart_init(&rs_ctx); + mbedtls_ecdsa_init(&ctx); + memset(hash, 0, sizeof(hash)); + memset(sig, 0, sizeof(sig)); - TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.d, d_str ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&ctx.grp, id) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.d, d_str) == 0); - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); - hlen = mbedtls_md_get_size( md_info ); - TEST_ASSERT( mbedtls_md( md_info, - (const unsigned char *) msg, strlen( msg ), - hash ) == 0 ); + hlen = mbedtls_md_get_size(md_info); + TEST_ASSERT(mbedtls_md(md_info, + (const unsigned char *) msg, strlen(msg), + hash) == 0); - mbedtls_ecp_set_max_ops( max_ops ); + mbedtls_ecp_set_max_ops(max_ops); - slen = sizeof( sig ); + slen = sizeof(sig); cnt_restart = 0; do { - ret = mbedtls_ecdsa_write_signature_restartable( &ctx, - md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); - - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( slen == sig_check->len ); - TEST_ASSERT( memcmp( sig, sig_check->x, slen ) == 0 ); - - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + ret = mbedtls_ecdsa_write_signature_restartable(&ctx, + md_alg, + hash, + hlen, + sig, + &slen, + NULL, + NULL, + &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); + + TEST_ASSERT(ret == 0); + TEST_ASSERT(slen == sig_check->len); + TEST_ASSERT(memcmp(sig, sig_check->x, slen) == 0); + + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); /* Do we leak memory when aborting an operation? * This test only makes sense when we actually restart */ - if( min_restart > 0 ) - { - ret = mbedtls_ecdsa_write_signature_restartable( &ctx, - md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + if (min_restart > 0) { + ret = mbedtls_ecdsa_write_signature_restartable(&ctx, + md_alg, + hash, + hlen, + sig, + &slen, + NULL, + NULL, + &rs_ctx); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); } exit: - mbedtls_ecdsa_restart_free( &rs_ctx ); - mbedtls_ecdsa_free( &ctx ); + mbedtls_ecdsa_restart_free(&rs_ctx); + mbedtls_ecdsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void ecdsa_verify( int grp_id, char * x, char * y, char * r, char * s, data_t * content, int expected ) +void ecdsa_verify(int grp_id, char *x, char *y, char *r, char *s, data_t *content, int expected) { mbedtls_ecdsa_context ctx; mbedtls_mpi sig_r, sig_s; - mbedtls_ecdsa_init( &ctx ); - mbedtls_mpi_init( &sig_r ); - mbedtls_mpi_init( &sig_s ); + mbedtls_ecdsa_init(&ctx); + mbedtls_mpi_init(&sig_r); + mbedtls_mpi_init(&sig_s); /* Prepare ECP group context */ - TEST_EQUAL( mbedtls_ecp_group_load( &ctx.grp, grp_id ), 0 ); + TEST_EQUAL(mbedtls_ecp_group_load(&ctx.grp, grp_id), 0); /* Prepare public key */ - TEST_EQUAL( mbedtls_test_read_mpi( &ctx.Q.X, x ), 0 ); - TEST_EQUAL( mbedtls_test_read_mpi( &ctx.Q.Y, y ), 0 ); - TEST_EQUAL( mbedtls_mpi_lset( &ctx.Q.Z, 1 ), 0 ); + TEST_EQUAL(mbedtls_test_read_mpi(&ctx.Q.X, x), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&ctx.Q.Y, y), 0); + TEST_EQUAL(mbedtls_mpi_lset(&ctx.Q.Z, 1), 0); /* Prepare signature R & S */ - TEST_EQUAL( mbedtls_test_read_mpi( &sig_r, r ), 0 ); - TEST_EQUAL( mbedtls_test_read_mpi( &sig_s, s ), 0 ); + TEST_EQUAL(mbedtls_test_read_mpi(&sig_r, r), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&sig_s, s), 0); /* Test whether public key has expected validity */ - TEST_EQUAL( mbedtls_ecp_check_pubkey( &ctx.grp, &ctx.Q ), - expected == MBEDTLS_ERR_ECP_INVALID_KEY ? MBEDTLS_ERR_ECP_INVALID_KEY : 0 ); + TEST_EQUAL(mbedtls_ecp_check_pubkey(&ctx.grp, &ctx.Q), + expected == MBEDTLS_ERR_ECP_INVALID_KEY ? MBEDTLS_ERR_ECP_INVALID_KEY : 0); /* Verification */ - int result = mbedtls_ecdsa_verify( &ctx.grp, content->x, content->len, &ctx.Q, &sig_r, &sig_s ); + int result = mbedtls_ecdsa_verify(&ctx.grp, content->x, content->len, &ctx.Q, &sig_r, &sig_s); - TEST_EQUAL( result, expected ); + TEST_EQUAL(result, expected); exit: - mbedtls_ecdsa_free( &ctx ); - mbedtls_mpi_free( &sig_r ); - mbedtls_mpi_free( &sig_s ); + mbedtls_ecdsa_free(&ctx); + mbedtls_mpi_free(&sig_r); + mbedtls_mpi_free(&sig_s); } /* END_CASE */ diff --git a/tests/suites/test_suite_ecjpake.function b/tests/suites/test_suite_ecjpake.function index 2246f2d590ea..16f52b27636c 100644 --- a/tests/suites/test_suite_ecjpake.function +++ b/tests/suites/test_suite_ecjpake.function @@ -63,33 +63,33 @@ static const unsigned char ecjpake_test_X4[] = { }; /* Load my private and public keys, and peer's public keys */ -static int ecjpake_test_load( mbedtls_ecjpake_context *ctx, - const unsigned char *xm1, size_t len_xm1, - const unsigned char *xm2, size_t len_xm2, - const unsigned char *Xm1, size_t len_Xm1, - const unsigned char *Xm2, size_t len_Xm2, - const unsigned char *Xp1, size_t len_Xp1, - const unsigned char *Xp2, size_t len_Xp2 ) +static int ecjpake_test_load(mbedtls_ecjpake_context *ctx, + const unsigned char *xm1, size_t len_xm1, + const unsigned char *xm2, size_t len_xm2, + const unsigned char *Xm1, size_t len_Xm1, + const unsigned char *Xm2, size_t len_Xm2, + const unsigned char *Xp1, size_t len_Xp1, + const unsigned char *Xp2, size_t len_Xp2) { int ret; - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len_xm1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len_xm2 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->xm1, xm1, len_xm1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->xm2, xm2, len_xm2)); - MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ctx->grp, - &ctx->Xm1, Xm1, len_Xm1 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ctx->grp, - &ctx->Xm2, Xm2, len_Xm2 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ctx->grp, - &ctx->Xp1, Xp1, len_Xp1 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ctx->grp, - &ctx->Xp2, Xp2, len_Xp2 ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_point_read_binary(&ctx->grp, + &ctx->Xm1, Xm1, len_Xm1)); + MBEDTLS_MPI_CHK(mbedtls_ecp_point_read_binary(&ctx->grp, + &ctx->Xm2, Xm2, len_Xm2)); + MBEDTLS_MPI_CHK(mbedtls_ecp_point_read_binary(&ctx->grp, + &ctx->Xp1, Xp1, len_Xp1)); + MBEDTLS_MPI_CHK(mbedtls_ecp_point_read_binary(&ctx->grp, + &ctx->Xp2, Xp2, len_Xp2)); cleanup: - return( ret ); + return ret; } -#define ADD_SIZE( x ) x, sizeof( x ) +#define ADD_SIZE(x) x, sizeof(x) #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_SHA256_C */ /* END_HEADER */ @@ -99,101 +99,101 @@ cleanup: */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void ecjpake_invalid_param( ) +void ecjpake_invalid_param() { mbedtls_ecjpake_context ctx; unsigned char buf[42] = { 0 }; size_t olen; - size_t const len = sizeof( buf ); + size_t const len = sizeof(buf); mbedtls_ecjpake_role valid_role = MBEDTLS_ECJPAKE_SERVER; mbedtls_ecjpake_role invalid_role = (mbedtls_ecjpake_role) 42; mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256; mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP256R1; - mbedtls_ecjpake_init( &ctx ); - - TEST_INVALID_PARAM( mbedtls_ecjpake_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecjpake_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_setup( NULL, - valid_role, - valid_md, - valid_group, - buf, len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_setup( &ctx, - invalid_role, - valid_md, - valid_group, - buf, len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_setup( &ctx, - valid_role, - valid_md, - valid_group, - NULL, len ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_check( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_one( NULL, buf, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_one( &ctx, NULL, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_one( &ctx, buf, len, NULL, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_one( &ctx, buf, len, &olen, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_two( NULL, buf, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_two( &ctx, NULL, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_two( &ctx, buf, len, NULL, - mbedtls_test_rnd_std_rand, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_two( &ctx, buf, len, &olen, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_read_round_one( NULL, - buf, len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_read_round_one( &ctx, - NULL, len ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_read_round_two( NULL, - buf, len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_read_round_two( &ctx, - NULL, len ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_derive_secret( NULL, buf, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_derive_secret( &ctx, NULL, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_derive_secret( &ctx, buf, len, NULL, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_derive_secret( &ctx, buf, len, &olen, NULL, NULL ) ); + mbedtls_ecjpake_init(&ctx); + + TEST_INVALID_PARAM(mbedtls_ecjpake_init(NULL)); + TEST_VALID_PARAM(mbedtls_ecjpake_free(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_setup(NULL, + valid_role, + valid_md, + valid_group, + buf, len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_setup(&ctx, + invalid_role, + valid_md, + valid_group, + buf, len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_setup(&ctx, + valid_role, + valid_md, + valid_group, + NULL, len)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_check(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_one(NULL, buf, len, &olen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_one(&ctx, NULL, len, &olen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_one(&ctx, buf, len, NULL, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_one(&ctx, buf, len, &olen, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_two(NULL, buf, len, &olen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_two(&ctx, NULL, len, &olen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_two(&ctx, buf, len, NULL, + mbedtls_test_rnd_std_rand, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_two(&ctx, buf, len, &olen, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_read_round_one(NULL, + buf, len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_read_round_one(&ctx, + NULL, len)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_read_round_two(NULL, + buf, len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_read_round_two(&ctx, + NULL, len)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_derive_secret(NULL, buf, len, &olen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_derive_secret(&ctx, NULL, len, &olen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_derive_secret(&ctx, buf, len, NULL, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_derive_secret(&ctx, buf, len, &olen, NULL, NULL)); exit: return; @@ -201,98 +201,102 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void ecjpake_selftest( ) +void ecjpake_selftest() { - TEST_ASSERT( mbedtls_ecjpake_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ -void read_bad_md( data_t *msg ) +void read_bad_md(data_t *msg) { mbedtls_ecjpake_context corrupt_ctx; - const unsigned char * pw = NULL; + const unsigned char *pw = NULL; const size_t pw_len = 0; int any_role = MBEDTLS_ECJPAKE_CLIENT; - mbedtls_ecjpake_init( &corrupt_ctx ); - TEST_ASSERT( mbedtls_ecjpake_setup( &corrupt_ctx, any_role, - MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 ); + mbedtls_ecjpake_init(&corrupt_ctx); + TEST_ASSERT(mbedtls_ecjpake_setup(&corrupt_ctx, any_role, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, + pw_len) == 0); corrupt_ctx.md_info = NULL; - TEST_ASSERT( mbedtls_ecjpake_read_round_one( &corrupt_ctx, msg->x, - msg->len ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_ecjpake_read_round_one(&corrupt_ctx, msg->x, + msg->len) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); exit: - mbedtls_ecjpake_free( &corrupt_ctx ); + mbedtls_ecjpake_free(&corrupt_ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ -void read_round_one( int role, data_t * msg, int ref_ret ) +void read_round_one(int role, data_t *msg, int ref_ret) { mbedtls_ecjpake_context ctx; - const unsigned char * pw = NULL; + const unsigned char *pw = NULL; const size_t pw_len = 0; - mbedtls_ecjpake_init( &ctx ); + mbedtls_ecjpake_init(&ctx); - TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, role, - MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, role, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, + pw_len) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_one( &ctx, msg->x, msg->len ) == ref_ret ); + TEST_ASSERT(mbedtls_ecjpake_read_round_one(&ctx, msg->x, msg->len) == ref_ret); exit: - mbedtls_ecjpake_free( &ctx ); + mbedtls_ecjpake_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ -void read_round_two_cli( data_t * msg, int ref_ret ) +void read_round_two_cli(data_t *msg, int ref_ret) { mbedtls_ecjpake_context ctx; - const unsigned char * pw = NULL; + const unsigned char *pw = NULL; const size_t pw_len = 0; - mbedtls_ecjpake_init( &ctx ); + mbedtls_ecjpake_init(&ctx); - TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, MBEDTLS_ECJPAKE_CLIENT, - MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_CLIENT, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, + pw_len) == 0); - TEST_ASSERT( ecjpake_test_load( &ctx, - ADD_SIZE( ecjpake_test_x1 ), ADD_SIZE( ecjpake_test_x2 ), - ADD_SIZE( ecjpake_test_X1 ), ADD_SIZE( ecjpake_test_X2 ), - ADD_SIZE( ecjpake_test_X3 ), ADD_SIZE( ecjpake_test_X4 ) ) - == 0 ); + TEST_ASSERT(ecjpake_test_load(&ctx, + ADD_SIZE(ecjpake_test_x1), ADD_SIZE(ecjpake_test_x2), + ADD_SIZE(ecjpake_test_X1), ADD_SIZE(ecjpake_test_X2), + ADD_SIZE(ecjpake_test_X3), ADD_SIZE(ecjpake_test_X4)) + == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_two( &ctx, msg->x, msg->len ) == ref_ret ); + TEST_ASSERT(mbedtls_ecjpake_read_round_two(&ctx, msg->x, msg->len) == ref_ret); exit: - mbedtls_ecjpake_free( &ctx ); + mbedtls_ecjpake_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ -void read_round_two_srv( data_t * msg, int ref_ret ) +void read_round_two_srv(data_t *msg, int ref_ret) { mbedtls_ecjpake_context ctx; - const unsigned char * pw = NULL; + const unsigned char *pw = NULL; const size_t pw_len = 0; - mbedtls_ecjpake_init( &ctx ); + mbedtls_ecjpake_init(&ctx); - TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, MBEDTLS_ECJPAKE_SERVER, - MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_SERVER, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, + pw_len) == 0); - TEST_ASSERT( ecjpake_test_load( &ctx, - ADD_SIZE( ecjpake_test_x3 ), ADD_SIZE( ecjpake_test_x4 ), - ADD_SIZE( ecjpake_test_X3 ), ADD_SIZE( ecjpake_test_X4 ), - ADD_SIZE( ecjpake_test_X1 ), ADD_SIZE( ecjpake_test_X2 ) ) - == 0 ); + TEST_ASSERT(ecjpake_test_load(&ctx, + ADD_SIZE(ecjpake_test_x3), ADD_SIZE(ecjpake_test_x4), + ADD_SIZE(ecjpake_test_X3), ADD_SIZE(ecjpake_test_X4), + ADD_SIZE(ecjpake_test_X1), ADD_SIZE(ecjpake_test_X2)) + == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_two( &ctx, msg->x, msg->len ) == ref_ret ); + TEST_ASSERT(mbedtls_ecjpake_read_round_two(&ctx, msg->x, msg->len) == ref_ret); exit: - mbedtls_ecjpake_free( &ctx ); + mbedtls_ecjpake_free(&ctx); } /* END_CASE */ diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 0bce782efe8d..6110a78e9d6c 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -6,52 +6,67 @@ #include "ecp_invasive.h" #if defined(MBEDTLS_TEST_HOOKS) && \ - ( defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) ) + (defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)) #define HAVE_FIX_NEGATIVE #endif #define ECP_PF_UNKNOWN -1 -#define ECP_PT_RESET( x ) \ - mbedtls_ecp_point_free( x ); \ - mbedtls_ecp_point_init( x ); +#define ECP_PT_RESET(x) \ + mbedtls_ecp_point_free(x); \ + mbedtls_ecp_point_init(x); /* Auxiliary function to compare two mbedtls_ecp_group objects. */ -inline static int mbedtls_ecp_group_cmp( mbedtls_ecp_group *grp1, - mbedtls_ecp_group *grp2 ) +inline static int mbedtls_ecp_group_cmp(mbedtls_ecp_group *grp1, + mbedtls_ecp_group *grp2) { - if( mbedtls_mpi_cmp_mpi( &grp1->P, &grp2->P ) != 0 ) + if (mbedtls_mpi_cmp_mpi(&grp1->P, &grp2->P) != 0) { return 1; - if( mbedtls_mpi_cmp_mpi( &grp1->A, &grp2->A ) != 0 ) + } + if (mbedtls_mpi_cmp_mpi(&grp1->A, &grp2->A) != 0) { return 1; - if( mbedtls_mpi_cmp_mpi( &grp1->B, &grp2->B ) != 0 ) + } + if (mbedtls_mpi_cmp_mpi(&grp1->B, &grp2->B) != 0) { return 1; - if( mbedtls_mpi_cmp_mpi( &grp1->N, &grp2->N ) != 0 ) + } + if (mbedtls_mpi_cmp_mpi(&grp1->N, &grp2->N) != 0) { return 1; - if( mbedtls_ecp_point_cmp( &grp1->G, &grp2->G ) != 0 ) + } + if (mbedtls_ecp_point_cmp(&grp1->G, &grp2->G) != 0) { return 1; - if( grp1->id != grp2->id ) + } + if (grp1->id != grp2->id) { return 1; - if( grp1->pbits != grp2->pbits ) + } + if (grp1->pbits != grp2->pbits) { return 1; - if( grp1->nbits != grp2->nbits ) + } + if (grp1->nbits != grp2->nbits) { return 1; - if( grp1->h != grp2->h ) + } + if (grp1->h != grp2->h) { return 1; - if( grp1->modp != grp2->modp ) + } + if (grp1->modp != grp2->modp) { return 1; - if( grp1->t_pre != grp2->t_pre ) + } + if (grp1->t_pre != grp2->t_pre) { return 1; - if( grp1->t_post != grp2->t_post ) + } + if (grp1->t_post != grp2->t_post) { return 1; - if( grp1->t_data != grp2->t_data ) + } + if (grp1->t_data != grp2->t_data) { return 1; - if( grp1->T_size != grp2->T_size ) + } + if (grp1->T_size != grp2->T_size) { return 1; - if( grp1->T != grp2->T ) + } + if (grp1->T != grp2->T) { return 1; + } return 0; } @@ -64,14 +79,14 @@ inline static int mbedtls_ecp_group_cmp( mbedtls_ecp_group *grp1, */ /* BEGIN_CASE */ -void ecp_valid_param( ) +void ecp_valid_param() { - TEST_VALID_PARAM( mbedtls_ecp_group_free( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecp_keypair_free( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecp_point_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_ecp_group_free(NULL)); + TEST_VALID_PARAM(mbedtls_ecp_keypair_free(NULL)); + TEST_VALID_PARAM(mbedtls_ecp_point_free(NULL)); #if defined(MBEDTLS_ECP_RESTARTABLE) - TEST_VALID_PARAM( mbedtls_ecp_restart_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_ecp_restart_free(NULL)); #endif /* MBEDTLS_ECP_RESTARTABLE */ exit: @@ -80,7 +95,7 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void ecp_invalid_param( ) +void ecp_invalid_param() { mbedtls_ecp_group grp; mbedtls_ecp_keypair kp; @@ -97,316 +112,316 @@ void ecp_invalid_param( ) mbedtls_ecp_restart_ctx restart_ctx; #endif /* MBEDTLS_ECP_RESTARTABLE */ - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &P ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&P); - TEST_INVALID_PARAM( mbedtls_ecp_point_init( NULL ) ); - TEST_INVALID_PARAM( mbedtls_ecp_keypair_init( NULL ) ); - TEST_INVALID_PARAM( mbedtls_ecp_group_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_ecp_point_init(NULL)); + TEST_INVALID_PARAM(mbedtls_ecp_keypair_init(NULL)); + TEST_INVALID_PARAM(mbedtls_ecp_group_init(NULL)); #if defined(MBEDTLS_ECP_RESTARTABLE) - TEST_INVALID_PARAM( mbedtls_ecp_restart_init( NULL ) ); - TEST_INVALID_PARAM( mbedtls_ecp_check_budget( NULL, &restart_ctx, 42 ) ); + TEST_INVALID_PARAM(mbedtls_ecp_restart_init(NULL)); + TEST_INVALID_PARAM(mbedtls_ecp_check_budget(NULL, &restart_ctx, 42)); #endif /* MBEDTLS_ECP_RESTARTABLE */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_copy( NULL, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_copy( &P, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_group_copy( NULL, &grp ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_group_copy( &grp, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_privkey( NULL, - &m, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_privkey( &grp, - NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_privkey( &grp, - &m, - NULL, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_set_zero( NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_is_zero( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_cmp( NULL, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_cmp( &P, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_string( NULL, 2, - x, x ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_string( &P, 2, - NULL, x ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_string( &P, 2, - x, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( NULL, &P, - valid_fmt, - &olen, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( &grp, NULL, - valid_fmt, - &olen, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( &grp, &P, - invalid_fmt, - &olen, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( &grp, &P, - valid_fmt, - NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( &grp, &P, - valid_fmt, - &olen, - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_binary( NULL, &P, buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_binary( &grp, NULL, buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_binary( &grp, &P, NULL, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_point( NULL, &P, - (const unsigned char **) &buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_point( &grp, NULL, - (const unsigned char **) &buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_point( &grp, &P, &null_buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_point( &grp, &P, NULL, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( NULL, &P, - valid_fmt, - &olen, - buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( &grp, NULL, - valid_fmt, - &olen, - buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( &grp, &P, - invalid_fmt, - &olen, - buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( &grp, &P, - valid_fmt, - NULL, - buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( &grp, &P, - valid_fmt, - &olen, - NULL, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_group_load( NULL, valid_group ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group( NULL, - (const unsigned char **) &buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group( &grp, NULL, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group( &grp, &null_buf, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group_id( NULL, - (const unsigned char **) &buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group_id( &valid_group, NULL, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group_id( &valid_group, - &null_buf, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_group( NULL, &olen, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_group( &grp, NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_group( &grp, &olen, - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul( NULL, &P, &m, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul( &grp, NULL, &m, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul( &grp, &P, NULL, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul( &grp, &P, &m, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul_restartable( NULL, &P, &m, &P, - mbedtls_test_rnd_std_rand, - NULL , NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul_restartable( &grp, NULL, &m, &P, - mbedtls_test_rnd_std_rand, - NULL , NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul_restartable( &grp, &P, NULL, &P, - mbedtls_test_rnd_std_rand, - NULL , NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul_restartable( &grp, &P, &m, NULL, - mbedtls_test_rnd_std_rand, - NULL , NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( NULL, &P, &m, &P, - &m, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, NULL, &m, &P, - &m, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, &P, NULL, &P, - &m, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, &P, &m, NULL, - &m, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, &P, &m, &P, - NULL, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, &P, &m, &P, - &m, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( NULL, &P, &m, &P, - &m, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, NULL, &m, &P, - &m, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, &P, NULL, &P, - &m, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, &P, &m, NULL, - &m, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, &P, &m, &P, - NULL, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, &P, &m, &P, - &m, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_pubkey( NULL, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_pubkey( &grp, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_pub_priv( NULL, &kp ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_pub_priv( &kp, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_privkey( NULL, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_privkey( &grp, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( NULL, &P, &m, &P, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( &grp, NULL, &m, &P, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( &grp, &P, NULL, &P, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( &grp, &P, &m, NULL, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( &grp, &P, &m, &P, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair( NULL, - &m, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair( &grp, - NULL, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair( &grp, - &m, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair( &grp, - &m, &P, - NULL, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_key( valid_group, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_key( valid_group, &kp, - NULL, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_copy(NULL, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_copy(&P, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_group_copy(NULL, &grp)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_group_copy(&grp, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_privkey(NULL, + &m, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_privkey(&grp, + NULL, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_privkey(&grp, + &m, + NULL, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_set_zero(NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_is_zero(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_cmp(NULL, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_cmp(&P, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_read_string(NULL, 2, + x, x)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_read_string(&P, 2, + NULL, x)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_read_string(&P, 2, + x, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_write_binary(NULL, &P, + valid_fmt, + &olen, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_write_binary(&grp, NULL, + valid_fmt, + &olen, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_write_binary(&grp, &P, + invalid_fmt, + &olen, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_write_binary(&grp, &P, + valid_fmt, + NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_write_binary(&grp, &P, + valid_fmt, + &olen, + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_read_binary(NULL, &P, buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_read_binary(&grp, NULL, buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_read_binary(&grp, &P, NULL, + sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_point(NULL, &P, + (const unsigned char **) &buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_point(&grp, NULL, + (const unsigned char **) &buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_point(&grp, &P, &null_buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_point(&grp, &P, NULL, + sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_point(NULL, &P, + valid_fmt, + &olen, + buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_point(&grp, NULL, + valid_fmt, + &olen, + buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_point(&grp, &P, + invalid_fmt, + &olen, + buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_point(&grp, &P, + valid_fmt, + NULL, + buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_point(&grp, &P, + valid_fmt, + &olen, + NULL, + sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_group_load(NULL, valid_group)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_group(NULL, + (const unsigned char **) &buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_group(&grp, NULL, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_group(&grp, &null_buf, + sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_group_id(NULL, + (const unsigned char **) &buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_group_id(&valid_group, NULL, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_group_id(&valid_group, + &null_buf, + sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_group(NULL, &olen, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_group(&grp, NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_group(&grp, &olen, + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul(NULL, &P, &m, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul(&grp, NULL, &m, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul(&grp, &P, NULL, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul(&grp, &P, &m, NULL, + mbedtls_test_rnd_std_rand, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul_restartable(NULL, &P, &m, &P, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul_restartable(&grp, NULL, &m, &P, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul_restartable(&grp, &P, NULL, &P, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul_restartable(&grp, &P, &m, NULL, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd(NULL, &P, &m, &P, + &m, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd(&grp, NULL, &m, &P, + &m, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd(&grp, &P, NULL, &P, + &m, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd(&grp, &P, &m, NULL, + &m, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd(&grp, &P, &m, &P, + NULL, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd(&grp, &P, &m, &P, + &m, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd_restartable(NULL, &P, &m, &P, + &m, &P, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd_restartable(&grp, NULL, &m, &P, + &m, &P, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd_restartable(&grp, &P, NULL, &P, + &m, &P, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd_restartable(&grp, &P, &m, NULL, + &m, &P, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd_restartable(&grp, &P, &m, &P, + NULL, &P, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd_restartable(&grp, &P, &m, &P, + &m, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_check_pubkey(NULL, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_check_pubkey(&grp, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_check_pub_priv(NULL, &kp)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_check_pub_priv(&kp, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_check_privkey(NULL, &m)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_check_privkey(&grp, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair_base(NULL, &P, &m, &P, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair_base(&grp, NULL, &m, &P, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair_base(&grp, &P, NULL, &P, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair_base(&grp, &P, &m, NULL, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair_base(&grp, &P, &m, &P, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair(NULL, + &m, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair(&grp, + NULL, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair(&grp, + &m, NULL, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair(&grp, + &m, &P, + NULL, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_key(valid_group, NULL, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_key(valid_group, &kp, + NULL, NULL)); exit: return; @@ -414,55 +429,55 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_curve_info( int id, int tls_id, int size, char * name ) +void mbedtls_ecp_curve_info(int id, int tls_id, int size, char *name) { const mbedtls_ecp_curve_info *by_id, *by_tls, *by_name; - by_id = mbedtls_ecp_curve_info_from_grp_id( id ); - by_tls = mbedtls_ecp_curve_info_from_tls_id( tls_id ); - by_name = mbedtls_ecp_curve_info_from_name( name ); - TEST_ASSERT( by_id != NULL ); - TEST_ASSERT( by_tls != NULL ); - TEST_ASSERT( by_name != NULL ); + by_id = mbedtls_ecp_curve_info_from_grp_id(id); + by_tls = mbedtls_ecp_curve_info_from_tls_id(tls_id); + by_name = mbedtls_ecp_curve_info_from_name(name); + TEST_ASSERT(by_id != NULL); + TEST_ASSERT(by_tls != NULL); + TEST_ASSERT(by_name != NULL); - TEST_ASSERT( by_id == by_tls ); - TEST_ASSERT( by_id == by_name ); + TEST_ASSERT(by_id == by_tls); + TEST_ASSERT(by_id == by_name); - TEST_ASSERT( by_id->bit_size == size ); - TEST_ASSERT( size <= MBEDTLS_ECP_MAX_BITS ); - TEST_ASSERT( size <= MBEDTLS_ECP_MAX_BYTES * 8 ); + TEST_ASSERT(by_id->bit_size == size); + TEST_ASSERT(size <= MBEDTLS_ECP_MAX_BITS); + TEST_ASSERT(size <= MBEDTLS_ECP_MAX_BYTES * 8); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_check_pub( int grp_id, char * x_hex, char * y_hex, char * z_hex, - int ret ) +void ecp_check_pub(int grp_id, char *x_hex, char *y_hex, char *z_hex, + int ret) { mbedtls_ecp_group grp; mbedtls_ecp_point P; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &P ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&P); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, grp_id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, grp_id) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &P.X, x_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &P.Y, y_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &P.Z, z_hex ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P.X, x_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&P.Y, y_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&P.Z, z_hex) == 0); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &P ) == ret ); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &P) == ret); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &P ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&P); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ -void ecp_test_vect_restart( int id, - char *dA_str, char *xA_str, char *yA_str, - char *dB_str, char *xZ_str, char *yZ_str, - int max_ops, int min_restarts, int max_restarts ) +void ecp_test_vect_restart(int id, + char *dA_str, char *xA_str, char *yA_str, + char *dB_str, char *xZ_str, char *yZ_str, + int max_ops, int min_restarts, int max_restarts) { /* * Test for early restart. Based on test vectors like ecp_test_vect(), @@ -489,75 +504,74 @@ void ecp_test_vect_restart( int id, int cnt_restarts; int ret; - mbedtls_ecp_restart_init( &ctx ); - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &R ); mbedtls_ecp_point_init( &P ); - mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA ); - mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ ); + mbedtls_ecp_restart_init(&ctx); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&R); mbedtls_ecp_point_init(&P); + mbedtls_mpi_init(&dA); mbedtls_mpi_init(&xA); mbedtls_mpi_init(&yA); + mbedtls_mpi_init(&dB); mbedtls_mpi_init(&xZ); mbedtls_mpi_init(&yZ); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &dA, dA_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xA, xA_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &yA, yA_str ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&dA, dA_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xA, xA_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&yA, yA_str) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &dB, dB_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xZ, xZ_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &yZ, yZ_str ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&dB, dB_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xZ, xZ_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&yZ, yZ_str) == 0); - mbedtls_ecp_set_max_ops( (unsigned) max_ops ); + mbedtls_ecp_set_max_ops((unsigned) max_ops); /* Base point case */ cnt_restarts = 0; do { - ECP_PT_RESET( &R ); - ret = mbedtls_ecp_mul_restartable( &grp, &R, &dA, &grp.G, NULL, NULL, &ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts ); + ECP_PT_RESET(&R); + ret = mbedtls_ecp_mul_restartable(&grp, &R, &dA, &grp.G, NULL, NULL, &ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xA) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yA) == 0); - TEST_ASSERT( cnt_restarts >= min_restarts ); - TEST_ASSERT( cnt_restarts <= max_restarts ); + TEST_ASSERT(cnt_restarts >= min_restarts); + TEST_ASSERT(cnt_restarts <= max_restarts); /* Non-base point case */ - mbedtls_ecp_copy( &P, &R ); + mbedtls_ecp_copy(&P, &R); cnt_restarts = 0; do { - ECP_PT_RESET( &R ); - ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts ); + ECP_PT_RESET(&R); + ret = mbedtls_ecp_mul_restartable(&grp, &R, &dB, &P, NULL, NULL, &ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xZ) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yZ) == 0); - TEST_ASSERT( cnt_restarts >= min_restarts ); - TEST_ASSERT( cnt_restarts <= max_restarts ); + TEST_ASSERT(cnt_restarts >= min_restarts); + TEST_ASSERT(cnt_restarts <= max_restarts); /* Do we leak memory when aborting an operation? * This test only makes sense when we actually restart */ - if( min_restarts > 0 ) - { - ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + if (min_restarts > 0) { + ret = mbedtls_ecp_mul_restartable(&grp, &R, &dB, &P, NULL, NULL, &ctx); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); } exit: - mbedtls_ecp_restart_free( &ctx ); - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &R ); mbedtls_ecp_point_free( &P ); - mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); mbedtls_mpi_free( &yA ); - mbedtls_mpi_free( &dB ); mbedtls_mpi_free( &xZ ); mbedtls_mpi_free( &yZ ); + mbedtls_ecp_restart_free(&ctx); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&R); mbedtls_ecp_point_free(&P); + mbedtls_mpi_free(&dA); mbedtls_mpi_free(&xA); mbedtls_mpi_free(&yA); + mbedtls_mpi_free(&dB); mbedtls_mpi_free(&xZ); mbedtls_mpi_free(&yZ); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ -void ecp_muladd_restart( int id, char *xR_str, char *yR_str, - char *u1_str, char *u2_str, - char *xQ_str, char *yQ_str, - int max_ops, int min_restarts, int max_restarts ) +void ecp_muladd_restart(int id, char *xR_str, char *yR_str, + char *u1_str, char *u2_str, + char *xQ_str, char *yQ_str, + int max_ops, int min_restarts, int max_restarts) { /* * Compute R = u1 * G + u2 * Q @@ -572,246 +586,244 @@ void ecp_muladd_restart( int id, char *xR_str, char *yR_str, int cnt_restarts; int ret; - mbedtls_ecp_restart_init( &ctx ); - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &R ); - mbedtls_ecp_point_init( &Q ); - mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 ); - mbedtls_mpi_init( &xR ); mbedtls_mpi_init( &yR ); + mbedtls_ecp_restart_init(&ctx); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&R); + mbedtls_ecp_point_init(&Q); + mbedtls_mpi_init(&u1); mbedtls_mpi_init(&u2); + mbedtls_mpi_init(&xR); mbedtls_mpi_init(&yR); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &u1, u1_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &u2, u2_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xR, xR_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &yR, yR_str ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&u1, u1_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&u2, u2_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xR, xR_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&yR, yR_str) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &Q.X, xQ_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q.Y, yQ_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lset( &Q.Z, 1 ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&Q.X, xQ_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q.Y, yQ_str) == 0); + TEST_ASSERT(mbedtls_mpi_lset(&Q.Z, 1) == 0); - mbedtls_ecp_set_max_ops( (unsigned) max_ops ); + mbedtls_ecp_set_max_ops((unsigned) max_ops); cnt_restarts = 0; do { - ECP_PT_RESET( &R ); - ret = mbedtls_ecp_muladd_restartable( &grp, &R, - &u1, &grp.G, &u2, &Q, &ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts ); + ECP_PT_RESET(&R); + ret = mbedtls_ecp_muladd_restartable(&grp, &R, + &u1, &grp.G, &u2, &Q, &ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xR ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yR ) == 0 ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xR) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yR) == 0); - TEST_ASSERT( cnt_restarts >= min_restarts ); - TEST_ASSERT( cnt_restarts <= max_restarts ); + TEST_ASSERT(cnt_restarts >= min_restarts); + TEST_ASSERT(cnt_restarts <= max_restarts); /* Do we leak memory when aborting an operation? * This test only makes sense when we actually restart */ - if( min_restarts > 0 ) - { - ret = mbedtls_ecp_muladd_restartable( &grp, &R, - &u1, &grp.G, &u2, &Q, &ctx ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + if (min_restarts > 0) { + ret = mbedtls_ecp_muladd_restartable(&grp, &R, + &u1, &grp.G, &u2, &Q, &ctx); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); } exit: - mbedtls_ecp_restart_free( &ctx ); - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &R ); - mbedtls_ecp_point_free( &Q ); - mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 ); - mbedtls_mpi_free( &xR ); mbedtls_mpi_free( &yR ); + mbedtls_ecp_restart_free(&ctx); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&R); + mbedtls_ecp_point_free(&Q); + mbedtls_mpi_free(&u1); mbedtls_mpi_free(&u2); + mbedtls_mpi_free(&xR); mbedtls_mpi_free(&yR); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_test_vect( int id, char * dA_str, char * xA_str, char * yA_str, - char * dB_str, char * xB_str, char * yB_str, - char * xZ_str, char * yZ_str ) +void ecp_test_vect(int id, char *dA_str, char *xA_str, char *yA_str, + char *dB_str, char *xB_str, char *yB_str, + char *xZ_str, char *yZ_str) { mbedtls_ecp_group grp; mbedtls_ecp_point R; mbedtls_mpi dA, xA, yA, dB, xB, yB, xZ, yZ; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R ); - mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA ); mbedtls_mpi_init( &dB ); - mbedtls_mpi_init( &xB ); mbedtls_mpi_init( &yB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 ); - - TEST_ASSERT( mbedtls_test_read_mpi( &dA, dA_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xA, xA_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &yA, yA_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &dB, dB_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xB, xB_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &yB, yB_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xZ, xZ_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &yZ, yZ_str ) == 0 ); - - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G, - &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yB ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R, - &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); + mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&R); + mbedtls_mpi_init(&dA); mbedtls_mpi_init(&xA); mbedtls_mpi_init(&yA); mbedtls_mpi_init(&dB); + mbedtls_mpi_init(&xB); mbedtls_mpi_init(&yB); mbedtls_mpi_init(&xZ); mbedtls_mpi_init(&yZ); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &grp.G) == 0); + + TEST_ASSERT(mbedtls_test_read_mpi(&dA, dA_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xA, xA_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&yA, yA_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&dB, dB_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xB, xB_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&yB, yB_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xZ, xZ_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&yZ, yZ_str) == 0); + + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dA, &grp.G, + &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xA) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yA) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dB, &R, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xZ) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yZ) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dB, &grp.G, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xB) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yB) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dA, &R, + &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xZ) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yZ) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R ); - mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); mbedtls_mpi_free( &yA ); mbedtls_mpi_free( &dB ); - mbedtls_mpi_free( &xB ); mbedtls_mpi_free( &yB ); mbedtls_mpi_free( &xZ ); mbedtls_mpi_free( &yZ ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&R); + mbedtls_mpi_free(&dA); mbedtls_mpi_free(&xA); mbedtls_mpi_free(&yA); mbedtls_mpi_free(&dB); + mbedtls_mpi_free(&xB); mbedtls_mpi_free(&yB); mbedtls_mpi_free(&xZ); mbedtls_mpi_free(&yZ); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_test_vec_x( int id, char * dA_hex, char * xA_hex, char * dB_hex, - char * xB_hex, char * xS_hex ) +void ecp_test_vec_x(int id, char *dA_hex, char *xA_hex, char *dB_hex, + char *xB_hex, char *xS_hex) { mbedtls_ecp_group grp; mbedtls_ecp_point R; mbedtls_mpi dA, xA, dB, xB, xS; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R ); - mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); - mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xB ); - mbedtls_mpi_init( &xS ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&R); + mbedtls_mpi_init(&dA); mbedtls_mpi_init(&xA); + mbedtls_mpi_init(&dB); mbedtls_mpi_init(&xB); + mbedtls_mpi_init(&xS); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 ); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &grp.G) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &dA, dA_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &dB, dB_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xA, xA_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xB, xB_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xS, xS_hex ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&dA, dA_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&dB, dB_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xA, xA_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xB, xB_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xS, xS_hex) == 0); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G, - &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 ); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dA, &grp.G, + &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xA) == 0); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R, - &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 ); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dB, &R, + &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xS) == 0); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 ); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dB, &grp.G, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xB) == 0); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 ); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dA, &R, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xS) == 0); exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R ); - mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); - mbedtls_mpi_free( &dB ); mbedtls_mpi_free( &xB ); - mbedtls_mpi_free( &xS ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&R); + mbedtls_mpi_free(&dA); mbedtls_mpi_free(&xA); + mbedtls_mpi_free(&dB); mbedtls_mpi_free(&xB); + mbedtls_mpi_free(&xS); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_test_mul( int id, data_t * n_hex, - data_t * Px_hex, data_t * Py_hex, data_t * Pz_hex, - data_t * nPx_hex, data_t * nPy_hex, data_t * nPz_hex, - int expected_ret ) +void ecp_test_mul(int id, data_t *n_hex, + data_t *Px_hex, data_t *Py_hex, data_t *Pz_hex, + data_t *nPx_hex, data_t *nPy_hex, data_t *nPz_hex, + int expected_ret) { mbedtls_ecp_group grp; mbedtls_ecp_point P, nP, R; mbedtls_mpi n; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R ); - mbedtls_ecp_point_init( &P ); mbedtls_ecp_point_init( &nP ); - mbedtls_mpi_init( &n ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&R); + mbedtls_ecp_point_init(&P); mbedtls_ecp_point_init(&nP); + mbedtls_mpi_init(&n); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 ); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &grp.G) == 0); - TEST_ASSERT( mbedtls_mpi_read_binary( &n, n_hex->x, n_hex->len ) == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&n, n_hex->x, n_hex->len) == 0); - TEST_ASSERT( mbedtls_mpi_read_binary( &P.X, Px_hex->x, Px_hex->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &P.Y, Py_hex->x, Py_hex->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &P.Z, Pz_hex->x, Pz_hex->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &nP.X, nPx_hex->x, nPx_hex->len ) - == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &nP.Y, nPy_hex->x, nPy_hex->len ) - == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &nP.Z, nPz_hex->x, nPz_hex->len ) - == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&P.X, Px_hex->x, Px_hex->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&P.Y, Py_hex->x, Py_hex->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&P.Z, Pz_hex->x, Pz_hex->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&nP.X, nPx_hex->x, nPx_hex->len) + == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&nP.Y, nPy_hex->x, nPy_hex->len) + == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&nP.Z, nPz_hex->x, nPz_hex->len) + == 0); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &n, &P, - &mbedtls_test_rnd_pseudo_rand, &rnd_info ) - == expected_ret ); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &n, &P, + &mbedtls_test_rnd_pseudo_rand, &rnd_info) + == expected_ret); - if( expected_ret == 0 ) - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.X, &R.X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.Y, &R.Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.Z, &R.Z ) == 0 ); + if (expected_ret == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&nP.X, &R.X) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&nP.Y, &R.Y) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&nP.Z, &R.Z) == 0); } exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R ); - mbedtls_ecp_point_free( &P ); mbedtls_ecp_point_free( &nP ); - mbedtls_mpi_free( &n ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&R); + mbedtls_ecp_point_free(&P); mbedtls_ecp_point_free(&nP); + mbedtls_mpi_free(&n); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_test_mul_rng( int id, data_t * d_hex) +void ecp_test_mul_rng(int id, data_t *d_hex) { mbedtls_ecp_group grp; mbedtls_mpi d; mbedtls_ecp_point Q; - mbedtls_ecp_group_init( &grp ); mbedtls_mpi_init( &d ); - mbedtls_ecp_point_init( &Q ); + mbedtls_ecp_group_init(&grp); mbedtls_mpi_init(&d); + mbedtls_ecp_point_init(&Q); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 ); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &grp.G) == 0); - TEST_ASSERT( mbedtls_mpi_read_binary( &d, d_hex->x, d_hex->len ) == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&d, d_hex->x, d_hex->len) == 0); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &Q, &d, &grp.G, - &mbedtls_test_rnd_zero_rand, NULL ) - == MBEDTLS_ERR_ECP_RANDOM_FAILED ); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &Q, &d, &grp.G, + &mbedtls_test_rnd_zero_rand, NULL) + == MBEDTLS_ERR_ECP_RANDOM_FAILED); exit: - mbedtls_ecp_group_free( &grp ); mbedtls_mpi_free( &d ); - mbedtls_ecp_point_free( &Q ); + mbedtls_ecp_group_free(&grp); mbedtls_mpi_free(&d); + mbedtls_ecp_point_free(&Q); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ -void ecp_muladd( int id, - data_t *u1_bin, data_t *P1_bin, - data_t *u2_bin, data_t *P2_bin, - data_t *expected_result ) +void ecp_muladd(int id, + data_t *u1_bin, data_t *P1_bin, + data_t *u2_bin, data_t *P2_bin, + data_t *expected_result) { /* Compute R = u1 * P1 + u2 * P2 */ mbedtls_ecp_group grp; @@ -820,152 +832,147 @@ void ecp_muladd( int id, uint8_t actual_result[MBEDTLS_ECP_MAX_PT_LEN]; size_t len; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &P1 ); - mbedtls_ecp_point_init( &P2 ); - mbedtls_ecp_point_init( &R ); - mbedtls_mpi_init( &u1 ); - mbedtls_mpi_init( &u2 ); - - TEST_EQUAL( 0, mbedtls_ecp_group_load( &grp, id ) ); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &u1, u1_bin->x, u1_bin->len ) ); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &u2, u2_bin->x, u2_bin->len ) ); - TEST_EQUAL( 0, mbedtls_ecp_point_read_binary( &grp, &P1, - P1_bin->x, P1_bin->len ) ); - TEST_EQUAL( 0, mbedtls_ecp_point_read_binary( &grp, &P2, - P2_bin->x, P2_bin->len ) ); - - TEST_EQUAL( 0, mbedtls_ecp_muladd( &grp, &R, &u1, &P1, &u2, &P2 ) ); - TEST_EQUAL( 0, mbedtls_ecp_point_write_binary( - &grp, &R, MBEDTLS_ECP_PF_UNCOMPRESSED, - &len, actual_result, sizeof( actual_result ) ) ); - TEST_ASSERT( len <= MBEDTLS_ECP_MAX_PT_LEN ); - - ASSERT_COMPARE( expected_result->x, expected_result->len, - actual_result, len ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&P1); + mbedtls_ecp_point_init(&P2); + mbedtls_ecp_point_init(&R); + mbedtls_mpi_init(&u1); + mbedtls_mpi_init(&u2); + + TEST_EQUAL(0, mbedtls_ecp_group_load(&grp, id)); + TEST_EQUAL(0, mbedtls_mpi_read_binary(&u1, u1_bin->x, u1_bin->len)); + TEST_EQUAL(0, mbedtls_mpi_read_binary(&u2, u2_bin->x, u2_bin->len)); + TEST_EQUAL(0, mbedtls_ecp_point_read_binary(&grp, &P1, + P1_bin->x, P1_bin->len)); + TEST_EQUAL(0, mbedtls_ecp_point_read_binary(&grp, &P2, + P2_bin->x, P2_bin->len)); + + TEST_EQUAL(0, mbedtls_ecp_muladd(&grp, &R, &u1, &P1, &u2, &P2)); + TEST_EQUAL(0, mbedtls_ecp_point_write_binary( + &grp, &R, MBEDTLS_ECP_PF_UNCOMPRESSED, + &len, actual_result, sizeof(actual_result))); + TEST_ASSERT(len <= MBEDTLS_ECP_MAX_PT_LEN); + + ASSERT_COMPARE(expected_result->x, expected_result->len, + actual_result, len); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &P1 ); - mbedtls_ecp_point_free( &P2 ); - mbedtls_ecp_point_free( &R ); - mbedtls_mpi_free( &u1 ); - mbedtls_mpi_free( &u2 ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&P1); + mbedtls_ecp_point_free(&P2); + mbedtls_ecp_point_free(&R); + mbedtls_mpi_free(&u1); + mbedtls_mpi_free(&u2); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_fast_mod( int id, char * N_str ) +void ecp_fast_mod(int id, char *N_str) { mbedtls_ecp_group grp; mbedtls_mpi N, R; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &R ); - mbedtls_ecp_group_init( &grp ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&R); + mbedtls_ecp_group_init(&grp); - TEST_ASSERT( mbedtls_test_read_mpi( &N, N_str ) == 0 ); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( grp.modp != NULL ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, N_str) == 0); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(grp.modp != NULL); /* * Store correct result before we touch N */ - TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &N, &grp.P ) == 0 ); + TEST_ASSERT(mbedtls_mpi_mod_mpi(&R, &N, &grp.P) == 0); - TEST_ASSERT( grp.modp( &N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_bitlen( &N ) <= grp.pbits + 3 ); + TEST_ASSERT(grp.modp(&N) == 0); + TEST_ASSERT(mbedtls_mpi_bitlen(&N) <= grp.pbits + 3); /* * Use mod rather than addition/subtraction in case previous test fails */ - TEST_ASSERT( mbedtls_mpi_mod_mpi( &N, &N, &grp.P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &R ) == 0 ); + TEST_ASSERT(mbedtls_mpi_mod_mpi(&N, &N, &grp.P) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&N, &R) == 0); exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &R ); - mbedtls_ecp_group_free( &grp ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&R); + mbedtls_ecp_group_free(&grp); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_write_binary( int id, char * x, char * y, char * z, int format, - data_t * out, int blen, int ret ) +void ecp_write_binary(int id, char *x, char *y, char *z, int format, + data_t *out, int blen, int ret) { mbedtls_ecp_group grp; mbedtls_ecp_point P; unsigned char buf[256]; size_t olen; - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P ); + mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&P); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &P.X, x ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &P.Y, y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &P.Z, z ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P.X, x) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&P.Y, y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&P.Z, z) == 0); - TEST_ASSERT( mbedtls_ecp_point_write_binary( &grp, &P, format, - &olen, buf, blen ) == ret ); + TEST_ASSERT(mbedtls_ecp_point_write_binary(&grp, &P, format, + &olen, buf, blen) == ret); - if( ret == 0 ) - { - TEST_ASSERT( olen <= MBEDTLS_ECP_MAX_PT_LEN ); - TEST_ASSERT( mbedtls_test_hexcmp( buf, out->x, olen, out->len ) == 0 ); + if (ret == 0) { + TEST_ASSERT(olen <= MBEDTLS_ECP_MAX_PT_LEN); + TEST_ASSERT(mbedtls_test_hexcmp(buf, out->x, olen, out->len) == 0); } exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&P); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_read_binary( int id, data_t * buf, char * x, char * y, char * z, - int ret ) +void ecp_read_binary(int id, data_t *buf, char *x, char *y, char *z, + int ret) { mbedtls_ecp_group grp; mbedtls_ecp_point P; mbedtls_mpi X, Y, Z; - mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P ); - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); + mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&P); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &X, x ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Z, z ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, x) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Z, z) == 0); - TEST_ASSERT( mbedtls_ecp_point_read_binary( &grp, &P, buf->x, buf->len ) == ret ); + TEST_ASSERT(mbedtls_ecp_point_read_binary(&grp, &P, buf->x, buf->len) == ret); - if( ret == 0 ) - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.X, &X ) == 0 ); - if( mbedtls_ecp_get_type( &grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { - TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, 0 ) == 0 ); - TEST_ASSERT( P.Y.p == NULL ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &Z, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &P.Z, 1 ) == 0 ); - } - else - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Y, &Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Z, &Z ) == 0 ); + if (ret == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.X, &X) == 0); + if (mbedtls_ecp_get_type(&grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + TEST_ASSERT(mbedtls_mpi_cmp_int(&Y, 0) == 0); + TEST_ASSERT(P.Y.p == NULL); + TEST_ASSERT(mbedtls_mpi_cmp_int(&Z, 1) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_int(&P.Z, 1) == 0); + } else { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.Y, &Y) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.Z, &Z) == 0); } } exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P ); - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&P); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_tls_read_point( int id, data_t * buf, char * x, char * y, - char * z, int ret ) +void mbedtls_ecp_tls_read_point(int id, data_t *buf, char *x, char *y, + char *z, int ret) { mbedtls_ecp_group grp; mbedtls_ecp_point P; @@ -973,33 +980,32 @@ void mbedtls_ecp_tls_read_point( int id, data_t * buf, char * x, char * y, const unsigned char *vbuf = buf->x; - mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P ); - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); + mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&P); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &X, x ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Z, z ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, x) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Z, z) == 0); - TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &P, &vbuf, buf->len ) == ret ); + TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &P, &vbuf, buf->len) == ret); - if( ret == 0 ) - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.X, &X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Y, &Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Z, &Z ) == 0 ); - TEST_ASSERT( (uint32_t)( vbuf - buf->x ) == buf->len ); + if (ret == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.X, &X) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.Y, &Y) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.Z, &Z) == 0); + TEST_ASSERT((uint32_t) (vbuf - buf->x) == buf->len); } exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P ); - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&P); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_tls_write_read_point( int id ) +void ecp_tls_write_read_point(int id) { mbedtls_ecp_group grp; mbedtls_ecp_point pt; @@ -1007,75 +1013,74 @@ void ecp_tls_write_read_point( int id ) const unsigned char *vbuf; size_t olen; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &pt ); - - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &grp.G, - MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256 ) == 0 ); - TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) - == MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); - TEST_ASSERT( vbuf == buf + olen ); - - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &grp.G, - MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256 ) == 0 ); - TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.X, &pt.X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.Y, &pt.Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.Z, &pt.Z ) == 0 ); - TEST_ASSERT( vbuf == buf + olen ); - - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecp_set_zero( &pt ) == 0 ); - TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &pt, - MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256 ) == 0 ); - TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 ); - TEST_ASSERT( mbedtls_ecp_is_zero( &pt ) ); - TEST_ASSERT( vbuf == buf + olen ); - - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecp_set_zero( &pt ) == 0 ); - TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &pt, - MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256 ) == 0 ); - TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 ); - TEST_ASSERT( mbedtls_ecp_is_zero( &pt ) ); - TEST_ASSERT( vbuf == buf + olen ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&pt); + + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + + memset(buf, 0x00, sizeof(buf)); vbuf = buf; + TEST_ASSERT(mbedtls_ecp_tls_write_point(&grp, &grp.G, + MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256) == 0); + TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &pt, &vbuf, olen) + == MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE); + TEST_ASSERT(vbuf == buf + olen); + + memset(buf, 0x00, sizeof(buf)); vbuf = buf; + TEST_ASSERT(mbedtls_ecp_tls_write_point(&grp, &grp.G, + MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256) == 0); + TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &pt, &vbuf, olen) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp.G.X, &pt.X) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp.G.Y, &pt.Y) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp.G.Z, &pt.Z) == 0); + TEST_ASSERT(vbuf == buf + olen); + + memset(buf, 0x00, sizeof(buf)); vbuf = buf; + TEST_ASSERT(mbedtls_ecp_set_zero(&pt) == 0); + TEST_ASSERT(mbedtls_ecp_tls_write_point(&grp, &pt, + MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256) == 0); + TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &pt, &vbuf, olen) == 0); + TEST_ASSERT(mbedtls_ecp_is_zero(&pt)); + TEST_ASSERT(vbuf == buf + olen); + + memset(buf, 0x00, sizeof(buf)); vbuf = buf; + TEST_ASSERT(mbedtls_ecp_set_zero(&pt) == 0); + TEST_ASSERT(mbedtls_ecp_tls_write_point(&grp, &pt, + MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256) == 0); + TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &pt, &vbuf, olen) == 0); + TEST_ASSERT(mbedtls_ecp_is_zero(&pt)); + TEST_ASSERT(vbuf == buf + olen); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &pt ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&pt); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_tls_read_group( data_t * buf, int result, int bits, - int record_len ) +void mbedtls_ecp_tls_read_group(data_t *buf, int result, int bits, + int record_len) { mbedtls_ecp_group grp; const unsigned char *vbuf = buf->x; int ret; - mbedtls_ecp_group_init( &grp ); + mbedtls_ecp_group_init(&grp); - ret = mbedtls_ecp_tls_read_group( &grp, &vbuf, buf->len ); + ret = mbedtls_ecp_tls_read_group(&grp, &vbuf, buf->len); - TEST_ASSERT( ret == result ); - if( ret == 0) - { - TEST_ASSERT( mbedtls_mpi_bitlen( &grp.P ) == (size_t) bits ); - TEST_ASSERT( vbuf - buf->x == record_len); + TEST_ASSERT(ret == result); + if (ret == 0) { + TEST_ASSERT(mbedtls_mpi_bitlen(&grp.P) == (size_t) bits); + TEST_ASSERT(vbuf - buf->x == record_len); } exit: - mbedtls_ecp_group_free( &grp ); + mbedtls_ecp_group_free(&grp); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_tls_write_read_group( int id ) +void ecp_tls_write_read_group(int id) { mbedtls_ecp_group grp1, grp2; unsigned char buf[10]; @@ -1083,33 +1088,32 @@ void ecp_tls_write_read_group( int id ) size_t len; int ret; - mbedtls_ecp_group_init( &grp1 ); - mbedtls_ecp_group_init( &grp2 ); - memset( buf, 0x00, sizeof( buf ) ); + mbedtls_ecp_group_init(&grp1); + mbedtls_ecp_group_init(&grp2); + memset(buf, 0x00, sizeof(buf)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp1, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp1, id) == 0); - TEST_ASSERT( mbedtls_ecp_tls_write_group( &grp1, &len, buf, 10 ) == 0 ); - ret = mbedtls_ecp_tls_read_group( &grp2, &vbuf, len ); - TEST_ASSERT( ret == 0 ); + TEST_ASSERT(mbedtls_ecp_tls_write_group(&grp1, &len, buf, 10) == 0); + ret = mbedtls_ecp_tls_read_group(&grp2, &vbuf, len); + TEST_ASSERT(ret == 0); - if( ret == 0 ) - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp1.N, &grp2.N ) == 0 ); - TEST_ASSERT( grp1.id == grp2.id ); + if (ret == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp1.N, &grp2.N) == 0); + TEST_ASSERT(grp1.id == grp2.id); } exit: - mbedtls_ecp_group_free( &grp1 ); - mbedtls_ecp_group_free( &grp2 ); + mbedtls_ecp_group_free(&grp1); + mbedtls_ecp_group_free(&grp2); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECDH_C:MBEDTLS_ECDSA_C */ -void mbedtls_ecp_group_metadata( int id, int bit_size, int crv_type, - char* P, char* A, char* B, - char* G_x, char* G_y, char* N, - int tls_id ) +void mbedtls_ecp_group_metadata(int id, int bit_size, int crv_type, + char *P, char *A, char *B, + char *G_x, char *G_y, char *N, + int tls_id) { mbedtls_ecp_group grp, grp_read, grp_cpy; const mbedtls_ecp_group_id *g_id; @@ -1122,316 +1126,317 @@ void mbedtls_ecp_group_metadata( int id, int bit_size, int crv_type, const unsigned char *vbuf = buf; size_t olen; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_group_init( &grp_read ); - mbedtls_ecp_group_init( &grp_cpy ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_group_init(&grp_read); + mbedtls_ecp_group_init(&grp_cpy); - mbedtls_mpi_init( &exp_P ); - mbedtls_mpi_init( &exp_A ); - mbedtls_mpi_init( &exp_B ); - mbedtls_mpi_init( &exp_G_x ); - mbedtls_mpi_init( &exp_G_y ); - mbedtls_mpi_init( &exp_N ); + mbedtls_mpi_init(&exp_P); + mbedtls_mpi_init(&exp_A); + mbedtls_mpi_init(&exp_B); + mbedtls_mpi_init(&exp_G_x); + mbedtls_mpi_init(&exp_G_y); + mbedtls_mpi_init(&exp_N); // Read expected parameters - TEST_EQUAL( mbedtls_test_read_mpi( &exp_P, P ), 0 ); - TEST_EQUAL( mbedtls_test_read_mpi( &exp_A, A ), 0 ); - TEST_EQUAL( mbedtls_test_read_mpi( &exp_G_x, G_x ), 0 ); - TEST_EQUAL( mbedtls_test_read_mpi( &exp_N, N ), 0 ); - TEST_EQUAL( mbedtls_test_read_mpi( &exp_B, B ), 0 ); - TEST_EQUAL( mbedtls_test_read_mpi( &exp_G_y, G_y ), 0 ); + TEST_EQUAL(mbedtls_test_read_mpi(&exp_P, P), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&exp_A, A), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&exp_G_x, G_x), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&exp_N, N), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&exp_B, B), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&exp_G_y, G_y), 0); // Convert exp_A to internal representation (A+2)/4 - if( crv_type == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { - TEST_EQUAL( mbedtls_mpi_add_int( &exp_A, &exp_A, 2 ), 0 ); - TEST_EQUAL( mbedtls_mpi_div_int( &exp_A, NULL, &exp_A, 4 ), 0 ); + if (crv_type == MBEDTLS_ECP_TYPE_MONTGOMERY) { + TEST_EQUAL(mbedtls_mpi_add_int(&exp_A, &exp_A, 2), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&exp_A, NULL, &exp_A, 4), 0); } // Load group - TEST_EQUAL( mbedtls_ecp_group_load( &grp, id ), 0 ); + TEST_EQUAL(mbedtls_ecp_group_load(&grp, id), 0); // Compare group with expected parameters // A is NULL for SECPxxxR1 curves // B and G_y are NULL for curve25519 and curve448 - TEST_EQUAL( mbedtls_mpi_cmp_mpi( &exp_P, &grp.P ), 0 ); - if( *A != 0 ) - TEST_EQUAL( mbedtls_mpi_cmp_mpi( &exp_A, &grp.A ), 0 ); - if( *B != 0 ) - TEST_EQUAL( mbedtls_mpi_cmp_mpi( &exp_B, &grp.B ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_mpi( &exp_G_x, &grp.G.X ), 0 ); - if( *G_y != 0 ) - TEST_EQUAL( mbedtls_mpi_cmp_mpi( &exp_G_y, &grp.G.Y ), 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_mpi( &exp_N, &grp.N ), 0 ); + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_P, &grp.P), 0); + if (*A != 0) { + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_A, &grp.A), 0); + } + if (*B != 0) { + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_B, &grp.B), 0); + } + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_G_x, &grp.G.X), 0); + if (*G_y != 0) { + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_G_y, &grp.G.Y), 0); + } + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_N, &grp.N), 0); // Load curve info and compare with known values - crv = mbedtls_ecp_curve_info_from_grp_id( id ); - TEST_EQUAL( crv->grp_id, id ); - TEST_EQUAL( crv->bit_size, bit_size ); - TEST_EQUAL( crv->tls_id, tls_id ); + crv = mbedtls_ecp_curve_info_from_grp_id(id); + TEST_EQUAL(crv->grp_id, id); + TEST_EQUAL(crv->bit_size, bit_size); + TEST_EQUAL(crv->tls_id, tls_id); // Load curve from TLS ID and name, and compare IDs - crv_tls_id = mbedtls_ecp_curve_info_from_tls_id( crv->tls_id ); - crv_name = mbedtls_ecp_curve_info_from_name( crv->name ); - TEST_EQUAL( crv_tls_id->grp_id, id ); - TEST_EQUAL( crv_name->grp_id, id ); + crv_tls_id = mbedtls_ecp_curve_info_from_tls_id(crv->tls_id); + crv_name = mbedtls_ecp_curve_info_from_name(crv->name); + TEST_EQUAL(crv_tls_id->grp_id, id); + TEST_EQUAL(crv_name->grp_id, id); // Validate write_group against test data - TEST_EQUAL( mbedtls_ecp_tls_write_group( &grp, &olen, - buf, sizeof( buf ) ), - 0 ); - TEST_EQUAL( mbedtls_test_hexcmp( buf, ecparameters, olen, - sizeof( ecparameters ) ), - 0 ); + TEST_EQUAL(mbedtls_ecp_tls_write_group(&grp, &olen, + buf, sizeof(buf)), + 0); + TEST_EQUAL(mbedtls_test_hexcmp(buf, ecparameters, olen, + sizeof(ecparameters)), + 0); // Read group from buffer and compare with expected ID - TEST_EQUAL( mbedtls_ecp_tls_read_group_id( &read_g_id, &vbuf, olen ), - 0 ); - TEST_EQUAL( read_g_id, id ); + TEST_EQUAL(mbedtls_ecp_tls_read_group_id(&read_g_id, &vbuf, olen), + 0); + TEST_EQUAL(read_g_id, id); vbuf = buf; - TEST_EQUAL( mbedtls_ecp_tls_read_group( &grp_read, &vbuf, olen ), - 0 ); - TEST_EQUAL( grp_read.id, id ); + TEST_EQUAL(mbedtls_ecp_tls_read_group(&grp_read, &vbuf, olen), + 0); + TEST_EQUAL(grp_read.id, id); // Check curve type, and if it can be used for ECDH/ECDSA - TEST_EQUAL( mbedtls_ecp_get_type( &grp ), crv_type ); - TEST_EQUAL( mbedtls_ecdh_can_do( id ), 1 ); - TEST_EQUAL( mbedtls_ecdsa_can_do( id ), - crv_type == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ); + TEST_EQUAL(mbedtls_ecp_get_type(&grp), crv_type); + TEST_EQUAL(mbedtls_ecdh_can_do(id), 1); + TEST_EQUAL(mbedtls_ecdsa_can_do(id), + crv_type == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS); // Copy group and compare with original - TEST_EQUAL( mbedtls_ecp_group_copy( &grp_cpy, &grp ), 0 ); - TEST_EQUAL( mbedtls_ecp_group_cmp( &grp, &grp_cpy ), 0 ); + TEST_EQUAL(mbedtls_ecp_group_copy(&grp_cpy, &grp), 0); + TEST_EQUAL(mbedtls_ecp_group_cmp(&grp, &grp_cpy), 0); // Check curve is in curve list and group ID list - for( crv = mbedtls_ecp_curve_list( ); - crv->grp_id != MBEDTLS_ECP_DP_NONE && - crv->grp_id != (unsigned) id; - crv++ ); - TEST_EQUAL( crv->grp_id, id ); - for( g_id = mbedtls_ecp_grp_id_list( ); + for (crv = mbedtls_ecp_curve_list(); + crv->grp_id != MBEDTLS_ECP_DP_NONE && + crv->grp_id != (unsigned) id; + crv++) { + ; + } + TEST_EQUAL(crv->grp_id, id); + for (g_id = mbedtls_ecp_grp_id_list(); *g_id != MBEDTLS_ECP_DP_NONE && *g_id != (unsigned) id; - g_id++ ); - TEST_EQUAL( *g_id, (unsigned) id ); + g_id++) { + ; + } + TEST_EQUAL(*g_id, (unsigned) id); exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_group_free( &grp_cpy ); - mbedtls_ecp_group_free( &grp_read ); - mbedtls_mpi_free( &exp_P ); mbedtls_mpi_free( &exp_A ); - mbedtls_mpi_free( &exp_B ); mbedtls_mpi_free( &exp_G_x ); - mbedtls_mpi_free( &exp_G_y ); mbedtls_mpi_free( &exp_N ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_group_free(&grp_cpy); + mbedtls_ecp_group_free(&grp_read); + mbedtls_mpi_free(&exp_P); mbedtls_mpi_free(&exp_A); + mbedtls_mpi_free(&exp_B); mbedtls_mpi_free(&exp_G_x); + mbedtls_mpi_free(&exp_G_y); mbedtls_mpi_free(&exp_N); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_check_privkey( int id, char * key_hex, int ret ) +void mbedtls_ecp_check_privkey(int id, char *key_hex, int ret) { mbedtls_ecp_group grp; mbedtls_mpi d; - mbedtls_ecp_group_init( &grp ); - mbedtls_mpi_init( &d ); + mbedtls_ecp_group_init(&grp); + mbedtls_mpi_init(&d); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &d, key_hex ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&d, key_hex) == 0); - TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == ret ); + TEST_ASSERT(mbedtls_ecp_check_privkey(&grp, &d) == ret); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_mpi_free( &d ); + mbedtls_ecp_group_free(&grp); + mbedtls_mpi_free(&d); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_check_pub_priv( int id_pub, char * Qx_pub, char * Qy_pub, - int id, char * d, char * Qx, char * Qy, - int ret ) +void mbedtls_ecp_check_pub_priv(int id_pub, char *Qx_pub, char *Qy_pub, + int id, char *d, char *Qx, char *Qy, + int ret) { mbedtls_ecp_keypair pub, prv; - mbedtls_ecp_keypair_init( &pub ); - mbedtls_ecp_keypair_init( &prv ); + mbedtls_ecp_keypair_init(&pub); + mbedtls_ecp_keypair_init(&prv); - if( id_pub != MBEDTLS_ECP_DP_NONE ) - TEST_ASSERT( mbedtls_ecp_group_load( &pub.grp, id_pub ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_string( &pub.Q, 16, Qx_pub, Qy_pub ) == 0 ); + if (id_pub != MBEDTLS_ECP_DP_NONE) { + TEST_ASSERT(mbedtls_ecp_group_load(&pub.grp, id_pub) == 0); + } + TEST_ASSERT(mbedtls_ecp_point_read_string(&pub.Q, 16, Qx_pub, Qy_pub) == 0); - if( id != MBEDTLS_ECP_DP_NONE ) - TEST_ASSERT( mbedtls_ecp_group_load( &prv.grp, id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_string( &prv.Q, 16, Qx, Qy ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &prv.d, d ) == 0 ); + if (id != MBEDTLS_ECP_DP_NONE) { + TEST_ASSERT(mbedtls_ecp_group_load(&prv.grp, id) == 0); + } + TEST_ASSERT(mbedtls_ecp_point_read_string(&prv.Q, 16, Qx, Qy) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&prv.d, d) == 0); - TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv ) == ret ); + TEST_ASSERT(mbedtls_ecp_check_pub_priv(&pub, &prv) == ret); exit: - mbedtls_ecp_keypair_free( &pub ); - mbedtls_ecp_keypair_free( &prv ); + mbedtls_ecp_keypair_free(&pub); + mbedtls_ecp_keypair_free(&prv); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_gen_keypair( int id ) +void mbedtls_ecp_gen_keypair(int id) { mbedtls_ecp_group grp; mbedtls_ecp_point Q; mbedtls_mpi d; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &Q ); - mbedtls_mpi_init( &d ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&Q); + mbedtls_mpi_init(&d); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); + TEST_ASSERT(mbedtls_ecp_gen_keypair(&grp, &d, &Q, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &Q ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == 0 ); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &Q) == 0); + TEST_ASSERT(mbedtls_ecp_check_privkey(&grp, &d) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &Q ); - mbedtls_mpi_free( &d ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&Q); + mbedtls_mpi_free(&d); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_gen_key( int id ) +void mbedtls_ecp_gen_key(int id) { mbedtls_ecp_keypair key; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecp_keypair_init( &key ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecp_keypair_init(&key); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecp_gen_key( id, &key, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); + TEST_ASSERT(mbedtls_ecp_gen_key(id, &key, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &key.grp, &key.Q ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_privkey( &key.grp, &key.d ) == 0 ); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&key.grp, &key.Q) == 0); + TEST_ASSERT(mbedtls_ecp_check_privkey(&key.grp, &key.d) == 0); exit: - mbedtls_ecp_keypair_free( &key ); + mbedtls_ecp_keypair_free(&key); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected, int canonical ) +void mbedtls_ecp_read_key(int grp_id, data_t *in_key, int expected, int canonical) { int ret = 0; mbedtls_ecp_keypair key; mbedtls_ecp_keypair key2; - mbedtls_ecp_keypair_init( &key ); - mbedtls_ecp_keypair_init( &key2 ); + mbedtls_ecp_keypair_init(&key); + mbedtls_ecp_keypair_init(&key2); - ret = mbedtls_ecp_read_key( grp_id, &key, in_key->x, in_key->len ); - TEST_ASSERT( ret == expected ); + ret = mbedtls_ecp_read_key(grp_id, &key, in_key->x, in_key->len); + TEST_ASSERT(ret == expected); - if( expected == 0 ) - { - ret = mbedtls_ecp_check_privkey( &key.grp, &key.d ); - TEST_ASSERT( ret == 0 ); + if (expected == 0) { + ret = mbedtls_ecp_check_privkey(&key.grp, &key.d); + TEST_ASSERT(ret == 0); - if( canonical ) - { + if (canonical) { unsigned char buf[MBEDTLS_ECP_MAX_BYTES]; - ret = mbedtls_ecp_write_key( &key, buf, in_key->len ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ecp_write_key(&key, buf, in_key->len); + TEST_ASSERT(ret == 0); - ASSERT_COMPARE( in_key->x, in_key->len, - buf, in_key->len ); - } - else - { + ASSERT_COMPARE(in_key->x, in_key->len, + buf, in_key->len); + } else { unsigned char export1[MBEDTLS_ECP_MAX_BYTES]; unsigned char export2[MBEDTLS_ECP_MAX_BYTES]; - ret = mbedtls_ecp_write_key( &key, export1, in_key->len ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ecp_write_key(&key, export1, in_key->len); + TEST_ASSERT(ret == 0); - ret = mbedtls_ecp_read_key( grp_id, &key2, export1, in_key->len ); - TEST_ASSERT( ret == expected ); + ret = mbedtls_ecp_read_key(grp_id, &key2, export1, in_key->len); + TEST_ASSERT(ret == expected); - ret = mbedtls_ecp_write_key( &key2, export2, in_key->len ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ecp_write_key(&key2, export2, in_key->len); + TEST_ASSERT(ret == 0); - ASSERT_COMPARE( export1, in_key->len, - export2, in_key->len ); + ASSERT_COMPARE(export1, in_key->len, + export2, in_key->len); } } exit: - mbedtls_ecp_keypair_free( &key ); - mbedtls_ecp_keypair_free( &key2 ); + mbedtls_ecp_keypair_free(&key); + mbedtls_ecp_keypair_free(&key2); } /* END_CASE */ /* BEGIN_CASE depends_on:HAVE_FIX_NEGATIVE */ -void fix_negative( data_t *N_bin, int c, int bits ) +void fix_negative(data_t *N_bin, int c, int bits) { mbedtls_mpi C, M, N; - mbedtls_mpi_init( &C ); - mbedtls_mpi_init( &M ); - mbedtls_mpi_init( &N ); + mbedtls_mpi_init(&C); + mbedtls_mpi_init(&M); + mbedtls_mpi_init(&N); /* C = - c * 2^bits (positive since c is negative) */ - TEST_EQUAL( 0, mbedtls_mpi_lset( &C, -c ) ); - TEST_EQUAL( 0, mbedtls_mpi_shift_l( &C, bits ) ); + TEST_EQUAL(0, mbedtls_mpi_lset(&C, -c)); + TEST_EQUAL(0, mbedtls_mpi_shift_l(&C, bits)); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &N, N_bin->x, N_bin->len ) ); - TEST_EQUAL( 0, mbedtls_mpi_grow( &N, C.n ) ); + TEST_EQUAL(0, mbedtls_mpi_read_binary(&N, N_bin->x, N_bin->len)); + TEST_EQUAL(0, mbedtls_mpi_grow(&N, C.n)); /* M = N - C = - ( C - N ) (expected result of fix_negative) */ - TEST_EQUAL( 0, mbedtls_mpi_sub_mpi( &M, &N, &C ) ); + TEST_EQUAL(0, mbedtls_mpi_sub_mpi(&M, &N, &C)); - mbedtls_ecp_fix_negative( &N, c, bits ); + mbedtls_ecp_fix_negative(&N, c, bits); - TEST_EQUAL( 0, mbedtls_mpi_cmp_mpi( &N, &M ) ); + TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(&N, &M)); exit: - mbedtls_mpi_free( &C ); - mbedtls_mpi_free( &M ); - mbedtls_mpi_free( &N ); + mbedtls_mpi_free(&C); + mbedtls_mpi_free(&M); + mbedtls_mpi_free(&N); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED */ -void genkey_mx_known_answer( int bits, data_t *seed, data_t *expected ) +void genkey_mx_known_answer(int bits, data_t *seed, data_t *expected) { mbedtls_test_rnd_buf_info rnd_info; mbedtls_mpi d; int ret; uint8_t *actual = NULL; - mbedtls_mpi_init( &d ); + mbedtls_mpi_init(&d); rnd_info.buf = seed->x; rnd_info.length = seed->len; rnd_info.fallback_f_rng = NULL; rnd_info.fallback_p_rng = NULL; - ASSERT_ALLOC( actual, expected->len ); + ASSERT_ALLOC(actual, expected->len); - ret = mbedtls_ecp_gen_privkey_mx( bits, &d, - mbedtls_test_rnd_buffer_rand, &rnd_info ); + ret = mbedtls_ecp_gen_privkey_mx(bits, &d, + mbedtls_test_rnd_buffer_rand, &rnd_info); - if( expected->len == 0 ) - { + if (expected->len == 0) { /* Expecting an error (happens if there isn't enough randomness) */ - TEST_ASSERT( ret != 0 ); - } - else - { - TEST_EQUAL( ret, 0 ); - TEST_EQUAL( (size_t) bits + 1, mbedtls_mpi_bitlen( &d ) ); - TEST_EQUAL( 0, mbedtls_mpi_write_binary( &d, actual, expected->len ) ); + TEST_ASSERT(ret != 0); + } else { + TEST_EQUAL(ret, 0); + TEST_EQUAL((size_t) bits + 1, mbedtls_mpi_bitlen(&d)); + TEST_EQUAL(0, mbedtls_mpi_write_binary(&d, actual, expected->len)); /* Test the exact result. This assumes that the output of the * RNG is used in a specific way, which is overly constraining. * The advantage is that it's easier to test the expected properties @@ -1442,109 +1447,109 @@ void genkey_mx_known_answer( int bits, data_t *seed, data_t *expected ) * (can be enforced by checking these bits). * - Other bits must be random (by testing with different RNG outputs, * we validate that those bits are indeed influenced by the RNG). */ - ASSERT_COMPARE( expected->x, expected->len, - actual, expected->len ); + ASSERT_COMPARE(expected->x, expected->len, + actual, expected->len); } exit: - mbedtls_free( actual ); - mbedtls_mpi_free( &d ); + mbedtls_free(actual); + mbedtls_mpi_free(&d); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_set_zero( int id, data_t * P_bin ) +void ecp_set_zero(int id, data_t *P_bin) { mbedtls_ecp_group grp; mbedtls_ecp_point pt, zero_pt, nonzero_pt; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &pt ); - mbedtls_ecp_point_init( &zero_pt ); - mbedtls_ecp_point_init( &nonzero_pt ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&pt); + mbedtls_ecp_point_init(&zero_pt); + mbedtls_ecp_point_init(&nonzero_pt); // Set zero and non-zero points for comparison - TEST_EQUAL( mbedtls_ecp_set_zero( &zero_pt ), 0 ); - TEST_EQUAL( mbedtls_ecp_group_load( &grp, id ), 0 ); - TEST_EQUAL( mbedtls_ecp_point_read_binary( &grp, &nonzero_pt, - P_bin->x, P_bin->len ), 0 ); - TEST_EQUAL( mbedtls_ecp_is_zero( &zero_pt ), 1 ); - TEST_EQUAL( mbedtls_ecp_is_zero( &nonzero_pt ), 0 ); + TEST_EQUAL(mbedtls_ecp_set_zero(&zero_pt), 0); + TEST_EQUAL(mbedtls_ecp_group_load(&grp, id), 0); + TEST_EQUAL(mbedtls_ecp_point_read_binary(&grp, &nonzero_pt, + P_bin->x, P_bin->len), 0); + TEST_EQUAL(mbedtls_ecp_is_zero(&zero_pt), 1); + TEST_EQUAL(mbedtls_ecp_is_zero(&nonzero_pt), 0); // Test initialized point - TEST_EQUAL( mbedtls_ecp_set_zero( &pt ), 0 ); - TEST_EQUAL( mbedtls_ecp_is_zero( &pt ), 1 ); - TEST_EQUAL( mbedtls_ecp_point_cmp( &zero_pt, &pt ), 0 ); - TEST_EQUAL( mbedtls_ecp_point_cmp( &nonzero_pt, &zero_pt ), - MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_ecp_set_zero(&pt), 0); + TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 1); + TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), 0); + TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &zero_pt), + MBEDTLS_ERR_ECP_BAD_INPUT_DATA); // Test zeroed point - TEST_EQUAL( mbedtls_ecp_set_zero( &pt ), 0 ); - TEST_EQUAL( mbedtls_ecp_is_zero( &pt ), 1 ); - TEST_EQUAL( mbedtls_ecp_point_cmp( &zero_pt, &pt ), 0 ); - TEST_EQUAL( mbedtls_ecp_point_cmp( &nonzero_pt, &pt ), - MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_ecp_set_zero(&pt), 0); + TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 1); + TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), 0); + TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &pt), + MBEDTLS_ERR_ECP_BAD_INPUT_DATA); // Set point to non-zero value - TEST_EQUAL( mbedtls_ecp_point_read_binary( &grp, &pt, - P_bin->x, P_bin->len ), 0 ); - TEST_EQUAL( mbedtls_ecp_is_zero( &pt ), 0 ); - TEST_EQUAL( mbedtls_ecp_point_cmp( &zero_pt, &pt ), - MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - TEST_EQUAL( mbedtls_ecp_point_cmp( &nonzero_pt, &pt), 0 ); + TEST_EQUAL(mbedtls_ecp_point_read_binary(&grp, &pt, + P_bin->x, P_bin->len), 0); + TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 0); + TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), + MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &pt), 0); // Test non-zero point - TEST_EQUAL( mbedtls_ecp_set_zero( &pt ), 0 ); - TEST_EQUAL( mbedtls_ecp_is_zero( &pt ), 1 ); - TEST_EQUAL( mbedtls_ecp_point_cmp( &zero_pt, &pt ), 0 ); - TEST_EQUAL( mbedtls_ecp_point_cmp( &nonzero_pt, &pt ), - MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_ecp_set_zero(&pt), 0); + TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 1); + TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), 0); + TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &pt), + MBEDTLS_ERR_ECP_BAD_INPUT_DATA); // Test freed non-zero point - TEST_EQUAL( mbedtls_ecp_point_read_binary( &grp, &pt, - P_bin->x, P_bin->len ), 0 ); - mbedtls_ecp_point_free( &pt ); - TEST_EQUAL( mbedtls_ecp_set_zero( &pt ), 0 ); - TEST_EQUAL( mbedtls_ecp_is_zero( &pt ), 1 ); - TEST_EQUAL( mbedtls_ecp_point_cmp( &zero_pt, &pt ), 0 ); - TEST_EQUAL( mbedtls_ecp_point_cmp( &nonzero_pt, &pt), - MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_ecp_point_read_binary(&grp, &pt, + P_bin->x, P_bin->len), 0); + mbedtls_ecp_point_free(&pt); + TEST_EQUAL(mbedtls_ecp_set_zero(&pt), 0); + TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 1); + TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), 0); + TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &pt), + MBEDTLS_ERR_ECP_BAD_INPUT_DATA); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &pt ); - mbedtls_ecp_point_free( &zero_pt ); - mbedtls_ecp_point_free( &nonzero_pt ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&pt); + mbedtls_ecp_point_free(&zero_pt); + mbedtls_ecp_point_free(&nonzero_pt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void ecp_selftest( ) +void ecp_selftest() { - TEST_ASSERT( mbedtls_ecp_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_ecp_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_check_order( int id, char * expected_order_hex ) +void ecp_check_order(int id, char *expected_order_hex) { mbedtls_ecp_group grp; mbedtls_mpi expected_n; - mbedtls_ecp_group_init( &grp ); - mbedtls_mpi_init( &expected_n ); + mbedtls_ecp_group_init(&grp); + mbedtls_mpi_init(&expected_n); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &expected_n, expected_order_hex ) == 0); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&expected_n, expected_order_hex) == 0); // check sign bits are well-formed (i.e. 1 or -1) - see #5810 - TEST_ASSERT( grp.N.s == -1 || grp.N.s == 1); - TEST_ASSERT( expected_n.s == -1 || expected_n.s == 1); + TEST_ASSERT(grp.N.s == -1 || grp.N.s == 1); + TEST_ASSERT(expected_n.s == -1 || expected_n.s == 1); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.N, &expected_n ) == 0 ); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp.N, &expected_n) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_mpi_free( &expected_n ); + mbedtls_ecp_group_free(&grp); + mbedtls_mpi_free(&expected_n); } /* END_CASE */ diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index e5e88bb35b01..b04ed543c70e 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -4,15 +4,13 @@ #include "mbedtls/md.h" #include "string.h" -typedef enum -{ +typedef enum { DUMMY_CONSTANT_LENGTH, /* Output context->length bytes */ DUMMY_REQUESTED_LENGTH, /* Output whatever length was requested */ DUMMY_FAIL, /* Return an error code */ } entropy_dummy_instruction; -typedef struct -{ +typedef struct { entropy_dummy_instruction instruction; size_t length; /* Length to return for DUMMY_CONSTANT_LENGTH */ size_t calls; /* Incremented at each call */ @@ -24,14 +22,13 @@ typedef struct * If data is NULL, write exactly the requested length. * Otherwise, write the length indicated by data or error if negative */ -static int entropy_dummy_source( void *arg, unsigned char *output, - size_t len, size_t *olen ) +static int entropy_dummy_source(void *arg, unsigned char *output, + size_t len, size_t *olen) { entropy_dummy_context *context = arg; ++context->calls; - switch( context->instruction ) - { + switch (context->instruction) { case DUMMY_CONSTANT_LENGTH: *olen = context->length; break; @@ -39,11 +36,11 @@ static int entropy_dummy_source( void *arg, unsigned char *output, *olen = len; break; case DUMMY_FAIL: - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } - memset( output, 0x2a, *olen ); - return( 0 ); + memset(output, 0x2a, *olen); + return 0; } /* @@ -57,7 +54,7 @@ static int entropy_dummy_source( void *arg, unsigned char *output, * This might break memory checks in the future if sources need 'free-ing' then * as well. */ -static void entropy_clear_sources( mbedtls_entropy_context *ctx ) +static void entropy_clear_sources(mbedtls_entropy_context *ctx) { ctx->source_count = 0; } @@ -68,63 +65,71 @@ static void entropy_clear_sources( mbedtls_entropy_context *ctx ) */ static unsigned char buffer_seed[MBEDTLS_ENTROPY_BLOCK_SIZE]; -int buffer_nv_seed_read( unsigned char *buf, size_t buf_len ) +int buffer_nv_seed_read(unsigned char *buf, size_t buf_len) { - if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( -1 ); + if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) { + return -1; + } - memcpy( buf, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ); - return( 0 ); + memcpy(buf, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE); + return 0; } -int buffer_nv_seed_write( unsigned char *buf, size_t buf_len ) +int buffer_nv_seed_write(unsigned char *buf, size_t buf_len) { - if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( -1 ); + if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) { + return -1; + } - memcpy( buffer_seed, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ); - return( 0 ); + memcpy(buffer_seed, buf, MBEDTLS_ENTROPY_BLOCK_SIZE); + return 0; } /* * NV seed read/write helpers that fill the base seedfile */ -static int write_nv_seed( unsigned char *buf, size_t buf_len ) +static int write_nv_seed(unsigned char *buf, size_t buf_len) { FILE *f; - if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( -1 ); + if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) { + return -1; + } - if( ( f = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w" ) ) == NULL ) - return( -1 ); + if ((f = fopen(MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w")) == NULL) { + return -1; + } - if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != - MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( -1 ); + if (fwrite(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) != + MBEDTLS_ENTROPY_BLOCK_SIZE) { + return -1; + } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } -int read_nv_seed( unsigned char *buf, size_t buf_len ) +int read_nv_seed(unsigned char *buf, size_t buf_len) { FILE *f; - if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( -1 ); + if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) { + return -1; + } - if( ( f = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb" ) ) == NULL ) - return( -1 ); + if ((f = fopen(MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb")) == NULL) { + return -1; + } - if( fread( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != - MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( -1 ); + if (fread(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) != + MBEDTLS_ENTROPY_BLOCK_SIZE) { + return -1; + } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } #endif /* MBEDTLS_ENTROPY_NV_SEED */ /* END_HEADER */ @@ -135,7 +140,7 @@ int read_nv_seed( unsigned char *buf, size_t buf_len ) */ /* BEGIN_CASE */ -void entropy_init_free( int reinit ) +void entropy_init_free(int reinit) { mbedtls_entropy_context ctx; @@ -143,12 +148,13 @@ void entropy_init_free( int reinit ) * to call mbedtls_entropy_free() unconditionally on an error path without * checking whether it has already been called in the success path. */ - mbedtls_entropy_init( &ctx ); - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_init(&ctx); + mbedtls_entropy_free(&ctx); - if( reinit ) - mbedtls_entropy_init( &ctx ); - mbedtls_entropy_free( &ctx ); + if (reinit) { + mbedtls_entropy_init(&ctx); + } + mbedtls_entropy_free(&ctx); /* This test case always succeeds, functionally speaking. A plausible * bug might trigger an invalid pointer dereference or a memory leak. */ @@ -157,189 +163,190 @@ void entropy_init_free( int reinit ) /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */ -void entropy_seed_file( char * path, int ret ) +void entropy_seed_file(char *path, int ret) { mbedtls_entropy_context ctx; - mbedtls_entropy_init( &ctx ); + mbedtls_entropy_init(&ctx); - TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, path ) == ret ); - TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, path ) == ret ); + TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, path) == ret); + TEST_ASSERT(mbedtls_entropy_update_seed_file(&ctx, path) == ret); exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */ -void entropy_write_base_seed_file( int ret ) +void entropy_write_base_seed_file(int ret) { mbedtls_entropy_context ctx; - mbedtls_entropy_init( &ctx ); + mbedtls_entropy_init(&ctx); - TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE ) == ret ); - TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE ) == ret ); + TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE) == ret); + TEST_ASSERT(mbedtls_entropy_update_seed_file(&ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE) == ret); exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void entropy_no_sources( ) +void entropy_no_sources() { mbedtls_entropy_context ctx; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - mbedtls_entropy_init( &ctx ); - entropy_clear_sources( &ctx ); - TEST_EQUAL( mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ), - MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED ); + mbedtls_entropy_init(&ctx); + entropy_clear_sources(&ctx); + TEST_EQUAL(mbedtls_entropy_func(&ctx, buf, sizeof(buf)), + MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED); exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void entropy_too_many_sources( ) +void entropy_too_many_sources() { mbedtls_entropy_context ctx; size_t i; - entropy_dummy_context dummy = {DUMMY_REQUESTED_LENGTH, 0, 0}; + entropy_dummy_context dummy = { DUMMY_REQUESTED_LENGTH, 0, 0 }; - mbedtls_entropy_init( &ctx ); + mbedtls_entropy_init(&ctx); /* * It's hard to tell precisely when the error will occur, * since we don't know how many sources were automatically added. */ - for( i = 0; i < MBEDTLS_ENTROPY_MAX_SOURCES; i++ ) - (void) mbedtls_entropy_add_source( &ctx, entropy_dummy_source, &dummy, - 16, MBEDTLS_ENTROPY_SOURCE_WEAK ); + for (i = 0; i < MBEDTLS_ENTROPY_MAX_SOURCES; i++) { + (void) mbedtls_entropy_add_source(&ctx, entropy_dummy_source, &dummy, + 16, MBEDTLS_ENTROPY_SOURCE_WEAK); + } - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, &dummy, - 16, MBEDTLS_ENTROPY_SOURCE_WEAK ) - == MBEDTLS_ERR_ENTROPY_MAX_SOURCES ); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, &dummy, + 16, MBEDTLS_ENTROPY_SOURCE_WEAK) + == MBEDTLS_ERR_ENTROPY_MAX_SOURCES); exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG */ -void entropy_func_len( int len, int ret ) +void entropy_func_len(int len, int ret) { mbedtls_entropy_context ctx; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 }; unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 }; size_t i, j; - mbedtls_entropy_init( &ctx ); + mbedtls_entropy_init(&ctx); /* * See comments in mbedtls_entropy_self_test() */ - for( i = 0; i < 8; i++ ) - { - TEST_ASSERT( mbedtls_entropy_func( &ctx, buf, len ) == ret ); - for( j = 0; j < sizeof( buf ); j++ ) + for (i = 0; i < 8; i++) { + TEST_ASSERT(mbedtls_entropy_func(&ctx, buf, len) == ret); + for (j = 0; j < sizeof(buf); j++) { acc[j] |= buf[j]; + } } - if( ret == 0 ) - for( j = 0; j < (size_t) len; j++ ) - TEST_ASSERT( acc[j] != 0 ); + if (ret == 0) { + for (j = 0; j < (size_t) len; j++) { + TEST_ASSERT(acc[j] != 0); + } + } - for( j = len; j < sizeof( buf ); j++ ) - TEST_ASSERT( acc[j] == 0 ); + for (j = len; j < sizeof(buf); j++) { + TEST_ASSERT(acc[j] == 0); + } exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void entropy_source_fail( char * path ) +void entropy_source_fail(char *path) { mbedtls_entropy_context ctx; unsigned char buf[16]; - entropy_dummy_context dummy = {DUMMY_FAIL, 0, 0}; + entropy_dummy_context dummy = { DUMMY_FAIL, 0, 0 }; - mbedtls_entropy_init( &ctx ); + mbedtls_entropy_init(&ctx); - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &dummy, 16, - MBEDTLS_ENTROPY_SOURCE_WEAK ) - == 0 ); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, + &dummy, 16, + MBEDTLS_ENTROPY_SOURCE_WEAK) + == 0); - TEST_ASSERT( mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ) - == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - TEST_ASSERT( mbedtls_entropy_gather( &ctx ) - == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + TEST_ASSERT(mbedtls_entropy_func(&ctx, buf, sizeof(buf)) + == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED); + TEST_ASSERT(mbedtls_entropy_gather(&ctx) + == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED); #if defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_NV_SEED) - TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, path ) - == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, path ) - == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, path) + == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED); + TEST_ASSERT(mbedtls_entropy_update_seed_file(&ctx, path) + == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED); #else ((void) path); #endif exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void entropy_threshold( int threshold, int chunk_size, int result ) +void entropy_threshold(int threshold, int chunk_size, int result) { mbedtls_entropy_context ctx; entropy_dummy_context strong = - {DUMMY_CONSTANT_LENGTH, MBEDTLS_ENTROPY_BLOCK_SIZE, 0}; - entropy_dummy_context weak = {DUMMY_CONSTANT_LENGTH, chunk_size, 0}; + { DUMMY_CONSTANT_LENGTH, MBEDTLS_ENTROPY_BLOCK_SIZE, 0 }; + entropy_dummy_context weak = { DUMMY_CONSTANT_LENGTH, chunk_size, 0 }; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; int ret; - mbedtls_entropy_init( &ctx ); - entropy_clear_sources( &ctx ); + mbedtls_entropy_init(&ctx); + entropy_clear_sources(&ctx); /* Set strong source that reaches its threshold immediately and * a weak source whose threshold is a test parameter. */ - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &strong, 1, - MBEDTLS_ENTROPY_SOURCE_STRONG ) == 0 ); - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &weak, threshold, - MBEDTLS_ENTROPY_SOURCE_WEAK ) == 0 ); - - ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ); - - if( result >= 0 ) - { - TEST_ASSERT( ret == 0 ); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, + &strong, 1, + MBEDTLS_ENTROPY_SOURCE_STRONG) == 0); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, + &weak, threshold, + MBEDTLS_ENTROPY_SOURCE_WEAK) == 0); + + ret = mbedtls_entropy_func(&ctx, buf, sizeof(buf)); + + if (result >= 0) { + TEST_ASSERT(ret == 0); #if defined(MBEDTLS_ENTROPY_NV_SEED) /* If the NV seed functionality is enabled, there are two entropy * updates: before and after updating the NV seed. */ result *= 2; #endif - TEST_ASSERT( weak.calls == (size_t) result ); - } - else - { - TEST_ASSERT( ret == result ); + TEST_ASSERT(weak.calls == (size_t) result); + } else { + TEST_ASSERT(ret == result); } exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void entropy_calls( int strength1, int strength2, - int threshold, int chunk_size, - int result ) +void entropy_calls(int strength1, int strength2, + int threshold, int chunk_size, + int result) { /* * if result >= 0: result = expected number of calls to source 1 @@ -347,101 +354,98 @@ void entropy_calls( int strength1, int strength2, */ mbedtls_entropy_context ctx; - entropy_dummy_context dummy1 = {DUMMY_CONSTANT_LENGTH, chunk_size, 0}; - entropy_dummy_context dummy2 = {DUMMY_CONSTANT_LENGTH, chunk_size, 0}; + entropy_dummy_context dummy1 = { DUMMY_CONSTANT_LENGTH, chunk_size, 0 }; + entropy_dummy_context dummy2 = { DUMMY_CONSTANT_LENGTH, chunk_size, 0 }; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; int ret; - mbedtls_entropy_init( &ctx ); - entropy_clear_sources( &ctx ); + mbedtls_entropy_init(&ctx); + entropy_clear_sources(&ctx); - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &dummy1, threshold, - strength1 ) == 0 ); - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &dummy2, threshold, - strength2 ) == 0 ); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, + &dummy1, threshold, + strength1) == 0); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, + &dummy2, threshold, + strength2) == 0); - ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ); + ret = mbedtls_entropy_func(&ctx, buf, sizeof(buf)); - if( result >= 0 ) - { - TEST_ASSERT( ret == 0 ); + if (result >= 0) { + TEST_ASSERT(ret == 0); #if defined(MBEDTLS_ENTROPY_NV_SEED) /* If the NV seed functionality is enabled, there are two entropy * updates: before and after updating the NV seed. */ result *= 2; #endif - TEST_ASSERT( dummy1.calls == (size_t) result ); - } - else - { - TEST_ASSERT( ret == result ); + TEST_ASSERT(dummy1.calls == (size_t) result); + } else { + TEST_ASSERT(ret == result); } exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */ -void nv_seed_file_create( ) +void nv_seed_file_create() { unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); - TEST_ASSERT( write_nv_seed( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(write_nv_seed(buf, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO:MBEDTLS_PLATFORM_NV_SEED_ALT */ -void entropy_nv_seed_std_io( ) +void entropy_nv_seed_std_io() { unsigned char io_seed[MBEDTLS_ENTROPY_BLOCK_SIZE]; unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE]; - memset( io_seed, 1, MBEDTLS_ENTROPY_BLOCK_SIZE ); - memset( check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(io_seed, 1, MBEDTLS_ENTROPY_BLOCK_SIZE); + memset(check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); - mbedtls_platform_set_nv_seed( mbedtls_platform_std_nv_seed_read, - mbedtls_platform_std_nv_seed_write ); + mbedtls_platform_set_nv_seed(mbedtls_platform_std_nv_seed_read, + mbedtls_platform_std_nv_seed_write); /* Check if platform NV read and write manipulate the same data */ - TEST_ASSERT( write_nv_seed( io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); - TEST_ASSERT( mbedtls_nv_seed_read( check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == - MBEDTLS_ENTROPY_BLOCK_SIZE ); + TEST_ASSERT(write_nv_seed(io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); + TEST_ASSERT(mbedtls_nv_seed_read(check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == + MBEDTLS_ENTROPY_BLOCK_SIZE); - TEST_ASSERT( memcmp( io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(memcmp(io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); - memset( check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); /* Check if platform NV write and raw read manipulate the same data */ - TEST_ASSERT( mbedtls_nv_seed_write( io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == - MBEDTLS_ENTROPY_BLOCK_SIZE ); - TEST_ASSERT( read_nv_seed( check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(mbedtls_nv_seed_write(io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == + MBEDTLS_ENTROPY_BLOCK_SIZE); + TEST_ASSERT(read_nv_seed(check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); - TEST_ASSERT( memcmp( io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(memcmp(io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD_C:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PLATFORM_NV_SEED_ALT */ -void entropy_nv_seed( data_t * read_seed ) +void entropy_nv_seed(data_t *read_seed) { #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 ); + mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); #elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR) const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ); + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); #else #error "Unsupported entropy accumulator" #endif mbedtls_md_context_t accumulator; mbedtls_entropy_context ctx; - int (*original_mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ) = + int (*original_mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len) = mbedtls_nv_seed_read; - int (*original_mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ) = + int (*original_mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len) = mbedtls_nv_seed_write; unsigned char header[2]; @@ -451,80 +455,80 @@ void entropy_nv_seed( data_t * read_seed ) unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE]; unsigned char check_entropy[MBEDTLS_ENTROPY_BLOCK_SIZE]; - memset( entropy, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); - memset( empty, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); - memset( check_seed, 2, MBEDTLS_ENTROPY_BLOCK_SIZE ); - memset( check_entropy, 3, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(entropy, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); + memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); + memset(empty, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); + memset(check_seed, 2, MBEDTLS_ENTROPY_BLOCK_SIZE); + memset(check_entropy, 3, MBEDTLS_ENTROPY_BLOCK_SIZE); // Make sure we read/write NV seed from our buffers - mbedtls_platform_set_nv_seed( buffer_nv_seed_read, buffer_nv_seed_write ); + mbedtls_platform_set_nv_seed(buffer_nv_seed_read, buffer_nv_seed_write); - mbedtls_md_init( &accumulator ); - mbedtls_entropy_init( &ctx ); - entropy_clear_sources( &ctx ); + mbedtls_md_init(&accumulator); + mbedtls_entropy_init(&ctx); + entropy_clear_sources(&ctx); - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, mbedtls_nv_seed_poll, NULL, - MBEDTLS_ENTROPY_BLOCK_SIZE, - MBEDTLS_ENTROPY_SOURCE_STRONG ) == 0 ); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, mbedtls_nv_seed_poll, NULL, + MBEDTLS_ENTROPY_BLOCK_SIZE, + MBEDTLS_ENTROPY_SOURCE_STRONG) == 0); // Set the initial NV seed to read - TEST_ASSERT( read_seed->len >= MBEDTLS_ENTROPY_BLOCK_SIZE ); - memcpy( buffer_seed, read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE ); + TEST_ASSERT(read_seed->len >= MBEDTLS_ENTROPY_BLOCK_SIZE); + memcpy(buffer_seed, read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE); // Do an entropy run - TEST_ASSERT( mbedtls_entropy_func( &ctx, entropy, sizeof( entropy ) ) == 0 ); + TEST_ASSERT(mbedtls_entropy_func(&ctx, entropy, sizeof(entropy)) == 0); // Determine what should have happened with manual entropy internal logic // Init accumulator header[1] = MBEDTLS_ENTROPY_BLOCK_SIZE; - TEST_ASSERT( mbedtls_md_setup( &accumulator, md_info, 0 ) == 0 ); + TEST_ASSERT(mbedtls_md_setup(&accumulator, md_info, 0) == 0); // First run for updating write_seed header[0] = 0; - TEST_ASSERT( mbedtls_md_starts( &accumulator ) == 0 ); - TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 ); - TEST_ASSERT( mbedtls_md_update( &accumulator, - read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); - TEST_ASSERT( mbedtls_md_finish( &accumulator, buf ) == 0 ); + TEST_ASSERT(mbedtls_md_starts(&accumulator) == 0); + TEST_ASSERT(mbedtls_md_update(&accumulator, header, 2) == 0); + TEST_ASSERT(mbedtls_md_update(&accumulator, + read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); + TEST_ASSERT(mbedtls_md_finish(&accumulator, buf) == 0); - TEST_ASSERT( mbedtls_md_starts( &accumulator ) == 0 ); - TEST_ASSERT( mbedtls_md_update( &accumulator, - buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(mbedtls_md_starts(&accumulator) == 0); + TEST_ASSERT(mbedtls_md_update(&accumulator, + buf, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); - TEST_ASSERT( mbedtls_md( md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - check_seed ) == 0 ); + TEST_ASSERT(mbedtls_md(md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE, + check_seed) == 0); // Second run for actual entropy (triggers mbedtls_entropy_update_nv_seed) header[0] = MBEDTLS_ENTROPY_SOURCE_MANUAL; - TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 ); - TEST_ASSERT( mbedtls_md_update( &accumulator, - empty, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(mbedtls_md_update(&accumulator, header, 2) == 0); + TEST_ASSERT(mbedtls_md_update(&accumulator, + empty, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); header[0] = 0; - TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 ); - TEST_ASSERT( mbedtls_md_update( &accumulator, - check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); - TEST_ASSERT( mbedtls_md_finish( &accumulator, buf ) == 0 ); + TEST_ASSERT(mbedtls_md_update(&accumulator, header, 2) == 0); + TEST_ASSERT(mbedtls_md_update(&accumulator, + check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); + TEST_ASSERT(mbedtls_md_finish(&accumulator, buf) == 0); - TEST_ASSERT( mbedtls_md( md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - check_entropy ) == 0 ); + TEST_ASSERT(mbedtls_md(md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE, + check_entropy) == 0); // Check result of both NV file and entropy received with the manual calculations - TEST_ASSERT( memcmp( check_seed, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); - TEST_ASSERT( memcmp( check_entropy, entropy, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(memcmp(check_seed, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); + TEST_ASSERT(memcmp(check_entropy, entropy, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); exit: - mbedtls_md_free( &accumulator ); - mbedtls_entropy_free( &ctx ); + mbedtls_md_free(&accumulator); + mbedtls_entropy_free(&ctx); mbedtls_nv_seed_read = original_mbedtls_nv_seed_read; mbedtls_nv_seed_write = original_mbedtls_nv_seed_write; } /* END_CASE */ /* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG:MBEDTLS_SELF_TEST */ -void entropy_selftest( int result ) +void entropy_selftest(int result) { - TEST_ASSERT( mbedtls_entropy_self_test( 1 ) == result ); + TEST_ASSERT(mbedtls_entropy_self_test(1) == result); } /* END_CASE */ diff --git a/tests/suites/test_suite_error.function b/tests/suites/test_suite_error.function index 68831ce51d0b..4c38ab05f227 100644 --- a/tests/suites/test_suite_error.function +++ b/tests/suites/test_suite_error.function @@ -8,14 +8,14 @@ */ /* BEGIN_CASE */ -void error_strerror( int code, char * result_str ) +void error_strerror(int code, char *result_str) { char buf[500]; - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - mbedtls_strerror( code, buf, 500 ); + mbedtls_strerror(code, buf, 500); - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buf, result_str) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index afe862d6e3d0..b0c7bbcf20e7 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -8,107 +8,114 @@ */ /* BEGIN_CASE */ -void gcm_bad_parameters( int cipher_id, int direction, - data_t *key_str, data_t *src_str, - data_t *iv_str, data_t *add_str, - int tag_len_bits, int gcm_result ) +void gcm_bad_parameters(int cipher_id, int direction, + data_t *key_str, data_t *src_str, + data_t *iv_str, data_t *add_str, + int tag_len_bits, int gcm_result) { unsigned char output[128]; unsigned char tag_output[16]; mbedtls_gcm_context ctx; size_t tag_len = tag_len_bits / 8; - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); - memset( output, 0x00, sizeof( output ) ); - memset( tag_output, 0x00, sizeof( tag_output ) ); + memset(output, 0x00, sizeof(output)); + memset(tag_output, 0x00, sizeof(tag_output)); - TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, direction, src_str->len, iv_str->x, iv_str->len, - add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == gcm_result ); + TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_gcm_crypt_and_tag(&ctx, direction, src_str->len, iv_str->x, iv_str->len, + add_str->x, add_str->len, src_str->x, output, tag_len, + tag_output) == gcm_result); exit: - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void gcm_encrypt_and_tag( int cipher_id, data_t * key_str, - data_t * src_str, data_t * iv_str, - data_t * add_str, data_t * dst, - int tag_len_bits, data_t * tag, - int init_result ) +void gcm_encrypt_and_tag(int cipher_id, data_t *key_str, + data_t *src_str, data_t *iv_str, + data_t *add_str, data_t *dst, + int tag_len_bits, data_t *tag, + int init_result) { unsigned char output[128]; unsigned char tag_output[16]; mbedtls_gcm_context ctx; size_t tag_len = tag_len_bits / 8; - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); memset(output, 0x00, 128); memset(tag_output, 0x00, 16); - TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); - if( init_result == 0 ) - { - TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == 0 ); + TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == init_result); + if (init_result == 0) { + TEST_ASSERT(mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, src_str->len, iv_str->x, + iv_str->len, add_str->x, add_str->len, src_str->x, + output, tag_len, tag_output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); - TEST_ASSERT( mbedtls_test_hexcmp( tag_output, tag->x, - tag_len, tag->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); + TEST_ASSERT(mbedtls_test_hexcmp(tag_output, tag->x, + tag_len, tag->len) == 0); } exit: - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void gcm_decrypt_and_verify( int cipher_id, data_t * key_str, - data_t * src_str, data_t * iv_str, - data_t * add_str, int tag_len_bits, - data_t * tag_str, char * result, - data_t * pt_result, int init_result ) +void gcm_decrypt_and_verify(int cipher_id, data_t *key_str, + data_t *src_str, data_t *iv_str, + data_t *add_str, int tag_len_bits, + data_t *tag_str, char *result, + data_t *pt_result, int init_result) { unsigned char output[128]; mbedtls_gcm_context ctx; int ret; size_t tag_len = tag_len_bits / 8; - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); memset(output, 0x00, 128); - TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); - if( init_result == 0 ) - { - ret = mbedtls_gcm_auth_decrypt( &ctx, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, tag_str->x, tag_len, src_str->x, output ); - - if( strcmp( "FAIL", result ) == 0 ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_GCM_AUTH_FAILED ); - } - else - { - TEST_ASSERT( ret == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, pt_result->x, - src_str->len, - pt_result->len ) == 0 ); + TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == init_result); + if (init_result == 0) { + ret = mbedtls_gcm_auth_decrypt(&ctx, + src_str->len, + iv_str->x, + iv_str->len, + add_str->x, + add_str->len, + tag_str->x, + tag_len, + src_str->x, + output); + + if (strcmp("FAIL", result) == 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_GCM_AUTH_FAILED); + } else { + TEST_ASSERT(ret == 0); + + TEST_ASSERT(mbedtls_test_hexcmp(output, pt_result->x, + src_str->len, + pt_result->len) == 0); } } exit: - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void gcm_invalid_param( ) +void gcm_invalid_param() { mbedtls_gcm_context ctx; unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; @@ -117,168 +124,168 @@ void gcm_invalid_param( ) int valid_len = sizeof(valid_buffer); int valid_bitlen = 128, invalid_bitlen = 1; - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); /* mbedtls_gcm_init() */ - TEST_INVALID_PARAM( mbedtls_gcm_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_gcm_init(NULL)); /* mbedtls_gcm_setkey */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_setkey( NULL, valid_cipher, valid_buffer, valid_bitlen ) ); + mbedtls_gcm_setkey(NULL, valid_cipher, valid_buffer, valid_bitlen)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_setkey( &ctx, valid_cipher, NULL, valid_bitlen ) ); + mbedtls_gcm_setkey(&ctx, valid_cipher, NULL, valid_bitlen)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_setkey( &ctx, valid_cipher, valid_buffer, invalid_bitlen ) ); + mbedtls_gcm_setkey(&ctx, valid_cipher, valid_buffer, invalid_bitlen)); /* mbedtls_gcm_crypt_and_tag() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( NULL, valid_mode, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_len, valid_buffer ) ); + mbedtls_gcm_crypt_and_tag(NULL, valid_mode, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_len, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_len, valid_buffer ) ); + mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_len, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_len, valid_buffer ) ); + mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_buffer, + valid_len, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_len, valid_buffer ) ); + mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_buffer, + valid_len, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_len, valid_buffer ) ); + mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, NULL, + valid_len, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_len, NULL ) ); + mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_len, NULL)); /* mbedtls_gcm_auth_decrypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer) ); + mbedtls_gcm_auth_decrypt(NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer) ); + mbedtls_gcm_auth_decrypt(&ctx, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer) ); + mbedtls_gcm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer) ); + mbedtls_gcm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer) ); + mbedtls_gcm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL) ); + mbedtls_gcm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, NULL)); /* mbedtls_gcm_starts() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_starts( NULL, valid_mode, - valid_buffer, valid_len, - valid_buffer, valid_len ) ); + mbedtls_gcm_starts(NULL, valid_mode, + valid_buffer, valid_len, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_starts( &ctx, valid_mode, - NULL, valid_len, - valid_buffer, valid_len ) ); + mbedtls_gcm_starts(&ctx, valid_mode, + NULL, valid_len, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_starts( &ctx, valid_mode, - valid_buffer, valid_len, - NULL, valid_len ) ); + mbedtls_gcm_starts(&ctx, valid_mode, + valid_buffer, valid_len, + NULL, valid_len)); /* mbedtls_gcm_update() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( NULL, valid_len, - valid_buffer, valid_buffer ) ); + mbedtls_gcm_update(NULL, valid_len, + valid_buffer, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( &ctx, valid_len, - NULL, valid_buffer ) ); + mbedtls_gcm_update(&ctx, valid_len, + NULL, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( &ctx, valid_len, - valid_buffer, NULL ) ); + mbedtls_gcm_update(&ctx, valid_len, + valid_buffer, NULL)); /* mbedtls_gcm_finish() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_finish( NULL, valid_buffer, valid_len ) ); + mbedtls_gcm_finish(NULL, valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_finish( &ctx, NULL, valid_len ) ); + mbedtls_gcm_finish(&ctx, NULL, valid_len)); exit: - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void gcm_valid_param( ) +void gcm_valid_param() { - TEST_VALID_PARAM( mbedtls_gcm_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_gcm_free(NULL)); exit: return; } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ -void gcm_selftest( ) +void gcm_selftest() { - TEST_ASSERT( mbedtls_gcm_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_gcm_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index 4c597c3f9d4b..2bfbf3cc6732 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -9,29 +9,29 @@ */ /* BEGIN_CASE */ -void test_hkdf( int md_alg, data_t *ikm, data_t *salt, data_t *info, - data_t *expected_okm ) +void test_hkdf(int md_alg, data_t *ikm, data_t *salt, data_t *info, + data_t *expected_okm) { int ret; unsigned char okm[128] = { '\0' }; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md != NULL); - TEST_ASSERT( expected_okm->len <= sizeof( okm ) ); + TEST_ASSERT(expected_okm->len <= sizeof(okm)); - ret = mbedtls_hkdf( md, salt->x, salt->len, ikm->x, ikm->len, - info->x, info->len, okm, expected_okm->len ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_hkdf(md, salt->x, salt->len, ikm->x, ikm->len, + info->x, info->len, okm, expected_okm->len); + TEST_ASSERT(ret == 0); - ASSERT_COMPARE( okm , expected_okm->len, - expected_okm->x, expected_okm->len ); + ASSERT_COMPARE(okm, expected_okm->len, + expected_okm->x, expected_okm->len); } /* END_CASE */ /* BEGIN_CASE */ -void test_hkdf_extract( int md_alg, char *hex_ikm_string, - char *hex_salt_string, char *hex_prk_string ) +void test_hkdf_extract(int md_alg, char *hex_ikm_string, + char *hex_salt_string, char *hex_prk_string) { int ret; unsigned char *ikm = NULL; @@ -40,20 +40,20 @@ void test_hkdf_extract( int md_alg, char *hex_ikm_string, unsigned char *output_prk = NULL; size_t ikm_len, salt_len, prk_len, output_prk_len; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md != NULL); - output_prk_len = mbedtls_md_get_size( md ); - output_prk = mbedtls_calloc( 1, output_prk_len ); + output_prk_len = mbedtls_md_get_size(md); + output_prk = mbedtls_calloc(1, output_prk_len); - ikm = mbedtls_test_unhexify_alloc( hex_ikm_string, &ikm_len ); - salt = mbedtls_test_unhexify_alloc( hex_salt_string, &salt_len ); - prk = mbedtls_test_unhexify_alloc( hex_prk_string, &prk_len ); + ikm = mbedtls_test_unhexify_alloc(hex_ikm_string, &ikm_len); + salt = mbedtls_test_unhexify_alloc(hex_salt_string, &salt_len); + prk = mbedtls_test_unhexify_alloc(hex_prk_string, &prk_len); - ret = mbedtls_hkdf_extract( md, salt, salt_len, ikm, ikm_len, output_prk ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_hkdf_extract(md, salt, salt_len, ikm, ikm_len, output_prk); + TEST_ASSERT(ret == 0); - ASSERT_COMPARE( output_prk, output_prk_len, prk, prk_len ); + ASSERT_COMPARE(output_prk, output_prk_len, prk, prk_len); exit: mbedtls_free(ikm); @@ -64,8 +64,8 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_hkdf_expand( int md_alg, char *hex_info_string, - char *hex_prk_string, char *hex_okm_string ) +void test_hkdf_expand(int md_alg, char *hex_info_string, + char *hex_prk_string, char *hex_okm_string) { enum { OKM_LEN = 1024 }; int ret; @@ -75,21 +75,21 @@ void test_hkdf_expand( int md_alg, char *hex_info_string, unsigned char *output_okm = NULL; size_t info_len, prk_len, okm_len; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md != NULL); - output_okm = mbedtls_calloc( OKM_LEN, 1 ); + output_okm = mbedtls_calloc(OKM_LEN, 1); - prk = mbedtls_test_unhexify_alloc( hex_prk_string, &prk_len ); - info = mbedtls_test_unhexify_alloc( hex_info_string, &info_len ); - okm = mbedtls_test_unhexify_alloc( hex_okm_string, &okm_len ); - TEST_ASSERT( prk_len == mbedtls_md_get_size( md ) ); - TEST_ASSERT( okm_len < OKM_LEN ); + prk = mbedtls_test_unhexify_alloc(hex_prk_string, &prk_len); + info = mbedtls_test_unhexify_alloc(hex_info_string, &info_len); + okm = mbedtls_test_unhexify_alloc(hex_okm_string, &okm_len); + TEST_ASSERT(prk_len == mbedtls_md_get_size(md)); + TEST_ASSERT(okm_len < OKM_LEN); - ret = mbedtls_hkdf_expand( md, prk, prk_len, info, info_len, - output_okm, OKM_LEN ); - TEST_ASSERT( ret == 0 ); - ASSERT_COMPARE( output_okm, okm_len, okm, okm_len ); + ret = mbedtls_hkdf_expand(md, prk, prk_len, info, info_len, + output_okm, OKM_LEN); + TEST_ASSERT(ret == 0); + ASSERT_COMPARE(output_okm, okm_len, okm, okm_len); exit: mbedtls_free(info); @@ -100,7 +100,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_hkdf_extract_ret( int hash_len, int ret ) +void test_hkdf_extract_ret(int hash_len, int ret) { int output_ret; unsigned char *salt = NULL; @@ -109,17 +109,17 @@ void test_hkdf_extract_ret( int hash_len, int ret ) size_t salt_len, ikm_len; struct mbedtls_md_info_t fake_md_info; - memset( &fake_md_info, 0, sizeof( fake_md_info ) ); + memset(&fake_md_info, 0, sizeof(fake_md_info)); fake_md_info.type = MBEDTLS_MD_NONE; fake_md_info.size = hash_len; - prk = mbedtls_calloc( MBEDTLS_MD_MAX_SIZE, 1 ); + prk = mbedtls_calloc(MBEDTLS_MD_MAX_SIZE, 1); salt_len = 0; ikm_len = 0; - output_ret = mbedtls_hkdf_extract( &fake_md_info, salt, salt_len, - ikm, ikm_len, prk ); - TEST_ASSERT( output_ret == ret ); + output_ret = mbedtls_hkdf_extract(&fake_md_info, salt, salt_len, + ikm, ikm_len, prk); + TEST_ASSERT(output_ret == ret); exit: mbedtls_free(prk); @@ -127,7 +127,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_hkdf_expand_ret( int hash_len, int prk_len, int okm_len, int ret ) +void test_hkdf_expand_ret(int hash_len, int prk_len, int okm_len, int ret) { int output_ret; unsigned char *info = NULL; @@ -136,21 +136,23 @@ void test_hkdf_expand_ret( int hash_len, int prk_len, int okm_len, int ret ) size_t info_len; struct mbedtls_md_info_t fake_md_info; - memset( &fake_md_info, 0, sizeof( fake_md_info ) ); + memset(&fake_md_info, 0, sizeof(fake_md_info)); fake_md_info.type = MBEDTLS_MD_NONE; fake_md_info.size = hash_len; info_len = 0; - if (prk_len > 0) - prk = mbedtls_calloc( prk_len, 1 ); + if (prk_len > 0) { + prk = mbedtls_calloc(prk_len, 1); + } - if (okm_len > 0) - okm = mbedtls_calloc( okm_len, 1 ); + if (okm_len > 0) { + okm = mbedtls_calloc(okm_len, 1); + } - output_ret = mbedtls_hkdf_expand( &fake_md_info, prk, prk_len, - info, info_len, okm, okm_len ); - TEST_ASSERT( output_ret == ret ); + output_ret = mbedtls_hkdf_expand(&fake_md_info, prk, prk_len, + info, info_len, okm, okm_len); + TEST_ASSERT(output_ret == ret); exit: mbedtls_free(prk); diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function index b83d760d22d4..830155a32b00 100644 --- a/tests/suites/test_suite_hmac_drbg.function +++ b/tests/suites/test_suite_hmac_drbg.function @@ -2,25 +2,25 @@ #include "mbedtls/hmac_drbg.h" #include "string.h" -typedef struct -{ +typedef struct { unsigned char *p; size_t len; } entropy_ctx; -static int mbedtls_test_entropy_func( void *data, unsigned char *buf, size_t len ) +static int mbedtls_test_entropy_func(void *data, unsigned char *buf, size_t len) { entropy_ctx *ctx = (entropy_ctx *) data; - if( len > ctx->len ) - return( -1 ); + if (len > ctx->len) { + return -1; + } - memcpy( buf, ctx->p, len ); + memcpy(buf, ctx->p, len); ctx->p += len; ctx->len -= len; - return( 0 ); + return 0; } /* END_HEADER */ @@ -30,7 +30,7 @@ static int mbedtls_test_entropy_func( void *data, unsigned char *buf, size_t len */ /* BEGIN_CASE */ -void hmac_drbg_entropy_usage( int md_alg ) +void hmac_drbg_entropy_usage(int md_alg) { unsigned char out[16]; unsigned char buf[1024]; @@ -41,112 +41,111 @@ void hmac_drbg_entropy_usage( int md_alg ) size_t default_entropy_len; size_t expected_consumed_entropy = 0; - mbedtls_hmac_drbg_init( &ctx ); - memset( buf, 0, sizeof( buf ) ); - memset( out, 0, sizeof( out ) ); + mbedtls_hmac_drbg_init(&ctx); + memset(buf, 0, sizeof(buf)); + memset(out, 0, sizeof(out)); - entropy.len = sizeof( buf ); + entropy.len = sizeof(buf); entropy.p = buf; - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); - if( mbedtls_md_get_size( md_info ) <= 20 ) + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); + if (mbedtls_md_get_size(md_info) <= 20) { default_entropy_len = 16; - else if( mbedtls_md_get_size( md_info ) <= 28 ) + } else if (mbedtls_md_get_size(md_info) <= 28) { default_entropy_len = 24; - else + } else { default_entropy_len = 32; + } /* Set reseed interval before seed */ - mbedtls_hmac_drbg_set_reseed_interval( &ctx, 2 * reps ); + mbedtls_hmac_drbg_set_reseed_interval(&ctx, 2 * reps); /* Init must use entropy */ - TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &entropy, - NULL, 0 ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, mbedtls_test_entropy_func, &entropy, + NULL, 0) == 0); /* default_entropy_len of entropy, plus half as much for the nonce */ expected_consumed_entropy += default_entropy_len * 3 / 2; - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); /* By default, PR is off, and reseed interval was set to * 2 * reps so the next few calls should not use entropy */ - for( i = 0; i < reps; i++ ) - { - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) - 4 ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, out, sizeof( out ) - 4, - buf, 16 ) == 0 ); + for (i = 0; i < reps; i++) { + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out) - 4) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, out, sizeof(out) - 4, + buf, 16) == 0); } - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); /* While at it, make sure we didn't write past the requested length */ - TEST_ASSERT( out[sizeof( out ) - 4] == 0 ); - TEST_ASSERT( out[sizeof( out ) - 3] == 0 ); - TEST_ASSERT( out[sizeof( out ) - 2] == 0 ); - TEST_ASSERT( out[sizeof( out ) - 1] == 0 ); + TEST_ASSERT(out[sizeof(out) - 4] == 0); + TEST_ASSERT(out[sizeof(out) - 3] == 0); + TEST_ASSERT(out[sizeof(out) - 2] == 0); + TEST_ASSERT(out[sizeof(out) - 1] == 0); /* There have been 2 * reps calls to random. The next call should reseed */ - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0); expected_consumed_entropy += default_entropy_len; - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); /* Set reseed interval after seed */ - mbedtls_hmac_drbg_set_reseed_interval( &ctx, 4 * reps + 1); + mbedtls_hmac_drbg_set_reseed_interval(&ctx, 4 * reps + 1); /* The new few calls should not reseed */ - for( i = 0; i < (2 * reps); i++ ) - { - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, out, sizeof( out ) , - buf, 16 ) == 0 ); + for (i = 0; i < (2 * reps); i++) { + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, out, sizeof(out), + buf, 16) == 0); } - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); /* Now enable PR, so the next few calls should all reseed */ - mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON ); - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + mbedtls_hmac_drbg_set_prediction_resistance(&ctx, MBEDTLS_HMAC_DRBG_PR_ON); + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0); expected_consumed_entropy += default_entropy_len; - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); /* Finally, check setting entropy_len */ - mbedtls_hmac_drbg_set_entropy_len( &ctx, 42 ); - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + mbedtls_hmac_drbg_set_entropy_len(&ctx, 42); + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0); expected_consumed_entropy += 42; - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); - mbedtls_hmac_drbg_set_entropy_len( &ctx, 13 ); - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + mbedtls_hmac_drbg_set_entropy_len(&ctx, 13); + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0); expected_consumed_entropy += 13; - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); exit: - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void hmac_drbg_seed_file( int md_alg, char * path, int ret ) +void hmac_drbg_seed_file(int md_alg, char *path, int ret) { const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; - mbedtls_hmac_drbg_init( &ctx ); + mbedtls_hmac_drbg_init(&ctx); - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, - mbedtls_test_rnd_std_rand, NULL, - NULL, 0 ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, + mbedtls_test_rnd_std_rand, NULL, + NULL, 0) == 0); - TEST_ASSERT( mbedtls_hmac_drbg_write_seed_file( &ctx, path ) == ret ); - TEST_ASSERT( mbedtls_hmac_drbg_update_seed_file( &ctx, path ) == ret ); + TEST_ASSERT(mbedtls_hmac_drbg_write_seed_file(&ctx, path) == ret); + TEST_ASSERT(mbedtls_hmac_drbg_update_seed_file(&ctx, path) == ret); exit: - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void hmac_drbg_buf( int md_alg ) +void hmac_drbg_buf(int md_alg) { unsigned char out[16]; unsigned char buf[100]; @@ -154,30 +153,31 @@ void hmac_drbg_buf( int md_alg ) mbedtls_hmac_drbg_context ctx; size_t i; - mbedtls_hmac_drbg_init( &ctx ); - memset( buf, 0, sizeof( buf ) ); - memset( out, 0, sizeof( out ) ); + mbedtls_hmac_drbg_init(&ctx); + memset(buf, 0, sizeof(buf)); + memset(out, 0, sizeof(out)); - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); - TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info, buf, sizeof( buf ) ) == 0 ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); + TEST_ASSERT(mbedtls_hmac_drbg_seed_buf(&ctx, md_info, buf, sizeof(buf)) == 0); /* Make sure it never tries to reseed (would segfault otherwise) */ - mbedtls_hmac_drbg_set_reseed_interval( &ctx, 3 ); - mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON ); + mbedtls_hmac_drbg_set_reseed_interval(&ctx, 3); + mbedtls_hmac_drbg_set_prediction_resistance(&ctx, MBEDTLS_HMAC_DRBG_PR_ON); - for( i = 0; i < 30; i++ ) - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + for (i = 0; i < 30; i++) { + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0); + } exit: - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void hmac_drbg_no_reseed( int md_alg, data_t * entropy, - data_t * custom, data_t * add1, - data_t * add2, data_t * output ) +void hmac_drbg_no_reseed(int md_alg, data_t *entropy, + data_t *custom, data_t *add1, + data_t *add2, data_t *output) { unsigned char data[1024]; unsigned char my_output[512]; @@ -185,111 +185,111 @@ void hmac_drbg_no_reseed( int md_alg, data_t * entropy, const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; - mbedtls_hmac_drbg_init( &ctx ); + mbedtls_hmac_drbg_init(&ctx); p_entropy.p = entropy->x; p_entropy.len = entropy->len; - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); /* Test the simplified buffer-based variant */ - memcpy( data, entropy->x, p_entropy.len ); - memcpy( data + p_entropy.len, custom->x, custom->len ); - TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info, - data, p_entropy.len + custom->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add1->x, add1->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add2->x, add2->len ) == 0 ); + memcpy(data, entropy->x, p_entropy.len); + memcpy(data + p_entropy.len, custom->x, custom->len); + TEST_ASSERT(mbedtls_hmac_drbg_seed_buf(&ctx, md_info, + data, p_entropy.len + custom->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add1->x, add1->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add2->x, add2->len) == 0); /* Reset context for second run */ - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); - TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 ); + TEST_ASSERT(memcmp(my_output, output->x, output->len) == 0); /* And now the normal entropy-based variant */ - TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy, - custom->x, custom->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add1->x, add1->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add2->x, add2->len ) == 0 ); - TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, mbedtls_test_entropy_func, &p_entropy, + custom->x, custom->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add1->x, add1->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add2->x, add2->len) == 0); + TEST_ASSERT(memcmp(my_output, output->x, output->len) == 0); exit: - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void hmac_drbg_nopr( int md_alg, data_t * entropy, data_t * custom, - data_t * add1, data_t * add2, data_t * add3, - data_t * output ) +void hmac_drbg_nopr(int md_alg, data_t *entropy, data_t *custom, + data_t *add1, data_t *add2, data_t *add3, + data_t *output) { unsigned char my_output[512]; entropy_ctx p_entropy; const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; - mbedtls_hmac_drbg_init( &ctx ); + mbedtls_hmac_drbg_init(&ctx); p_entropy.p = entropy->x; p_entropy.len = entropy->len; - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy, - custom->x, custom->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_reseed( &ctx, add1->x, add1->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add2->x, add2->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add3->x, add3->len ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, mbedtls_test_entropy_func, &p_entropy, + custom->x, custom->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_reseed(&ctx, add1->x, add1->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add2->x, add2->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add3->x, add3->len) == 0); - TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 ); + TEST_ASSERT(memcmp(my_output, output->x, output->len) == 0); exit: - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void hmac_drbg_pr( int md_alg, data_t * entropy, data_t * custom, - data_t * add1, data_t * add2, data_t * output ) +void hmac_drbg_pr(int md_alg, data_t *entropy, data_t *custom, + data_t *add1, data_t *add2, data_t *output) { unsigned char my_output[512]; entropy_ctx p_entropy; const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; - mbedtls_hmac_drbg_init( &ctx ); + mbedtls_hmac_drbg_init(&ctx); p_entropy.p = entropy->x; p_entropy.len = entropy->len; - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy, - custom->x, custom->len ) == 0 ); - mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add1->x, add1->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add2->x, add2->len ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, mbedtls_test_entropy_func, &p_entropy, + custom->x, custom->len) == 0); + mbedtls_hmac_drbg_set_prediction_resistance(&ctx, MBEDTLS_HMAC_DRBG_PR_ON); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add1->x, add1->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add2->x, add2->len) == 0); - TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 ); + TEST_ASSERT(memcmp(my_output, output->x, output->len) == 0); exit: - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void hmac_drbg_selftest( ) +void hmac_drbg_selftest() { - TEST_ASSERT( mbedtls_hmac_drbg_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index da3e852cda80..c875389c6530 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -8,15 +8,15 @@ */ /* BEGIN_CASE */ -void mbedtls_md_process( ) +void mbedtls_md_process() { const int *md_type_ptr; const mbedtls_md_info_t *info; mbedtls_md_context_t ctx; unsigned char buf[150]; - mbedtls_md_init( &ctx ); - memset( buf, 0, sizeof( buf ) ); + mbedtls_md_init(&ctx); + memset(buf, 0, sizeof(buf)); /* * Very minimal testing of mbedtls_md_process, just make sure the various @@ -26,159 +26,160 @@ void mbedtls_md_process( ) * * Also tests that mbedtls_md_list() only returns valid MDs. */ - for( md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++ ) - { - info = mbedtls_md_info_from_type( *md_type_ptr ); - TEST_ASSERT( info != NULL ); - TEST_ASSERT( mbedtls_md_setup( &ctx, info, 0 ) == 0 ); - TEST_ASSERT( mbedtls_md_starts( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == 0 ); - mbedtls_md_free( &ctx ); + for (md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++) { + info = mbedtls_md_info_from_type(*md_type_ptr); + TEST_ASSERT(info != NULL); + TEST_ASSERT(mbedtls_md_setup(&ctx, info, 0) == 0); + TEST_ASSERT(mbedtls_md_starts(&ctx) == 0); + TEST_ASSERT(mbedtls_md_process(&ctx, buf) == 0); + mbedtls_md_free(&ctx); } exit: - mbedtls_md_free( &ctx ); + mbedtls_md_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void md_null_args( ) +void md_null_args() { mbedtls_md_context_t ctx; - const mbedtls_md_info_t *info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) ); + const mbedtls_md_info_t *info = mbedtls_md_info_from_type(*(mbedtls_md_list())); unsigned char buf[1] = { 0 }; - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); - TEST_ASSERT( mbedtls_md_get_size( NULL ) == 0 ); - TEST_ASSERT( mbedtls_md_get_type( NULL ) == MBEDTLS_MD_NONE ); - TEST_ASSERT( mbedtls_md_get_name( NULL ) == NULL ); + TEST_ASSERT(mbedtls_md_get_size(NULL) == 0); + TEST_ASSERT(mbedtls_md_get_type(NULL) == MBEDTLS_MD_NONE); + TEST_ASSERT(mbedtls_md_get_name(NULL) == NULL); - TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == NULL ); + TEST_ASSERT(mbedtls_md_info_from_string(NULL) == NULL); - TEST_ASSERT( mbedtls_md_setup( &ctx, NULL, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_setup( NULL, info, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_md_setup(&ctx, NULL, 0) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_ASSERT(mbedtls_md_setup(NULL, info, 0) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_starts( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_starts( &ctx ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_md_starts(NULL) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_ASSERT(mbedtls_md_starts(&ctx) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_update( NULL, buf, 1 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_update( &ctx, buf, 1 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_md_update(NULL, buf, 1) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_ASSERT(mbedtls_md_update(&ctx, buf, 1) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_finish( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_finish( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_md_finish(NULL, buf) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_ASSERT(mbedtls_md_finish(&ctx, buf) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md( NULL, buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_md(NULL, buf, 1, buf) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); #if defined(MBEDTLS_FS_IO) - TEST_ASSERT( mbedtls_md_file( NULL, "", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_md_file(NULL, "", buf) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); #endif - TEST_ASSERT( mbedtls_md_hmac_starts( NULL, buf, 1 ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_hmac_starts( &ctx, buf, 1 ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_md_hmac_starts(NULL, buf, 1) + == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_ASSERT(mbedtls_md_hmac_starts(&ctx, buf, 1) + == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_hmac_update( NULL, buf, 1 ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_hmac_update( &ctx, buf, 1 ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_md_hmac_update(NULL, buf, 1) + == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_ASSERT(mbedtls_md_hmac_update(&ctx, buf, 1) + == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_hmac_finish( NULL, buf ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_hmac_finish( &ctx, buf ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_md_hmac_finish(NULL, buf) + == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_ASSERT(mbedtls_md_hmac_finish(&ctx, buf) + == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_hmac_reset( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_hmac_reset( &ctx ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_md_hmac_reset(NULL) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_ASSERT(mbedtls_md_hmac_reset(&ctx) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_hmac( NULL, buf, 1, buf, 1, buf ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_md_hmac(NULL, buf, 1, buf, 1, buf) + == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_process( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_md_process(NULL, buf) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_ASSERT(mbedtls_md_process(&ctx, buf) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); /* Ok, this is not NULL arg but NULL return... */ - TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) == NULL ); - TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) == NULL ); + TEST_ASSERT(mbedtls_md_info_from_type(MBEDTLS_MD_NONE) == NULL); + TEST_ASSERT(mbedtls_md_info_from_string("no such md") == NULL); } /* END_CASE */ /* BEGIN_CASE */ -void md_info( int md_type, char * md_name, int md_size ) +void md_info(int md_type, char *md_name, int md_size) { const mbedtls_md_info_t *md_info; const int *md_type_ptr; int found; - md_info = mbedtls_md_info_from_type( md_type ); - TEST_ASSERT( md_info != NULL ); - TEST_ASSERT( md_info == mbedtls_md_info_from_string( md_name ) ); + md_info = mbedtls_md_info_from_type(md_type); + TEST_ASSERT(md_info != NULL); + TEST_ASSERT(md_info == mbedtls_md_info_from_string(md_name)); - TEST_ASSERT( mbedtls_md_get_type( md_info ) == (mbedtls_md_type_t) md_type ); - TEST_ASSERT( mbedtls_md_get_size( md_info ) == (unsigned char) md_size ); - TEST_ASSERT( strcmp( mbedtls_md_get_name( md_info ), md_name ) == 0 ); + TEST_ASSERT(mbedtls_md_get_type(md_info) == (mbedtls_md_type_t) md_type); + TEST_ASSERT(mbedtls_md_get_size(md_info) == (unsigned char) md_size); + TEST_ASSERT(strcmp(mbedtls_md_get_name(md_info), md_name) == 0); found = 0; - for( md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++ ) - if( *md_type_ptr == md_type ) + for (md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++) { + if (*md_type_ptr == md_type) { found = 1; - TEST_ASSERT( found == 1 ); + } + } + TEST_ASSERT(found == 1); } /* END_CASE */ /* BEGIN_CASE */ -void md_text( char * text_md_name, char * text_src_string, - data_t * hash ) +void md_text(char *text_md_name, char *text_src_string, + data_t *hash) { char md_name[100]; unsigned char src_str[1000]; unsigned char output[100]; const mbedtls_md_info_t *md_info = NULL; - memset( md_name, 0x00, 100 ); - memset( src_str, 0x00, 1000 ); - memset( output, 0x00, 100 ); + memset(md_name, 0x00, 100); + memset(src_str, 0x00, 1000); + memset(output, 0x00, 100); - strncpy( (char *) src_str, text_src_string, sizeof( src_str ) - 1 ); - strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); + strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); + strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str, strlen( (char *) src_str ), output ) ); + TEST_ASSERT(0 == mbedtls_md(md_info, src_str, strlen((char *) src_str), output)); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + mbedtls_md_get_size(md_info), + hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void md_hex( char * text_md_name, data_t * src_str, data_t * hash ) +void md_hex(char *text_md_name, data_t *src_str, data_t *hash) { char md_name[100]; unsigned char output[100]; const mbedtls_md_info_t *md_info = NULL; - memset( md_name, 0x00, 100 ); - memset( output, 0x00, 100 ); + memset(md_name, 0x00, 100); + memset(output, 0x00, 100); - strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); - md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); + md_info = mbedtls_md_info_from_string(md_name); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str->x, src_str->len, output ) ); + TEST_ASSERT(0 == mbedtls_md(md_info, src_str->x, src_str->len, output)); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + mbedtls_md_get_size(md_info), + hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void md_text_multi( char * text_md_name, char * text_src_string, - data_t * hash ) +void md_text_multi(char *text_md_name, char *text_src_string, + data_t *hash) { char md_name[100]; unsigned char src_str[1000]; @@ -188,51 +189,51 @@ void md_text_multi( char * text_md_name, char * text_src_string, const mbedtls_md_info_t *md_info = NULL; mbedtls_md_context_t ctx, ctx_copy; - mbedtls_md_init( &ctx ); - mbedtls_md_init( &ctx_copy ); + mbedtls_md_init(&ctx); + mbedtls_md_init(&ctx_copy); - memset( md_name, 0x00, 100 ); - memset( src_str, 0x00, 1000 ); - memset( output, 0x00, 100 ); + memset(md_name, 0x00, 100); + memset(src_str, 0x00, 1000); + memset(output, 0x00, 100); - strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); - strncpy( (char *) md_name, text_md_name, sizeof(md_name) - 1 ); - len = strlen( (char *) src_str ); + strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); + strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); + len = strlen((char *) src_str); halfway = len / 2; md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); - TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) ); - TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) ); + TEST_ASSERT(md_info != NULL); + TEST_ASSERT(0 == mbedtls_md_setup(&ctx, md_info, 0)); + TEST_ASSERT(0 == mbedtls_md_setup(&ctx_copy, md_info, 0)); - TEST_ASSERT ( 0 == mbedtls_md_starts( &ctx ) ); - TEST_ASSERT ( ctx.md_ctx != NULL ); - TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str, halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_clone( &ctx_copy, &ctx ) ); + TEST_ASSERT(0 == mbedtls_md_starts(&ctx)); + TEST_ASSERT(ctx.md_ctx != NULL); + TEST_ASSERT(0 == mbedtls_md_update(&ctx, src_str, halfway)); + TEST_ASSERT(0 == mbedtls_md_clone(&ctx_copy, &ctx)); - TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str + halfway, len - halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx, output ) ); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len) == 0 ); + TEST_ASSERT(0 == mbedtls_md_update(&ctx, src_str + halfway, len - halfway)); + TEST_ASSERT(0 == mbedtls_md_finish(&ctx, output)); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + mbedtls_md_get_size(md_info), + hash->len) == 0); /* Test clone */ - memset( output, 0x00, 100 ); + memset(output, 0x00, 100); - TEST_ASSERT ( 0 == mbedtls_md_update( &ctx_copy, src_str + halfway, len - halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx_copy, output ) ); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len ) == 0 ); + TEST_ASSERT(0 == mbedtls_md_update(&ctx_copy, src_str + halfway, len - halfway)); + TEST_ASSERT(0 == mbedtls_md_finish(&ctx_copy, output)); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + mbedtls_md_get_size(md_info), + hash->len) == 0); exit: - mbedtls_md_free( &ctx ); - mbedtls_md_free( &ctx_copy ); + mbedtls_md_free(&ctx); + mbedtls_md_free(&ctx_copy); } /* END_CASE */ /* BEGIN_CASE */ -void md_hex_multi( char * text_md_name, data_t * src_str, data_t * hash ) +void md_hex_multi(char *text_md_name, data_t *src_str, data_t *hash) { char md_name[100]; unsigned char output[100]; @@ -240,73 +241,74 @@ void md_hex_multi( char * text_md_name, data_t * src_str, data_t * hash ) mbedtls_md_context_t ctx, ctx_copy; int halfway; - mbedtls_md_init( &ctx ); - mbedtls_md_init( &ctx_copy ); + mbedtls_md_init(&ctx); + mbedtls_md_init(&ctx_copy); - memset( md_name, 0x00, 100 ); - memset( output, 0x00, 100 ); + memset(md_name, 0x00, 100); + memset(output, 0x00, 100); - strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); + strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); - TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) ); - TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) ); + TEST_ASSERT(md_info != NULL); + TEST_ASSERT(0 == mbedtls_md_setup(&ctx, md_info, 0)); + TEST_ASSERT(0 == mbedtls_md_setup(&ctx_copy, md_info, 0)); halfway = src_str->len / 2; - TEST_ASSERT ( 0 == mbedtls_md_starts( &ctx ) ); - TEST_ASSERT ( ctx.md_ctx != NULL ); - TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str->x, halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_clone( &ctx_copy, &ctx ) ); + TEST_ASSERT(0 == mbedtls_md_starts(&ctx)); + TEST_ASSERT(ctx.md_ctx != NULL); + TEST_ASSERT(0 == mbedtls_md_update(&ctx, src_str->x, halfway)); + TEST_ASSERT(0 == mbedtls_md_clone(&ctx_copy, &ctx)); - TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str->x + halfway, src_str->len - halfway) ); - TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx, output ) ); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len ) == 0 ); + TEST_ASSERT(0 == mbedtls_md_update(&ctx, src_str->x + halfway, src_str->len - halfway)); + TEST_ASSERT(0 == mbedtls_md_finish(&ctx, output)); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + mbedtls_md_get_size(md_info), + hash->len) == 0); /* Test clone */ - memset( output, 0x00, 100 ); + memset(output, 0x00, 100); - TEST_ASSERT ( 0 == mbedtls_md_update( &ctx_copy, src_str->x + halfway, src_str->len - halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx_copy, output ) ); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len ) == 0 ); + TEST_ASSERT(0 == mbedtls_md_update(&ctx_copy, src_str->x + halfway, src_str->len - halfway)); + TEST_ASSERT(0 == mbedtls_md_finish(&ctx_copy, output)); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + mbedtls_md_get_size(md_info), + hash->len) == 0); exit: - mbedtls_md_free( &ctx ); - mbedtls_md_free( &ctx_copy ); + mbedtls_md_free(&ctx); + mbedtls_md_free(&ctx_copy); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_md_hmac( char * text_md_name, int trunc_size, - data_t * key_str, data_t * src_str, - data_t * hash ) +void mbedtls_md_hmac(char *text_md_name, int trunc_size, + data_t *key_str, data_t *src_str, + data_t *hash) { char md_name[100]; unsigned char output[100]; const mbedtls_md_info_t *md_info = NULL; - memset( md_name, 0x00, 100 ); - memset( output, 0x00, 100 ); + memset(md_name, 0x00, 100); + memset(output, 0x00, 100); - strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); - md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); + md_info = mbedtls_md_info_from_string(md_name); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT ( mbedtls_md_hmac( md_info, key_str->x, key_str->len, src_str->x, src_str->len, output ) == 0 ); + TEST_ASSERT(mbedtls_md_hmac(md_info, key_str->x, key_str->len, src_str->x, src_str->len, + output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - trunc_size, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + trunc_size, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str, - data_t * src_str, data_t * hash ) +void md_hmac_multi(char *text_md_name, int trunc_size, data_t *key_str, + data_t *src_str, data_t *hash) { char md_name[100]; unsigned char output[100]; @@ -314,62 +316,62 @@ void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str, mbedtls_md_context_t ctx; int halfway; - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); - memset( md_name, 0x00, 100 ); - memset( output, 0x00, 100 ); + memset(md_name, 0x00, 100); + memset(output, 0x00, 100); - strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); - md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); - TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 1 ) ); + strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); + md_info = mbedtls_md_info_from_string(md_name); + TEST_ASSERT(md_info != NULL); + TEST_ASSERT(0 == mbedtls_md_setup(&ctx, md_info, 1)); halfway = src_str->len / 2; - TEST_ASSERT ( 0 == mbedtls_md_hmac_starts( &ctx, key_str->x, key_str->len ) ); - TEST_ASSERT ( ctx.md_ctx != NULL ); - TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x, halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x + halfway, src_str->len - halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_hmac_finish( &ctx, output ) ); + TEST_ASSERT(0 == mbedtls_md_hmac_starts(&ctx, key_str->x, key_str->len)); + TEST_ASSERT(ctx.md_ctx != NULL); + TEST_ASSERT(0 == mbedtls_md_hmac_update(&ctx, src_str->x, halfway)); + TEST_ASSERT(0 == mbedtls_md_hmac_update(&ctx, src_str->x + halfway, src_str->len - halfway)); + TEST_ASSERT(0 == mbedtls_md_hmac_finish(&ctx, output)); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - trunc_size, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + trunc_size, hash->len) == 0); /* Test again, for reset() */ - memset( output, 0x00, 100 ); + memset(output, 0x00, 100); - TEST_ASSERT ( 0 == mbedtls_md_hmac_reset( &ctx ) ); - TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x, halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x + halfway, src_str->len - halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_hmac_finish( &ctx, output ) ); + TEST_ASSERT(0 == mbedtls_md_hmac_reset(&ctx)); + TEST_ASSERT(0 == mbedtls_md_hmac_update(&ctx, src_str->x, halfway)); + TEST_ASSERT(0 == mbedtls_md_hmac_update(&ctx, src_str->x + halfway, src_str->len - halfway)); + TEST_ASSERT(0 == mbedtls_md_hmac_finish(&ctx, output)); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - trunc_size, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + trunc_size, hash->len) == 0); exit: - mbedtls_md_free( &ctx ); + mbedtls_md_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void mbedtls_md_file( char * text_md_name, char * filename, - data_t * hash ) +void mbedtls_md_file(char *text_md_name, char *filename, + data_t *hash) { char md_name[100]; unsigned char output[100]; const mbedtls_md_info_t *md_info = NULL; - memset( md_name, 0x00, 100 ); - memset( output, 0x00, 100 ); + memset(md_name, 0x00, 100); + memset(output, 0x00, 100); - strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); - md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); + md_info = mbedtls_md_info_from_string(md_name); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT( mbedtls_md_file( md_info, filename, output ) == 0 ); + TEST_ASSERT(mbedtls_md_file(md_info, filename, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + mbedtls_md_get_size(md_info), + hash->len) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_mdx.function b/tests/suites/test_suite_mdx.function index aa35c583eb46..452acf58d477 100644 --- a/tests/suites/test_suite_mdx.function +++ b/tests/suites/test_suite_mdx.function @@ -6,67 +6,67 @@ /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_MD2_C */ -void md2_text( char * text_src_string, data_t * hash ) +void md2_text(char *text_src_string, data_t *hash) { int ret; unsigned char src_str[100]; unsigned char output[16]; - memset( src_str, 0x00, sizeof src_str ); - memset( output, 0x00, sizeof output ); + memset(src_str, 0x00, sizeof src_str); + memset(output, 0x00, sizeof output); - strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); + strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); - ret = mbedtls_md2_ret( src_str, strlen( (char *) src_str ), output ); - TEST_ASSERT( ret == 0 ) ; + ret = mbedtls_md2_ret(src_str, strlen((char *) src_str), output); + TEST_ASSERT(ret == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - sizeof output, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + sizeof output, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD4_C */ -void md4_text( char * text_src_string, data_t * hash ) +void md4_text(char *text_src_string, data_t *hash) { int ret; unsigned char src_str[100]; unsigned char output[16]; - memset( src_str, 0x00, sizeof src_str ); - memset( output, 0x00, sizeof output ); + memset(src_str, 0x00, sizeof src_str); + memset(output, 0x00, sizeof output); - strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); + strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); - ret = mbedtls_md4_ret( src_str, strlen( (char *) src_str ), output ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_md4_ret(src_str, strlen((char *) src_str), output); + TEST_ASSERT(ret == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - sizeof output, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + sizeof output, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD5_C */ -void md5_text( char * text_src_string, data_t * hash ) +void md5_text(char *text_src_string, data_t *hash) { int ret; unsigned char src_str[100]; unsigned char output[16]; - memset( src_str, 0x00, sizeof src_str ); - memset( output, 0x00, sizeof output ); + memset(src_str, 0x00, sizeof src_str); + memset(output, 0x00, sizeof output); - strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); + strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); - ret = mbedtls_md5_ret( src_str, strlen( (char *) src_str ), output ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_md5_ret(src_str, strlen((char *) src_str), output); + TEST_ASSERT(ret == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - sizeof output, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + sizeof output, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RIPEMD160_C */ -void ripemd160_text( char * text_src_string, data_t * hash ) +void ripemd160_text(char *text_src_string, data_t *hash) { int ret; unsigned char src_str[100]; @@ -75,40 +75,40 @@ void ripemd160_text( char * text_src_string, data_t * hash ) memset(src_str, 0x00, sizeof src_str); memset(output, 0x00, sizeof output); - strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); + strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); - ret = mbedtls_ripemd160_ret( src_str, strlen( (char *) src_str ), output ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ripemd160_ret(src_str, strlen((char *) src_str), output); + TEST_ASSERT(ret == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - sizeof output, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + sizeof output, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD2_C:MBEDTLS_SELF_TEST */ -void md2_selftest( ) +void md2_selftest() { - TEST_ASSERT( mbedtls_md2_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_md2_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD4_C:MBEDTLS_SELF_TEST */ -void md4_selftest( ) +void md4_selftest() { - TEST_ASSERT( mbedtls_md4_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_md4_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD5_C:MBEDTLS_SELF_TEST */ -void md5_selftest( ) +void md5_selftest() { - TEST_ASSERT( mbedtls_md5_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_md5_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_SELF_TEST */ -void ripemd160_selftest( ) +void ripemd160_selftest() { - TEST_ASSERT( mbedtls_ripemd160_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_ripemd160_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_memory_buffer_alloc.function b/tests/suites/test_suite_memory_buffer_alloc.function index cc884c28e55a..2b81097a562f 100644 --- a/tests/suites/test_suite_memory_buffer_alloc.function +++ b/tests/suites/test_suite_memory_buffer_alloc.function @@ -10,34 +10,36 @@ */ /* BEGIN_SUITE_HELPERS */ -static int check_pointer( void *p ) +static int check_pointer(void *p) { - if( p == NULL ) - return( -1 ); + if (p == NULL) { + return -1; + } - if( (size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0 ) - return( -1 ); + if ((size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0) { + return -1; + } - return( 0 ); + return 0; } /* END_SUITE_HELPERS */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void mbedtls_memory_buffer_alloc_self_test( ) +void mbedtls_memory_buffer_alloc_self_test() { - TEST_ASSERT( mbedtls_memory_buffer_alloc_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes, - int d_bytes, int free_a, int free_b, - int free_c, int free_d, int e_bytes, - int f_bytes ) +void memory_buffer_alloc_free_alloc(int a_bytes, int b_bytes, int c_bytes, + int d_bytes, int free_a, int free_b, + int free_c, int free_d, int e_bytes, + int f_bytes) { unsigned char buf[1024]; unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL, *ptr_d = NULL, - *ptr_e = NULL, *ptr_f = NULL; + *ptr_e = NULL, *ptr_f = NULL; #if defined(MBEDTLS_MEMORY_DEBUG) size_t reported_blocks; @@ -45,98 +47,88 @@ void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes, #endif size_t allocated_bytes = 0; - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); - mbedtls_memory_buffer_set_verify( MBEDTLS_MEMORY_VERIFY_ALWAYS ); + mbedtls_memory_buffer_set_verify(MBEDTLS_MEMORY_VERIFY_ALWAYS); - if( a_bytes > 0 ) - { - ptr_a = mbedtls_calloc( a_bytes, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_a ) == 0 ); + if (a_bytes > 0) { + ptr_a = mbedtls_calloc(a_bytes, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_a) == 0); allocated_bytes += a_bytes * sizeof(char); } - if( b_bytes > 0 ) - { - ptr_b = mbedtls_calloc( b_bytes, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_b ) == 0 ); + if (b_bytes > 0) { + ptr_b = mbedtls_calloc(b_bytes, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_b) == 0); allocated_bytes += b_bytes * sizeof(char); } - if( c_bytes > 0 ) - { - ptr_c = mbedtls_calloc( c_bytes, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_c ) == 0 ); + if (c_bytes > 0) { + ptr_c = mbedtls_calloc(c_bytes, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_c) == 0); allocated_bytes += c_bytes * sizeof(char); } - if( d_bytes > 0 ) - { - ptr_d = mbedtls_calloc( d_bytes, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_d ) == 0 ); + if (d_bytes > 0) { + ptr_d = mbedtls_calloc(d_bytes, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_d) == 0); allocated_bytes += d_bytes * sizeof(char); } #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); - TEST_ASSERT( reported_bytes == allocated_bytes ); + mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks); + TEST_ASSERT(reported_bytes == allocated_bytes); #endif - if( free_a ) - { - mbedtls_free( ptr_a ); + if (free_a) { + mbedtls_free(ptr_a); ptr_a = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); allocated_bytes -= a_bytes * sizeof(char); } - if( free_b ) - { - mbedtls_free( ptr_b ); + if (free_b) { + mbedtls_free(ptr_b); ptr_b = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); allocated_bytes -= b_bytes * sizeof(char); } - if( free_c ) - { - mbedtls_free( ptr_c ); + if (free_c) { + mbedtls_free(ptr_c); ptr_c = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); allocated_bytes -= c_bytes * sizeof(char); } - if( free_d ) - { - mbedtls_free( ptr_d ); + if (free_d) { + mbedtls_free(ptr_d); ptr_d = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); allocated_bytes -= d_bytes * sizeof(char); } #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); - TEST_ASSERT( reported_bytes == allocated_bytes ); + mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks); + TEST_ASSERT(reported_bytes == allocated_bytes); #endif - if( e_bytes > 0 ) - { - ptr_e = mbedtls_calloc( e_bytes, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_e ) == 0 ); + if (e_bytes > 0) { + ptr_e = mbedtls_calloc(e_bytes, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_e) == 0); } - if( f_bytes > 0 ) - { - ptr_f = mbedtls_calloc( f_bytes, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_f ) == 0 ); + if (f_bytes > 0) { + ptr_f = mbedtls_calloc(f_bytes, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_f) == 0); } /* Once blocks are reallocated, the block allocated to the memory request @@ -144,61 +136,55 @@ void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes, * bytes, and makes it hard to know what the reported size will be, so * we don't check the size after blocks have been reallocated. */ - if( ptr_a != NULL ) - { - mbedtls_free( ptr_a ); + if (ptr_a != NULL) { + mbedtls_free(ptr_a); ptr_a = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); } - if( ptr_b != NULL ) - { - mbedtls_free( ptr_b ); + if (ptr_b != NULL) { + mbedtls_free(ptr_b); ptr_b = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); } - if( ptr_c != NULL ) - { - mbedtls_free( ptr_c ); + if (ptr_c != NULL) { + mbedtls_free(ptr_c); ptr_c = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); } - if( ptr_d != NULL ) - { - mbedtls_free( ptr_d ); + if (ptr_d != NULL) { + mbedtls_free(ptr_d); ptr_d = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); } - if( ptr_e != NULL ) - { - mbedtls_free( ptr_e ); + if (ptr_e != NULL) { + mbedtls_free(ptr_e); ptr_e = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); } - if( ptr_f != NULL ) - { - mbedtls_free( ptr_f ); + if (ptr_f != NULL) { + mbedtls_free(ptr_f); ptr_f = NULL; } #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); - TEST_ASSERT( reported_bytes == 0 ); + mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks); + TEST_ASSERT(reported_bytes == 0); #endif - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); exit: - mbedtls_memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free(); } /* END_CASE */ /* BEGIN_CASE */ -void memory_buffer_alloc_oom_test( ) +void memory_buffer_alloc_oom_test() { unsigned char buf[1024]; unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL; @@ -206,71 +192,70 @@ void memory_buffer_alloc_oom_test( ) size_t reported_blocks, reported_bytes; #endif - (void)ptr_c; + (void) ptr_c; - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); - mbedtls_memory_buffer_set_verify( MBEDTLS_MEMORY_VERIFY_ALWAYS ); + mbedtls_memory_buffer_set_verify(MBEDTLS_MEMORY_VERIFY_ALWAYS); - ptr_a = mbedtls_calloc( 432, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_a ) == 0 ); + ptr_a = mbedtls_calloc(432, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_a) == 0); - ptr_b = mbedtls_calloc( 432, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_b ) == 0 ); + ptr_b = mbedtls_calloc(432, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_b) == 0); - ptr_c = mbedtls_calloc( 431, sizeof(char) ); - TEST_ASSERT( ptr_c == NULL ); + ptr_c = mbedtls_calloc(431, sizeof(char)); + TEST_ASSERT(ptr_c == NULL); #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); - TEST_ASSERT( reported_bytes >= 864 && reported_bytes <= sizeof(buf) ); + mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks); + TEST_ASSERT(reported_bytes >= 864 && reported_bytes <= sizeof(buf)); #endif - mbedtls_free( ptr_a ); + mbedtls_free(ptr_a); ptr_a = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); - mbedtls_free( ptr_b ); + mbedtls_free(ptr_b); ptr_b = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); - TEST_ASSERT( reported_bytes == 0 ); + mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks); + TEST_ASSERT(reported_bytes == 0); #endif - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); exit: - mbedtls_memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free(); } /* END_CASE */ /* BEGIN_CASE */ -void memory_buffer_heap_too_small( ) +void memory_buffer_heap_too_small() { unsigned char buf[1]; - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); /* With MBEDTLS_MEMORY_DEBUG enabled, this prints a message * "FATAL: verification of first header failed". */ - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() != 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() != 0); } /* END_CASE */ /* BEGIN_CASE */ -void memory_buffer_underalloc( ) +void memory_buffer_underalloc() { unsigned char buf[100]; size_t i; - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); - for( i = 1; i < MBEDTLS_MEMORY_ALIGN_MULTIPLE; i++ ) - { - TEST_ASSERT( mbedtls_calloc( 1, - (size_t)-( MBEDTLS_MEMORY_ALIGN_MULTIPLE - i ) ) == NULL ); - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); + for (i = 1; i < MBEDTLS_MEMORY_ALIGN_MULTIPLE; i++) { + TEST_ASSERT(mbedtls_calloc(1, + (size_t) -(MBEDTLS_MEMORY_ALIGN_MULTIPLE - i)) == NULL); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); } exit: diff --git a/tests/suites/test_suite_mps.function b/tests/suites/test_suite_mps.function index 5ef32889b9cc..a9ccf22a7780 100644 --- a/tests/suites/test_suite_mps.function +++ b/tests/suites/test_suite_mps.function @@ -25,7 +25,7 @@ */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_no_pausing_single_step_single_round( int with_acc ) +void mbedtls_mps_reader_no_pausing_single_step_single_round(int with_acc) { /* This test exercises the most basic use of the MPS reader: * - The 'producing' layer provides a buffer @@ -46,29 +46,31 @@ void mbedtls_mps_reader_no_pausing_single_step_single_round( int with_acc ) unsigned char *tmp; int paused; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - if( with_acc == 0 ) - mbedtls_mps_reader_init( &rd, NULL, 0 ); - else - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + if (with_acc == 0) { + mbedtls_mps_reader_init(&rd, NULL, 0); + } else { + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + } + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ /* Consume exactly what's available */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 100, bufA, 100 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 100, bufA, 100); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup (lower layer) */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, &paused ) == 0 ); - TEST_ASSERT( paused == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, &paused) == 0); + TEST_ASSERT(paused == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_no_pausing_single_step_multiple_rounds( int with_acc ) +void mbedtls_mps_reader_no_pausing_single_step_multiple_rounds(int with_acc) { /* This test exercises multiple rounds of the basic use of the MPS reader: * - The 'producing' layer provides a buffer @@ -89,37 +91,40 @@ void mbedtls_mps_reader_no_pausing_single_step_multiple_rounds( int with_acc ) unsigned char acc[10]; unsigned char *tmp; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; - for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ ) - bufB[i] = ~ ((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) { + bufB[i] = ~((unsigned char) i); + } /* Preparation (lower layer) */ - if( with_acc == 0 ) - mbedtls_mps_reader_init( &rd, NULL, 0 ); - else - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + if (with_acc == 0) { + mbedtls_mps_reader_init(&rd, NULL, 0); + } else { + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + } + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ /* Consume exactly what's available */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 100, bufA, 100 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 100, bufA, 100); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0); /* Consumption */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 100, bufB, 100 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 100, bufB, 100); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup (lower layer) */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_no_pausing_multiple_steps_single_round( int with_acc ) +void mbedtls_mps_reader_no_pausing_multiple_steps_single_round(int with_acc) { /* This test exercises one round of the following: * - The 'producing' layer provides a buffer @@ -144,31 +149,33 @@ void mbedtls_mps_reader_no_pausing_multiple_steps_single_round( int with_acc ) unsigned char *tmp; mbedtls_mps_size_t tmp_len; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - if( with_acc == 0 ) - mbedtls_mps_reader_init( &rd, NULL, 0 ); - else - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + if (with_acc == 0) { + mbedtls_mps_reader_init(&rd, NULL, 0); + } else { + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + } + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, buf, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 70, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 70, buf + 10, 70 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 30, &tmp, &tmp_len ) == 0 ); - ASSERT_COMPARE( tmp, tmp_len, buf + 80, 20 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, buf, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 70, buf + 10, 70); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, &tmp_len) == 0); + ASSERT_COMPARE(tmp, tmp_len, buf + 80, 20); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup (lower layer) */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds( int with_acc ) +void mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds(int with_acc) { /* This test exercises one round of fetching a buffer in multiple chunks * and passing it back to the producer afterwards, followed by another @@ -179,35 +186,38 @@ void mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds( int with_acc unsigned char *tmp; mbedtls_mps_size_t tmp_len; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; - for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ ) - bufB[i] = ~ ((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) { + bufB[i] = ~((unsigned char) i); + } /* Preparation (lower layer) */ - if( with_acc == 0 ) - mbedtls_mps_reader_init( &rd, NULL, 0 ); - else - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + if (with_acc == 0) { + mbedtls_mps_reader_init(&rd, NULL, 0); + } else { + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + } + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 70, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 70, bufA + 10, 70 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 30, &tmp, &tmp_len ) == 0 ); - ASSERT_COMPARE( tmp, tmp_len, bufA + 80, 20 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 70, bufA + 10, 70); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, &tmp_len) == 0); + ASSERT_COMPARE(tmp, tmp_len, bufA + 80, 20); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0); /* Consumption */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 100, bufB, 100 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 100, bufB, 100); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -224,22 +234,23 @@ void mbedtls_mps_reader_pausing_needed_disabled() unsigned char buf[100]; unsigned char *tmp; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, NULL, 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + mbedtls_mps_reader_init(&rd, NULL, 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 50, buf, 50 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 50, buf, 50); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Wrapup (lower layer) */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -264,28 +275,29 @@ void mbedtls_mps_reader_pausing_needed_buffer_too_small() mbedtls_mps_reader rd; mbedtls_mps_size_t tmp_len; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 50, buf, 50 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, buf + 50, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 50, buf, 50); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, buf + 50, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Wrapup (lower layer) */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, &tmp_len ) == 0 ); - ASSERT_COMPARE( tmp, tmp_len, buf + 50, 50 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, &tmp_len) == 0); + ASSERT_COMPARE(tmp, tmp_len, buf + 50, 50); - mbedtls_mps_reader_free( &rd ); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -304,28 +316,29 @@ void mbedtls_mps_reader_reclaim_overflow() unsigned char *tmp; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 50, buf, 50 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 50, buf, 50); /* Excess request */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, (mbedtls_mps_size_t) -1, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, (mbedtls_mps_size_t) -1, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Wrapup (lower layer) */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL); - mbedtls_mps_reader_free( &rd ); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_pausing( int option ) +void mbedtls_mps_reader_pausing(int option) { /* This test exercises the behaviour of the reader when the * accumulator is used to fulfill a consumer's request. @@ -349,108 +362,108 @@ void mbedtls_mps_reader_pausing( int option ) unsigned char acc[40]; int paused; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; - for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ ) - bufB[i] = ~ ((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) { + bufB[i] = ~((unsigned char) i); + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ /* Ask for more than what's available. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 80, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 80, bufA, 80 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - switch( option ) - { + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 80, bufA, 80); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + switch (option) { case 0: /* Single uncommitted fetch at pausing */ case 1: - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); break; default: /* Multiple uncommitted fetches at pausing */ break; } - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, &paused ) == 0 ); - TEST_ASSERT( paused == 1 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, &paused) == 0); + TEST_ASSERT(paused == 1); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0); /* Consumption */ - switch( option ) - { + switch (option) { case 0: /* Single fetch at pausing, re-fetch with commit. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 90, 10); + ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); break; case 1: /* Single fetch at pausing, re-fetch without commit. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 90, 10); + ASSERT_COMPARE(tmp + 10, 10, bufB, 10); break; case 2: /* Multiple fetches at pausing, repeat without commit. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 90, 10); + ASSERT_COMPARE(tmp + 10, 10, bufB, 10); break; case 3: /* Multiple fetches at pausing, repeat with commit 1. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 90, 10); + ASSERT_COMPARE(tmp + 10, 10, bufB, 10); break; case 4: /* Multiple fetches at pausing, repeat with commit 2. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 90, 10); + ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); break; case 5: /* Multiple fetches at pausing, repeat with commit 3. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 90, 10); + ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); } /* In all cases, fetch the rest of the second buffer. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 90, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 90, bufB + 10, 90 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 90, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 90, bufB + 10, 90); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_pausing_multiple_feeds( int option ) +void mbedtls_mps_reader_pausing_multiple_feeds(int option) { /* This test exercises the behaviour of the MPS reader * in the following situation: @@ -471,93 +484,91 @@ void mbedtls_mps_reader_pausing_multiple_feeds( int option ) unsigned char acc[70]; mbedtls_mps_reader rd; mbedtls_mps_size_t fetch_len; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; - for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ ) - bufB[i] = ~ ((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) { + bufB[i] = ~((unsigned char) i); + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ /* Ask for more than what's available. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 80, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 80, bufA, 80 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 80, bufA, 80); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* 20 left, ask for 70 -> 50 overhead */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 70, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - switch( option ) - { + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + switch (option) { case 0: /* 10 + 10 + 80 byte feed */ - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, 10 ) == - MBEDTLS_ERR_MPS_READER_NEED_MORE ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + 10, 10 ) == - MBEDTLS_ERR_MPS_READER_NEED_MORE ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + 20, 80 ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, 10) == + MBEDTLS_ERR_MPS_READER_NEED_MORE); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + 10, 10) == + MBEDTLS_ERR_MPS_READER_NEED_MORE); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + 20, 80) == 0); break; case 1: /* 50 x 1byte */ - for( size_t num_feed = 0; num_feed < 49; num_feed++ ) - { - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + num_feed, 1 ) == - MBEDTLS_ERR_MPS_READER_NEED_MORE ); + for (size_t num_feed = 0; num_feed < 49; num_feed++) { + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + num_feed, 1) == + MBEDTLS_ERR_MPS_READER_NEED_MORE); } - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + 49, 1 ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + 49, 1) == 0); break; case 2: /* 49 x 1byte + 51bytes */ - for( size_t num_feed = 0; num_feed < 49; num_feed++ ) - { - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + num_feed, 1 ) == - MBEDTLS_ERR_MPS_READER_NEED_MORE ); + for (size_t num_feed = 0; num_feed < 49; num_feed++) { + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + num_feed, 1) == + MBEDTLS_ERR_MPS_READER_NEED_MORE); } - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + 49, 51 ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + 49, 51) == 0); break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); break; } /* Consumption */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 70, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 20, bufA + 80, 20 ); - ASSERT_COMPARE( tmp + 20, 50, bufB, 50 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 1000, &tmp, &fetch_len ) == 0 ); - switch( option ) - { + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 20, bufA + 80, 20); + ASSERT_COMPARE(tmp + 20, 50, bufB, 50); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 1000, &tmp, &fetch_len) == 0); + switch (option) { case 0: - TEST_ASSERT( fetch_len == 50 ); + TEST_ASSERT(fetch_len == 50); break; case 1: - TEST_ASSERT( fetch_len == 0 ); + TEST_ASSERT(fetch_len == 0); break; case 2: - TEST_ASSERT( fetch_len == 50 ); + TEST_ASSERT(fetch_len == 50); break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); break; } - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_reclaim_data_left( int option ) +void mbedtls_mps_reader_reclaim_data_left(int option) { /* This test exercises the behaviour of the MPS reader when a * call to mbedtls_mps_reader_reclaim() is made before all data @@ -566,53 +577,53 @@ void mbedtls_mps_reader_reclaim_data_left( int option ) unsigned char buf[100]; unsigned char *tmp; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, NULL, 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + mbedtls_mps_reader_init(&rd, NULL, 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - switch( option ) - { + switch (option) { case 0: /* Fetch (but not commit) the entire buffer. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, sizeof( buf ), &tmp, NULL ) - == 0 ); - ASSERT_COMPARE( tmp, 100, buf, 100 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf), &tmp, NULL) + == 0); + ASSERT_COMPARE(tmp, 100, buf, 100); break; case 1: /* Fetch (but not commit) parts of the buffer. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, sizeof( buf ) / 2, - &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, sizeof( buf ) / 2, buf, sizeof( buf ) / 2 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf) / 2, + &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, sizeof(buf) / 2, buf, sizeof(buf) / 2); break; case 2: /* Fetch and commit parts of the buffer, then * fetch but not commit the rest of the buffer. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, sizeof( buf ) / 2, - &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, sizeof( buf ) / 2, buf, sizeof( buf ) / 2 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, sizeof( buf ) / 2, - &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, sizeof( buf ) / 2, - buf + sizeof( buf ) / 2, - sizeof( buf ) / 2 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf) / 2, + &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, sizeof(buf) / 2, buf, sizeof(buf) / 2); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf) / 2, + &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, sizeof(buf) / 2, + buf + sizeof(buf) / 2, + sizeof(buf) / 2); break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); break; } /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_DATA_LEFT ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_DATA_LEFT); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -626,33 +637,34 @@ void mbedtls_mps_reader_reclaim_data_left_retry() unsigned char *tmp; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, NULL, 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + mbedtls_mps_reader_init(&rd, NULL, 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 50, buf, 50 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 50, buf + 50, 50 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 50, buf, 50); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 50, buf + 50, 50); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_DATA_LEFT ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_DATA_LEFT); /* Consumption */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 50, buf + 50, 50 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 50, buf + 50, 50); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_multiple_pausing( int option ) +void mbedtls_mps_reader_multiple_pausing(int option) { /* This test exercises the behaviour of the MPS reader * in the following situation: @@ -670,126 +682,128 @@ void mbedtls_mps_reader_multiple_pausing( int option ) unsigned char acc[50]; mbedtls_mps_size_t tmp_len; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; - for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ ) - bufB[i] = ~ ((unsigned char) i); - for( size_t i=0; (unsigned) i < sizeof( bufC ); i++ ) - bufC[i] = ~ ((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) { + bufB[i] = ~((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufC); i++) { + bufC[i] = ~((unsigned char) i); + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ /* Ask for more than what's available. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 80, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 80, bufA, 80 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 80, bufA, 80); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0); - switch( option ) - { + switch (option) { case 0: /* Fetch same chunks, commit afterwards, and * then exceed bounds of new buffer; accumulator * large enough. */ /* Consume */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, &tmp_len ) == 0 ); - ASSERT_COMPARE( tmp, tmp_len, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, &tmp_len) == 0); + ASSERT_COMPARE(tmp, tmp_len, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 90, 10); + ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Prepare */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufC, sizeof( bufC ) ) == 0 );; + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufC, sizeof(bufC)) == 0);; /* Consume */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufB + 10, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufC, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufB + 10, 10); + ASSERT_COMPARE(tmp + 10, 10, bufC, 10); break; case 1: /* Fetch same chunks, commit afterwards, and * then exceed bounds of new buffer; accumulator * not large enough. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 51, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 90, 10); + ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 51, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Prepare */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL); break; case 2: /* Fetch same chunks, don't commit afterwards, and * then exceed bounds of new buffer; accumulator * large enough. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 90, 10); + ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Prepare */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufC, sizeof( bufC ) ) == 0 );; + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufC, sizeof(bufC)) == 0);; /* Consume */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 20, bufA + 80, 20 ); - ASSERT_COMPARE( tmp + 20, 20, bufB, 20 ); - ASSERT_COMPARE( tmp + 40, 10, bufC, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 20, bufA + 80, 20); + ASSERT_COMPARE(tmp + 20, 20, bufB, 20); + ASSERT_COMPARE(tmp + 40, 10, bufC, 10); break; case 3: /* Fetch same chunks, don't commit afterwards, and * then exceed bounds of new buffer; accumulator * not large enough. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 21, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 10, bufA + 90, 10); + ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 21, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Prepare */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL); break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); break; } - mbedtls_mps_reader_free( &rd ); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER:MBEDTLS_MPS_STATE_VALIDATION */ -void mbedtls_mps_reader_random_usage( int num_out_chunks, - int max_chunk_size, - int max_request, - int acc_size ) +void mbedtls_mps_reader_random_usage(int num_out_chunks, + int max_chunk_size, + int max_request, + int acc_size) { /* Randomly pass a reader object back and forth between lower and @@ -829,130 +843,108 @@ void mbedtls_mps_reader_random_usage( int num_out_chunks, * returning the reader to the upper layer. */ mbedtls_mps_reader rd; - if( acc_size > 0 ) - { - ASSERT_ALLOC( acc, acc_size ); + if (acc_size > 0) { + ASSERT_ALLOC(acc, acc_size); } /* This probably needs to be changed because we want * our tests to be deterministic. */ // srand( time( NULL ) ); - ASSERT_ALLOC( outgoing, num_out_chunks * max_chunk_size ); - ASSERT_ALLOC( incoming, num_out_chunks * max_chunk_size ); + ASSERT_ALLOC(outgoing, num_out_chunks * max_chunk_size); + ASSERT_ALLOC(incoming, num_out_chunks * max_chunk_size); - mbedtls_mps_reader_init( &rd, acc, acc_size ); + mbedtls_mps_reader_init(&rd, acc, acc_size); cur_out_chunk = 0; in_commit = 0; in_fetch = 0; out_pos = 0; - while( cur_out_chunk < (unsigned) num_out_chunks ) - { - if( mode == 0 ) - { + while (cur_out_chunk < (unsigned) num_out_chunks) { + if (mode == 0) { /* Choose randomly between reclaim and feed */ rand_op = rand() % 2; - if( rand_op == 0 ) - { + if (rand_op == 0) { /* Reclaim */ - ret = mbedtls_mps_reader_reclaim( &rd, NULL ); + ret = mbedtls_mps_reader_reclaim(&rd, NULL); - if( ret == 0 ) - { - TEST_ASSERT( cur_chunk != NULL ); - mbedtls_free( cur_chunk ); + if (ret == 0) { + TEST_ASSERT(cur_chunk != NULL); + mbedtls_free(cur_chunk); cur_chunk = NULL; } reclaimed = 1; - } - else - { + } else { /* Feed reader with a random chunk */ unsigned char *tmp = NULL; size_t tmp_size; - if( cur_out_chunk == (unsigned) num_out_chunks ) + if (cur_out_chunk == (unsigned) num_out_chunks) { continue; + } - tmp_size = ( rand() % max_chunk_size ) + 1; - ASSERT_ALLOC( tmp, tmp_size ); + tmp_size = (rand() % max_chunk_size) + 1; + ASSERT_ALLOC(tmp, tmp_size); - TEST_ASSERT( mbedtls_test_rnd_std_rand( NULL, tmp, tmp_size ) == 0 ); - ret = mbedtls_mps_reader_feed( &rd, tmp, tmp_size ); + TEST_ASSERT(mbedtls_test_rnd_std_rand(NULL, tmp, tmp_size) == 0); + ret = mbedtls_mps_reader_feed(&rd, tmp, tmp_size); - if( ret == 0 || ret == MBEDTLS_ERR_MPS_READER_NEED_MORE ) - { + if (ret == 0 || ret == MBEDTLS_ERR_MPS_READER_NEED_MORE) { cur_out_chunk++; - memcpy( outgoing + out_pos, tmp, tmp_size ); + memcpy(outgoing + out_pos, tmp, tmp_size); out_pos += tmp_size; } - if( ret == 0 ) - { - TEST_ASSERT( cur_chunk == NULL ); + if (ret == 0) { + TEST_ASSERT(cur_chunk == NULL); cur_chunk = tmp; - } - else - { - mbedtls_free( tmp ); + } else { + mbedtls_free(tmp); } } /* Randomly switch to consumption mode if reclaim * was called at least once. */ - if( reclaimed == 1 && rand() % 3 == 0 ) - { + if (reclaimed == 1 && rand() % 3 == 0) { in_fetch = 0; mode = 1; } - } - else - { + } else { /* Choose randomly between get tolerating fewer data, * get not tolerating fewer data, and commit. */ rand_op = rand() % 3; - if( rand_op == 0 || rand_op == 1 ) - { + if (rand_op == 0 || rand_op == 1) { mbedtls_mps_size_t get_size, real_size; unsigned char *chunk_get; - get_size = ( rand() % max_request ) + 1; - if( rand_op == 0 ) - { - ret = mbedtls_mps_reader_get( &rd, get_size, &chunk_get, - &real_size ); - } - else - { + get_size = (rand() % max_request) + 1; + if (rand_op == 0) { + ret = mbedtls_mps_reader_get(&rd, get_size, &chunk_get, + &real_size); + } else { real_size = get_size; - ret = mbedtls_mps_reader_get( &rd, get_size, &chunk_get, NULL ); + ret = mbedtls_mps_reader_get(&rd, get_size, &chunk_get, NULL); } /* Check if output is in accordance with what was written */ - if( ret == 0 ) - { - memcpy( incoming + in_commit + in_fetch, - chunk_get, real_size ); - TEST_ASSERT( memcmp( incoming + in_commit + in_fetch, - outgoing + in_commit + in_fetch, - real_size ) == 0 ); + if (ret == 0) { + memcpy(incoming + in_commit + in_fetch, + chunk_get, real_size); + TEST_ASSERT(memcmp(incoming + in_commit + in_fetch, + outgoing + in_commit + in_fetch, + real_size) == 0); in_fetch += real_size; } - } - else if( rand_op == 2 ) /* Commit */ - { - ret = mbedtls_mps_reader_commit( &rd ); - if( ret == 0 ) - { + } else if (rand_op == 2) { /* Commit */ + ret = mbedtls_mps_reader_commit(&rd); + if (ret == 0) { in_commit += in_fetch; in_fetch = 0; } } /* Randomly switch back to preparation */ - if( rand() % 3 == 0 ) - { + if (rand() % 3 == 0) { reclaimed = 0; mode = 0; } @@ -960,16 +952,16 @@ void mbedtls_mps_reader_random_usage( int num_out_chunks, } /* Cleanup */ - mbedtls_mps_reader_free( &rd ); - mbedtls_free( incoming ); - mbedtls_free( outgoing ); - mbedtls_free( acc ); - mbedtls_free( cur_chunk ); + mbedtls_mps_reader_free(&rd); + mbedtls_free(incoming); + mbedtls_free(outgoing); + mbedtls_free(acc); + mbedtls_free(cur_chunk); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_reader_inconsistent_usage( int option ) +void mbedtls_reader_inconsistent_usage(int option) { /* This test exercises the behaviour of the MPS reader * in the following situation: @@ -989,130 +981,130 @@ void mbedtls_reader_inconsistent_usage( int option ) unsigned char acc[40]; mbedtls_mps_reader rd; int success = 0; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; - for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ ) - bufB[i] = ~ ((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) { + bufB[i] = ~((unsigned char) i); + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 80, &tmp, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0); /* Consumption */ - switch( option ) - { + switch (option) { case 0: /* Ask for buffered data in a single chunk, no commit */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 30, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 20, bufA + 80, 20 ); - ASSERT_COMPARE( tmp + 20, 10, bufB, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 20, bufA + 80, 20); + ASSERT_COMPARE(tmp + 20, 10, bufB, 10); success = 1; break; case 1: /* Ask for buffered data in a single chunk, with commit */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 30, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 20, bufA + 80, 20 ); - ASSERT_COMPARE( tmp + 20, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 20, bufA + 80, 20); + ASSERT_COMPARE(tmp + 20, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); success = 1; break; case 2: /* Ask for more than was requested when pausing, #1 */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 31, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 31, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS); break; case 3: /* Ask for more than was requested when pausing #2 */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, (mbedtls_mps_size_t) -1, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, (mbedtls_mps_size_t) -1, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS); break; case 4: /* Asking for buffered data in different * chunks than before CAN fail. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 15, bufA + 80, 15 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 15, bufA + 80, 15); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS); break; case 5: /* Asking for buffered data different chunks * than before NEED NOT fail - no commits */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 15, bufA + 80, 15 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 5, bufA + 95, 5 ); - ASSERT_COMPARE( tmp + 5, 10, bufB, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 15, bufA + 80, 15); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 5, bufA + 95, 5); + ASSERT_COMPARE(tmp + 5, 10, bufB, 10); success = 1; break; case 6: /* Asking for buffered data different chunks * than before NEED NOT fail - intermediate commit */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 15, bufA + 80, 15 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 5, bufA + 95, 5 ); - ASSERT_COMPARE( tmp + 5, 10, bufB, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 15, bufA + 80, 15); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 5, bufA + 95, 5); + ASSERT_COMPARE(tmp + 5, 10, bufB, 10); success = 1; break; case 7: /* Asking for buffered data different chunks * than before NEED NOT fail - end commit */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 15, bufA + 80, 15 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 5, bufA + 95, 5 ); - ASSERT_COMPARE( tmp + 5, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 15, bufA + 80, 15); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 5, bufA + 95, 5); + ASSERT_COMPARE(tmp + 5, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); success = 1; break; case 8: /* Asking for buffered data different chunks * than before NEED NOT fail - intermediate & end commit */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 15, bufA + 80, 15 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - ASSERT_COMPARE( tmp, 5, bufA + 95, 5 ); - ASSERT_COMPARE( tmp + 5, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 15, bufA + 80, 15); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + ASSERT_COMPARE(tmp, 5, bufA + 95, 5); + ASSERT_COMPARE(tmp + 5, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); success = 1; break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); break; } - if( success == 1 ) - { + if (success == 1) { /* In all succeeding cases, fetch the rest of the second buffer. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 90, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 90, bufB + 10, 90 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 90, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 90, bufB + 10, 90); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); } /* Wrapup */ - mbedtls_mps_reader_free( &rd ); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -1124,25 +1116,26 @@ void mbedtls_mps_reader_feed_empty() unsigned char buf[100]; unsigned char *tmp; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, NULL, 0 ); + mbedtls_mps_reader_init(&rd, NULL, 0); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, NULL, sizeof( buf ) ) == - MBEDTLS_ERR_MPS_READER_INVALID_ARG ); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, NULL, sizeof(buf)) == + MBEDTLS_ERR_MPS_READER_INVALID_ARG); /* Subsequent feed-calls should still succeed. */ - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 100, buf, 100 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); + ASSERT_COMPARE(tmp, 100, buf, 100); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ diff --git a/tests/suites/test_suite_net.function b/tests/suites/test_suite_net.function index 08d48b322a7d..fa09f5a64f80 100644 --- a/tests/suites/test_suite_net.function +++ b/tests/suites/test_suite_net.function @@ -30,19 +30,18 @@ * * \return \c 0 on success, a negative error code on error. */ -static int open_file_on_fd( mbedtls_net_context *ctx, int wanted_fd ) +static int open_file_on_fd(mbedtls_net_context *ctx, int wanted_fd) { - int got_fd = open( "/dev/null", O_RDONLY ); - TEST_ASSERT( got_fd >= 0 ); - if( got_fd != wanted_fd ) - { - TEST_ASSERT( dup2( got_fd, wanted_fd ) >= 0 ); - TEST_ASSERT( close( got_fd ) >= 0 ); + int got_fd = open("/dev/null", O_RDONLY); + TEST_ASSERT(got_fd >= 0); + if (got_fd != wanted_fd) { + TEST_ASSERT(dup2(got_fd, wanted_fd) >= 0); + TEST_ASSERT(close(got_fd) >= 0); } ctx->fd = wanted_fd; - return( 0 ); + return 0; exit: - return( -1 ); + return -1; } #endif /* MBEDTLS_PLATFORM_IS_UNIXLIKE */ @@ -54,16 +53,17 @@ exit: */ /* BEGIN_CASE */ -void context_init_free( int reinit ) +void context_init_free(int reinit) { mbedtls_net_context ctx; - mbedtls_net_init( &ctx ); - mbedtls_net_free( &ctx ); + mbedtls_net_init(&ctx); + mbedtls_net_free(&ctx); - if( reinit ) - mbedtls_net_init( &ctx ); - mbedtls_net_free( &ctx ); + if (reinit) { + mbedtls_net_init(&ctx); + } + mbedtls_net_free(&ctx); /* This test case always succeeds, functionally speaking. A plausible * bug might trigger an invalid pointer dereference or a memory leak. */ @@ -72,7 +72,7 @@ void context_init_free( int reinit ) /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PLATFORM_IS_UNIXLIKE */ -void poll_beyond_fd_setsize( ) +void poll_beyond_fd_setsize() { /* Test that mbedtls_net_poll does not misbehave when given a file * descriptor greater or equal to FD_SETSIZE. This code is specific to @@ -85,7 +85,7 @@ void poll_beyond_fd_setsize( ) mbedtls_net_context ctx; uint8_t buf[1]; - mbedtls_net_init( &ctx ); + mbedtls_net_init(&ctx); /* On many systems, by default, the maximum permitted file descriptor * number is less than FD_SETSIZE. If so, raise the limit if @@ -99,17 +99,16 @@ void poll_beyond_fd_setsize( ) * might do); but we don't do such things in our test code, so the unit * test will run if it can. */ - TEST_ASSERT( getrlimit( RLIMIT_NOFILE, &rlim_nofile ) == 0 ); - if( rlim_nofile.rlim_cur < FD_SETSIZE + 1 ) - { + TEST_ASSERT(getrlimit(RLIMIT_NOFILE, &rlim_nofile) == 0); + if (rlim_nofile.rlim_cur < FD_SETSIZE + 1) { rlim_t old_rlim_cur = rlim_nofile.rlim_cur; rlim_nofile.rlim_cur = FD_SETSIZE + 1; - TEST_ASSUME( setrlimit( RLIMIT_NOFILE, &rlim_nofile ) == 0 ); + TEST_ASSUME(setrlimit(RLIMIT_NOFILE, &rlim_nofile) == 0); rlim_nofile.rlim_cur = old_rlim_cur; restore_rlim_nofile = 1; } - TEST_ASSERT( open_file_on_fd( &ctx, FD_SETSIZE ) == 0 ); + TEST_ASSERT(open_file_on_fd(&ctx, FD_SETSIZE) == 0); /* In principle, mbedtls_net_poll() with valid arguments should succeed. * However, we know that on Unix-like platforms (and others), this function @@ -122,16 +121,17 @@ void poll_beyond_fd_setsize( ) * is problematic on the particular platform where the code is running, * a memory sanitizer such as UBSan should catch it. */ - ret = mbedtls_net_poll( &ctx, MBEDTLS_NET_POLL_READ, 0 ); - TEST_EQUAL( ret, MBEDTLS_ERR_NET_POLL_FAILED ); + ret = mbedtls_net_poll(&ctx, MBEDTLS_NET_POLL_READ, 0); + TEST_EQUAL(ret, MBEDTLS_ERR_NET_POLL_FAILED); /* mbedtls_net_recv_timeout() uses select() and fd_set in the same way. */ - ret = mbedtls_net_recv_timeout( &ctx, buf, sizeof( buf ), 0 ); - TEST_EQUAL( ret, MBEDTLS_ERR_NET_POLL_FAILED ); + ret = mbedtls_net_recv_timeout(&ctx, buf, sizeof(buf), 0); + TEST_EQUAL(ret, MBEDTLS_ERR_NET_POLL_FAILED); exit: - mbedtls_net_free( &ctx ); - if( restore_rlim_nofile ) - setrlimit( RLIMIT_NOFILE, &rlim_nofile ); + mbedtls_net_free(&ctx); + if (restore_rlim_nofile) { + setrlimit(RLIMIT_NOFILE, &rlim_nofile); + } } /* END_CASE */ diff --git a/tests/suites/test_suite_nist_kw.function b/tests/suites/test_suite_nist_kw.function index 6a810520f44a..f2b794441aa2 100644 --- a/tests/suites/test_suite_nist_kw.function +++ b/tests/suites/test_suite_nist_kw.function @@ -8,14 +8,14 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ -void mbedtls_nist_kw_self_test( ) +void mbedtls_nist_kw_self_test() { - TEST_ASSERT( mbedtls_nist_kw_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_nist_kw_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ -void mbedtls_nist_kw_mix_contexts( ) +void mbedtls_nist_kw_mix_contexts() { mbedtls_nist_kw_context ctx1, ctx2; unsigned char key[16]; @@ -24,129 +24,126 @@ void mbedtls_nist_kw_mix_contexts( ) unsigned char ciphertext2[40]; size_t output_len, i; - memset( plaintext, 0, sizeof( plaintext ) ); - memset( ciphertext1, 0, sizeof( ciphertext1 ) ); - memset( ciphertext2, 0, sizeof( ciphertext2 ) ); - memset( key, 0, sizeof( key ) ); + memset(plaintext, 0, sizeof(plaintext)); + memset(ciphertext1, 0, sizeof(ciphertext1)); + memset(ciphertext2, 0, sizeof(ciphertext2)); + memset(key, 0, sizeof(key)); /* * 1. Check wrap and unwrap with two separate contexts */ - mbedtls_nist_kw_init( &ctx1 ); - mbedtls_nist_kw_init( &ctx2 ); - - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx1, - MBEDTLS_CIPHER_ID_AES, - key, sizeof( key ) * 8, - 1 ) == 0 ); - - TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx1, MBEDTLS_KW_MODE_KW, - plaintext, sizeof( plaintext ), - ciphertext1, &output_len, - sizeof( ciphertext1 ) ) == 0 ); - TEST_ASSERT( output_len == sizeof( ciphertext1 ) ); - - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx2, - MBEDTLS_CIPHER_ID_AES, - key, sizeof( key ) * 8, - 0 ) == 0 ); - - TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx2, MBEDTLS_KW_MODE_KW, - ciphertext1, output_len, - plaintext, &output_len, - sizeof( plaintext ) ) == 0 ); - - TEST_ASSERT( output_len == sizeof( plaintext ) ); - for( i = 0; i < sizeof( plaintext ); i++ ) - { - TEST_ASSERT( plaintext[i] == 0 ); + mbedtls_nist_kw_init(&ctx1); + mbedtls_nist_kw_init(&ctx2); + + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx1, + MBEDTLS_CIPHER_ID_AES, + key, sizeof(key) * 8, + 1) == 0); + + TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx1, MBEDTLS_KW_MODE_KW, + plaintext, sizeof(plaintext), + ciphertext1, &output_len, + sizeof(ciphertext1)) == 0); + TEST_ASSERT(output_len == sizeof(ciphertext1)); + + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx2, + MBEDTLS_CIPHER_ID_AES, + key, sizeof(key) * 8, + 0) == 0); + + TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx2, MBEDTLS_KW_MODE_KW, + ciphertext1, output_len, + plaintext, &output_len, + sizeof(plaintext)) == 0); + + TEST_ASSERT(output_len == sizeof(plaintext)); + for (i = 0; i < sizeof(plaintext); i++) { + TEST_ASSERT(plaintext[i] == 0); } - mbedtls_nist_kw_free( &ctx1 ); - mbedtls_nist_kw_free( &ctx2 ); + mbedtls_nist_kw_free(&ctx1); + mbedtls_nist_kw_free(&ctx2); /* * 2. Check wrapping with two modes, on same context */ - mbedtls_nist_kw_init( &ctx1 ); - mbedtls_nist_kw_init( &ctx2 ); - output_len = sizeof( ciphertext1 ); - - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx1, - MBEDTLS_CIPHER_ID_AES, - key, sizeof( key ) * 8, - 1 ) == 0 ); - - TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx1, MBEDTLS_KW_MODE_KW, - plaintext, sizeof( plaintext ), - ciphertext1, &output_len, - sizeof( ciphertext1 ) ) == 0 ); - TEST_ASSERT( output_len == sizeof( ciphertext1 ) ); - - TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx1, MBEDTLS_KW_MODE_KWP, - plaintext, sizeof( plaintext ), - ciphertext2, &output_len, - sizeof( ciphertext2 ) ) == 0 ); - - TEST_ASSERT( output_len == sizeof( ciphertext2 ) ); - - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx2, - MBEDTLS_CIPHER_ID_AES, - key, sizeof( key ) * 8, - 0 ) == 0 ); - - TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx2, MBEDTLS_KW_MODE_KW, - ciphertext1, sizeof( ciphertext1 ), - plaintext, &output_len, - sizeof( plaintext ) ) == 0 ); - - TEST_ASSERT( output_len == sizeof( plaintext ) ); - - for( i = 0; i < sizeof( plaintext ); i++ ) - { - TEST_ASSERT( plaintext[i] == 0 ); + mbedtls_nist_kw_init(&ctx1); + mbedtls_nist_kw_init(&ctx2); + output_len = sizeof(ciphertext1); + + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx1, + MBEDTLS_CIPHER_ID_AES, + key, sizeof(key) * 8, + 1) == 0); + + TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx1, MBEDTLS_KW_MODE_KW, + plaintext, sizeof(plaintext), + ciphertext1, &output_len, + sizeof(ciphertext1)) == 0); + TEST_ASSERT(output_len == sizeof(ciphertext1)); + + TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx1, MBEDTLS_KW_MODE_KWP, + plaintext, sizeof(plaintext), + ciphertext2, &output_len, + sizeof(ciphertext2)) == 0); + + TEST_ASSERT(output_len == sizeof(ciphertext2)); + + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx2, + MBEDTLS_CIPHER_ID_AES, + key, sizeof(key) * 8, + 0) == 0); + + TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx2, MBEDTLS_KW_MODE_KW, + ciphertext1, sizeof(ciphertext1), + plaintext, &output_len, + sizeof(plaintext)) == 0); + + TEST_ASSERT(output_len == sizeof(plaintext)); + + for (i = 0; i < sizeof(plaintext); i++) { + TEST_ASSERT(plaintext[i] == 0); } - TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx2, MBEDTLS_KW_MODE_KWP, - ciphertext2, sizeof( ciphertext2 ), - plaintext, &output_len, - sizeof( plaintext ) ) == 0 ); + TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx2, MBEDTLS_KW_MODE_KWP, + ciphertext2, sizeof(ciphertext2), + plaintext, &output_len, + sizeof(plaintext)) == 0); - TEST_ASSERT( output_len == sizeof( plaintext ) ); + TEST_ASSERT(output_len == sizeof(plaintext)); - for( i = 0; i < sizeof( plaintext ); i++ ) - { - TEST_ASSERT( plaintext[i] == 0 ); + for (i = 0; i < sizeof(plaintext); i++) { + TEST_ASSERT(plaintext[i] == 0); } exit: - mbedtls_nist_kw_free( &ctx1 ); - mbedtls_nist_kw_free( &ctx2 ); + mbedtls_nist_kw_free(&ctx1); + mbedtls_nist_kw_free(&ctx2); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_nist_kw_setkey( int cipher_id, int key_size, - int is_wrap, int result ) +void mbedtls_nist_kw_setkey(int cipher_id, int key_size, + int is_wrap, int result) { mbedtls_nist_kw_context ctx; unsigned char key[32]; int ret; - mbedtls_nist_kw_init( &ctx ); + mbedtls_nist_kw_init(&ctx); - memset( key, 0x2A, sizeof( key ) ); - TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) ); + memset(key, 0x2A, sizeof(key)); + TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key)); - ret = mbedtls_nist_kw_setkey( &ctx, cipher_id, key, key_size, is_wrap ); - TEST_ASSERT( ret == result ); + ret = mbedtls_nist_kw_setkey(&ctx, cipher_id, key, key_size, is_wrap); + TEST_ASSERT(ret == result); exit: - mbedtls_nist_kw_free( &ctx ); + mbedtls_nist_kw_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ -void nist_kw_plaintext_lengths( int in_len, int out_len, int mode, int res ) +void nist_kw_plaintext_lengths(int in_len, int out_len, int mode, int res) { mbedtls_nist_kw_context ctx; unsigned char key[16]; @@ -154,50 +151,46 @@ void nist_kw_plaintext_lengths( int in_len, int out_len, int mode, int res ) unsigned char *ciphertext = NULL; size_t output_len = out_len; - mbedtls_nist_kw_init( &ctx ); + mbedtls_nist_kw_init(&ctx); - memset( key, 0, sizeof( key ) ); + memset(key, 0, sizeof(key)); - if( in_len != 0 ) - { - plaintext = mbedtls_calloc( 1, in_len ); - TEST_ASSERT( plaintext != NULL ); + if (in_len != 0) { + plaintext = mbedtls_calloc(1, in_len); + TEST_ASSERT(plaintext != NULL); } - if( out_len != 0 ) - { - ciphertext = mbedtls_calloc( 1, output_len ); - TEST_ASSERT( ciphertext != NULL ); + if (out_len != 0) { + ciphertext = mbedtls_calloc(1, output_len); + TEST_ASSERT(ciphertext != NULL); } - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - key, 8 * sizeof( key ), 1 ) == 0 ); - - TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, plaintext, in_len, - ciphertext, &output_len, - output_len ) == res ); - if( res == 0 ) - { - if( mode == MBEDTLS_KW_MODE_KWP ) - TEST_ASSERT( output_len == (size_t) in_len + 8 - - ( in_len % 8 ) + 8 ); - else - TEST_ASSERT( output_len == (size_t) in_len + 8 ); - } - else - { - TEST_ASSERT( output_len == 0 ); + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + key, 8 * sizeof(key), 1) == 0); + + TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx, mode, plaintext, in_len, + ciphertext, &output_len, + output_len) == res); + if (res == 0) { + if (mode == MBEDTLS_KW_MODE_KWP) { + TEST_ASSERT(output_len == (size_t) in_len + 8 - + (in_len % 8) + 8); + } else { + TEST_ASSERT(output_len == (size_t) in_len + 8); + } + } else { + TEST_ASSERT(output_len == 0); } exit: - mbedtls_free( ciphertext ); - mbedtls_free( plaintext ); - mbedtls_nist_kw_free( &ctx ); + mbedtls_free(ciphertext); + mbedtls_free(plaintext); + mbedtls_nist_kw_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ -void nist_kw_ciphertext_lengths( int in_len, int out_len, int mode, int res ) +void nist_kw_ciphertext_lengths(int in_len, int out_len, int mode, int res) { mbedtls_nist_kw_context ctx; unsigned char key[16]; @@ -206,111 +199,105 @@ void nist_kw_ciphertext_lengths( int in_len, int out_len, int mode, int res ) int unwrap_ret; size_t output_len = out_len; - mbedtls_nist_kw_init( &ctx ); + mbedtls_nist_kw_init(&ctx); - memset( key, 0, sizeof( key ) ); + memset(key, 0, sizeof(key)); - if( out_len != 0 ) - { - plaintext = mbedtls_calloc( 1, output_len ); - TEST_ASSERT( plaintext != NULL ); + if (out_len != 0) { + plaintext = mbedtls_calloc(1, output_len); + TEST_ASSERT(plaintext != NULL); } - if( in_len != 0 ) - { - ciphertext = mbedtls_calloc( 1, in_len ); - TEST_ASSERT( ciphertext != NULL ); + if (in_len != 0) { + ciphertext = mbedtls_calloc(1, in_len); + TEST_ASSERT(ciphertext != NULL); } - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - key, 8 * sizeof( key ), 0 ) == 0 ); - unwrap_ret = mbedtls_nist_kw_unwrap( &ctx, mode, ciphertext, in_len, - plaintext, &output_len, - output_len ); + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + key, 8 * sizeof(key), 0) == 0); + unwrap_ret = mbedtls_nist_kw_unwrap(&ctx, mode, ciphertext, in_len, + plaintext, &output_len, + output_len); - if( res == 0 ) - TEST_ASSERT( unwrap_ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ); - else - TEST_ASSERT( unwrap_ret == res ); + if (res == 0) { + TEST_ASSERT(unwrap_ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED); + } else { + TEST_ASSERT(unwrap_ret == res); + } - TEST_ASSERT( output_len == 0 ); + TEST_ASSERT(output_len == 0); exit: - mbedtls_free( ciphertext ); - mbedtls_free( plaintext ); - mbedtls_nist_kw_free( &ctx ); + mbedtls_free(ciphertext); + mbedtls_free(plaintext); + mbedtls_nist_kw_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_nist_kw_wrap( int cipher_id, int mode, data_t *key, data_t *msg, - data_t *expected_result ) +void mbedtls_nist_kw_wrap(int cipher_id, int mode, data_t *key, data_t *msg, + data_t *expected_result) { unsigned char result[528]; mbedtls_nist_kw_context ctx; size_t result_len, i, padlen; - mbedtls_nist_kw_init( &ctx ); + mbedtls_nist_kw_init(&ctx); - memset( result, '+', sizeof( result ) ); + memset(result, '+', sizeof(result)); - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id, - key->x, key->len * 8, 1 ) == 0 ); + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, cipher_id, + key->x, key->len * 8, 1) == 0); /* Test with input == output */ - TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, msg->x, msg->len, - result, &result_len, sizeof( result ) ) == 0 ); + TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx, mode, msg->x, msg->len, + result, &result_len, sizeof(result)) == 0); - TEST_ASSERT( result_len == expected_result->len ); + TEST_ASSERT(result_len == expected_result->len); - TEST_ASSERT( memcmp( expected_result->x, result, result_len ) == 0 ); + TEST_ASSERT(memcmp(expected_result->x, result, result_len) == 0); - padlen = ( msg->len % 8 != 0 ) ? 8 - (msg->len % 8 ) : 0; + padlen = (msg->len % 8 != 0) ? 8 - (msg->len % 8) : 0; /* Check that the function didn't write beyond the end of the buffer. */ - for( i = msg->len + 8 + padlen; i < sizeof( result ); i++ ) - { - TEST_ASSERT( result[i] == '+' ); + for (i = msg->len + 8 + padlen; i < sizeof(result); i++) { + TEST_ASSERT(result[i] == '+'); } exit: - mbedtls_nist_kw_free( &ctx ); + mbedtls_nist_kw_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_nist_kw_unwrap( int cipher_id, int mode, data_t *key, data_t *msg, - data_t *expected_result, int expected_ret ) +void mbedtls_nist_kw_unwrap(int cipher_id, int mode, data_t *key, data_t *msg, + data_t *expected_result, int expected_ret) { unsigned char result[528]; mbedtls_nist_kw_context ctx; size_t result_len, i; - mbedtls_nist_kw_init( &ctx ); + mbedtls_nist_kw_init(&ctx); - memset( result, '+', sizeof( result ) ); + memset(result, '+', sizeof(result)); - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id, - key->x, key->len * 8, 0 ) == 0 ); + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, cipher_id, + key->x, key->len * 8, 0) == 0); /* Test with input == output */ - TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx, mode, msg->x, msg->len, - result, &result_len, sizeof( result ) ) == expected_ret ); - if( expected_ret == 0 ) - { - TEST_ASSERT( result_len == expected_result->len ); - TEST_ASSERT( memcmp( expected_result->x, result, result_len ) == 0 ); - } - else - { - TEST_ASSERT( result_len == 0 ); + TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx, mode, msg->x, msg->len, + result, &result_len, sizeof(result)) == expected_ret); + if (expected_ret == 0) { + TEST_ASSERT(result_len == expected_result->len); + TEST_ASSERT(memcmp(expected_result->x, result, result_len) == 0); + } else { + TEST_ASSERT(result_len == 0); } /* Check that the function didn't write beyond the end of the buffer. */ - for( i = msg->len - 8; i < sizeof( result ); i++ ) - { - TEST_ASSERT( result[i] == '+' ); + for (i = msg->len - 8; i < sizeof(result); i++) { + TEST_ASSERT(result[i] == '+'); } exit: - mbedtls_nist_kw_free( &ctx ); + mbedtls_nist_kw_free(&ctx); } /* END_CASE */ diff --git a/tests/suites/test_suite_oid.function b/tests/suites/test_suite_oid.function index 9e8d43739cc3..fac5ed4d0d6d 100644 --- a/tests/suites/test_suite_oid.function +++ b/tests/suites/test_suite_oid.function @@ -11,7 +11,7 @@ */ /* BEGIN_CASE */ -void oid_get_certificate_policies( data_t *oid, char *result_str ) +void oid_get_certificate_policies(data_t *oid, char *result_str) { mbedtls_asn1_buf asn1_buf = { 0, 0, NULL }; int ret; @@ -21,21 +21,18 @@ void oid_get_certificate_policies( data_t *oid, char *result_str ) asn1_buf.p = oid->x; asn1_buf.len = oid->len; - ret = mbedtls_oid_get_certificate_policies( &asn1_buf, &desc ); - if( strlen( result_str ) == 0 ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND ); - } - else - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( strcmp( ( char* )desc, result_str ) == 0 ); + ret = mbedtls_oid_get_certificate_policies(&asn1_buf, &desc); + if (strlen(result_str) == 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND); + } else { + TEST_ASSERT(ret == 0); + TEST_ASSERT(strcmp((char *) desc, result_str) == 0); } } /* END_CASE */ /* BEGIN_CASE */ -void oid_get_extended_key_usage( data_t *oid, char *result_str ) +void oid_get_extended_key_usage(data_t *oid, char *result_str) { mbedtls_asn1_buf asn1_buf = { 0, 0, NULL }; int ret; @@ -45,21 +42,18 @@ void oid_get_extended_key_usage( data_t *oid, char *result_str ) asn1_buf.p = oid->x; asn1_buf.len = oid->len; - ret = mbedtls_oid_get_extended_key_usage( &asn1_buf, &desc ); - if( strlen( result_str ) == 0 ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND ); - } - else - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( strcmp( ( char * )desc, result_str ) == 0 ); + ret = mbedtls_oid_get_extended_key_usage(&asn1_buf, &desc); + if (strlen(result_str) == 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND); + } else { + TEST_ASSERT(ret == 0); + TEST_ASSERT(strcmp((char *) desc, result_str) == 0); } } /* END_CASE */ /* BEGIN_CASE */ -void oid_get_x509_extension( data_t *oid, int exp_type ) +void oid_get_x509_extension(data_t *oid, int exp_type) { mbedtls_asn1_buf ext_oid = { 0, 0, NULL }; int ret; @@ -69,21 +63,18 @@ void oid_get_x509_extension( data_t *oid, int exp_type ) ext_oid.p = oid->x; ext_oid.len = oid->len; - ret = mbedtls_oid_get_x509_ext_type( &ext_oid, &ext_type ); - if( exp_type == 0 ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND ); - } - else - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( ext_type == exp_type ); + ret = mbedtls_oid_get_x509_ext_type(&ext_oid, &ext_type); + if (exp_type == 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND); + } else { + TEST_ASSERT(ret == 0); + TEST_ASSERT(ext_type == exp_type); } } /* END_CASE */ /* BEGIN_CASE */ -void oid_get_md_alg_id( data_t *oid, int exp_md_id ) +void oid_get_md_alg_id(data_t *oid, int exp_md_id) { mbedtls_asn1_buf md_oid = { 0, 0, NULL }; int ret; @@ -93,17 +84,14 @@ void oid_get_md_alg_id( data_t *oid, int exp_md_id ) md_oid.p = oid->x; md_oid.len = oid->len; - ret = mbedtls_oid_get_md_alg( &md_oid, &md_id ); + ret = mbedtls_oid_get_md_alg(&md_oid, &md_id); - if( exp_md_id < 0 ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND ); - TEST_ASSERT( md_id == 0); - } - else - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( (mbedtls_md_type_t)exp_md_id == md_id ); + if (exp_md_id < 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND); + TEST_ASSERT(md_id == 0); + } else { + TEST_ASSERT(ret == 0); + TEST_ASSERT((mbedtls_md_type_t) exp_md_id == md_id); } } /* END_CASE */ diff --git a/tests/suites/test_suite_pem.function b/tests/suites/test_suite_pem.function index 947f1fb25d79..8aac3cf90137 100644 --- a/tests/suites/test_suite_pem.function +++ b/tests/suites/test_suite_pem.function @@ -6,48 +6,48 @@ /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */ -void mbedtls_pem_write_buffer( char * start, char * end, data_t * buf, - char * result_str ) +void mbedtls_pem_write_buffer(char *start, char *end, data_t *buf, + char *result_str) { unsigned char *check_buf = NULL; int ret; size_t olen = 0, olen2 = 0; - ret = mbedtls_pem_write_buffer( start, end, buf->x, buf->len, NULL, 0, &olen ); - TEST_ASSERT( ret == MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + ret = mbedtls_pem_write_buffer(start, end, buf->x, buf->len, NULL, 0, &olen); + TEST_ASSERT(ret == MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL); - check_buf = (unsigned char *) mbedtls_calloc( 1, olen ); - TEST_ASSERT( check_buf != NULL ); + check_buf = (unsigned char *) mbedtls_calloc(1, olen); + TEST_ASSERT(check_buf != NULL); - ret = mbedtls_pem_write_buffer( start, end, buf->x, buf->len, check_buf, olen, &olen2 ); + ret = mbedtls_pem_write_buffer(start, end, buf->x, buf->len, check_buf, olen, &olen2); - TEST_ASSERT( olen2 <= olen ); - TEST_ASSERT( olen > strlen( (char*) result_str ) ); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( strncmp( (char *) check_buf, (char *) result_str, olen ) == 0 ); + TEST_ASSERT(olen2 <= olen); + TEST_ASSERT(olen > strlen((char *) result_str)); + TEST_ASSERT(ret == 0); + TEST_ASSERT(strncmp((char *) check_buf, (char *) result_str, olen) == 0); exit: - mbedtls_free( check_buf ); + mbedtls_free(check_buf); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_AES_C:MBEDTLS_DES_C:MBEDTLS_MD5_C:MBEDTLS_CIPHER_MODE_CBC */ -void mbedtls_pem_read_buffer( char *header, char *footer, char *data, - char *pwd, int res ) +void mbedtls_pem_read_buffer(char *header, char *footer, char *data, + char *pwd, int res) { mbedtls_pem_context ctx; int ret; size_t use_len = 0; - size_t pwd_len = strlen( pwd ); + size_t pwd_len = strlen(pwd); - mbedtls_pem_init( &ctx ); + mbedtls_pem_init(&ctx); - ret = mbedtls_pem_read_buffer( &ctx, header, footer, (unsigned char *)data, - (unsigned char *)pwd, pwd_len, &use_len ); - TEST_ASSERT( ret == res ); + ret = mbedtls_pem_read_buffer(&ctx, header, footer, (unsigned char *) data, + (unsigned char *) pwd, pwd_len, &use_len); + TEST_ASSERT(ret == res); exit: - mbedtls_pem_free( &ctx ); + mbedtls_pem_free(&ctx); } /* END_CASE */ diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 9cb90aa14413..57e95f05ad1d 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -29,59 +29,60 @@ * generation function. * \return -1 if the key type is not recognized. */ -static int pk_genkey( mbedtls_pk_context *pk, int parameter ) +static int pk_genkey(mbedtls_pk_context *pk, int parameter) { ((void) pk); (void) parameter; #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) - if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA ) - return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), - mbedtls_test_rnd_std_rand, NULL, - parameter, 3 ); + if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_RSA) { + return mbedtls_rsa_gen_key(mbedtls_pk_rsa(*pk), + mbedtls_test_rnd_std_rand, NULL, + parameter, 3); + } #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY || - mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY_DH || - mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECDSA ) - { + if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECKEY || + mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECKEY_DH || + mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECDSA) { int ret; - if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp, - parameter ) ) != 0 ) - return( ret ); - - return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp, - &mbedtls_pk_ec( *pk )->d, - &mbedtls_pk_ec( *pk )->Q, - mbedtls_test_rnd_std_rand, NULL ); + if ((ret = mbedtls_ecp_group_load(&mbedtls_pk_ec(*pk)->grp, + parameter)) != 0) { + return ret; + } + + return mbedtls_ecp_gen_keypair(&mbedtls_pk_ec(*pk)->grp, + &mbedtls_pk_ec(*pk)->d, + &mbedtls_pk_ec(*pk)->Q, + mbedtls_test_rnd_std_rand, NULL); } #endif - return( -1 ); + return -1; } #if defined(MBEDTLS_RSA_C) -int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen, - const unsigned char *input, unsigned char *output, - size_t output_max_len ) +int mbedtls_rsa_decrypt_func(void *ctx, int mode, size_t *olen, + const unsigned char *input, unsigned char *output, + size_t output_max_len) { - return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, - mbedtls_test_rnd_std_rand, NULL, mode, - olen, input, output, output_max_len ) ); + return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx, + mbedtls_test_rnd_std_rand, NULL, mode, + olen, input, output, output_max_len); } -int mbedtls_rsa_sign_func( void *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, - const unsigned char *hash, unsigned char *sig ) +int mbedtls_rsa_sign_func(void *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, + const unsigned char *hash, unsigned char *sig) { ((void) f_rng); ((void) p_rng); - return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, - mbedtls_test_rnd_std_rand, NULL, mode, - md_alg, hashlen, hash, sig ) ); + return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx, + mbedtls_test_rnd_std_rand, NULL, mode, + md_alg, hashlen, hash, sig); } -size_t mbedtls_rsa_key_len_func( void *ctx ) +size_t mbedtls_rsa_key_len_func(void *ctx) { - return( ((const mbedtls_rsa_context *) ctx)->len ); + return ((const mbedtls_rsa_context *) ctx)->len; } #endif /* MBEDTLS_RSA_C */ @@ -92,22 +93,22 @@ size_t mbedtls_rsa_key_len_func( void *ctx ) * or 0 if the key generation failed. * The key uses NIST P-256 and is usable for signing with SHA-256. */ -mbedtls_svc_key_id_t pk_psa_genkey( void ) +mbedtls_svc_key_id_t pk_psa_genkey(void) { mbedtls_svc_key_id_t key; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const psa_key_type_t type = - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ); + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1); const size_t bits = 256; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(PSA_ALG_SHA_256) ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); - PSA_ASSERT( psa_generate_key( &attributes, &key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_SHA_256)); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); + PSA_ASSERT(psa_generate_key(&attributes, &key)); exit: - return( key ); + return key; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* END_HEADER */ @@ -118,7 +119,7 @@ exit: */ /* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ -void pk_psa_utils( ) +void pk_psa_utils() { mbedtls_pk_context pk, pk2; mbedtls_svc_key_id_t key; @@ -132,205 +133,206 @@ void pk_psa_utils( ) size_t len; mbedtls_pk_debug_item dbg; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - mbedtls_pk_init( &pk ); - mbedtls_pk_init( &pk2 ); + mbedtls_pk_init(&pk); + mbedtls_pk_init(&pk2); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + TEST_ASSERT(psa_crypto_init() == PSA_SUCCESS); - TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, MBEDTLS_SVC_KEY_ID_INIT ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_pk_setup_opaque(&pk, MBEDTLS_SVC_KEY_ID_INIT) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); - mbedtls_pk_free( &pk ); - mbedtls_pk_init( &pk ); + mbedtls_pk_free(&pk); + mbedtls_pk_init(&pk); key = pk_psa_genkey(); - if( mbedtls_svc_key_id_is_null( key ) ) + if (mbedtls_svc_key_id_is_null(key)) { goto exit; + } - TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup_opaque(&pk, key) == 0); - TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE ); - TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 ); + TEST_ASSERT(mbedtls_pk_get_type(&pk) == MBEDTLS_PK_OPAQUE); + TEST_ASSERT(strcmp(mbedtls_pk_get_name(&pk), name) == 0); - TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen ); - TEST_ASSERT( mbedtls_pk_get_len( &pk ) == bitlen / 8 ); + TEST_ASSERT(mbedtls_pk_get_bitlen(&pk) == bitlen); + TEST_ASSERT(mbedtls_pk_get_len(&pk) == bitlen / 8); - TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECKEY ) == 1 ); - TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 1 ); - TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 0 ); + TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECKEY) == 1); + TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECDSA) == 1); + TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_RSA) == 0); /* unsupported operations: verify, decrypt, encrypt */ - TEST_ASSERT( mbedtls_pk_verify( &pk, md_alg, - b1, sizeof( b1), b2, sizeof( b2 ) ) - == MBEDTLS_ERR_PK_TYPE_MISMATCH ); - TEST_ASSERT( mbedtls_pk_decrypt( &pk, b1, sizeof( b1 ), - b2, &len, sizeof( b2 ), - NULL, NULL ) - == MBEDTLS_ERR_PK_TYPE_MISMATCH ); - TEST_ASSERT( mbedtls_pk_encrypt( &pk, b1, sizeof( b1 ), - b2, &len, sizeof( b2 ), - NULL, NULL ) - == MBEDTLS_ERR_PK_TYPE_MISMATCH ); + TEST_ASSERT(mbedtls_pk_verify(&pk, md_alg, + b1, sizeof(b1), b2, sizeof(b2)) + == MBEDTLS_ERR_PK_TYPE_MISMATCH); + TEST_ASSERT(mbedtls_pk_decrypt(&pk, b1, sizeof(b1), + b2, &len, sizeof(b2), + NULL, NULL) + == MBEDTLS_ERR_PK_TYPE_MISMATCH); + TEST_ASSERT(mbedtls_pk_encrypt(&pk, b1, sizeof(b1), + b2, &len, sizeof(b2), + NULL, NULL) + == MBEDTLS_ERR_PK_TYPE_MISMATCH); /* unsupported functions: check_pair, debug */ - TEST_ASSERT( mbedtls_pk_setup( &pk2, - mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 ); - TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2 ) - == MBEDTLS_ERR_PK_TYPE_MISMATCH ); - TEST_ASSERT( mbedtls_pk_debug( &pk, &dbg ) - == MBEDTLS_ERR_PK_TYPE_MISMATCH ); + TEST_ASSERT(mbedtls_pk_setup(&pk2, + mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)) == 0); + TEST_ASSERT(mbedtls_pk_check_pair(&pk, &pk2) + == MBEDTLS_ERR_PK_TYPE_MISMATCH); + TEST_ASSERT(mbedtls_pk_debug(&pk, &dbg) + == MBEDTLS_ERR_PK_TYPE_MISMATCH); /* test that freeing the context does not destroy the key */ - mbedtls_pk_free( &pk ); - TEST_ASSERT( PSA_SUCCESS == psa_get_key_attributes( key, &attributes ) ); - TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) ); + mbedtls_pk_free(&pk); + TEST_ASSERT(PSA_SUCCESS == psa_get_key_attributes(key, &attributes)); + TEST_ASSERT(PSA_SUCCESS == psa_destroy_key(key)); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_pk_free( &pk ); /* redundant except upon error */ - mbedtls_pk_free( &pk2 ); - USE_PSA_DONE( ); + mbedtls_pk_free(&pk); /* redundant except upon error */ + mbedtls_pk_free(&pk2); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void valid_parameters( ) +void valid_parameters() { mbedtls_pk_context pk; unsigned char buf[1]; size_t len; void *options = NULL; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); - TEST_VALID_PARAM( mbedtls_pk_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_pk_free(NULL)); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - TEST_VALID_PARAM( mbedtls_pk_restart_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_pk_restart_free(NULL)); #endif - TEST_ASSERT( mbedtls_pk_setup( &pk, NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_pk_setup(&pk, NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); /* In informational functions, we accept NULL where a context pointer * is expected because that's what the library has done forever. * We do not document that NULL is accepted, so we may wish to change * the behavior in a future version. */ - TEST_ASSERT( mbedtls_pk_get_bitlen( NULL ) == 0 ); - TEST_ASSERT( mbedtls_pk_get_len( NULL ) == 0 ); - TEST_ASSERT( mbedtls_pk_can_do( NULL, MBEDTLS_PK_NONE ) == 0 ); - - TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, - MBEDTLS_MD_NONE, - NULL, 0, - buf, &len, - mbedtls_test_rnd_std_rand, NULL, - NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, + TEST_ASSERT(mbedtls_pk_get_bitlen(NULL) == 0); + TEST_ASSERT(mbedtls_pk_get_len(NULL) == 0); + TEST_ASSERT(mbedtls_pk_can_do(NULL, MBEDTLS_PK_NONE) == 0); + + TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, + MBEDTLS_MD_NONE, + NULL, 0, + buf, &len, + mbedtls_test_rnd_std_rand, NULL, + NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, + MBEDTLS_MD_NONE, + NULL, 0, + buf, &len, + mbedtls_test_rnd_std_rand, NULL, + NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_pk_sign(&pk, + MBEDTLS_MD_NONE, + NULL, 0, + buf, &len, + mbedtls_test_rnd_std_rand, NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, MBEDTLS_MD_NONE, NULL, 0, - buf, &len, - mbedtls_test_rnd_std_rand, NULL, - NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + buf, sizeof(buf), + NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_pk_sign( &pk, + TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, NULL, 0, - buf, &len, - mbedtls_test_rnd_std_rand, NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, - MBEDTLS_MD_NONE, - NULL, 0, - buf, sizeof( buf ), - NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_pk_verify( &pk, - MBEDTLS_MD_NONE, - NULL, 0, - buf, sizeof( buf ) ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - &pk, - MBEDTLS_MD_NONE, - NULL, 0, - buf, sizeof( buf ) ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_pk_encrypt( &pk, - NULL, 0, - NULL, &len, 0, - mbedtls_test_rnd_std_rand, NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_pk_decrypt( &pk, - NULL, 0, - NULL, &len, 0, - mbedtls_test_rnd_std_rand, NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + buf, sizeof(buf)) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options, + &pk, + MBEDTLS_MD_NONE, + NULL, 0, + buf, sizeof(buf)) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_pk_encrypt(&pk, + NULL, 0, + NULL, &len, 0, + mbedtls_test_rnd_std_rand, NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_pk_decrypt(&pk, + NULL, 0, + NULL, &len, 0, + mbedtls_test_rnd_std_rand, NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); #if defined(MBEDTLS_PK_PARSE_C) - TEST_ASSERT( mbedtls_pk_parse_key( &pk, NULL, 0, NULL, 1 ) == - MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + TEST_ASSERT(mbedtls_pk_parse_key(&pk, NULL, 0, NULL, 1) == + MBEDTLS_ERR_PK_KEY_INVALID_FORMAT); - TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, NULL, 0 ) == - MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + TEST_ASSERT(mbedtls_pk_parse_public_key(&pk, NULL, 0) == + MBEDTLS_ERR_PK_KEY_INVALID_FORMAT); #endif /* MBEDTLS_PK_PARSE_C */ } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PK_WRITE_C */ -void valid_parameters_pkwrite( data_t *key_data ) +void valid_parameters_pkwrite(data_t *key_data) { mbedtls_pk_context pk; /* For the write tests to be effective, we need a valid key pair. */ - mbedtls_pk_init( &pk ); - TEST_ASSERT( mbedtls_pk_parse_key( &pk, - key_data->x, key_data->len, - NULL, 0 ) == 0 ); + mbedtls_pk_init(&pk); + TEST_ASSERT(mbedtls_pk_parse_key(&pk, + key_data->x, key_data->len, + NULL, 0) == 0); - TEST_ASSERT( mbedtls_pk_write_key_der( &pk, NULL, 0 ) == - MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + TEST_ASSERT(mbedtls_pk_write_key_der(&pk, NULL, 0) == + MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); - TEST_ASSERT( mbedtls_pk_write_pubkey_der( &pk, NULL, 0 ) == - MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + TEST_ASSERT(mbedtls_pk_write_pubkey_der(&pk, NULL, 0) == + MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); #if defined(MBEDTLS_PEM_WRITE_C) - TEST_ASSERT( mbedtls_pk_write_key_pem( &pk, NULL, 0 ) == - MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + TEST_ASSERT(mbedtls_pk_write_key_pem(&pk, NULL, 0) == + MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL); - TEST_ASSERT( mbedtls_pk_write_pubkey_pem( &pk, NULL, 0 ) == - MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + TEST_ASSERT(mbedtls_pk_write_pubkey_pem(&pk, NULL, 0) == + MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL); #endif /* MBEDTLS_PEM_WRITE_C */ exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void invalid_parameters( ) +void invalid_parameters() { size_t len; unsigned char *null_buf = NULL; unsigned char buf[1]; unsigned char *p = buf; - char str[1] = {0}; + char str[1] = { 0 }; mbedtls_pk_context pk; mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256; void *options = buf; @@ -339,253 +341,253 @@ void invalid_parameters( ) (void) p; (void) str; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); - TEST_INVALID_PARAM( mbedtls_pk_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_pk_init(NULL)); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - TEST_INVALID_PARAM( mbedtls_pk_restart_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_pk_restart_init(NULL)); #endif - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_setup( NULL, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_setup(NULL, NULL)); #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_setup_rsa_alt( NULL, buf, - NULL, NULL, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_setup_rsa_alt(NULL, buf, + NULL, NULL, NULL)); #endif - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_restartable( NULL, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_restartable( &pk, - MBEDTLS_MD_NONE, - NULL, sizeof( buf ), - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_restartable( &pk, - valid_md, - NULL, 0, - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_restartable( &pk, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - NULL, sizeof( buf ), - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify( NULL, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify( &pk, - MBEDTLS_MD_NONE, - NULL, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify( &pk, - valid_md, - NULL, 0, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify( &pk, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - NULL, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - &pk, - MBEDTLS_MD_NONE, - NULL, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - &pk, - valid_md, - NULL, 0, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - &pk, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign_restartable( NULL, MBEDTLS_MD_NONE, buf, sizeof( buf ), - buf, &len, mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_NONE, NULL, sizeof( buf ), - buf, &len, mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign_restartable( &pk, valid_md, NULL, 0, buf, &len, - mbedtls_test_rnd_std_rand, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_NONE, buf, sizeof( buf ), - NULL, &len, mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign( NULL, MBEDTLS_MD_NONE, buf, sizeof( buf ), - buf, &len, mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, NULL, sizeof( buf ), - buf, &len, mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign( &pk, valid_md, NULL, 0, buf, &len, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, buf, sizeof( buf ), NULL, &len, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_decrypt( NULL, buf, sizeof( buf ), buf, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_decrypt( &pk, NULL, sizeof( buf ), buf, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_decrypt( &pk, buf, sizeof( buf ), NULL, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_decrypt( &pk, buf, sizeof( buf ), buf, NULL, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_encrypt( NULL, buf, sizeof( buf ), buf, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_encrypt( &pk, NULL, sizeof( buf ), buf, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_encrypt( &pk, buf, sizeof( buf ), NULL, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_encrypt( &pk, buf, sizeof( buf ), buf, NULL, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_check_pair( NULL, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_check_pair( &pk, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_debug( NULL, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_restartable(NULL, + MBEDTLS_MD_NONE, + buf, sizeof(buf), + buf, sizeof(buf), + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_restartable(&pk, + MBEDTLS_MD_NONE, + NULL, sizeof(buf), + buf, sizeof(buf), + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_restartable(&pk, + valid_md, + NULL, 0, + buf, sizeof(buf), + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_restartable(&pk, + MBEDTLS_MD_NONE, + buf, sizeof(buf), + NULL, sizeof(buf), + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify(NULL, + MBEDTLS_MD_NONE, + buf, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify(&pk, + MBEDTLS_MD_NONE, + NULL, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify(&pk, + valid_md, + NULL, 0, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify(&pk, + MBEDTLS_MD_NONE, + buf, sizeof(buf), + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options, + NULL, + MBEDTLS_MD_NONE, + buf, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options, + &pk, + MBEDTLS_MD_NONE, + NULL, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options, + &pk, + valid_md, + NULL, 0, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options, + &pk, + MBEDTLS_MD_NONE, + buf, sizeof(buf), + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign_restartable(NULL, MBEDTLS_MD_NONE, buf, sizeof(buf), + buf, &len, mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_NONE, NULL, sizeof(buf), + buf, &len, mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign_restartable(&pk, valid_md, NULL, 0, buf, &len, + mbedtls_test_rnd_std_rand, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_NONE, buf, sizeof(buf), + NULL, &len, mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign(NULL, MBEDTLS_MD_NONE, buf, sizeof(buf), + buf, &len, mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, NULL, sizeof(buf), + buf, &len, mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign(&pk, valid_md, NULL, 0, buf, &len, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, buf, sizeof(buf), NULL, &len, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_decrypt(NULL, buf, sizeof(buf), buf, &len, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_decrypt(&pk, NULL, sizeof(buf), buf, &len, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_decrypt(&pk, buf, sizeof(buf), NULL, &len, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_decrypt(&pk, buf, sizeof(buf), buf, NULL, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_encrypt(NULL, buf, sizeof(buf), buf, &len, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_encrypt(&pk, NULL, sizeof(buf), buf, &len, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_encrypt(&pk, buf, sizeof(buf), NULL, &len, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_encrypt(&pk, buf, sizeof(buf), buf, NULL, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_check_pair(NULL, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_check_pair(&pk, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_debug(NULL, NULL)); #if defined(MBEDTLS_PK_PARSE_C) #if defined(MBEDTLS_FS_IO) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_load_file( NULL, &p, &len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_load_file( str, NULL, &len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_load_file( str, &p, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_keyfile( NULL, str, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_keyfile( &pk, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_public_keyfile( NULL, str ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_public_keyfile( &pk, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_load_file(NULL, &p, &len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_load_file(str, NULL, &len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_load_file(str, &p, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_keyfile(NULL, str, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_keyfile(&pk, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_public_keyfile(NULL, str)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_public_keyfile(&pk, NULL)); #endif - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_subpubkey( NULL, buf, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_subpubkey( &null_buf, buf, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_subpubkey( &p, NULL, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_subpubkey( &p, buf, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_key( NULL, - buf, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_key( &pk, - NULL, sizeof( buf ), - buf, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_public_key( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_public_key( &pk, - NULL, sizeof( buf ) ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_subpubkey(NULL, buf, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_subpubkey(&null_buf, buf, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_subpubkey(&p, NULL, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_subpubkey(&p, buf, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_key(NULL, + buf, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_key(&pk, + NULL, sizeof(buf), + buf, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_public_key(NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_public_key(&pk, + NULL, sizeof(buf))); #endif /* MBEDTLS_PK_PARSE_C */ #if defined(MBEDTLS_PK_WRITE_C) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey( NULL, p, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey( &null_buf, p, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey( &p, NULL, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey( &p, p, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey_der( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey_der( &pk, - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_key_der( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_key_der( &pk, - NULL, sizeof( buf ) ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey(NULL, p, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey(&null_buf, p, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey(&p, NULL, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey(&p, p, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey_der(NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey_der(&pk, + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_key_der(NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_key_der(&pk, + NULL, sizeof(buf))); #if defined(MBEDTLS_PEM_WRITE_C) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey_pem( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey_pem( &pk, - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_key_pem( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_key_pem( &pk, - NULL, sizeof( buf ) ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey_pem(NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey_pem(&pk, + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_key_pem(NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_key_pem(&pk, + NULL, sizeof(buf))); #endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PK_WRITE_C */ @@ -593,60 +595,59 @@ void invalid_parameters( ) /* END_CASE */ /* BEGIN_CASE */ -void pk_utils( int type, int parameter, int bitlen, int len, char * name ) +void pk_utils(int type, int parameter, int bitlen, int len, char *name) { mbedtls_pk_context pk; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); - TEST_ASSERT( pk_genkey( &pk, parameter ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); + TEST_ASSERT(pk_genkey(&pk, parameter) == 0); - TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type ); - TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) ); - TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == (unsigned) bitlen ); - TEST_ASSERT( mbedtls_pk_get_len( &pk ) == (unsigned) len ); - TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 ); + TEST_ASSERT((int) mbedtls_pk_get_type(&pk) == type); + TEST_ASSERT(mbedtls_pk_can_do(&pk, type)); + TEST_ASSERT(mbedtls_pk_get_bitlen(&pk) == (unsigned) bitlen); + TEST_ASSERT(mbedtls_pk_get_len(&pk) == (unsigned) len); + TEST_ASSERT(strcmp(mbedtls_pk_get_name(&pk), name) == 0); exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_FS_IO */ -void mbedtls_pk_check_pair( char * pub_file, char * prv_file, int ret ) +void mbedtls_pk_check_pair(char *pub_file, char *prv_file, int ret) { mbedtls_pk_context pub, prv, alt; - mbedtls_pk_init( &pub ); - mbedtls_pk_init( &prv ); - mbedtls_pk_init( &alt ); + mbedtls_pk_init(&pub); + mbedtls_pk_init(&prv); + mbedtls_pk_init(&alt); - TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &pub, pub_file ) == 0 ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL ) == 0 ); + TEST_ASSERT(mbedtls_pk_parse_public_keyfile(&pub, pub_file) == 0); + TEST_ASSERT(mbedtls_pk_parse_keyfile(&prv, prv_file, NULL) == 0); - TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv ) == ret ); + TEST_ASSERT(mbedtls_pk_check_pair(&pub, &prv) == ret); #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT) - if( mbedtls_pk_get_type( &prv ) == MBEDTLS_PK_RSA ) - { - TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, mbedtls_pk_rsa( prv ), - mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, - mbedtls_rsa_key_len_func ) == 0 ); - TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt ) == ret ); + if (mbedtls_pk_get_type(&prv) == MBEDTLS_PK_RSA) { + TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&alt, mbedtls_pk_rsa(prv), + mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, + mbedtls_rsa_key_len_func) == 0); + TEST_ASSERT(mbedtls_pk_check_pair(&pub, &alt) == ret); } #endif - mbedtls_pk_free( &pub ); - mbedtls_pk_free( &prv ); - mbedtls_pk_free( &alt ); + mbedtls_pk_free(&pub); + mbedtls_pk_free(&prv); + mbedtls_pk_free(&alt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C */ -void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod, - char * input_N, char * input_E, - data_t * result_str, int result ) +void pk_rsa_verify_test_vec(data_t *message_str, int digest, int mod, + char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context *rsa; @@ -656,46 +657,49 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod, mbedtls_pk_restart_ctx ctx; rs_ctx = &ctx; - mbedtls_pk_restart_init( rs_ctx ); + mbedtls_pk_restart_init(rs_ctx); // this setting would ensure restart would happen if ECC was used - mbedtls_ecp_set_max_ops( 1 ); + mbedtls_ecp_set_max_ops(1); #endif - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); - memset( hash_result, 0x00, MBEDTLS_MD_MAX_SIZE ); + memset(hash_result, 0x00, MBEDTLS_MD_MAX_SIZE); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - rsa = mbedtls_pk_rsa( pk ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); + rsa = mbedtls_pk_rsa(pk); rsa->len = mod / 8; - TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&rsa->N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&rsa->E, input_E) == 0); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } - TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0, - result_str->x, mbedtls_pk_get_len( &pk ) ) == result ); + TEST_ASSERT(mbedtls_pk_verify(&pk, digest, hash_result, 0, + result_str->x, mbedtls_pk_get_len(&pk)) == result); - TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, digest, hash_result, 0, - result_str->x, mbedtls_pk_get_len( &pk ), rs_ctx ) == result ); + TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, digest, hash_result, 0, + result_str->x, mbedtls_pk_get_len( + &pk), rs_ctx) == result); exit: #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_pk_restart_free( rs_ctx ); + mbedtls_pk_restart_free(rs_ctx); #endif - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C */ -void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest, - int mod, char * input_N, - char * input_E, data_t * result_str, - int pk_type, int mgf1_hash_id, - int salt_len, int result ) +void pk_rsa_verify_ext_test_vec(data_t *message_str, int digest, + int mod, char *input_N, + char *input_E, data_t *result_str, + int pk_type, int mgf1_hash_id, + int salt_len, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context *rsa; @@ -704,85 +708,79 @@ void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest, void *options; size_t hash_len; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); - memset( hash_result, 0x00, sizeof( hash_result ) ); + memset(hash_result, 0x00, sizeof(hash_result)); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - rsa = mbedtls_pk_rsa( pk ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); + rsa = mbedtls_pk_rsa(pk); rsa->len = mod / 8; - TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&rsa->N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&rsa->E, input_E) == 0); - if( digest != MBEDTLS_MD_NONE ) - { - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), - message_str->x, message_str->len, hash_result ) == 0 ); + if (digest != MBEDTLS_MD_NONE) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), + message_str->x, message_str->len, hash_result) == 0); hash_len = 0; - } - else - { - memcpy( hash_result, message_str->x, message_str->len ); + } else { + memcpy(hash_result, message_str->x, message_str->len); hash_len = message_str->len; } - if( mgf1_hash_id < 0 ) - { + if (mgf1_hash_id < 0) { options = NULL; - } - else - { + } else { options = &pss_opts; pss_opts.mgf1_hash_id = mgf1_hash_id; pss_opts.expected_salt_len = salt_len; } - TEST_ASSERT( mbedtls_pk_verify_ext( pk_type, options, &pk, - digest, hash_result, hash_len, - result_str->x, mbedtls_pk_get_len( &pk ) ) == result ); + TEST_ASSERT(mbedtls_pk_verify_ext(pk_type, options, &pk, + digest, hash_result, hash_len, + result_str->x, mbedtls_pk_get_len(&pk)) == result); exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C */ -void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash, - data_t * sig, int ret ) +void pk_ec_test_vec(int type, int id, data_t *key, data_t *hash, + data_t *sig, int ret) { mbedtls_pk_context pk; mbedtls_ecp_keypair *eckey; - mbedtls_pk_init( &pk ); - USE_PSA_INIT( ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); - TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) ); - eckey = mbedtls_pk_ec( pk ); + TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECDSA)); + eckey = mbedtls_pk_ec(pk); - TEST_ASSERT( mbedtls_ecp_group_load( &eckey->grp, id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_binary( &eckey->grp, &eckey->Q, - key->x, key->len ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&eckey->grp, id) == 0); + TEST_ASSERT(mbedtls_ecp_point_read_binary(&eckey->grp, &eckey->Q, + key->x, key->len) == 0); // MBEDTLS_MD_NONE is used since it will be ignored. - TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE, - hash->x, hash->len, sig->x, sig->len ) == ret ); + TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, + hash->x, hash->len, sig->x, sig->len) == ret); exit: - mbedtls_pk_free( &pk ); - USE_PSA_DONE( ); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC */ -void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, - char *QX_str, char *QY_str, - int md_alg, char *msg, data_t *sig_check, - int max_ops, int min_restart, int max_restart ) +void pk_sign_verify_restart(int pk_type, int grp_id, char *d_str, + char *QX_str, char *QY_str, + int md_alg, char *msg, data_t *sig_check, + int max_ops, int min_restart, int max_restart) { int ret, cnt_restart; mbedtls_pk_restart_ctx rs_ctx; @@ -792,94 +790,93 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, size_t hlen, slen; const mbedtls_md_info_t *md_info; - mbedtls_pk_restart_init( &rs_ctx ); - mbedtls_pk_init( &prv ); - mbedtls_pk_init( &pub ); - memset( hash, 0, sizeof( hash ) ); - memset( sig, 0, sizeof( sig ) ); + mbedtls_pk_restart_init(&rs_ctx); + mbedtls_pk_init(&prv); + mbedtls_pk_init(&pub); + memset(hash, 0, sizeof(hash)); + memset(sig, 0, sizeof(sig)); - TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 ); - TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &mbedtls_pk_ec( prv )->d, d_str ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&prv, mbedtls_pk_info_from_type(pk_type)) == 0); + TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec(prv)->grp, grp_id) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&mbedtls_pk_ec(prv)->d, d_str) == 0); - TEST_ASSERT( mbedtls_pk_setup( &pub, mbedtls_pk_info_from_type( pk_type ) ) == 0 ); - TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_string( &mbedtls_pk_ec( pub )->Q, 16, QX_str, QY_str ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&pub, mbedtls_pk_info_from_type(pk_type)) == 0); + TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec(pub)->grp, grp_id) == 0); + TEST_ASSERT(mbedtls_ecp_point_read_string(&mbedtls_pk_ec(pub)->Q, 16, QX_str, QY_str) == 0); - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); - hlen = mbedtls_md_get_size( md_info ); - TEST_ASSERT( mbedtls_md( md_info, - (const unsigned char *) msg, strlen( msg ), - hash ) == 0 ); + hlen = mbedtls_md_get_size(md_info); + TEST_ASSERT(mbedtls_md(md_info, + (const unsigned char *) msg, strlen(msg), + hash) == 0); - mbedtls_ecp_set_max_ops( max_ops ); + mbedtls_ecp_set_max_ops(max_ops); - slen = sizeof( sig ); + slen = sizeof(sig); cnt_restart = 0; do { - ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen, - sig, &slen, NULL, NULL, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_pk_sign_restartable(&prv, md_alg, hash, hlen, + sig, &slen, NULL, NULL, &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( slen == sig_check->len ); - TEST_ASSERT( memcmp( sig, sig_check->x, slen ) == 0 ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(slen == sig_check->len); + TEST_ASSERT(memcmp(sig, sig_check->x, slen) == 0); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); cnt_restart = 0; do { - ret = mbedtls_pk_verify_restartable( &pub, md_alg, - hash, hlen, sig, slen, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_pk_verify_restartable(&pub, md_alg, + hash, hlen, sig, slen, &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); hash[0]++; do { - ret = mbedtls_pk_verify_restartable( &pub, md_alg, - hash, hlen, sig, slen, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); - TEST_ASSERT( ret != 0 ); + ret = mbedtls_pk_verify_restartable(&pub, md_alg, + hash, hlen, sig, slen, &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS); + TEST_ASSERT(ret != 0); hash[0]--; sig[0]++; do { - ret = mbedtls_pk_verify_restartable( &pub, md_alg, - hash, hlen, sig, slen, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); - TEST_ASSERT( ret != 0 ); + ret = mbedtls_pk_verify_restartable(&pub, md_alg, + hash, hlen, sig, slen, &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS); + TEST_ASSERT(ret != 0); sig[0]--; /* Do we leak memory when aborting? try verify then sign * This test only makes sense when we actually restart */ - if( min_restart > 0 ) - { - ret = mbedtls_pk_verify_restartable( &pub, md_alg, - hash, hlen, sig, slen, &rs_ctx ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); - mbedtls_pk_restart_free( &rs_ctx ); - - slen = sizeof( sig ); - ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen, - sig, &slen, NULL, NULL, &rs_ctx ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + if (min_restart > 0) { + ret = mbedtls_pk_verify_restartable(&pub, md_alg, + hash, hlen, sig, slen, &rs_ctx); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); + mbedtls_pk_restart_free(&rs_ctx); + + slen = sizeof(sig); + ret = mbedtls_pk_sign_restartable(&prv, md_alg, hash, hlen, + sig, &slen, NULL, NULL, &rs_ctx); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); } exit: - mbedtls_pk_restart_free( &rs_ctx ); - mbedtls_pk_free( &prv ); - mbedtls_pk_free( &pub ); + mbedtls_pk_restart_free(&rs_ctx); + mbedtls_pk_free(&prv); + mbedtls_pk_free(&pub); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret ) +void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret) { mbedtls_pk_context pk; size_t sig_len, hash_len; @@ -891,88 +888,88 @@ void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret ) mbedtls_pk_restart_ctx ctx; rs_ctx = &ctx; - mbedtls_pk_restart_init( rs_ctx ); + mbedtls_pk_restart_init(rs_ctx); /* This value is large enough that the operation will complete in one run. * See comments at the top of ecp_test_vect_restart in * test_suite_ecp.function for estimates of operation counts. */ - mbedtls_ecp_set_max_ops( 42000 ); + mbedtls_ecp_set_max_ops(42000); #endif - hash_len = mbedtls_md_get_size( mbedtls_md_info_from_type( md ) ); - ASSERT_ALLOC( hash, hash_len ); + hash_len = mbedtls_md_get_size(mbedtls_md_info_from_type(md)); + ASSERT_ALLOC(hash, hash_len); - mbedtls_pk_init( &pk ); - USE_PSA_INIT( ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - memset( hash, 0x2a, hash_len ); - memset( sig, 0, sizeof sig ); + memset(hash, 0x2a, hash_len); + memset(sig, 0, sizeof sig); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); - TEST_ASSERT( pk_genkey( &pk, parameter ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); + TEST_ASSERT(pk_genkey(&pk, parameter) == 0); - TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, md, - hash, hash_len, sig, &sig_len, - mbedtls_test_rnd_std_rand, NULL, rs_ctx ) == sign_ret ); - if( sign_ret == 0 ) - TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE ); - else + TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, md, + hash, hash_len, sig, &sig_len, + mbedtls_test_rnd_std_rand, NULL, rs_ctx) == sign_ret); + if (sign_ret == 0) { + TEST_ASSERT(sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE); + } else { sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE; + } - TEST_ASSERT( mbedtls_pk_verify( &pk, md, - hash, hash_len, sig, sig_len ) == verify_ret ); + TEST_ASSERT(mbedtls_pk_verify(&pk, md, + hash, hash_len, sig, sig_len) == verify_ret); - if( verify_ret == 0 ) - { + if (verify_ret == 0) { hash[0]++; - TEST_ASSERT( mbedtls_pk_verify( &pk, md, - hash, hash_len, sig, sig_len ) != 0 ); + TEST_ASSERT(mbedtls_pk_verify(&pk, md, + hash, hash_len, sig, sig_len) != 0); hash[0]--; sig[0]++; - TEST_ASSERT( mbedtls_pk_verify( &pk, md, - hash, hash_len, sig, sig_len ) != 0 ); + TEST_ASSERT(mbedtls_pk_verify(&pk, md, + hash, hash_len, sig, sig_len) != 0); sig[0]--; } - TEST_ASSERT( mbedtls_pk_sign( &pk, md, hash, hash_len, - sig, &sig_len, - mbedtls_test_rnd_std_rand, - NULL ) == sign_ret ); - if( sign_ret == 0 ) - TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE ); - else + TEST_ASSERT(mbedtls_pk_sign(&pk, md, hash, hash_len, + sig, &sig_len, + mbedtls_test_rnd_std_rand, + NULL) == sign_ret); + if (sign_ret == 0) { + TEST_ASSERT(sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE); + } else { sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE; + } - TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, md, - hash, hash_len, sig, sig_len, rs_ctx ) == verify_ret ); + TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, md, + hash, hash_len, sig, sig_len, rs_ctx) == verify_ret); - if( verify_ret == 0 ) - { + if (verify_ret == 0) { hash[0]++; - TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, md, - hash, hash_len, sig, sig_len, rs_ctx ) != 0 ); + TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, md, + hash, hash_len, sig, sig_len, rs_ctx) != 0); hash[0]--; sig[0]++; - TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, md, - hash, hash_len, sig, sig_len, rs_ctx ) != 0 ); + TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, md, + hash, hash_len, sig, sig_len, rs_ctx) != 0); sig[0]--; } exit: #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_pk_restart_free( rs_ctx ); + mbedtls_pk_restart_free(rs_ctx); #endif - mbedtls_pk_free( &pk ); - mbedtls_free( hash ); - USE_PSA_DONE( ); + mbedtls_pk_free(&pk); + mbedtls_free(hash); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C */ -void pk_rsa_encrypt_test_vec( data_t * message, int mod, - char * input_N, char * input_E, - data_t * result, int ret ) +void pk_rsa_encrypt_test_vec(data_t *message, int mod, + char *input_N, char *input_E, + data_t *result, int ret) { unsigned char output[300]; mbedtls_test_rnd_pseudo_info rnd_info; @@ -980,34 +977,34 @@ void pk_rsa_encrypt_test_vec( data_t * message, int mod, mbedtls_pk_context pk; size_t olen; - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - memset( output, 0, sizeof( output ) ); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); + memset(output, 0, sizeof(output)); - mbedtls_pk_init( &pk ); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - rsa = mbedtls_pk_rsa( pk ); + mbedtls_pk_init(&pk); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); + rsa = mbedtls_pk_rsa(pk); rsa->len = mod / 8; - TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&rsa->N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&rsa->E, input_E) == 0); - TEST_ASSERT( mbedtls_pk_encrypt( &pk, message->x, message->len, - output, &olen, sizeof( output ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret ); - TEST_ASSERT( olen == result->len ); - TEST_ASSERT( memcmp( output, result->x, olen ) == 0 ); + TEST_ASSERT(mbedtls_pk_encrypt(&pk, message->x, message->len, + output, &olen, sizeof(output), + mbedtls_test_rnd_pseudo_rand, &rnd_info) == ret); + TEST_ASSERT(olen == result->len); + TEST_ASSERT(memcmp(output, result->x, olen) == 0); exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C */ -void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, - char * input_P, char * input_Q, - char * input_N, char * input_E, - data_t * clear, int ret ) +void pk_rsa_decrypt_test_vec(data_t *cipher, int mod, + char *input_P, char *input_Q, + char *input_N, char *input_E, + data_t *clear, int ret) { unsigned char output[256]; mbedtls_test_rnd_pseudo_info rnd_info; @@ -1016,49 +1013,48 @@ void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, mbedtls_pk_context pk; size_t olen; - mbedtls_pk_init( &pk ); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); + mbedtls_pk_init(&pk); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); /* init pk-rsa context */ - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - rsa = mbedtls_pk_rsa( pk ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); + rsa = mbedtls_pk_rsa(pk); /* load public key */ - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); /* load private key */ - TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_rsa_import( rsa, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( rsa ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( rsa ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_rsa_import(rsa, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(rsa) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_complete(rsa) == 0); /* decryption test */ - memset( output, 0, sizeof( output ) ); + memset(output, 0, sizeof(output)); olen = 0; - TEST_ASSERT( mbedtls_pk_decrypt( &pk, cipher->x, cipher->len, - output, &olen, sizeof( output ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret ); - if( ret == 0 ) - { - TEST_ASSERT( olen == clear->len ); - TEST_ASSERT( memcmp( output, clear->x, olen ) == 0 ); + TEST_ASSERT(mbedtls_pk_decrypt(&pk, cipher->x, cipher->len, + output, &olen, sizeof(output), + mbedtls_test_rnd_pseudo_rand, &rnd_info) == ret); + if (ret == 0) { + TEST_ASSERT(olen == clear->len); + TEST_ASSERT(memcmp(output, clear->x, olen) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_pk_free( &pk ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_pk_free(&pk); } /* END_CASE */ /* BEGIN_CASE */ -void pk_ec_nocrypt( int type ) +void pk_ec_nocrypt(int type) { mbedtls_pk_context pk; unsigned char output[100]; @@ -1067,65 +1063,66 @@ void pk_ec_nocrypt( int type ) size_t olen = 0; int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - memset( output, 0, sizeof( output ) ); - memset( input, 0, sizeof( input ) ); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); + memset(output, 0, sizeof(output)); + memset(input, 0, sizeof(input)); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); - TEST_ASSERT( mbedtls_pk_encrypt( &pk, input, sizeof( input ), - output, &olen, sizeof( output ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret ); + TEST_ASSERT(mbedtls_pk_encrypt(&pk, input, sizeof(input), + output, &olen, sizeof(output), + mbedtls_test_rnd_pseudo_rand, &rnd_info) == ret); - TEST_ASSERT( mbedtls_pk_decrypt( &pk, input, sizeof( input ), - output, &olen, sizeof( output ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret ); + TEST_ASSERT(mbedtls_pk_decrypt(&pk, input, sizeof(input), + output, &olen, sizeof(output), + mbedtls_test_rnd_pseudo_rand, &rnd_info) == ret); exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C */ -void pk_rsa_overflow( ) +void pk_rsa_overflow() { mbedtls_pk_context pk; size_t hash_len = SIZE_MAX, sig_len = SIZE_MAX; unsigned char hash[50], sig[100]; - if( SIZE_MAX <= UINT_MAX ) + if (SIZE_MAX <= UINT_MAX) { return; + } - memset( hash, 0x2a, sizeof hash ); - memset( sig, 0, sizeof sig ); + memset(hash, 0x2a, sizeof hash); + memset(sig, 0, sizeof sig); - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); - TEST_ASSERT( mbedtls_pk_setup( &pk, - mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&pk, + mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); #if defined(MBEDTLS_PKCS1_V21) - TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, NULL, &pk, - MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_pk_verify_ext(MBEDTLS_PK_RSASSA_PSS, NULL, &pk, + MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); #endif /* MBEDTLS_PKCS1_V21 */ - TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE, hash, hash_len, - sig, sig_len ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash, hash_len, + sig, sig_len) == MBEDTLS_ERR_PK_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, hash, hash_len, sig, - &sig_len, mbedtls_test_rnd_std_rand, NULL ) - == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len, sig, + &sig_len, mbedtls_test_rnd_std_rand, NULL) + == MBEDTLS_ERR_PK_BAD_INPUT_DATA); exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_RSA_ALT_SUPPORT */ -void pk_rsa_alt( ) +void pk_rsa_alt() { /* * An rsa_alt context can only do private operations (decrypt, sign). @@ -1140,74 +1137,75 @@ void pk_rsa_alt( ) size_t sig_len, ciph_len, test_len; int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; - mbedtls_rsa_init( &raw, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); - mbedtls_pk_init( &rsa ); mbedtls_pk_init( &alt ); + mbedtls_rsa_init(&raw, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE); + mbedtls_pk_init(&rsa); mbedtls_pk_init(&alt); - memset( hash, 0x2a, sizeof hash ); - memset( sig, 0, sizeof sig ); - memset( msg, 0x2a, sizeof msg ); - memset( ciph, 0, sizeof ciph ); - memset( test, 0, sizeof test ); + memset(hash, 0x2a, sizeof hash); + memset(sig, 0, sizeof sig); + memset(msg, 0x2a, sizeof msg); + memset(ciph, 0, sizeof ciph); + memset(test, 0, sizeof test); /* Initialize PK RSA context with random key */ - TEST_ASSERT( mbedtls_pk_setup( &rsa, - mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - TEST_ASSERT( pk_genkey( &rsa, RSA_KEY_SIZE ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&rsa, + mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); + TEST_ASSERT(pk_genkey(&rsa, RSA_KEY_SIZE) == 0); /* Extract key to the raw rsa context */ - TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 ); + TEST_ASSERT(mbedtls_rsa_copy(&raw, mbedtls_pk_rsa(rsa)) == 0); /* Initialize PK RSA_ALT context */ - TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, (void *) &raw, - mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, mbedtls_rsa_key_len_func ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&alt, (void *) &raw, + mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, + mbedtls_rsa_key_len_func) == 0); /* Test administrative functions */ - TEST_ASSERT( mbedtls_pk_can_do( &alt, MBEDTLS_PK_RSA ) ); - TEST_ASSERT( mbedtls_pk_get_bitlen( &alt ) == RSA_KEY_SIZE ); - TEST_ASSERT( mbedtls_pk_get_len( &alt ) == RSA_KEY_LEN ); - TEST_ASSERT( mbedtls_pk_get_type( &alt ) == MBEDTLS_PK_RSA_ALT ); - TEST_ASSERT( strcmp( mbedtls_pk_get_name( &alt ), "RSA-alt" ) == 0 ); + TEST_ASSERT(mbedtls_pk_can_do(&alt, MBEDTLS_PK_RSA)); + TEST_ASSERT(mbedtls_pk_get_bitlen(&alt) == RSA_KEY_SIZE); + TEST_ASSERT(mbedtls_pk_get_len(&alt) == RSA_KEY_LEN); + TEST_ASSERT(mbedtls_pk_get_type(&alt) == MBEDTLS_PK_RSA_ALT); + TEST_ASSERT(strcmp(mbedtls_pk_get_name(&alt), "RSA-alt") == 0); /* Test signature */ #if SIZE_MAX > UINT_MAX - TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, SIZE_MAX, sig, - &sig_len, mbedtls_test_rnd_std_rand, NULL ) - == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, SIZE_MAX, sig, + &sig_len, mbedtls_test_rnd_std_rand, NULL) + == MBEDTLS_ERR_PK_BAD_INPUT_DATA); #endif /* SIZE_MAX > UINT_MAX */ - TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, sizeof hash, sig, - &sig_len, mbedtls_test_rnd_std_rand, NULL ) - == 0 ); - TEST_ASSERT( sig_len == RSA_KEY_LEN ); - TEST_ASSERT( mbedtls_pk_verify( &rsa, MBEDTLS_MD_NONE, - hash, sizeof hash, sig, sig_len ) == 0 ); + TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, sizeof hash, sig, + &sig_len, mbedtls_test_rnd_std_rand, NULL) + == 0); + TEST_ASSERT(sig_len == RSA_KEY_LEN); + TEST_ASSERT(mbedtls_pk_verify(&rsa, MBEDTLS_MD_NONE, + hash, sizeof hash, sig, sig_len) == 0); /* Test decrypt */ - TEST_ASSERT( mbedtls_pk_encrypt( &rsa, msg, sizeof msg, - ciph, &ciph_len, sizeof ciph, - mbedtls_test_rnd_std_rand, NULL ) == 0 ); - TEST_ASSERT( mbedtls_pk_decrypt( &alt, ciph, ciph_len, - test, &test_len, sizeof test, - mbedtls_test_rnd_std_rand, NULL ) == 0 ); - TEST_ASSERT( test_len == sizeof msg ); - TEST_ASSERT( memcmp( test, msg, test_len ) == 0 ); + TEST_ASSERT(mbedtls_pk_encrypt(&rsa, msg, sizeof msg, + ciph, &ciph_len, sizeof ciph, + mbedtls_test_rnd_std_rand, NULL) == 0); + TEST_ASSERT(mbedtls_pk_decrypt(&alt, ciph, ciph_len, + test, &test_len, sizeof test, + mbedtls_test_rnd_std_rand, NULL) == 0); + TEST_ASSERT(test_len == sizeof msg); + TEST_ASSERT(memcmp(test, msg, test_len) == 0); /* Test forbidden operations */ - TEST_ASSERT( mbedtls_pk_encrypt( &alt, msg, sizeof msg, - ciph, &ciph_len, sizeof ciph, - mbedtls_test_rnd_std_rand, NULL ) == ret ); - TEST_ASSERT( mbedtls_pk_verify( &alt, MBEDTLS_MD_NONE, - hash, sizeof hash, sig, sig_len ) == ret ); - TEST_ASSERT( mbedtls_pk_debug( &alt, dbg_items ) == ret ); + TEST_ASSERT(mbedtls_pk_encrypt(&alt, msg, sizeof msg, + ciph, &ciph_len, sizeof ciph, + mbedtls_test_rnd_std_rand, NULL) == ret); + TEST_ASSERT(mbedtls_pk_verify(&alt, MBEDTLS_MD_NONE, + hash, sizeof hash, sig, sig_len) == ret); + TEST_ASSERT(mbedtls_pk_debug(&alt, dbg_items) == ret); exit: - mbedtls_rsa_free( &raw ); - mbedtls_pk_free( &rsa ); mbedtls_pk_free( &alt ); + mbedtls_rsa_free(&raw); + mbedtls_pk_free(&rsa); mbedtls_pk_free(&alt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C */ -void pk_psa_sign( int grpid_arg, - int psa_curve_arg, int expected_bits_arg ) +void pk_psa_sign(int grpid_arg, + int psa_curve_arg, int expected_bits_arg) { mbedtls_ecp_group_id grpid = grpid_arg; mbedtls_pk_context pk; @@ -1220,7 +1218,7 @@ void pk_psa_sign( int grpid_arg, int ret; mbedtls_svc_key_id_t key_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_type_t expected_type = PSA_KEY_TYPE_ECC_KEY_PAIR( psa_curve_arg ); + psa_key_type_t expected_type = PSA_KEY_TYPE_ECC_KEY_PAIR(psa_curve_arg); size_t expected_bits = expected_bits_arg; /* @@ -1231,69 +1229,69 @@ void pk_psa_sign( int grpid_arg, * - parse it to a PK context and verify the signature this way */ - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Create legacy EC public/private key in PK context. */ - mbedtls_pk_init( &pk ); - TEST_ASSERT( mbedtls_pk_setup( &pk, - mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 ); - TEST_ASSERT( mbedtls_ecp_gen_key( grpid, - (mbedtls_ecp_keypair*) pk.pk_ctx, - mbedtls_test_rnd_std_rand, NULL ) == 0 ); + mbedtls_pk_init(&pk); + TEST_ASSERT(mbedtls_pk_setup(&pk, + mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)) == 0); + TEST_ASSERT(mbedtls_ecp_gen_key(grpid, + (mbedtls_ecp_keypair *) pk.pk_ctx, + mbedtls_test_rnd_std_rand, NULL) == 0); /* Export underlying public key for re-importing in a legacy context. */ - ret = mbedtls_pk_write_pubkey_der( &pk, pkey_legacy, - sizeof( pkey_legacy ) ); - TEST_ASSERT( ret >= 0 ); + ret = mbedtls_pk_write_pubkey_der(&pk, pkey_legacy, + sizeof(pkey_legacy)); + TEST_ASSERT(ret >= 0); klen_legacy = (size_t) ret; /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */ - pkey_legacy_start = pkey_legacy + sizeof( pkey_legacy ) - klen_legacy; + pkey_legacy_start = pkey_legacy + sizeof(pkey_legacy) - klen_legacy; /* Turn PK context into an opaque one. */ - TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &key_id, - PSA_ALG_SHA_256 ) == 0 ); + TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&pk, &key_id, + PSA_ALG_SHA_256) == 0); - PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), expected_type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), - PSA_KEY_LIFETIME_VOLATILE ); + PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), expected_type); + TEST_EQUAL(psa_get_key_bits(&attributes), expected_bits); + TEST_EQUAL(psa_get_key_lifetime(&attributes), + PSA_KEY_LIFETIME_VOLATILE); - memset( hash, 0x2a, sizeof hash ); - memset( sig, 0, sizeof sig ); + memset(hash, 0x2a, sizeof hash); + memset(sig, 0, sizeof sig); - TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, &sig_len, - NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, + hash, sizeof hash, sig, &sig_len, + NULL, NULL) == 0); /* Export underlying public key for re-importing in a psa context. */ - ret = mbedtls_pk_write_pubkey_der( &pk, pkey_psa, - sizeof( pkey_psa ) ); - TEST_ASSERT( ret >= 0 ); + ret = mbedtls_pk_write_pubkey_der(&pk, pkey_psa, + sizeof(pkey_psa)); + TEST_ASSERT(ret >= 0); klen_psa = (size_t) ret; /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */ - pkey_psa_start = pkey_psa + sizeof( pkey_psa ) - klen_psa; + pkey_psa_start = pkey_psa + sizeof(pkey_psa) - klen_psa; - TEST_ASSERT( klen_psa == klen_legacy ); - TEST_ASSERT( memcmp( pkey_psa_start, pkey_legacy_start, klen_psa ) == 0 ); + TEST_ASSERT(klen_psa == klen_legacy); + TEST_ASSERT(memcmp(pkey_psa_start, pkey_legacy_start, klen_psa) == 0); - mbedtls_pk_free( &pk ); - TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key_id ) ); + mbedtls_pk_free(&pk); + TEST_ASSERT(PSA_SUCCESS == psa_destroy_key(key_id)); - mbedtls_pk_init( &pk ); - TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, pkey_legacy_start, - klen_legacy ) == 0 ); - TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, sig_len ) == 0 ); + mbedtls_pk_init(&pk); + TEST_ASSERT(mbedtls_pk_parse_public_key(&pk, pkey_legacy_start, + klen_legacy) == 0); + TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, + hash, sizeof hash, sig, sig_len) == 0); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_pk_free( &pk ); - USE_PSA_DONE( ); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 385f86abb30e..17d2ed705c6b 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -2,10 +2,9 @@ #include "mbedtls/pkcs12.h" #include "mbedtls/error.h" -typedef enum -{ - USE_NULL_INPUT = 0, - USE_GIVEN_INPUT = 1, +typedef enum { + USE_NULL_INPUT = 0, + USE_GIVEN_INPUT = 1, } input_usage_method_t; /* END_HEADER */ @@ -16,34 +15,36 @@ typedef enum */ /* BEGIN_CASE */ -void pkcs12_derive_key( int md_type, int key_size_arg, - data_t *password_arg, int password_usage, - data_t *salt_arg, int salt_usage, - int iterations, - data_t* expected_output, int expected_status ) +void pkcs12_derive_key(int md_type, int key_size_arg, + data_t *password_arg, int password_usage, + data_t *salt_arg, int salt_usage, + int iterations, + data_t *expected_output, int expected_status) { - unsigned char *output_data = NULL; + unsigned char *output_data = NULL; - unsigned char *password = NULL; - size_t password_len = 0; - unsigned char *salt = NULL; - size_t salt_len = 0; - size_t key_size = key_size_arg; + unsigned char *password = NULL; + size_t password_len = 0; + unsigned char *salt = NULL; + size_t salt_len = 0; + size_t key_size = key_size_arg; - if( password_usage == USE_GIVEN_INPUT ) - password = password_arg->x; + if (password_usage == USE_GIVEN_INPUT) { + password = password_arg->x; + } - password_len = password_arg->len; + password_len = password_arg->len; - if( salt_usage == USE_GIVEN_INPUT ) - salt = salt_arg->x; + if (salt_usage == USE_GIVEN_INPUT) { + salt = salt_arg->x; + } - salt_len = salt_arg->len; + salt_len = salt_arg->len; - ASSERT_ALLOC( output_data, key_size ); + ASSERT_ALLOC(output_data, key_size); - int ret = mbedtls_pkcs12_derivation( output_data, + int ret = mbedtls_pkcs12_derivation(output_data, key_size, password, password_len, @@ -51,18 +52,17 @@ void pkcs12_derive_key( int md_type, int key_size_arg, salt_len, md_type, MBEDTLS_PKCS12_DERIVE_KEY, - iterations ); + iterations); - TEST_EQUAL( ret, expected_status ); + TEST_EQUAL(ret, expected_status); - if( expected_status == 0 ) - { - ASSERT_COMPARE( expected_output->x, expected_output->len, - output_data, key_size ); - } + if (expected_status == 0) { + ASSERT_COMPARE(expected_output->x, expected_output->len, + output_data, key_size); + } exit: - mbedtls_free( output_data ); + mbedtls_free(output_data); } /* END_CASE */ diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 9fc4faac833b..83fc73a7d160 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -9,10 +9,10 @@ */ /* BEGIN_CASE */ -void pkcs1_rsaes_v15_encrypt( int mod, char * input_N, - char * input_E, int hash, - data_t * message_str, data_t * rnd_buf, - data_t * result_str, int result ) +void pkcs1_rsaes_v15_encrypt(int mod, char *input_N, + char *input_E, int hash, + data_t *message_str, data_t *rnd_buf, + data_t *result_str, int result) { unsigned char output[128]; mbedtls_rsa_context ctx; @@ -24,41 +24,41 @@ void pkcs1_rsaes_v15_encrypt( int mod, char * input_N, info.buf = rnd_buf->x; info.length = rnd_buf->len; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( output, 0x00, sizeof( output ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, hash); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - if( message_str->len == 0 ) + if (message_str->len == 0) { message_str->x = NULL; - TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, - &mbedtls_test_rnd_buffer_rand, - &info, MBEDTLS_RSA_PUBLIC, - message_str->len, message_str->x, - output ) == result ); - - if( result == 0 ) - { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + } + TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx, + &mbedtls_test_rnd_buffer_rand, + &info, MBEDTLS_RSA_PUBLIC, + message_str->len, message_str->x, + output) == result); + + if (result == 0) { + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsaes_v15_decrypt( int mod, char * input_P, char * input_Q, - char * input_N, char * input_E, int hash, - data_t * result_str, char * seed, - data_t * message_str, int result ) +void pkcs1_rsaes_v15_decrypt(int mod, char *input_P, char *input_Q, + char *input_N, char *input_E, int hash, + data_t *result_str, char *seed, + data_t *message_str, int result) { unsigned char output[128]; mbedtls_rsa_context ctx; @@ -67,60 +67,56 @@ void pkcs1_rsaes_v15_decrypt( int mod, char * input_P, char * input_Q, mbedtls_mpi N, P, Q, E; ((void) seed); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - - memset( output, 0x00, sizeof( output ) ); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - - TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - - if( result_str->len == 0 ) - { - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info, - MBEDTLS_RSA_PRIVATE, - &output_len, message_str->x, - NULL, 0 ) == result ); - } - else - { - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, - &output_len, message_str->x, - output, 1000 ) == result ); - if( result == 0 ) - { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - output_len, - result_str->len) == 0 ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, hash); + + memset(output, 0x00, sizeof(output)); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); + + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); + + if (result_str->len == 0) { + TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info, + MBEDTLS_RSA_PRIVATE, + &output_len, message_str->x, + NULL, 0) == result); + } else { + TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info, MBEDTLS_RSA_PRIVATE, + &output_len, message_str->x, + output, 1000) == result); + if (result == 0) { + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + output_len, + result_str->len) == 0); } } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_v15_decode( int mode, - data_t *input, - int expected_plaintext_length_arg, - int output_size_arg, - int expected_result ) +void pkcs1_v15_decode(int mode, + data_t *input, + int expected_plaintext_length_arg, + int output_size_arg, + int expected_result) { size_t expected_plaintext_length = expected_plaintext_length_arg; size_t output_size = output_size_arg; @@ -190,48 +186,46 @@ void pkcs1_v15_decode( int mode, unsigned char final[128]; size_t output_length = 0x7EA0; - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - mbedtls_mpi_init( &Nmpi ); mbedtls_mpi_init( &Empi ); - mbedtls_mpi_init( &Pmpi ); mbedtls_mpi_init( &Qmpi ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); - - TEST_ASSERT( mbedtls_mpi_read_binary( &Nmpi, N, sizeof( N ) ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Empi, E, sizeof( E ) ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Pmpi, P, sizeof( P ) ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Qmpi, Q, sizeof( Q ) ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import( &ctx, &Nmpi, &Pmpi, &Qmpi, - NULL, &Empi ) == 0 ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - - TEST_ASSERT( input->len <= sizeof( N ) ); - memcpy( original, input->x, input->len ); - memset( original + input->len, 'd', sizeof( original ) - input->len ); - if( mode == MBEDTLS_RSA_PRIVATE ) - TEST_ASSERT( mbedtls_rsa_public( &ctx, original, intermediate ) == 0 ); - else - TEST_ASSERT( mbedtls_rsa_private( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, original, - intermediate ) == 0 ); - - memcpy( final, default_content, sizeof( final ) ); - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info, mode, &output_length, - intermediate, final, - output_size ) == expected_result ); - if( expected_result == 0 ) - { - TEST_ASSERT( output_length == expected_plaintext_length ); - TEST_ASSERT( memcmp( original + sizeof( N ) - output_length, - final, - output_length ) == 0 ); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); + mbedtls_mpi_init(&Nmpi); mbedtls_mpi_init(&Empi); + mbedtls_mpi_init(&Pmpi); mbedtls_mpi_init(&Qmpi); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0); + + TEST_ASSERT(mbedtls_mpi_read_binary(&Nmpi, N, sizeof(N)) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&Empi, E, sizeof(E)) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&Pmpi, P, sizeof(P)) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&Qmpi, Q, sizeof(Q)) == 0); + + TEST_ASSERT(mbedtls_rsa_import(&ctx, &Nmpi, &Pmpi, &Qmpi, + NULL, &Empi) == 0); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + + TEST_ASSERT(input->len <= sizeof(N)); + memcpy(original, input->x, input->len); + memset(original + input->len, 'd', sizeof(original) - input->len); + if (mode == MBEDTLS_RSA_PRIVATE) { + TEST_ASSERT(mbedtls_rsa_public(&ctx, original, intermediate) == 0); + } else { + TEST_ASSERT(mbedtls_rsa_private(&ctx, &mbedtls_test_rnd_pseudo_rand, + &rnd_info, original, + intermediate) == 0); } - else if( expected_result == MBEDTLS_ERR_RSA_INVALID_PADDING || - expected_result == MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ) - { + + memcpy(final, default_content, sizeof(final)); + TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info, mode, &output_length, + intermediate, final, + output_size) == expected_result); + if (expected_result == 0) { + TEST_ASSERT(output_length == expected_plaintext_length); + TEST_ASSERT(memcmp(original + sizeof(N) - output_length, + final, + output_length) == 0); + } else if (expected_result == MBEDTLS_ERR_RSA_INVALID_PADDING || + expected_result == MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE) { size_t max_payload_length = - output_size > sizeof( N ) - 11 ? sizeof( N ) - 11 : output_size; + output_size > sizeof(N) - 11 ? sizeof(N) - 11 : output_size; size_t i; size_t count = 0; @@ -240,34 +234,36 @@ void pkcs1_v15_decode( int mode, * implementation currently does. Alternative implementations * may produce different output, so we only perform these precise * checks when using the default implementation. */ - TEST_ASSERT( output_length == max_payload_length ); - for( i = 0; i < max_payload_length; i++ ) - TEST_ASSERT( final[i] == 0 ); + TEST_ASSERT(output_length == max_payload_length); + for (i = 0; i < max_payload_length; i++) { + TEST_ASSERT(final[i] == 0); + } #endif /* Even in alternative implementations, the outputs must have * changed, otherwise it indicates at least a timing vulnerability * because no write to the outputs is performed in the bad case. */ - TEST_ASSERT( output_length != 0x7EA0 ); - for( i = 0; i < max_payload_length; i++ ) - count += ( final[i] == default_content[i] ); + TEST_ASSERT(output_length != 0x7EA0); + for (i = 0; i < max_payload_length; i++) { + count += (final[i] == default_content[i]); + } /* If more than 16 bytes are unchanged in final, that's evidence * that final wasn't overwritten. */ - TEST_ASSERT( count < 16 ); + TEST_ASSERT(count < 16); } exit: - mbedtls_mpi_free( &Nmpi ); mbedtls_mpi_free( &Empi ); - mbedtls_mpi_free( &Pmpi ); mbedtls_mpi_free( &Qmpi ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&Nmpi); mbedtls_mpi_free(&Empi); + mbedtls_mpi_free(&Pmpi); mbedtls_mpi_free(&Qmpi); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsassa_v15_sign( int mod, char * input_P, - char * input_Q, char * input_N, - char * input_E, int digest, int hash, - data_t * message_str, data_t * rnd_buf, - data_t * result_str, int result ) +void pkcs1_rsassa_v15_sign(int mod, char *input_P, + char *input_Q, char *input_N, + char *input_E, int digest, int hash, + data_t *message_str, data_t *rnd_buf, + data_t *result_str, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; unsigned char output[128]; @@ -280,72 +276,76 @@ void pkcs1_rsassa_v15_sign( int mod, char * input_P, info.buf = rnd_buf->x; info.length = rnd_buf->len; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, hash); - memset( hash_result, 0x00, sizeof( hash_result ) ); - memset( output, 0x00, sizeof( output ) ); + memset(hash_result, 0x00, sizeof(hash_result)); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } - TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, MBEDTLS_RSA_PRIVATE, digest, - 0, hash_result, output ) == result ); - if( result == 0 ) - { + TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_buffer_rand, + &info, MBEDTLS_RSA_PRIVATE, digest, + 0, hash_result, output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsassa_v15_verify( int mod, char * input_N, char * input_E, - int digest, int hash, data_t * message_str, - char * salt, data_t * result_str, int result ) +void pkcs1_rsassa_v15_verify(int mod, char *input_N, char *input_E, + int digest, int hash, data_t *message_str, + char *salt, data_t *result_str, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; ((void) salt); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( hash_result, 0x00, sizeof( hash_result ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, hash); + memset(hash_result, 0x00, sizeof(hash_result)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, + hash_result, result_str->x) == result); exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index c23a4adea916..bf99df692e7f 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -9,9 +9,9 @@ */ /* BEGIN_CASE */ -void pkcs1_rsaes_oaep_encrypt( int mod, data_t * input_N, data_t * input_E, - int hash, data_t * message_str, data_t * rnd_buf, - data_t * result_str, int result ) +void pkcs1_rsaes_oaep_encrypt(int mod, data_t *input_N, data_t *input_E, + int hash, data_t *message_str, data_t *rnd_buf, + data_t *result_str, int result) { unsigned char output[256]; mbedtls_rsa_context ctx; @@ -23,39 +23,39 @@ void pkcs1_rsaes_oaep_encrypt( int mod, data_t * input_N, data_t * input_E, info.buf = rnd_buf->x; info.length = rnd_buf->len; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( output, 0x00, sizeof( output ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, hash); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 ); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - if( message_str->len == 0 ) + if (message_str->len == 0) { message_str->x = NULL; - TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, - &mbedtls_test_rnd_buffer_rand, - &info, MBEDTLS_RSA_PUBLIC, - message_str->len, message_str->x, - output ) == result ); - if( result == 0 ) - { - ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len ); + } + TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx, + &mbedtls_test_rnd_buffer_rand, + &info, MBEDTLS_RSA_PUBLIC, + message_str->len, message_str->x, + output) == result); + if (result == 0) { + ASSERT_COMPARE(output, ctx.len, result_str->x, result_str->len); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsaes_oaep_decrypt( int mod, data_t * input_P, data_t * input_Q, - data_t * input_N, data_t * input_E, int hash, - data_t * result_str, char * seed, data_t * message_str, - int result ) +void pkcs1_rsaes_oaep_decrypt(int mod, data_t *input_P, data_t *input_Q, + data_t *input_N, data_t *input_E, int hash, + data_t *result_str, char *seed, data_t *message_str, + int result) { unsigned char output[64]; mbedtls_rsa_context ctx; @@ -64,61 +64,57 @@ void pkcs1_rsaes_oaep_decrypt( int mod, data_t * input_P, data_t * input_Q, mbedtls_mpi N, P, Q, E; ((void) seed); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - - memset( output, 0x00, sizeof( output ) ); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - - TEST_ASSERT( mbedtls_mpi_read_binary( &P, input_P->x, input_P->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Q, input_Q->x, input_Q->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - - if( result_str->len == 0 ) - { - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info, - MBEDTLS_RSA_PRIVATE, - &output_len, message_str->x, - NULL, 0 ) == result ); - } - else - { - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info, - MBEDTLS_RSA_PRIVATE, - &output_len, message_str->x, - output, - sizeof( output ) ) == result ); - if( result == 0 ) - { - ASSERT_COMPARE( output, output_len, result_str->x, result_str->len ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, hash); + + memset(output, 0x00, sizeof(output)); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); + + TEST_ASSERT(mbedtls_mpi_read_binary(&P, input_P->x, input_P->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&Q, input_Q->x, input_Q->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); + + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); + + if (result_str->len == 0) { + TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info, + MBEDTLS_RSA_PRIVATE, + &output_len, message_str->x, + NULL, 0) == result); + } else { + TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info, + MBEDTLS_RSA_PRIVATE, + &output_len, message_str->x, + output, + sizeof(output)) == result); + if (result == 0) { + ASSERT_COMPARE(output, output_len, result_str->x, result_str->len); } } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q, - data_t * input_N, data_t * input_E, int digest, - int hash, data_t * message_str, data_t * rnd_buf, - data_t * result_str, int fixed_salt_length, - int result ) +void pkcs1_rsassa_pss_sign(int mod, data_t *input_P, data_t *input_Q, + data_t *input_N, data_t *input_E, int digest, + int hash, data_t *message_str, data_t *rnd_buf, + data_t *result_str, int fixed_salt_length, + int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; unsigned char output[512]; @@ -131,136 +127,135 @@ void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q, info.buf = rnd_buf->x; info.length = rnd_buf->len; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - - memset( hash_result, 0x00, sizeof( hash_result ) ); - memset( output, 0x00, sizeof( output ) ); - - TEST_ASSERT( mbedtls_mpi_read_binary( &P, input_P->x, input_P->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Q, input_Q->x, input_Q->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - - if (fixed_salt_length == MBEDTLS_RSA_SALT_LEN_ANY) - { - TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, MBEDTLS_RSA_PRIVATE, digest, 0, - hash_result, output ) == result ); - if( result == 0 ) - { - ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, hash); + + memset(hash_result, 0x00, sizeof(hash_result)); + memset(output, 0x00, sizeof(output)); + + TEST_ASSERT(mbedtls_mpi_read_binary(&P, input_P->x, input_P->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&Q, input_Q->x, input_Q->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); + + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); + + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } + + if (fixed_salt_length == MBEDTLS_RSA_SALT_LEN_ANY) { + TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_buffer_rand, + &info, MBEDTLS_RSA_PRIVATE, digest, 0, + hash_result, output) == result); + if (result == 0) { + ASSERT_COMPARE(output, ctx.len, result_str->x, result_str->len); } info.buf = rnd_buf->x; info.length = rnd_buf->len; } - TEST_ASSERT( mbedtls_rsa_rsassa_pss_sign_ext( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, digest, 0, hash_result, - fixed_salt_length, output ) == result ); - if( result == 0 ) - { - ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len ); + TEST_ASSERT(mbedtls_rsa_rsassa_pss_sign_ext(&ctx, &mbedtls_test_rnd_buffer_rand, + &info, digest, 0, hash_result, + fixed_salt_length, output) == result); + if (result == 0) { + ASSERT_COMPARE(output, ctx.len, result_str->x, result_str->len); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsassa_pss_verify( int mod, data_t * input_N, data_t * input_E, - int digest, int hash, data_t * message_str, - char * salt, data_t * result_str, int result ) +void pkcs1_rsassa_pss_verify(int mod, data_t *input_N, data_t *input_E, + int digest, int hash, data_t *message_str, + char *salt, data_t *result_str, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; ((void) salt); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( hash_result, 0x00, sizeof( hash_result ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, hash); + memset(hash_result, 0x00, sizeof(hash_result)); - TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, + hash_result, result_str->x) == result); exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E, - int msg_digest_id, int ctx_hash, - int mgf_hash, int salt_len, - data_t * message_str, - data_t * result_str, int result_simple, - int result_full ) +void pkcs1_rsassa_pss_verify_ext(int mod, data_t *input_N, data_t *input_E, + int msg_digest_id, int ctx_hash, + int mgf_hash, int salt_len, + data_t *message_str, + data_t *result_str, int result_simple, + int result_full) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; size_t hash_len; mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash ); - memset( hash_result, 0x00, sizeof( hash_result ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash); + memset(hash_result, 0x00, sizeof(hash_result)); - TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - if( msg_digest_id != MBEDTLS_MD_NONE ) - { - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( msg_digest_id ), - message_str->x, message_str->len, hash_result ) == 0 ); + if (msg_digest_id != MBEDTLS_MD_NONE) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(msg_digest_id), + message_str->x, message_str->len, hash_result) == 0); hash_len = 0; - } - else - { - memcpy( hash_result, message_str->x, message_str->len ); + } else { + memcpy(hash_result, message_str->x, message_str->len); hash_len = message_str->len; } - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, - msg_digest_id, hash_len, hash_result, - result_str->x ) == result_simple ); + TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, + msg_digest_id, hash_len, hash_result, + result_str->x) == result_simple); - TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, - msg_digest_id, hash_len, hash_result, - mgf_hash, salt_len, - result_str->x ) == result_full ); + TEST_ASSERT(mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, + msg_digest_id, hash_len, hash_result, + mgf_hash, salt_len, + result_str->x) == result_full); exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function index 0b0c937cf485..5d10da482208 100644 --- a/tests/suites/test_suite_pkcs5.function +++ b/tests/suites/test_suite_pkcs5.function @@ -8,33 +8,33 @@ */ /* BEGIN_CASE */ -void pbkdf2_hmac( int hash, data_t * pw_str, data_t * salt_str, - int it_cnt, int key_len, data_t * result_key_string ) +void pbkdf2_hmac(int hash, data_t *pw_str, data_t *salt_str, + int it_cnt, int key_len, data_t *result_key_string) { mbedtls_md_context_t ctx; const mbedtls_md_info_t *info; unsigned char key[100]; - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); - info = mbedtls_md_info_from_type( hash ); - TEST_ASSERT( info != NULL ); - TEST_ASSERT( mbedtls_md_setup( &ctx, info, 1 ) == 0 ); - TEST_ASSERT( mbedtls_pkcs5_pbkdf2_hmac( &ctx, pw_str->x, pw_str->len, salt_str->x, salt_str->len, - it_cnt, key_len, key ) == 0 ); + info = mbedtls_md_info_from_type(hash); + TEST_ASSERT(info != NULL); + TEST_ASSERT(mbedtls_md_setup(&ctx, info, 1) == 0); + TEST_ASSERT(mbedtls_pkcs5_pbkdf2_hmac(&ctx, pw_str->x, pw_str->len, salt_str->x, salt_str->len, + it_cnt, key_len, key) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( key, result_key_string->x, - key_len, result_key_string->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(key, result_key_string->x, + key_len, result_key_string->len) == 0); exit: - mbedtls_md_free( &ctx ); + mbedtls_md_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ -void mbedtls_pkcs5_pbes2( int params_tag, data_t *params_hex, data_t *pw, - data_t *data, int ref_ret, data_t *ref_out ) +void mbedtls_pkcs5_pbes2(int params_tag, data_t *params_hex, data_t *pw, + data_t *data, int ref_ret, data_t *ref_out) { int my_ret; mbedtls_asn1_buf params; @@ -44,23 +44,24 @@ void mbedtls_pkcs5_pbes2( int params_tag, data_t *params_hex, data_t *pw, params.p = params_hex->x; params.len = params_hex->len; - my_out = mbedtls_test_zero_alloc( ref_out->len ); + my_out = mbedtls_test_zero_alloc(ref_out->len); - my_ret = mbedtls_pkcs5_pbes2( ¶ms, MBEDTLS_PKCS5_DECRYPT, - pw->x, pw->len, data->x, data->len, my_out ); - TEST_ASSERT( my_ret == ref_ret ); + my_ret = mbedtls_pkcs5_pbes2(¶ms, MBEDTLS_PKCS5_DECRYPT, + pw->x, pw->len, data->x, data->len, my_out); + TEST_ASSERT(my_ret == ref_ret); - if( ref_ret == 0 ) - TEST_ASSERT( memcmp( my_out, ref_out->x, ref_out->len ) == 0 ); + if (ref_ret == 0) { + TEST_ASSERT(memcmp(my_out, ref_out->x, ref_out->len) == 0); + } exit: - mbedtls_free( my_out ); + mbedtls_free(my_out); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void pkcs5_selftest( ) +void pkcs5_selftest() { - TEST_ASSERT( mbedtls_pkcs5_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_pkcs5_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index 4650d331151a..f2f5e97c7511 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -10,119 +10,116 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */ -void pk_parse_keyfile_rsa( char * key_file, char * password, int result ) +void pk_parse_keyfile_rsa(char *key_file, char *password, int result) { mbedtls_pk_context ctx; int res; char *pwd = password; - mbedtls_pk_init( &ctx ); + mbedtls_pk_init(&ctx); - if( strcmp( pwd, "NULL" ) == 0 ) + if (strcmp(pwd, "NULL") == 0) { pwd = NULL; + } - res = mbedtls_pk_parse_keyfile( &ctx, key_file, pwd ); + res = mbedtls_pk_parse_keyfile(&ctx, key_file, pwd); - TEST_ASSERT( res == result ); + TEST_ASSERT(res == result); - if( res == 0 ) - { + if (res == 0) { mbedtls_rsa_context *rsa; - TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_RSA ) ); - rsa = mbedtls_pk_rsa( ctx ); - TEST_ASSERT( mbedtls_rsa_check_privkey( rsa ) == 0 ); + TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA)); + rsa = mbedtls_pk_rsa(ctx); + TEST_ASSERT(mbedtls_rsa_check_privkey(rsa) == 0); } exit: - mbedtls_pk_free( &ctx ); + mbedtls_pk_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */ -void pk_parse_public_keyfile_rsa( char * key_file, int result ) +void pk_parse_public_keyfile_rsa(char *key_file, int result) { mbedtls_pk_context ctx; int res; - mbedtls_pk_init( &ctx ); + mbedtls_pk_init(&ctx); - res = mbedtls_pk_parse_public_keyfile( &ctx, key_file ); + res = mbedtls_pk_parse_public_keyfile(&ctx, key_file); - TEST_ASSERT( res == result ); + TEST_ASSERT(res == result); - if( res == 0 ) - { + if (res == 0) { mbedtls_rsa_context *rsa; - TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_RSA ) ); - rsa = mbedtls_pk_rsa( ctx ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( rsa ) == 0 ); + TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA)); + rsa = mbedtls_pk_rsa(ctx); + TEST_ASSERT(mbedtls_rsa_check_pubkey(rsa) == 0); } exit: - mbedtls_pk_free( &ctx ); + mbedtls_pk_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_ECP_C */ -void pk_parse_public_keyfile_ec( char * key_file, int result ) +void pk_parse_public_keyfile_ec(char *key_file, int result) { mbedtls_pk_context ctx; int res; - mbedtls_pk_init( &ctx ); + mbedtls_pk_init(&ctx); - res = mbedtls_pk_parse_public_keyfile( &ctx, key_file ); + res = mbedtls_pk_parse_public_keyfile(&ctx, key_file); - TEST_ASSERT( res == result ); + TEST_ASSERT(res == result); - if( res == 0 ) - { + if (res == 0) { mbedtls_ecp_keypair *eckey; - TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_ECKEY ) ); - eckey = mbedtls_pk_ec( ctx ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &eckey->grp, &eckey->Q ) == 0 ); + TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY)); + eckey = mbedtls_pk_ec(ctx); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&eckey->grp, &eckey->Q) == 0); } exit: - mbedtls_pk_free( &ctx ); + mbedtls_pk_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_ECP_C */ -void pk_parse_keyfile_ec( char * key_file, char * password, int result ) +void pk_parse_keyfile_ec(char *key_file, char *password, int result) { mbedtls_pk_context ctx; int res; - mbedtls_pk_init( &ctx ); + mbedtls_pk_init(&ctx); - res = mbedtls_pk_parse_keyfile( &ctx, key_file, password ); + res = mbedtls_pk_parse_keyfile(&ctx, key_file, password); - TEST_ASSERT( res == result ); + TEST_ASSERT(res == result); - if( res == 0 ) - { + if (res == 0) { mbedtls_ecp_keypair *eckey; - TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_ECKEY ) ); - eckey = mbedtls_pk_ec( ctx ); - TEST_ASSERT( mbedtls_ecp_check_privkey( &eckey->grp, &eckey->d ) == 0 ); + TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY)); + eckey = mbedtls_pk_ec(ctx); + TEST_ASSERT(mbedtls_ecp_check_privkey(&eckey->grp, &eckey->d) == 0); } exit: - mbedtls_pk_free( &ctx ); + mbedtls_pk_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pk_parse_key( data_t * buf, int result ) +void pk_parse_key(data_t *buf, int result) { mbedtls_pk_context pk; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); - TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0 ) == result ); + TEST_ASSERT(mbedtls_pk_parse_key(&pk, buf->x, buf->len, NULL, 0) == result); exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); } /* END_CASE */ diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function index 2bad4ed1370a..a49846bcdf99 100644 --- a/tests/suites/test_suite_pkwrite.function +++ b/tests/suites/test_suite_pkwrite.function @@ -10,7 +10,7 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */ -void pk_write_pubkey_check( char * key_file ) +void pk_write_pubkey_check(char *key_file) { mbedtls_pk_context key; unsigned char buf[5000]; @@ -19,38 +19,37 @@ void pk_write_pubkey_check( char * key_file ) FILE *f; size_t ilen, pem_len, buf_index; - memset( buf, 0, sizeof( buf ) ); - memset( check_buf, 0, sizeof( check_buf ) ); + memset(buf, 0, sizeof(buf)); + memset(check_buf, 0, sizeof(check_buf)); - mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &key, key_file ) == 0 ); + mbedtls_pk_init(&key); + TEST_ASSERT(mbedtls_pk_parse_public_keyfile(&key, key_file) == 0); - ret = mbedtls_pk_write_pubkey_pem( &key, buf, sizeof( buf )); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_pk_write_pubkey_pem(&key, buf, sizeof(buf)); + TEST_ASSERT(ret == 0); - pem_len = strlen( (char *) buf ); + pem_len = strlen((char *) buf); // check that the rest of the buffer remains clear - for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index ) - { - TEST_ASSERT( buf[buf_index] == 0 ); + for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { + TEST_ASSERT(buf[buf_index] == 0); } - f = fopen( key_file, "r" ); - TEST_ASSERT( f != NULL ); - ilen = fread( check_buf, 1, sizeof( check_buf ), f ); - fclose( f ); + f = fopen(key_file, "r"); + TEST_ASSERT(f != NULL); + ilen = fread(check_buf, 1, sizeof(check_buf), f); + fclose(f); - TEST_ASSERT( ilen == pem_len ); - TEST_ASSERT( memcmp( (char *) buf, (char *) check_buf, ilen ) == 0 ); + TEST_ASSERT(ilen == pem_len); + TEST_ASSERT(memcmp((char *) buf, (char *) check_buf, ilen) == 0); exit: - mbedtls_pk_free( &key ); + mbedtls_pk_free(&key); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */ -void pk_write_key_check( char * key_file ) +void pk_write_key_check(char *key_file) { mbedtls_pk_context key; unsigned char buf[5000]; @@ -59,32 +58,31 @@ void pk_write_key_check( char * key_file ) FILE *f; size_t ilen, pem_len, buf_index; - memset( buf, 0, sizeof( buf ) ); - memset( check_buf, 0, sizeof( check_buf ) ); + memset(buf, 0, sizeof(buf)); + memset(check_buf, 0, sizeof(check_buf)); - mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); + mbedtls_pk_init(&key); + TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL) == 0); - ret = mbedtls_pk_write_key_pem( &key, buf, sizeof( buf )); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_pk_write_key_pem(&key, buf, sizeof(buf)); + TEST_ASSERT(ret == 0); - pem_len = strlen( (char *) buf ); + pem_len = strlen((char *) buf); // check that the rest of the buffer remains clear - for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index ) - { - TEST_ASSERT( buf[buf_index] == 0 ); + for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { + TEST_ASSERT(buf[buf_index] == 0); } - f = fopen( key_file, "r" ); - TEST_ASSERT( f != NULL ); - ilen = fread( check_buf, 1, sizeof( check_buf ), f ); - fclose( f ); + f = fopen(key_file, "r"); + TEST_ASSERT(f != NULL); + ilen = fread(check_buf, 1, sizeof(check_buf), f); + fclose(f); - TEST_ASSERT( ilen == strlen( (char *) buf ) ); - TEST_ASSERT( memcmp( (char *) buf, (char *) check_buf, ilen ) == 0 ); + TEST_ASSERT(ilen == strlen((char *) buf)); + TEST_ASSERT(memcmp((char *) buf, (char *) check_buf, ilen) == 0); exit: - mbedtls_pk_free( &key ); + mbedtls_pk_free(&key); } /* END_CASE */ diff --git a/tests/suites/test_suite_poly1305.function b/tests/suites/test_suite_poly1305.function index 4b8995b6099f..1a0e38834dfc 100644 --- a/tests/suites/test_suite_poly1305.function +++ b/tests/suites/test_suite_poly1305.function @@ -9,35 +9,35 @@ */ /* BEGIN_CASE */ -void mbedtls_poly1305( data_t *key, data_t *expected_mac, data_t *src_str ) +void mbedtls_poly1305(data_t *key, data_t *expected_mac, data_t *src_str) { unsigned char mac[16]; /* size set by the standard */ mbedtls_poly1305_context ctx; - memset( mac, 0x00, sizeof( mac ) ); + memset(mac, 0x00, sizeof(mac)); /* * Test the integrated API */ - TEST_ASSERT( mbedtls_poly1305_mac( key->x, src_str->x, - src_str->len, mac ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_mac(key->x, src_str->x, + src_str->len, mac) == 0); - ASSERT_COMPARE( mac, expected_mac->len, - expected_mac->x, expected_mac->len ); + ASSERT_COMPARE(mac, expected_mac->len, + expected_mac->x, expected_mac->len); /* * Test the streaming API */ - mbedtls_poly1305_init( &ctx ); + mbedtls_poly1305_init(&ctx); - TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_starts(&ctx, key->x) == 0); - TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, src_str->len ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x, src_str->len) == 0); - TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_finish(&ctx, mac) == 0); - ASSERT_COMPARE( mac, expected_mac->len, - expected_mac->x, expected_mac->len ); + ASSERT_COMPARE(mac, expected_mac->len, + expected_mac->x, expected_mac->len); /* * Test the streaming API again, piecewise @@ -45,37 +45,35 @@ void mbedtls_poly1305( data_t *key, data_t *expected_mac, data_t *src_str ) /* Don't free/init the context, in order to test that starts() does the * right thing. */ - if( src_str->len >= 1 ) - { - TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 ); + if (src_str->len >= 1) { + TEST_ASSERT(mbedtls_poly1305_starts(&ctx, key->x) == 0); - TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, 1 ) == 0 ); - TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 1, src_str->len - 1 ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x, 1) == 0); + TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x + 1, src_str->len - 1) == 0); - TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_finish(&ctx, mac) == 0); - ASSERT_COMPARE( mac, expected_mac->len, - expected_mac->x, expected_mac->len ); + ASSERT_COMPARE(mac, expected_mac->len, + expected_mac->x, expected_mac->len); } /* * Again with more pieces */ - if( src_str->len >= 2 ) - { - TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 ); + if (src_str->len >= 2) { + TEST_ASSERT(mbedtls_poly1305_starts(&ctx, key->x) == 0); - TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, 1 ) == 0 ); - TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 1, 1 ) == 0 ); - TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 2, src_str->len - 2 ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x, 1) == 0); + TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x + 1, 1) == 0); + TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x + 2, src_str->len - 2) == 0); - TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_finish(&ctx, mac) == 0); - ASSERT_COMPARE( mac, expected_mac->len, - expected_mac->x, expected_mac->len ); + ASSERT_COMPARE(mac, expected_mac->len, + expected_mac->x, expected_mac->len); } - mbedtls_poly1305_free( &ctx ); + mbedtls_poly1305_free(&ctx); } /* END_CASE */ @@ -85,33 +83,33 @@ void poly1305_bad_params() unsigned char src[1]; unsigned char key[32]; unsigned char mac[16]; - size_t src_len = sizeof( src ); + size_t src_len = sizeof(src); mbedtls_poly1305_context ctx; - TEST_INVALID_PARAM( mbedtls_poly1305_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_poly1305_free( NULL ) ); + TEST_INVALID_PARAM(mbedtls_poly1305_init(NULL)); + TEST_VALID_PARAM(mbedtls_poly1305_free(NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_starts( NULL, key ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_starts( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_starts(NULL, key)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_starts(&ctx, NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_update( NULL, src, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_update( &ctx, NULL, src_len ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_update(NULL, src, 0)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_update(&ctx, NULL, src_len)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_finish( NULL, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_finish( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_finish(NULL, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_finish(&ctx, NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_mac( NULL, src, 0, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_mac( key, NULL, src_len, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_mac( key, src, 0, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_mac(NULL, src, 0, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_mac(key, NULL, src_len, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_mac(key, src, 0, NULL)); exit: return; @@ -121,6 +119,6 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void poly1305_selftest() { - TEST_ASSERT( mbedtls_poly1305_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 41183fd0b6f7..214096c09efc 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -22,8 +22,8 @@ /* Assert that an operation is (not) active. * This serves as a proxy for checking if the operation is aborted. */ -#define ASSERT_OPERATION_IS_ACTIVE( operation ) TEST_ASSERT( operation.id != 0 ) -#define ASSERT_OPERATION_IS_INACTIVE( operation ) TEST_ASSERT( operation.id == 0 ) +#define ASSERT_OPERATION_IS_ACTIVE(operation) TEST_ASSERT(operation.id != 0) +#define ASSERT_OPERATION_IS_INACTIVE(operation) TEST_ASSERT(operation.id == 0) /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; @@ -39,50 +39,54 @@ static const size_t INVALID_EXPORT_LENGTH = ~0U; * \return 1 if the buffer is all-bits-zero. * \return 0 if there is at least one nonzero byte. */ -static int mem_is_char( void *buffer, unsigned char c, size_t size ) +static int mem_is_char(void *buffer, unsigned char c, size_t size) { size_t i; - for( i = 0; i < size; i++ ) - { - if( ( (unsigned char *) buffer )[i] != c ) - return( 0 ); + for (i = 0; i < size; i++) { + if (((unsigned char *) buffer)[i] != c) { + return 0; + } } - return( 1 ); + return 1; } #if defined(MBEDTLS_ASN1_WRITE_C) /* Write the ASN.1 INTEGER with the value 2^(bits-1)+x backwards from *p. */ -static int asn1_write_10x( unsigned char **p, - unsigned char *start, - size_t bits, - unsigned char x ) +static int asn1_write_10x(unsigned char **p, + unsigned char *start, + size_t bits, + unsigned char x) { int ret; int len = bits / 8 + 1; - if( bits == 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_DATA ); - if( bits <= 8 && x >= 1 << ( bits - 1 ) ) - return( MBEDTLS_ERR_ASN1_INVALID_DATA ); - if( *p < start || *p - start < (ptrdiff_t) len ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (bits == 0) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + if (bits <= 8 && x >= 1 << (bits - 1)) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + if (*p < start || *p - start < (ptrdiff_t) len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *p -= len; - ( *p )[len-1] = x; - if( bits % 8 == 0 ) - ( *p )[1] |= 1; - else - ( *p )[0] |= 1 << ( bits % 8 ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_INTEGER ) ); - return( len ); + (*p)[len-1] = x; + if (bits % 8 == 0) { + (*p)[1] |= 1; + } else { + (*p)[0] |= 1 << (bits % 8); + } + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_INTEGER)); + return len; } -static int construct_fake_rsa_key( unsigned char *buffer, - size_t buffer_size, - unsigned char **p, - size_t bits, - int keypair ) +static int construct_fake_rsa_key(unsigned char *buffer, + size_t buffer_size, + unsigned char **p, + size_t bits, + int keypair) { - size_t half_bits = ( bits + 1 ) / 2; + size_t half_bits = (bits + 1) / 2; int ret; int len = 0; /* Construct something that looks like a DER encoding of @@ -103,134 +107,132 @@ static int construct_fake_rsa_key( unsigned char *buffer, * version, modulus and publicExponent. */ *p = buffer + buffer_size; - if( keypair ) - { - MBEDTLS_ASN1_CHK_ADD( len, /* pq */ - asn1_write_10x( p, buffer, half_bits, 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, /* dq */ - asn1_write_10x( p, buffer, half_bits, 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, /* dp */ - asn1_write_10x( p, buffer, half_bits, 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, /* q */ - asn1_write_10x( p, buffer, half_bits, 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, /* p != q to pass mbedtls sanity checks */ - asn1_write_10x( p, buffer, half_bits, 3 ) ); - MBEDTLS_ASN1_CHK_ADD( len, /* d */ - asn1_write_10x( p, buffer, bits, 1 ) ); + if (keypair) { + MBEDTLS_ASN1_CHK_ADD(len, /* pq */ + asn1_write_10x(p, buffer, half_bits, 1)); + MBEDTLS_ASN1_CHK_ADD(len, /* dq */ + asn1_write_10x(p, buffer, half_bits, 1)); + MBEDTLS_ASN1_CHK_ADD(len, /* dp */ + asn1_write_10x(p, buffer, half_bits, 1)); + MBEDTLS_ASN1_CHK_ADD(len, /* q */ + asn1_write_10x(p, buffer, half_bits, 1)); + MBEDTLS_ASN1_CHK_ADD(len, /* p != q to pass mbedtls sanity checks */ + asn1_write_10x(p, buffer, half_bits, 3)); + MBEDTLS_ASN1_CHK_ADD(len, /* d */ + asn1_write_10x(p, buffer, bits, 1)); + } + MBEDTLS_ASN1_CHK_ADD(len, /* e = 65537 */ + asn1_write_10x(p, buffer, 17, 1)); + MBEDTLS_ASN1_CHK_ADD(len, /* n */ + asn1_write_10x(p, buffer, bits, 1)); + if (keypair) { + MBEDTLS_ASN1_CHK_ADD(len, /* version = 0 */ + mbedtls_asn1_write_int(p, buffer, 0)); } - MBEDTLS_ASN1_CHK_ADD( len, /* e = 65537 */ - asn1_write_10x( p, buffer, 17, 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, /* n */ - asn1_write_10x( p, buffer, bits, 1 ) ); - if( keypair ) - MBEDTLS_ASN1_CHK_ADD( len, /* version = 0 */ - mbedtls_asn1_write_int( p, buffer, 0 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, buffer, len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buffer, len)); { const unsigned char tag = MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, buffer, tag ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buffer, tag)); } - return( len ); + return len; } #endif /* MBEDTLS_ASN1_WRITE_C */ -int exercise_mac_setup( psa_key_type_t key_type, - const unsigned char *key_bytes, - size_t key_length, - psa_algorithm_t alg, - psa_mac_operation_t *operation, - psa_status_t *status ) +int exercise_mac_setup(psa_key_type_t key_type, + const unsigned char *key_bytes, + size_t key_length, + psa_algorithm_t alg, + psa_mac_operation_t *operation, + psa_status_t *status) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_bytes, key_length, &key)); - *status = psa_mac_sign_setup( operation, key, alg ); + *status = psa_mac_sign_setup(operation, key, alg); /* Whether setup succeeded or failed, abort must succeed. */ - PSA_ASSERT( psa_mac_abort( operation ) ); + PSA_ASSERT(psa_mac_abort(operation)); /* If setup failed, reproduce the failure, so that the caller can * test the resulting state of the operation object. */ - if( *status != PSA_SUCCESS ) - { - TEST_EQUAL( psa_mac_sign_setup( operation, key, alg ), *status ); + if (*status != PSA_SUCCESS) { + TEST_EQUAL(psa_mac_sign_setup(operation, key, alg), *status); } - psa_destroy_key( key ); - return( 1 ); + psa_destroy_key(key); + return 1; exit: - psa_destroy_key( key ); - return( 0 ); + psa_destroy_key(key); + return 0; } -int exercise_cipher_setup( psa_key_type_t key_type, - const unsigned char *key_bytes, - size_t key_length, - psa_algorithm_t alg, - psa_cipher_operation_t *operation, - psa_status_t *status ) +int exercise_cipher_setup(psa_key_type_t key_type, + const unsigned char *key_bytes, + size_t key_length, + psa_algorithm_t alg, + psa_cipher_operation_t *operation, + psa_status_t *status) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_bytes, key_length, &key)); - *status = psa_cipher_encrypt_setup( operation, key, alg ); + *status = psa_cipher_encrypt_setup(operation, key, alg); /* Whether setup succeeded or failed, abort must succeed. */ - PSA_ASSERT( psa_cipher_abort( operation ) ); + PSA_ASSERT(psa_cipher_abort(operation)); /* If setup failed, reproduce the failure, so that the caller can * test the resulting state of the operation object. */ - if( *status != PSA_SUCCESS ) - { - TEST_EQUAL( psa_cipher_encrypt_setup( operation, key, alg ), - *status ); + if (*status != PSA_SUCCESS) { + TEST_EQUAL(psa_cipher_encrypt_setup(operation, key, alg), + *status); } - psa_destroy_key( key ); - return( 1 ); + psa_destroy_key(key); + return 1; exit: - psa_destroy_key( key ); - return( 0 ); + psa_destroy_key(key); + return 0; } -static int test_operations_on_invalid_key( mbedtls_svc_key_id_t key ) +static int test_operations_on_invalid_key(mbedtls_svc_key_id_t key) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 0x6964 ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, 0x6964); uint8_t buffer[1]; size_t length; int ok = 0; - psa_set_key_id( &attributes, key_id ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, PSA_ALG_CTR ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - TEST_EQUAL( psa_get_key_attributes( key, &attributes ), - PSA_ERROR_INVALID_HANDLE ); + psa_set_key_id(&attributes, key_id); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, PSA_ALG_CTR); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + TEST_EQUAL(psa_get_key_attributes(key, &attributes), + PSA_ERROR_INVALID_HANDLE); TEST_EQUAL( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 ); + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(psa_get_key_id(&attributes)), 0); TEST_EQUAL( - MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_bits( &attributes ), 0 ); - - TEST_EQUAL( psa_export_key( key, buffer, sizeof( buffer ), &length ), - PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_export_public_key( key, - buffer, sizeof( buffer ), &length ), - PSA_ERROR_INVALID_HANDLE ); + MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(psa_get_key_id(&attributes)), 0); + TEST_EQUAL(psa_get_key_lifetime(&attributes), 0); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); + TEST_EQUAL(psa_get_key_type(&attributes), 0); + TEST_EQUAL(psa_get_key_bits(&attributes), 0); + + TEST_EQUAL(psa_export_key(key, buffer, sizeof(buffer), &length), + PSA_ERROR_INVALID_HANDLE); + TEST_EQUAL(psa_export_public_key(key, + buffer, sizeof(buffer), &length), + PSA_ERROR_INVALID_HANDLE); ok = 1; @@ -239,34 +241,34 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - return( ok ); + return ok; } /* Assert that a key isn't reported as having a slot number. */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -#define ASSERT_NO_SLOT_NUMBER( attributes ) \ +#define ASSERT_NO_SLOT_NUMBER(attributes) \ do \ { \ psa_key_slot_number_t ASSERT_NO_SLOT_NUMBER_slot_number; \ - TEST_EQUAL( psa_get_key_slot_number( \ - attributes, \ - &ASSERT_NO_SLOT_NUMBER_slot_number ), \ - PSA_ERROR_INVALID_ARGUMENT ); \ + TEST_EQUAL(psa_get_key_slot_number( \ + attributes, \ + &ASSERT_NO_SLOT_NUMBER_slot_number), \ + PSA_ERROR_INVALID_ARGUMENT); \ } \ - while( 0 ) + while (0) #else /* MBEDTLS_PSA_CRYPTO_SE_C */ -#define ASSERT_NO_SLOT_NUMBER( attributes ) \ - ( (void) 0 ) +#define ASSERT_NO_SLOT_NUMBER(attributes) \ + ((void) 0) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ /* An overapproximation of the amount of storage needed for a key of the * given type and with the given content. The API doesn't make it easy * to find a good value for the size. The current implementation doesn't * care about the value anyway. */ -#define KEY_BITS_FROM_DATA( type, data ) \ - ( data )->len +#define KEY_BITS_FROM_DATA(type, data) \ + (data)->len typedef enum { IMPORT_KEY = 0, @@ -282,7 +284,7 @@ typedef enum { */ /* BEGIN_CASE */ -void static_checks( ) +void static_checks() { size_t max_truncated_mac_size = PSA_ALG_MAC_TRUNCATION_MASK >> PSA_MAC_TRUNCATION_OFFSET; @@ -290,75 +292,75 @@ void static_checks( ) /* Check that the length for a truncated MAC always fits in the algorithm * encoding. The shifted mask is the maximum truncated value. The * untruncated algorithm may be one byte larger. */ - TEST_LE_U( PSA_MAC_MAX_SIZE, 1 + max_truncated_mac_size ); + TEST_LE_U(PSA_MAC_MAX_SIZE, 1 + max_truncated_mac_size); #if defined(MBEDTLS_TEST_DEPRECATED) /* Check deprecated constants. */ - TEST_EQUAL( PSA_ERROR_UNKNOWN_ERROR, PSA_ERROR_GENERIC_ERROR ); - TEST_EQUAL( PSA_ERROR_OCCUPIED_SLOT, PSA_ERROR_ALREADY_EXISTS ); - TEST_EQUAL( PSA_ERROR_EMPTY_SLOT, PSA_ERROR_DOES_NOT_EXIST ); - TEST_EQUAL( PSA_ERROR_INSUFFICIENT_CAPACITY, PSA_ERROR_INSUFFICIENT_DATA ); - TEST_EQUAL( PSA_ERROR_TAMPERING_DETECTED, PSA_ERROR_CORRUPTION_DETECTED ); - TEST_EQUAL( PSA_KEY_USAGE_SIGN, PSA_KEY_USAGE_SIGN_HASH ); - TEST_EQUAL( PSA_KEY_USAGE_VERIFY, PSA_KEY_USAGE_VERIFY_HASH ); - TEST_EQUAL( PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE, PSA_SIGNATURE_MAX_SIZE ); - - TEST_EQUAL( PSA_ECC_CURVE_SECP160K1, PSA_ECC_FAMILY_SECP_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP192K1, PSA_ECC_FAMILY_SECP_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP224K1, PSA_ECC_FAMILY_SECP_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP256K1, PSA_ECC_FAMILY_SECP_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP160R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP192R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP224R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP256R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP384R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP521R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP160R2, PSA_ECC_FAMILY_SECP_R2 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT163K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT233K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT239K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT283K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT409K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT571K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT163R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT193R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT233R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT283R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT409R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT571R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT163R2, PSA_ECC_FAMILY_SECT_R2 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT193R2, PSA_ECC_FAMILY_SECT_R2 ); - TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY ); - TEST_EQUAL( PSA_ECC_CURVE_CURVE448, PSA_ECC_FAMILY_MONTGOMERY ); - - TEST_EQUAL( PSA_ECC_CURVE_SECP_K1, PSA_ECC_FAMILY_SECP_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP_R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP_R2, PSA_ECC_FAMILY_SECP_R2 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT_K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT_R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT_R2, PSA_ECC_FAMILY_SECT_R2 ); - TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P_R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_MONTGOMERY, PSA_ECC_FAMILY_MONTGOMERY ); - - TEST_EQUAL( PSA_DH_GROUP_FFDHE2048, PSA_DH_FAMILY_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE3072, PSA_DH_FAMILY_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE4096, PSA_DH_FAMILY_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE6144, PSA_DH_FAMILY_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE8192, PSA_DH_FAMILY_RFC7919 ); - - TEST_EQUAL( PSA_DH_GROUP_RFC7919, PSA_DH_FAMILY_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_CUSTOM, PSA_DH_FAMILY_CUSTOM ); + TEST_EQUAL(PSA_ERROR_UNKNOWN_ERROR, PSA_ERROR_GENERIC_ERROR); + TEST_EQUAL(PSA_ERROR_OCCUPIED_SLOT, PSA_ERROR_ALREADY_EXISTS); + TEST_EQUAL(PSA_ERROR_EMPTY_SLOT, PSA_ERROR_DOES_NOT_EXIST); + TEST_EQUAL(PSA_ERROR_INSUFFICIENT_CAPACITY, PSA_ERROR_INSUFFICIENT_DATA); + TEST_EQUAL(PSA_ERROR_TAMPERING_DETECTED, PSA_ERROR_CORRUPTION_DETECTED); + TEST_EQUAL(PSA_KEY_USAGE_SIGN, PSA_KEY_USAGE_SIGN_HASH); + TEST_EQUAL(PSA_KEY_USAGE_VERIFY, PSA_KEY_USAGE_VERIFY_HASH); + TEST_EQUAL(PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE, PSA_SIGNATURE_MAX_SIZE); + + TEST_EQUAL(PSA_ECC_CURVE_SECP160K1, PSA_ECC_FAMILY_SECP_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECP192K1, PSA_ECC_FAMILY_SECP_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECP224K1, PSA_ECC_FAMILY_SECP_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECP256K1, PSA_ECC_FAMILY_SECP_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECP160R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP192R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP224R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP256R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP384R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP521R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP160R2, PSA_ECC_FAMILY_SECP_R2); + TEST_EQUAL(PSA_ECC_CURVE_SECT163K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT233K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT239K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT283K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT409K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT571K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT163R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT193R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT233R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT283R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT409R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT571R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT163R2, PSA_ECC_FAMILY_SECT_R2); + TEST_EQUAL(PSA_ECC_CURVE_SECT193R2, PSA_ECC_FAMILY_SECT_R2); + TEST_EQUAL(PSA_ECC_CURVE_BRAINPOOL_P256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1); + TEST_EQUAL(PSA_ECC_CURVE_BRAINPOOL_P384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1); + TEST_EQUAL(PSA_ECC_CURVE_BRAINPOOL_P512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1); + TEST_EQUAL(PSA_ECC_CURVE_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY); + TEST_EQUAL(PSA_ECC_CURVE_CURVE448, PSA_ECC_FAMILY_MONTGOMERY); + + TEST_EQUAL(PSA_ECC_CURVE_SECP_K1, PSA_ECC_FAMILY_SECP_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECP_R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP_R2, PSA_ECC_FAMILY_SECP_R2); + TEST_EQUAL(PSA_ECC_CURVE_SECT_K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT_R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT_R2, PSA_ECC_FAMILY_SECT_R2); + TEST_EQUAL(PSA_ECC_CURVE_BRAINPOOL_P_R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1); + TEST_EQUAL(PSA_ECC_CURVE_MONTGOMERY, PSA_ECC_FAMILY_MONTGOMERY); + + TEST_EQUAL(PSA_DH_GROUP_FFDHE2048, PSA_DH_FAMILY_RFC7919); + TEST_EQUAL(PSA_DH_GROUP_FFDHE3072, PSA_DH_FAMILY_RFC7919); + TEST_EQUAL(PSA_DH_GROUP_FFDHE4096, PSA_DH_FAMILY_RFC7919); + TEST_EQUAL(PSA_DH_GROUP_FFDHE6144, PSA_DH_FAMILY_RFC7919); + TEST_EQUAL(PSA_DH_GROUP_FFDHE8192, PSA_DH_FAMILY_RFC7919); + + TEST_EQUAL(PSA_DH_GROUP_RFC7919, PSA_DH_FAMILY_RFC7919); + TEST_EQUAL(PSA_DH_GROUP_CUSTOM, PSA_DH_FAMILY_CUSTOM); #endif } /* END_CASE */ /* BEGIN_CASE */ -void import_with_policy( int type_arg, - int usage_arg, int alg_arg, - int expected_status_arg ) +void import_with_policy(int type_arg, + int usage_arg, int alg_arg, + int expected_status_arg) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -367,48 +369,49 @@ void import_with_policy( int type_arg, psa_key_usage_t usage = usage_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; - const uint8_t key_material[16] = {0}; + const uint8_t key_material[16] = { 0 }; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_type( &attributes, type ); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type(&attributes, type); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); - status = psa_import_key( &attributes, - key_material, sizeof( key_material ), - &key ); - TEST_EQUAL( status, expected_status ); - if( status != PSA_SUCCESS ) + status = psa_import_key(&attributes, + key_material, sizeof(key_material), + &key); + TEST_EQUAL(status, expected_status); + if (status != PSA_SUCCESS) { goto exit; + } - PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); - TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), - mbedtls_test_update_key_usage_flags( usage ) ); - TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); - ASSERT_NO_SLOT_NUMBER( &got_attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), type); + TEST_EQUAL(psa_get_key_usage_flags(&got_attributes), + mbedtls_test_update_key_usage_flags(usage)); + TEST_EQUAL(psa_get_key_algorithm(&got_attributes), alg); + ASSERT_NO_SLOT_NUMBER(&got_attributes); - PSA_ASSERT( psa_destroy_key( key ) ); - test_operations_on_invalid_key( key ); + PSA_ASSERT(psa_destroy_key(key)); + test_operations_on_invalid_key(key); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void import_with_data( data_t *data, int type_arg, - int attr_bits_arg, - int expected_status_arg ) +void import_with_data(data_t *data, int type_arg, + int attr_bits_arg, + int expected_status_arg) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -418,41 +421,43 @@ void import_with_data( data_t *data, int type_arg, psa_status_t expected_status = expected_status_arg; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, attr_bits ); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, attr_bits); - status = psa_import_key( &attributes, data->x, data->len, &key ); - TEST_EQUAL( status, expected_status ); - if( status != PSA_SUCCESS ) + status = psa_import_key(&attributes, data->x, data->len, &key); + TEST_EQUAL(status, expected_status); + if (status != PSA_SUCCESS) { goto exit; + } - PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); - if( attr_bits != 0 ) - TEST_EQUAL( attr_bits, psa_get_key_bits( &got_attributes ) ); - ASSERT_NO_SLOT_NUMBER( &got_attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), type); + if (attr_bits != 0) { + TEST_EQUAL(attr_bits, psa_get_key_bits(&got_attributes)); + } + ASSERT_NO_SLOT_NUMBER(&got_attributes); - PSA_ASSERT( psa_destroy_key( key ) ); - test_operations_on_invalid_key( key ); + PSA_ASSERT(psa_destroy_key(key)); + test_operations_on_invalid_key(key); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ /* Construct and attempt to import a large unstructured key. */ -void import_large_key( int type_arg, int byte_size_arg, - int expected_status_arg ) +void import_large_key(int type_arg, int byte_size_arg, + int expected_status_arg) { psa_key_type_t type = type_arg; size_t byte_size = byte_size_arg; @@ -466,31 +471,32 @@ void import_large_key( int type_arg, int byte_size_arg, /* Skip the test case if the target running the test cannot * accommodate large keys due to heap size constraints */ - ASSERT_ALLOC_WEAK( buffer, buffer_size ); - memset( buffer, 'K', byte_size ); + ASSERT_ALLOC_WEAK(buffer, buffer_size); + memset(buffer, 'K', byte_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Try importing the key */ - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, type ); - status = psa_import_key( &attributes, buffer, byte_size, &key ); - TEST_ASSUME( status != PSA_ERROR_INSUFFICIENT_MEMORY ); - TEST_EQUAL( status, expected_status ); - - if( status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), - PSA_BYTES_TO_BITS( byte_size ) ); - ASSERT_NO_SLOT_NUMBER( &attributes ); - memset( buffer, 0, byte_size + 1 ); - PSA_ASSERT( psa_export_key( key, buffer, byte_size, &n ) ); - for( n = 0; n < byte_size; n++ ) - TEST_EQUAL( buffer[n], 'K' ); - for( n = byte_size; n < buffer_size; n++ ) - TEST_EQUAL( buffer[n], 0 ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, type); + status = psa_import_key(&attributes, buffer, byte_size, &key); + TEST_ASSUME(status != PSA_ERROR_INSUFFICIENT_MEMORY); + TEST_EQUAL(status, expected_status); + + if (status == PSA_SUCCESS) { + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), type); + TEST_EQUAL(psa_get_key_bits(&attributes), + PSA_BYTES_TO_BITS(byte_size)); + ASSERT_NO_SLOT_NUMBER(&attributes); + memset(buffer, 0, byte_size + 1); + PSA_ASSERT(psa_export_key(key, buffer, byte_size, &n)); + for (n = 0; n < byte_size; n++) { + TEST_EQUAL(buffer[n], 'K'); + } + for (n = byte_size; n < buffer_size; n++) { + TEST_EQUAL(buffer[n], 0); + } } exit: @@ -498,11 +504,11 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( buffer ); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(buffer); } /* END_CASE */ @@ -510,7 +516,7 @@ exit: /* Import an RSA key with a valid structure (but not valid numbers * inside, beyond having sensible size and parity). This is expected to * fail for large keys. */ -void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) +void import_rsa_made_up(int bits_arg, int keypair, int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; size_t bits = bits_arg; @@ -519,43 +525,44 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) psa_key_type_t type = keypair ? PSA_KEY_TYPE_RSA_KEY_PAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY; size_t buffer_size = /* Slight overapproximations */ - keypair ? bits * 9 / 16 + 80 : bits / 8 + 20; + keypair ? bits * 9 / 16 + 80 : bits / 8 + 20; unsigned char *buffer = NULL; unsigned char *p; int ret; size_t length; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); - ASSERT_ALLOC( buffer, buffer_size ); + PSA_ASSERT(psa_crypto_init()); + ASSERT_ALLOC(buffer, buffer_size); - TEST_ASSERT( ( ret = construct_fake_rsa_key( buffer, buffer_size, &p, - bits, keypair ) ) >= 0 ); + TEST_ASSERT((ret = construct_fake_rsa_key(buffer, buffer_size, &p, + bits, keypair)) >= 0); length = ret; /* Try importing the key */ - psa_set_key_type( &attributes, type ); - status = psa_import_key( &attributes, p, length, &key ); - TEST_EQUAL( status, expected_status ); + psa_set_key_type(&attributes, type); + status = psa_import_key(&attributes, p, length, &key); + TEST_EQUAL(status, expected_status); - if( status == PSA_SUCCESS ) - PSA_ASSERT( psa_destroy_key( key ) ); + if (status == PSA_SUCCESS) { + PSA_ASSERT(psa_destroy_key(key)); + } exit: - mbedtls_free( buffer ); - PSA_DONE( ); + mbedtls_free(buffer); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void import_export( data_t *data, - int type_arg, - int usage_arg, int alg_arg, - int expected_bits, - int export_size_delta, - int expected_export_status_arg, - /*whether reexport must give the original input exactly*/ - int canonical_input ) +void import_export(data_t *data, + int type_arg, + int usage_arg, int alg_arg, + int expected_bits, + int export_size_delta, + int expected_export_status_arg, + /*whether reexport must give the original input exactly*/ + int canonical_input) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; @@ -571,39 +578,39 @@ void import_export( data_t *data, psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; export_size = (ptrdiff_t) data->len + export_size_delta; - ASSERT_ALLOC( exported, export_size ); - if( ! canonical_input ) - ASSERT_ALLOC( reexported, export_size ); - PSA_ASSERT( psa_crypto_init( ) ); + ASSERT_ALLOC(exported, export_size); + if (!canonical_input) { + ASSERT_ALLOC(reexported, export_size); + } + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, usage_arg ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); + psa_set_key_usage_flags(&attributes, usage_arg); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) ); + PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, &key)); /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &got_attributes ), (size_t) expected_bits ); - ASSERT_NO_SLOT_NUMBER( &got_attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), type); + TEST_EQUAL(psa_get_key_bits(&got_attributes), (size_t) expected_bits); + ASSERT_NO_SLOT_NUMBER(&got_attributes); /* Export the key */ - status = psa_export_key( key, exported, export_size, &exported_length ); - TEST_EQUAL( status, expected_export_status ); + status = psa_export_key(key, exported, export_size, &exported_length); + TEST_EQUAL(status, expected_export_status); /* The exported length must be set by psa_export_key() to a value between 0 * and export_size. On errors, the exported length must be 0. */ - TEST_ASSERT( exported_length != INVALID_EXPORT_LENGTH ); - TEST_ASSERT( status == PSA_SUCCESS || exported_length == 0 ); - TEST_LE_U( exported_length, export_size ); - - TEST_ASSERT( mem_is_char( exported + exported_length, 0, - export_size - exported_length ) ); - if( status != PSA_SUCCESS ) - { - TEST_EQUAL( exported_length, 0 ); + TEST_ASSERT(exported_length != INVALID_EXPORT_LENGTH); + TEST_ASSERT(status == PSA_SUCCESS || exported_length == 0); + TEST_LE_U(exported_length, export_size); + + TEST_ASSERT(mem_is_char(exported + exported_length, 0, + export_size - exported_length)); + if (status != PSA_SUCCESS) { + TEST_EQUAL(exported_length, 0); goto destroy; } @@ -611,54 +618,54 @@ void import_export( data_t *data, * this validates the canonical representations. For canonical inputs, * this doesn't directly validate the implementation, but it still helps * by cross-validating the test data with the sanity check code. */ - if( ! mbedtls_test_psa_exercise_key( key, usage_arg, 0 ) ) + if (!mbedtls_test_psa_exercise_key(key, usage_arg, 0)) { goto exit; + } - if( canonical_input ) - ASSERT_COMPARE( data->x, data->len, exported, exported_length ); - else - { + if (canonical_input) { + ASSERT_COMPARE(data->x, data->len, exported, exported_length); + } else { mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT; - PSA_ASSERT( psa_import_key( &attributes, exported, exported_length, - &key2 ) ); - PSA_ASSERT( psa_export_key( key2, - reexported, - export_size, - &reexported_length ) ); - ASSERT_COMPARE( exported, exported_length, - reexported, reexported_length ); - PSA_ASSERT( psa_destroy_key( key2 ) ); + PSA_ASSERT(psa_import_key(&attributes, exported, exported_length, + &key2)); + PSA_ASSERT(psa_export_key(key2, + reexported, + export_size, + &reexported_length)); + ASSERT_COMPARE(exported, exported_length, + reexported, reexported_length); + PSA_ASSERT(psa_destroy_key(key2)); } - TEST_ASSERT( exported_length <= - PSA_EXPORT_KEY_OUTPUT_SIZE( type, - psa_get_key_bits( &got_attributes ) ) ); - TEST_LE_U( exported_length, PSA_EXPORT_KEY_PAIR_MAX_SIZE ); + TEST_ASSERT(exported_length <= + PSA_EXPORT_KEY_OUTPUT_SIZE(type, + psa_get_key_bits(&got_attributes))); + TEST_LE_U(exported_length, PSA_EXPORT_KEY_PAIR_MAX_SIZE); destroy: /* Destroy the key */ - PSA_ASSERT( psa_destroy_key( key ) ); - test_operations_on_invalid_key( key ); + PSA_ASSERT(psa_destroy_key(key)); + test_operations_on_invalid_key(key); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - mbedtls_free( exported ); - mbedtls_free( reexported ); - PSA_DONE( ); + mbedtls_free(exported); + mbedtls_free(reexported); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void import_export_public_key( data_t *data, - int type_arg, // key pair or public key - int alg_arg, - int export_size_delta, - int expected_export_status_arg, - data_t *expected_public_key ) +void import_export_public_key(data_t *data, + int type_arg, // key pair or public key + int alg_arg, + int export_size_delta, + int expected_export_status_arg, + data_t *expected_public_key) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; @@ -670,35 +677,34 @@ void import_export_public_key( data_t *data, size_t exported_length = INVALID_EXPORT_LENGTH; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) ); + PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, &key)); /* Export the public key */ - ASSERT_ALLOC( exported, export_size ); - status = psa_export_public_key( key, - exported, export_size, - &exported_length ); - TEST_EQUAL( status, expected_export_status ); - if( status == PSA_SUCCESS ) - { - psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ); + ASSERT_ALLOC(exported, export_size); + status = psa_export_public_key(key, + exported, export_size, + &exported_length); + TEST_EQUAL(status, expected_export_status); + if (status == PSA_SUCCESS) { + psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type); size_t bits; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - bits = psa_get_key_bits( &attributes ); - TEST_LE_U( expected_public_key->len, - PSA_EXPORT_KEY_OUTPUT_SIZE( public_type, bits ) ); - TEST_LE_U( expected_public_key->len, - PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_type, bits ) ); - TEST_LE_U( expected_public_key->len, - PSA_EXPORT_PUBLIC_KEY_MAX_SIZE ); - ASSERT_COMPARE( expected_public_key->x, expected_public_key->len, - exported, exported_length ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + bits = psa_get_key_bits(&attributes); + TEST_LE_U(expected_public_key->len, + PSA_EXPORT_KEY_OUTPUT_SIZE(public_type, bits)); + TEST_LE_U(expected_public_key->len, + PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_type, bits)); + TEST_LE_U(expected_public_key->len, + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + ASSERT_COMPARE(expected_public_key->x, expected_public_key->len, + exported, exported_length); } exit: @@ -706,67 +712,68 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( exported ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(exported); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void import_and_exercise_key( data_t *data, - int type_arg, - int bits_arg, - int alg_arg ) +void import_and_exercise_key(data_t *data, + int type_arg, + int bits_arg, + int alg_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; size_t bits = bits_arg; psa_algorithm_t alg = alg_arg; - psa_key_usage_t usage = mbedtls_test_psa_usage_to_exercise( type, alg ); + psa_key_usage_t usage = mbedtls_test_psa_usage_to_exercise(type, alg); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) ); + PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, &key)); /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits ); + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), type); + TEST_EQUAL(psa_get_key_bits(&got_attributes), bits); /* Do something with the key according to its type and permitted usage. */ - if( ! mbedtls_test_psa_exercise_key( key, usage, alg ) ) + if (!mbedtls_test_psa_exercise_key(key, usage, alg)) { goto exit; + } - PSA_ASSERT( psa_destroy_key( key ) ); - test_operations_on_invalid_key( key ); + PSA_ASSERT(psa_destroy_key(key)); + test_operations_on_invalid_key(key); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void effective_key_attributes( int type_arg, int expected_type_arg, - int bits_arg, int expected_bits_arg, - int usage_arg, int expected_usage_arg, - int alg_arg, int expected_alg_arg ) +void effective_key_attributes(int type_arg, int expected_type_arg, + int bits_arg, int expected_bits_arg, + int usage_arg, int expected_usage_arg, + int alg_arg, int expected_alg_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = type_arg; @@ -779,89 +786,89 @@ void effective_key_attributes( int type_arg, int expected_type_arg, psa_key_usage_t expected_usage = expected_usage_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - psa_set_key_bits( &attributes, bits ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + psa_set_key_bits(&attributes, bits); - PSA_ASSERT( psa_generate_key( &attributes, &key ) ); - psa_reset_key_attributes( &attributes ); + PSA_ASSERT(psa_generate_key(&attributes, &key)); + psa_reset_key_attributes(&attributes); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), expected_key_type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), expected_alg ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), expected_key_type); + TEST_EQUAL(psa_get_key_bits(&attributes), expected_bits); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), expected_usage); + TEST_EQUAL(psa_get_key_algorithm(&attributes), expected_alg); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void check_key_policy( int type_arg, int bits_arg, - int usage_arg, int alg_arg ) +void check_key_policy(int type_arg, int bits_arg, + int usage_arg, int alg_arg) { - test_effective_key_attributes( type_arg, type_arg, bits_arg, bits_arg, - usage_arg, - mbedtls_test_update_key_usage_flags( usage_arg ), - alg_arg, alg_arg ); + test_effective_key_attributes(type_arg, type_arg, bits_arg, bits_arg, + usage_arg, + mbedtls_test_update_key_usage_flags(usage_arg), + alg_arg, alg_arg); goto exit; } /* END_CASE */ /* BEGIN_CASE */ -void key_attributes_init( ) +void key_attributes_init() { /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need * to suppress the Clang warning for the test. */ - psa_key_attributes_t func = psa_key_attributes_init( ); + psa_key_attributes_t func = psa_key_attributes_init(); psa_key_attributes_t init = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t zero; - memset( &zero, 0, sizeof( zero ) ); + memset(&zero, 0, sizeof(zero)); - TEST_EQUAL( psa_get_key_lifetime( &func ), PSA_KEY_LIFETIME_VOLATILE ); - TEST_EQUAL( psa_get_key_lifetime( &init ), PSA_KEY_LIFETIME_VOLATILE ); - TEST_EQUAL( psa_get_key_lifetime( &zero ), PSA_KEY_LIFETIME_VOLATILE ); + TEST_EQUAL(psa_get_key_lifetime(&func), PSA_KEY_LIFETIME_VOLATILE); + TEST_EQUAL(psa_get_key_lifetime(&init), PSA_KEY_LIFETIME_VOLATILE); + TEST_EQUAL(psa_get_key_lifetime(&zero), PSA_KEY_LIFETIME_VOLATILE); - TEST_EQUAL( psa_get_key_type( &func ), 0 ); - TEST_EQUAL( psa_get_key_type( &init ), 0 ); - TEST_EQUAL( psa_get_key_type( &zero ), 0 ); + TEST_EQUAL(psa_get_key_type(&func), 0); + TEST_EQUAL(psa_get_key_type(&init), 0); + TEST_EQUAL(psa_get_key_type(&zero), 0); - TEST_EQUAL( psa_get_key_bits( &func ), 0 ); - TEST_EQUAL( psa_get_key_bits( &init ), 0 ); - TEST_EQUAL( psa_get_key_bits( &zero ), 0 ); + TEST_EQUAL(psa_get_key_bits(&func), 0); + TEST_EQUAL(psa_get_key_bits(&init), 0); + TEST_EQUAL(psa_get_key_bits(&zero), 0); - TEST_EQUAL( psa_get_key_usage_flags( &func ), 0 ); - TEST_EQUAL( psa_get_key_usage_flags( &init ), 0 ); - TEST_EQUAL( psa_get_key_usage_flags( &zero ), 0 ); + TEST_EQUAL(psa_get_key_usage_flags(&func), 0); + TEST_EQUAL(psa_get_key_usage_flags(&init), 0); + TEST_EQUAL(psa_get_key_usage_flags(&zero), 0); - TEST_EQUAL( psa_get_key_algorithm( &func ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &init ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &zero ), 0 ); + TEST_EQUAL(psa_get_key_algorithm(&func), 0); + TEST_EQUAL(psa_get_key_algorithm(&init), 0); + TEST_EQUAL(psa_get_key_algorithm(&zero), 0); } /* END_CASE */ /* BEGIN_CASE */ -void mac_key_policy( int policy_usage_arg, - int policy_alg_arg, - int key_type_arg, - data_t *key_data, - int exercise_alg_arg, - int expected_status_sign_arg, - int expected_status_verify_arg ) +void mac_key_policy(int policy_usage_arg, + int policy_alg_arg, + int key_type_arg, + data_t *key_data, + int exercise_alg_arg, + int expected_status_sign_arg, + int expected_status_verify_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -875,57 +882,58 @@ void mac_key_policy( int policy_usage_arg, psa_status_t expected_status_verify = expected_status_verify_arg; unsigned char mac[PSA_MAC_MAX_SIZE]; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - mbedtls_test_update_key_usage_flags( policy_usage ) ); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), + mbedtls_test_update_key_usage_flags(policy_usage)); - status = psa_mac_sign_setup( &operation, key, exercise_alg ); - TEST_EQUAL( status, expected_status_sign ); + status = psa_mac_sign_setup(&operation, key, exercise_alg); + TEST_EQUAL(status, expected_status_sign); /* Calculate the MAC, one-shot case. */ - uint8_t input[128] = {0}; + uint8_t input[128] = { 0 }; size_t mac_len; - TEST_EQUAL( psa_mac_compute( key, exercise_alg, - input, 128, - mac, PSA_MAC_MAX_SIZE, &mac_len ), - expected_status_sign ); + TEST_EQUAL(psa_mac_compute(key, exercise_alg, + input, 128, + mac, PSA_MAC_MAX_SIZE, &mac_len), + expected_status_sign); /* Verify correct MAC, one-shot case. */ - status = psa_mac_verify( key, exercise_alg, input, 128, - mac, mac_len ); + status = psa_mac_verify(key, exercise_alg, input, 128, + mac, mac_len); - if( expected_status_sign != PSA_SUCCESS && expected_status_verify == PSA_SUCCESS ) - TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); - else - TEST_EQUAL( status, expected_status_verify ); + if (expected_status_sign != PSA_SUCCESS && expected_status_verify == PSA_SUCCESS) { + TEST_EQUAL(status, PSA_ERROR_INVALID_SIGNATURE); + } else { + TEST_EQUAL(status, expected_status_verify); + } - psa_mac_abort( &operation ); + psa_mac_abort(&operation); - memset( mac, 0, sizeof( mac ) ); - status = psa_mac_verify_setup( &operation, key, exercise_alg ); - TEST_EQUAL( status, expected_status_verify ); + memset(mac, 0, sizeof(mac)); + status = psa_mac_verify_setup(&operation, key, exercise_alg); + TEST_EQUAL(status, expected_status_verify); exit: - psa_mac_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_mac_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_key_policy( int policy_usage_arg, - int policy_alg, - int key_type, - data_t *key_data, - int exercise_alg ) +void cipher_key_policy(int policy_usage_arg, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -933,115 +941,119 @@ void cipher_key_policy( int policy_usage_arg, psa_key_usage_t policy_usage = policy_usage_arg; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Check if no key usage flag implication is done */ - TEST_EQUAL( policy_usage, - mbedtls_test_update_key_usage_flags( policy_usage ) ); - - status = psa_cipher_encrypt_setup( &operation, key, exercise_alg ); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) - PSA_ASSERT( status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - psa_cipher_abort( &operation ); - - status = psa_cipher_decrypt_setup( &operation, key, exercise_alg ); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) - PSA_ASSERT( status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL(policy_usage, + mbedtls_test_update_key_usage_flags(policy_usage)); + + status = psa_cipher_encrypt_setup(&operation, key, exercise_alg); + if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } + psa_cipher_abort(&operation); + + status = psa_cipher_decrypt_setup(&operation, key, exercise_alg); + if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_DECRYPT) != 0) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } exit: - psa_cipher_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_key_policy( int policy_usage_arg, - int policy_alg, - int key_type, - data_t *key_data, - int nonce_length_arg, - int tag_length_arg, - int exercise_alg, - int expected_status_arg ) +void aead_key_policy(int policy_usage_arg, + int policy_alg, + int key_type, + data_t *key_data, + int nonce_length_arg, + int tag_length_arg, + int exercise_alg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_usage_t policy_usage = policy_usage_arg; psa_status_t status; psa_status_t expected_status = expected_status_arg; - unsigned char nonce[16] = {0}; + unsigned char nonce[16] = { 0 }; size_t nonce_length = nonce_length_arg; unsigned char tag[16]; size_t tag_length = tag_length_arg; size_t output_length; - TEST_LE_U( nonce_length, sizeof( nonce ) ); - TEST_LE_U( tag_length, sizeof( tag ) ); + TEST_LE_U(nonce_length, sizeof(nonce)); + TEST_LE_U(tag_length, sizeof(tag)); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Check if no key usage implication is done */ - TEST_EQUAL( policy_usage, - mbedtls_test_update_key_usage_flags( policy_usage ) ); - - status = psa_aead_encrypt( key, exercise_alg, - nonce, nonce_length, - NULL, 0, - NULL, 0, - tag, tag_length, - &output_length ); - if( ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) - TEST_EQUAL( status, expected_status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - - memset( tag, 0, sizeof( tag ) ); - status = psa_aead_decrypt( key, exercise_alg, - nonce, nonce_length, - NULL, 0, - tag, tag_length, - NULL, 0, - &output_length ); - if( ( policy_usage & PSA_KEY_USAGE_DECRYPT ) == 0 ) - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - else if( expected_status == PSA_SUCCESS ) - TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); - else - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(policy_usage, + mbedtls_test_update_key_usage_flags(policy_usage)); + + status = psa_aead_encrypt(key, exercise_alg, + nonce, nonce_length, + NULL, 0, + NULL, 0, + tag, tag_length, + &output_length); + if ((policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) { + TEST_EQUAL(status, expected_status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } + + memset(tag, 0, sizeof(tag)); + status = psa_aead_decrypt(key, exercise_alg, + nonce, nonce_length, + NULL, 0, + tag, tag_length, + NULL, 0, + &output_length); + if ((policy_usage & PSA_KEY_USAGE_DECRYPT) == 0) { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } else if (expected_status == PSA_SUCCESS) { + TEST_EQUAL(status, PSA_ERROR_INVALID_SIGNATURE); + } else { + TEST_EQUAL(status, expected_status); + } exit: - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_encryption_key_policy( int policy_usage_arg, - int policy_alg, - int key_type, - data_t *key_data, - int exercise_alg ) +void asymmetric_encryption_key_policy(int policy_usage_arg, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1052,204 +1064,210 @@ void asymmetric_encryption_key_policy( int policy_usage_arg, unsigned char *buffer = NULL; size_t output_length; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Check if no key usage implication is done */ - TEST_EQUAL( policy_usage, - mbedtls_test_update_key_usage_flags( policy_usage ) ); - - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); - buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, - exercise_alg ); - ASSERT_ALLOC( buffer, buffer_length ); - - status = psa_asymmetric_encrypt( key, exercise_alg, - NULL, 0, - NULL, 0, - buffer, buffer_length, - &output_length ); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) - PSA_ASSERT( status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - - if( buffer_length != 0 ) - memset( buffer, 0, buffer_length ); - status = psa_asymmetric_decrypt( key, exercise_alg, - buffer, buffer_length, - NULL, 0, - buffer, buffer_length, - &output_length ); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) - TEST_EQUAL( status, PSA_ERROR_INVALID_PADDING ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL(policy_usage, + mbedtls_test_update_key_usage_flags(policy_usage)); + + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); + buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, + exercise_alg); + ASSERT_ALLOC(buffer, buffer_length); + + status = psa_asymmetric_encrypt(key, exercise_alg, + NULL, 0, + NULL, 0, + buffer, buffer_length, + &output_length); + if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } + + if (buffer_length != 0) { + memset(buffer, 0, buffer_length); + } + status = psa_asymmetric_decrypt(key, exercise_alg, + buffer, buffer_length, + NULL, 0, + buffer, buffer_length, + &output_length); + if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_DECRYPT) != 0) { + TEST_EQUAL(status, PSA_ERROR_INVALID_PADDING); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( buffer ); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(buffer); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_signature_key_policy( int policy_usage_arg, - int policy_alg, - int key_type, - data_t *key_data, - int exercise_alg, - int payload_length_arg, - int expected_usage_arg ) +void asymmetric_signature_key_policy(int policy_usage_arg, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg, + int payload_length_arg, + int expected_usage_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_usage_t policy_usage = policy_usage_arg; psa_key_usage_t expected_usage = expected_usage_arg; psa_status_t status; - unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; + unsigned char payload[PSA_HASH_MAX_SIZE] = { 1 }; /* If `payload_length_arg > 0`, `exercise_alg` is supposed to be * compatible with the policy and `payload_length_arg` is supposed to be * a valid input length to sign. If `payload_length_arg <= 0`, * `exercise_alg` is supposed to be forbidden by the policy. */ int compatible_alg = payload_length_arg > 0; size_t payload_length = compatible_alg ? payload_length_arg : 0; - unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; + unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 }; size_t signature_length; /* Check if all implicit usage flags are deployed in the expected usage flags. */ - TEST_EQUAL( expected_usage, - mbedtls_test_update_key_usage_flags( policy_usage ) ); - - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); - - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage ); - - status = psa_sign_hash( key, exercise_alg, - payload, payload_length, - signature, sizeof( signature ), - &signature_length ); - if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 ) - PSA_ASSERT( status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - - memset( signature, 0, sizeof( signature ) ); - status = psa_verify_hash( key, exercise_alg, - payload, payload_length, - signature, sizeof( signature ) ); - if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 ) - TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - - if( PSA_ALG_IS_SIGN_HASH( exercise_alg ) && - PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( exercise_alg ) ) ) - { - status = psa_sign_message( key, exercise_alg, - payload, payload_length, - signature, sizeof( signature ), - &signature_length ); - if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE ) != 0 ) - PSA_ASSERT( status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - - memset( signature, 0, sizeof( signature ) ); - status = psa_verify_message( key, exercise_alg, - payload, payload_length, - signature, sizeof( signature ) ); - if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_VERIFY_MESSAGE ) != 0 ) - TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL(expected_usage, + mbedtls_test_update_key_usage_flags(policy_usage)); + + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); + + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + + TEST_EQUAL(psa_get_key_usage_flags(&attributes), expected_usage); + + status = psa_sign_hash(key, exercise_alg, + payload, payload_length, + signature, sizeof(signature), + &signature_length); + if (compatible_alg && (expected_usage & PSA_KEY_USAGE_SIGN_HASH) != 0) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } + + memset(signature, 0, sizeof(signature)); + status = psa_verify_hash(key, exercise_alg, + payload, payload_length, + signature, sizeof(signature)); + if (compatible_alg && (expected_usage & PSA_KEY_USAGE_VERIFY_HASH) != 0) { + TEST_EQUAL(status, PSA_ERROR_INVALID_SIGNATURE); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } + + if (PSA_ALG_IS_SIGN_HASH(exercise_alg) && + PSA_ALG_IS_HASH(PSA_ALG_SIGN_GET_HASH(exercise_alg))) { + status = psa_sign_message(key, exercise_alg, + payload, payload_length, + signature, sizeof(signature), + &signature_length); + if (compatible_alg && (expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE) != 0) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } + + memset(signature, 0, sizeof(signature)); + status = psa_verify_message(key, exercise_alg, + payload, payload_length, + signature, sizeof(signature)); + if (compatible_alg && (expected_usage & PSA_KEY_USAGE_VERIFY_MESSAGE) != 0) { + TEST_EQUAL(status, PSA_ERROR_INVALID_SIGNATURE); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } } exit: - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_key_policy( int policy_usage, - int policy_alg, - int key_type, - data_t *key_data, - int exercise_alg ) +void derive_key_policy(int policy_usage, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) ); + PSA_ASSERT(psa_key_derivation_setup(&operation, exercise_alg)); - if( PSA_ALG_IS_TLS12_PRF( exercise_alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( exercise_alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( - &operation, - PSA_KEY_DERIVATION_INPUT_SEED, - (const uint8_t*) "", 0) ); + if (PSA_ALG_IS_TLS12_PRF(exercise_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(exercise_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, + PSA_KEY_DERIVATION_INPUT_SEED, + (const uint8_t *) "", 0)); } - status = psa_key_derivation_input_key( &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - key ); + status = psa_key_derivation_input_key(&operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) - PSA_ASSERT( status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_DERIVE) != 0) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void agreement_key_policy( int policy_usage, - int policy_alg, - int key_type_arg, - data_t *key_data, - int exercise_alg, - int expected_status_arg ) +void agreement_key_policy(int policy_usage, + int policy_alg, + int key_type_arg, + data_t *key_data, + int exercise_alg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1258,30 +1276,30 @@ void agreement_key_policy( int policy_usage, psa_status_t status; psa_status_t expected_status = expected_status_arg; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) ); - status = mbedtls_test_psa_key_agreement_with_self( &operation, key ); + PSA_ASSERT(psa_key_derivation_setup(&operation, exercise_alg)); + status = mbedtls_test_psa_key_agreement_with_self(&operation, key); - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_policy_alg2( int key_type_arg, data_t *key_data, - int usage_arg, int alg_arg, int alg2_arg ) +void key_policy_alg2(int key_type_arg, data_t *key_data, + int usage_arg, int alg_arg, int alg2_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -1291,46 +1309,48 @@ void key_policy_alg2( int key_type_arg, data_t *key_data, psa_algorithm_t alg = alg_arg; psa_algorithm_t alg2 = alg2_arg; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_enrollment_algorithm( &attributes, alg2 ); - psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_enrollment_algorithm(&attributes, alg2); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Update the usage flags to obtain implicit usage flags */ - usage = mbedtls_test_update_key_usage_flags( usage ); - PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage ); - TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( &got_attributes ), alg2 ); + usage = mbedtls_test_update_key_usage_flags(usage); + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_usage_flags(&got_attributes), usage); + TEST_EQUAL(psa_get_key_algorithm(&got_attributes), alg); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&got_attributes), alg2); - if( ! mbedtls_test_psa_exercise_key( key, usage, alg ) ) + if (!mbedtls_test_psa_exercise_key(key, usage, alg)) { goto exit; - if( ! mbedtls_test_psa_exercise_key( key, usage, alg2 ) ) + } + if (!mbedtls_test_psa_exercise_key(key, usage, alg2)) { goto exit; + } exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void raw_agreement_key_policy( int policy_usage, - int policy_alg, - int key_type_arg, - data_t *key_data, - int exercise_alg, - int expected_status_arg ) +void raw_agreement_key_policy(int policy_usage, + int policy_alg, + int key_type_arg, + data_t *key_data, + int exercise_alg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1339,35 +1359,35 @@ void raw_agreement_key_policy( int policy_usage, psa_status_t status; psa_status_t expected_status = expected_status_arg; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - status = mbedtls_test_psa_raw_key_agreement_with_self( exercise_alg, key ); + status = mbedtls_test_psa_raw_key_agreement_with_self(exercise_alg, key); - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void copy_success( int source_usage_arg, - int source_alg_arg, int source_alg2_arg, - int type_arg, data_t *material, - int copy_attributes, - int target_usage_arg, - int target_alg_arg, int target_alg2_arg, - int expected_usage_arg, - int expected_alg_arg, int expected_alg2_arg ) +void copy_success(int source_usage_arg, + int source_alg_arg, int source_alg2_arg, + int type_arg, data_t *material, + int copy_attributes, + int target_usage_arg, + int target_alg_arg, int target_alg2_arg, + int expected_usage_arg, + int expected_alg_arg, int expected_alg2_arg) { psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1378,195 +1398,199 @@ void copy_success( int source_usage_arg, mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT; uint8_t *export_buffer = NULL; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Prepare the source key. */ - psa_set_key_usage_flags( &source_attributes, source_usage_arg ); - psa_set_key_algorithm( &source_attributes, source_alg_arg ); - psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg ); - psa_set_key_type( &source_attributes, type_arg ); - PSA_ASSERT( psa_import_key( &source_attributes, - material->x, material->len, - &source_key ) ); - PSA_ASSERT( psa_get_key_attributes( source_key, &source_attributes ) ); + psa_set_key_usage_flags(&source_attributes, source_usage_arg); + psa_set_key_algorithm(&source_attributes, source_alg_arg); + psa_set_key_enrollment_algorithm(&source_attributes, source_alg2_arg); + psa_set_key_type(&source_attributes, type_arg); + PSA_ASSERT(psa_import_key(&source_attributes, + material->x, material->len, + &source_key)); + PSA_ASSERT(psa_get_key_attributes(source_key, &source_attributes)); /* Prepare the target attributes. */ - if( copy_attributes ) - { + if (copy_attributes) { target_attributes = source_attributes; /* Set volatile lifetime to reset the key identifier to 0. */ - psa_set_key_lifetime( &target_attributes, PSA_KEY_LIFETIME_VOLATILE ); + psa_set_key_lifetime(&target_attributes, PSA_KEY_LIFETIME_VOLATILE); } - if( target_usage_arg != -1 ) - psa_set_key_usage_flags( &target_attributes, target_usage_arg ); - if( target_alg_arg != -1 ) - psa_set_key_algorithm( &target_attributes, target_alg_arg ); - if( target_alg2_arg != -1 ) - psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); + if (target_usage_arg != -1) { + psa_set_key_usage_flags(&target_attributes, target_usage_arg); + } + if (target_alg_arg != -1) { + psa_set_key_algorithm(&target_attributes, target_alg_arg); + } + if (target_alg2_arg != -1) { + psa_set_key_enrollment_algorithm(&target_attributes, target_alg2_arg); + } /* Copy the key. */ - PSA_ASSERT( psa_copy_key( source_key, - &target_attributes, &target_key ) ); + PSA_ASSERT(psa_copy_key(source_key, + &target_attributes, &target_key)); /* Destroy the source to ensure that this doesn't affect the target. */ - PSA_ASSERT( psa_destroy_key( source_key ) ); + PSA_ASSERT(psa_destroy_key(source_key)); /* Test that the target slot has the expected content and policy. */ - PSA_ASSERT( psa_get_key_attributes( target_key, &target_attributes ) ); - TEST_EQUAL( psa_get_key_type( &source_attributes ), - psa_get_key_type( &target_attributes ) ); - TEST_EQUAL( psa_get_key_bits( &source_attributes ), - psa_get_key_bits( &target_attributes ) ); - TEST_EQUAL( expected_usage, psa_get_key_usage_flags( &target_attributes ) ); - TEST_EQUAL( expected_alg, psa_get_key_algorithm( &target_attributes ) ); - TEST_EQUAL( expected_alg2, - psa_get_key_enrollment_algorithm( &target_attributes ) ); - if( expected_usage & PSA_KEY_USAGE_EXPORT ) - { + PSA_ASSERT(psa_get_key_attributes(target_key, &target_attributes)); + TEST_EQUAL(psa_get_key_type(&source_attributes), + psa_get_key_type(&target_attributes)); + TEST_EQUAL(psa_get_key_bits(&source_attributes), + psa_get_key_bits(&target_attributes)); + TEST_EQUAL(expected_usage, psa_get_key_usage_flags(&target_attributes)); + TEST_EQUAL(expected_alg, psa_get_key_algorithm(&target_attributes)); + TEST_EQUAL(expected_alg2, + psa_get_key_enrollment_algorithm(&target_attributes)); + if (expected_usage & PSA_KEY_USAGE_EXPORT) { size_t length; - ASSERT_ALLOC( export_buffer, material->len ); - PSA_ASSERT( psa_export_key( target_key, export_buffer, - material->len, &length ) ); - ASSERT_COMPARE( material->x, material->len, - export_buffer, length ); + ASSERT_ALLOC(export_buffer, material->len); + PSA_ASSERT(psa_export_key(target_key, export_buffer, + material->len, &length)); + ASSERT_COMPARE(material->x, material->len, + export_buffer, length); } - if( ! mbedtls_test_psa_exercise_key( target_key, expected_usage, expected_alg ) ) + if (!mbedtls_test_psa_exercise_key(target_key, expected_usage, expected_alg)) { goto exit; - if( ! mbedtls_test_psa_exercise_key( target_key, expected_usage, expected_alg2 ) ) + } + if (!mbedtls_test_psa_exercise_key(target_key, expected_usage, expected_alg2)) { goto exit; + } - PSA_ASSERT( psa_destroy_key( target_key ) ); + PSA_ASSERT(psa_destroy_key(target_key)); exit: /* * Source and target key attributes may have been returned by * psa_get_key_attributes() thus reset them as required. */ - psa_reset_key_attributes( &source_attributes ); - psa_reset_key_attributes( &target_attributes ); + psa_reset_key_attributes(&source_attributes); + psa_reset_key_attributes(&target_attributes); - PSA_DONE( ); - mbedtls_free( export_buffer ); + PSA_DONE(); + mbedtls_free(export_buffer); } /* END_CASE */ /* BEGIN_CASE */ -void copy_fail( int source_usage_arg, - int source_alg_arg, int source_alg2_arg, - int type_arg, data_t *material, - int target_type_arg, int target_bits_arg, - int target_usage_arg, - int target_alg_arg, int target_alg2_arg, - int target_id_arg, int target_lifetime_arg, - int expected_status_arg ) +void copy_fail(int source_usage_arg, + int source_alg_arg, int source_alg2_arg, + int type_arg, data_t *material, + int target_type_arg, int target_bits_arg, + int target_usage_arg, + int target_alg_arg, int target_alg2_arg, + int target_id_arg, int target_lifetime_arg, + int expected_status_arg) { psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t source_key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT; - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, target_id_arg ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, target_id_arg); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Prepare the source key. */ - psa_set_key_usage_flags( &source_attributes, source_usage_arg ); - psa_set_key_algorithm( &source_attributes, source_alg_arg ); - psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg ); - psa_set_key_type( &source_attributes, type_arg ); - PSA_ASSERT( psa_import_key( &source_attributes, - material->x, material->len, - &source_key ) ); + psa_set_key_usage_flags(&source_attributes, source_usage_arg); + psa_set_key_algorithm(&source_attributes, source_alg_arg); + psa_set_key_enrollment_algorithm(&source_attributes, source_alg2_arg); + psa_set_key_type(&source_attributes, type_arg); + PSA_ASSERT(psa_import_key(&source_attributes, + material->x, material->len, + &source_key)); /* Prepare the target attributes. */ - psa_set_key_id( &target_attributes, key_id ); - psa_set_key_lifetime( &target_attributes, target_lifetime_arg ); - psa_set_key_type( &target_attributes, target_type_arg ); - psa_set_key_bits( &target_attributes, target_bits_arg ); - psa_set_key_usage_flags( &target_attributes, target_usage_arg ); - psa_set_key_algorithm( &target_attributes, target_alg_arg ); - psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); + psa_set_key_id(&target_attributes, key_id); + psa_set_key_lifetime(&target_attributes, target_lifetime_arg); + psa_set_key_type(&target_attributes, target_type_arg); + psa_set_key_bits(&target_attributes, target_bits_arg); + psa_set_key_usage_flags(&target_attributes, target_usage_arg); + psa_set_key_algorithm(&target_attributes, target_alg_arg); + psa_set_key_enrollment_algorithm(&target_attributes, target_alg2_arg); /* Try to copy the key. */ - TEST_EQUAL( psa_copy_key( source_key, - &target_attributes, &target_key ), - expected_status_arg ); + TEST_EQUAL(psa_copy_key(source_key, + &target_attributes, &target_key), + expected_status_arg); - PSA_ASSERT( psa_destroy_key( source_key ) ); + PSA_ASSERT(psa_destroy_key(source_key)); exit: - psa_reset_key_attributes( &source_attributes ); - psa_reset_key_attributes( &target_attributes ); - PSA_DONE( ); + psa_reset_key_attributes(&source_attributes); + psa_reset_key_attributes(&target_attributes); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_operation_init( ) +void hash_operation_init() { const uint8_t input[1] = { 0 }; /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need * to suppress the Clang warning for the test. */ - psa_hash_operation_t func = psa_hash_operation_init( ); + psa_hash_operation_t func = psa_hash_operation_init(); psa_hash_operation_t init = PSA_HASH_OPERATION_INIT; psa_hash_operation_t zero; - memset( &zero, 0, sizeof( zero ) ); + memset(&zero, 0, sizeof(zero)); /* A freshly-initialized hash operation should not be usable. */ - TEST_EQUAL( psa_hash_update( &func, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_hash_update( &init, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_hash_update( &zero, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL(psa_hash_update(&func, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_hash_update(&init, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_hash_update(&zero, input, sizeof(input)), + PSA_ERROR_BAD_STATE); /* A default hash operation should be abortable without error. */ - PSA_ASSERT( psa_hash_abort( &func ) ); - PSA_ASSERT( psa_hash_abort( &init ) ); - PSA_ASSERT( psa_hash_abort( &zero ) ); + PSA_ASSERT(psa_hash_abort(&func)); + PSA_ASSERT(psa_hash_abort(&init)); + PSA_ASSERT(psa_hash_abort(&zero)); } /* END_CASE */ /* BEGIN_CASE */ -void hash_setup( int alg_arg, - int expected_status_arg ) +void hash_setup(int alg_arg, + int expected_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - status = psa_hash_setup( &operation, alg ); - TEST_EQUAL( status, expected_status ); + status = psa_hash_setup(&operation, alg); + TEST_EQUAL(status, expected_status); /* Whether setup succeeded or failed, abort must succeed. */ - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_abort(&operation)); /* If setup failed, reproduce the failure, so as to * test the resulting state of the operation object. */ - if( status != PSA_SUCCESS ) - TEST_EQUAL( psa_hash_setup( &operation, alg ), status ); + if (status != PSA_SUCCESS) { + TEST_EQUAL(psa_hash_setup(&operation, alg), status); + } /* Now the operation object should be reusable. */ #if defined(KNOWN_SUPPORTED_HASH_ALG) - PSA_ASSERT( psa_hash_setup( &operation, KNOWN_SUPPORTED_HASH_ALG ) ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_setup(&operation, KNOWN_SUPPORTED_HASH_ALG)); + PSA_ASSERT(psa_hash_abort(&operation)); #endif exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_compute_fail( int alg_arg, data_t *input, - int output_size_arg, int expected_status_arg ) +void hash_compute_fail(int alg_arg, data_t *input, + int output_size_arg, int expected_status_arg) { psa_algorithm_t alg = alg_arg; uint8_t *output = NULL; @@ -1575,100 +1599,99 @@ void hash_compute_fail( int alg_arg, data_t *input, psa_status_t expected_status = expected_status_arg; psa_status_t status; - ASSERT_ALLOC( output, output_size ); + ASSERT_ALLOC(output, output_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - status = psa_hash_compute( alg, input->x, input->len, - output, output_size, &output_length ); - TEST_EQUAL( status, expected_status ); - TEST_LE_U( output_length, output_size ); + status = psa_hash_compute(alg, input->x, input->len, + output, output_size, &output_length); + TEST_EQUAL(status, expected_status); + TEST_LE_U(output_length, output_size); exit: - mbedtls_free( output ); - PSA_DONE( ); + mbedtls_free(output); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_compare_fail( int alg_arg, data_t *input, - data_t *reference_hash, - int expected_status_arg ) +void hash_compare_fail(int alg_arg, data_t *input, + data_t *reference_hash, + int expected_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - status = psa_hash_compare( alg, input->x, input->len, - reference_hash->x, reference_hash->len ); - TEST_EQUAL( status, expected_status ); + status = psa_hash_compare(alg, input->x, input->len, + reference_hash->x, reference_hash->len); + TEST_EQUAL(status, expected_status); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_compute_compare( int alg_arg, data_t *input, - data_t *expected_output ) +void hash_compute_compare(int alg_arg, data_t *input, + data_t *expected_output) { psa_algorithm_t alg = alg_arg; uint8_t output[PSA_HASH_MAX_SIZE + 1]; size_t output_length = INVALID_EXPORT_LENGTH; size_t i; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Compute with tight buffer */ - PSA_ASSERT( psa_hash_compute( alg, input->x, input->len, - output, PSA_HASH_LENGTH( alg ), - &output_length ) ); - TEST_EQUAL( output_length, PSA_HASH_LENGTH( alg ) ); - ASSERT_COMPARE( output, output_length, - expected_output->x, expected_output->len ); + PSA_ASSERT(psa_hash_compute(alg, input->x, input->len, + output, PSA_HASH_LENGTH(alg), + &output_length)); + TEST_EQUAL(output_length, PSA_HASH_LENGTH(alg)); + ASSERT_COMPARE(output, output_length, + expected_output->x, expected_output->len); /* Compute with larger buffer */ - PSA_ASSERT( psa_hash_compute( alg, input->x, input->len, - output, sizeof( output ), - &output_length ) ); - TEST_EQUAL( output_length, PSA_HASH_LENGTH( alg ) ); - ASSERT_COMPARE( output, output_length, - expected_output->x, expected_output->len ); + PSA_ASSERT(psa_hash_compute(alg, input->x, input->len, + output, sizeof(output), + &output_length)); + TEST_EQUAL(output_length, PSA_HASH_LENGTH(alg)); + ASSERT_COMPARE(output, output_length, + expected_output->x, expected_output->len); /* Compare with correct hash */ - PSA_ASSERT( psa_hash_compare( alg, input->x, input->len, - output, output_length ) ); + PSA_ASSERT(psa_hash_compare(alg, input->x, input->len, + output, output_length)); /* Compare with trailing garbage */ - TEST_EQUAL( psa_hash_compare( alg, input->x, input->len, - output, output_length + 1 ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_hash_compare(alg, input->x, input->len, + output, output_length + 1), + PSA_ERROR_INVALID_SIGNATURE); /* Compare with truncated hash */ - TEST_EQUAL( psa_hash_compare( alg, input->x, input->len, - output, output_length - 1 ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_hash_compare(alg, input->x, input->len, + output, output_length - 1), + PSA_ERROR_INVALID_SIGNATURE); /* Compare with corrupted value */ - for( i = 0; i < output_length; i++ ) - { - mbedtls_test_set_step( i ); + for (i = 0; i < output_length; i++) { + mbedtls_test_set_step(i); output[i] ^= 1; - TEST_EQUAL( psa_hash_compare( alg, input->x, input->len, - output, output_length ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_hash_compare(alg, input->x, input->len, + output, output_length), + PSA_ERROR_INVALID_SIGNATURE); output[i] ^= 1; } exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */ -void hash_bad_order( ) +void hash_bad_order() { psa_algorithm_t alg = PSA_ALG_SHA_256; unsigned char input[] = ""; @@ -1676,103 +1699,104 @@ void hash_bad_order( ) const unsigned char valid_hash[] = { 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, - 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 }; + 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 + }; unsigned char hash[sizeof(valid_hash)] = { 0 }; size_t hash_len; psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Call setup twice in a row. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_hash_setup( &operation, alg ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_hash_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_hash_setup(&operation, alg), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_hash_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Call update without calling setup beforehand. */ - TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + TEST_EQUAL(psa_hash_update(&operation, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); /* Check that update calls abort on error. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); operation.id = UINT_MAX; - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_hash_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_hash_update(&operation, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_hash_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Call update after finish. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - PSA_ASSERT( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ) ); - TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + PSA_ASSERT(psa_hash_finish(&operation, + hash, sizeof(hash), &hash_len)); + TEST_EQUAL(psa_hash_update(&operation, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); /* Call verify without calling setup beforehand. */ - TEST_EQUAL( psa_hash_verify( &operation, - valid_hash, sizeof( valid_hash ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + TEST_EQUAL(psa_hash_verify(&operation, + valid_hash, sizeof(valid_hash)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); /* Call verify after finish. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - PSA_ASSERT( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ) ); - TEST_EQUAL( psa_hash_verify( &operation, - valid_hash, sizeof( valid_hash ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + PSA_ASSERT(psa_hash_finish(&operation, + hash, sizeof(hash), &hash_len)); + TEST_EQUAL(psa_hash_verify(&operation, + valid_hash, sizeof(valid_hash)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); /* Call verify twice in a row. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - PSA_ASSERT( psa_hash_verify( &operation, - valid_hash, sizeof( valid_hash ) ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - TEST_EQUAL( psa_hash_verify( &operation, - valid_hash, sizeof( valid_hash ) ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + PSA_ASSERT(psa_hash_verify(&operation, + valid_hash, sizeof(valid_hash))); + ASSERT_OPERATION_IS_INACTIVE(operation); + TEST_EQUAL(psa_hash_verify(&operation, + valid_hash, sizeof(valid_hash)), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_hash_abort(&operation)); /* Call finish without calling setup beforehand. */ - TEST_EQUAL( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + TEST_EQUAL(psa_hash_finish(&operation, + hash, sizeof(hash), &hash_len), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); /* Call finish twice in a row. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - PSA_ASSERT( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ) ); - TEST_EQUAL( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + PSA_ASSERT(psa_hash_finish(&operation, + hash, sizeof(hash), &hash_len)); + TEST_EQUAL(psa_hash_finish(&operation, + hash, sizeof(hash), &hash_len), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); /* Call finish after calling verify. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - PSA_ASSERT( psa_hash_verify( &operation, - valid_hash, sizeof( valid_hash ) ) ); - TEST_EQUAL( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + PSA_ASSERT(psa_hash_verify(&operation, + valid_hash, sizeof(valid_hash))); + TEST_EQUAL(psa_hash_finish(&operation, + hash, sizeof(hash), &hash_len), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */ -void hash_verify_bad_args( ) +void hash_verify_bad_args() { psa_algorithm_t alg = PSA_ALG_SHA_256; /* SHA-256 hash of an empty string with 2 extra bytes (0xaa and 0xbb) @@ -1780,60 +1804,61 @@ void hash_verify_bad_args( ) unsigned char hash[] = { 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, - 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55, 0xaa, 0xbb }; - size_t expected_size = PSA_HASH_LENGTH( alg ); + 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55, 0xaa, 0xbb + }; + size_t expected_size = PSA_HASH_LENGTH(alg); psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* psa_hash_verify with a smaller hash than expected */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_hash_verify( &operation, hash, expected_size - 1 ), - PSA_ERROR_INVALID_SIGNATURE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_hash_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_hash_verify(&operation, hash, expected_size - 1), + PSA_ERROR_INVALID_SIGNATURE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_hash_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* psa_hash_verify with a non-matching hash */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( psa_hash_verify( &operation, hash + 1, expected_size ), - PSA_ERROR_INVALID_SIGNATURE ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + TEST_EQUAL(psa_hash_verify(&operation, hash + 1, expected_size), + PSA_ERROR_INVALID_SIGNATURE); /* psa_hash_verify with a hash longer than expected */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ), - PSA_ERROR_INVALID_SIGNATURE ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + TEST_EQUAL(psa_hash_verify(&operation, hash, sizeof(hash)), + PSA_ERROR_INVALID_SIGNATURE); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */ -void hash_finish_bad_args( ) +void hash_finish_bad_args() { psa_algorithm_t alg = PSA_ALG_SHA_256; unsigned char hash[PSA_HASH_MAX_SIZE]; - size_t expected_size = PSA_HASH_LENGTH( alg ); + size_t expected_size = PSA_HASH_LENGTH(alg); psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; size_t hash_len; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* psa_hash_finish with a smaller hash buffer than expected */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( psa_hash_finish( &operation, - hash, expected_size - 1, &hash_len ), - PSA_ERROR_BUFFER_TOO_SMALL ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + TEST_EQUAL(psa_hash_finish(&operation, + hash, expected_size - 1, &hash_len), + PSA_ERROR_BUFFER_TOO_SMALL); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */ -void hash_clone_source_state( ) +void hash_clone_source_state() { psa_algorithm_t alg = PSA_ALG_SHA_256; unsigned char hash[PSA_HASH_MAX_SIZE]; @@ -1844,41 +1869,41 @@ void hash_clone_source_state( ) psa_hash_operation_t op_aborted = PSA_HASH_OPERATION_INIT; size_t hash_len; - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_hash_setup( &op_source, alg ) ); - - PSA_ASSERT( psa_hash_setup( &op_setup, alg ) ); - PSA_ASSERT( psa_hash_setup( &op_finished, alg ) ); - PSA_ASSERT( psa_hash_finish( &op_finished, - hash, sizeof( hash ), &hash_len ) ); - PSA_ASSERT( psa_hash_setup( &op_aborted, alg ) ); - PSA_ASSERT( psa_hash_abort( &op_aborted ) ); - - TEST_EQUAL( psa_hash_clone( &op_source, &op_setup ), - PSA_ERROR_BAD_STATE ); - - PSA_ASSERT( psa_hash_clone( &op_source, &op_init ) ); - PSA_ASSERT( psa_hash_finish( &op_init, - hash, sizeof( hash ), &hash_len ) ); - PSA_ASSERT( psa_hash_clone( &op_source, &op_finished ) ); - PSA_ASSERT( psa_hash_finish( &op_finished, - hash, sizeof( hash ), &hash_len ) ); - PSA_ASSERT( psa_hash_clone( &op_source, &op_aborted ) ); - PSA_ASSERT( psa_hash_finish( &op_aborted, - hash, sizeof( hash ), &hash_len ) ); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_hash_setup(&op_source, alg)); + + PSA_ASSERT(psa_hash_setup(&op_setup, alg)); + PSA_ASSERT(psa_hash_setup(&op_finished, alg)); + PSA_ASSERT(psa_hash_finish(&op_finished, + hash, sizeof(hash), &hash_len)); + PSA_ASSERT(psa_hash_setup(&op_aborted, alg)); + PSA_ASSERT(psa_hash_abort(&op_aborted)); + + TEST_EQUAL(psa_hash_clone(&op_source, &op_setup), + PSA_ERROR_BAD_STATE); + + PSA_ASSERT(psa_hash_clone(&op_source, &op_init)); + PSA_ASSERT(psa_hash_finish(&op_init, + hash, sizeof(hash), &hash_len)); + PSA_ASSERT(psa_hash_clone(&op_source, &op_finished)); + PSA_ASSERT(psa_hash_finish(&op_finished, + hash, sizeof(hash), &hash_len)); + PSA_ASSERT(psa_hash_clone(&op_source, &op_aborted)); + PSA_ASSERT(psa_hash_finish(&op_aborted, + hash, sizeof(hash), &hash_len)); exit: - psa_hash_abort( &op_source ); - psa_hash_abort( &op_init ); - psa_hash_abort( &op_setup ); - psa_hash_abort( &op_finished ); - psa_hash_abort( &op_aborted ); - PSA_DONE( ); + psa_hash_abort(&op_source); + psa_hash_abort(&op_init); + psa_hash_abort(&op_setup); + psa_hash_abort(&op_finished); + psa_hash_abort(&op_aborted); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */ -void hash_clone_target_state( ) +void hash_clone_target_state() { psa_algorithm_t alg = PSA_ALG_SHA_256; unsigned char hash[PSA_HASH_MAX_SIZE]; @@ -1889,37 +1914,37 @@ void hash_clone_target_state( ) psa_hash_operation_t op_target = PSA_HASH_OPERATION_INIT; size_t hash_len; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - PSA_ASSERT( psa_hash_setup( &op_setup, alg ) ); - PSA_ASSERT( psa_hash_setup( &op_finished, alg ) ); - PSA_ASSERT( psa_hash_finish( &op_finished, - hash, sizeof( hash ), &hash_len ) ); - PSA_ASSERT( psa_hash_setup( &op_aborted, alg ) ); - PSA_ASSERT( psa_hash_abort( &op_aborted ) ); + PSA_ASSERT(psa_hash_setup(&op_setup, alg)); + PSA_ASSERT(psa_hash_setup(&op_finished, alg)); + PSA_ASSERT(psa_hash_finish(&op_finished, + hash, sizeof(hash), &hash_len)); + PSA_ASSERT(psa_hash_setup(&op_aborted, alg)); + PSA_ASSERT(psa_hash_abort(&op_aborted)); - PSA_ASSERT( psa_hash_clone( &op_setup, &op_target ) ); - PSA_ASSERT( psa_hash_finish( &op_target, - hash, sizeof( hash ), &hash_len ) ); + PSA_ASSERT(psa_hash_clone(&op_setup, &op_target)); + PSA_ASSERT(psa_hash_finish(&op_target, + hash, sizeof(hash), &hash_len)); - TEST_EQUAL( psa_hash_clone( &op_init, &op_target ), PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_hash_clone( &op_finished, &op_target ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_hash_clone( &op_aborted, &op_target ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL(psa_hash_clone(&op_init, &op_target), PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_hash_clone(&op_finished, &op_target), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_hash_clone(&op_aborted, &op_target), + PSA_ERROR_BAD_STATE); exit: - psa_hash_abort( &op_target ); - psa_hash_abort( &op_init ); - psa_hash_abort( &op_setup ); - psa_hash_abort( &op_finished ); - psa_hash_abort( &op_aborted ); - PSA_DONE( ); + psa_hash_abort(&op_target); + psa_hash_abort(&op_init); + psa_hash_abort(&op_setup); + psa_hash_abort(&op_finished); + psa_hash_abort(&op_aborted); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void mac_operation_init( ) +void mac_operation_init() { const uint8_t input[1] = { 0 }; @@ -1927,35 +1952,35 @@ void mac_operation_init( ) * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need * to suppress the Clang warning for the test. */ - psa_mac_operation_t func = psa_mac_operation_init( ); + psa_mac_operation_t func = psa_mac_operation_init(); psa_mac_operation_t init = PSA_MAC_OPERATION_INIT; psa_mac_operation_t zero; - memset( &zero, 0, sizeof( zero ) ); + memset(&zero, 0, sizeof(zero)); /* A freshly-initialized MAC operation should not be usable. */ - TEST_EQUAL( psa_mac_update( &func, - input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_mac_update( &init, - input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_mac_update( &zero, - input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL(psa_mac_update(&func, + input, sizeof(input)), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_mac_update(&init, + input, sizeof(input)), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_mac_update(&zero, + input, sizeof(input)), + PSA_ERROR_BAD_STATE); /* A default MAC operation should be abortable without error. */ - PSA_ASSERT( psa_mac_abort( &func ) ); - PSA_ASSERT( psa_mac_abort( &init ) ); - PSA_ASSERT( psa_mac_abort( &zero ) ); + PSA_ASSERT(psa_mac_abort(&func)); + PSA_ASSERT(psa_mac_abort(&init)); + PSA_ASSERT(psa_mac_abort(&zero)); } /* END_CASE */ /* BEGIN_CASE */ -void mac_setup( int key_type_arg, - data_t *key, - int alg_arg, - int expected_status_arg ) +void mac_setup(int key_type_arg, + data_t *key, + int alg_arg, + int expected_status_arg) { psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -1966,31 +1991,33 @@ void mac_setup( int key_type_arg, const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk"; #endif - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - if( ! exercise_mac_setup( key_type, key->x, key->len, alg, - &operation, &status ) ) + if (!exercise_mac_setup(key_type, key->x, key->len, alg, + &operation, &status)) { goto exit; - TEST_EQUAL( status, expected_status ); + } + TEST_EQUAL(status, expected_status); /* The operation object should be reusable. */ #if defined(KNOWN_SUPPORTED_MAC_ALG) - if( ! exercise_mac_setup( KNOWN_SUPPORTED_MAC_KEY_TYPE, - smoke_test_key_data, - sizeof( smoke_test_key_data ), - KNOWN_SUPPORTED_MAC_ALG, - &operation, &status ) ) + if (!exercise_mac_setup(KNOWN_SUPPORTED_MAC_KEY_TYPE, + smoke_test_key_data, + sizeof(smoke_test_key_data), + KNOWN_SUPPORTED_MAC_ALG, + &operation, &status)) { goto exit; - TEST_EQUAL( status, PSA_SUCCESS ); + } + TEST_EQUAL(status, PSA_SUCCESS); #endif exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_HMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256 */ -void mac_bad_order( ) +void mac_bad_order() { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = PSA_KEY_TYPE_HMAC; @@ -1998,7 +2025,8 @@ void mac_bad_order( ) const uint8_t key_data[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa + }; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; uint8_t sign_mac[PSA_MAC_MAX_SIZE + 10] = { 0 }; @@ -2007,119 +2035,120 @@ void mac_bad_order( ) const uint8_t verify_mac[] = { 0x74, 0x65, 0x93, 0x8c, 0xeb, 0x1d, 0xb3, 0x76, 0x5a, 0x38, 0xe7, 0xdd, 0x85, 0xc5, 0xad, 0x4f, 0x07, 0xe7, 0xd5, 0xb2, 0x64, 0xf0, 0x1a, 0x1a, - 0x2c, 0xf9, 0x18, 0xca, 0x59, 0x7e, 0x5d, 0xf6 }; + 0x2c, 0xf9, 0x18, 0xca, 0x59, 0x7e, 0x5d, 0xf6 + }; - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data, sizeof( key_data ), - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data, sizeof(key_data), + &key)); /* Call update without calling setup beforehand. */ - TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + TEST_EQUAL(psa_mac_update(&operation, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Call sign finish without calling setup beforehand. */ - TEST_EQUAL( psa_mac_sign_finish( &operation, sign_mac, sizeof( sign_mac ), - &sign_mac_length), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + TEST_EQUAL(psa_mac_sign_finish(&operation, sign_mac, sizeof(sign_mac), + &sign_mac_length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Call verify finish without calling setup beforehand. */ - TEST_EQUAL( psa_mac_verify_finish( &operation, - verify_mac, sizeof( verify_mac ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + TEST_EQUAL(psa_mac_verify_finish(&operation, + verify_mac, sizeof(verify_mac)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Call setup twice in a row. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_mac_sign_setup( &operation, key, alg ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_mac_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_mac_sign_setup(&operation, key, alg), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_mac_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Call update after sign finish. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - PSA_ASSERT( psa_mac_sign_finish( &operation, - sign_mac, sizeof( sign_mac ), - &sign_mac_length ) ); - TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input))); + PSA_ASSERT(psa_mac_sign_finish(&operation, + sign_mac, sizeof(sign_mac), + &sign_mac_length)); + TEST_EQUAL(psa_mac_update(&operation, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Call update after verify finish. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - PSA_ASSERT( psa_mac_verify_finish( &operation, - verify_mac, sizeof( verify_mac ) ) ); - TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input))); + PSA_ASSERT(psa_mac_verify_finish(&operation, + verify_mac, sizeof(verify_mac))); + TEST_EQUAL(psa_mac_update(&operation, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Call sign finish twice in a row. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - PSA_ASSERT( psa_mac_sign_finish( &operation, - sign_mac, sizeof( sign_mac ), - &sign_mac_length ) ); - TEST_EQUAL( psa_mac_sign_finish( &operation, - sign_mac, sizeof( sign_mac ), - &sign_mac_length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input))); + PSA_ASSERT(psa_mac_sign_finish(&operation, + sign_mac, sizeof(sign_mac), + &sign_mac_length)); + TEST_EQUAL(psa_mac_sign_finish(&operation, + sign_mac, sizeof(sign_mac), + &sign_mac_length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Call verify finish twice in a row. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - PSA_ASSERT( psa_mac_verify_finish( &operation, - verify_mac, sizeof( verify_mac ) ) ); - TEST_EQUAL( psa_mac_verify_finish( &operation, - verify_mac, sizeof( verify_mac ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input))); + PSA_ASSERT(psa_mac_verify_finish(&operation, + verify_mac, sizeof(verify_mac))); + TEST_EQUAL(psa_mac_verify_finish(&operation, + verify_mac, sizeof(verify_mac)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Setup sign but try verify. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_mac_verify_finish( &operation, - verify_mac, sizeof( verify_mac ) ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_mac_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input))); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_mac_verify_finish(&operation, + verify_mac, sizeof(verify_mac)), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_mac_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Setup verify but try sign. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_mac_sign_finish( &operation, - sign_mac, sizeof( sign_mac ), - &sign_mac_length ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_mac_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - - PSA_ASSERT( psa_destroy_key( key ) ); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input))); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_mac_sign_finish(&operation, + sign_mac, sizeof(sign_mac), + &sign_mac_length), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_mac_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); + + PSA_ASSERT(psa_destroy_key(key)); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void mac_sign( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input, - data_t *expected_mac ) +void mac_sign(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input, + data_t *expected_mac) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -2128,7 +2157,7 @@ void mac_sign( int key_type_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *actual_mac = NULL; size_t mac_buffer_size = - PSA_MAC_LENGTH( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg ); + PSA_MAC_LENGTH(key_type, PSA_BYTES_TO_BITS(key_data->len), alg); size_t mac_length = 0; const size_t output_sizes_to_test[] = { 0, @@ -2138,76 +2167,74 @@ void mac_sign( int key_type_arg, expected_mac->len + 1, }; - TEST_LE_U( mac_buffer_size, PSA_MAC_MAX_SIZE ); + TEST_LE_U(mac_buffer_size, PSA_MAC_MAX_SIZE); /* We expect PSA_MAC_LENGTH to be exact. */ - TEST_ASSERT( expected_mac->len == mac_buffer_size ); + TEST_ASSERT(expected_mac->len == mac_buffer_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - for( size_t i = 0; i < ARRAY_LENGTH( output_sizes_to_test ); i++ ) - { + for (size_t i = 0; i < ARRAY_LENGTH(output_sizes_to_test); i++) { const size_t output_size = output_sizes_to_test[i]; psa_status_t expected_status = - ( output_size >= expected_mac->len ? PSA_SUCCESS : - PSA_ERROR_BUFFER_TOO_SMALL ); + (output_size >= expected_mac->len ? PSA_SUCCESS : + PSA_ERROR_BUFFER_TOO_SMALL); - mbedtls_test_set_step( output_size ); - ASSERT_ALLOC( actual_mac, output_size ); + mbedtls_test_set_step(output_size); + ASSERT_ALLOC(actual_mac, output_size); /* Calculate the MAC, one-shot case. */ - TEST_EQUAL( psa_mac_compute( key, alg, - input->x, input->len, - actual_mac, output_size, &mac_length ), - expected_status ); - if( expected_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( expected_mac->x, expected_mac->len, - actual_mac, mac_length ); + TEST_EQUAL(psa_mac_compute(key, alg, + input->x, input->len, + actual_mac, output_size, &mac_length), + expected_status); + if (expected_status == PSA_SUCCESS) { + ASSERT_COMPARE(expected_mac->x, expected_mac->len, + actual_mac, mac_length); } - if( output_size > 0 ) - memset( actual_mac, 0, output_size ); + if (output_size > 0) { + memset(actual_mac, 0, output_size); + } /* Calculate the MAC, multi-part case. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input->x, input->len ) ); - TEST_EQUAL( psa_mac_sign_finish( &operation, - actual_mac, output_size, - &mac_length ), - expected_status ); - PSA_ASSERT( psa_mac_abort( &operation ) ); - - if( expected_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( expected_mac->x, expected_mac->len, - actual_mac, mac_length ); + PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input->x, input->len)); + TEST_EQUAL(psa_mac_sign_finish(&operation, + actual_mac, output_size, + &mac_length), + expected_status); + PSA_ASSERT(psa_mac_abort(&operation)); + + if (expected_status == PSA_SUCCESS) { + ASSERT_COMPARE(expected_mac->x, expected_mac->len, + actual_mac, mac_length); } - mbedtls_free( actual_mac ); + mbedtls_free(actual_mac); actual_mac = NULL; } exit: - psa_mac_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( actual_mac ); + psa_mac_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(actual_mac); } /* END_CASE */ /* BEGIN_CASE */ -void mac_verify( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input, - data_t *expected_mac ) +void mac_verify(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input, + data_t *expected_mac) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -2216,93 +2243,92 @@ void mac_verify( int key_type_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *perturbed_mac = NULL; - TEST_LE_U( expected_mac->len, PSA_MAC_MAX_SIZE ); + TEST_LE_U(expected_mac->len, PSA_MAC_MAX_SIZE); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Verify correct MAC, one-shot case. */ - PSA_ASSERT( psa_mac_verify( key, alg, input->x, input->len, - expected_mac->x, expected_mac->len ) ); + PSA_ASSERT(psa_mac_verify(key, alg, input->x, input->len, + expected_mac->x, expected_mac->len)); /* Verify correct MAC, multi-part case. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input->x, input->len ) ); - PSA_ASSERT( psa_mac_verify_finish( &operation, - expected_mac->x, - expected_mac->len ) ); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input->x, input->len)); + PSA_ASSERT(psa_mac_verify_finish(&operation, + expected_mac->x, + expected_mac->len)); /* Test a MAC that's too short, one-shot case. */ - TEST_EQUAL( psa_mac_verify( key, alg, - input->x, input->len, - expected_mac->x, - expected_mac->len - 1 ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_mac_verify(key, alg, + input->x, input->len, + expected_mac->x, + expected_mac->len - 1), + PSA_ERROR_INVALID_SIGNATURE); /* Test a MAC that's too short, multi-part case. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input->x, input->len ) ); - TEST_EQUAL( psa_mac_verify_finish( &operation, - expected_mac->x, - expected_mac->len - 1 ), - PSA_ERROR_INVALID_SIGNATURE ); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input->x, input->len)); + TEST_EQUAL(psa_mac_verify_finish(&operation, + expected_mac->x, + expected_mac->len - 1), + PSA_ERROR_INVALID_SIGNATURE); /* Test a MAC that's too long, one-shot case. */ - ASSERT_ALLOC( perturbed_mac, expected_mac->len + 1 ); - memcpy( perturbed_mac, expected_mac->x, expected_mac->len ); - TEST_EQUAL( psa_mac_verify( key, alg, - input->x, input->len, - perturbed_mac, expected_mac->len + 1 ), - PSA_ERROR_INVALID_SIGNATURE ); + ASSERT_ALLOC(perturbed_mac, expected_mac->len + 1); + memcpy(perturbed_mac, expected_mac->x, expected_mac->len); + TEST_EQUAL(psa_mac_verify(key, alg, + input->x, input->len, + perturbed_mac, expected_mac->len + 1), + PSA_ERROR_INVALID_SIGNATURE); /* Test a MAC that's too long, multi-part case. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input->x, input->len ) ); - TEST_EQUAL( psa_mac_verify_finish( &operation, - perturbed_mac, - expected_mac->len + 1 ), - PSA_ERROR_INVALID_SIGNATURE ); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input->x, input->len)); + TEST_EQUAL(psa_mac_verify_finish(&operation, + perturbed_mac, + expected_mac->len + 1), + PSA_ERROR_INVALID_SIGNATURE); /* Test changing one byte. */ - for( size_t i = 0; i < expected_mac->len; i++ ) - { - mbedtls_test_set_step( i ); + for (size_t i = 0; i < expected_mac->len; i++) { + mbedtls_test_set_step(i); perturbed_mac[i] ^= 1; - TEST_EQUAL( psa_mac_verify( key, alg, - input->x, input->len, - perturbed_mac, expected_mac->len ), - PSA_ERROR_INVALID_SIGNATURE ); - - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input->x, input->len ) ); - TEST_EQUAL( psa_mac_verify_finish( &operation, - perturbed_mac, - expected_mac->len ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_mac_verify(key, alg, + input->x, input->len, + perturbed_mac, expected_mac->len), + PSA_ERROR_INVALID_SIGNATURE); + + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input->x, input->len)); + TEST_EQUAL(psa_mac_verify_finish(&operation, + perturbed_mac, + expected_mac->len), + PSA_ERROR_INVALID_SIGNATURE); perturbed_mac[i] ^= 1; } exit: - psa_mac_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( perturbed_mac ); + psa_mac_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(perturbed_mac); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_operation_init( ) +void cipher_operation_init() { const uint8_t input[1] = { 0 }; unsigned char output[1] = { 0 }; @@ -2311,41 +2337,41 @@ void cipher_operation_init( ) * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need * to suppress the Clang warning for the test. */ - psa_cipher_operation_t func = psa_cipher_operation_init( ); + psa_cipher_operation_t func = psa_cipher_operation_init(); psa_cipher_operation_t init = PSA_CIPHER_OPERATION_INIT; psa_cipher_operation_t zero; - memset( &zero, 0, sizeof( zero ) ); + memset(&zero, 0, sizeof(zero)); /* A freshly-initialized cipher operation should not be usable. */ - TEST_EQUAL( psa_cipher_update( &func, - input, sizeof( input ), - output, sizeof( output ), - &output_length ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_cipher_update( &init, - input, sizeof( input ), - output, sizeof( output ), - &output_length ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_cipher_update( &zero, - input, sizeof( input ), - output, sizeof( output ), - &output_length ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL(psa_cipher_update(&func, + input, sizeof(input), + output, sizeof(output), + &output_length), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_cipher_update(&init, + input, sizeof(input), + output, sizeof(output), + &output_length), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_cipher_update(&zero, + input, sizeof(input), + output, sizeof(output), + &output_length), + PSA_ERROR_BAD_STATE); /* A default cipher operation should be abortable without error. */ - PSA_ASSERT( psa_cipher_abort( &func ) ); - PSA_ASSERT( psa_cipher_abort( &init ) ); - PSA_ASSERT( psa_cipher_abort( &zero ) ); + PSA_ASSERT(psa_cipher_abort(&func)); + PSA_ASSERT(psa_cipher_abort(&init)); + PSA_ASSERT(psa_cipher_abort(&zero)); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_setup( int key_type_arg, - data_t *key, - int alg_arg, - int expected_status_arg ) +void cipher_setup(int key_type_arg, + data_t *key, + int alg_arg, + int expected_status_arg) { psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -2356,32 +2382,34 @@ void cipher_setup( int key_type_arg, const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk"; #endif - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - if( ! exercise_cipher_setup( key_type, key->x, key->len, alg, - &operation, &status ) ) + if (!exercise_cipher_setup(key_type, key->x, key->len, alg, + &operation, &status)) { goto exit; - TEST_EQUAL( status, expected_status ); + } + TEST_EQUAL(status, expected_status); /* The operation object should be reusable. */ #if defined(KNOWN_SUPPORTED_CIPHER_ALG) - if( ! exercise_cipher_setup( KNOWN_SUPPORTED_CIPHER_KEY_TYPE, - smoke_test_key_data, - sizeof( smoke_test_key_data ), - KNOWN_SUPPORTED_CIPHER_ALG, - &operation, &status ) ) + if (!exercise_cipher_setup(KNOWN_SUPPORTED_CIPHER_KEY_TYPE, + smoke_test_key_data, + sizeof(smoke_test_key_data), + KNOWN_SUPPORTED_CIPHER_ALG, + &operation, &status)) { goto exit; - TEST_EQUAL( status, PSA_SUCCESS ); + } + TEST_EQUAL(status, PSA_SUCCESS); #endif exit: - psa_cipher_abort( &operation ); - PSA_DONE( ); + psa_cipher_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_PKCS7 */ -void cipher_bad_order( ) +void cipher_bad_order() { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = PSA_KEY_TYPE_AES; @@ -2391,173 +2419,175 @@ void cipher_bad_order( ) unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES)] = { 0 }; const uint8_t key_data[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa }; + 0xaa, 0xaa, 0xaa, 0xaa + }; const uint8_t text[] = { 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, - 0xbb, 0xbb, 0xbb, 0xbb }; + 0xbb, 0xbb, 0xbb, 0xbb + }; uint8_t buffer[PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES)] = { 0 }; size_t length = 0; - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data, sizeof( key_data ), - &key ) ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_data, sizeof(key_data), + &key)); /* Call encrypt setup twice in a row. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_cipher_encrypt_setup( &operation, key, alg ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_cipher_encrypt_setup(&operation, key, alg), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Call decrypt setup twice in a row. */ - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_cipher_decrypt_setup( &operation, key, alg ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_cipher_decrypt_setup(&operation, key, alg), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Generate an IV without calling setup beforehand. */ - TEST_EQUAL( psa_cipher_generate_iv( &operation, - buffer, sizeof( buffer ), - &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + TEST_EQUAL(psa_cipher_generate_iv(&operation, + buffer, sizeof(buffer), + &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Generate an IV twice in a row. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_generate_iv( &operation, - buffer, sizeof( buffer ), - &length ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_cipher_generate_iv( &operation, - buffer, sizeof( buffer ), - &length ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_generate_iv(&operation, + buffer, sizeof(buffer), + &length)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_cipher_generate_iv(&operation, + buffer, sizeof(buffer), + &length), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Generate an IV after it's already set. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ) ); - TEST_EQUAL( psa_cipher_generate_iv( &operation, - buffer, sizeof( buffer ), - &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_set_iv(&operation, + iv, sizeof(iv))); + TEST_EQUAL(psa_cipher_generate_iv(&operation, + buffer, sizeof(buffer), + &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Set an IV without calling setup beforehand. */ - TEST_EQUAL( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + TEST_EQUAL(psa_cipher_set_iv(&operation, + iv, sizeof(iv)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Set an IV after it's already set. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_set_iv(&operation, + iv, sizeof(iv))); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_cipher_set_iv(&operation, + iv, sizeof(iv)), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Set an IV after it's already generated. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_generate_iv( &operation, - buffer, sizeof( buffer ), - &length ) ); - TEST_EQUAL( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_generate_iv(&operation, + buffer, sizeof(buffer), + &length)); + TEST_EQUAL(psa_cipher_set_iv(&operation, + iv, sizeof(iv)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Call update without calling setup beforehand. */ - TEST_EQUAL( psa_cipher_update( &operation, - text, sizeof( text ), - buffer, sizeof( buffer ), - &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + TEST_EQUAL(psa_cipher_update(&operation, + text, sizeof(text), + buffer, sizeof(buffer), + &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Call update without an IV where an IV is required. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_cipher_update( &operation, - text, sizeof( text ), - buffer, sizeof( buffer ), - &length ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_cipher_update(&operation, + text, sizeof(text), + buffer, sizeof(buffer), + &length), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Call update after finish. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ) ); - PSA_ASSERT( psa_cipher_finish( &operation, - buffer, sizeof( buffer ), &length ) ); - TEST_EQUAL( psa_cipher_update( &operation, - text, sizeof( text ), - buffer, sizeof( buffer ), - &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_set_iv(&operation, + iv, sizeof(iv))); + PSA_ASSERT(psa_cipher_finish(&operation, + buffer, sizeof(buffer), &length)); + TEST_EQUAL(psa_cipher_update(&operation, + text, sizeof(text), + buffer, sizeof(buffer), + &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Call finish without calling setup beforehand. */ - TEST_EQUAL( psa_cipher_finish( &operation, - buffer, sizeof( buffer ), &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + TEST_EQUAL(psa_cipher_finish(&operation, + buffer, sizeof(buffer), &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Call finish without an IV where an IV is required. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); /* Not calling update means we are encrypting an empty buffer, which is OK * for cipher modes with padding. */ - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_cipher_finish( &operation, - buffer, sizeof( buffer ), &length ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_cipher_finish(&operation, + buffer, sizeof(buffer), &length), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Call finish twice in a row. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ) ); - PSA_ASSERT( psa_cipher_finish( &operation, - buffer, sizeof( buffer ), &length ) ); - TEST_EQUAL( psa_cipher_finish( &operation, - buffer, sizeof( buffer ), &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - - PSA_ASSERT( psa_destroy_key( key ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_set_iv(&operation, + iv, sizeof(iv))); + PSA_ASSERT(psa_cipher_finish(&operation, + buffer, sizeof(buffer), &length)); + TEST_EQUAL(psa_cipher_finish(&operation, + buffer, sizeof(buffer), &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); + + PSA_ASSERT(psa_destroy_key(key)); exit: - psa_cipher_abort( &operation ); - PSA_DONE( ); + psa_cipher_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_fail( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input, - int expected_status_arg ) +void cipher_encrypt_fail(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -2569,37 +2599,36 @@ void cipher_encrypt_fail( int alg_arg, size_t output_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - if ( PSA_ERROR_BAD_STATE != expected_status ) - { - PSA_ASSERT( psa_crypto_init( ) ); + if (PSA_ERROR_BAD_STATE != expected_status) { + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, - input->len ); - ASSERT_ALLOC( output, output_buffer_size ); + output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, + input->len); + ASSERT_ALLOC(output, output_buffer_size); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); } - status = psa_cipher_encrypt( key, alg, input->x, input->len, output, - output_buffer_size, &output_length ); + status = psa_cipher_encrypt(key, alg, input->x, input->len, output, + output_buffer_size, &output_length); - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); exit: - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_alg_without_iv( int alg_arg, int key_type_arg, data_t *key_data, - data_t *plaintext, data_t *ciphertext ) +void cipher_alg_without_iv(int alg_arg, int key_type_arg, data_t *key_data, + data_t *plaintext, data_t *ciphertext) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -2611,110 +2640,110 @@ void cipher_alg_without_iv( int alg_arg, int key_type_arg, data_t *key_data, size_t output_length, length; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Validate size macros */ - TEST_LE_U( ciphertext->len, - PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, plaintext->len ) ); - TEST_LE_U( PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, plaintext->len ), - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( plaintext->len ) ); - TEST_LE_U( plaintext->len, - PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, ciphertext->len ) ); - TEST_LE_U( PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, ciphertext->len ), - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( ciphertext->len ) ); + TEST_LE_U(ciphertext->len, + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext->len)); + TEST_LE_U(PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext->len), + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(plaintext->len)); + TEST_LE_U(plaintext->len, + PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext->len)); + TEST_LE_U(PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext->len), + PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(ciphertext->len)); /* Set up key and output buffer */ - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, - plaintext->len ); - ASSERT_ALLOC( output, output_buffer_size ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, + plaintext->len); + ASSERT_ALLOC(output, output_buffer_size); /* set_iv() is not allowed */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ), - PSA_ERROR_BAD_STATE ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + TEST_EQUAL(psa_cipher_set_iv(&operation, iv, sizeof(iv)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); + TEST_EQUAL(psa_cipher_set_iv(&operation, iv, sizeof(iv)), + PSA_ERROR_BAD_STATE); /* generate_iv() is not allowed */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( psa_cipher_generate_iv( &operation, iv, sizeof( iv ), - &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( psa_cipher_generate_iv( &operation, iv, sizeof( iv ), - &length ), - PSA_ERROR_BAD_STATE ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + TEST_EQUAL(psa_cipher_generate_iv(&operation, iv, sizeof(iv), + &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); + TEST_EQUAL(psa_cipher_generate_iv(&operation, iv, sizeof(iv), + &length), + PSA_ERROR_BAD_STATE); /* Multipart encryption */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); output_length = 0; length = ~0; - PSA_ASSERT( psa_cipher_update( &operation, - plaintext->x, plaintext->len, - output, output_buffer_size, - &length ) ); - TEST_LE_U( length, output_buffer_size ); + PSA_ASSERT(psa_cipher_update(&operation, + plaintext->x, plaintext->len, + output, output_buffer_size, + &length)); + TEST_LE_U(length, output_buffer_size); output_length += length; - PSA_ASSERT( psa_cipher_finish( &operation, - mbedtls_buffer_offset( output, output_length ), - output_buffer_size - output_length, - &length ) ); + PSA_ASSERT(psa_cipher_finish(&operation, + mbedtls_buffer_offset(output, output_length), + output_buffer_size - output_length, + &length)); output_length += length; - ASSERT_COMPARE( ciphertext->x, ciphertext->len, - output, output_length ); + ASSERT_COMPARE(ciphertext->x, ciphertext->len, + output, output_length); /* Multipart encryption */ - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); output_length = 0; length = ~0; - PSA_ASSERT( psa_cipher_update( &operation, - ciphertext->x, ciphertext->len, - output, output_buffer_size, - &length ) ); - TEST_LE_U( length, output_buffer_size ); + PSA_ASSERT(psa_cipher_update(&operation, + ciphertext->x, ciphertext->len, + output, output_buffer_size, + &length)); + TEST_LE_U(length, output_buffer_size); output_length += length; - PSA_ASSERT( psa_cipher_finish( &operation, - mbedtls_buffer_offset( output, output_length ), - output_buffer_size - output_length, - &length ) ); + PSA_ASSERT(psa_cipher_finish(&operation, + mbedtls_buffer_offset(output, output_length), + output_buffer_size - output_length, + &length)); output_length += length; - ASSERT_COMPARE( plaintext->x, plaintext->len, - output, output_length ); + ASSERT_COMPARE(plaintext->x, plaintext->len, + output, output_length); /* One-shot encryption */ output_length = ~0; - PSA_ASSERT( psa_cipher_encrypt( key, alg, plaintext->x, plaintext->len, - output, output_buffer_size, - &output_length ) ); - ASSERT_COMPARE( ciphertext->x, ciphertext->len, - output, output_length ); + PSA_ASSERT(psa_cipher_encrypt(key, alg, plaintext->x, plaintext->len, + output, output_buffer_size, + &output_length)); + ASSERT_COMPARE(ciphertext->x, ciphertext->len, + output, output_length); /* One-shot decryption */ output_length = ~0; - PSA_ASSERT( psa_cipher_decrypt( key, alg, ciphertext->x, ciphertext->len, - output, output_buffer_size, - &output_length ) ); - ASSERT_COMPARE( plaintext->x, plaintext->len, - output, output_length ); + PSA_ASSERT(psa_cipher_decrypt(key, alg, ciphertext->x, ciphertext->len, + output, output_buffer_size, + &output_length)); + ASSERT_COMPARE(plaintext->x, plaintext->len, + output, output_length); exit: - mbedtls_free( output ); - psa_cipher_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(output); + psa_cipher_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_bad_key( int alg_arg, int key_type_arg, data_t *key_data ) +void cipher_bad_key(int alg_arg, int key_type_arg, data_t *key_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; @@ -2723,46 +2752,46 @@ void cipher_bad_key( int alg_arg, int key_type_arg, data_t *key_data ) psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); /* Usage of either of these two size macros would cause divide by zero * with incorrect key types previously. Input length should be irrelevant * here. */ - TEST_EQUAL( PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, 16 ), - 0 ); - TEST_EQUAL( PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, 16 ), 0 ); + TEST_EQUAL(PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, 16), + 0); + TEST_EQUAL(PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, 16), 0); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Should fail due to invalid alg type (to support invalid key type). * Encrypt or decrypt will end up in the same place. */ - status = psa_cipher_encrypt_setup( &operation, key, alg ); + status = psa_cipher_encrypt_setup(&operation, key, alg); - TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT); exit: - psa_cipher_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_validation( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input ) +void cipher_encrypt_validation(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg ); + size_t iv_size = PSA_CIPHER_IV_LENGTH(key_type, alg); unsigned char *output1 = NULL; size_t output1_buffer_size = 0; size_t output1_length = 0; @@ -2773,74 +2802,74 @@ void cipher_encrypt_validation( int alg_arg, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); - ASSERT_ALLOC( output1, output1_buffer_size ); - ASSERT_ALLOC( output2, output2_buffer_size ); + output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); + output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) + + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); + ASSERT_ALLOC(output1, output1_buffer_size); + ASSERT_ALLOC(output2, output2_buffer_size); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* The one-shot cipher encryption uses generated iv so validating the output is not possible. Validating with multipart encryption. */ - PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1, - output1_buffer_size, &output1_length ) ); - TEST_LE_U( output1_length, - PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); - TEST_LE_U( output1_length, - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); - - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) ); - - PSA_ASSERT( psa_cipher_update( &operation, - input->x, input->len, - output2, output2_buffer_size, - &function_output_length ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); + PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len, output1, + output1_buffer_size, &output1_length)); + TEST_LE_U(output1_length, + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len)); + TEST_LE_U(output1_length, + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input->len)); + + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_set_iv(&operation, output1, iv_size)); + + PSA_ASSERT(psa_cipher_update(&operation, + input->x, input->len, + output2, output2_buffer_size, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len)); output2_length += function_output_length; - PSA_ASSERT( psa_cipher_finish( &operation, - output2 + output2_length, - output2_buffer_size - output2_length, - &function_output_length ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); + PSA_ASSERT(psa_cipher_finish(&operation, + output2 + output2_length, + output2_buffer_size - output2_length, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE); output2_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size, - output2, output2_length ); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_COMPARE(output1 + iv_size, output1_length - iv_size, + output2, output2_length); exit: - psa_cipher_abort( &operation ); - mbedtls_free( output1 ); - mbedtls_free( output2 ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output1); + mbedtls_free(output2); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_multipart( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, - int first_part_size_arg, - int output1_length_arg, int output2_length_arg, - data_t *expected_output, - int expected_status_arg ) +void cipher_encrypt_multipart(int alg_arg, int key_type_arg, + data_t *key_data, data_t *iv, + data_t *input, + int first_part_size_arg, + int output1_length_arg, int output2_length_arg, + data_t *expected_output, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -2857,92 +2886,89 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); - if( iv->len > 0 ) - { - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); + if (iv->len > 0) { + PSA_ASSERT(psa_cipher_set_iv(&operation, iv->x, iv->len)); } - output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); - ASSERT_ALLOC( output, output_buffer_size ); - - TEST_LE_U( first_part_size, input->len ); - PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) ); - TEST_ASSERT( function_output_length == output1_length ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size) ); + output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) + + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); + ASSERT_ALLOC(output, output_buffer_size); + + TEST_LE_U(first_part_size, input->len); + PSA_ASSERT(psa_cipher_update(&operation, input->x, first_part_size, + output, output_buffer_size, + &function_output_length)); + TEST_ASSERT(function_output_length == output1_length); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size)); total_output_length += function_output_length; - if( first_part_size < input->len ) - { - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length == output2_length ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, - alg, - input->len - first_part_size ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); + if (first_part_size < input->len) { + PSA_ASSERT(psa_cipher_update(&operation, + input->x + first_part_size, + input->len - first_part_size, + (output_buffer_size == 0 ? NULL : + output + total_output_length), + output_buffer_size - total_output_length, + &function_output_length)); + TEST_ASSERT(function_output_length == output2_length); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, + alg, + input->len - first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len)); total_output_length += function_output_length; } - status = psa_cipher_finish( &operation, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ); - TEST_LE_U( function_output_length, - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); + status = psa_cipher_finish(&operation, + (output_buffer_size == 0 ? NULL : + output + total_output_length), + output_buffer_size - total_output_length, + &function_output_length); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE); total_output_length += function_output_length; - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_cipher_abort( &operation ) ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(psa_cipher_abort(&operation)); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); + ASSERT_COMPARE(expected_output->x, expected_output->len, + output, total_output_length); } exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt_multipart( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, - int first_part_size_arg, - int output1_length_arg, int output2_length_arg, - data_t *expected_output, - int expected_status_arg ) +void cipher_decrypt_multipart(int alg_arg, int key_type_arg, + data_t *key_data, data_t *iv, + data_t *input, + int first_part_size_arg, + int output1_length_arg, int output2_length_arg, + data_t *expected_output, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -2959,92 +2985,89 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); - if( iv->len > 0 ) - { - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); + if (iv->len > 0) { + PSA_ASSERT(psa_cipher_set_iv(&operation, iv->x, iv->len)); } - output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); - ASSERT_ALLOC( output, output_buffer_size ); - - TEST_LE_U( first_part_size, input->len ); - PSA_ASSERT( psa_cipher_update( &operation, - input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) ); - TEST_ASSERT( function_output_length == output1_length ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) ); + output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) + + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); + ASSERT_ALLOC(output, output_buffer_size); + + TEST_LE_U(first_part_size, input->len); + PSA_ASSERT(psa_cipher_update(&operation, + input->x, first_part_size, + output, output_buffer_size, + &function_output_length)); + TEST_ASSERT(function_output_length == output1_length); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size)); total_output_length += function_output_length; - if( first_part_size < input->len ) - { - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length == output2_length ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, - alg, - input->len - first_part_size ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); + if (first_part_size < input->len) { + PSA_ASSERT(psa_cipher_update(&operation, + input->x + first_part_size, + input->len - first_part_size, + (output_buffer_size == 0 ? NULL : + output + total_output_length), + output_buffer_size - total_output_length, + &function_output_length)); + TEST_ASSERT(function_output_length == output2_length); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, + alg, + input->len - first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len)); total_output_length += function_output_length; } - status = psa_cipher_finish( &operation, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ); - TEST_LE_U( function_output_length, - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); + status = psa_cipher_finish(&operation, + (output_buffer_size == 0 ? NULL : + output + total_output_length), + output_buffer_size - total_output_length, + &function_output_length); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE); total_output_length += function_output_length; - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_cipher_abort( &operation ) ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(psa_cipher_abort(&operation)); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); + ASSERT_COMPARE(expected_output->x, expected_output->len, + output, total_output_length); } exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt_fail( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input_arg, - int expected_status_arg ) +void cipher_decrypt_fail(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -3058,49 +3081,47 @@ void cipher_decrypt_fail( int alg_arg, size_t output_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - if ( PSA_ERROR_BAD_STATE != expected_status ) - { - PSA_ASSERT( psa_crypto_init( ) ); + if (PSA_ERROR_BAD_STATE != expected_status) { + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); } /* Allocate input buffer and copy the iv and the plaintext */ - input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); - if ( input_buffer_size > 0 ) - { - ASSERT_ALLOC( input, input_buffer_size ); - memcpy( input, iv->x, iv->len ); - memcpy( input + iv->len, input_arg->x, input_arg->len ); + input_buffer_size = ((size_t) input_arg->len + (size_t) iv->len); + if (input_buffer_size > 0) { + ASSERT_ALLOC(input, input_buffer_size); + memcpy(input, iv->x, iv->len); + memcpy(input + iv->len, input_arg->x, input_arg->len); } - output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); - ASSERT_ALLOC( output, output_buffer_size ); + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size); + ASSERT_ALLOC(output, output_buffer_size); - status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output, - output_buffer_size, &output_length ); - TEST_EQUAL( status, expected_status ); + status = psa_cipher_decrypt(key, alg, input, input_buffer_size, output, + output_buffer_size, &output_length); + TEST_EQUAL(status, expected_status); exit: - mbedtls_free( input ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(input); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input_arg, - data_t *expected_output ) +void cipher_decrypt(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + data_t *expected_output) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3112,49 +3133,48 @@ void cipher_decrypt( int alg_arg, size_t output_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); /* Allocate input buffer and copy the iv and the plaintext */ - input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); - if ( input_buffer_size > 0 ) - { - ASSERT_ALLOC( input, input_buffer_size ); - memcpy( input, iv->x, iv->len ); - memcpy( input + iv->len, input_arg->x, input_arg->len ); + input_buffer_size = ((size_t) input_arg->len + (size_t) iv->len); + if (input_buffer_size > 0) { + ASSERT_ALLOC(input, input_buffer_size); + memcpy(input, iv->x, iv->len); + memcpy(input + iv->len, input_arg->x, input_arg->len); } - output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); - ASSERT_ALLOC( output, output_buffer_size ); + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size); + ASSERT_ALLOC(output, output_buffer_size); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_decrypt( key, alg, input, input_buffer_size, output, - output_buffer_size, &output_length ) ); - TEST_LE_U( output_length, - PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ) ); - TEST_LE_U( output_length, - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input_buffer_size ) ); + PSA_ASSERT(psa_cipher_decrypt(key, alg, input, input_buffer_size, output, + output_buffer_size, &output_length)); + TEST_LE_U(output_length, + PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size)); + TEST_LE_U(output_length, + PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(input_buffer_size)); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, output_length ); + ASSERT_COMPARE(expected_output->x, expected_output->len, + output, output_length); exit: - mbedtls_free( input ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(input); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_verify_output( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input ) +void cipher_verify_output(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3167,58 +3187,58 @@ void cipher_verify_output( int alg_arg, size_t output2_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - output1_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - ASSERT_ALLOC( output1, output1_size ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + output1_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); + ASSERT_ALLOC(output1, output1_size); - PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, - output1, output1_size, - &output1_length ) ); - TEST_LE_U( output1_length, - PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); - TEST_LE_U( output1_length, - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); + PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len, + output1, output1_size, + &output1_length)); + TEST_LE_U(output1_length, + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len)); + TEST_LE_U(output1_length, + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input->len)); output2_size = output1_length; - ASSERT_ALLOC( output2, output2_size ); + ASSERT_ALLOC(output2, output2_size); - PSA_ASSERT( psa_cipher_decrypt( key, alg, output1, output1_length, - output2, output2_size, - &output2_length ) ); - TEST_LE_U( output2_length, - PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) ); - TEST_LE_U( output2_length, - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) ); + PSA_ASSERT(psa_cipher_decrypt(key, alg, output1, output1_length, + output2, output2_size, + &output2_length)); + TEST_LE_U(output2_length, + PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, output1_length)); + TEST_LE_U(output2_length, + PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(output1_length)); - ASSERT_COMPARE( input->x, input->len, output2, output2_length ); + ASSERT_COMPARE(input->x, input->len, output2, output2_length); exit: - mbedtls_free( output1 ); - mbedtls_free( output2 ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(output1); + mbedtls_free(output2); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_verify_output_multipart( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input, - int first_part_size_arg ) +void cipher_verify_output_multipart(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input, + int first_part_size_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t first_part_size = first_part_size_arg; - unsigned char iv[16] = {0}; + unsigned char iv[16] = { 0 }; size_t iv_size = 16; size_t iv_length = 0; unsigned char *output1 = NULL; @@ -3232,132 +3252,130 @@ void cipher_verify_output_multipart( int alg_arg, psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, key, alg ) ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, key, alg ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation1, key, alg)); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation2, key, alg)); - if( alg != PSA_ALG_ECB_NO_PADDING ) - { - PSA_ASSERT( psa_cipher_generate_iv( &operation1, - iv, iv_size, - &iv_length ) ); + if (alg != PSA_ALG_ECB_NO_PADDING) { + PSA_ASSERT(psa_cipher_generate_iv(&operation1, + iv, iv_size, + &iv_length)); } - output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - TEST_LE_U( output1_buffer_size, - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); - ASSERT_ALLOC( output1, output1_buffer_size ); + output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); + TEST_LE_U(output1_buffer_size, + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input->len)); + ASSERT_ALLOC(output1, output1_buffer_size); - TEST_LE_U( first_part_size, input->len ); + TEST_LE_U(first_part_size, input->len); - PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size, - output1, output1_buffer_size, - &function_output_length ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) ); + PSA_ASSERT(psa_cipher_update(&operation1, input->x, first_part_size, + output1, output1_buffer_size, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size)); output1_length += function_output_length; - PSA_ASSERT( psa_cipher_update( &operation1, - input->x + first_part_size, - input->len - first_part_size, - output1, output1_buffer_size, - &function_output_length ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, - alg, - input->len - first_part_size ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len - first_part_size ) ); + PSA_ASSERT(psa_cipher_update(&operation1, + input->x + first_part_size, + input->len - first_part_size, + output1, output1_buffer_size, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, + alg, + input->len - first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len - first_part_size)); output1_length += function_output_length; - PSA_ASSERT( psa_cipher_finish( &operation1, - output1 + output1_length, - output1_buffer_size - output1_length, - &function_output_length ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); + PSA_ASSERT(psa_cipher_finish(&operation1, + output1 + output1_length, + output1_buffer_size - output1_length, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE); output1_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation1 ) ); + PSA_ASSERT(psa_cipher_abort(&operation1)); output2_buffer_size = output1_length; - TEST_LE_U( output2_buffer_size, - PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) ); - TEST_LE_U( output2_buffer_size, - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) ); - ASSERT_ALLOC( output2, output2_buffer_size ); - - if( iv_length > 0 ) - { - PSA_ASSERT( psa_cipher_set_iv( &operation2, - iv, iv_length ) ); + TEST_LE_U(output2_buffer_size, + PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, output1_length)); + TEST_LE_U(output2_buffer_size, + PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(output1_length)); + ASSERT_ALLOC(output2, output2_buffer_size); + + if (iv_length > 0) { + PSA_ASSERT(psa_cipher_set_iv(&operation2, + iv, iv_length)); } - PSA_ASSERT( psa_cipher_update( &operation2, output1, first_part_size, - output2, output2_buffer_size, - &function_output_length ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) ); + PSA_ASSERT(psa_cipher_update(&operation2, output1, first_part_size, + output2, output2_buffer_size, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size)); output2_length += function_output_length; - PSA_ASSERT( psa_cipher_update( &operation2, - output1 + first_part_size, - output1_length - first_part_size, - output2, output2_buffer_size, - &function_output_length ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, - alg, - output1_length - first_part_size ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( output1_length - first_part_size ) ); + PSA_ASSERT(psa_cipher_update(&operation2, + output1 + first_part_size, + output1_length - first_part_size, + output2, output2_buffer_size, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, + alg, + output1_length - first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(output1_length - first_part_size)); output2_length += function_output_length; - PSA_ASSERT( psa_cipher_finish( &operation2, - output2 + output2_length, - output2_buffer_size - output2_length, - &function_output_length ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_LE_U( function_output_length, - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); + PSA_ASSERT(psa_cipher_finish(&operation2, + output2 + output2_length, + output2_buffer_size - output2_length, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE); output2_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation2 ) ); + PSA_ASSERT(psa_cipher_abort(&operation2)); - ASSERT_COMPARE( input->x, input->len, output2, output2_length ); + ASSERT_COMPARE(input->x, input->len, output2, output2_length); exit: - psa_cipher_abort( &operation1 ); - psa_cipher_abort( &operation2 ); - mbedtls_free( output1 ); - mbedtls_free( output2 ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation1); + psa_cipher_abort(&operation2); + mbedtls_free(output1); + mbedtls_free(output2); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, - int alg_arg, - data_t *nonce, - data_t *additional_data, - data_t *input_data, - int expected_result_arg ) +void aead_encrypt_decrypt(int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data, + int expected_result_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3372,90 +3390,87 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, psa_status_t expected_result = expected_result_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, - alg ); + output_size = input_data->len + PSA_AEAD_TAG_LENGTH(key_type, key_bits, + alg); /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE * should be exact. */ - if( expected_result != PSA_ERROR_INVALID_ARGUMENT && - expected_result != PSA_ERROR_NOT_SUPPORTED ) - { - TEST_EQUAL( output_size, - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); + if (expected_result != PSA_ERROR_INVALID_ARGUMENT && + expected_result != PSA_ERROR_NOT_SUPPORTED) { + TEST_EQUAL(output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_data->len)); + TEST_ASSERT(output_size <= + PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len)); } - ASSERT_ALLOC( output_data, output_size ); + ASSERT_ALLOC(output_data, output_size); - status = psa_aead_encrypt( key, alg, - nonce->x, nonce->len, - additional_data->x, - additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ); + status = psa_aead_encrypt(key, alg, + nonce->x, nonce->len, + additional_data->x, + additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length); /* If the operation is not supported, just skip and not fail in case the * encryption involves a common limitation of cryptography hardwares and * an alternative implementation. */ - if( status == PSA_ERROR_NOT_SUPPORTED ) - { - MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192( key_type, key_data->len * 8 ); - MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE( alg, nonce->len ); + if (status == PSA_ERROR_NOT_SUPPORTED) { + MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_data->len * 8); + MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, nonce->len); } - TEST_EQUAL( status, expected_result ); + TEST_EQUAL(status, expected_result); - if( PSA_SUCCESS == expected_result ) - { - ASSERT_ALLOC( output_data2, output_length ); + if (PSA_SUCCESS == expected_result) { + ASSERT_ALLOC(output_data2, output_length); /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE * should be exact. */ - TEST_EQUAL( input_data->len, - PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, output_length ) ); - - TEST_ASSERT( input_data->len <= - PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( output_length ) ); - - TEST_EQUAL( psa_aead_decrypt( key, alg, - nonce->x, nonce->len, - additional_data->x, - additional_data->len, - output_data, output_length, - output_data2, output_length, - &output_length2 ), - expected_result ); - - ASSERT_COMPARE( input_data->x, input_data->len, - output_data2, output_length2 ); + TEST_EQUAL(input_data->len, + PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, output_length)); + + TEST_ASSERT(input_data->len <= + PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(output_length)); + + TEST_EQUAL(psa_aead_decrypt(key, alg, + nonce->x, nonce->len, + additional_data->x, + additional_data->len, + output_data, output_length, + output_data2, output_length, + &output_length2), + expected_result); + + ASSERT_COMPARE(input_data->x, input_data->len, + output_data2, output_length2); } exit: - psa_destroy_key( key ); - mbedtls_free( output_data ); - mbedtls_free( output_data2 ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output_data); + mbedtls_free(output_data2); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_encrypt( int key_type_arg, data_t *key_data, - int alg_arg, - data_t *nonce, - data_t *additional_data, - data_t *input_data, - data_t *expected_result ) +void aead_encrypt(int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data, + data_t *expected_result) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3467,62 +3482,61 @@ void aead_encrypt( int key_type_arg, data_t *key_data, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, - alg ); + output_size = input_data->len + PSA_AEAD_TAG_LENGTH(key_type, key_bits, + alg); /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE * should be exact. */ - TEST_EQUAL( output_size, - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); - ASSERT_ALLOC( output_data, output_size ); - - status = psa_aead_encrypt( key, alg, - nonce->x, nonce->len, - additional_data->x, additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ); + TEST_EQUAL(output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_data->len)); + TEST_ASSERT(output_size <= + PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len)); + ASSERT_ALLOC(output_data, output_size); + + status = psa_aead_encrypt(key, alg, + nonce->x, nonce->len, + additional_data->x, additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length); /* If the operation is not supported, just skip and not fail in case the * encryption involves a common limitation of cryptography hardwares and * an alternative implementation. */ - if( status == PSA_ERROR_NOT_SUPPORTED ) - { - MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192( key_type, key_data->len * 8 ); - MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE( alg, nonce->len ); + if (status == PSA_ERROR_NOT_SUPPORTED) { + MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_data->len * 8); + MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, nonce->len); } - PSA_ASSERT( status ); - ASSERT_COMPARE( expected_result->x, expected_result->len, - output_data, output_length ); + PSA_ASSERT(status); + ASSERT_COMPARE(expected_result->x, expected_result->len, + output_data, output_length); exit: - psa_destroy_key( key ); - mbedtls_free( output_data ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output_data); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_decrypt( int key_type_arg, data_t *key_data, - int alg_arg, - data_t *nonce, - data_t *additional_data, - data_t *input_data, - data_t *expected_data, - int expected_result_arg ) +void aead_decrypt(int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data, + data_t *expected_data, + int expected_result_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3535,75 +3549,74 @@ void aead_decrypt( int key_type_arg, data_t *key_data, psa_status_t expected_result = expected_result_arg; psa_status_t status = PSA_ERROR_GENERIC_ERROR; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits, - alg ); - if( expected_result != PSA_ERROR_INVALID_ARGUMENT && - expected_result != PSA_ERROR_NOT_SUPPORTED ) - { + output_size = input_data->len - PSA_AEAD_TAG_LENGTH(key_type, key_bits, + alg); + if (expected_result != PSA_ERROR_INVALID_ARGUMENT && + expected_result != PSA_ERROR_NOT_SUPPORTED) { /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE * should be exact. */ - TEST_EQUAL( output_size, - PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); + TEST_EQUAL(output_size, + PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, input_data->len)); + TEST_ASSERT(output_size <= + PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(input_data->len)); } - ASSERT_ALLOC( output_data, output_size ); + ASSERT_ALLOC(output_data, output_size); - status = psa_aead_decrypt( key, alg, - nonce->x, nonce->len, - additional_data->x, - additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ); + status = psa_aead_decrypt(key, alg, + nonce->x, nonce->len, + additional_data->x, + additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length); /* If the operation is not supported, just skip and not fail in case the * decryption involves a common limitation of cryptography hardwares and * an alternative implementation. */ - if( status == PSA_ERROR_NOT_SUPPORTED ) - { - MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192( key_type, key_data->len * 8 ); - MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE( alg, nonce->len ); + if (status == PSA_ERROR_NOT_SUPPORTED) { + MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_data->len * 8); + MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, nonce->len); } - TEST_EQUAL( status, expected_result ); + TEST_EQUAL(status, expected_result); - if( expected_result == PSA_SUCCESS ) - ASSERT_COMPARE( expected_data->x, expected_data->len, - output_data, output_length ); + if (expected_result == PSA_SUCCESS) { + ASSERT_COMPARE(expected_data->x, expected_data->len, + output_data, output_length); + } exit: - psa_destroy_key( key ); - mbedtls_free( output_data ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output_data); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void signature_size( int type_arg, - int bits, - int alg_arg, - int expected_size_arg ) +void signature_size(int type_arg, + int bits, + int alg_arg, + int expected_size_arg) { psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; - size_t actual_size = PSA_SIGN_OUTPUT_SIZE( type, bits, alg ); + size_t actual_size = PSA_SIGN_OUTPUT_SIZE(type, bits, alg); - TEST_EQUAL( actual_size, (size_t) expected_size_arg ); + TEST_EQUAL(actual_size, (size_t) expected_size_arg); #if defined(MBEDTLS_TEST_DEPRECATED) - TEST_EQUAL( actual_size, - PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( type, bits, alg ) ); + TEST_EQUAL(actual_size, + PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg)); #endif /* MBEDTLS_TEST_DEPRECATED */ exit: @@ -3612,9 +3625,9 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void sign_hash_deterministic( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data, - data_t *output_data ) +void sign_hash_deterministic(int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, + data_t *output_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3625,43 +3638,43 @@ void sign_hash_deterministic( int key_type_arg, data_t *key_data, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); /* Allocate a buffer which has the size advertised by the * library. */ - signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, - key_bits, alg ); - TEST_ASSERT( signature_size != 0 ); - TEST_LE_U( signature_size, PSA_SIGNATURE_MAX_SIZE ); - ASSERT_ALLOC( signature, signature_size ); + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, + key_bits, alg); + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + ASSERT_ALLOC(signature, signature_size); /* Perform the signature. */ - PSA_ASSERT( psa_sign_hash( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) ); + PSA_ASSERT(psa_sign_hash(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length)); /* Verify that the signature is what is expected. */ - ASSERT_COMPARE( output_data->x, output_data->len, - signature, signature_length ); + ASSERT_COMPARE(output_data->x, output_data->len, + signature, signature_length); #if defined(MBEDTLS_TEST_DEPRECATED) - memset( signature, 0, signature_size ); + memset(signature, 0, signature_size); signature_length = INVALID_EXPORT_LENGTH; - PSA_ASSERT( psa_asymmetric_sign( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) ); - ASSERT_COMPARE( output_data->x, output_data->len, - signature, signature_length ); + PSA_ASSERT(psa_asymmetric_sign(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length)); + ASSERT_COMPARE(output_data->x, output_data->len, + signature, signature_length); #endif /* MBEDTLS_TEST_DEPRECATED */ exit: @@ -3669,18 +3682,18 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_hash_fail( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data, - int signature_size_arg, int expected_status_arg ) +void sign_hash_fail(int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, + int signature_size_arg, int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3692,49 +3705,49 @@ void sign_hash_fail( int key_type_arg, data_t *key_data, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC( signature, signature_size ); + ASSERT_ALLOC(signature, signature_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - actual_status = psa_sign_hash( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_sign_hash(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length); + TEST_EQUAL(actual_status, expected_status); /* The value of *signature_length is unspecified on error, but * whatever it is, it should be less than signature_size, so that * if the caller tries to read *signature_length bytes without * checking the error code then they don't overflow a buffer. */ - TEST_LE_U( signature_length, signature_size ); + TEST_LE_U(signature_length, signature_size); #if defined(MBEDTLS_TEST_DEPRECATED) signature_length = INVALID_EXPORT_LENGTH; - TEST_EQUAL( psa_asymmetric_sign( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ), - expected_status ); - TEST_LE_U( signature_length, signature_size ); + TEST_EQUAL(psa_asymmetric_sign(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length), + expected_status); + TEST_LE_U(signature_length, signature_size); #endif /* MBEDTLS_TEST_DEPRECATED */ exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_verify_hash( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data ) +void sign_verify_hash(int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3745,49 +3758,48 @@ void sign_verify_hash( int key_type_arg, data_t *key_data, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); /* Allocate a buffer which has the size advertised by the * library. */ - signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, - key_bits, alg ); - TEST_ASSERT( signature_size != 0 ); - TEST_LE_U( signature_size, PSA_SIGNATURE_MAX_SIZE ); - ASSERT_ALLOC( signature, signature_size ); + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, + key_bits, alg); + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + ASSERT_ALLOC(signature, signature_size); /* Perform the signature. */ - PSA_ASSERT( psa_sign_hash( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) ); + PSA_ASSERT(psa_sign_hash(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length)); /* Check that the signature length looks sensible. */ - TEST_LE_U( signature_length, signature_size ); - TEST_ASSERT( signature_length > 0 ); + TEST_LE_U(signature_length, signature_size); + TEST_ASSERT(signature_length > 0); /* Use the library to verify that the signature is correct. */ - PSA_ASSERT( psa_verify_hash( key, alg, - input_data->x, input_data->len, - signature, signature_length ) ); + PSA_ASSERT(psa_verify_hash(key, alg, + input_data->x, input_data->len, + signature, signature_length)); - if( input_data->len != 0 ) - { + if (input_data->len != 0) { /* Flip a bit in the input and verify that the signature is now * detected as invalid. Flip a bit at the beginning, not at the end, * because ECDSA may ignore the last few bits of the input. */ input_data->x[0] ^= 1; - TEST_EQUAL( psa_verify_hash( key, alg, - input_data->x, input_data->len, - signature, signature_length ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_verify_hash(key, alg, + input_data->x, input_data->len, + signature, signature_length), + PSA_ERROR_INVALID_SIGNATURE); } exit: @@ -3795,59 +3807,59 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void verify_hash( int key_type_arg, data_t *key_data, - int alg_arg, data_t *hash_data, - data_t *signature_data ) +void verify_hash(int key_type_arg, data_t *key_data, + int alg_arg, data_t *hash_data, + data_t *signature_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - TEST_LE_U( signature_data->len, PSA_SIGNATURE_MAX_SIZE ); + TEST_LE_U(signature_data->len, PSA_SIGNATURE_MAX_SIZE); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_verify_hash( key, alg, - hash_data->x, hash_data->len, - signature_data->x, signature_data->len ) ); + PSA_ASSERT(psa_verify_hash(key, alg, + hash_data->x, hash_data->len, + signature_data->x, signature_data->len)); #if defined(MBEDTLS_TEST_DEPRECATED) - PSA_ASSERT( psa_asymmetric_verify( key, alg, - hash_data->x, hash_data->len, - signature_data->x, - signature_data->len ) ); + PSA_ASSERT(psa_asymmetric_verify(key, alg, + hash_data->x, hash_data->len, + signature_data->x, + signature_data->len)); #endif /* MBEDTLS_TEST_DEPRECATED */ exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void verify_hash_fail( int key_type_arg, data_t *key_data, - int alg_arg, data_t *hash_data, - data_t *signature_data, - int expected_status_arg ) +void verify_hash_fail(int key_type_arg, data_t *key_data, + int alg_arg, data_t *hash_data, + data_t *signature_data, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3856,40 +3868,40 @@ void verify_hash_fail( int key_type_arg, data_t *key_data, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - actual_status = psa_verify_hash( key, alg, - hash_data->x, hash_data->len, - signature_data->x, signature_data->len ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_verify_hash(key, alg, + hash_data->x, hash_data->len, + signature_data->x, signature_data->len); + TEST_EQUAL(actual_status, expected_status); #if defined(MBEDTLS_TEST_DEPRECATED) - TEST_EQUAL( psa_asymmetric_verify( key, alg, - hash_data->x, hash_data->len, - signature_data->x, signature_data->len ), - expected_status ); + TEST_EQUAL(psa_asymmetric_verify(key, alg, + hash_data->x, hash_data->len, + signature_data->x, signature_data->len), + expected_status); #endif /* MBEDTLS_TEST_DEPRECATED */ exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_message_deterministic( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - data_t *output_data ) +void sign_message_deterministic(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *output_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3900,47 +3912,47 @@ void sign_message_deterministic( int key_type_arg, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); - TEST_ASSERT( signature_size != 0 ); - TEST_LE_U( signature_size, PSA_SIGNATURE_MAX_SIZE ); - ASSERT_ALLOC( signature, signature_size ); + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg); + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + ASSERT_ALLOC(signature, signature_size); - PSA_ASSERT( psa_sign_message( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) ); + PSA_ASSERT(psa_sign_message(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length)); - ASSERT_COMPARE( output_data->x, output_data->len, - signature, signature_length ); + ASSERT_COMPARE(output_data->x, output_data->len, + signature, signature_length); exit: - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_message_fail( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - int signature_size_arg, - int expected_status_arg ) +void sign_message_fail(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + int signature_size_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3952,41 +3964,41 @@ void sign_message_fail( int key_type_arg, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC( signature, signature_size ); + ASSERT_ALLOC(signature, signature_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - actual_status = psa_sign_message( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_sign_message(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length); + TEST_EQUAL(actual_status, expected_status); /* The value of *signature_length is unspecified on error, but * whatever it is, it should be less than signature_size, so that * if the caller tries to read *signature_length bytes without * checking the error code then they don't overflow a buffer. */ - TEST_LE_U( signature_length, signature_size ); + TEST_LE_U(signature_length, signature_size); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_verify_message( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data ) +void sign_verify_message(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3997,96 +4009,95 @@ void sign_verify_message( int key_type_arg, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE | - PSA_KEY_USAGE_VERIFY_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_VERIFY_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); - TEST_ASSERT( signature_size != 0 ); - TEST_LE_U( signature_size, PSA_SIGNATURE_MAX_SIZE ); - ASSERT_ALLOC( signature, signature_size ); + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg); + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + ASSERT_ALLOC(signature, signature_size); - PSA_ASSERT( psa_sign_message( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) ); - TEST_LE_U( signature_length, signature_size ); - TEST_ASSERT( signature_length > 0 ); + PSA_ASSERT(psa_sign_message(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length)); + TEST_LE_U(signature_length, signature_size); + TEST_ASSERT(signature_length > 0); - PSA_ASSERT( psa_verify_message( key, alg, - input_data->x, input_data->len, - signature, signature_length ) ); + PSA_ASSERT(psa_verify_message(key, alg, + input_data->x, input_data->len, + signature, signature_length)); - if( input_data->len != 0 ) - { + if (input_data->len != 0) { /* Flip a bit in the input and verify that the signature is now * detected as invalid. Flip a bit at the beginning, not at the end, * because ECDSA may ignore the last few bits of the input. */ input_data->x[0] ^= 1; - TEST_EQUAL( psa_verify_message( key, alg, - input_data->x, input_data->len, - signature, signature_length ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_verify_message(key, alg, + input_data->x, input_data->len, + signature, signature_length), + PSA_ERROR_INVALID_SIGNATURE); } exit: - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void verify_message( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - data_t *signature_data ) +void verify_message(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *signature_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - TEST_LE_U( signature_data->len, PSA_SIGNATURE_MAX_SIZE ); + TEST_LE_U(signature_data->len, PSA_SIGNATURE_MAX_SIZE); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_verify_message( key, alg, - input_data->x, input_data->len, - signature_data->x, signature_data->len ) ); + PSA_ASSERT(psa_verify_message(key, alg, + input_data->x, input_data->len, + signature_data->x, signature_data->len)); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void verify_message_fail( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *hash_data, - data_t *signature_data, - int expected_status_arg ) +void verify_message_fail(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *hash_data, + data_t *signature_data, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -4095,36 +4106,36 @@ void verify_message_fail( int key_type_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - actual_status = psa_verify_message( key, alg, - hash_data->x, hash_data->len, - signature_data->x, - signature_data->len ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_verify_message(key, alg, + hash_data->x, hash_data->len, + signature_data->x, + signature_data->len); + TEST_EQUAL(actual_status, expected_status); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_encrypt( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - data_t *label, - int expected_output_length_arg, - int expected_status_arg ) +void asymmetric_encrypt(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *label, + int expected_output_length_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -4138,46 +4149,46 @@ void asymmetric_encrypt( int key_type_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Import the key */ - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Determine the maximum output length */ - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); - TEST_LE_U( output_size, PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE ); - ASSERT_ALLOC( output, output_size ); + output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg); + TEST_LE_U(output_size, PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE); + ASSERT_ALLOC(output, output_size); /* Encrypt the input */ - actual_status = psa_asymmetric_encrypt( key, alg, - input_data->x, input_data->len, - label->x, label->len, - output, output_size, - &output_length ); - TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( output_length, expected_output_length ); + actual_status = psa_asymmetric_encrypt(key, alg, + input_data->x, input_data->len, + label->x, label->len, + output, output_size, + &output_length); + TEST_EQUAL(actual_status, expected_status); + TEST_EQUAL(output_length, expected_output_length); /* If the label is empty, the test framework puts a non-null pointer * in label->x. Test that a null pointer works as well. */ - if( label->len == 0 ) - { + if (label->len == 0) { output_length = ~0; - if( output_size != 0 ) - memset( output, 0, output_size ); - actual_status = psa_asymmetric_encrypt( key, alg, - input_data->x, input_data->len, - NULL, label->len, - output, output_size, - &output_length ); - TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( output_length, expected_output_length ); + if (output_size != 0) { + memset(output, 0, output_size); + } + actual_status = psa_asymmetric_encrypt(key, alg, + input_data->x, input_data->len, + NULL, label->len, + output, output_size, + &output_length); + TEST_EQUAL(actual_status, expected_status); + TEST_EQUAL(output_length, expected_output_length); } exit: @@ -4185,20 +4196,20 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - mbedtls_free( output ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_encrypt_decrypt( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - data_t *label ) +void asymmetric_encrypt_decrypt(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *label) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -4212,70 +4223,70 @@ void asymmetric_encrypt_decrypt( int key_type_arg, size_t output2_length = ~0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Determine the maximum ciphertext length */ - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); - TEST_LE_U( output_size, PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE ); - ASSERT_ALLOC( output, output_size ); + output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg); + TEST_LE_U(output_size, PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE); + ASSERT_ALLOC(output, output_size); output2_size = input_data->len; - TEST_LE_U( output2_size, - PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( key_type, key_bits, alg ) ); - TEST_LE_U( output2_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE ); - ASSERT_ALLOC( output2, output2_size ); + TEST_LE_U(output2_size, + PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)); + TEST_LE_U(output2_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE); + ASSERT_ALLOC(output2, output2_size); /* We test encryption by checking that encrypt-then-decrypt gives back * the original plaintext because of the non-optional random * part of encryption process which prevents using fixed vectors. */ - PSA_ASSERT( psa_asymmetric_encrypt( key, alg, - input_data->x, input_data->len, - label->x, label->len, - output, output_size, - &output_length ) ); + PSA_ASSERT(psa_asymmetric_encrypt(key, alg, + input_data->x, input_data->len, + label->x, label->len, + output, output_size, + &output_length)); /* We don't know what ciphertext length to expect, but check that * it looks sensible. */ - TEST_LE_U( output_length, output_size ); + TEST_LE_U(output_length, output_size); - PSA_ASSERT( psa_asymmetric_decrypt( key, alg, - output, output_length, - label->x, label->len, - output2, output2_size, - &output2_length ) ); - ASSERT_COMPARE( input_data->x, input_data->len, - output2, output2_length ); + PSA_ASSERT(psa_asymmetric_decrypt(key, alg, + output, output_length, + label->x, label->len, + output2, output2_size, + &output2_length)); + ASSERT_COMPARE(input_data->x, input_data->len, + output2, output2_length); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - mbedtls_free( output ); - mbedtls_free( output2 ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output); + mbedtls_free(output2); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_decrypt( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - data_t *label, - data_t *expected_data ) +void asymmetric_decrypt(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *label, + data_t *expected_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -4286,65 +4297,65 @@ void asymmetric_decrypt( int key_type_arg, size_t output_length = ~0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); /* Determine the maximum ciphertext length */ - output_size = PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); - TEST_LE_U( output_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE ); - ASSERT_ALLOC( output, output_size ); - - PSA_ASSERT( psa_asymmetric_decrypt( key, alg, - input_data->x, input_data->len, - label->x, label->len, - output, - output_size, - &output_length ) ); - ASSERT_COMPARE( expected_data->x, expected_data->len, - output, output_length ); + output_size = PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg); + TEST_LE_U(output_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE); + ASSERT_ALLOC(output, output_size); + + PSA_ASSERT(psa_asymmetric_decrypt(key, alg, + input_data->x, input_data->len, + label->x, label->len, + output, + output_size, + &output_length)); + ASSERT_COMPARE(expected_data->x, expected_data->len, + output, output_length); /* If the label is empty, the test framework puts a non-null pointer * in label->x. Test that a null pointer works as well. */ - if( label->len == 0 ) - { + if (label->len == 0) { output_length = ~0; - if( output_size != 0 ) - memset( output, 0, output_size ); - PSA_ASSERT( psa_asymmetric_decrypt( key, alg, - input_data->x, input_data->len, - NULL, label->len, - output, - output_size, - &output_length ) ); - ASSERT_COMPARE( expected_data->x, expected_data->len, - output, output_length ); + if (output_size != 0) { + memset(output, 0, output_size); + } + PSA_ASSERT(psa_asymmetric_decrypt(key, alg, + input_data->x, input_data->len, + NULL, label->len, + output, + output_size, + &output_length)); + ASSERT_COMPARE(expected_data->x, expected_data->len, + output, output_length); } exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - mbedtls_free( output ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(output); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_decrypt_fail( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - data_t *label, - int output_size_arg, - int expected_status_arg ) +void asymmetric_decrypt_fail(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *label, + int output_size_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -4356,135 +4367,135 @@ void asymmetric_decrypt_fail( int key_type_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC( output, output_size ); + ASSERT_ALLOC(output, output_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - actual_status = psa_asymmetric_decrypt( key, alg, - input_data->x, input_data->len, - label->x, label->len, - output, output_size, - &output_length ); - TEST_EQUAL( actual_status, expected_status ); - TEST_LE_U( output_length, output_size ); + actual_status = psa_asymmetric_decrypt(key, alg, + input_data->x, input_data->len, + label->x, label->len, + output, output_size, + &output_length); + TEST_EQUAL(actual_status, expected_status); + TEST_LE_U(output_length, output_size); /* If the label is empty, the test framework puts a non-null pointer * in label->x. Test that a null pointer works as well. */ - if( label->len == 0 ) - { + if (label->len == 0) { output_length = ~0; - if( output_size != 0 ) - memset( output, 0, output_size ); - actual_status = psa_asymmetric_decrypt( key, alg, - input_data->x, input_data->len, - NULL, label->len, - output, output_size, - &output_length ); - TEST_EQUAL( actual_status, expected_status ); - TEST_LE_U( output_length, output_size ); + if (output_size != 0) { + memset(output, 0, output_size); + } + actual_status = psa_asymmetric_decrypt(key, alg, + input_data->x, input_data->len, + NULL, label->len, + output, output_size, + &output_length); + TEST_EQUAL(actual_status, expected_status); + TEST_LE_U(output_length, output_size); } exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - mbedtls_free( output ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(output); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_derivation_init( ) +void key_derivation_init() { /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need * to suppress the Clang warning for the test. */ size_t capacity; - psa_key_derivation_operation_t func = psa_key_derivation_operation_init( ); + psa_key_derivation_operation_t func = psa_key_derivation_operation_init(); psa_key_derivation_operation_t init = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_derivation_operation_t zero; - memset( &zero, 0, sizeof( zero ) ); + memset(&zero, 0, sizeof(zero)); /* A default operation should not be able to report its capacity. */ - TEST_EQUAL( psa_key_derivation_get_capacity( &func, &capacity ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_key_derivation_get_capacity( &init, &capacity ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_key_derivation_get_capacity( &zero, &capacity ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL(psa_key_derivation_get_capacity(&func, &capacity), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_key_derivation_get_capacity(&init, &capacity), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_key_derivation_get_capacity(&zero, &capacity), + PSA_ERROR_BAD_STATE); /* A default operation should be abortable without error. */ - PSA_ASSERT( psa_key_derivation_abort(&func) ); - PSA_ASSERT( psa_key_derivation_abort(&init) ); - PSA_ASSERT( psa_key_derivation_abort(&zero) ); + PSA_ASSERT(psa_key_derivation_abort(&func)); + PSA_ASSERT(psa_key_derivation_abort(&init)); + PSA_ASSERT(psa_key_derivation_abort(&zero)); } /* END_CASE */ /* BEGIN_CASE */ -void derive_setup( int alg_arg, int expected_status_arg ) +void derive_setup(int alg_arg, int expected_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - TEST_EQUAL( psa_key_derivation_setup( &operation, alg ), - expected_status ); + TEST_EQUAL(psa_key_derivation_setup(&operation, alg), + expected_status); exit: - psa_key_derivation_abort( &operation ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_set_capacity( int alg_arg, int capacity_arg, - int expected_status_arg ) +void derive_set_capacity(int alg_arg, int capacity_arg, + int expected_status_arg) { psa_algorithm_t alg = alg_arg; size_t capacity = capacity_arg; psa_status_t expected_status = expected_status_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); - TEST_EQUAL( psa_key_derivation_set_capacity( &operation, capacity ), - expected_status ); + TEST_EQUAL(psa_key_derivation_set_capacity(&operation, capacity), + expected_status); exit: - psa_key_derivation_abort( &operation ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_input( int alg_arg, - int step_arg1, int key_type_arg1, data_t *input1, - int expected_status_arg1, - int step_arg2, int key_type_arg2, data_t *input2, - int expected_status_arg2, - int step_arg3, int key_type_arg3, data_t *input3, - int expected_status_arg3, - int output_key_type_arg, int expected_output_status_arg ) +void derive_input(int alg_arg, + int step_arg1, int key_type_arg1, data_t *input1, + int expected_status_arg1, + int step_arg2, int key_type_arg2, data_t *input2, + int expected_status_arg2, + int step_arg3, int key_type_arg3, data_t *input3, + int expected_status_arg3, + int output_key_type_arg, int expected_output_status_arg) { psa_algorithm_t alg = alg_arg; - psa_key_derivation_step_t steps[] = {step_arg1, step_arg2, step_arg3}; - psa_key_type_t key_types[] = {key_type_arg1, key_type_arg2, key_type_arg3}; - psa_status_t expected_statuses[] = {expected_status_arg1, - expected_status_arg2, - expected_status_arg3}; - data_t *inputs[] = {input1, input2, input3}; + psa_key_derivation_step_t steps[] = { step_arg1, step_arg2, step_arg3 }; + psa_key_type_t key_types[] = { key_type_arg1, key_type_arg2, key_type_arg3 }; + psa_status_t expected_statuses[] = { expected_status_arg1, + expected_status_arg2, + expected_status_arg3 }; + data_t *inputs[] = { input1, input2, input3 }; mbedtls_svc_key_id_t keys[] = { MBEDTLS_SVC_KEY_ID_INIT, MBEDTLS_SVC_KEY_ID_INIT, MBEDTLS_SVC_KEY_ID_INIT }; @@ -4496,179 +4507,169 @@ void derive_input( int alg_arg, psa_status_t expected_output_status = expected_output_status_arg; psa_status_t actual_output_status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); - for( i = 0; i < ARRAY_LENGTH( steps ); i++ ) - { - mbedtls_test_set_step( i ); - if( steps[i] == 0 ) - { + for (i = 0; i < ARRAY_LENGTH(steps); i++) { + mbedtls_test_set_step(i); + if (steps[i] == 0) { /* Skip this step */ - } - else if( key_types[i] != PSA_KEY_TYPE_NONE ) - { - psa_set_key_type( &attributes, key_types[i] ); - PSA_ASSERT( psa_import_key( &attributes, - inputs[i]->x, inputs[i]->len, - &keys[i] ) ); - if( PSA_KEY_TYPE_IS_KEY_PAIR( key_types[i] ) && - steps[i] == PSA_KEY_DERIVATION_INPUT_SECRET ) - { + } else if (key_types[i] != PSA_KEY_TYPE_NONE) { + psa_set_key_type(&attributes, key_types[i]); + PSA_ASSERT(psa_import_key(&attributes, + inputs[i]->x, inputs[i]->len, + &keys[i])); + if (PSA_KEY_TYPE_IS_KEY_PAIR(key_types[i]) && + steps[i] == PSA_KEY_DERIVATION_INPUT_SECRET) { // When taking a private key as secret input, use key agreement // to add the shared secret to the derivation - TEST_EQUAL( mbedtls_test_psa_key_agreement_with_self( - &operation, keys[i] ), - expected_statuses[i] ); - } - else - { - TEST_EQUAL( psa_key_derivation_input_key( &operation, steps[i], - keys[i] ), - expected_statuses[i] ); + TEST_EQUAL(mbedtls_test_psa_key_agreement_with_self( + &operation, keys[i]), + expected_statuses[i]); + } else { + TEST_EQUAL(psa_key_derivation_input_key(&operation, steps[i], + keys[i]), + expected_statuses[i]); } - } - else - { - TEST_EQUAL( psa_key_derivation_input_bytes( - &operation, steps[i], - inputs[i]->x, inputs[i]->len ), - expected_statuses[i] ); + } else { + TEST_EQUAL(psa_key_derivation_input_bytes( + &operation, steps[i], + inputs[i]->x, inputs[i]->len), + expected_statuses[i]); } } - if( output_key_type != PSA_KEY_TYPE_NONE ) - { - psa_reset_key_attributes( &attributes ); - psa_set_key_type( &attributes, output_key_type ); - psa_set_key_bits( &attributes, 8 ); + if (output_key_type != PSA_KEY_TYPE_NONE) { + psa_reset_key_attributes(&attributes); + psa_set_key_type(&attributes, output_key_type); + psa_set_key_bits(&attributes, 8); actual_output_status = - psa_key_derivation_output_key( &attributes, &operation, - &output_key ); - } - else - { + psa_key_derivation_output_key(&attributes, &operation, + &output_key); + } else { uint8_t buffer[1]; actual_output_status = - psa_key_derivation_output_bytes( &operation, - buffer, sizeof( buffer ) ); + psa_key_derivation_output_bytes(&operation, + buffer, sizeof(buffer)); } - TEST_EQUAL( actual_output_status, expected_output_status ); + TEST_EQUAL(actual_output_status, expected_output_status); exit: - psa_key_derivation_abort( &operation ); - for( i = 0; i < ARRAY_LENGTH( keys ); i++ ) - psa_destroy_key( keys[i] ); - psa_destroy_key( output_key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + for (i = 0; i < ARRAY_LENGTH(keys); i++) { + psa_destroy_key(keys[i]); + } + psa_destroy_key(output_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_over_capacity( int alg_arg ) +void derive_over_capacity(int alg_arg) { psa_algorithm_t alg = alg_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; size_t key_type = PSA_KEY_TYPE_DERIVE; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char input1[] = "Input 1"; - size_t input1_length = sizeof( input1 ); + size_t input1_length = sizeof(input1); unsigned char input2[] = "Input 2"; - size_t input2_length = sizeof( input2 ); + size_t input2_length = sizeof(input2); uint8_t buffer[42]; - size_t capacity = sizeof( buffer ); + size_t capacity = sizeof(buffer); const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}; + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, - key_data, sizeof( key_data ), - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, + key_data, sizeof(key_data), + &key)); /* valid key derivation */ - if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, key, alg, - input1, input1_length, - input2, input2_length, - capacity ) ) + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, key, alg, + input1, input1_length, + input2, input2_length, + capacity)) { goto exit; + } /* state of operation shouldn't allow additional generation */ - TEST_EQUAL( psa_key_derivation_setup( &operation, alg ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL(psa_key_derivation_setup(&operation, alg), + PSA_ERROR_BAD_STATE); - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, buffer, capacity ) ); + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, buffer, capacity)); - TEST_EQUAL( psa_key_derivation_output_bytes( &operation, buffer, capacity ), - PSA_ERROR_INSUFFICIENT_DATA ); + TEST_EQUAL(psa_key_derivation_output_bytes(&operation, buffer, capacity), + PSA_ERROR_INSUFFICIENT_DATA); exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_actions_without_setup( ) +void derive_actions_without_setup() { uint8_t output_buffer[16]; size_t buffer_size = 16; size_t capacity = 0; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - TEST_ASSERT( psa_key_derivation_output_bytes( &operation, - output_buffer, buffer_size ) - == PSA_ERROR_BAD_STATE ); + TEST_ASSERT(psa_key_derivation_output_bytes(&operation, + output_buffer, buffer_size) + == PSA_ERROR_BAD_STATE); - TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity ) - == PSA_ERROR_BAD_STATE ); + TEST_ASSERT(psa_key_derivation_get_capacity(&operation, &capacity) + == PSA_ERROR_BAD_STATE); - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); + PSA_ASSERT(psa_key_derivation_abort(&operation)); - TEST_ASSERT( psa_key_derivation_output_bytes( &operation, - output_buffer, buffer_size ) - == PSA_ERROR_BAD_STATE ); + TEST_ASSERT(psa_key_derivation_output_bytes(&operation, + output_buffer, buffer_size) + == PSA_ERROR_BAD_STATE); - TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity ) - == PSA_ERROR_BAD_STATE ); + TEST_ASSERT(psa_key_derivation_get_capacity(&operation, &capacity) + == PSA_ERROR_BAD_STATE); exit: - psa_key_derivation_abort( &operation ); + psa_key_derivation_abort(&operation); } /* END_CASE */ /* BEGIN_CASE */ -void derive_output( int alg_arg, - int step1_arg, data_t *input1, - int step2_arg, data_t *input2, - int step3_arg, data_t *input3, - int requested_capacity_arg, - data_t *expected_output1, - data_t *expected_output2 ) +void derive_output(int alg_arg, + int step1_arg, data_t *input1, + int step2_arg, data_t *input2, + int step3_arg, data_t *input3, + int requested_capacity_arg, + data_t *expected_output1, + data_t *expected_output2) { psa_algorithm_t alg = alg_arg; - psa_key_derivation_step_t steps[] = {step1_arg, step2_arg, step3_arg}; - data_t *inputs[] = {input1, input2, input3}; + psa_key_derivation_step_t steps[] = { step1_arg, step2_arg, step3_arg }; + data_t *inputs[] = { input1, input2, input3 }; mbedtls_svc_key_id_t keys[] = { MBEDTLS_SVC_KEY_ID_INIT, MBEDTLS_SVC_KEY_ID_INIT, MBEDTLS_SVC_KEY_ID_INIT }; size_t requested_capacity = requested_capacity_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t *expected_outputs[2] = - {expected_output1->x, expected_output2->x}; + { expected_output1->x, expected_output2->x }; size_t output_sizes[2] = - {expected_output1->len, expected_output2->len}; + { expected_output1->len, expected_output2->len }; size_t output_buffer_size = 0; uint8_t *output_buffer = NULL; size_t expected_capacity; @@ -4677,107 +4678,103 @@ void derive_output( int alg_arg, psa_status_t status; size_t i; - for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ ) - { - if( output_sizes[i] > output_buffer_size ) + for (i = 0; i < ARRAY_LENGTH(expected_outputs); i++) { + if (output_sizes[i] > output_buffer_size) { output_buffer_size = output_sizes[i]; - if( output_sizes[i] == 0 ) + } + if (output_sizes[i] == 0) { expected_outputs[i] = NULL; + } } - ASSERT_ALLOC( output_buffer, output_buffer_size ); - PSA_ASSERT( psa_crypto_init( ) ); + ASSERT_ALLOC(output_buffer, output_buffer_size); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); /* Extraction phase. */ - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( psa_key_derivation_set_capacity( &operation, - requested_capacity ) ); - for( i = 0; i < ARRAY_LENGTH( steps ); i++ ) - { - switch( steps[i] ) - { + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); + PSA_ASSERT(psa_key_derivation_set_capacity(&operation, + requested_capacity)); + for (i = 0; i < ARRAY_LENGTH(steps); i++) { + switch (steps[i]) { case 0: break; case PSA_KEY_DERIVATION_INPUT_SECRET: - PSA_ASSERT( psa_import_key( &attributes, - inputs[i]->x, inputs[i]->len, - &keys[i] ) ); - - if ( PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) - { - PSA_ASSERT( psa_get_key_attributes( keys[i], &attributes ) ); - TEST_ASSERT( PSA_BITS_TO_BYTES( psa_get_key_bits( &attributes ) ) <= - PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE ); + PSA_ASSERT(psa_import_key(&attributes, + inputs[i]->x, inputs[i]->len, + &keys[i])); + + if (PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) { + PSA_ASSERT(psa_get_key_attributes(keys[i], &attributes)); + TEST_ASSERT(PSA_BITS_TO_BYTES(psa_get_key_bits(&attributes)) <= + PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE); } - PSA_ASSERT( psa_key_derivation_input_key( - &operation, steps[i], keys[i] ) ); + PSA_ASSERT(psa_key_derivation_input_key( + &operation, steps[i], keys[i])); break; default: - PSA_ASSERT( psa_key_derivation_input_bytes( - &operation, steps[i], - inputs[i]->x, inputs[i]->len ) ); + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, steps[i], + inputs[i]->x, inputs[i]->len)); break; } } - PSA_ASSERT( psa_key_derivation_get_capacity( &operation, - ¤t_capacity ) ); - TEST_EQUAL( current_capacity, requested_capacity ); + PSA_ASSERT(psa_key_derivation_get_capacity(&operation, + ¤t_capacity)); + TEST_EQUAL(current_capacity, requested_capacity); expected_capacity = requested_capacity; /* Expansion phase. */ - for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ ) - { + for (i = 0; i < ARRAY_LENGTH(expected_outputs); i++) { /* Read some bytes. */ - status = psa_key_derivation_output_bytes( &operation, - output_buffer, output_sizes[i] ); - if( expected_capacity == 0 && output_sizes[i] == 0 ) - { + status = psa_key_derivation_output_bytes(&operation, + output_buffer, output_sizes[i]); + if (expected_capacity == 0 && output_sizes[i] == 0) { /* Reading 0 bytes when 0 bytes are available can go either way. */ - TEST_ASSERT( status == PSA_SUCCESS || - status == PSA_ERROR_INSUFFICIENT_DATA ); + TEST_ASSERT(status == PSA_SUCCESS || + status == PSA_ERROR_INSUFFICIENT_DATA); continue; - } - else if( expected_capacity == 0 || - output_sizes[i] > expected_capacity ) - { + } else if (expected_capacity == 0 || + output_sizes[i] > expected_capacity) { /* Capacity exceeded. */ - TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_DATA ); + TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_DATA); expected_capacity = 0; continue; } /* Success. Check the read data. */ - PSA_ASSERT( status ); - if( output_sizes[i] != 0 ) - ASSERT_COMPARE( output_buffer, output_sizes[i], - expected_outputs[i], output_sizes[i] ); + PSA_ASSERT(status); + if (output_sizes[i] != 0) { + ASSERT_COMPARE(output_buffer, output_sizes[i], + expected_outputs[i], output_sizes[i]); + } /* Check the operation status. */ expected_capacity -= output_sizes[i]; - PSA_ASSERT( psa_key_derivation_get_capacity( &operation, - ¤t_capacity ) ); - TEST_EQUAL( expected_capacity, current_capacity ); + PSA_ASSERT(psa_key_derivation_get_capacity(&operation, + ¤t_capacity)); + TEST_EQUAL(expected_capacity, current_capacity); } - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); + PSA_ASSERT(psa_key_derivation_abort(&operation)); exit: - mbedtls_free( output_buffer ); - psa_key_derivation_abort( &operation ); - for( i = 0; i < ARRAY_LENGTH( keys ); i++ ) - psa_destroy_key( keys[i] ); - PSA_DONE( ); + mbedtls_free(output_buffer); + psa_key_derivation_abort(&operation); + for (i = 0; i < ARRAY_LENGTH(keys); i++) { + psa_destroy_key(keys[i]); + } + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_full( int alg_arg, - data_t *key_data, - data_t *input1, - data_t *input2, - int requested_capacity_arg ) +void derive_full(int alg_arg, + data_t *key_data, + data_t *input1, + data_t *input2, + int requested_capacity_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; @@ -4788,62 +4785,63 @@ void derive_full( int alg_arg, size_t current_capacity; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, key, alg, - input1->x, input1->len, - input2->x, input2->len, - requested_capacity ) ) + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, key, alg, + input1->x, input1->len, + input2->x, input2->len, + requested_capacity)) { goto exit; + } - PSA_ASSERT( psa_key_derivation_get_capacity( &operation, - ¤t_capacity ) ); - TEST_EQUAL( current_capacity, expected_capacity ); + PSA_ASSERT(psa_key_derivation_get_capacity(&operation, + ¤t_capacity)); + TEST_EQUAL(current_capacity, expected_capacity); /* Expansion phase. */ - while( current_capacity > 0 ) - { - size_t read_size = sizeof( output_buffer ); - if( read_size > current_capacity ) + while (current_capacity > 0) { + size_t read_size = sizeof(output_buffer); + if (read_size > current_capacity) { read_size = current_capacity; - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output_buffer, - read_size ) ); + } + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output_buffer, + read_size)); expected_capacity -= read_size; - PSA_ASSERT( psa_key_derivation_get_capacity( &operation, - ¤t_capacity ) ); - TEST_EQUAL( current_capacity, expected_capacity ); + PSA_ASSERT(psa_key_derivation_get_capacity(&operation, + ¤t_capacity)); + TEST_EQUAL(current_capacity, expected_capacity); } /* Check that the operation refuses to go over capacity. */ - TEST_EQUAL( psa_key_derivation_output_bytes( &operation, output_buffer, 1 ), - PSA_ERROR_INSUFFICIENT_DATA ); + TEST_EQUAL(psa_key_derivation_output_bytes(&operation, output_buffer, 1), + PSA_ERROR_INSUFFICIENT_DATA); - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); + PSA_ASSERT(psa_key_derivation_abort(&operation)); exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_key_exercise( int alg_arg, - data_t *key_data, - data_t *input1, - data_t *input2, - int derived_type_arg, - int derived_bits_arg, - int derived_usage_arg, - int derived_alg_arg ) +void derive_key_exercise(int alg_arg, + data_t *key_data, + data_t *input1, + data_t *input2, + int derived_type_arg, + int derived_bits_arg, + int derived_usage_arg, + int derived_alg_arg) { mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT; @@ -4852,63 +4850,65 @@ void derive_key_exercise( int alg_arg, size_t derived_bits = derived_bits_arg; psa_key_usage_t derived_usage = derived_usage_arg; psa_algorithm_t derived_alg = derived_alg_arg; - size_t capacity = PSA_BITS_TO_BYTES( derived_bits ); + size_t capacity = PSA_BITS_TO_BYTES(derived_bits); psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &base_key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &base_key)); /* Derive a key. */ - if ( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, base_key, alg, - input1->x, input1->len, - input2->x, input2->len, - capacity ) ) + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, base_key, alg, + input1->x, input1->len, + input2->x, input2->len, + capacity)) { goto exit; + } - psa_set_key_usage_flags( &attributes, derived_usage ); - psa_set_key_algorithm( &attributes, derived_alg ); - psa_set_key_type( &attributes, derived_type ); - psa_set_key_bits( &attributes, derived_bits ); - PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation, - &derived_key ) ); + psa_set_key_usage_flags(&attributes, derived_usage); + psa_set_key_algorithm(&attributes, derived_alg); + psa_set_key_type(&attributes, derived_type); + psa_set_key_bits(&attributes, derived_bits); + PSA_ASSERT(psa_key_derivation_output_key(&attributes, &operation, + &derived_key)); /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( derived_key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_type( &got_attributes ), derived_type ); - TEST_EQUAL( psa_get_key_bits( &got_attributes ), derived_bits ); + PSA_ASSERT(psa_get_key_attributes(derived_key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), derived_type); + TEST_EQUAL(psa_get_key_bits(&got_attributes), derived_bits); /* Exercise the derived key. */ - if( ! mbedtls_test_psa_exercise_key( derived_key, derived_usage, derived_alg ) ) + if (!mbedtls_test_psa_exercise_key(derived_key, derived_usage, derived_alg)) { goto exit; + } exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - psa_key_derivation_abort( &operation ); - psa_destroy_key( base_key ); - psa_destroy_key( derived_key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(base_key); + psa_destroy_key(derived_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_key_export( int alg_arg, - data_t *key_data, - data_t *input1, - data_t *input2, - int bytes1_arg, - int bytes2_arg ) +void derive_key_export(int alg_arg, + data_t *key_data, + data_t *input1, + data_t *input2, + int bytes1_arg, + int bytes2_arg) { mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT; @@ -4923,74 +4923,76 @@ void derive_key_export( int alg_arg, psa_key_attributes_t derived_attributes = PSA_KEY_ATTRIBUTES_INIT; size_t length; - ASSERT_ALLOC( output_buffer, capacity ); - ASSERT_ALLOC( export_buffer, capacity ); - PSA_ASSERT( psa_crypto_init( ) ); + ASSERT_ALLOC(output_buffer, capacity); + ASSERT_ALLOC(export_buffer, capacity); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &base_attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &base_attributes, alg ); - psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len, - &base_key ) ); + psa_set_key_usage_flags(&base_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&base_attributes, alg); + psa_set_key_type(&base_attributes, PSA_KEY_TYPE_DERIVE); + PSA_ASSERT(psa_import_key(&base_attributes, key_data->x, key_data->len, + &base_key)); /* Derive some material and output it. */ - if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, base_key, alg, - input1->x, input1->len, - input2->x, input2->len, - capacity ) ) + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, base_key, alg, + input1->x, input1->len, + input2->x, input2->len, + capacity)) { goto exit; + } - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output_buffer, - capacity ) ); - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output_buffer, + capacity)); + PSA_ASSERT(psa_key_derivation_abort(&operation)); /* Derive the same output again, but this time store it in key objects. */ - if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, base_key, alg, - input1->x, input1->len, - input2->x, input2->len, - capacity ) ) + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, base_key, alg, + input1->x, input1->len, + input2->x, input2->len, + capacity)) { goto exit; + } - psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &derived_attributes, 0 ); - psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); - psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation, - &derived_key ) ); - PSA_ASSERT( psa_export_key( derived_key, - export_buffer, bytes1, - &length ) ); - TEST_EQUAL( length, bytes1 ); - PSA_ASSERT( psa_destroy_key( derived_key ) ); - psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation, - &derived_key ) ); - PSA_ASSERT( psa_export_key( derived_key, - export_buffer + bytes1, bytes2, - &length ) ); - TEST_EQUAL( length, bytes2 ); + psa_set_key_usage_flags(&derived_attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&derived_attributes, 0); + psa_set_key_type(&derived_attributes, PSA_KEY_TYPE_RAW_DATA); + psa_set_key_bits(&derived_attributes, PSA_BYTES_TO_BITS(bytes1)); + PSA_ASSERT(psa_key_derivation_output_key(&derived_attributes, &operation, + &derived_key)); + PSA_ASSERT(psa_export_key(derived_key, + export_buffer, bytes1, + &length)); + TEST_EQUAL(length, bytes1); + PSA_ASSERT(psa_destroy_key(derived_key)); + psa_set_key_bits(&derived_attributes, PSA_BYTES_TO_BITS(bytes2)); + PSA_ASSERT(psa_key_derivation_output_key(&derived_attributes, &operation, + &derived_key)); + PSA_ASSERT(psa_export_key(derived_key, + export_buffer + bytes1, bytes2, + &length)); + TEST_EQUAL(length, bytes2); /* Compare the outputs from the two runs. */ - ASSERT_COMPARE( output_buffer, bytes1 + bytes2, - export_buffer, capacity ); + ASSERT_COMPARE(output_buffer, bytes1 + bytes2, + export_buffer, capacity); exit: - mbedtls_free( output_buffer ); - mbedtls_free( export_buffer ); - psa_key_derivation_abort( &operation ); - psa_destroy_key( base_key ); - psa_destroy_key( derived_key ); - PSA_DONE( ); + mbedtls_free(output_buffer); + mbedtls_free(export_buffer); + psa_key_derivation_abort(&operation); + psa_destroy_key(base_key); + psa_destroy_key(derived_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_key( int alg_arg, - data_t *key_data, data_t *input1, data_t *input2, - int type_arg, int bits_arg, - int expected_status_arg, - int is_large_output ) +void derive_key(int alg_arg, + data_t *key_data, data_t *input1, data_t *input2, + int type_arg, int bits_arg, + int expected_status_arg, + int is_large_output) { mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT; @@ -5002,46 +5004,48 @@ void derive_key( int alg_arg, psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t derived_attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &base_attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &base_attributes, alg ); - psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len, - &base_key ) ); + psa_set_key_usage_flags(&base_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&base_attributes, alg); + psa_set_key_type(&base_attributes, PSA_KEY_TYPE_DERIVE); + PSA_ASSERT(psa_import_key(&base_attributes, key_data->x, key_data->len, + &base_key)); - if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, base_key, alg, - input1->x, input1->len, - input2->x, input2->len, - SIZE_MAX ) ) + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, base_key, alg, + input1->x, input1->len, + input2->x, input2->len, + SIZE_MAX)) { goto exit; + } - psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &derived_attributes, 0 ); - psa_set_key_type( &derived_attributes, type ); - psa_set_key_bits( &derived_attributes, bits ); + psa_set_key_usage_flags(&derived_attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&derived_attributes, 0); + psa_set_key_type(&derived_attributes, type); + psa_set_key_bits(&derived_attributes, bits); psa_status_t status = - psa_key_derivation_output_key( &derived_attributes, - &operation, - &derived_key ); - if( is_large_output > 0 ) - TEST_ASSUME( status != PSA_ERROR_INSUFFICIENT_MEMORY ); - TEST_EQUAL( status, expected_status ); + psa_key_derivation_output_key(&derived_attributes, + &operation, + &derived_key); + if (is_large_output > 0) { + TEST_ASSUME(status != PSA_ERROR_INSUFFICIENT_MEMORY); + } + TEST_EQUAL(status, expected_status); exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( base_key ); - psa_destroy_key( derived_key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(base_key); + psa_destroy_key(derived_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_agreement_setup( int alg_arg, - int our_key_type_arg, int our_key_alg_arg, - data_t *our_key_data, data_t *peer_key_data, - int expected_status_arg ) +void key_agreement_setup(int alg_arg, + int our_key_type_arg, int our_key_alg_arg, + data_t *our_key_data, data_t *peer_key_data, + int expected_status_arg) { mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; @@ -5052,45 +5056,42 @@ void key_agreement_setup( int alg_arg, psa_status_t expected_status = expected_status_arg; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, our_key_alg ); - psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, - our_key_data->x, our_key_data->len, - &our_key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, our_key_alg); + psa_set_key_type(&attributes, our_key_type); + PSA_ASSERT(psa_import_key(&attributes, + our_key_data->x, our_key_data->len, + &our_key)); /* The tests currently include inputs that should fail at either step. * Test cases that fail at the setup step should be changed to call * key_derivation_setup instead, and this function should be renamed * to key_agreement_fail. */ - status = psa_key_derivation_setup( &operation, alg ); - if( status == PSA_SUCCESS ) - { - TEST_EQUAL( psa_key_derivation_key_agreement( - &operation, PSA_KEY_DERIVATION_INPUT_SECRET, - our_key, - peer_key_data->x, peer_key_data->len ), - expected_status ); - } - else - { - TEST_ASSERT( status == expected_status ); + status = psa_key_derivation_setup(&operation, alg); + if (status == PSA_SUCCESS) { + TEST_EQUAL(psa_key_derivation_key_agreement( + &operation, PSA_KEY_DERIVATION_INPUT_SECRET, + our_key, + peer_key_data->x, peer_key_data->len), + expected_status); + } else { + TEST_ASSERT(status == expected_status); } exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( our_key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(our_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void raw_key_agreement( int alg_arg, - int our_key_type_arg, data_t *our_key_data, - data_t *peer_key_data, - data_t *expected_output ) +void raw_key_agreement(int alg_arg, + int our_key_type_arg, data_t *our_key_data, + data_t *peer_key_data, + data_t *expected_output) { mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; @@ -5100,72 +5101,72 @@ void raw_key_agreement( int alg_arg, size_t output_length = ~0; size_t key_bits; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, - our_key_data->x, our_key_data->len, - &our_key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, our_key_type); + PSA_ASSERT(psa_import_key(&attributes, + our_key_data->x, our_key_data->len, + &our_key)); - PSA_ASSERT( psa_get_key_attributes( our_key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_get_key_attributes(our_key, &attributes)); + key_bits = psa_get_key_bits(&attributes); /* Validate size macros */ - TEST_LE_U( expected_output->len, - PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( our_key_type, key_bits ) ); - TEST_LE_U( PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( our_key_type, key_bits ), - PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE ); + TEST_LE_U(expected_output->len, + PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(our_key_type, key_bits)); + TEST_LE_U(PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(our_key_type, key_bits), + PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE); /* Good case with exact output size */ - ASSERT_ALLOC( output, expected_output->len ); - PSA_ASSERT( psa_raw_key_agreement( alg, our_key, - peer_key_data->x, peer_key_data->len, - output, expected_output->len, - &output_length ) ); - ASSERT_COMPARE( output, output_length, - expected_output->x, expected_output->len ); - mbedtls_free( output ); + ASSERT_ALLOC(output, expected_output->len); + PSA_ASSERT(psa_raw_key_agreement(alg, our_key, + peer_key_data->x, peer_key_data->len, + output, expected_output->len, + &output_length)); + ASSERT_COMPARE(output, output_length, + expected_output->x, expected_output->len); + mbedtls_free(output); output = NULL; output_length = ~0; /* Larger buffer */ - ASSERT_ALLOC( output, expected_output->len + 1 ); - PSA_ASSERT( psa_raw_key_agreement( alg, our_key, - peer_key_data->x, peer_key_data->len, - output, expected_output->len + 1, - &output_length ) ); - ASSERT_COMPARE( output, output_length, - expected_output->x, expected_output->len ); - mbedtls_free( output ); + ASSERT_ALLOC(output, expected_output->len + 1); + PSA_ASSERT(psa_raw_key_agreement(alg, our_key, + peer_key_data->x, peer_key_data->len, + output, expected_output->len + 1, + &output_length)); + ASSERT_COMPARE(output, output_length, + expected_output->x, expected_output->len); + mbedtls_free(output); output = NULL; output_length = ~0; /* Buffer too small */ - ASSERT_ALLOC( output, expected_output->len - 1 ); - TEST_EQUAL( psa_raw_key_agreement( alg, our_key, - peer_key_data->x, peer_key_data->len, - output, expected_output->len - 1, - &output_length ), - PSA_ERROR_BUFFER_TOO_SMALL ); + ASSERT_ALLOC(output, expected_output->len - 1); + TEST_EQUAL(psa_raw_key_agreement(alg, our_key, + peer_key_data->x, peer_key_data->len, + output, expected_output->len - 1, + &output_length), + PSA_ERROR_BUFFER_TOO_SMALL); /* Not required by the spec, but good robustness */ - TEST_LE_U( output_length, expected_output->len - 1 ); - mbedtls_free( output ); + TEST_LE_U(output_length, expected_output->len - 1); + mbedtls_free(output); output = NULL; exit: - mbedtls_free( output ); - psa_destroy_key( our_key ); - PSA_DONE( ); + mbedtls_free(output); + psa_destroy_key(our_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_agreement_capacity( int alg_arg, - int our_key_type_arg, data_t *our_key_data, - data_t *peer_key_data, - int expected_capacity_arg ) +void key_agreement_capacity(int alg_arg, + int our_key_type_arg, data_t *our_key_data, + data_t *peer_key_data, + int expected_capacity_arg) { mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; @@ -5175,57 +5176,55 @@ void key_agreement_capacity( int alg_arg, size_t actual_capacity; unsigned char output[16]; - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, - our_key_data->x, our_key_data->len, - &our_key ) ); - - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( psa_key_derivation_key_agreement( - &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, our_key, - peer_key_data->x, peer_key_data->len ) ); - if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) - { + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, our_key_type); + PSA_ASSERT(psa_import_key(&attributes, + our_key_data->x, our_key_data->len, + &our_key)); + + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); + PSA_ASSERT(psa_key_derivation_key_agreement( + &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, our_key, + peer_key_data->x, peer_key_data->len)); + if (PSA_ALG_IS_HKDF(PSA_ALG_KEY_AGREEMENT_GET_KDF(alg))) { /* The test data is for info="" */ - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_INFO, - NULL, 0 ) ); + PSA_ASSERT(psa_key_derivation_input_bytes(&operation, + PSA_KEY_DERIVATION_INPUT_INFO, + NULL, 0)); } /* Test the advertised capacity. */ - PSA_ASSERT( psa_key_derivation_get_capacity( - &operation, &actual_capacity ) ); - TEST_EQUAL( actual_capacity, (size_t) expected_capacity_arg ); + PSA_ASSERT(psa_key_derivation_get_capacity( + &operation, &actual_capacity)); + TEST_EQUAL(actual_capacity, (size_t) expected_capacity_arg); /* Test the actual capacity by reading the output. */ - while( actual_capacity > sizeof( output ) ) - { - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output, sizeof( output ) ) ); - actual_capacity -= sizeof( output ); + while (actual_capacity > sizeof(output)) { + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output, sizeof(output))); + actual_capacity -= sizeof(output); } - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output, actual_capacity ) ); - TEST_EQUAL( psa_key_derivation_output_bytes( &operation, output, 1 ), - PSA_ERROR_INSUFFICIENT_DATA ); + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output, actual_capacity)); + TEST_EQUAL(psa_key_derivation_output_bytes(&operation, output, 1), + PSA_ERROR_INSUFFICIENT_DATA); exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( our_key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(our_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_agreement_output( int alg_arg, - int our_key_type_arg, data_t *our_key_data, - data_t *peer_key_data, - data_t *expected_output1, data_t *expected_output2 ) +void key_agreement_output(int alg_arg, + int our_key_type_arg, data_t *our_key_data, + data_t *peer_key_data, + data_t *expected_output1, data_t *expected_output2) { mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; @@ -5234,55 +5233,53 @@ void key_agreement_output( int alg_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *actual_output = NULL; - ASSERT_ALLOC( actual_output, MAX( expected_output1->len, - expected_output2->len ) ); + ASSERT_ALLOC(actual_output, MAX(expected_output1->len, + expected_output2->len)); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, - our_key_data->x, our_key_data->len, - &our_key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, our_key_type); + PSA_ASSERT(psa_import_key(&attributes, + our_key_data->x, our_key_data->len, + &our_key)); - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( psa_key_derivation_key_agreement( - &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, our_key, - peer_key_data->x, peer_key_data->len ) ); - if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) - { + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); + PSA_ASSERT(psa_key_derivation_key_agreement( + &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, our_key, + peer_key_data->x, peer_key_data->len)); + if (PSA_ALG_IS_HKDF(PSA_ALG_KEY_AGREEMENT_GET_KDF(alg))) { /* The test data is for info="" */ - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_INFO, - NULL, 0 ) ); + PSA_ASSERT(psa_key_derivation_input_bytes(&operation, + PSA_KEY_DERIVATION_INPUT_INFO, + NULL, 0)); } - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - actual_output, - expected_output1->len ) ); - ASSERT_COMPARE( actual_output, expected_output1->len, - expected_output1->x, expected_output1->len ); - if( expected_output2->len != 0 ) - { - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - actual_output, - expected_output2->len ) ); - ASSERT_COMPARE( actual_output, expected_output2->len, - expected_output2->x, expected_output2->len ); + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + actual_output, + expected_output1->len)); + ASSERT_COMPARE(actual_output, expected_output1->len, + expected_output1->x, expected_output1->len); + if (expected_output2->len != 0) { + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + actual_output, + expected_output2->len)); + ASSERT_COMPARE(actual_output, expected_output2->len, + expected_output2->x, expected_output2->len); } exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( our_key ); - PSA_DONE( ); - mbedtls_free( actual_output ); + psa_key_derivation_abort(&operation); + psa_destroy_key(our_key); + PSA_DONE(); + mbedtls_free(actual_output); } /* END_CASE */ /* BEGIN_CASE */ -void generate_random( int bytes_arg ) +void generate_random(int bytes_arg) { size_t bytes = bytes_arg; unsigned char *output = NULL; @@ -5290,51 +5287,50 @@ void generate_random( int bytes_arg ) size_t i; unsigned run; - TEST_ASSERT( bytes_arg >= 0 ); + TEST_ASSERT(bytes_arg >= 0); - ASSERT_ALLOC( output, bytes ); - ASSERT_ALLOC( changed, bytes ); + ASSERT_ALLOC(output, bytes); + ASSERT_ALLOC(changed, bytes); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Run several times, to ensure that every output byte will be * nonzero at least once with overwhelming probability * (2^(-8*number_of_runs)). */ - for( run = 0; run < 10; run++ ) - { - if( bytes != 0 ) - memset( output, 0, bytes ); - PSA_ASSERT( psa_generate_random( output, bytes ) ); + for (run = 0; run < 10; run++) { + if (bytes != 0) { + memset(output, 0, bytes); + } + PSA_ASSERT(psa_generate_random(output, bytes)); - for( i = 0; i < bytes; i++ ) - { - if( output[i] != 0 ) + for (i = 0; i < bytes; i++) { + if (output[i] != 0) { ++changed[i]; + } } } /* Check that every byte was changed to nonzero at least once. This * validates that psa_generate_random is overwriting every byte of * the output buffer. */ - for( i = 0; i < bytes; i++ ) - { - TEST_ASSERT( changed[i] != 0 ); + for (i = 0; i < bytes; i++) { + TEST_ASSERT(changed[i] != 0); } exit: - PSA_DONE( ); - mbedtls_free( output ); - mbedtls_free( changed ); + PSA_DONE(); + mbedtls_free(output); + mbedtls_free(changed); } /* END_CASE */ /* BEGIN_CASE */ -void generate_key( int type_arg, - int bits_arg, - int usage_arg, - int alg_arg, - int expected_status_arg, - int is_large_key ) +void generate_key(int type_arg, + int bits_arg, + int usage_arg, + int alg_arg, + int expected_status_arg, + int is_large_key) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; @@ -5345,47 +5341,50 @@ void generate_key( int type_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); /* Generate a key */ - psa_status_t status = psa_generate_key( &attributes, &key ); + psa_status_t status = psa_generate_key(&attributes, &key); - if( is_large_key > 0 ) - TEST_ASSUME( status != PSA_ERROR_INSUFFICIENT_MEMORY ); - TEST_EQUAL( status , expected_status ); - if( expected_status != PSA_SUCCESS ) + if (is_large_key > 0) { + TEST_ASSUME(status != PSA_ERROR_INSUFFICIENT_MEMORY); + } + TEST_EQUAL(status, expected_status); + if (expected_status != PSA_SUCCESS) { goto exit; + } /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits ); + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), type); + TEST_EQUAL(psa_get_key_bits(&got_attributes), bits); /* Do something with the key according to its type and permitted usage. */ - if( ! mbedtls_test_psa_exercise_key( key, usage, alg ) ) + if (!mbedtls_test_psa_exercise_key(key, usage, alg)) { goto exit; + } exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:MBEDTLS_GENPRIME */ -void generate_key_rsa( int bits_arg, - data_t *e_arg, - int expected_status_arg ) +void generate_key_rsa(int bits_arg, + data_t *e_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = PSA_KEY_TYPE_RSA_KEY_PAIR; @@ -5396,56 +5395,58 @@ void generate_key_rsa( int bits_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *exported = NULL; size_t exported_size = - PSA_EXPORT_KEY_OUTPUT_SIZE( PSA_KEY_TYPE_RSA_PUBLIC_KEY, bits ); + PSA_EXPORT_KEY_OUTPUT_SIZE(PSA_KEY_TYPE_RSA_PUBLIC_KEY, bits); size_t exported_length = SIZE_MAX; uint8_t *e_read_buffer = NULL; int is_default_public_exponent = 0; - size_t e_read_size = PSA_KEY_DOMAIN_PARAMETERS_SIZE( type, bits ); + size_t e_read_size = PSA_KEY_DOMAIN_PARAMETERS_SIZE(type, bits); size_t e_read_length = SIZE_MAX; - if( e_arg->len == 0 || - ( e_arg->len == 3 && - e_arg->x[0] == 1 && e_arg->x[1] == 0 && e_arg->x[2] == 1 ) ) - { + if (e_arg->len == 0 || + (e_arg->len == 3 && + e_arg->x[0] == 1 && e_arg->x[1] == 0 && e_arg->x[2] == 1)) { is_default_public_exponent = 1; e_read_size = 0; } - ASSERT_ALLOC( e_read_buffer, e_read_size ); - ASSERT_ALLOC( exported, exported_size ); + ASSERT_ALLOC(e_read_buffer, e_read_size); + ASSERT_ALLOC(exported, exported_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - PSA_ASSERT( psa_set_key_domain_parameters( &attributes, type, - e_arg->x, e_arg->len ) ); - psa_set_key_bits( &attributes, bits ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_set_key_domain_parameters(&attributes, type, + e_arg->x, e_arg->len)); + psa_set_key_bits(&attributes, bits); /* Generate a key */ - TEST_EQUAL( psa_generate_key( &attributes, &key ), expected_status ); - if( expected_status != PSA_SUCCESS ) + TEST_EQUAL(psa_generate_key(&attributes, &key), expected_status); + if (expected_status != PSA_SUCCESS) { goto exit; + } /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); - PSA_ASSERT( psa_get_key_domain_parameters( &attributes, - e_read_buffer, e_read_size, - &e_read_length ) ); - if( is_default_public_exponent ) - TEST_EQUAL( e_read_length, 0 ); - else - ASSERT_COMPARE( e_read_buffer, e_read_length, e_arg->x, e_arg->len ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), type); + TEST_EQUAL(psa_get_key_bits(&attributes), bits); + PSA_ASSERT(psa_get_key_domain_parameters(&attributes, + e_read_buffer, e_read_size, + &e_read_length)); + if (is_default_public_exponent) { + TEST_EQUAL(e_read_length, 0); + } else { + ASSERT_COMPARE(e_read_buffer, e_read_length, e_arg->x, e_arg->len); + } /* Do something with the key according to its type and permitted usage. */ - if( ! mbedtls_test_psa_exercise_key( key, usage, alg ) ) + if (!mbedtls_test_psa_exercise_key(key, usage, alg)) { goto exit; + } /* Export the key and check the public exponent. */ - PSA_ASSERT( psa_export_public_key( key, - exported, exported_size, - &exported_length ) ); + PSA_ASSERT(psa_export_public_key(key, + exported, exported_size, + &exported_length)); { uint8_t *p = exported; uint8_t *end = exported + exported_length; @@ -5454,26 +5455,24 @@ void generate_key_rsa( int bits_arg, * modulus INTEGER, -- n * publicExponent INTEGER } -- e */ - TEST_EQUAL( 0, mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ) ); - TEST_ASSERT( mbedtls_test_asn1_skip_integer( &p, end, bits, bits, 1 ) ); - TEST_EQUAL( 0, mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_INTEGER ) ); - if( len >= 1 && p[0] == 0 ) - { + TEST_EQUAL(0, mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED)); + TEST_ASSERT(mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1)); + TEST_EQUAL(0, mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_INTEGER)); + if (len >= 1 && p[0] == 0) { ++p; --len; } - if( e_arg->len == 0 ) - { - TEST_EQUAL( len, 3 ); - TEST_EQUAL( p[0], 1 ); - TEST_EQUAL( p[1], 0 ); - TEST_EQUAL( p[2], 1 ); + if (e_arg->len == 0) { + TEST_EQUAL(len, 3); + TEST_EQUAL(p[0], 1); + TEST_EQUAL(p[1], 0); + TEST_EQUAL(p[2], 1); + } else { + ASSERT_COMPARE(p, len, e_arg->x, e_arg->len); } - else - ASSERT_COMPARE( p, len, e_arg->x, e_arg->len ); } exit: @@ -5481,22 +5480,22 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() or * set by psa_set_key_domain_parameters() thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( e_read_buffer ); - mbedtls_free( exported ); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(e_read_buffer); + mbedtls_free(exported); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ -void persistent_key_load_key_from_storage( data_t *data, - int type_arg, int bits_arg, - int usage_flags_arg, int alg_arg, - int generation_method ) +void persistent_key_load_key_from_storage(data_t *data, + int type_arg, int bits_arg, + int usage_flags_arg, int alg_arg, + int generation_method) { - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 1 ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, 1); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT; @@ -5507,130 +5506,128 @@ void persistent_key_load_key_from_storage( data_t *data, psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char *first_export = NULL; unsigned char *second_export = NULL; - size_t export_size = PSA_EXPORT_KEY_OUTPUT_SIZE( type, bits ); + size_t export_size = PSA_EXPORT_KEY_OUTPUT_SIZE(type, bits); size_t first_exported_length; size_t second_exported_length; - if( usage_flags & PSA_KEY_USAGE_EXPORT ) - { - ASSERT_ALLOC( first_export, export_size ); - ASSERT_ALLOC( second_export, export_size ); + if (usage_flags & PSA_KEY_USAGE_EXPORT) { + ASSERT_ALLOC(first_export, export_size); + ASSERT_ALLOC(second_export, export_size); } - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, key_id ); - psa_set_key_usage_flags( &attributes, usage_flags ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); + psa_set_key_id(&attributes, key_id); + psa_set_key_usage_flags(&attributes, usage_flags); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); - switch( generation_method ) - { + switch (generation_method) { case IMPORT_KEY: /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, + &key)); break; case GENERATE_KEY: /* Generate a key */ - PSA_ASSERT( psa_generate_key( &attributes, &key ) ); + PSA_ASSERT(psa_generate_key(&attributes, &key)); break; case DERIVE_KEY: #if defined(PSA_WANT_ALG_HKDF) && defined(PSA_WANT_ALG_SHA_256) - { - /* Create base key */ - psa_algorithm_t derive_alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 ); - psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_usage_flags( &base_attributes, - PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &base_attributes, derive_alg ); - psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &base_attributes, - data->x, data->len, - &base_key ) ); - /* Derive a key. */ - PSA_ASSERT( psa_key_derivation_setup( &operation, derive_alg ) ); - PSA_ASSERT( psa_key_derivation_input_key( - &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, base_key ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_INFO, - NULL, 0 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &attributes, - &operation, - &key ) ); - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); - PSA_ASSERT( psa_destroy_key( base_key ) ); - base_key = MBEDTLS_SVC_KEY_ID_INIT; - } + { + /* Create base key */ + psa_algorithm_t derive_alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); + psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_set_key_usage_flags(&base_attributes, + PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&base_attributes, derive_alg); + psa_set_key_type(&base_attributes, PSA_KEY_TYPE_DERIVE); + PSA_ASSERT(psa_import_key(&base_attributes, + data->x, data->len, + &base_key)); + /* Derive a key. */ + PSA_ASSERT(psa_key_derivation_setup(&operation, derive_alg)); + PSA_ASSERT(psa_key_derivation_input_key( + &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, base_key)); + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + NULL, 0)); + PSA_ASSERT(psa_key_derivation_output_key(&attributes, + &operation, + &key)); + PSA_ASSERT(psa_key_derivation_abort(&operation)); + PSA_ASSERT(psa_destroy_key(base_key)); + base_key = MBEDTLS_SVC_KEY_ID_INIT; + } #else - TEST_ASSUME( ! "KDF not supported in this configuration" ); + TEST_ASSUME(!"KDF not supported in this configuration"); #endif break; default: - TEST_ASSERT( ! "generation_method not implemented in test" ); + TEST_ASSERT(!"generation_method not implemented in test"); break; } - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); /* Export the key if permitted by the key policy. */ - if( usage_flags & PSA_KEY_USAGE_EXPORT ) - { - PSA_ASSERT( psa_export_key( key, - first_export, export_size, - &first_exported_length ) ); - if( generation_method == IMPORT_KEY ) - ASSERT_COMPARE( data->x, data->len, - first_export, first_exported_length ); + if (usage_flags & PSA_KEY_USAGE_EXPORT) { + PSA_ASSERT(psa_export_key(key, + first_export, export_size, + &first_exported_length)); + if (generation_method == IMPORT_KEY) { + ASSERT_COMPARE(data->x, data->len, + first_export, first_exported_length); + } } /* Shutdown and restart */ - PSA_ASSERT( psa_purge_key( key ) ); + PSA_ASSERT(psa_purge_key(key)); PSA_DONE(); - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); /* Check key slot still contains key data */ - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), key_id ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), - PSA_KEY_LIFETIME_PERSISTENT ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - mbedtls_test_update_key_usage_flags( usage_flags ) ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), key_id)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), + PSA_KEY_LIFETIME_PERSISTENT); + TEST_EQUAL(psa_get_key_type(&attributes), type); + TEST_EQUAL(psa_get_key_bits(&attributes), bits); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), + mbedtls_test_update_key_usage_flags(usage_flags)); + TEST_EQUAL(psa_get_key_algorithm(&attributes), alg); /* Export the key again if permitted by the key policy. */ - if( usage_flags & PSA_KEY_USAGE_EXPORT ) - { - PSA_ASSERT( psa_export_key( key, - second_export, export_size, - &second_exported_length ) ); - ASSERT_COMPARE( first_export, first_exported_length, - second_export, second_exported_length ); + if (usage_flags & PSA_KEY_USAGE_EXPORT) { + PSA_ASSERT(psa_export_key(key, + second_export, export_size, + &second_exported_length)); + ASSERT_COMPARE(first_export, first_exported_length, + second_export, second_exported_length); } /* Do something with the key according to its type and permitted usage. */ - if( ! mbedtls_test_psa_exercise_key( key, usage_flags, alg ) ) + if (!mbedtls_test_psa_exercise_key(key, usage_flags, alg)) { goto exit; + } exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( first_export ); - mbedtls_free( second_export ); - psa_key_derivation_abort( &operation ); - psa_destroy_key( base_key ); - psa_destroy_key( key ); + mbedtls_free(first_export); + mbedtls_free(second_export); + psa_key_derivation_abort(&operation); + psa_destroy_key(base_key); + psa_destroy_key(key); PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_attributes.function b/tests/suites/test_suite_psa_crypto_attributes.function index ce34fae74ba5..c933cb724256 100644 --- a/tests/suites/test_suite_psa_crypto_attributes.function +++ b/tests/suites/test_suite_psa_crypto_attributes.function @@ -8,12 +8,12 @@ */ /* BEGIN_CASE */ -void attributes_set_get( int owner_id_arg, int id_arg, int lifetime_arg, - int usage_flags_arg, int alg_arg, - int type_arg, int bits_arg ) +void attributes_set_get(int owner_id_arg, int id_arg, int lifetime_arg, + int usage_flags_arg, int alg_arg, + int type_arg, int bits_arg) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg); psa_key_lifetime_t lifetime = lifetime_arg; psa_key_usage_t usage_flags = usage_flags_arg; psa_algorithm_t alg = alg_arg; @@ -21,109 +21,112 @@ void attributes_set_get( int owner_id_arg, int id_arg, int lifetime_arg, size_t bits = bits_arg; TEST_EQUAL( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 ); + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(psa_get_key_id(&attributes)), 0); TEST_EQUAL( - MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_bits( &attributes ), 0 ); - - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, usage_flags ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); - - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), id ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); - - psa_reset_key_attributes( &attributes ); + MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(psa_get_key_id(&attributes)), 0); + TEST_EQUAL(psa_get_key_lifetime(&attributes), 0); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); + TEST_EQUAL(psa_get_key_type(&attributes), 0); + TEST_EQUAL(psa_get_key_bits(&attributes), 0); + + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, usage_flags); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); + + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), id)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), usage_flags); + TEST_EQUAL(psa_get_key_algorithm(&attributes), alg); + TEST_EQUAL(psa_get_key_type(&attributes), type); + TEST_EQUAL(psa_get_key_bits(&attributes), bits); + + psa_reset_key_attributes(&attributes); TEST_EQUAL( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 ); + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(psa_get_key_id(&attributes)), 0); TEST_EQUAL( - MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_bits( &attributes ), 0 ); + MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(psa_get_key_id(&attributes)), 0); + TEST_EQUAL(psa_get_key_lifetime(&attributes), 0); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); + TEST_EQUAL(psa_get_key_type(&attributes), 0); + TEST_EQUAL(psa_get_key_bits(&attributes), 0); } /* END_CASE */ /* BEGIN_CASE */ -void persistence_attributes( int id1_arg, int owner_id1_arg, int lifetime_arg, - int id2_arg, int owner_id2_arg, - int expected_id_arg, int expected_owner_id_arg, - int expected_lifetime_arg ) +void persistence_attributes(int id1_arg, int owner_id1_arg, int lifetime_arg, + int id2_arg, int owner_id2_arg, + int expected_id_arg, int expected_owner_id_arg, + int expected_lifetime_arg) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t id1 = - mbedtls_svc_key_id_make( owner_id1_arg, id1_arg ); + mbedtls_svc_key_id_make(owner_id1_arg, id1_arg); psa_key_lifetime_t lifetime = lifetime_arg; mbedtls_svc_key_id_t id2 = - mbedtls_svc_key_id_make( owner_id2_arg, id2_arg ); + mbedtls_svc_key_id_make(owner_id2_arg, id2_arg); mbedtls_svc_key_id_t expected_id = - mbedtls_svc_key_id_make( expected_owner_id_arg, expected_id_arg ); + mbedtls_svc_key_id_make(expected_owner_id_arg, expected_id_arg); psa_key_lifetime_t expected_lifetime = expected_lifetime_arg; - if( id1_arg != -1 ) - psa_set_key_id( &attributes, id1 ); - if( lifetime_arg != -1 ) - psa_set_key_lifetime( &attributes, lifetime ); - if( id2_arg != -1 ) - psa_set_key_id( &attributes, id2 ); - - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), expected_id ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), expected_lifetime ); + if (id1_arg != -1) { + psa_set_key_id(&attributes, id1); + } + if (lifetime_arg != -1) { + psa_set_key_lifetime(&attributes, lifetime); + } + if (id2_arg != -1) { + psa_set_key_id(&attributes, id2); + } + + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), expected_id)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), expected_lifetime); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_SE_C */ -void slot_number_attribute( ) +void slot_number_attribute() { psa_key_slot_number_t slot_number = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; /* Initially, there is no slot number. */ - TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ), - PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL(psa_get_key_slot_number(&attributes, &slot_number), + PSA_ERROR_INVALID_ARGUMENT); /* Test setting a slot number. */ - psa_set_key_slot_number( &attributes, 0 ); - PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) ); - TEST_EQUAL( slot_number, 0 ); + psa_set_key_slot_number(&attributes, 0); + PSA_ASSERT(psa_get_key_slot_number(&attributes, &slot_number)); + TEST_EQUAL(slot_number, 0); /* Test changing the slot number. */ - psa_set_key_slot_number( &attributes, 42 ); - PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) ); - TEST_EQUAL( slot_number, 42 ); + psa_set_key_slot_number(&attributes, 42); + PSA_ASSERT(psa_get_key_slot_number(&attributes, &slot_number)); + TEST_EQUAL(slot_number, 42); /* Test clearing the slot number. */ - psa_clear_key_slot_number( &attributes ); - TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ), - PSA_ERROR_INVALID_ARGUMENT ); + psa_clear_key_slot_number(&attributes); + TEST_EQUAL(psa_get_key_slot_number(&attributes, &slot_number), + PSA_ERROR_INVALID_ARGUMENT); /* Clearing again should have no effect. */ - psa_clear_key_slot_number( &attributes ); - TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ), - PSA_ERROR_INVALID_ARGUMENT ); + psa_clear_key_slot_number(&attributes); + TEST_EQUAL(psa_get_key_slot_number(&attributes, &slot_number), + PSA_ERROR_INVALID_ARGUMENT); /* Test that reset clears the slot number. */ - psa_set_key_slot_number( &attributes, 42 ); - PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) ); - TEST_EQUAL( slot_number, 42 ); - psa_reset_key_attributes( &attributes ); - TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ), - PSA_ERROR_INVALID_ARGUMENT ); + psa_set_key_slot_number(&attributes, 42); + PSA_ASSERT(psa_get_key_slot_number(&attributes, &slot_number)); + TEST_EQUAL(slot_number, 42); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(psa_get_key_slot_number(&attributes, &slot_number), + PSA_ERROR_INVALID_ARGUMENT); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 27d50b2e4695..953b9ffbce2f 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -8,14 +8,14 @@ */ /* BEGIN_CASE */ -void sign_hash( int key_type_arg, - int alg_arg, - int force_status_arg, - data_t *key_input, - data_t *data_input, - data_t *expected_output, - int fake_output, - int expected_status_arg ) +void sign_hash(int key_type_arg, + int alg_arg, + int force_status_arg, + data_t *key_input, + data_t *data_input, + data_t *expected_output, + int fake_output, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; @@ -31,18 +31,17 @@ void sign_hash( int key_type_arg, mbedtls_test_driver_signature_sign_hooks = mbedtls_test_driver_signature_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_type( &attributes, - key_type ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_import_key( &attributes, - key_input->x, key_input->len, - &key ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_type(&attributes, + key_type); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_import_key(&attributes, + key_input->x, key_input->len, + &key); mbedtls_test_driver_signature_sign_hooks.forced_status = force_status; - if( fake_output == 1 ) - { + if (fake_output == 1) { mbedtls_test_driver_signature_sign_hooks.forced_output = expected_output->x; mbedtls_test_driver_signature_sign_hooks.forced_output_length = @@ -51,46 +50,45 @@ void sign_hash( int key_type_arg, /* Allocate a buffer which has the size advertized by the * library. */ - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); - signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); - - TEST_ASSERT( signature_size != 0 ); - TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE ); - ASSERT_ALLOC( signature, signature_size ); - - actual_status = psa_sign_hash( key, alg, - data_input->x, data_input->len, - signature, signature_size, - &signature_length ); - TEST_EQUAL( actual_status, expected_status ); - if( expected_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( signature, signature_length, - expected_output->x, expected_output->len ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg); + + TEST_ASSERT(signature_size != 0); + TEST_ASSERT(signature_size <= PSA_SIGNATURE_MAX_SIZE); + ASSERT_ALLOC(signature, signature_size); + + actual_status = psa_sign_hash(key, alg, + data_input->x, data_input->len, + signature, signature_size, + &signature_length); + TEST_EQUAL(actual_status, expected_status); + if (expected_status == PSA_SUCCESS) { + ASSERT_COMPARE(signature, signature_length, + expected_output->x, expected_output->len); } - TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, 1 ); + TEST_EQUAL(mbedtls_test_driver_signature_sign_hooks.hits, 1); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); mbedtls_test_driver_signature_sign_hooks = mbedtls_test_driver_signature_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void verify_hash( int key_type_arg, - int key_type_public_arg, - int alg_arg, - int force_status_arg, - int register_public_key, - data_t *key_input, - data_t *data_input, - data_t *signature_input, - int expected_status_arg ) +void verify_hash(int key_type_arg, + int key_type_public_arg, + int alg_arg, + int force_status_arg, + int register_public_key, + data_t *key_input, + data_t *data_input, + data_t *signature_input, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; @@ -103,52 +101,49 @@ void verify_hash( int key_type_arg, mbedtls_test_driver_signature_verify_hooks = mbedtls_test_driver_signature_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); - if( register_public_key ) - { - psa_set_key_type( &attributes, key_type_public ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_import_key( &attributes, - key_input->x, key_input->len, - &key ); - } - else - { - psa_set_key_type( &attributes, key_type ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_import_key( &attributes, - key_input->x, key_input->len, - &key ); + PSA_ASSERT(psa_crypto_init()); + if (register_public_key) { + psa_set_key_type(&attributes, key_type_public); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_import_key(&attributes, + key_input->x, key_input->len, + &key); + } else { + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_import_key(&attributes, + key_input->x, key_input->len, + &key); } mbedtls_test_driver_signature_verify_hooks.forced_status = force_status; - actual_status = psa_verify_hash( key, alg, - data_input->x, data_input->len, - signature_input->x, signature_input->len ); - TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, 1 ); + actual_status = psa_verify_hash(key, alg, + data_input->x, data_input->len, + signature_input->x, signature_input->len); + TEST_EQUAL(actual_status, expected_status); + TEST_EQUAL(mbedtls_test_driver_signature_verify_hooks.hits, 1); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_signature_verify_hooks = mbedtls_test_driver_signature_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_message( int key_type_arg, - int alg_arg, - int force_status_arg, - data_t *key_input, - data_t *data_input, - data_t *expected_output, - int fake_output, - int expected_status_arg ) +void sign_message(int key_type_arg, + int alg_arg, + int force_status_arg, + data_t *key_input, + data_t *data_input, + data_t *expected_output, + int fake_output, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; @@ -164,17 +159,16 @@ void sign_message( int key_type_arg, mbedtls_test_driver_signature_sign_hooks = mbedtls_test_driver_signature_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_type( &attributes, key_type ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_import_key( &attributes, - key_input->x, key_input->len, - &key ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_import_key(&attributes, + key_input->x, key_input->len, + &key); mbedtls_test_driver_signature_sign_hooks.forced_status = force_status; - if( fake_output == 1 ) - { + if (fake_output == 1) { mbedtls_test_driver_signature_sign_hooks.forced_output = expected_output->x; mbedtls_test_driver_signature_sign_hooks.forced_output_length = @@ -183,48 +177,47 @@ void sign_message( int key_type_arg, /* Allocate a buffer which has the size advertized by the * library. */ - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); - signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); - - TEST_ASSERT( signature_size != 0 ); - TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE ); - ASSERT_ALLOC( signature, signature_size ); - - actual_status = psa_sign_message( key, alg, - data_input->x, data_input->len, - signature, signature_size, - &signature_length ); - TEST_EQUAL( actual_status, expected_status ); - if( expected_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( signature, signature_length, - expected_output->x, expected_output->len ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg); + + TEST_ASSERT(signature_size != 0); + TEST_ASSERT(signature_size <= PSA_SIGNATURE_MAX_SIZE); + ASSERT_ALLOC(signature, signature_size); + + actual_status = psa_sign_message(key, alg, + data_input->x, data_input->len, + signature, signature_size, + &signature_length); + TEST_EQUAL(actual_status, expected_status); + if (expected_status == PSA_SUCCESS) { + ASSERT_COMPARE(signature, signature_length, + expected_output->x, expected_output->len); } /* In the builtin algorithm the driver is called twice. */ - TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, - force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1 ); + TEST_EQUAL(mbedtls_test_driver_signature_sign_hooks.hits, + force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); mbedtls_test_driver_signature_sign_hooks = mbedtls_test_driver_signature_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void verify_message( int key_type_arg, - int key_type_public_arg, - int alg_arg, - int force_status_arg, - int register_public_key, - data_t *key_input, - data_t *data_input, - data_t *signature_input, - int expected_status_arg ) +void verify_message(int key_type_arg, + int key_type_public_arg, + int alg_arg, + int force_status_arg, + int register_public_key, + data_t *key_input, + data_t *data_input, + data_t *signature_input, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; @@ -237,131 +230,123 @@ void verify_message( int key_type_arg, mbedtls_test_driver_signature_verify_hooks = mbedtls_test_driver_signature_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); - if( register_public_key ) - { - psa_set_key_type( &attributes, key_type_public ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_import_key( &attributes, - key_input->x, key_input->len, - &key ); - } - else - { - psa_set_key_type( &attributes, key_type ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_import_key( &attributes, - key_input->x, key_input->len, - &key ); + PSA_ASSERT(psa_crypto_init()); + if (register_public_key) { + psa_set_key_type(&attributes, key_type_public); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_import_key(&attributes, + key_input->x, key_input->len, + &key); + } else { + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_import_key(&attributes, + key_input->x, key_input->len, + &key); } mbedtls_test_driver_signature_verify_hooks.forced_status = force_status; - actual_status = psa_verify_message( key, alg, - data_input->x, data_input->len, - signature_input->x, signature_input->len ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_verify_message(key, alg, + data_input->x, data_input->len, + signature_input->x, signature_input->len); + TEST_EQUAL(actual_status, expected_status); /* In the builtin algorithm the driver is called twice. */ - TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, - force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1 ); + TEST_EQUAL(mbedtls_test_driver_signature_verify_hooks.hits, + force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_signature_verify_hooks = mbedtls_test_driver_signature_hooks_init(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */ -void generate_key( int force_status_arg, - data_t *fake_output, - int expected_status_arg ) +void generate_key(int force_status_arg, + data_t *fake_output, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 ); + psa_algorithm_t alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256); const uint8_t *expected_output = NULL; size_t expected_output_length = 0; psa_status_t actual_status; - uint8_t actual_output[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(256)] = {0}; + uint8_t actual_output[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(256)] = { 0 }; size_t actual_output_length; mbedtls_test_driver_key_management_hooks = mbedtls_test_driver_key_management_hooks_init(); - psa_set_key_type( &attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); - psa_set_key_bits( &attributes, 256 ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type(&attributes, + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); + psa_set_key_bits(&attributes, 256); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, alg); - if( fake_output->len > 0 ) - { + if (fake_output->len > 0) { expected_output = mbedtls_test_driver_key_management_hooks.forced_output = - fake_output->x; + fake_output->x; expected_output_length = mbedtls_test_driver_key_management_hooks.forced_output_length = - fake_output->len; + fake_output->len; } mbedtls_test_driver_key_management_hooks.hits = 0; mbedtls_test_driver_key_management_hooks.forced_status = force_status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - actual_status = psa_generate_key( &attributes, &key ); - TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_generate_key(&attributes, &key); + TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1); + TEST_EQUAL(actual_status, expected_status); - if( actual_status == PSA_SUCCESS ) - { - psa_export_key( key, actual_output, sizeof(actual_output), &actual_output_length ); + if (actual_status == PSA_SUCCESS) { + psa_export_key(key, actual_output, sizeof(actual_output), &actual_output_length); - if( fake_output->len > 0 ) - { - ASSERT_COMPARE( actual_output, actual_output_length, - expected_output, expected_output_length ); - } - else - { + if (fake_output->len > 0) { + ASSERT_COMPARE(actual_output, actual_output_length, + expected_output, expected_output_length); + } else { size_t zeroes = 0; - for( size_t i = 0; i < sizeof(actual_output); i++ ) - { - if( actual_output[i] == 0) + for (size_t i = 0; i < sizeof(actual_output); i++) { + if (actual_output[i] == 0) { zeroes++; + } } - TEST_ASSERT( zeroes != sizeof(actual_output) ); + TEST_ASSERT(zeroes != sizeof(actual_output)); } } exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_key_management_hooks = mbedtls_test_driver_key_management_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void validate_key( int force_status_arg, - int location, - int owner_id_arg, - int id_arg, - int key_type_arg, - data_t *key_input, - int expected_status_arg ) +void validate_key(int force_status_arg, + int location, + int owner_id_arg, + int id_arg, + int key_type_arg, + data_t *key_input, + int expected_status_arg) { psa_key_lifetime_t lifetime = - PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ - PSA_KEY_PERSISTENCE_DEFAULT, location); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ + PSA_KEY_PERSISTENCE_DEFAULT, location); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg); psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; psa_key_type_t key_type = key_type_arg; @@ -371,38 +356,38 @@ void validate_key( int force_status_arg, mbedtls_test_driver_key_management_hooks = mbedtls_test_driver_key_management_hooks_init(); - psa_set_key_id( &attributes, id ); - psa_set_key_type( &attributes, - key_type ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_bits( &attributes, 0 ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_id(&attributes, id); + psa_set_key_type(&attributes, + key_type); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_bits(&attributes, 0); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); mbedtls_test_driver_key_management_hooks.forced_status = force_status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &key ); - TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); - TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( mbedtls_test_driver_key_management_hooks.location, location ); + actual_status = psa_import_key(&attributes, key_input->x, key_input->len, &key); + TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1); + TEST_EQUAL(actual_status, expected_status); + TEST_EQUAL(mbedtls_test_driver_key_management_hooks.location, location); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_key_management_hooks = mbedtls_test_driver_key_management_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void export_key( int force_status_arg, - data_t *fake_output, - int key_in_type_arg, - data_t *key_in, - int key_out_type_arg, - data_t *expected_output, - int expected_status_arg ) +void export_key(int force_status_arg, + data_t *fake_output, + int key_in_type_arg, + data_t *key_in, + int key_out_type_arg, + data_t *expected_output, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; @@ -413,30 +398,27 @@ void export_key( int force_status_arg, const uint8_t *expected_output_ptr = NULL; size_t expected_output_length = 0; psa_status_t actual_status; - uint8_t actual_output[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(256)] = {0}; + uint8_t actual_output[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(256)] = { 0 }; size_t actual_output_length; mbedtls_test_driver_key_management_hooks = mbedtls_test_driver_key_management_hooks_init(); - psa_set_key_type( &attributes, input_key_type ); - psa_set_key_bits( &attributes, 256 ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type(&attributes, input_key_type); + psa_set_key_bits(&attributes, 256); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_import_key( &attributes, key_in->x, key_in->len, &handle ) ); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_import_key(&attributes, key_in->x, key_in->len, &handle)); - if( fake_output->len > 0 ) - { + if (fake_output->len > 0) { expected_output_ptr = mbedtls_test_driver_key_management_hooks.forced_output = - fake_output->x; + fake_output->x; expected_output_length = mbedtls_test_driver_key_management_hooks.forced_output_length = - fake_output->len; - } - else - { + fake_output->len; + } else { expected_output_ptr = expected_output->x; expected_output_length = expected_output->len; } @@ -444,40 +426,47 @@ void export_key( int force_status_arg, mbedtls_test_driver_key_management_hooks.hits = 0; mbedtls_test_driver_key_management_hooks.forced_status = force_status; - if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) ) - actual_status = psa_export_public_key( handle, actual_output, sizeof(actual_output), &actual_output_length ); - else - actual_status = psa_export_key( handle, actual_output, sizeof(actual_output), &actual_output_length ); - TEST_EQUAL( actual_status, expected_status ); + if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(output_key_type)) { + actual_status = psa_export_public_key(handle, + actual_output, + sizeof(actual_output), + &actual_output_length); + } else { + actual_status = psa_export_key(handle, + actual_output, + sizeof(actual_output), + &actual_output_length); + } + TEST_EQUAL(actual_status, expected_status); - if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) && - !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( input_key_type ) ) - TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); + if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(output_key_type) && + !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(input_key_type)) { + TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1); + } - if( actual_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( actual_output, actual_output_length, - expected_output_ptr, expected_output_length ); + if (actual_status == PSA_SUCCESS) { + ASSERT_COMPARE(actual_output, actual_output_length, + expected_output_ptr, expected_output_length); } exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(handle); + PSA_DONE(); mbedtls_test_driver_key_management_hooks = mbedtls_test_driver_key_management_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_validation( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input ) +void cipher_encrypt_validation(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg ); + size_t iv_size = PSA_CIPHER_IV_LENGTH(key_type, alg); unsigned char *output1 = NULL; size_t output1_buffer_size = 0; size_t output1_length = 0; @@ -489,81 +478,81 @@ void cipher_encrypt_validation( int alg_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); - ASSERT_ALLOC( output1, output1_buffer_size ); - ASSERT_ALLOC( output2, output2_buffer_size ); + output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); + output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) + + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); + ASSERT_ALLOC(output1, output1_buffer_size); + ASSERT_ALLOC(output2, output2_buffer_size); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1, - output1_buffer_size, &output1_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len, output1, + output1_buffer_size, &output1_length)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + PSA_ASSERT(psa_cipher_set_iv(&operation, output1, iv_size)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - PSA_ASSERT( psa_cipher_update( &operation, - input->x, input->len, - output2, output2_buffer_size, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + PSA_ASSERT(psa_cipher_update(&operation, + input->x, input->len, + output2, output2_buffer_size, + &function_output_length)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; output2_length += function_output_length; - PSA_ASSERT( psa_cipher_finish( &operation, - output2 + output2_length, - output2_buffer_size - output2_length, - &function_output_length ) ); + PSA_ASSERT(psa_cipher_finish(&operation, + output2 + output2_length, + output2_buffer_size - output2_length, + &function_output_length)); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2); mbedtls_test_driver_cipher_hooks.hits = 0; output2_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation ) ); + PSA_ASSERT(psa_cipher_abort(&operation)); // driver function should've been called as part of the finish() core routine - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size, - output2, output2_length ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); + ASSERT_COMPARE(output1 + iv_size, output1_length - iv_size, + output2, output2_length); exit: - psa_cipher_abort( &operation ); - mbedtls_free( output1 ); - mbedtls_free( output2 ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output1); + mbedtls_free(output2); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_multipart( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input, - int first_part_size_arg, - int output1_length_arg, - int output2_length_arg, - data_t *expected_output, - int mock_output_arg, - int force_status_arg, - int expected_status_arg ) +void cipher_encrypt_multipart(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input, + int first_part_size_arg, + int output1_length_arg, + int output2_length_arg, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -585,117 +574,113 @@ void cipher_encrypt_multipart( int alg_arg, /* Test operation initialization */ mbedtls_psa_cipher_operation_t mbedtls_operation = - MBEDTLS_PSA_CIPHER_OPERATION_INIT; + MBEDTLS_PSA_CIPHER_OPERATION_INIT; mbedtls_transparent_test_driver_cipher_operation_t transparent_operation = - MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; + MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = - MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; + MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; operation.ctx.mbedtls_ctx = mbedtls_operation; operation.ctx.transparent_test_driver_ctx = transparent_operation; operation.ctx.opaque_test_driver_ctx = opaque_operation; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + PSA_ASSERT(psa_cipher_set_iv(&operation, iv->x, iv->len)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0)); mbedtls_test_driver_cipher_hooks.hits = 0; - output_buffer_size = ( (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); - ASSERT_ALLOC( output, output_buffer_size ); + output_buffer_size = ((size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type)); + ASSERT_ALLOC(output, output_buffer_size); - if( mock_output_arg ) - { + if (mock_output_arg) { mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } - TEST_ASSERT( first_part_size <= input->len ); - PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + TEST_ASSERT(first_part_size <= input->len); + PSA_ASSERT(psa_cipher_update(&operation, input->x, first_part_size, + output, output_buffer_size, + &function_output_length)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0)); mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_ASSERT( function_output_length == output1_length ); + TEST_ASSERT(function_output_length == output1_length); total_output_length += function_output_length; - if( first_part_size < input->len ) - { - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + if (first_part_size < input->len) { + PSA_ASSERT(psa_cipher_update(&operation, + input->x + first_part_size, + input->len - first_part_size, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_ASSERT( function_output_length == output2_length ); + TEST_ASSERT(function_output_length == output2_length); total_output_length += function_output_length; } - if( mock_output_arg ) - { + if (mock_output_arg) { mbedtls_test_driver_cipher_hooks.forced_output = NULL; mbedtls_test_driver_cipher_hooks.forced_output_length = 0; } - status = psa_cipher_finish( &operation, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ); + status = psa_cipher_finish(&operation, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); - mbedtls_test_driver_cipher_hooks.hits = 0 ; + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 2 : 0)); + mbedtls_test_driver_cipher_hooks.hits = 0; total_output_length += function_output_length; - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(psa_cipher_abort(&operation)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); + ASSERT_COMPARE(expected_output->x, expected_output->len, + output, total_output_length); } exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt_multipart( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input, - int first_part_size_arg, - int output1_length_arg, - int output2_length_arg, - data_t *expected_output, - int mock_output_arg, - int force_status_arg, - int expected_status_arg ) +void cipher_decrypt_multipart(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input, + int first_part_size_arg, + int output1_length_arg, + int output2_length_arg, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -717,115 +702,111 @@ void cipher_decrypt_multipart( int alg_arg, /* Test operation initialization */ mbedtls_psa_cipher_operation_t mbedtls_operation = - MBEDTLS_PSA_CIPHER_OPERATION_INIT; + MBEDTLS_PSA_CIPHER_OPERATION_INIT; mbedtls_transparent_test_driver_cipher_operation_t transparent_operation = - MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; + MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = - MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; + MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; operation.ctx.mbedtls_ctx = mbedtls_operation; operation.ctx.transparent_test_driver_ctx = transparent_operation; operation.ctx.opaque_test_driver_ctx = opaque_operation; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + PSA_ASSERT(psa_cipher_set_iv(&operation, iv->x, iv->len)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0)); mbedtls_test_driver_cipher_hooks.hits = 0; - output_buffer_size = ( (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); - ASSERT_ALLOC( output, output_buffer_size ); + output_buffer_size = ((size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type)); + ASSERT_ALLOC(output, output_buffer_size); - if( mock_output_arg ) - { + if (mock_output_arg) { mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } - TEST_ASSERT( first_part_size <= input->len ); - PSA_ASSERT( psa_cipher_update( &operation, - input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + TEST_ASSERT(first_part_size <= input->len); + PSA_ASSERT(psa_cipher_update(&operation, + input->x, first_part_size, + output, output_buffer_size, + &function_output_length)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0)); mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_ASSERT( function_output_length == output1_length ); + TEST_ASSERT(function_output_length == output1_length); total_output_length += function_output_length; - if( first_part_size < input->len ) - { - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + if (first_part_size < input->len) { + PSA_ASSERT(psa_cipher_update(&operation, + input->x + first_part_size, + input->len - first_part_size, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0)); mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_ASSERT( function_output_length == output2_length ); + TEST_ASSERT(function_output_length == output2_length); total_output_length += function_output_length; } - if( mock_output_arg ) - { + if (mock_output_arg) { mbedtls_test_driver_cipher_hooks.forced_output = NULL; mbedtls_test_driver_cipher_hooks.forced_output_length = 0; } - status = psa_cipher_finish( &operation, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ); + status = psa_cipher_finish(&operation, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 2 : 0)); mbedtls_test_driver_cipher_hooks.hits = 0; total_output_length += function_output_length; - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(psa_cipher_abort(&operation)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); + ASSERT_COMPARE(expected_output->x, expected_output->len, + output, total_output_length); } exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input_arg, - data_t *expected_output, - int mock_output_arg, - int force_status_arg, - int expected_status_arg ) +void cipher_decrypt(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -842,59 +823,56 @@ void cipher_decrypt( int alg_arg, mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); mbedtls_test_driver_cipher_hooks.forced_status = force_status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); /* Allocate input buffer and copy the iv and the plaintext */ - input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); - if ( input_buffer_size > 0 ) - { - ASSERT_ALLOC( input, input_buffer_size ); - memcpy( input, iv->x, iv->len ); - memcpy( input + iv->len, input_arg->x, input_arg->len ); + input_buffer_size = ((size_t) input_arg->len + (size_t) iv->len); + if (input_buffer_size > 0) { + ASSERT_ALLOC(input, input_buffer_size); + memcpy(input, iv->x, iv->len); + memcpy(input + iv->len, input_arg->x, input_arg->len); } - output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); - ASSERT_ALLOC( output, output_buffer_size ); + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size); + ASSERT_ALLOC(output, output_buffer_size); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - if( mock_output_arg ) - { + if (mock_output_arg) { mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } - status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output, - output_buffer_size, &output_length ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + status = psa_cipher_decrypt(key, alg, input, input_buffer_size, output, + output_buffer_size, &output_length); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); - if( expected_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, output_length ); + if (expected_status == PSA_SUCCESS) { + ASSERT_COMPARE(expected_output->x, expected_output->len, + output, output_length); } exit: - mbedtls_free( input ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(input); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_entry_points( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input ) +void cipher_entry_points(int alg_arg, int key_type_arg, + data_t *key_data, data_t *iv, + data_t *input) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -907,17 +885,17 @@ void cipher_entry_points( int alg_arg, int key_type_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); - ASSERT_ALLOC( output, input->len + 16 ); + ASSERT_ALLOC(output, input->len + 16); output_buffer_size = input->len + 16; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* * Test encrypt failure @@ -926,195 +904,195 @@ void cipher_entry_points( int alg_arg, int key_type_arg, */ status = psa_cipher_encrypt( key, alg, input->x, input->len, - output, output_buffer_size, &function_output_length ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, PSA_SUCCESS ); + output, output_buffer_size, &function_output_length); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, PSA_SUCCESS); mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; /* Set the output buffer in a given state. */ - for( size_t i = 0; i < output_buffer_size; i++ ) + for (size_t i = 0; i < output_buffer_size; i++) { output[i] = 0xa5; + } status = psa_cipher_encrypt( key, alg, input->x, input->len, - output, output_buffer_size, &function_output_length ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, PSA_ERROR_GENERIC_ERROR ); + output, output_buffer_size, &function_output_length); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, PSA_ERROR_GENERIC_ERROR); /* * Check that the output buffer is still in the same state. * This will fail if the output buffer is used by the core to pass the IV * it generated to the driver (and is not restored). */ - for( size_t i = 0; i < output_buffer_size; i++ ) - { - TEST_EQUAL( output[i], 0xa5 ); + for (size_t i = 0; i < output_buffer_size; i++) { + TEST_EQUAL(output[i], 0xa5); } mbedtls_test_driver_cipher_hooks.hits = 0; /* Test setup call, encrypt */ mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; - status = psa_cipher_encrypt_setup( &operation, key, alg ); + status = psa_cipher_encrypt_setup(&operation, key, alg); /* When setup fails, it shouldn't call any further entry points */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_set_iv( &operation, iv->x, iv->len ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + status = psa_cipher_set_iv(&operation, iv->x, iv->len); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); /* Test setup call failure, decrypt */ - status = psa_cipher_decrypt_setup( &operation, key, alg ); + status = psa_cipher_decrypt_setup(&operation, key, alg); /* When setup fails, it shouldn't call any further entry points */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_set_iv( &operation, iv->x, iv->len ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + status = psa_cipher_set_iv(&operation, iv->x, iv->len); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); /* Test IV setting failure */ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; - status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_encrypt_setup(&operation, key, alg); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; - status = psa_cipher_set_iv( &operation, iv->x, iv->len ); + status = psa_cipher_set_iv(&operation, iv->x, iv->len); /* When setting the IV fails, it should call abort too */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); /* Failure should prevent further operations from executing on the driver */ mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - psa_cipher_abort( &operation ); + status = psa_cipher_update(&operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); + psa_cipher_abort(&operation); /* Test IV generation failure */ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; - status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_encrypt_setup(&operation, key, alg); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; /* Set the output buffer in a given state. */ - for( size_t i = 0; i < 16; i++ ) + for (size_t i = 0; i < 16; i++) { output[i] = 0xa5; + } - status = psa_cipher_generate_iv( &operation, output, 16, &function_output_length ); + status = psa_cipher_generate_iv(&operation, output, 16, &function_output_length); /* When generating the IV fails, it should call abort too */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); /* * Check that the output buffer is still in the same state. * This will fail if the output buffer is used by the core to pass the IV * it generated to the driver (and is not restored). */ - for( size_t i = 0; i < 16; i++ ) - { - TEST_EQUAL( output[i], 0xa5 ); + for (size_t i = 0; i < 16; i++) { + TEST_EQUAL(output[i], 0xa5); } /* Failure should prevent further operations from executing on the driver */ mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - psa_cipher_abort( &operation ); + status = psa_cipher_update(&operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); + psa_cipher_abort(&operation); /* Test update failure */ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; - status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_encrypt_setup(&operation, key, alg); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_set_iv( &operation, iv->x, iv->len ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_set_iv(&operation, iv->x, iv->len); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; - status = psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ); + status = psa_cipher_update(&operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length); /* When the update call fails, it should call abort too */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); /* Failure should prevent further operations from executing on the driver */ mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - psa_cipher_abort( &operation ); + status = psa_cipher_update(&operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); + psa_cipher_abort(&operation); /* Test finish failure */ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; - status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_encrypt_setup(&operation, key, alg); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_set_iv( &operation, iv->x, iv->len ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_set_iv(&operation, iv->x, iv->len); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_update(&operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; - status = psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size - function_output_length, - &function_output_length ); + status = psa_cipher_finish(&operation, + output + function_output_length, + output_buffer_size - function_output_length, + &function_output_length); /* When the finish call fails, it should call abort too */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); /* Failure should prevent further operations from executing on the driver */ mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - psa_cipher_abort( &operation ); + status = psa_cipher_update(&operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); + psa_cipher_abort(&operation); exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_encrypt( int key_type_arg, data_t *key_data, - int alg_arg, - data_t *nonce, - data_t *additional_data, - data_t *input_data, - data_t *expected_result, - int forced_status_arg ) +void aead_encrypt(int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data, + data_t *expected_result, + int forced_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -1128,62 +1106,61 @@ void aead_encrypt( int key_type_arg, data_t *key_data, psa_status_t status = PSA_ERROR_GENERIC_ERROR; mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, - alg ); + output_size = input_data->len + PSA_AEAD_TAG_LENGTH(key_type, key_bits, + alg); /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE * should be exact. */ - TEST_EQUAL( output_size, - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); - ASSERT_ALLOC( output_data, output_size ); + TEST_EQUAL(output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_data->len)); + TEST_ASSERT(output_size <= + PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len)); + ASSERT_ALLOC(output_data, output_size); mbedtls_test_driver_aead_hooks.forced_status = forced_status; - status = psa_aead_encrypt( key, alg, - nonce->x, nonce->len, - additional_data->x, additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ); - TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status ); - - TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ? - PSA_SUCCESS : forced_status ); - - if( status == PSA_SUCCESS ) - { - ASSERT_COMPARE( expected_result->x, expected_result->len, - output_data, output_length ); + status = psa_aead_encrypt(key, alg, + nonce->x, nonce->len, + additional_data->x, additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length); + TEST_EQUAL(mbedtls_test_driver_aead_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_aead_hooks.driver_status, forced_status); + + TEST_EQUAL(status, (forced_status == PSA_ERROR_NOT_SUPPORTED) ? + PSA_SUCCESS : forced_status); + + if (status == PSA_SUCCESS) { + ASSERT_COMPARE(expected_result->x, expected_result->len, + output_data, output_length); } exit: - psa_destroy_key( key ); - mbedtls_free( output_data ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output_data); + PSA_DONE(); mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_decrypt( int key_type_arg, data_t *key_data, - int alg_arg, - data_t *nonce, - data_t *additional_data, - data_t *input_data, - data_t *expected_data, - int forced_status_arg ) +void aead_decrypt(int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data, + data_t *expected_data, + int forced_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -1197,56 +1174,55 @@ void aead_decrypt( int key_type_arg, data_t *key_data, psa_status_t status = PSA_ERROR_GENERIC_ERROR; mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits, - alg ); - ASSERT_ALLOC( output_data, output_size ); + output_size = input_data->len - PSA_AEAD_TAG_LENGTH(key_type, key_bits, + alg); + ASSERT_ALLOC(output_data, output_size); mbedtls_test_driver_aead_hooks.forced_status = forced_status; - status = psa_aead_decrypt( key, alg, - nonce->x, nonce->len, - additional_data->x, - additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ); - TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status ); - - TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ? - PSA_SUCCESS : forced_status ); - - if( status == PSA_SUCCESS ) - { - ASSERT_COMPARE( expected_data->x, expected_data->len, - output_data, output_length ); + status = psa_aead_decrypt(key, alg, + nonce->x, nonce->len, + additional_data->x, + additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length); + TEST_EQUAL(mbedtls_test_driver_aead_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_aead_hooks.driver_status, forced_status); + + TEST_EQUAL(status, (forced_status == PSA_ERROR_NOT_SUPPORTED) ? + PSA_SUCCESS : forced_status); + + if (status == PSA_SUCCESS) { + ASSERT_COMPARE(expected_data->x, expected_data->len, + output_data, output_length); } exit: - psa_destroy_key( key ); - mbedtls_free( output_data ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output_data); + PSA_DONE(); mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void mac_sign( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input, - data_t *expected_mac, - int forced_status_arg ) +void mac_sign(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input, + data_t *expected_mac, + int forced_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -1255,125 +1231,124 @@ void mac_sign( int key_type_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *actual_mac = NULL; size_t mac_buffer_size = - PSA_MAC_LENGTH( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg ); + PSA_MAC_LENGTH(key_type, PSA_BYTES_TO_BITS(key_data->len), alg); size_t mac_length = 0; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t forced_status = forced_status_arg; mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); - TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE ); + TEST_ASSERT(mac_buffer_size <= PSA_MAC_MAX_SIZE); /* We expect PSA_MAC_LENGTH to be exact. */ - TEST_ASSERT( expected_mac->len == mac_buffer_size ); + TEST_ASSERT(expected_mac->len == mac_buffer_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - ASSERT_ALLOC( actual_mac, mac_buffer_size ); + ASSERT_ALLOC(actual_mac, mac_buffer_size); mbedtls_test_driver_mac_hooks.forced_status = forced_status; /* * Calculate the MAC, one-shot case. */ - status = psa_mac_compute( key, alg, - input->x, input->len, - actual_mac, mac_buffer_size, - &mac_length ); - - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + status = psa_mac_compute(key, alg, + input->x, input->len, + actual_mac, mac_buffer_size, + &mac_length); + + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(forced_status, status); } - else - TEST_EQUAL( forced_status, status ); - if( mac_buffer_size > 0 ) - memset( actual_mac, 0, mac_buffer_size ); + if (mac_buffer_size > 0) { + memset(actual_mac, 0, mac_buffer_size); + } mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); mbedtls_test_driver_mac_hooks.forced_status = forced_status; /* * Calculate the MAC, multipart case. */ - status = psa_mac_sign_setup( &operation, key, alg ); - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); + status = psa_mac_sign_setup(&operation, key, alg); + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(forced_status, status); + } + + status = psa_mac_update(&operation, + input->x, input->len); + if (forced_status == PSA_SUCCESS) { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 2); + } else { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + } + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(PSA_ERROR_BAD_STATE, status); + } - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + status = psa_mac_sign_finish(&operation, + actual_mac, mac_buffer_size, + &mac_length); + if (forced_status == PSA_SUCCESS) { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 4); + } else { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); } - else - TEST_EQUAL( forced_status, status ); - - status = psa_mac_update( &operation, - input->x, input->len ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 2 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(PSA_ERROR_BAD_STATE, status); } - else - TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); - - status = psa_mac_sign_finish( &operation, - actual_mac, mac_buffer_size, - &mac_length ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + + PSA_ASSERT(psa_mac_abort(&operation)); + if (forced_status == PSA_SUCCESS) { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 4); + } else { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); } - else - TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); - - PSA_ASSERT( psa_mac_abort( &operation ) ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - - if( forced_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( expected_mac->x, expected_mac->len, - actual_mac, mac_length ); + + if (forced_status == PSA_SUCCESS) { + ASSERT_COMPARE(expected_mac->x, expected_mac->len, + actual_mac, mac_length); } - mbedtls_free( actual_mac ); + mbedtls_free(actual_mac); actual_mac = NULL; exit: - psa_mac_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( actual_mac ); + psa_mac_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(actual_mac); mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void mac_verify( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input, - data_t *expected_mac, - int forced_status_arg ) +void mac_verify(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input, + data_t *expected_mac, + int forced_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -1384,33 +1359,32 @@ void mac_verify( int key_type_arg, psa_status_t forced_status = forced_status_arg; mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); - TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE ); + TEST_ASSERT(expected_mac->len <= PSA_MAC_MAX_SIZE); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); mbedtls_test_driver_mac_hooks.forced_status = forced_status; /* * Verify the MAC, one-shot case. */ - status = psa_mac_verify( key, alg, - input->x, input->len, - expected_mac->x, expected_mac->len ); - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + status = psa_mac_verify(key, alg, + input->x, input->len, + expected_mac->x, expected_mac->len); + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(forced_status, status); } - else - TEST_EQUAL( forced_status, status ); mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); mbedtls_test_driver_mac_hooks.forced_status = forced_status; @@ -1418,70 +1392,70 @@ void mac_verify( int key_type_arg, /* * Verify the MAC, multi-part case. */ - status = psa_mac_verify_setup( &operation, key, alg ); - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); + status = psa_mac_verify_setup(&operation, key, alg); + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(forced_status, status); + } + + status = psa_mac_update(&operation, + input->x, input->len); + if (forced_status == PSA_SUCCESS) { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 2); + } else { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + } - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(PSA_ERROR_BAD_STATE, status); } - else - TEST_EQUAL( forced_status, status ); - - status = psa_mac_update( &operation, - input->x, input->len ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 2 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + + status = psa_mac_verify_finish(&operation, + expected_mac->x, + expected_mac->len); + if (forced_status == PSA_SUCCESS) { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 4); + } else { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); } - else - TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); - - status = psa_mac_verify_finish( &operation, - expected_mac->x, - expected_mac->len ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(PSA_ERROR_BAD_STATE, status); } - else - TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); - PSA_ASSERT( psa_mac_abort( &operation ) ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); + PSA_ASSERT(psa_mac_abort(&operation)); + if (forced_status == PSA_SUCCESS) { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 4); + } else { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + } exit: - psa_mac_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_mac_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ -void builtin_key_export( int builtin_key_id_arg, - int builtin_key_type_arg, - int builtin_key_bits_arg, - int builtin_key_algorithm_arg, - data_t *expected_output, - int expected_status_arg ) +void builtin_key_export(int builtin_key_id_arg, + int builtin_key_type_arg, + int builtin_key_bits_arg, + int builtin_key_algorithm_arg, + data_t *expected_output, + int expected_status_arg) { psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg; psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg; @@ -1490,51 +1464,49 @@ void builtin_key_export( int builtin_key_id_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id ); - uint8_t* output_buffer = NULL; + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0, builtin_key_id); + uint8_t *output_buffer = NULL; size_t output_size = 0; psa_status_t actual_status; - PSA_ASSERT( psa_crypto_init( ) ); - ASSERT_ALLOC( output_buffer, expected_output->len ); + PSA_ASSERT(psa_crypto_init()); + ASSERT_ALLOC(output_buffer, expected_output->len); - actual_status = psa_export_key( key, output_buffer, expected_output->len, &output_size ); + actual_status = psa_export_key(key, output_buffer, expected_output->len, &output_size); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( actual_status ); - TEST_EQUAL( output_size, expected_output->len ); - ASSERT_COMPARE( output_buffer, output_size, - expected_output->x, expected_output->len ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(actual_status); + TEST_EQUAL(output_size, expected_output->len); + ASSERT_COMPARE(output_buffer, output_size, + expected_output->x, expected_output->len); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits ); - TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg ); - } - else - { - if( actual_status != expected_status ) - fprintf( stderr, "Expected %d but got %d\n", expected_status, actual_status ); - TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( output_size, 0 ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_bits(&attributes), builtin_key_bits); + TEST_EQUAL(psa_get_key_type(&attributes), builtin_key_type); + TEST_EQUAL(psa_get_key_algorithm(&attributes), builtin_key_alg); + } else { + if (actual_status != expected_status) { + fprintf(stderr, "Expected %d but got %d\n", expected_status, actual_status); + } + TEST_EQUAL(actual_status, expected_status); + TEST_EQUAL(output_size, 0); } exit: - mbedtls_free( output_buffer ); - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(output_buffer); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ -void builtin_pubkey_export( int builtin_key_id_arg, - int builtin_key_type_arg, - int builtin_key_bits_arg, - int builtin_key_algorithm_arg, - data_t *expected_output, - int expected_status_arg ) +void builtin_pubkey_export(int builtin_key_id_arg, + int builtin_key_type_arg, + int builtin_key_bits_arg, + int builtin_key_algorithm_arg, + data_t *expected_output, + int expected_status_arg) { psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg; psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg; @@ -1543,47 +1515,44 @@ void builtin_pubkey_export( int builtin_key_id_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id ); - uint8_t* output_buffer = NULL; + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0, builtin_key_id); + uint8_t *output_buffer = NULL; size_t output_size = 0; psa_status_t actual_status; - PSA_ASSERT( psa_crypto_init( ) ); - ASSERT_ALLOC( output_buffer, expected_output->len ); + PSA_ASSERT(psa_crypto_init()); + ASSERT_ALLOC(output_buffer, expected_output->len); - actual_status = psa_export_public_key( key, output_buffer, expected_output->len, &output_size ); + actual_status = psa_export_public_key(key, output_buffer, expected_output->len, &output_size); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( actual_status ); - TEST_EQUAL( output_size, expected_output->len ); - ASSERT_COMPARE( output_buffer, output_size, - expected_output->x, expected_output->len ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(actual_status); + TEST_EQUAL(output_size, expected_output->len); + ASSERT_COMPARE(output_buffer, output_size, + expected_output->x, expected_output->len); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits ); - TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg ); - } - else - { - TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( output_size, 0 ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_bits(&attributes), builtin_key_bits); + TEST_EQUAL(psa_get_key_type(&attributes), builtin_key_type); + TEST_EQUAL(psa_get_key_algorithm(&attributes), builtin_key_alg); + } else { + TEST_EQUAL(actual_status, expected_status); + TEST_EQUAL(output_size, 0); } exit: - mbedtls_free( output_buffer ); - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(output_buffer); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_compute( int alg_arg, - data_t *input, data_t *hash, - int forced_status_arg, - int expected_status_arg ) +void hash_compute(int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg, + int expected_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t forced_status = forced_status_arg; @@ -1594,32 +1563,31 @@ void hash_compute( int alg_arg, mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); mbedtls_test_driver_hash_hooks.forced_status = forced_status; - PSA_ASSERT( psa_crypto_init( ) ); - ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + PSA_ASSERT(psa_crypto_init()); + ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); - TEST_EQUAL( psa_hash_compute( alg, input->x, input->len, - output, PSA_HASH_LENGTH( alg ), - &output_length ), expected_status ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL(psa_hash_compute(alg, input->x, input->len, + output, PSA_HASH_LENGTH(alg), + &output_length), expected_status); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); - if( expected_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + if (expected_status == PSA_SUCCESS) { + ASSERT_COMPARE(output, output_length, hash->x, hash->len); } exit: - mbedtls_free( output ); - PSA_DONE( ); + mbedtls_free(output); + PSA_DONE(); mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_multipart_setup( int alg_arg, - data_t *input, data_t *hash, - int forced_status_arg, - int expected_status_arg ) +void hash_multipart_setup(int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg, + int expected_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t forced_status = forced_status_arg; @@ -1629,44 +1597,43 @@ void hash_multipart_setup( int alg_arg, size_t output_length; mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); mbedtls_test_driver_hash_hooks.forced_status = forced_status; - TEST_EQUAL( psa_hash_setup( &operation, alg ), expected_status ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); - - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, - forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 2 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); - - PSA_ASSERT( psa_hash_finish( &operation, - output, PSA_HASH_LENGTH( alg ), - &output_length ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, - forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 4 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); - - ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + TEST_EQUAL(psa_hash_setup(&operation, alg), expected_status); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); + + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(psa_hash_update(&operation, input->x, input->len)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 2); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); + + PSA_ASSERT(psa_hash_finish(&operation, + output, PSA_HASH_LENGTH(alg), + &output_length)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 4); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); + + ASSERT_COMPARE(output, output_length, hash->x, hash->len); } exit: - psa_hash_abort( &operation ); - mbedtls_free( output ); - PSA_DONE( ); + psa_hash_abort(&operation); + mbedtls_free(output); + PSA_DONE(); mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_multipart_update( int alg_arg, - data_t *input, data_t *hash, - int forced_status_arg ) +void hash_multipart_update(int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t forced_status = forced_status_arg; @@ -1675,54 +1642,53 @@ void hash_multipart_update( int alg_arg, size_t output_length; mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* * Update inactive operation, the driver shouldn't be called. */ - TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); + TEST_EQUAL(psa_hash_update(&operation, input->x, input->len), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 0); - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); mbedtls_test_driver_hash_hooks.forced_status = forced_status; - TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), - forced_status ); + TEST_EQUAL(psa_hash_update(&operation, input->x, input->len), + forced_status); /* One or two more calls to the driver interface: update or update + abort */ - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, - forced_status == PSA_SUCCESS ? 2 : 3 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_SUCCESS ? 2 : 3); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); - if( forced_status == PSA_SUCCESS ) - { + if (forced_status == PSA_SUCCESS) { mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - PSA_ASSERT( psa_hash_finish( &operation, - output, PSA_HASH_LENGTH( alg ), - &output_length ) ); + PSA_ASSERT(psa_hash_finish(&operation, + output, PSA_HASH_LENGTH(alg), + &output_length)); /* Two calls to the driver interface: update + abort */ - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 2); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); - ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + ASSERT_COMPARE(output, output_length, hash->x, hash->len); } exit: - psa_hash_abort( &operation ); - mbedtls_free( output ); - PSA_DONE( ); + psa_hash_abort(&operation); + mbedtls_free(output); + PSA_DONE(); mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_multipart_finish( int alg_arg, - data_t *input, data_t *hash, - int forced_status_arg ) +void hash_multipart_finish(int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t forced_status = forced_status_arg; @@ -1731,50 +1697,51 @@ void hash_multipart_finish( int alg_arg, size_t output_length; mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* * Finish inactive operation, the driver shouldn't be called. */ - TEST_EQUAL( psa_hash_finish( &operation, output, PSA_HASH_LENGTH( alg ), - &output_length ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); + TEST_EQUAL(psa_hash_finish(&operation, output, PSA_HASH_LENGTH(alg), + &output_length), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 0); - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); - PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + PSA_ASSERT(psa_hash_update(&operation, input->x, input->len)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 2); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); mbedtls_test_driver_hash_hooks.forced_status = forced_status; - TEST_EQUAL( psa_hash_finish( &operation, - output, PSA_HASH_LENGTH( alg ), - &output_length ), - forced_status ); + TEST_EQUAL(psa_hash_finish(&operation, + output, PSA_HASH_LENGTH(alg), + &output_length), + forced_status); /* Two more calls to the driver interface: finish + abort */ - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 4 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 4); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); - if( forced_status == PSA_SUCCESS ) - ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + if (forced_status == PSA_SUCCESS) { + ASSERT_COMPARE(output, output_length, hash->x, hash->len); + } exit: - psa_hash_abort( &operation ); - mbedtls_free( output ); - PSA_DONE( ); + psa_hash_abort(&operation); + mbedtls_free(output); + PSA_DONE(); mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_clone( int alg_arg, - data_t *input, data_t *hash, - int forced_status_arg ) +void hash_clone(int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t forced_status = forced_status_arg; @@ -1784,50 +1751,49 @@ void hash_clone( int alg_arg, size_t output_length; mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* * Clone inactive operation, the driver shouldn't be called. */ - TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); + TEST_EQUAL(psa_hash_clone(&source_operation, &target_operation), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 0); - PSA_ASSERT( psa_hash_setup( &source_operation, alg ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + PSA_ASSERT(psa_hash_setup(&source_operation, alg)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); mbedtls_test_driver_hash_hooks.forced_status = forced_status; - TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), - forced_status ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, - forced_status == PSA_SUCCESS ? 2 : 3 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); - - if( forced_status == PSA_SUCCESS ) - { + TEST_EQUAL(psa_hash_clone(&source_operation, &target_operation), + forced_status); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_SUCCESS ? 2 : 3); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); + + if (forced_status == PSA_SUCCESS) { mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - PSA_ASSERT( psa_hash_update( &target_operation, - input->x, input->len ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); - - PSA_ASSERT( psa_hash_finish( &target_operation, - output, PSA_HASH_LENGTH( alg ), - &output_length ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 3 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); - - ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + PSA_ASSERT(psa_hash_update(&target_operation, + input->x, input->len)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); + + PSA_ASSERT(psa_hash_finish(&target_operation, + output, PSA_HASH_LENGTH(alg), + &output_length)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 3); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); + + ASSERT_COMPARE(output, output_length, hash->x, hash->len); } exit: - psa_hash_abort( &source_operation ); - psa_hash_abort( &target_operation ); - mbedtls_free( output ); - PSA_DONE( ); + psa_hash_abort(&source_operation); + psa_hash_abort(&target_operation); + mbedtls_free(output); + PSA_DONE(); mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 4dcbb36a6860..26ce0d3f5d31 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -8,7 +8,8 @@ #include "mbedtls/entropy_poll.h" /* Calculating the minimum allowed entropy size in bytes */ -#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE) +#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, \ + MBEDTLS_ENTROPY_BLOCK_SIZE) #if defined(MBEDTLS_PSA_INJECT_ENTROPY) @@ -22,15 +23,16 @@ * to do this (it would be a security risk if such a function was ever * accessible in production), implement this functionality in a white-box * manner. */ -psa_status_t remove_seed_file( void ) +psa_status_t remove_seed_file(void) { #if defined(MBEDTLS_PSA_ITS_FILE_C) - if( remove( "00000000ffffff52.psa_its" ) == 0 ) - return( PSA_SUCCESS ); - else - return( PSA_ERROR_DOES_NOT_EXIST ); + if (remove("00000000ffffff52.psa_its") == 0) { + return PSA_SUCCESS; + } else { + return PSA_ERROR_DOES_NOT_EXIST; + } #else - return( psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ) ); + return psa_its_remove(PSA_CRYPTO_ITS_RANDOM_SEED_UID); #endif } @@ -39,44 +41,44 @@ psa_status_t remove_seed_file( void ) /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void external_rng_failure_generate( ) +void external_rng_failure_generate() { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - psa_set_key_bits( &attributes, 128 ); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); + psa_set_key_bits(&attributes, 128); mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; uint8_t output[1]; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - PSA_ASSERT( psa_generate_random( output, sizeof( output ) ) ); - PSA_ASSERT( psa_generate_key( &attributes, &key ) ); - PSA_ASSERT( psa_destroy_key( key ) ); + PSA_ASSERT(psa_generate_random(output, sizeof(output))); + PSA_ASSERT(psa_generate_key(&attributes, &key)); + PSA_ASSERT(psa_destroy_key(key)); - mbedtls_test_disable_insecure_external_rng( ); - TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY, - psa_generate_random( output, sizeof( output ) ) ); - TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY, - psa_generate_key( &attributes, &key ) ); + mbedtls_test_disable_insecure_external_rng(); + TEST_EQUAL(PSA_ERROR_INSUFFICIENT_ENTROPY, + psa_generate_random(output, sizeof(output))); + TEST_EQUAL(PSA_ERROR_INSUFFICIENT_ENTROPY, + psa_generate_key(&attributes, &key)); exit: - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void external_rng_failure_sign( int key_type, data_t *key_data, int alg, - int input_size_arg ) +void external_rng_failure_sign(int key_type, data_t *key_data, int alg, + int input_size_arg) { /* This test case is only expected to pass if the signature mechanism * requires randomness, either because it is a randomized signature * or because the implementation uses blinding. */ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_type( &attributes, key_type ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; size_t input_size = input_size_arg; uint8_t *input = NULL; @@ -84,43 +86,43 @@ void external_rng_failure_sign( int key_type, data_t *key_data, int alg, size_t signature_size = PSA_SIGNATURE_MAX_SIZE; size_t signature_length; - ASSERT_ALLOC( input, input_size ); - ASSERT_ALLOC( signature, signature_size ); + ASSERT_ALLOC(input, input_size); + ASSERT_ALLOC(signature, signature_size); - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_sign_hash( key, alg, - input, input_size, - signature, signature_size, - &signature_length ) ); - PSA_ASSERT( psa_destroy_key( key ) ); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_sign_hash(key, alg, + input, input_size, + signature, signature_size, + &signature_length)); + PSA_ASSERT(psa_destroy_key(key)); - mbedtls_test_disable_insecure_external_rng( ); + mbedtls_test_disable_insecure_external_rng(); /* Import the key again, because for RSA Mbed TLS caches blinding values * in the key object and this could perturb the test. */ - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY, - psa_sign_hash( key, alg, - input, input_size, - signature, signature_size, - &signature_length ) ); - PSA_ASSERT( psa_destroy_key( key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + TEST_EQUAL(PSA_ERROR_INSUFFICIENT_ENTROPY, + psa_sign_hash(key, alg, + input, input_size, + signature, signature_size, + &signature_length)); + PSA_ASSERT(psa_destroy_key(key)); exit: - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( input ); - mbedtls_free( signature ); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(input); + mbedtls_free(signature); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */ -void validate_entropy_seed_injection( int seed_length_a, - int expected_status_a, - int seed_length_b, - int expected_status_b ) +void validate_entropy_seed_injection(int seed_length_a, + int expected_status_a, + int seed_length_b, + int expected_status_b) { psa_status_t status; uint8_t output[32] = { 0 }; @@ -128,68 +130,63 @@ void validate_entropy_seed_injection( int seed_length_a, uint8_t *seed = NULL; int i; int seed_size; - if( seed_length_a > seed_length_b ) - { + if (seed_length_a > seed_length_b) { seed_size = seed_length_a; - } - else - { + } else { seed_size = seed_length_b; } - ASSERT_ALLOC( seed, seed_size ); + ASSERT_ALLOC(seed, seed_size); /* fill seed with some data */ - for( i = 0; i < seed_size; ++i ) - { + for (i = 0; i < seed_size; ++i) { seed[i] = i; } - status = remove_seed_file( ); - TEST_ASSERT( ( status == PSA_SUCCESS ) || - ( status == PSA_ERROR_DOES_NOT_EXIST ) ); - status = mbedtls_psa_inject_entropy( seed, seed_length_a ); - TEST_EQUAL( status, expected_status_a ); - status = mbedtls_psa_inject_entropy( seed, seed_length_b ); - TEST_EQUAL( status, expected_status_b ); - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_generate_random( output, - sizeof( output ) ) ); - TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 ); + status = remove_seed_file(); + TEST_ASSERT((status == PSA_SUCCESS) || + (status == PSA_ERROR_DOES_NOT_EXIST)); + status = mbedtls_psa_inject_entropy(seed, seed_length_a); + TEST_EQUAL(status, expected_status_a); + status = mbedtls_psa_inject_entropy(seed, seed_length_b); + TEST_EQUAL(status, expected_status_b); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_generate_random(output, + sizeof(output))); + TEST_ASSERT(memcmp(output, zeros, sizeof(output)) != 0); exit: - mbedtls_free( seed ); - remove_seed_file( ); - PSA_DONE( ); + mbedtls_free(seed); + remove_seed_file(); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */ -void run_entropy_inject_with_crypto_init( ) +void run_entropy_inject_with_crypto_init() { psa_status_t status; size_t i; uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 }; /* fill seed with some data */ - for( i = 0; i < sizeof( seed ); ++i ) - { + for (i = 0; i < sizeof(seed); ++i) { seed[i] = i; } - status = remove_seed_file( ); - TEST_ASSERT( ( status == PSA_SUCCESS ) || - ( status == PSA_ERROR_DOES_NOT_EXIST ) ); - status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); - PSA_ASSERT( status ); - status = remove_seed_file( ); - TEST_EQUAL( status, PSA_SUCCESS ); - status = psa_crypto_init( ); - TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY ); - status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); - PSA_ASSERT( status ); - status = psa_crypto_init( ); - PSA_ASSERT( status ); - PSA_DONE( ); + status = remove_seed_file(); + TEST_ASSERT((status == PSA_SUCCESS) || + (status == PSA_ERROR_DOES_NOT_EXIST)); + status = mbedtls_psa_inject_entropy(seed, sizeof(seed)); + PSA_ASSERT(status); + status = remove_seed_file(); + TEST_EQUAL(status, PSA_SUCCESS); + status = psa_crypto_init(); + TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_ENTROPY); + status = mbedtls_psa_inject_entropy(seed, sizeof(seed)); + PSA_ASSERT(status); + status = psa_crypto_init(); + PSA_ASSERT(status); + PSA_DONE(); /* The seed is written by nv_seed callback functions therefore the injection will fail */ - status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + status = mbedtls_psa_inject_entropy(seed, sizeof(seed)); + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); exit: - remove_seed_file( ); - PSA_DONE( ); + remove_seed_file(); + PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_generate_key.function b/tests/suites/test_suite_psa_crypto_generate_key.function index 6dc604350fd1..366e09b0145f 100644 --- a/tests/suites/test_suite_psa_crypto_generate_key.function +++ b/tests/suites/test_suite_psa_crypto_generate_key.function @@ -3,7 +3,7 @@ #include "psa/crypto.h" #include "test/psa_crypto_helpers.h" -#define INVALID_KEY_ID mbedtls_svc_key_id_make( 0, 0xfedcba98 ) +#define INVALID_KEY_ID mbedtls_svc_key_id_make(0, 0xfedcba98) /* END_HEADER */ @@ -13,7 +13,7 @@ */ /* BEGIN_CASE */ -void generate_key( int key_type_arg, int bits_arg, int expected_status_arg) +void generate_key(int key_type_arg, int bits_arg, int expected_status_arg) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = INVALID_KEY_ID; @@ -23,27 +23,26 @@ void generate_key( int key_type_arg, int bits_arg, int expected_status_arg) size_t bits = bits_arg; psa_status_t expected_status = expected_status_arg; - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_type( &attributes, key_type ); - psa_set_key_bits( &attributes, bits ); - TEST_EQUAL( psa_generate_key( &attributes, &key_id ), - expected_status ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_type(&attributes, key_type); + psa_set_key_bits(&attributes, bits); + TEST_EQUAL(psa_generate_key(&attributes, &key_id), + expected_status); // Verify attributes of the created key on success - if ( expected_status == PSA_SUCCESS ) - { + if (expected_status == PSA_SUCCESS) { psa_reset_key_attributes(&attributes); - PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), PSA_KEY_LIFETIME_VOLATILE ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_type( &attributes ), key_type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); + PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), PSA_KEY_LIFETIME_VOLATILE); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); + TEST_EQUAL(psa_get_key_type(&attributes), key_type); + TEST_EQUAL(psa_get_key_bits(&attributes), bits); } exit: psa_reset_key_attributes(&attributes); - psa_destroy_key( key_id ); - PSA_DONE( ); + psa_destroy_key(key_id); + PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index b0da2bf30e9e..f12541d68641 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -10,54 +10,54 @@ */ /* BEGIN_CASE */ -void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) +void hash_finish(int alg_arg, data_t *input, data_t *expected_hash) { psa_algorithm_t alg = alg_arg; unsigned char actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - PSA_ASSERT( psa_hash_update( &operation, - input->x, input->len ) ); - PSA_ASSERT( psa_hash_finish( &operation, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ) ); - ASSERT_COMPARE( expected_hash->x, expected_hash->len, - actual_hash, actual_hash_length ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + PSA_ASSERT(psa_hash_update(&operation, + input->x, input->len)); + PSA_ASSERT(psa_hash_finish(&operation, + actual_hash, sizeof(actual_hash), + &actual_hash_length)); + ASSERT_COMPARE(expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length); exit: - psa_hash_abort( &operation ); - PSA_DONE( ); + psa_hash_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) +void hash_verify(int alg_arg, data_t *input, data_t *expected_hash) { psa_algorithm_t alg = alg_arg; psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - PSA_ASSERT( psa_hash_update( &operation, - input->x, - input->len ) ); - PSA_ASSERT( psa_hash_verify( &operation, - expected_hash->x, - expected_hash->len ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + PSA_ASSERT(psa_hash_update(&operation, + input->x, + input->len)); + PSA_ASSERT(psa_hash_verify(&operation, + expected_hash->x, + expected_hash->len)); exit: - psa_hash_abort( &operation ); - PSA_DONE( ); + psa_hash_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) +void hash_multi_part(int alg_arg, data_t *input, data_t *expected_hash) { psa_algorithm_t alg = alg_arg; unsigned char actual_hash[PSA_HASH_MAX_SIZE]; @@ -66,37 +66,36 @@ void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) psa_hash_operation_t operation2 = PSA_HASH_OPERATION_INIT; uint32_t len = 0; - PSA_ASSERT( psa_crypto_init( ) ); - - do - { - memset( actual_hash, 0, sizeof( actual_hash ) ); - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - - PSA_ASSERT( psa_hash_update( &operation, - input->x, len ) ); - PSA_ASSERT( psa_hash_clone( &operation, &operation2 ) ); - PSA_ASSERT( psa_hash_update( &operation, - input->x + len, input->len - len ) ); - PSA_ASSERT( psa_hash_update( &operation2, - input->x + len, input->len - len ) ); - - PSA_ASSERT( psa_hash_finish( &operation, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ) ); - ASSERT_COMPARE( expected_hash->x, expected_hash->len, - actual_hash, actual_hash_length ); - - PSA_ASSERT( psa_hash_finish( &operation2, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ) ); - ASSERT_COMPARE( expected_hash->x, expected_hash->len, - actual_hash, actual_hash_length ); - } while( len++ != input->len ); + PSA_ASSERT(psa_crypto_init()); + + do { + memset(actual_hash, 0, sizeof(actual_hash)); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + + PSA_ASSERT(psa_hash_update(&operation, + input->x, len)); + PSA_ASSERT(psa_hash_clone(&operation, &operation2)); + PSA_ASSERT(psa_hash_update(&operation, + input->x + len, input->len - len)); + PSA_ASSERT(psa_hash_update(&operation2, + input->x + len, input->len - len)); + + PSA_ASSERT(psa_hash_finish(&operation, + actual_hash, sizeof(actual_hash), + &actual_hash_length)); + ASSERT_COMPARE(expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length); + + PSA_ASSERT(psa_hash_finish(&operation2, + actual_hash, sizeof(actual_hash), + &actual_hash_length)); + ASSERT_COMPARE(expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length); + } while (len++ != input->len); exit: - psa_hash_abort( &operation ); - psa_hash_abort( &operation2 ); - PSA_DONE( ); + psa_hash_abort(&operation); + psa_hash_abort(&operation2); + PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index 40efb87cb28b..7345ad144587 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -17,7 +17,7 @@ * half the entropy length. For SHA-256, SHA-384 or SHA-512, the * entropy length is 256 per the documentation of mbedtls_hmac_drbg_seed(), * and PSA crypto doesn't support other hashes for HMAC_DRBG. */ -#define ENTROPY_NONCE_LEN ( 256 / 2 ) +#define ENTROPY_NONCE_LEN (256 / 2) #else /* PSA crypto uses the CTR_DRBG module. In some configurations, it needs * to read from the entropy source twice: once for the initial entropy @@ -28,28 +28,29 @@ #if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) -typedef struct -{ +typedef struct { size_t threshold; /* Minimum bytes to make mbedtls_entropy_func happy */ size_t max_steps; size_t *length_sequence; size_t step; } fake_entropy_state_t; -static int fake_entropy_source( void *state_arg, - unsigned char *output, size_t len, - size_t *olen ) +static int fake_entropy_source(void *state_arg, + unsigned char *output, size_t len, + size_t *olen) { fake_entropy_state_t *state = state_arg; size_t i; - if( state->step >= state->max_steps ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (state->step >= state->max_steps) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } - *olen = MIN( len, state->length_sequence[state->step] ); - for( i = 0; i < *olen; i++ ) + *olen = MIN(len, state->length_sequence[state->step]); + for (i = 0; i < *olen; i++) { output[i] = i; + } ++state->step; - return( 0 ); + return 0; } #define ENTROPY_SOURCE_PLATFORM 0x00000001 @@ -64,69 +65,71 @@ static fake_entropy_state_t fake_entropy_state; /* This is a modified version of mbedtls_entropy_init() from entropy.c * which chooses entropy sources dynamically. */ -static void custom_entropy_init( mbedtls_entropy_context *ctx ) +static void custom_entropy_init(mbedtls_entropy_context *ctx) { ctx->source_count = 0; - memset( ctx->source, 0, sizeof( ctx->source ) ); + memset(ctx->source, 0, sizeof(ctx->source)); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif ctx->accumulator_started = 0; #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_init( &ctx->accumulator ); + mbedtls_sha512_init(&ctx->accumulator); #else - mbedtls_sha256_init( &ctx->accumulator ); + mbedtls_sha256_init(&ctx->accumulator); #endif #if defined(MBEDTLS_HAVEGE_C) - mbedtls_havege_init( &ctx->havege_data ); + mbedtls_havege_init(&ctx->havege_data); #endif #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) - if( custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM ) - mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL, - MBEDTLS_ENTROPY_MIN_PLATFORM, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + if (custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM) { + mbedtls_entropy_add_source(ctx, mbedtls_platform_entropy_poll, NULL, + MBEDTLS_ENTROPY_MIN_PLATFORM, + MBEDTLS_ENTROPY_SOURCE_STRONG); + } #endif #if defined(MBEDTLS_TIMING_C) - if( custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING ) - mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL, - MBEDTLS_ENTROPY_MIN_HARDCLOCK, - MBEDTLS_ENTROPY_SOURCE_WEAK ); + if (custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING) { + mbedtls_entropy_add_source(ctx, mbedtls_hardclock_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDCLOCK, + MBEDTLS_ENTROPY_SOURCE_WEAK); + } #endif #if defined(MBEDTLS_HAVEGE_C) - if( custom_entropy_sources_mask & ENTROPY_SOURCE_HAVEGE ) - mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data, - MBEDTLS_ENTROPY_MIN_HAVEGE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + if (custom_entropy_sources_mask & ENTROPY_SOURCE_HAVEGE) { + mbedtls_entropy_add_source(ctx, mbedtls_havege_poll, &ctx->havege_data, + MBEDTLS_ENTROPY_MIN_HAVEGE, + MBEDTLS_ENTROPY_SOURCE_STRONG); + } #endif #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - if( custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE ) - mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL, - MBEDTLS_ENTROPY_MIN_HARDWARE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + if (custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE) { + mbedtls_entropy_add_source(ctx, mbedtls_hardware_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDWARE, + MBEDTLS_ENTROPY_SOURCE_STRONG); + } #endif #if defined(MBEDTLS_ENTROPY_NV_SEED) - if( custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED ) - { - mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL, - MBEDTLS_ENTROPY_BLOCK_SIZE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + if (custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED) { + mbedtls_entropy_add_source(ctx, mbedtls_nv_seed_poll, NULL, + MBEDTLS_ENTROPY_BLOCK_SIZE, + MBEDTLS_ENTROPY_SOURCE_STRONG); ctx->initial_entropy_run = 0; - } - else - { + } else { /* Skip the NV seed even though it's compiled in. */ ctx->initial_entropy_run = 1; } #endif - if( custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE ) - mbedtls_entropy_add_source( ctx, - fake_entropy_source, &fake_entropy_state, - fake_entropy_state.threshold, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + if (custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE) { + mbedtls_entropy_add_source(ctx, + fake_entropy_source, &fake_entropy_state, + fake_entropy_state.threshold, + MBEDTLS_ENTROPY_SOURCE_STRONG); + } } #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */ @@ -139,109 +142,106 @@ static void custom_entropy_init( mbedtls_entropy_context *ctx ) */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void create_nv_seed( ) +void create_nv_seed() { static unsigned char seed[ENTROPY_MIN_NV_SEED_SIZE]; - TEST_ASSERT( mbedtls_nv_seed_write( seed, sizeof( seed ) ) >= 0 ); + TEST_ASSERT(mbedtls_nv_seed_write(seed, sizeof(seed)) >= 0); } /* END_CASE */ /* BEGIN_CASE */ -void init_deinit( int count ) +void init_deinit(int count) { psa_status_t status; int i; - for( i = 0; i < count; i++ ) - { - status = psa_crypto_init( ); - PSA_ASSERT( status ); - status = psa_crypto_init( ); - PSA_ASSERT( status ); - PSA_DONE( ); + for (i = 0; i < count; i++) { + status = psa_crypto_init(); + PSA_ASSERT(status); + status = psa_crypto_init(); + PSA_ASSERT(status); + PSA_DONE(); } } /* END_CASE */ /* BEGIN_CASE */ -void deinit_without_init( int count ) +void deinit_without_init(int count) { int i; - for( i = 0; i < count; i++ ) - { - PSA_ASSERT( psa_crypto_init( ) ); - PSA_DONE( ); + for (i = 0; i < count; i++) { + PSA_ASSERT(psa_crypto_init()); + PSA_DONE(); } - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void validate_module_init_generate_random( int count ) +void validate_module_init_generate_random(int count) { psa_status_t status; uint8_t random[10] = { 0 }; int i; - for( i = 0; i < count; i++ ) - { - status = psa_crypto_init( ); - PSA_ASSERT( status ); - PSA_DONE( ); + for (i = 0; i < count; i++) { + status = psa_crypto_init(); + PSA_ASSERT(status); + PSA_DONE(); } - status = psa_generate_random( random, sizeof( random ) ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); + status = psa_generate_random(random, sizeof(random)); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); } /* END_CASE */ /* BEGIN_CASE */ -void validate_module_init_key_based( int count ) +void validate_module_init_key_based(int count) { psa_status_t status; uint8_t data[10] = { 0 }; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0xdead, 0xdead ); + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0xdead, 0xdead); int i; - for( i = 0; i < count; i++ ) - { - status = psa_crypto_init( ); - PSA_ASSERT( status ); - PSA_DONE( ); + for (i = 0; i < count; i++) { + status = psa_crypto_init(); + PSA_ASSERT(status); + PSA_DONE(); } - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - status = psa_import_key( &attributes, data, sizeof( data ), &key ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_ASSERT( mbedtls_svc_key_id_is_null( key ) ); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + status = psa_import_key(&attributes, data, sizeof(data), &key); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_ASSERT(mbedtls_svc_key_id_is_null(key)); } /* END_CASE */ /* BEGIN_CASE depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void custom_entropy_sources( int sources_arg, int expected_init_status_arg ) +void custom_entropy_sources(int sources_arg, int expected_init_status_arg) { psa_status_t expected_init_status = expected_init_status_arg; uint8_t random[10] = { 0 }; custom_entropy_sources_mask = sources_arg; - PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( - custom_entropy_init, mbedtls_entropy_free ) ); + PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free)); - TEST_EQUAL( psa_crypto_init( ), expected_init_status ); - if( expected_init_status != PSA_SUCCESS ) + TEST_EQUAL(psa_crypto_init(), expected_init_status); + if (expected_init_status != PSA_SUCCESS) { goto exit; + } - PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) ); + PSA_ASSERT(psa_generate_random(random, sizeof(random))); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void fake_entropy_source( int threshold, - int amount1, - int amount2, - int amount3, - int amount4, - int expected_init_status_arg ) +void fake_entropy_source(int threshold, + int amount1, + int amount2, + int amount3, + int amount4, + int expected_init_status_arg) { psa_status_t expected_init_status = expected_init_status_arg; uint8_t random[10] = { 0 }; @@ -250,55 +250,61 @@ void fake_entropy_source( int threshold, fake_entropy_state.threshold = threshold; fake_entropy_state.step = 0; fake_entropy_state.max_steps = 0; - if( amount1 >= 0 ) + if (amount1 >= 0) { lengths[fake_entropy_state.max_steps++] = amount1; - if( amount2 >= 0 ) + } + if (amount2 >= 0) { lengths[fake_entropy_state.max_steps++] = amount2; - if( amount3 >= 0 ) + } + if (amount3 >= 0) { lengths[fake_entropy_state.max_steps++] = amount3; - if( amount4 >= 0 ) + } + if (amount4 >= 0) { lengths[fake_entropy_state.max_steps++] = amount4; + } fake_entropy_state.length_sequence = lengths; custom_entropy_sources_mask = ENTROPY_SOURCE_FAKE; - PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( - custom_entropy_init, mbedtls_entropy_free ) ); + PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free)); - TEST_EQUAL( psa_crypto_init( ), expected_init_status ); - if( expected_init_status != PSA_SUCCESS ) + TEST_EQUAL(psa_crypto_init(), expected_init_status); + if (expected_init_status != PSA_SUCCESS) { goto exit; + } - PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) ); + PSA_ASSERT(psa_generate_random(random, sizeof(random))); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void entropy_from_nv_seed( int seed_size_arg, - int expected_init_status_arg ) +void entropy_from_nv_seed(int seed_size_arg, + int expected_init_status_arg) { psa_status_t expected_init_status = expected_init_status_arg; uint8_t random[10] = { 0 }; uint8_t *seed = NULL; size_t seed_size = seed_size_arg; - ASSERT_ALLOC( seed, seed_size ); - TEST_ASSERT( mbedtls_nv_seed_write( seed, seed_size ) >= 0 ); + ASSERT_ALLOC(seed, seed_size); + TEST_ASSERT(mbedtls_nv_seed_write(seed, seed_size) >= 0); custom_entropy_sources_mask = ENTROPY_SOURCE_NV_SEED; - PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( - custom_entropy_init, mbedtls_entropy_free ) ); + PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free)); - TEST_EQUAL( psa_crypto_init( ), expected_init_status ); - if( expected_init_status != PSA_SUCCESS ) + TEST_EQUAL(psa_crypto_init(), expected_init_status); + if (expected_init_status != PSA_SUCCESS) { goto exit; + } - PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) ); + PSA_ASSERT(psa_generate_random(random, sizeof(random))); exit: - mbedtls_free( seed ); - PSA_DONE( ); + mbedtls_free(seed); + PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index f2ba16a28da1..47d60c1c0e37 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -16,56 +16,56 @@ * category test macros, which are hard-coded in each * category-specific function. The name of the flag is the name of the * classification macro without the PSA_ prefix. */ -#define ALG_IS_VENDOR_DEFINED ( 1u << 0 ) -#define ALG_IS_HMAC ( 1u << 1 ) -#define ALG_IS_BLOCK_CIPHER_MAC ( 1u << 2 ) -#define ALG_IS_STREAM_CIPHER ( 1u << 3 ) -#define ALG_IS_RSA_PKCS1V15_SIGN ( 1u << 4 ) -#define ALG_IS_RSA_PSS ( 1u << 5 ) -#define ALG_IS_RSA_PSS_ANY_SALT ( 1u << 6 ) -#define ALG_IS_RSA_PSS_STANDARD_SALT ( 1u << 7 ) -#define ALG_IS_DSA ( 1u << 8 ) -#define ALG_DSA_IS_DETERMINISTIC ( 1u << 9 ) -#define ALG_IS_DETERMINISTIC_DSA ( 1u << 10 ) -#define ALG_IS_RANDOMIZED_DSA ( 1u << 11 ) -#define ALG_IS_ECDSA ( 1u << 12 ) -#define ALG_ECDSA_IS_DETERMINISTIC ( 1u << 13 ) -#define ALG_IS_DETERMINISTIC_ECDSA ( 1u << 14 ) -#define ALG_IS_RANDOMIZED_ECDSA ( 1u << 15 ) -#define ALG_IS_HASH_EDDSA ( 1u << 16 ) -#define ALG_IS_SIGN_HASH ( 1u << 17 ) -#define ALG_IS_HASH_AND_SIGN ( 1u << 18 ) -#define ALG_IS_RSA_OAEP ( 1u << 19 ) -#define ALG_IS_HKDF ( 1u << 20 ) -#define ALG_IS_FFDH ( 1u << 21 ) -#define ALG_IS_ECDH ( 1u << 22 ) -#define ALG_IS_WILDCARD ( 1u << 23 ) -#define ALG_IS_RAW_KEY_AGREEMENT ( 1u << 24 ) -#define ALG_IS_AEAD_ON_BLOCK_CIPHER ( 1u << 25 ) -#define ALG_IS_TLS12_PRF ( 1u << 26 ) -#define ALG_IS_TLS12_PSK_TO_MS ( 1u << 27 ) -#define ALG_FLAG_MASK_PLUS_ONE ( 1u << 28 ) /* must be last! */ +#define ALG_IS_VENDOR_DEFINED (1u << 0) +#define ALG_IS_HMAC (1u << 1) +#define ALG_IS_BLOCK_CIPHER_MAC (1u << 2) +#define ALG_IS_STREAM_CIPHER (1u << 3) +#define ALG_IS_RSA_PKCS1V15_SIGN (1u << 4) +#define ALG_IS_RSA_PSS (1u << 5) +#define ALG_IS_RSA_PSS_ANY_SALT (1u << 6) +#define ALG_IS_RSA_PSS_STANDARD_SALT (1u << 7) +#define ALG_IS_DSA (1u << 8) +#define ALG_DSA_IS_DETERMINISTIC (1u << 9) +#define ALG_IS_DETERMINISTIC_DSA (1u << 10) +#define ALG_IS_RANDOMIZED_DSA (1u << 11) +#define ALG_IS_ECDSA (1u << 12) +#define ALG_ECDSA_IS_DETERMINISTIC (1u << 13) +#define ALG_IS_DETERMINISTIC_ECDSA (1u << 14) +#define ALG_IS_RANDOMIZED_ECDSA (1u << 15) +#define ALG_IS_HASH_EDDSA (1u << 16) +#define ALG_IS_SIGN_HASH (1u << 17) +#define ALG_IS_HASH_AND_SIGN (1u << 18) +#define ALG_IS_RSA_OAEP (1u << 19) +#define ALG_IS_HKDF (1u << 20) +#define ALG_IS_FFDH (1u << 21) +#define ALG_IS_ECDH (1u << 22) +#define ALG_IS_WILDCARD (1u << 23) +#define ALG_IS_RAW_KEY_AGREEMENT (1u << 24) +#define ALG_IS_AEAD_ON_BLOCK_CIPHER (1u << 25) +#define ALG_IS_TLS12_PRF (1u << 26) +#define ALG_IS_TLS12_PSK_TO_MS (1u << 27) +#define ALG_FLAG_MASK_PLUS_ONE (1u << 28) /* must be last! */ /* Flags for key type classification macros. There is a flag for every * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that * are tested as derived from other macros. The name of the flag is * the name of the classification macro without the PSA_ prefix. */ -#define KEY_TYPE_IS_VENDOR_DEFINED ( 1u << 0 ) -#define KEY_TYPE_IS_UNSTRUCTURED ( 1u << 1 ) -#define KEY_TYPE_IS_PUBLIC_KEY ( 1u << 2 ) -#define KEY_TYPE_IS_KEY_PAIR ( 1u << 3 ) -#define KEY_TYPE_IS_RSA ( 1u << 4 ) -#define KEY_TYPE_IS_DSA ( 1u << 5 ) -#define KEY_TYPE_IS_ECC ( 1u << 6 ) -#define KEY_TYPE_IS_DH ( 1u << 7 ) -#define KEY_TYPE_FLAG_MASK_PLUS_ONE ( 1u << 8 ) /* must be last! */ +#define KEY_TYPE_IS_VENDOR_DEFINED (1u << 0) +#define KEY_TYPE_IS_UNSTRUCTURED (1u << 1) +#define KEY_TYPE_IS_PUBLIC_KEY (1u << 2) +#define KEY_TYPE_IS_KEY_PAIR (1u << 3) +#define KEY_TYPE_IS_RSA (1u << 4) +#define KEY_TYPE_IS_DSA (1u << 5) +#define KEY_TYPE_IS_ECC (1u << 6) +#define KEY_TYPE_IS_DH (1u << 7) +#define KEY_TYPE_FLAG_MASK_PLUS_ONE (1u << 8) /* must be last! */ /* Flags for lifetime classification macros. There is a flag for every * lifetime classification macro PSA_KEY_LIFETIME_IS_xxx. The name of the * flag is the name of the classification macro without the PSA_ prefix. */ -#define KEY_LIFETIME_IS_VOLATILE ( 1u << 0 ) -#define KEY_LIFETIME_IS_READ_ONLY ( 1u << 1 ) -#define KEY_LIFETIME_FLAG_MASK_PLUS_ONE ( 1u << 2 ) /* must be last! */ +#define KEY_LIFETIME_IS_VOLATILE (1u << 0) +#define KEY_LIFETIME_IS_READ_ONLY (1u << 1) +#define KEY_LIFETIME_FLAG_MASK_PLUS_ONE (1u << 2) /* must be last! */ /* Check that in the value of flags, the bit flag (which should be a macro * expanding to a number of the form 1 << k) is set if and only if @@ -78,19 +78,19 @@ * Unconditionally mask flag into the ambient variable * classification_flags_tested. */ -#define TEST_CLASSIFICATION_MACRO( cond, flag, alg, flags ) \ +#define TEST_CLASSIFICATION_MACRO(cond, flag, alg, flags) \ do \ { \ - if( cond ) \ + if (cond) \ { \ - if( ( flags ) & ( flag ) ) \ - TEST_ASSERT( PSA_##flag( alg ) ); \ + if ((flags) & (flag)) \ + TEST_ASSERT(PSA_##flag(alg)); \ else \ - TEST_ASSERT( ! PSA_##flag( alg ) ); \ + TEST_ASSERT(!PSA_##flag(alg)); \ } \ - classification_flags_tested |= ( flag ); \ + classification_flags_tested |= (flag); \ } \ - while( 0 ) + while (0) /* Check the parity of value. * @@ -104,134 +104,134 @@ * The expected parity is even so that 0 is considered a valid encoding. * * Return a nonzero value if value has even parity and 0 otherwise. */ -int has_even_parity( uint32_t value ) +int has_even_parity(uint32_t value) { value ^= value >> 16; value ^= value >> 8; value ^= value >> 4; - return( 0x9669 & 1 << ( value & 0xf ) ); + return 0x9669 & 1 << (value & 0xf); } -#define TEST_PARITY( value ) \ - TEST_ASSERT( has_even_parity( value ) ) +#define TEST_PARITY(value) \ + TEST_ASSERT(has_even_parity(value)) -void algorithm_classification( psa_algorithm_t alg, unsigned flags ) +void algorithm_classification(psa_algorithm_t alg, unsigned flags) { unsigned classification_flags_tested = 0; - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_VENDOR_DEFINED, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_HMAC, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_BLOCK_CIPHER_MAC, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_STREAM_CIPHER, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RSA_PKCS1V15_SIGN, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RSA_PSS, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RSA_PSS_ANY_SALT, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RSA_PSS_STANDARD_SALT, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_DSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( PSA_ALG_IS_DSA( alg ), - ALG_DSA_IS_DETERMINISTIC, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_DETERMINISTIC_DSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RANDOMIZED_DSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_ECDSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( PSA_ALG_IS_ECDSA( alg ), - ALG_ECDSA_IS_DETERMINISTIC, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_DETERMINISTIC_ECDSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RANDOMIZED_ECDSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_HASH_EDDSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_SIGN_HASH, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_HASH_AND_SIGN, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RSA_OAEP, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_HKDF, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_WILDCARD, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_ECDH, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_FFDH, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RAW_KEY_AGREEMENT, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_AEAD_ON_BLOCK_CIPHER, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_TLS12_PRF, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_TLS12_PSK_TO_MS, alg, flags ); - TEST_EQUAL( classification_flags_tested, ALG_FLAG_MASK_PLUS_ONE - 1 ); -exit: ; + TEST_CLASSIFICATION_MACRO(1, ALG_IS_VENDOR_DEFINED, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_HMAC, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_BLOCK_CIPHER_MAC, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_STREAM_CIPHER, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_PKCS1V15_SIGN, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_PSS, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_PSS_ANY_SALT, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_PSS_STANDARD_SALT, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_DSA, alg, flags); + TEST_CLASSIFICATION_MACRO(PSA_ALG_IS_DSA(alg), + ALG_DSA_IS_DETERMINISTIC, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_DETERMINISTIC_DSA, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RANDOMIZED_DSA, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_ECDSA, alg, flags); + TEST_CLASSIFICATION_MACRO(PSA_ALG_IS_ECDSA(alg), + ALG_ECDSA_IS_DETERMINISTIC, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_DETERMINISTIC_ECDSA, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RANDOMIZED_ECDSA, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_HASH_EDDSA, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_SIGN_HASH, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_HASH_AND_SIGN, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_OAEP, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_HKDF, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_WILDCARD, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_ECDH, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_FFDH, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RAW_KEY_AGREEMENT, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_AEAD_ON_BLOCK_CIPHER, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_TLS12_PRF, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_TLS12_PSK_TO_MS, alg, flags); + TEST_EQUAL(classification_flags_tested, ALG_FLAG_MASK_PLUS_ONE - 1); +exit:; } -void key_type_classification( psa_key_type_t type, unsigned flags ) +void key_type_classification(psa_key_type_t type, unsigned flags) { unsigned classification_flags_tested = 0; /* Macros tested based on the test case parameter */ - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_VENDOR_DEFINED, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_UNSTRUCTURED, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_PUBLIC_KEY, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_KEY_PAIR, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_RSA, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_DSA, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_ECC, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_DH, type, flags ); - TEST_EQUAL( classification_flags_tested, KEY_TYPE_FLAG_MASK_PLUS_ONE - 1 ); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_VENDOR_DEFINED, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_UNSTRUCTURED, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_PUBLIC_KEY, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_KEY_PAIR, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_RSA, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_DSA, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_ECC, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_DH, type, flags); + TEST_EQUAL(classification_flags_tested, KEY_TYPE_FLAG_MASK_PLUS_ONE - 1); /* Macros with derived semantics */ - TEST_EQUAL( PSA_KEY_TYPE_IS_ASYMMETRIC( type ), - ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) || - PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) ); - TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ), - ( PSA_KEY_TYPE_IS_ECC( type ) && - PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) ); - TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ), - ( PSA_KEY_TYPE_IS_ECC( type ) && - PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) ); - TEST_EQUAL( PSA_KEY_TYPE_IS_DH_KEY_PAIR( type ), - ( PSA_KEY_TYPE_IS_DH( type ) && - PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) ); - TEST_EQUAL( PSA_KEY_TYPE_IS_DH_PUBLIC_KEY( type ), - ( PSA_KEY_TYPE_IS_DH( type ) && - PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) ); - - TEST_PARITY( type ); - -exit: ; + TEST_EQUAL(PSA_KEY_TYPE_IS_ASYMMETRIC(type), + (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) || + PSA_KEY_TYPE_IS_KEY_PAIR(type))); + TEST_EQUAL(PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type), + (PSA_KEY_TYPE_IS_ECC(type) && + PSA_KEY_TYPE_IS_KEY_PAIR(type))); + TEST_EQUAL(PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type), + (PSA_KEY_TYPE_IS_ECC(type) && + PSA_KEY_TYPE_IS_PUBLIC_KEY(type))); + TEST_EQUAL(PSA_KEY_TYPE_IS_DH_KEY_PAIR(type), + (PSA_KEY_TYPE_IS_DH(type) && + PSA_KEY_TYPE_IS_KEY_PAIR(type))); + TEST_EQUAL(PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type), + (PSA_KEY_TYPE_IS_DH(type) && + PSA_KEY_TYPE_IS_PUBLIC_KEY(type))); + + TEST_PARITY(type); + +exit:; } -void mac_algorithm_core( psa_algorithm_t alg, int classification_flags, - psa_key_type_t key_type, size_t key_bits, - size_t length ) +void mac_algorithm_core(psa_algorithm_t alg, int classification_flags, + psa_key_type_t key_type, size_t key_bits, + size_t length) { /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); /* Length */ - TEST_EQUAL( length, PSA_MAC_LENGTH( key_type, key_bits, alg ) ); + TEST_EQUAL(length, PSA_MAC_LENGTH(key_type, key_bits, alg)); #if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C) - PSA_ASSERT( psa_mac_key_can_do( alg, key_type ) ); + PSA_ASSERT(psa_mac_key_can_do(alg, key_type)); #endif -exit: ; +exit:; } -void aead_algorithm_core( psa_algorithm_t alg, int classification_flags, - psa_key_type_t key_type, size_t key_bits, - size_t tag_length ) +void aead_algorithm_core(psa_algorithm_t alg, int classification_flags, + psa_key_type_t key_type, size_t key_bits, + size_t tag_length) { /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); /* Tag length */ - TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( key_type, key_bits, alg ) ); + TEST_EQUAL(tag_length, PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg)); -exit: ; +exit:; } /* END_HEADER */ @@ -242,52 +242,52 @@ exit: ; */ /* BEGIN_CASE */ -void hash_algorithm( int alg_arg, int length_arg ) +void hash_algorithm(int alg_arg, int length_arg) { psa_algorithm_t alg = alg_arg; size_t length = length_arg; - psa_algorithm_t hmac_alg = PSA_ALG_HMAC( alg ); - psa_algorithm_t rsa_pkcs1v15_sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN( alg ); - psa_algorithm_t rsa_pss_alg = PSA_ALG_RSA_PSS( alg ); - psa_algorithm_t dsa_alg = PSA_ALG_DSA( alg ); - psa_algorithm_t deterministic_dsa_alg = PSA_ALG_DETERMINISTIC_DSA( alg ); - psa_algorithm_t ecdsa_alg = PSA_ALG_ECDSA( alg ); - psa_algorithm_t deterministic_ecdsa_alg = PSA_ALG_DETERMINISTIC_ECDSA( alg ); - psa_algorithm_t rsa_oaep_alg = PSA_ALG_RSA_OAEP( alg ); - psa_algorithm_t hkdf_alg = PSA_ALG_HKDF( alg ); + psa_algorithm_t hmac_alg = PSA_ALG_HMAC(alg); + psa_algorithm_t rsa_pkcs1v15_sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN(alg); + psa_algorithm_t rsa_pss_alg = PSA_ALG_RSA_PSS(alg); + psa_algorithm_t dsa_alg = PSA_ALG_DSA(alg); + psa_algorithm_t deterministic_dsa_alg = PSA_ALG_DETERMINISTIC_DSA(alg); + psa_algorithm_t ecdsa_alg = PSA_ALG_ECDSA(alg); + psa_algorithm_t deterministic_ecdsa_alg = PSA_ALG_DETERMINISTIC_ECDSA(alg); + psa_algorithm_t rsa_oaep_alg = PSA_ALG_RSA_OAEP(alg); + psa_algorithm_t hkdf_alg = PSA_ALG_HKDF(alg); /* Algorithm classification */ - TEST_ASSERT( PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, 0 ); + TEST_ASSERT(PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, 0); /* Dependent algorithms */ - TEST_EQUAL( PSA_ALG_HMAC_GET_HASH( hmac_alg ), alg ); - TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ), alg ); - TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ), alg ); - TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( dsa_alg ), alg ); - TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ), alg ); - TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ), alg ); - TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ), alg ); - TEST_EQUAL( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ), alg ); - TEST_EQUAL( PSA_ALG_HKDF_GET_HASH( hkdf_alg ), alg ); + TEST_EQUAL(PSA_ALG_HMAC_GET_HASH(hmac_alg), alg); + TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(rsa_pkcs1v15_sign_alg), alg); + TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(rsa_pss_alg), alg); + TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(dsa_alg), alg); + TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(deterministic_dsa_alg), alg); + TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(ecdsa_alg), alg); + TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(deterministic_ecdsa_alg), alg); + TEST_EQUAL(PSA_ALG_RSA_OAEP_GET_HASH(rsa_oaep_alg), alg); + TEST_EQUAL(PSA_ALG_HKDF_GET_HASH(hkdf_alg), alg); /* Hash length */ - TEST_EQUAL( length, PSA_HASH_LENGTH( alg ) ); - TEST_ASSERT( length <= PSA_HASH_MAX_SIZE ); + TEST_EQUAL(length, PSA_HASH_LENGTH(alg)); + TEST_ASSERT(length <= PSA_HASH_MAX_SIZE); } /* END_CASE */ /* BEGIN_CASE */ -void mac_algorithm( int alg_arg, int classification_flags, - int length_arg, - int key_type_arg, int key_bits_arg ) +void mac_algorithm(int alg_arg, int classification_flags, + int length_arg, + int key_type_arg, int key_bits_arg) { psa_algorithm_t alg = alg_arg; size_t length = length_arg; @@ -295,127 +295,124 @@ void mac_algorithm( int alg_arg, int classification_flags, size_t key_type = key_type_arg; size_t key_bits = key_bits_arg; - mac_algorithm_core( alg, classification_flags, - key_type, key_bits, length ); - TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( alg ), alg ); - TEST_ASSERT( length <= PSA_MAC_MAX_SIZE ); + mac_algorithm_core(alg, classification_flags, + key_type, key_bits, length); + TEST_EQUAL(PSA_ALG_FULL_LENGTH_MAC(alg), alg); + TEST_ASSERT(length <= PSA_MAC_MAX_SIZE); /* Truncated versions */ - for( n = 1; n <= length; n++ ) - { - psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n ); - mac_algorithm_core( truncated_alg, classification_flags, - key_type, key_bits, n ); - TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( truncated_alg ), alg ); + for (n = 1; n <= length; n++) { + psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC(alg, n); + mac_algorithm_core(truncated_alg, classification_flags, + key_type, key_bits, n); + TEST_EQUAL(PSA_ALG_FULL_LENGTH_MAC(truncated_alg), alg); /* Check that calling PSA_ALG_TRUNCATED_MAC twice gives the length * of the outer truncation (even if the outer length is smaller than * the inner length). */ - TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, 1 ), - PSA_ALG_TRUNCATED_MAC( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length - 1 ), - PSA_ALG_TRUNCATED_MAC( alg, length - 1) ); - TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length ), - PSA_ALG_TRUNCATED_MAC( alg, length ) ); + TEST_EQUAL(PSA_ALG_TRUNCATED_MAC(truncated_alg, 1), + PSA_ALG_TRUNCATED_MAC(alg, 1)); + TEST_EQUAL(PSA_ALG_TRUNCATED_MAC(truncated_alg, length - 1), + PSA_ALG_TRUNCATED_MAC(alg, length - 1)); + TEST_EQUAL(PSA_ALG_TRUNCATED_MAC(truncated_alg, length), + PSA_ALG_TRUNCATED_MAC(alg, length)); /* Check that calling PSA_ALG_TRUNCATED_MAC on an algorithm * earlier constructed with PSA_ALG_AT_LEAST_THIS_LENGTH_MAC gives the * length of the outer truncation (even if the outer length is smaller * than the inner length). */ - TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( truncated_alg, n ), 1 ), - PSA_ALG_TRUNCATED_MAC( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( truncated_alg, n ), length - 1 ), - PSA_ALG_TRUNCATED_MAC( alg, length - 1) ); - TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( truncated_alg, n ), length ), - PSA_ALG_TRUNCATED_MAC( alg, length ) ); + TEST_EQUAL(PSA_ALG_TRUNCATED_MAC( + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(truncated_alg, n), 1), + PSA_ALG_TRUNCATED_MAC(alg, 1)); + TEST_EQUAL(PSA_ALG_TRUNCATED_MAC( + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(truncated_alg, n), length - 1), + PSA_ALG_TRUNCATED_MAC(alg, length - 1)); + TEST_EQUAL(PSA_ALG_TRUNCATED_MAC( + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(truncated_alg, n), length), + PSA_ALG_TRUNCATED_MAC(alg, length)); } /* At-leat-this-length versions */ - for( n = 1; n <= length; n++ ) - { - psa_algorithm_t policy_alg = PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, n ); - mac_algorithm_core( policy_alg, classification_flags | ALG_IS_WILDCARD, - key_type, key_bits, n ); - TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( policy_alg ), alg ); + for (n = 1; n <= length; n++) { + psa_algorithm_t policy_alg = PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, n); + mac_algorithm_core(policy_alg, classification_flags | ALG_IS_WILDCARD, + key_type, key_bits, n); + TEST_EQUAL(PSA_ALG_FULL_LENGTH_MAC(policy_alg), alg); /* Check that calling PSA_ALG_AT_LEAST_THIS_LENGTH_MAC twice gives the * length of the outer truncation (even if the outer length is smaller * than the inner length). */ - TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( policy_alg, 1 ), - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( policy_alg, length - 1 ), - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, length - 1) ); - TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( policy_alg, length ), - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, length ) ); + TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(policy_alg, 1), + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, 1)); + TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(policy_alg, length - 1), + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, length - 1)); + TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(policy_alg, length), + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, length)); /* Check that calling PSA_ALG_AT_LEAST_THIS_LENGTH_MAC on an algorithm * earlier constructed with PSA_ALG_TRUNCATED_MAC gives the length of * the outer truncation (even if the outer length is smaller than the * inner length). */ - TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( - PSA_ALG_TRUNCATED_MAC( policy_alg, n ), 1), - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( - PSA_ALG_TRUNCATED_MAC( policy_alg, n ), length - 1 ), - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, length - 1) ); - TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( - PSA_ALG_TRUNCATED_MAC( policy_alg, n ), length ), - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, length ) ); + TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( + PSA_ALG_TRUNCATED_MAC(policy_alg, n), 1), + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, 1)); + TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( + PSA_ALG_TRUNCATED_MAC(policy_alg, n), length - 1), + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, length - 1)); + TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( + PSA_ALG_TRUNCATED_MAC(policy_alg, n), length), + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, length)); } } /* END_CASE */ /* BEGIN_CASE */ -void hmac_algorithm( int alg_arg, - int length_arg, - int block_size_arg ) +void hmac_algorithm(int alg_arg, + int length_arg, + int block_size_arg) { psa_algorithm_t alg = alg_arg; - psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg ); + psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH(alg); size_t block_size = block_size_arg; size_t length = length_arg; size_t n; - TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) ); - TEST_EQUAL( PSA_ALG_HMAC( hash_alg ), alg ); + TEST_ASSERT(PSA_ALG_IS_HASH(hash_alg)); + TEST_EQUAL(PSA_ALG_HMAC(hash_alg), alg); - TEST_ASSERT( block_size == PSA_HASH_BLOCK_LENGTH( alg ) ); - TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE ); + TEST_ASSERT(block_size == PSA_HASH_BLOCK_LENGTH(alg)); + TEST_ASSERT(block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE); - test_mac_algorithm( alg_arg, ALG_IS_HMAC, length, - PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length ) ); + test_mac_algorithm(alg_arg, ALG_IS_HMAC, length, + PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS(length)); - for( n = 1; n <= length; n++ ) - { - psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n ); - TEST_EQUAL( PSA_ALG_HMAC_GET_HASH( truncated_alg ), hash_alg ); + for (n = 1; n <= length; n++) { + psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC(alg, n); + TEST_EQUAL(PSA_ALG_HMAC_GET_HASH(truncated_alg), hash_alg); } } /* END_CASE */ /* BEGIN_CASE */ -void cipher_algorithm( int alg_arg, int classification_flags ) +void cipher_algorithm(int alg_arg, int classification_flags) { psa_algorithm_t alg = alg_arg; /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); } /* END_CASE */ /* BEGIN_CASE */ -void aead_algorithm( int alg_arg, int classification_flags, - int tag_length_arg, - int key_type_arg, int key_bits_arg ) +void aead_algorithm(int alg_arg, int classification_flags, + int tag_length_arg, + int key_type_arg, int key_bits_arg) { psa_algorithm_t alg = alg_arg; size_t tag_length = tag_length_arg; @@ -423,102 +420,101 @@ void aead_algorithm( int alg_arg, int classification_flags, psa_key_type_t key_type = key_type_arg; size_t key_bits = key_bits_arg; - aead_algorithm_core( alg, classification_flags, - key_type, key_bits, tag_length ); + aead_algorithm_core(alg, classification_flags, + key_type, key_bits, tag_length); /* Truncated versions */ - for( n = 1; n <= tag_length; n++ ) - { - psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, n ); - aead_algorithm_core( truncated_alg, classification_flags, - key_type, key_bits, n ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( truncated_alg ), - alg ); + for (n = 1; n <= tag_length; n++) { + psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, n); + aead_algorithm_core(truncated_alg, classification_flags, + key_type, key_bits, n); + TEST_EQUAL(PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(truncated_alg), + alg); /* Check that calling PSA_ALG_AEAD_WITH_SHORTENED_TAG twice gives * the length of the outer truncation (even if the outer length is * smaller than the inner length). */ - TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( truncated_alg, 1 ), - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( truncated_alg, tag_length - 1 ), - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, tag_length - 1) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( truncated_alg, tag_length ), - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, tag_length ) ); + TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG(truncated_alg, 1), + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG(truncated_alg, tag_length - 1), + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, tag_length - 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG(truncated_alg, tag_length), + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, tag_length)); /* Check that calling PSA_ALG_AEAD_WITH_SHORTENED_TAG on an algorithm * earlier constructed with PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG * gives the length of the outer truncation (even if the outer length is * smaller than the inner length). */ - TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( truncated_alg, n ), 1 ), - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( truncated_alg, n ), tag_length - 1 ), - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, tag_length - 1) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( truncated_alg, n ), tag_length ), - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, tag_length ) ); + TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG( + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(truncated_alg, n), 1), + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG( + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(truncated_alg, + n), tag_length - 1), + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, tag_length - 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG( + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(truncated_alg, n), tag_length), + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, tag_length)); } /* At-leat-this-length versions */ - for( n = 1; n <= tag_length; n++ ) - { - psa_algorithm_t policy_alg = PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, n ); - aead_algorithm_core( policy_alg, classification_flags | ALG_IS_WILDCARD, - key_type, key_bits, n ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( policy_alg ), - alg ); + for (n = 1; n <= tag_length; n++) { + psa_algorithm_t policy_alg = PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, n); + aead_algorithm_core(policy_alg, classification_flags | ALG_IS_WILDCARD, + key_type, key_bits, n); + TEST_EQUAL(PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(policy_alg), + alg); /* Check that calling PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG twice * gives the length of the outer truncation (even if the outer length is * smaller than the inner length). */ - TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( policy_alg, 1 ), - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( policy_alg, tag_length - 1 ), - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, tag_length - 1) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( policy_alg, tag_length ), - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, tag_length ) ); + TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(policy_alg, 1), + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(policy_alg, tag_length - 1), + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, tag_length - 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(policy_alg, tag_length), + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, tag_length)); /* Check that calling PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG on an * algorithm earlier constructed with PSA_ALG_AEAD_WITH_SHORTENED_TAG * gives the length of the outer truncation (even if the outer length is * smaller than the inner length). */ - TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( - PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, n ), 1), - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( - PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, n ), tag_length - 1 ), - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, tag_length - 1) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( - PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, n ), tag_length ), - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, tag_length ) ); + TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( + PSA_ALG_AEAD_WITH_SHORTENED_TAG(policy_alg, n), 1), + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( + PSA_ALG_AEAD_WITH_SHORTENED_TAG(policy_alg, n), tag_length - 1), + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, tag_length - 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( + PSA_ALG_AEAD_WITH_SHORTENED_TAG(policy_alg, n), tag_length), + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, tag_length)); } } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_signature_algorithm( int alg_arg, int classification_flags ) +void asymmetric_signature_algorithm(int alg_arg, int classification_flags) { psa_algorithm_t alg = alg_arg; /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_signature_wildcard( int alg_arg, int classification_flags ) +void asymmetric_signature_wildcard(int alg_arg, int classification_flags) { classification_flags |= ALG_IS_WILDCARD; classification_flags |= ALG_IS_SIGN_HASH; classification_flags |= ALG_IS_HASH_AND_SIGN; - test_asymmetric_signature_algorithm( alg_arg, classification_flags ); + test_asymmetric_signature_algorithm(alg_arg, classification_flags); /* Any failure of this test function comes from * asymmetric_signature_algorithm. Pacify -Werror=unused-label. */ goto exit; @@ -526,175 +522,173 @@ void asymmetric_signature_wildcard( int alg_arg, int classification_flags ) /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_encryption_algorithm( int alg_arg, int classification_flags ) +void asymmetric_encryption_algorithm(int alg_arg, int classification_flags) { psa_algorithm_t alg = alg_arg; /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); } /* END_CASE */ /* BEGIN_CASE */ -void key_derivation_algorithm( int alg_arg, int classification_flags ) +void key_derivation_algorithm(int alg_arg, int classification_flags) { psa_algorithm_t alg = alg_arg; - psa_algorithm_t ecdh_alg = PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, alg ); - psa_algorithm_t ffdh_alg = PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, alg ); + psa_algorithm_t ecdh_alg = PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, alg); + psa_algorithm_t ffdh_alg = PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, alg); /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); /* Check combinations with key agreements */ - TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( ecdh_alg ) ); - TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( ffdh_alg ) ); - TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( ecdh_alg ), alg ); - TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( ffdh_alg ), alg ); + TEST_ASSERT(PSA_ALG_IS_KEY_AGREEMENT(ecdh_alg)); + TEST_ASSERT(PSA_ALG_IS_KEY_AGREEMENT(ffdh_alg)); + TEST_EQUAL(PSA_ALG_KEY_AGREEMENT_GET_KDF(ecdh_alg), alg); + TEST_EQUAL(PSA_ALG_KEY_AGREEMENT_GET_KDF(ffdh_alg), alg); } /* END_CASE */ /* BEGIN_CASE */ -void key_agreement_algorithm( int alg_arg, int classification_flags, - int ka_alg_arg, int kdf_alg_arg ) +void key_agreement_algorithm(int alg_arg, int classification_flags, + int ka_alg_arg, int kdf_alg_arg) { psa_algorithm_t alg = alg_arg; - psa_algorithm_t actual_ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( alg ); + psa_algorithm_t actual_ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(alg); psa_algorithm_t expected_ka_alg = ka_alg_arg; - psa_algorithm_t actual_kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ); + psa_algorithm_t actual_kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg); psa_algorithm_t expected_kdf_alg = kdf_alg_arg; /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); /* Shared secret derivation properties */ - TEST_EQUAL( actual_ka_alg, expected_ka_alg ); - TEST_EQUAL( actual_kdf_alg, expected_kdf_alg ); + TEST_EQUAL(actual_ka_alg, expected_ka_alg); + TEST_EQUAL(actual_kdf_alg, expected_kdf_alg); } /* END_CASE */ /* BEGIN_CASE */ -void key_type( int type_arg, int classification_flags ) +void key_type(int type_arg, int classification_flags) { psa_key_type_t type = type_arg; - key_type_classification( type, classification_flags ); + key_type_classification(type, classification_flags); /* For asymmetric types, check the corresponding pair/public type */ - if( classification_flags & KEY_TYPE_IS_PUBLIC_KEY ) - { - psa_key_type_t pair_type = PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY( type ); - TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( pair_type ), type ); - key_type_classification( pair_type, - ( classification_flags - & ~KEY_TYPE_IS_PUBLIC_KEY ) - | KEY_TYPE_IS_KEY_PAIR ); - TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ), type ); + if (classification_flags & KEY_TYPE_IS_PUBLIC_KEY) { + psa_key_type_t pair_type = PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type); + TEST_EQUAL(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(pair_type), type); + key_type_classification(pair_type, + (classification_flags + & ~KEY_TYPE_IS_PUBLIC_KEY) + | KEY_TYPE_IS_KEY_PAIR); + TEST_EQUAL(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type), type); } - if( classification_flags & KEY_TYPE_IS_KEY_PAIR ) - { - psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ); - TEST_EQUAL( PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY( public_type ), type ); - key_type_classification( public_type, - ( classification_flags - & ~KEY_TYPE_IS_KEY_PAIR ) - | KEY_TYPE_IS_PUBLIC_KEY ); - TEST_EQUAL( PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY( type ), type ); + if (classification_flags & KEY_TYPE_IS_KEY_PAIR) { + psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type); + TEST_EQUAL(PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(public_type), type); + key_type_classification(public_type, + (classification_flags + & ~KEY_TYPE_IS_KEY_PAIR) + | KEY_TYPE_IS_PUBLIC_KEY); + TEST_EQUAL(PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type), type); } } /* END_CASE */ /* BEGIN_CASE */ -void block_cipher_key_type( int type_arg, int block_size_arg ) +void block_cipher_key_type(int type_arg, int block_size_arg) { psa_key_type_t type = type_arg; size_t block_size = block_size_arg; - test_key_type( type_arg, KEY_TYPE_IS_UNSTRUCTURED ); + test_key_type(type_arg, KEY_TYPE_IS_UNSTRUCTURED); - TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK, - PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); - TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), block_size ); + TEST_EQUAL(type & PSA_KEY_TYPE_CATEGORY_MASK, + PSA_KEY_TYPE_CATEGORY_SYMMETRIC); + TEST_EQUAL(PSA_BLOCK_CIPHER_BLOCK_LENGTH(type), block_size); /* Check that the block size is a power of 2. This is required, at least, - for PSA_ROUND_UP_TO_MULTIPLE(block_size, length) in crypto_sizes.h. */ - TEST_ASSERT( ( ( block_size - 1 ) & block_size ) == 0 ); + for PSA_ROUND_UP_TO_MULTIPLE(block_size, length) in crypto_sizes.h. */ + TEST_ASSERT(((block_size - 1) & block_size) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void stream_cipher_key_type( int type_arg ) +void stream_cipher_key_type(int type_arg) { psa_key_type_t type = type_arg; - test_key_type( type_arg, KEY_TYPE_IS_UNSTRUCTURED ); + test_key_type(type_arg, KEY_TYPE_IS_UNSTRUCTURED); - TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK, - PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); - TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), 1 ); + TEST_EQUAL(type & PSA_KEY_TYPE_CATEGORY_MASK, + PSA_KEY_TYPE_CATEGORY_SYMMETRIC); + TEST_EQUAL(PSA_BLOCK_CIPHER_BLOCK_LENGTH(type), 1); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_KEY_TYPE_ECC_PUBLIC_KEY:PSA_KEY_TYPE_ECC_KEY_PAIR */ -void ecc_key_family( int curve_arg ) +void ecc_key_family(int curve_arg) { psa_ecc_family_t curve = curve_arg; - psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); - psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve ); + psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve); + psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve); - TEST_PARITY( curve ); + TEST_PARITY(curve); - test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY ); - test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEY_PAIR ); + test_key_type(public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY); + test_key_type(pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEY_PAIR); - TEST_EQUAL( PSA_KEY_TYPE_ECC_GET_FAMILY( public_type ), curve ); - TEST_EQUAL( PSA_KEY_TYPE_ECC_GET_FAMILY( pair_type ), curve ); + TEST_EQUAL(PSA_KEY_TYPE_ECC_GET_FAMILY(public_type), curve); + TEST_EQUAL(PSA_KEY_TYPE_ECC_GET_FAMILY(pair_type), curve); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_DHM_C */ -void dh_key_family( int group_arg ) +void dh_key_family(int group_arg) { psa_dh_family_t group = group_arg; - psa_key_type_t public_type = PSA_KEY_TYPE_DH_PUBLIC_KEY( group ); - psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEY_PAIR( group ); + psa_key_type_t public_type = PSA_KEY_TYPE_DH_PUBLIC_KEY(group); + psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEY_PAIR(group); - TEST_PARITY( group ); + TEST_PARITY(group); - test_key_type( public_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_PUBLIC_KEY ); - test_key_type( pair_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_KEY_PAIR ); + test_key_type(public_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_PUBLIC_KEY); + test_key_type(pair_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_KEY_PAIR); - TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( public_type ), group ); - TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( pair_type ), group ); + TEST_EQUAL(PSA_KEY_TYPE_DH_GET_FAMILY(public_type), group); + TEST_EQUAL(PSA_KEY_TYPE_DH_GET_FAMILY(pair_type), group); } /* END_CASE */ /* BEGIN_CASE */ -void lifetime( int lifetime_arg, int classification_flags, - int persistence_arg, int location_arg ) +void lifetime(int lifetime_arg, int classification_flags, + int persistence_arg, int location_arg) { psa_key_lifetime_t lifetime = lifetime_arg; psa_key_persistence_t persistence = persistence_arg; @@ -702,12 +696,12 @@ void lifetime( int lifetime_arg, int classification_flags, unsigned flags = classification_flags; unsigned classification_flags_tested = 0; - TEST_CLASSIFICATION_MACRO( 1, KEY_LIFETIME_IS_VOLATILE, lifetime, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_LIFETIME_IS_READ_ONLY, lifetime, flags ); - TEST_EQUAL( classification_flags_tested, - KEY_LIFETIME_FLAG_MASK_PLUS_ONE - 1 ); + TEST_CLASSIFICATION_MACRO(1, KEY_LIFETIME_IS_VOLATILE, lifetime, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_LIFETIME_IS_READ_ONLY, lifetime, flags); + TEST_EQUAL(classification_flags_tested, + KEY_LIFETIME_FLAG_MASK_PLUS_ONE - 1); - TEST_EQUAL( PSA_KEY_LIFETIME_GET_PERSISTENCE( lifetime ), persistence ); - TEST_EQUAL( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ), location ); + TEST_EQUAL(PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime), persistence); + TEST_EQUAL(PSA_KEY_LIFETIME_GET_LOCATION(lifetime), location); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_not_supported.function b/tests/suites/test_suite_psa_crypto_not_supported.function index e3253d84059a..e5e66f482e36 100644 --- a/tests/suites/test_suite_psa_crypto_not_supported.function +++ b/tests/suites/test_suite_psa_crypto_not_supported.function @@ -3,7 +3,7 @@ #include "psa/crypto.h" #include "test/psa_crypto_helpers.h" -#define INVALID_KEY_ID mbedtls_svc_key_id_make( 0, 0xfedcba98 ) +#define INVALID_KEY_ID mbedtls_svc_key_id_make(0, 0xfedcba98) /* END_HEADER */ @@ -13,40 +13,40 @@ */ /* BEGIN_CASE */ -void import_not_supported( int key_type, data_t *key_material ) +void import_not_supported(int key_type, data_t *key_material) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = INVALID_KEY_ID; - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_type( &attributes, key_type ); - TEST_EQUAL( psa_import_key( &attributes, - key_material->x, key_material->len, - &key_id ), - PSA_ERROR_NOT_SUPPORTED ); - TEST_ASSERT( mbedtls_svc_key_id_equal( key_id, MBEDTLS_SVC_KEY_ID_INIT ) ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_type(&attributes, key_type); + TEST_EQUAL(psa_import_key(&attributes, + key_material->x, key_material->len, + &key_id), + PSA_ERROR_NOT_SUPPORTED); + TEST_ASSERT(mbedtls_svc_key_id_equal(key_id, MBEDTLS_SVC_KEY_ID_INIT)); exit: - psa_destroy_key( key_id ); - PSA_DONE( ); + psa_destroy_key(key_id); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void generate_not_supported( int key_type, int bits ) +void generate_not_supported(int key_type, int bits) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = INVALID_KEY_ID; - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_type( &attributes, key_type ); - psa_set_key_bits( &attributes, bits ); - TEST_EQUAL( psa_generate_key( &attributes, &key_id ), - PSA_ERROR_NOT_SUPPORTED ); - TEST_ASSERT( mbedtls_svc_key_id_equal( key_id, MBEDTLS_SVC_KEY_ID_INIT ) ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_type(&attributes, key_type); + psa_set_key_bits(&attributes, bits); + TEST_EQUAL(psa_generate_key(&attributes, &key_id), + PSA_ERROR_NOT_SUPPORTED); + TEST_ASSERT(mbedtls_svc_key_id_equal(key_id, MBEDTLS_SVC_KEY_ID_INIT)); exit: - psa_destroy_key( key_id ); - PSA_DONE( ); + psa_destroy_key(key_id); + PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_op_fail.function b/tests/suites/test_suite_psa_crypto_op_fail.function index 1138e7484624..0d5d53890fce 100644 --- a/tests/suites/test_suite_psa_crypto_op_fail.function +++ b/tests/suites/test_suite_psa_crypto_op_fail.function @@ -3,19 +3,18 @@ #include "psa/crypto.h" #include "test/psa_crypto_helpers.h" -static int test_equal_status( const char *test, - int line_no, const char* filename, - psa_status_t value1, - psa_status_t value2 ) +static int test_equal_status(const char *test, + int line_no, const char *filename, + psa_status_t value1, + psa_status_t value2) { - if( ( value1 == PSA_ERROR_INVALID_ARGUMENT && - value2 == PSA_ERROR_NOT_SUPPORTED ) || - ( value1 == PSA_ERROR_NOT_SUPPORTED && - value2 == PSA_ERROR_INVALID_ARGUMENT ) ) - { - return( 1 ); + if ((value1 == PSA_ERROR_INVALID_ARGUMENT && + value2 == PSA_ERROR_NOT_SUPPORTED) || + (value1 == PSA_ERROR_NOT_SUPPORTED && + value2 == PSA_ERROR_INVALID_ARGUMENT)) { + return 1; } - return( mbedtls_test_equal( test, line_no, filename, value1, value2 ) ); + return mbedtls_test_equal(test, line_no, filename, value1, value2); } /** Like #TEST_EQUAL, but expects #psa_status_t values and treats @@ -28,12 +27,12 @@ static int test_equal_status( const char *test, * run, it would be better to clarify the expectations and reconcile the * library and the test case generator. */ -#define TEST_STATUS( expr1, expr2 ) \ +#define TEST_STATUS(expr1, expr2) \ do { \ - if( ! test_equal_status( #expr1 " == " #expr2, __LINE__, __FILE__, \ - expr1, expr2 ) ) \ - goto exit; \ - } while( 0 ) + if (!test_equal_status( #expr1 " == " #expr2, __LINE__, __FILE__, \ + expr1, expr2)) \ + goto exit; \ + } while (0) /* END_HEADER */ @@ -43,35 +42,35 @@ static int test_equal_status( const char *test, */ /* BEGIN_CASE */ -void hash_fail( int alg_arg, int expected_status_arg ) +void hash_fail(int alg_arg, int expected_status_arg) { psa_status_t expected_status = expected_status_arg; psa_algorithm_t alg = alg_arg; psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - uint8_t input[1] = {'A'}; - uint8_t output[PSA_HASH_MAX_SIZE] = {0}; + uint8_t input[1] = { 'A' }; + uint8_t output[PSA_HASH_MAX_SIZE] = { 0 }; size_t length = SIZE_MAX; - PSA_INIT( ); + PSA_INIT(); - TEST_EQUAL( expected_status, - psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( expected_status, - psa_hash_compute( alg, input, sizeof( input ), - output, sizeof( output ), &length ) ); - TEST_EQUAL( expected_status, - psa_hash_compare( alg, input, sizeof( input ), - output, sizeof( output ) ) ); + TEST_EQUAL(expected_status, + psa_hash_setup(&operation, alg)); + TEST_EQUAL(expected_status, + psa_hash_compute(alg, input, sizeof(input), + output, sizeof(output), &length)); + TEST_EQUAL(expected_status, + psa_hash_compare(alg, input, sizeof(input), + output, sizeof(output))); exit: - psa_hash_abort( &operation ); - PSA_DONE( ); + psa_hash_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void mac_fail( int key_type_arg, data_t *key_data, - int alg_arg, int expected_status_arg ) +void mac_fail(int key_type_arg, data_t *key_data, + int alg_arg, int expected_status_arg) { psa_status_t expected_status = expected_status_arg; psa_key_type_t key_type = key_type_arg; @@ -79,45 +78,45 @@ void mac_fail( int key_type_arg, data_t *key_data, psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; - uint8_t input[1] = {'A'}; - uint8_t output[PSA_MAC_MAX_SIZE] = {0}; + uint8_t input[1] = { 'A' }; + uint8_t output[PSA_MAC_MAX_SIZE] = { 0 }; size_t length = SIZE_MAX; - PSA_INIT( ); - - psa_set_key_type( &attributes, key_type ); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_SIGN_HASH | - PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - PSA_ASSERT( psa_import_key( &attributes, - key_data->x, key_data->len, - &key_id ) ); - - TEST_STATUS( expected_status, - psa_mac_sign_setup( &operation, key_id, alg ) ); - TEST_STATUS( expected_status, - psa_mac_verify_setup( &operation, key_id, alg ) ); - TEST_STATUS( expected_status, - psa_mac_compute( key_id, alg, - input, sizeof( input ), - output, sizeof( output ), &length ) ); - TEST_STATUS( expected_status, - psa_mac_verify( key_id, alg, - input, sizeof( input ), - output, sizeof( output ) ) ); + PSA_INIT(); + + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_import_key(&attributes, + key_data->x, key_data->len, + &key_id)); + + TEST_STATUS(expected_status, + psa_mac_sign_setup(&operation, key_id, alg)); + TEST_STATUS(expected_status, + psa_mac_verify_setup(&operation, key_id, alg)); + TEST_STATUS(expected_status, + psa_mac_compute(key_id, alg, + input, sizeof(input), + output, sizeof(output), &length)); + TEST_STATUS(expected_status, + psa_mac_verify(key_id, alg, + input, sizeof(input), + output, sizeof(output))); exit: - psa_mac_abort( &operation ); - psa_destroy_key( key_id ); - psa_reset_key_attributes( &attributes ); - PSA_DONE( ); + psa_mac_abort(&operation); + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_fail( int key_type_arg, data_t *key_data, - int alg_arg, int expected_status_arg ) +void cipher_fail(int key_type_arg, data_t *key_data, + int alg_arg, int expected_status_arg) { psa_status_t expected_status = expected_status_arg; psa_key_type_t key_type = key_type_arg; @@ -125,45 +124,45 @@ void cipher_fail( int key_type_arg, data_t *key_data, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; - uint8_t input[1] = {'A'}; - uint8_t output[64] = {0}; + uint8_t input[1] = { 'A' }; + uint8_t output[64] = { 0 }; size_t length = SIZE_MAX; - PSA_INIT( ); - - psa_set_key_type( &attributes, key_type ); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_ENCRYPT | - PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - PSA_ASSERT( psa_import_key( &attributes, - key_data->x, key_data->len, - &key_id ) ); - - TEST_STATUS( expected_status, - psa_cipher_encrypt_setup( &operation, key_id, alg ) ); - TEST_STATUS( expected_status, - psa_cipher_decrypt_setup( &operation, key_id, alg ) ); - TEST_STATUS( expected_status, - psa_cipher_encrypt( key_id, alg, - input, sizeof( input ), - output, sizeof( output ), &length ) ); - TEST_STATUS( expected_status, - psa_cipher_decrypt( key_id, alg, - input, sizeof( input ), - output, sizeof( output ), &length ) ); + PSA_INIT(); + + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_import_key(&attributes, + key_data->x, key_data->len, + &key_id)); + + TEST_STATUS(expected_status, + psa_cipher_encrypt_setup(&operation, key_id, alg)); + TEST_STATUS(expected_status, + psa_cipher_decrypt_setup(&operation, key_id, alg)); + TEST_STATUS(expected_status, + psa_cipher_encrypt(key_id, alg, + input, sizeof(input), + output, sizeof(output), &length)); + TEST_STATUS(expected_status, + psa_cipher_decrypt(key_id, alg, + input, sizeof(input), + output, sizeof(output), &length)); exit: - psa_cipher_abort( &operation ); - psa_destroy_key( key_id ); - psa_reset_key_attributes( &attributes ); - PSA_DONE( ); + psa_cipher_abort(&operation); + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_fail( int key_type_arg, data_t *key_data, - int alg_arg, int expected_status_arg ) +void aead_fail(int key_type_arg, data_t *key_data, + int alg_arg, int expected_status_arg) { psa_status_t expected_status = expected_status_arg; psa_key_type_t key_type = key_type_arg; @@ -171,214 +170,212 @@ void aead_fail( int key_type_arg, data_t *key_data, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; uint8_t input[16] = "ABCDEFGHIJKLMNO"; - uint8_t output[64] = {0}; + uint8_t output[64] = { 0 }; size_t length = SIZE_MAX; - PSA_INIT( ); - - psa_set_key_type( &attributes, key_type ); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_ENCRYPT | - PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - PSA_ASSERT( psa_import_key( &attributes, - key_data->x, key_data->len, - &key_id ) ); - - TEST_STATUS( expected_status, - psa_aead_encrypt( key_id, alg, - input, sizeof( input ), - NULL, 0, input, sizeof( input ), - output, sizeof( output ), &length ) ); - TEST_STATUS( expected_status, - psa_aead_decrypt( key_id, alg, - input, sizeof( input ), - NULL, 0, input, sizeof( input ), - output, sizeof( output ), &length ) ); + PSA_INIT(); + + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_import_key(&attributes, + key_data->x, key_data->len, + &key_id)); + + TEST_STATUS(expected_status, + psa_aead_encrypt(key_id, alg, + input, sizeof(input), + NULL, 0, input, sizeof(input), + output, sizeof(output), &length)); + TEST_STATUS(expected_status, + psa_aead_decrypt(key_id, alg, + input, sizeof(input), + NULL, 0, input, sizeof(input), + output, sizeof(output), &length)); exit: - psa_destroy_key( key_id ); - psa_reset_key_attributes( &attributes ); - PSA_DONE( ); + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_fail( int key_type_arg, data_t *key_data, - int alg_arg, int private_only, - int expected_status_arg ) +void sign_fail(int key_type_arg, data_t *key_data, + int alg_arg, int private_only, + int expected_status_arg) { psa_status_t expected_status = expected_status_arg; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; - uint8_t input[1] = {'A'}; - uint8_t output[PSA_SIGNATURE_MAX_SIZE] = {0}; + uint8_t input[1] = { 'A' }; + uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 }; size_t length = SIZE_MAX; - PSA_INIT( ); - - psa_set_key_type( &attributes, key_type ); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_SIGN_HASH | - PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - PSA_ASSERT( psa_import_key( &attributes, - key_data->x, key_data->len, - &key_id ) ); - - TEST_STATUS( expected_status, - psa_sign_hash( key_id, alg, - input, sizeof( input ), - output, sizeof( output ), &length ) ); - if( ! private_only ) - { + PSA_INIT(); + + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_import_key(&attributes, + key_data->x, key_data->len, + &key_id)); + + TEST_STATUS(expected_status, + psa_sign_hash(key_id, alg, + input, sizeof(input), + output, sizeof(output), &length)); + if (!private_only) { /* Determine a plausible signature size to avoid an INVALID_SIGNATURE * error based on this. */ - PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); - size_t key_bits = psa_get_key_bits( &attributes ); - size_t output_length = sizeof( output ); - if( PSA_KEY_TYPE_IS_RSA( key_type ) ) - output_length = PSA_BITS_TO_BYTES( key_bits ); - else if( PSA_KEY_TYPE_IS_ECC( key_type ) ) - output_length = 2 * PSA_BITS_TO_BYTES( key_bits ); - TEST_ASSERT( output_length <= sizeof( output ) ); - TEST_STATUS( expected_status, - psa_verify_hash( key_id, alg, - input, sizeof( input ), - output, output_length ) ); + PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); + size_t key_bits = psa_get_key_bits(&attributes); + size_t output_length = sizeof(output); + if (PSA_KEY_TYPE_IS_RSA(key_type)) { + output_length = PSA_BITS_TO_BYTES(key_bits); + } else if (PSA_KEY_TYPE_IS_ECC(key_type)) { + output_length = 2 * PSA_BITS_TO_BYTES(key_bits); + } + TEST_ASSERT(output_length <= sizeof(output)); + TEST_STATUS(expected_status, + psa_verify_hash(key_id, alg, + input, sizeof(input), + output, output_length)); } exit: - psa_destroy_key( key_id ); - psa_reset_key_attributes( &attributes ); - PSA_DONE( ); + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_encryption_fail( int key_type_arg, data_t *key_data, - int alg_arg, int private_only, - int expected_status_arg ) +void asymmetric_encryption_fail(int key_type_arg, data_t *key_data, + int alg_arg, int private_only, + int expected_status_arg) { psa_status_t expected_status = expected_status_arg; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; - uint8_t plaintext[PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE] = {0}; - uint8_t ciphertext[PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE] = {0}; + uint8_t plaintext[PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE] = { 0 }; + uint8_t ciphertext[PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE] = { 0 }; size_t length = SIZE_MAX; - PSA_INIT( ); - - psa_set_key_type( &attributes, key_type ); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_ENCRYPT | - PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - PSA_ASSERT( psa_import_key( &attributes, - key_data->x, key_data->len, - &key_id ) ); - - if( ! private_only ) - { - TEST_STATUS( expected_status, - psa_asymmetric_encrypt( key_id, alg, - plaintext, 1, - NULL, 0, - ciphertext, sizeof( ciphertext ), - &length ) ); + PSA_INIT(); + + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_import_key(&attributes, + key_data->x, key_data->len, + &key_id)); + + if (!private_only) { + TEST_STATUS(expected_status, + psa_asymmetric_encrypt(key_id, alg, + plaintext, 1, + NULL, 0, + ciphertext, sizeof(ciphertext), + &length)); } - TEST_STATUS( expected_status, - psa_asymmetric_decrypt( key_id, alg, - ciphertext, sizeof( ciphertext ), - NULL, 0, - plaintext, sizeof( plaintext ), - &length ) ); + TEST_STATUS(expected_status, + psa_asymmetric_decrypt(key_id, alg, + ciphertext, sizeof(ciphertext), + NULL, 0, + plaintext, sizeof(plaintext), + &length)); exit: - psa_destroy_key( key_id ); - psa_reset_key_attributes( &attributes ); - PSA_DONE( ); + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_derivation_fail( int alg_arg, int expected_status_arg ) +void key_derivation_fail(int alg_arg, int expected_status_arg) { psa_status_t expected_status = expected_status_arg; psa_algorithm_t alg = alg_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - PSA_INIT( ); + PSA_INIT(); - TEST_EQUAL( expected_status, - psa_key_derivation_setup( &operation, alg ) ); + TEST_EQUAL(expected_status, + psa_key_derivation_setup(&operation, alg)); exit: - psa_key_derivation_abort( &operation ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_agreement_fail( int key_type_arg, data_t *key_data, - int alg_arg, int private_only, - int expected_status_arg ) +void key_agreement_fail(int key_type_arg, data_t *key_data, + int alg_arg, int private_only, + int expected_status_arg) { psa_status_t expected_status = expected_status_arg; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; - uint8_t public_key[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE] = {0}; + uint8_t public_key[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE] = { 0 }; size_t public_key_length = SIZE_MAX; - uint8_t output[PSA_SIGNATURE_MAX_SIZE] = {0}; + uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 }; size_t length = SIZE_MAX; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - PSA_INIT( ); - - psa_set_key_type( &attributes, key_type ); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - PSA_ASSERT( psa_import_key( &attributes, - key_data->x, key_data->len, - &key_id ) ); - if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) || - PSA_KEY_TYPE_IS_PUBLIC_KEY( key_type ) ) - { - PSA_ASSERT( psa_export_public_key( key_id, - public_key, sizeof( public_key ), - &public_key_length ) ); + PSA_INIT(); + + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_import_key(&attributes, + key_data->x, key_data->len, + &key_id)); + if (PSA_KEY_TYPE_IS_KEY_PAIR(key_type) || + PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) { + PSA_ASSERT(psa_export_public_key(key_id, + public_key, sizeof(public_key), + &public_key_length)); } - TEST_STATUS( expected_status, - psa_raw_key_agreement( alg, key_id, - public_key, public_key_length, - output, sizeof( output ), &length ) ); + TEST_STATUS(expected_status, + psa_raw_key_agreement(alg, key_id, + public_key, public_key_length, + output, sizeof(output), &length)); #if defined(PSA_WANT_ALG_HKDF) && defined(PSA_WANT_ALG_SHA_256) - PSA_ASSERT( psa_key_derivation_setup( &operation, - PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ) ); - TEST_STATUS( expected_status, - psa_key_derivation_key_agreement( - &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - key_id, - public_key, public_key_length ) ); + PSA_ASSERT(psa_key_derivation_setup(&operation, + PSA_ALG_HKDF(PSA_ALG_SHA_256))); + TEST_STATUS(expected_status, + psa_key_derivation_key_agreement( + &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key_id, + public_key, public_key_length)); #endif /* There are no public-key operations. */ (void) private_only; exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( key_id ); - psa_reset_key_attributes( &attributes ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 08db34aa4f91..db99d7993da9 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -20,7 +20,7 @@ #include "mbedtls/md.h" #define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY" -#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ( sizeof( PSA_KEY_STORAGE_MAGIC_HEADER ) ) +#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH (sizeof(PSA_KEY_STORAGE_MAGIC_HEADER)) /* Enforce the storage format for keys. The storage format is not a public * documented interface, but it must be preserved between versions so that @@ -29,9 +29,9 @@ typedef struct { uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH]; uint8_t version[4]; - uint8_t lifetime[sizeof( psa_key_lifetime_t )]; + uint8_t lifetime[sizeof(psa_key_lifetime_t)]; uint8_t type[4]; - uint8_t policy[sizeof( psa_key_policy_t )]; + uint8_t policy[sizeof(psa_key_policy_t)]; uint8_t data_len[4]; uint8_t key_data[]; } psa_persistent_key_storage_format; @@ -44,223 +44,222 @@ typedef struct { */ /* BEGIN_CASE */ -void format_storage_data_check( data_t *key_data, - data_t *expected_file_data, - int key_lifetime, int key_type, int key_bits, - int key_usage, int key_alg, int key_alg2 ) +void format_storage_data_check(data_t *key_data, + data_t *expected_file_data, + int key_lifetime, int key_type, int key_bits, + int key_usage, int key_alg, int key_alg2) { uint8_t *file_data = NULL; size_t file_data_length = - key_data->len + sizeof( psa_persistent_key_storage_format ); + key_data->len + sizeof(psa_persistent_key_storage_format); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_lifetime( &attributes, key_lifetime ); - psa_set_key_type( &attributes, key_type ); - psa_set_key_bits( &attributes, key_bits ); - psa_set_key_usage_flags( &attributes, key_usage ); - psa_set_key_algorithm( &attributes, key_alg ); - psa_set_key_enrollment_algorithm( &attributes, key_alg2 ); + psa_set_key_lifetime(&attributes, key_lifetime); + psa_set_key_type(&attributes, key_type); + psa_set_key_bits(&attributes, key_bits); + psa_set_key_usage_flags(&attributes, key_usage); + psa_set_key_algorithm(&attributes, key_alg); + psa_set_key_enrollment_algorithm(&attributes, key_alg2); - ASSERT_ALLOC( file_data, file_data_length ); - psa_format_key_data_for_storage( key_data->x, key_data->len, - &attributes.core, - file_data ); + ASSERT_ALLOC(file_data, file_data_length); + psa_format_key_data_for_storage(key_data->x, key_data->len, + &attributes.core, + file_data); - ASSERT_COMPARE( expected_file_data->x, expected_file_data->len, - file_data, file_data_length ); + ASSERT_COMPARE(expected_file_data->x, expected_file_data->len, + file_data, file_data_length); exit: - mbedtls_free( file_data ); + mbedtls_free(file_data); } /* END_CASE */ /* BEGIN_CASE */ -void parse_storage_data_check( data_t *file_data, - data_t *expected_key_data, - int expected_key_lifetime, - int expected_key_type, - int expected_key_bits, - int expected_key_usage, - int expected_key_alg, - int expected_key_alg2, - int expected_status ) +void parse_storage_data_check(data_t *file_data, + data_t *expected_key_data, + int expected_key_lifetime, + int expected_key_type, + int expected_key_bits, + int expected_key_usage, + int expected_key_alg, + int expected_key_alg2, + int expected_status) { uint8_t *key_data = NULL; size_t key_data_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; - status = psa_parse_key_data_from_storage( file_data->x, file_data->len, - &key_data, &key_data_length, - &attributes.core ); + status = psa_parse_key_data_from_storage(file_data->x, file_data->len, + &key_data, &key_data_length, + &attributes.core); - TEST_EQUAL( status, expected_status ); - if( status != PSA_SUCCESS ) + TEST_EQUAL(status, expected_status); + if (status != PSA_SUCCESS) { goto exit; + } - TEST_EQUAL( psa_get_key_lifetime( &attributes ), - (psa_key_type_t) expected_key_lifetime ); - TEST_EQUAL( psa_get_key_type( &attributes ), - (psa_key_type_t) expected_key_type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), - (psa_key_bits_t) expected_key_bits ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - (uint32_t) expected_key_usage ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), - (uint32_t) expected_key_alg ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), - (uint32_t) expected_key_alg2 ); - ASSERT_COMPARE( expected_key_data->x, expected_key_data->len, - key_data, key_data_length ); + TEST_EQUAL(psa_get_key_lifetime(&attributes), + (psa_key_type_t) expected_key_lifetime); + TEST_EQUAL(psa_get_key_type(&attributes), + (psa_key_type_t) expected_key_type); + TEST_EQUAL(psa_get_key_bits(&attributes), + (psa_key_bits_t) expected_key_bits); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), + (uint32_t) expected_key_usage); + TEST_EQUAL(psa_get_key_algorithm(&attributes), + (uint32_t) expected_key_alg); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), + (uint32_t) expected_key_alg2); + ASSERT_COMPARE(expected_key_data->x, expected_key_data->len, + key_data, key_data_length); exit: - mbedtls_free( key_data ); + mbedtls_free(key_data); } /* END_CASE */ /* BEGIN_CASE */ -void save_large_persistent_key( int data_length_arg, int expected_status ) +void save_large_persistent_key(int data_length_arg, int expected_status) { - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, 42); uint8_t *data = NULL; size_t data_length = data_length_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC( data, data_length ); + ASSERT_ALLOC(data, data_length); - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); - TEST_EQUAL( psa_import_key( &attributes, data, data_length, &key_id ), - expected_status ); + TEST_EQUAL(psa_import_key(&attributes, data, data_length, &key_id), + expected_status); - if( expected_status == PSA_SUCCESS ) - PSA_ASSERT( psa_destroy_key( key_id ) ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(psa_destroy_key(key_id)); + } exit: - mbedtls_free( data ); + mbedtls_free(data); PSA_DONE(); - psa_destroy_persistent_key( key_id ); + psa_destroy_persistent_key(key_id); } /* END_CASE */ /* BEGIN_CASE */ -void persistent_key_destroy( int owner_id_arg, int key_id_arg, int restart, - int first_type_arg, data_t *first_data, - int second_type_arg, data_t *second_data ) +void persistent_key_destroy(int owner_id_arg, int key_id_arg, int restart, + int first_type_arg, data_t *first_data, + int second_type_arg, data_t *second_data) { mbedtls_svc_key_id_t key_id = - mbedtls_svc_key_id_make( owner_id_arg, key_id_arg ); + mbedtls_svc_key_id_make(owner_id_arg, key_id_arg); mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t first_type = (psa_key_type_t) first_type_arg; psa_key_type_t second_type = (psa_key_type_t) second_type_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, first_type ); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, first_type); - PSA_ASSERT( psa_import_key( &attributes, first_data->x, first_data->len, - &returned_key_id ) ); + PSA_ASSERT(psa_import_key(&attributes, first_data->x, first_data->len, + &returned_key_id)); - if( restart ) - { - psa_close_key( key_id ); + if (restart) { + psa_close_key(key_id); PSA_DONE(); - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); } - TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 ); + TEST_EQUAL(psa_is_key_present_in_storage(key_id), 1); /* Destroy the key */ - PSA_ASSERT( psa_destroy_key( key_id ) ); + PSA_ASSERT(psa_destroy_key(key_id)); /* Check key slot storage is removed */ - TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); + TEST_EQUAL(psa_is_key_present_in_storage(key_id), 0); /* Shutdown and restart */ PSA_DONE(); - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); /* Create another key in the same slot */ - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, second_type ); - PSA_ASSERT( psa_import_key( &attributes, second_data->x, second_data->len, - &returned_key_id ) ); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, second_type); + PSA_ASSERT(psa_import_key(&attributes, second_data->x, second_data->len, + &returned_key_id)); - PSA_ASSERT( psa_destroy_key( key_id ) ); + PSA_ASSERT(psa_destroy_key(key_id)); exit: PSA_DONE(); - psa_destroy_persistent_key( key_id ); + psa_destroy_persistent_key(key_id); } /* END_CASE */ /* BEGIN_CASE */ -void persistent_key_import( int owner_id_arg, int key_id_arg, int type_arg, - data_t *data, int restart, int expected_status ) +void persistent_key_import(int owner_id_arg, int key_id_arg, int type_arg, + data_t *data, int restart, int expected_status) { mbedtls_svc_key_id_t key_id = - mbedtls_svc_key_id_make( owner_id_arg, key_id_arg ); + mbedtls_svc_key_id_make(owner_id_arg, key_id_arg); mbedtls_svc_key_id_t returned_key_id; psa_key_type_t type = (psa_key_type_t) type_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, type ); - TEST_EQUAL( psa_import_key( &attributes, data->x, data->len, &returned_key_id ), - expected_status ); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, type); + TEST_EQUAL(psa_import_key(&attributes, data->x, data->len, &returned_key_id), + expected_status); - if( expected_status != PSA_SUCCESS ) - { - TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_key_id ) ); - TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); + if (expected_status != PSA_SUCCESS) { + TEST_ASSERT(mbedtls_svc_key_id_is_null(returned_key_id)); + TEST_EQUAL(psa_is_key_present_in_storage(key_id), 0); goto exit; } - TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key_id ) ); + TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, key_id)); - if( restart ) - { - PSA_ASSERT( psa_purge_key( key_id ) ); + if (restart) { + PSA_ASSERT(psa_purge_key(key_id)); PSA_DONE(); - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); } - psa_reset_key_attributes( &attributes ); - PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ), - key_id ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), - PSA_KEY_LIFETIME_PERSISTENT ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); + psa_reset_key_attributes(&attributes); + PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal(psa_get_key_id(&attributes), + key_id)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), + PSA_KEY_LIFETIME_PERSISTENT); + TEST_EQUAL(psa_get_key_type(&attributes), type); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); - PSA_ASSERT( psa_destroy_key( key_id ) ); + PSA_ASSERT(psa_destroy_key(key_id)); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_persistent_key( key_id ); + psa_destroy_persistent_key(key_id); PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void import_export_persistent_key( data_t *data, int type_arg, - int expected_bits, - int restart, int key_not_exist ) +void import_export_persistent_key(data_t *data, int type_arg, + int expected_bits, + int restart, int key_not_exist) { - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, 42); psa_key_type_t type = (psa_key_type_t) type_arg; mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT; unsigned char *exported = NULL; @@ -268,78 +267,76 @@ void import_export_persistent_key( data_t *data, int type_arg, size_t exported_length; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC( exported, export_size ); + ASSERT_ALLOC(exported, export_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, type ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, type); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, - &returned_key_id ) ); + PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, + &returned_key_id)); - if( restart ) - { - PSA_ASSERT( psa_purge_key( key_id ) ); + if (restart) { + PSA_ASSERT(psa_purge_key(key_id)); PSA_DONE(); - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); } /* Test the key information */ - psa_reset_key_attributes( &attributes ); - PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), key_id ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), - PSA_KEY_LIFETIME_PERSISTENT ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), (size_t) expected_bits ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), PSA_KEY_USAGE_EXPORT ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - - TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 ); - - if( key_not_exist ) - { - psa_destroy_persistent_key( key_id ); + psa_reset_key_attributes(&attributes); + PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), key_id)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), + PSA_KEY_LIFETIME_PERSISTENT); + TEST_EQUAL(psa_get_key_type(&attributes), type); + TEST_EQUAL(psa_get_key_bits(&attributes), (size_t) expected_bits); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), PSA_KEY_USAGE_EXPORT); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); + + TEST_EQUAL(psa_is_key_present_in_storage(key_id), 1); + + if (key_not_exist) { + psa_destroy_persistent_key(key_id); } /* Export the key */ - PSA_ASSERT( psa_export_key( key_id, exported, export_size, - &exported_length ) ); + PSA_ASSERT(psa_export_key(key_id, exported, export_size, + &exported_length)); - ASSERT_COMPARE( data->x, data->len, exported, exported_length ); + ASSERT_COMPARE(data->x, data->len, exported, exported_length); /* Destroy the key */ - PSA_ASSERT( psa_destroy_key( key_id ) ); - TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); + PSA_ASSERT(psa_destroy_key(key_id)); + TEST_EQUAL(psa_is_key_present_in_storage(key_id), 0); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( exported ); - PSA_DONE( ); - psa_destroy_persistent_key( key_id ); + mbedtls_free(exported); + PSA_DONE(); + psa_destroy_persistent_key(key_id); } /* END_CASE */ /* BEGIN_CASE */ -void destroy_nonexistent( int id_arg, int expected_status_arg ) +void destroy_nonexistent(int id_arg, int expected_status_arg) { - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, id_arg); psa_status_t expected_status = expected_status_arg; - PSA_INIT( ); + PSA_INIT(); - TEST_EQUAL( expected_status, psa_destroy_key( id ) ); + TEST_EQUAL(expected_status, psa_destroy_key(id)); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index c96b9884563c..aeced5479851 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -24,16 +24,16 @@ /** The location and lifetime used for tests that use a single driver. */ #define TEST_DRIVER_LOCATION 1 #define TEST_SE_PERSISTENT_LIFETIME \ - ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ - PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION ) ) + (PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ + PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION)) #define TEST_SE_VOLATILE_LIFETIME \ - ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ - PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ) ) + (PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ + PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION)) /** The driver detected a condition that shouldn't happen. * This is probably a bug in the library. */ -#define PSA_ERROR_DETECTED_BY_DRIVER ((psa_status_t)( -500 )) +#define PSA_ERROR_DETECTED_BY_DRIVER ((psa_status_t) (-500)) /** Like #TEST_ASSERT for use in a driver method, with no cleanup. * @@ -41,14 +41,14 @@ * * Use this macro to assert on guarantees provided by the core. */ -#define DRIVER_ASSERT_RETURN( TEST ) \ +#define DRIVER_ASSERT_RETURN(TEST) \ do { \ - if( ! (TEST) ) \ - { \ - mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \ - return( PSA_ERROR_DETECTED_BY_DRIVER ); \ - } \ - } while( 0 ) + if (!(TEST)) \ + { \ + mbedtls_test_fail( #TEST, __LINE__, __FILE__); \ + return PSA_ERROR_DETECTED_BY_DRIVER; \ + } \ + } while (0) /** Like #TEST_ASSERT for use in a driver method, with cleanup. * @@ -57,15 +57,15 @@ * * Use this macro to assert on guarantees provided by the core. */ -#define DRIVER_ASSERT( TEST ) \ +#define DRIVER_ASSERT(TEST) \ do { \ - if( ! (TEST) ) \ - { \ - mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \ - status = PSA_ERROR_DETECTED_BY_DRIVER; \ - goto exit; \ - } \ - } while( 0 ) + if (!(TEST)) \ + { \ + mbedtls_test_fail( #TEST, __LINE__, __FILE__); \ + status = PSA_ERROR_DETECTED_BY_DRIVER; \ + goto exit; \ + } \ + } while (0) /** Like #PSA_ASSERT for a PSA API call that calls a driver underneath. * @@ -78,17 +78,17 @@ * case, the test driver code is expected to have called mbedtls_test_fail() * already, so we make sure not to overwrite the failure information. */ -#define PSA_ASSERT_VIA_DRIVER( expr, expected_status ) \ +#define PSA_ASSERT_VIA_DRIVER(expr, expected_status) \ do { \ - psa_status_t PSA_ASSERT_VIA_DRIVER_status = ( expr ); \ - if( PSA_ASSERT_VIA_DRIVER_status == PSA_ERROR_DETECTED_BY_DRIVER ) \ - goto exit; \ - if( PSA_ASSERT_VIA_DRIVER_status != ( expected_status ) ) \ + psa_status_t PSA_ASSERT_VIA_DRIVER_status = (expr); \ + if (PSA_ASSERT_VIA_DRIVER_status == PSA_ERROR_DETECTED_BY_DRIVER) \ + goto exit; \ + if (PSA_ASSERT_VIA_DRIVER_status != (expected_status)) \ { \ - mbedtls_test_fail( #expr, __LINE__, __FILE__ ); \ + mbedtls_test_fail( #expr, __LINE__, __FILE__); \ goto exit; \ } \ - } while( 0 ) + } while (0) @@ -97,20 +97,21 @@ /****************************************************************/ /* Return the exact bit size given a curve family and a byte length. */ -static size_t ecc_curve_bits( psa_ecc_family_t curve, size_t data_length ) +static size_t ecc_curve_bits(psa_ecc_family_t curve, size_t data_length) { - switch( curve ) - { + switch (curve) { case PSA_ECC_FAMILY_SECP_R1: - if( data_length == PSA_BYTES_TO_BITS( 521 ) ) - return( 521 ); + if (data_length == PSA_BYTES_TO_BITS(521)) { + return 521; + } break; case PSA_ECC_FAMILY_MONTGOMERY: - if( data_length == PSA_BYTES_TO_BITS( 255 ) ) - return( 255 ); + if (data_length == PSA_BYTES_TO_BITS(255)) { + return 255; + } } /* If not listed above, assume a multiple of 8 bits. */ - return( PSA_BYTES_TO_BITS( data_length ) ); + return PSA_BYTES_TO_BITS(data_length); } @@ -118,8 +119,7 @@ static size_t ecc_curve_bits( psa_ecc_family_t curve, size_t data_length ) /* Miscellaneous driver methods */ /****************************************************************/ -typedef struct -{ +typedef struct { psa_key_slot_number_t slot_number; psa_key_creation_method_t method; psa_status_t status; @@ -132,50 +132,52 @@ static psa_status_t validate_slot_number_as_directed( void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, - psa_key_slot_number_t slot_number ) + psa_key_slot_number_t slot_number) { (void) context; (void) persistent_data; (void) attributes; - DRIVER_ASSERT_RETURN( slot_number == - validate_slot_number_directions.slot_number ); - DRIVER_ASSERT_RETURN( method == - validate_slot_number_directions.method ); - return( validate_slot_number_directions.status ); + DRIVER_ASSERT_RETURN(slot_number == + validate_slot_number_directions.slot_number); + DRIVER_ASSERT_RETURN(method == + validate_slot_number_directions.method); + return validate_slot_number_directions.status; } /* Allocate slot numbers with a monotonic counter. */ static psa_key_slot_number_t shadow_counter; -static void counter_reset( void ) +static void counter_reset(void) { shadow_counter = 0; } -static psa_status_t counter_allocate( psa_drv_se_context_t *context, - void *persistent_data, - const psa_key_attributes_t *attributes, - psa_key_creation_method_t method, - psa_key_slot_number_t *slot_number ) +static psa_status_t counter_allocate(psa_drv_se_context_t *context, + void *persistent_data, + const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, + psa_key_slot_number_t *slot_number) { psa_key_slot_number_t *p_counter = persistent_data; (void) attributes; (void) method; - if( context->persistent_data_size != sizeof( psa_key_slot_number_t ) ) - return( PSA_ERROR_DETECTED_BY_DRIVER ); + if (context->persistent_data_size != sizeof(psa_key_slot_number_t)) { + return PSA_ERROR_DETECTED_BY_DRIVER; + } ++*p_counter; - if( *p_counter == 0 ) - return( PSA_ERROR_INSUFFICIENT_STORAGE ); + if (*p_counter == 0) { + return PSA_ERROR_INSUFFICIENT_STORAGE; + } shadow_counter = *p_counter; *slot_number = *p_counter; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /* Null import: do nothing, but pretend it worked. */ -static psa_status_t null_import( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - const psa_key_attributes_t *attributes, - const uint8_t *data, - size_t data_length, - size_t *bits ) +static psa_status_t null_import(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + size_t *bits) { (void) context; (void) slot_number; @@ -183,41 +185,40 @@ static psa_status_t null_import( psa_drv_se_context_t *context, (void) data; /* We're supposed to return a key size. Return one that's correct for * plain data keys. */ - *bits = PSA_BYTES_TO_BITS( data_length ); - return( PSA_SUCCESS ); + *bits = PSA_BYTES_TO_BITS(data_length); + return PSA_SUCCESS; } /* Null generate: do nothing, but pretend it worked. */ -static psa_status_t null_generate( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - const psa_key_attributes_t *attributes, - uint8_t *pubkey, - size_t pubkey_size, - size_t *pubkey_length ) +static psa_status_t null_generate(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + uint8_t *pubkey, + size_t pubkey_size, + size_t *pubkey_length) { (void) context; (void) slot_number; (void) attributes; - DRIVER_ASSERT_RETURN( *pubkey_length == 0 ); - if( ! PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) - { - DRIVER_ASSERT_RETURN( pubkey == NULL ); - DRIVER_ASSERT_RETURN( pubkey_size == 0 ); + DRIVER_ASSERT_RETURN(*pubkey_length == 0); + if (!PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) { + DRIVER_ASSERT_RETURN(pubkey == NULL); + DRIVER_ASSERT_RETURN(pubkey_size == 0); } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /* Null destroy: do nothing, but pretend it worked. */ -static psa_status_t null_destroy( psa_drv_se_context_t *context, - void *persistent_data, - psa_key_slot_number_t slot_number ) +static psa_status_t null_destroy(psa_drv_se_context_t *context, + void *persistent_data, + psa_key_slot_number_t slot_number) { (void) context; (void) persistent_data; (void) slot_number; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } @@ -227,8 +228,7 @@ static psa_status_t null_destroy( psa_drv_se_context_t *context, /****************************************************************/ #define RAM_MAX_KEY_SIZE 64 -typedef struct -{ +typedef struct { psa_key_lifetime_t lifetime; psa_key_type_t type; size_t bits; @@ -244,9 +244,9 @@ static ram_slot_usage_t ram_shadow_slot_usage; static uint8_t ram_min_slot = 0; -static void ram_slots_reset( void ) +static void ram_slots_reset(void) { - memset( ram_slots, 0, sizeof( ram_slots ) ); + memset(ram_slots, 0, sizeof(ram_slots)); ram_min_slot = 0; ram_shadow_slot_usage = 0; } @@ -259,168 +259,165 @@ static void ram_slots_reset( void ) * in the test case function's cleanup code) and it might be wrong * (if slot_number is invalid). */ -static psa_status_t ram_create_common( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - const psa_key_attributes_t *attributes, - size_t required_storage ) +static psa_status_t ram_create_common(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + size_t required_storage) { (void) context; - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); + DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots)); - ram_slots[slot_number].lifetime = psa_get_key_lifetime( attributes ); - ram_slots[slot_number].type = psa_get_key_type( attributes ); - ram_slots[slot_number].bits = psa_get_key_bits( attributes ); + ram_slots[slot_number].lifetime = psa_get_key_lifetime(attributes); + ram_slots[slot_number].type = psa_get_key_type(attributes); + ram_slots[slot_number].bits = psa_get_key_bits(attributes); - if( required_storage > sizeof( ram_slots[slot_number].content ) ) - { - memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); - return( PSA_ERROR_INSUFFICIENT_STORAGE ); + if (required_storage > sizeof(ram_slots[slot_number].content)) { + memset(&ram_slots[slot_number], 0, sizeof(ram_slots[slot_number])); + return PSA_ERROR_INSUFFICIENT_STORAGE; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /* This function does everything except actually generating key material. * After calling it, you must copy the desired key material to * ram_slots[slot_number].content. */ -static psa_status_t ram_fake_generate( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - const psa_key_attributes_t *attributes, - uint8_t *pubkey, - size_t pubkey_size, - size_t *pubkey_length ) +static psa_status_t ram_fake_generate(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + uint8_t *pubkey, + size_t pubkey_size, + size_t *pubkey_length) { psa_status_t status; size_t required_storage = - PSA_EXPORT_KEY_OUTPUT_SIZE( psa_get_key_type( attributes ), - psa_get_key_bits( attributes ) ); + PSA_EXPORT_KEY_OUTPUT_SIZE(psa_get_key_type(attributes), + psa_get_key_bits(attributes)); - DRIVER_ASSERT_RETURN( *pubkey_length == 0 ); - if( ! PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) - { - DRIVER_ASSERT_RETURN( pubkey == NULL ); - DRIVER_ASSERT_RETURN( pubkey_size == 0 ); + DRIVER_ASSERT_RETURN(*pubkey_length == 0); + if (!PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) { + DRIVER_ASSERT_RETURN(pubkey == NULL); + DRIVER_ASSERT_RETURN(pubkey_size == 0); } - status = ram_create_common( context, slot_number, attributes, - required_storage ); - return( status ); + status = ram_create_common(context, slot_number, attributes, + required_storage); + return status; } -static psa_status_t ram_import( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - const psa_key_attributes_t *attributes, - const uint8_t *data, - size_t data_length, - size_t *bits ) +static psa_status_t ram_import(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + size_t *bits) { - psa_key_type_t type = psa_get_key_type( attributes ); - psa_status_t status = ram_create_common( context, slot_number, attributes, - data_length ); - if( status != PSA_SUCCESS ) - return( status ); + psa_key_type_t type = psa_get_key_type(attributes); + psa_status_t status = ram_create_common(context, slot_number, attributes, + data_length); + if (status != PSA_SUCCESS) { + return status; + } /* The RAM driver only works for certain key types: raw keys, * and ECC key pairs. This is true in particular of the bit-size * calculation here. */ - if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) - *bits = PSA_BYTES_TO_BITS( data_length ); - else if ( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) - { - *bits = ecc_curve_bits( PSA_KEY_TYPE_ECC_GET_FAMILY( type ), data_length ); - if( *bits == 0 ) - return( PSA_ERROR_DETECTED_BY_DRIVER ); - } - else - { - memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); - return( PSA_ERROR_NOT_SUPPORTED ); + if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) { + *bits = PSA_BYTES_TO_BITS(data_length); + } else if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { + *bits = ecc_curve_bits(PSA_KEY_TYPE_ECC_GET_FAMILY(type), data_length); + if (*bits == 0) { + return PSA_ERROR_DETECTED_BY_DRIVER; + } + } else { + memset(&ram_slots[slot_number], 0, sizeof(ram_slots[slot_number])); + return PSA_ERROR_NOT_SUPPORTED; } ram_slots[slot_number].bits = *bits; - memcpy( ram_slots[slot_number].content, data, data_length ); + memcpy(ram_slots[slot_number].content, data, data_length); - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t ram_export( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - uint8_t *data, - size_t data_size, - size_t *data_length ) +static psa_status_t ram_export(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *data, + size_t data_size, + size_t *data_length) { size_t actual_size; (void) context; - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); - actual_size = PSA_BITS_TO_BYTES( ram_slots[slot_number].bits ); - if( actual_size > data_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots)); + actual_size = PSA_BITS_TO_BYTES(ram_slots[slot_number].bits); + if (actual_size > data_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } *data_length = actual_size; - memcpy( data, ram_slots[slot_number].content, actual_size ); - return( PSA_SUCCESS ); + memcpy(data, ram_slots[slot_number].content, actual_size); + return PSA_SUCCESS; } -static psa_status_t ram_export_public( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - uint8_t *data, - size_t data_size, - size_t *data_length ) +static psa_status_t ram_export_public(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *data, + size_t data_size, + size_t *data_length) { psa_status_t status; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; (void) context; - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); + DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots)); DRIVER_ASSERT_RETURN( - PSA_KEY_TYPE_IS_KEY_PAIR( ram_slots[slot_number].type ) ); - - psa_set_key_type( &attributes, ram_slots[slot_number].type ); - status = psa_import_key( &attributes, - ram_slots[slot_number].content, - PSA_BITS_TO_BYTES( ram_slots[slot_number].bits ), - &key ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_export_public_key( key, data, data_size, data_length ); - psa_destroy_key( key ); - return( PSA_SUCCESS ); + PSA_KEY_TYPE_IS_KEY_PAIR(ram_slots[slot_number].type)); + + psa_set_key_type(&attributes, ram_slots[slot_number].type); + status = psa_import_key(&attributes, + ram_slots[slot_number].content, + PSA_BITS_TO_BYTES(ram_slots[slot_number].bits), + &key); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_export_public_key(key, data, data_size, data_length); + psa_destroy_key(key); + return PSA_SUCCESS; } -static psa_status_t ram_destroy( psa_drv_se_context_t *context, - void *persistent_data, - psa_key_slot_number_t slot_number ) +static psa_status_t ram_destroy(psa_drv_se_context_t *context, + void *persistent_data, + psa_key_slot_number_t slot_number) { ram_slot_usage_t *slot_usage = persistent_data; - DRIVER_ASSERT_RETURN( context->persistent_data_size == sizeof( ram_slot_usage_t ) ); - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); - memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); - *slot_usage &= ~(ram_slot_usage_t)( 1 << slot_number ); + DRIVER_ASSERT_RETURN(context->persistent_data_size == sizeof(ram_slot_usage_t)); + DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots)); + memset(&ram_slots[slot_number], 0, sizeof(ram_slots[slot_number])); + *slot_usage &= ~(ram_slot_usage_t) (1 << slot_number); ram_shadow_slot_usage = *slot_usage; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t ram_allocate( psa_drv_se_context_t *context, - void *persistent_data, - const psa_key_attributes_t *attributes, - psa_key_creation_method_t method, - psa_key_slot_number_t *slot_number ) +static psa_status_t ram_allocate(psa_drv_se_context_t *context, + void *persistent_data, + const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, + psa_key_slot_number_t *slot_number) { ram_slot_usage_t *slot_usage = persistent_data; (void) attributes; (void) method; - DRIVER_ASSERT_RETURN( context->persistent_data_size == sizeof( ram_slot_usage_t ) ); - for( *slot_number = ram_min_slot; - *slot_number < ARRAY_LENGTH( ram_slots ); - ++( *slot_number ) ) - { - if( ! ( *slot_usage & 1 << *slot_number ) ) - { + DRIVER_ASSERT_RETURN(context->persistent_data_size == sizeof(ram_slot_usage_t)); + for (*slot_number = ram_min_slot; + *slot_number < ARRAY_LENGTH(ram_slots); + ++(*slot_number)) { + if (!(*slot_usage & 1 << *slot_number)) { ram_shadow_slot_usage = *slot_usage; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } } - return( PSA_ERROR_INSUFFICIENT_STORAGE ); + return PSA_ERROR_INSUFFICIENT_STORAGE; } static psa_status_t ram_validate_slot_number( @@ -428,25 +425,26 @@ static psa_status_t ram_validate_slot_number( void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, - psa_key_slot_number_t slot_number ) + psa_key_slot_number_t slot_number) { (void) context; (void) persistent_data; (void) attributes; (void) method; - if( slot_number >= ARRAY_LENGTH( ram_slots ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - return( PSA_SUCCESS ); + if (slot_number >= ARRAY_LENGTH(ram_slots)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + return PSA_SUCCESS; } -static psa_status_t ram_sign( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length ) +static psa_status_t ram_sign(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) { ram_slot_t *slot; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -454,32 +452,32 @@ static psa_status_t ram_sign( psa_drv_se_context_t *context, psa_status_t status = PSA_ERROR_GENERIC_ERROR; (void) context; - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); + DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots)); slot = &ram_slots[slot_number]; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, slot->type ); - DRIVER_ASSERT( psa_import_key( &attributes, - slot->content, - PSA_BITS_TO_BYTES( slot->bits ), - &key ) == PSA_SUCCESS ); - status = psa_sign_hash( key, alg, - hash, hash_length, - signature, signature_size, signature_length ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, slot->type); + DRIVER_ASSERT(psa_import_key(&attributes, + slot->content, + PSA_BITS_TO_BYTES(slot->bits), + &key) == PSA_SUCCESS); + status = psa_sign_hash(key, alg, + hash, hash_length, + signature, signature_size, signature_length); exit: - psa_destroy_key( key ); - return( status ); + psa_destroy_key(key); + return status; } -static psa_status_t ram_verify( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *signature, - size_t signature_length ) +static psa_status_t ram_verify(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) { ram_slot_t *slot; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -487,24 +485,24 @@ static psa_status_t ram_verify( psa_drv_se_context_t *context, psa_status_t status = PSA_ERROR_GENERIC_ERROR; (void) context; - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); + DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots)); slot = &ram_slots[slot_number]; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, slot->type ); - DRIVER_ASSERT( psa_import_key( &attributes, - slot->content, - PSA_BITS_TO_BYTES( slot->bits ), - &key ) == - PSA_SUCCESS ); - status = psa_verify_hash( key, alg, - hash, hash_length, - signature, signature_length ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, slot->type); + DRIVER_ASSERT(psa_import_key(&attributes, + slot->content, + PSA_BITS_TO_BYTES(slot->bits), + &key) == + PSA_SUCCESS); + status = psa_verify_hash(key, alg, + hash, hash_length, + signature, signature_length); exit: - psa_destroy_key( key ); - return( status ); + psa_destroy_key(key); + return status; } @@ -512,8 +510,7 @@ exit: /* Other test helper functions */ /****************************************************************/ -typedef enum -{ +typedef enum { SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION, SIGN_IN_DRIVER_AND_PARALLEL_CREATION, SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC, @@ -523,54 +520,49 @@ typedef enum * are consistent with the attributes used when creating the key. */ static int check_key_attributes( mbedtls_svc_key_id_t key, - const psa_key_attributes_t *reference_attributes ) + const psa_key_attributes_t *reference_attributes) { int ok = 0; psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_attributes( key, &actual_attributes ) ); - - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &actual_attributes ), - psa_get_key_id( reference_attributes ) ) ); - TEST_EQUAL( psa_get_key_lifetime( &actual_attributes ), - psa_get_key_lifetime( reference_attributes ) ); - TEST_EQUAL( psa_get_key_type( &actual_attributes ), - psa_get_key_type( reference_attributes ) ); - TEST_EQUAL( psa_get_key_usage_flags( &actual_attributes ), - psa_get_key_usage_flags( reference_attributes ) ); - TEST_EQUAL( psa_get_key_algorithm( &actual_attributes ), - psa_get_key_algorithm( reference_attributes ) ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( &actual_attributes ), - psa_get_key_enrollment_algorithm( reference_attributes ) ); - if( psa_get_key_bits( reference_attributes ) != 0 ) - { - TEST_EQUAL( psa_get_key_bits( &actual_attributes ), - psa_get_key_bits( reference_attributes ) ); + PSA_ASSERT(psa_get_key_attributes(key, &actual_attributes)); + + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&actual_attributes), + psa_get_key_id(reference_attributes))); + TEST_EQUAL(psa_get_key_lifetime(&actual_attributes), + psa_get_key_lifetime(reference_attributes)); + TEST_EQUAL(psa_get_key_type(&actual_attributes), + psa_get_key_type(reference_attributes)); + TEST_EQUAL(psa_get_key_usage_flags(&actual_attributes), + psa_get_key_usage_flags(reference_attributes)); + TEST_EQUAL(psa_get_key_algorithm(&actual_attributes), + psa_get_key_algorithm(reference_attributes)); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&actual_attributes), + psa_get_key_enrollment_algorithm(reference_attributes)); + if (psa_get_key_bits(reference_attributes) != 0) { + TEST_EQUAL(psa_get_key_bits(&actual_attributes), + psa_get_key_bits(reference_attributes)); } { psa_key_slot_number_t actual_slot_number = 0xdeadbeef; psa_key_slot_number_t desired_slot_number = 0xb90cc011; psa_key_lifetime_t lifetime = - psa_get_key_lifetime( &actual_attributes ); - psa_status_t status = psa_get_key_slot_number( &actual_attributes, - &actual_slot_number ); - if( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) < MIN_DRIVER_LOCATION ) - { + psa_get_key_lifetime(&actual_attributes); + psa_status_t status = psa_get_key_slot_number(&actual_attributes, + &actual_slot_number); + if (PSA_KEY_LIFETIME_GET_LOCATION(lifetime) < MIN_DRIVER_LOCATION) { /* The key is not in a secure element. */ - TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT ); - } - else - { + TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT); + } else { /* The key is in a secure element. If it had been created * in a specific slot, check that it is reported there. */ - PSA_ASSERT( status ); - status = psa_get_key_slot_number( reference_attributes, - &desired_slot_number ); - if( status == PSA_SUCCESS ) - { - TEST_EQUAL( desired_slot_number, actual_slot_number ); + PSA_ASSERT(status); + status = psa_get_key_slot_number(reference_attributes, + &desired_slot_number); + if (status == PSA_SUCCESS) { + TEST_EQUAL(desired_slot_number, actual_slot_number); } } } @@ -581,64 +573,64 @@ exit: * Actual key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &actual_attributes ); + psa_reset_key_attributes(&actual_attributes); - return( ok ); + return ok; } /* Get the file UID corresponding to the specified location. * If this changes, the storage format version must change. * See psa_get_se_driver_its_file_uid() in psa_crypto_se.c. */ -psa_storage_uid_t file_uid_for_location( psa_key_location_t location ) +psa_storage_uid_t file_uid_for_location(psa_key_location_t location) { - if( location > PSA_MAX_SE_LOCATION ) - return( 0 ); - return( 0xfffffe00 + location ); + if (location > PSA_MAX_SE_LOCATION) { + return 0; + } + return 0xfffffe00 + location; } /* Check that the persistent data of a driver has its expected content. */ -static int check_persistent_data( psa_key_location_t location, - const void *expected_data, - size_t size ) +static int check_persistent_data(psa_key_location_t location, + const void *expected_data, + size_t size) { - psa_storage_uid_t uid = file_uid_for_location( location ); + psa_storage_uid_t uid = file_uid_for_location(location); struct psa_storage_info_t info; uint8_t *loaded = NULL; int ok = 0; - PSA_ASSERT( psa_its_get_info( uid, &info ) ); - ASSERT_ALLOC( loaded, info.size ); - PSA_ASSERT( psa_its_get( uid, 0, info.size, loaded, NULL ) ); - ASSERT_COMPARE( expected_data, size, loaded, info.size ); + PSA_ASSERT(psa_its_get_info(uid, &info)); + ASSERT_ALLOC(loaded, info.size); + PSA_ASSERT(psa_its_get(uid, 0, info.size, loaded, NULL)); + ASSERT_COMPARE(expected_data, size, loaded, info.size); ok = 1; exit: - mbedtls_free( loaded ); - return( ok ); + mbedtls_free(loaded); + return ok; } /* Check that no persistent data exists for the given location. */ -static int check_no_persistent_data( psa_key_location_t location ) +static int check_no_persistent_data(psa_key_location_t location) { - psa_storage_uid_t uid = file_uid_for_location( location ); + psa_storage_uid_t uid = file_uid_for_location(location); struct psa_storage_info_t info; int ok = 0; - TEST_EQUAL( psa_its_get_info( uid, &info ), PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL(psa_its_get_info(uid, &info), PSA_ERROR_DOES_NOT_EXIST); ok = 1; exit: - return( ok ); + return ok; } /* Check that a function's return status is "smoke-free", i.e. that * it's an acceptable error code when calling an API function that operates * on a key with potentially bogus parameters. */ -static int is_status_smoke_free( psa_status_t status ) +static int is_status_smoke_free(psa_status_t status) { - switch( status ) - { + switch (status) { case PSA_SUCCESS: case PSA_ERROR_NOT_SUPPORTED: case PSA_ERROR_NOT_PERMITTED: @@ -646,19 +638,19 @@ static int is_status_smoke_free( psa_status_t status ) case PSA_ERROR_INVALID_ARGUMENT: case PSA_ERROR_INVALID_SIGNATURE: case PSA_ERROR_INVALID_PADDING: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } -#define SMOKE_ASSERT( expr ) \ - TEST_ASSERT( is_status_smoke_free( expr ) ) +#define SMOKE_ASSERT(expr) \ + TEST_ASSERT(is_status_smoke_free(expr)) /* Smoke test a key. There are mostly no wrong answers here since we pass * mostly bogus parameters: the goal is to ensure that there is no memory * corruption or crash. This test function is most useful when run under * an environment with sanity checks such as ASan or MSan. */ -static int smoke_test_key( mbedtls_svc_key_id_t key ) +static int smoke_test_key(mbedtls_svc_key_id_t key) { int ok = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -672,88 +664,88 @@ static int smoke_test_key( mbedtls_svc_key_id_t key ) size_t length; mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT; - SMOKE_ASSERT( psa_get_key_attributes( key, &attributes ) ); - - SMOKE_ASSERT( psa_export_key( key, - buffer, sizeof( buffer ), &length ) ); - SMOKE_ASSERT( psa_export_public_key( key, - buffer, sizeof( buffer ), &length ) ); - - SMOKE_ASSERT( psa_copy_key( key, &attributes, &key2 ) ); - if( ! mbedtls_svc_key_id_is_null( key2 ) ) - PSA_ASSERT( psa_destroy_key( key2 ) ); - - SMOKE_ASSERT( psa_mac_sign_setup( &mac_operation, key, PSA_ALG_CMAC ) ); - PSA_ASSERT( psa_mac_abort( &mac_operation ) ); - SMOKE_ASSERT( psa_mac_verify_setup( &mac_operation, key, - PSA_ALG_HMAC( PSA_ALG_SHA_256 ) ) ); - PSA_ASSERT( psa_mac_abort( &mac_operation ) ); - - SMOKE_ASSERT( psa_cipher_encrypt_setup( &cipher_operation, key, - PSA_ALG_CTR ) ); - PSA_ASSERT( psa_cipher_abort( &cipher_operation ) ); - SMOKE_ASSERT( psa_cipher_decrypt_setup( &cipher_operation, key, - PSA_ALG_CTR ) ); - PSA_ASSERT( psa_cipher_abort( &cipher_operation ) ); - - SMOKE_ASSERT( psa_aead_encrypt( key, PSA_ALG_CCM, - buffer, sizeof( buffer ), - NULL, 0, - buffer, sizeof( buffer), - buffer, sizeof( buffer), &length ) ); - SMOKE_ASSERT( psa_aead_decrypt( key, PSA_ALG_CCM, - buffer, sizeof( buffer ), - NULL, 0, - buffer, sizeof( buffer), - buffer, sizeof( buffer), &length ) ); - - SMOKE_ASSERT( psa_sign_hash( key, PSA_ALG_ECDSA_ANY, + SMOKE_ASSERT(psa_get_key_attributes(key, &attributes)); + + SMOKE_ASSERT(psa_export_key(key, + buffer, sizeof(buffer), &length)); + SMOKE_ASSERT(psa_export_public_key(key, + buffer, sizeof(buffer), &length)); + + SMOKE_ASSERT(psa_copy_key(key, &attributes, &key2)); + if (!mbedtls_svc_key_id_is_null(key2)) { + PSA_ASSERT(psa_destroy_key(key2)); + } + + SMOKE_ASSERT(psa_mac_sign_setup(&mac_operation, key, PSA_ALG_CMAC)); + PSA_ASSERT(psa_mac_abort(&mac_operation)); + SMOKE_ASSERT(psa_mac_verify_setup(&mac_operation, key, + PSA_ALG_HMAC(PSA_ALG_SHA_256))); + PSA_ASSERT(psa_mac_abort(&mac_operation)); + + SMOKE_ASSERT(psa_cipher_encrypt_setup(&cipher_operation, key, + PSA_ALG_CTR)); + PSA_ASSERT(psa_cipher_abort(&cipher_operation)); + SMOKE_ASSERT(psa_cipher_decrypt_setup(&cipher_operation, key, + PSA_ALG_CTR)); + PSA_ASSERT(psa_cipher_abort(&cipher_operation)); + + SMOKE_ASSERT(psa_aead_encrypt(key, PSA_ALG_CCM, + buffer, sizeof(buffer), + NULL, 0, + buffer, sizeof(buffer), + buffer, sizeof(buffer), &length)); + SMOKE_ASSERT(psa_aead_decrypt(key, PSA_ALG_CCM, + buffer, sizeof(buffer), + NULL, 0, + buffer, sizeof(buffer), + buffer, sizeof(buffer), &length)); + + SMOKE_ASSERT(psa_sign_hash(key, PSA_ALG_ECDSA_ANY, + buffer, 32, + buffer, sizeof(buffer), &length)); + SMOKE_ASSERT(psa_verify_hash(key, PSA_ALG_ECDSA_ANY, buffer, 32, - buffer, sizeof( buffer ), &length ) ); - SMOKE_ASSERT( psa_verify_hash( key, PSA_ALG_ECDSA_ANY, - buffer, 32, - buffer, sizeof( buffer ) ) ); - - SMOKE_ASSERT( psa_asymmetric_encrypt( key, PSA_ALG_RSA_PKCS1V15_CRYPT, - buffer, 10, NULL, 0, - buffer, sizeof( buffer ), &length ) ); - SMOKE_ASSERT( psa_asymmetric_decrypt( key, PSA_ALG_RSA_PKCS1V15_CRYPT, - buffer, sizeof( buffer ), NULL, 0, - buffer, sizeof( buffer ), &length ) ); + buffer, sizeof(buffer))); + + SMOKE_ASSERT(psa_asymmetric_encrypt(key, PSA_ALG_RSA_PKCS1V15_CRYPT, + buffer, 10, NULL, 0, + buffer, sizeof(buffer), &length)); + SMOKE_ASSERT(psa_asymmetric_decrypt(key, PSA_ALG_RSA_PKCS1V15_CRYPT, + buffer, sizeof(buffer), NULL, 0, + buffer, sizeof(buffer), &length)); #if defined(MBEDTLS_SHA256_C) /* Try the key in a plain key derivation. */ - PSA_ASSERT( psa_key_derivation_setup( &derivation_operation, - PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &derivation_operation, - PSA_KEY_DERIVATION_INPUT_SALT, - NULL, 0 ) ); - SMOKE_ASSERT( psa_key_derivation_input_key( &derivation_operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - key ) ); - PSA_ASSERT( psa_key_derivation_abort( &derivation_operation ) ); + PSA_ASSERT(psa_key_derivation_setup(&derivation_operation, + PSA_ALG_HKDF(PSA_ALG_SHA_256))); + PSA_ASSERT(psa_key_derivation_input_bytes(&derivation_operation, + PSA_KEY_DERIVATION_INPUT_SALT, + NULL, 0)); + SMOKE_ASSERT(psa_key_derivation_input_key(&derivation_operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key)); + PSA_ASSERT(psa_key_derivation_abort(&derivation_operation)); /* If the key is asymmetric, try it in a key agreement, both as * part of a derivation operation and standalone. */ - if( psa_export_public_key( key, buffer, sizeof( buffer ), &length ) == - PSA_SUCCESS ) - { + if (psa_export_public_key(key, buffer, sizeof(buffer), &length) == + PSA_SUCCESS) { psa_algorithm_t alg = - PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, - PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ); - PSA_ASSERT( psa_key_derivation_setup( &derivation_operation, alg ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( - &derivation_operation, PSA_KEY_DERIVATION_INPUT_SALT, - NULL, 0 ) ); - SMOKE_ASSERT( psa_key_derivation_key_agreement( - &derivation_operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - key, buffer, length ) ); - PSA_ASSERT( psa_key_derivation_abort( &derivation_operation ) ); - - SMOKE_ASSERT( psa_raw_key_agreement( - alg, key, buffer, length, - buffer, sizeof( buffer ), &length ) ); + PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, + PSA_ALG_HKDF(PSA_ALG_SHA_256)); + PSA_ASSERT(psa_key_derivation_setup(&derivation_operation, alg)); + PSA_ASSERT(psa_key_derivation_input_bytes( + &derivation_operation, PSA_KEY_DERIVATION_INPUT_SALT, + NULL, 0)); + SMOKE_ASSERT(psa_key_derivation_key_agreement( + &derivation_operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key, buffer, length)); + PSA_ASSERT(psa_key_derivation_abort(&derivation_operation)); + + SMOKE_ASSERT(psa_raw_key_agreement( + alg, key, buffer, length, + buffer, sizeof(buffer), &length)); } #endif /* MBEDTLS_SHA256_C */ @@ -764,22 +756,23 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - return( ok ); + return ok; } -static void psa_purge_storage( void ) +static void psa_purge_storage(void) { /* The generic code in mbedtls_test_psa_purge_key_storage() * (which is called by PSA_DONE()) doesn't take care of things that are * specific to dynamic secure elements. */ psa_key_location_t location; /* Purge the transaction file. */ - psa_crypto_stop_transaction( ); + psa_crypto_stop_transaction(); /* Purge driver persistent data. */ - for( location = 0; location < PSA_MAX_SE_LOCATION; location++ ) - psa_destroy_se_persistent_data( location ); + for (location = 0; location < PSA_MAX_SE_LOCATION; location++) { + psa_destroy_se_persistent_data(location); + } } /* END_HEADER */ @@ -790,205 +783,207 @@ static void psa_purge_storage( void ) */ /* BEGIN_CASE */ -void register_one( int location, int version, int expected_status_arg ) +void register_one(int location, int version, int expected_status_arg) { psa_status_t expected_status = expected_status_arg; psa_drv_se_t driver; - memset( &driver, 0, sizeof( driver ) ); + memset(&driver, 0, sizeof(driver)); driver.hal_version = version; - TEST_EQUAL( psa_register_se_driver( location, &driver ), - expected_status ); + TEST_EQUAL(psa_register_se_driver(location, &driver), + expected_status); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void register_twice( int count ) +void register_twice(int count) { psa_drv_se_t driver; psa_key_location_t location; psa_key_location_t max = MIN_DRIVER_LOCATION + count; - memset( &driver, 0, sizeof( driver ) ); + memset(&driver, 0, sizeof(driver)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; - for( location = MIN_DRIVER_LOCATION; location < max; location++ ) - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - for( location = MIN_DRIVER_LOCATION; location < max; location++ ) - TEST_EQUAL( psa_register_se_driver( location, &driver ), - PSA_ERROR_ALREADY_EXISTS ); + for (location = MIN_DRIVER_LOCATION; location < max; location++) { + PSA_ASSERT(psa_register_se_driver(location, &driver)); + } + for (location = MIN_DRIVER_LOCATION; location < max; location++) { + TEST_EQUAL(psa_register_se_driver(location, &driver), + PSA_ERROR_ALREADY_EXISTS); + } - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void register_max( ) +void register_max() { psa_drv_se_t driver; psa_key_location_t location; psa_key_location_t max = MIN_DRIVER_LOCATION + PSA_MAX_SE_DRIVERS; - memset( &driver, 0, sizeof( driver ) ); + memset(&driver, 0, sizeof(driver)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; - for( location = MIN_DRIVER_LOCATION; location < max; location++ ) - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); + for (location = MIN_DRIVER_LOCATION; location < max; location++) { + PSA_ASSERT(psa_register_se_driver(location, &driver)); + } - TEST_EQUAL( psa_register_se_driver( location, &driver ), - PSA_ERROR_INSUFFICIENT_MEMORY ); + TEST_EQUAL(psa_register_se_driver(location, &driver), + PSA_ERROR_INSUFFICIENT_MEMORY); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_creation_import_export( int lifetime_arg, int min_slot, int restart ) +void key_creation_import_export(int lifetime_arg, int min_slot, int restart) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; - uint8_t exported[sizeof( key_material )]; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; + uint8_t exported[sizeof(key_material)]; size_t exported_length; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; - driver.persistent_data_size = sizeof( ram_slot_usage_t ); + driver.persistent_data_size = sizeof(ram_slot_usage_t); key_management.p_allocate = ram_allocate; key_management.p_import = ram_import; key_management.p_destroy = ram_destroy; key_management.p_export = ram_export; ram_min_slot = min_slot; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); /* Create a key. */ - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) ); - - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + PSA_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id)); + + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { /* For volatile keys, check no persistent data was created */ - if( ! check_no_persistent_data( location ) ) + if (!check_no_persistent_data(location)) { goto exit; - } - else - { + } + } else { /* For persistent keys, check persistent data */ - if( ! check_persistent_data( location, - &ram_shadow_slot_usage, - sizeof( ram_shadow_slot_usage ) ) ) + if (!check_persistent_data(location, + &ram_shadow_slot_usage, + sizeof(ram_shadow_slot_usage))) { goto exit; + } } /* Test that the key was created in the expected slot. */ - TEST_EQUAL( ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA ); + TEST_EQUAL(ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA); /* Maybe restart, to check that the information is saved correctly. */ - if( restart ) - { - mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + if (restart) { + mbedtls_psa_crypto_free(); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { /* Check that the PSA core has no knowledge of the volatile key */ - TEST_ASSERT( psa_open_key( returned_id, &handle ) == - PSA_ERROR_DOES_NOT_EXIST ); + TEST_ASSERT(psa_open_key(returned_id, &handle) == + PSA_ERROR_DOES_NOT_EXIST); /* Drop data from our mockup driver */ ram_slots_reset(); ram_min_slot = min_slot; /* Re-import key */ - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) ); - } - else - { + PSA_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id)); + } else { /* Check the persistent key file */ - if( ! check_persistent_data( location, - &ram_shadow_slot_usage, - sizeof( ram_shadow_slot_usage ) ) ) + if (!check_persistent_data(location, + &ram_shadow_slot_usage, + sizeof(ram_shadow_slot_usage))) { goto exit; + } } } /* Test that the key was created in the expected slot. */ - TEST_EQUAL( ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA ); + TEST_EQUAL(ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA); /* Test the key attributes, including the reported slot number. */ - psa_set_key_bits( &attributes, - PSA_BYTES_TO_BITS( sizeof( key_material ) ) ); - psa_set_key_slot_number( &attributes, min_slot ); + psa_set_key_bits(&attributes, + PSA_BYTES_TO_BITS(sizeof(key_material))); + psa_set_key_slot_number(&attributes, min_slot); - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { attributes.core.id = returned_id; - else - psa_set_key_id( &attributes, returned_id ); + } else { + psa_set_key_id(&attributes, returned_id); + } - if( ! check_key_attributes( returned_id, &attributes ) ) + if (!check_key_attributes(returned_id, &attributes)) { goto exit; + } /* Test the key data. */ - PSA_ASSERT( psa_export_key( returned_id, - exported, sizeof( exported ), - &exported_length ) ); - ASSERT_COMPARE( key_material, sizeof( key_material ), - exported, exported_length ); - - PSA_ASSERT( psa_destroy_key( returned_id ) ); - if( ! check_persistent_data( location, - &ram_shadow_slot_usage, - sizeof( ram_shadow_slot_usage ) ) ) + PSA_ASSERT(psa_export_key(returned_id, + exported, sizeof(exported), + &exported_length)); + ASSERT_COMPARE(key_material, sizeof(key_material), + exported, exported_length); + + PSA_ASSERT(psa_destroy_key(returned_id)); + if (!check_persistent_data(location, + &ram_shadow_slot_usage, + sizeof(ram_shadow_slot_usage))) { goto exit; - TEST_EQUAL( psa_open_key( returned_id, &handle ), - PSA_ERROR_DOES_NOT_EXIST ); + } + TEST_EQUAL(psa_open_key(returned_id, &handle), + PSA_ERROR_DOES_NOT_EXIST); /* Test that the key has been erased from the designated slot. */ - TEST_EQUAL( ram_slots[min_slot].type, 0 ); + TEST_EQUAL(ram_slots[min_slot].type, 0); exit: - PSA_DONE( ); - ram_slots_reset( ); - psa_purge_storage( ); + PSA_DONE(); + ram_slots_reset(); + psa_purge_storage(); } /* END_CASE */ /* BEGIN_CASE */ -void key_creation_in_chosen_slot( int slot_arg, - int restart, - int expected_status_arg ) +void key_creation_in_chosen_slot(int slot_arg, + int restart, + int expected_status_arg) { psa_key_slot_number_t wanted_slot = slot_arg; psa_status_t expected_status = expected_status_arg; @@ -996,200 +991,208 @@ void key_creation_in_chosen_slot( int slot_arg, psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; - driver.persistent_data_size = sizeof( ram_slot_usage_t ); + driver.persistent_data_size = sizeof(ram_slot_usage_t); key_management.p_validate_slot_number = ram_validate_slot_number; key_management.p_import = ram_import; key_management.p_destroy = ram_destroy; key_management.p_export = ram_export; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); /* Create a key. */ - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - psa_set_key_slot_number( &attributes, wanted_slot ); - status = psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ); - TEST_EQUAL( status, expected_status ); - - if( status != PSA_SUCCESS ) + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + psa_set_key_slot_number(&attributes, wanted_slot); + status = psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id); + TEST_EQUAL(status, expected_status); + + if (status != PSA_SUCCESS) { goto exit; - if( ! check_persistent_data( location, - &ram_shadow_slot_usage, - sizeof( ram_shadow_slot_usage ) ) ) + } + if (!check_persistent_data(location, + &ram_shadow_slot_usage, + sizeof(ram_shadow_slot_usage))) { goto exit; + } /* Maybe restart, to check that the information is saved correctly. */ - if( restart ) - { - mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); - if( ! check_persistent_data( location, - &ram_shadow_slot_usage, - sizeof( ram_shadow_slot_usage ) ) ) + if (restart) { + mbedtls_psa_crypto_free(); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); + if (!check_persistent_data(location, + &ram_shadow_slot_usage, + sizeof(ram_shadow_slot_usage))) { goto exit; + } } /* Test that the key was created in the expected slot. */ - TEST_EQUAL( ram_slots[wanted_slot].type, PSA_KEY_TYPE_RAW_DATA ); + TEST_EQUAL(ram_slots[wanted_slot].type, PSA_KEY_TYPE_RAW_DATA); /* Test that the key is reported with the correct attributes, * including the expected slot. */ - PSA_ASSERT( psa_get_key_attributes( id, &attributes ) ); + PSA_ASSERT(psa_get_key_attributes(id, &attributes)); - PSA_ASSERT( psa_destroy_key( id ) ); - if( ! check_persistent_data( location, - &ram_shadow_slot_usage, - sizeof( ram_shadow_slot_usage ) ) ) + PSA_ASSERT(psa_destroy_key(id)); + if (!check_persistent_data(location, + &ram_shadow_slot_usage, + sizeof(ram_shadow_slot_usage))) { goto exit; - TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); + } + TEST_EQUAL(psa_open_key(id, &handle), PSA_ERROR_DOES_NOT_EXIST); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - PSA_DONE( ); - ram_slots_reset( ); - psa_purge_storage( ); + PSA_DONE(); + ram_slots_reset(); + psa_purge_storage(); } /* END_CASE */ /* BEGIN_CASE */ -void import_key_smoke( int type_arg, int alg_arg, - data_t *key_material ) +void import_key_smoke(int type_arg, int alg_arg, + data_t *key_material) { psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; - driver.persistent_data_size = sizeof( psa_key_slot_number_t ); + driver.persistent_data_size = sizeof(psa_key_slot_number_t); key_management.p_allocate = counter_allocate; key_management.p_import = null_import; key_management.p_destroy = null_destroy; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); /* Create a key. */ - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | - PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - PSA_ASSERT( psa_import_key( &attributes, - key_material->x, key_material->len, - &returned_id ) ); - if( ! check_persistent_data( location, - &shadow_counter, sizeof( shadow_counter ) ) ) + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); + PSA_ASSERT(psa_import_key(&attributes, + key_material->x, key_material->len, + &returned_id)); + if (!check_persistent_data(location, + &shadow_counter, sizeof(shadow_counter))) { goto exit; + } /* Do stuff with the key. */ - if( ! smoke_test_key( id ) ) + if (!smoke_test_key(id)) { goto exit; + } /* Restart and try again. */ - mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); - if( ! check_persistent_data( location, - &shadow_counter, sizeof( shadow_counter ) ) ) + mbedtls_psa_crypto_free(); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); + if (!check_persistent_data(location, + &shadow_counter, sizeof(shadow_counter))) { goto exit; - if( ! smoke_test_key( id ) ) + } + if (!smoke_test_key(id)) { goto exit; + } /* We're done. */ - PSA_ASSERT( psa_destroy_key( id ) ); - if( ! check_persistent_data( location, - &shadow_counter, sizeof( shadow_counter ) ) ) + PSA_ASSERT(psa_destroy_key(id)); + if (!check_persistent_data(location, + &shadow_counter, sizeof(shadow_counter))) { goto exit; - TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); + } + TEST_EQUAL(psa_open_key(id, &handle), PSA_ERROR_DOES_NOT_EXIST); exit: - PSA_DONE( ); - counter_reset( ); - psa_purge_storage( ); + PSA_DONE(); + counter_reset(); + psa_purge_storage(); } /* END_CASE */ /* BEGIN_CASE */ -void generate_key_not_supported( int type_arg, int bits_arg ) +void generate_key_not_supported(int type_arg, int bits_arg) { psa_key_type_t type = type_arg; size_t bits = bits_arg; psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; - driver.persistent_data_size = sizeof( psa_key_slot_number_t ); + driver.persistent_data_size = sizeof(psa_key_slot_number_t); key_management.p_allocate = counter_allocate; /* No p_generate method */ - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); - TEST_EQUAL( psa_generate_key( &attributes, &returned_id ), - PSA_ERROR_NOT_SUPPORTED ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); + TEST_EQUAL(psa_generate_key(&attributes, &returned_id), + PSA_ERROR_NOT_SUPPORTED); exit: - PSA_DONE( ); - counter_reset( ); - psa_purge_storage( ); + PSA_DONE(); + counter_reset(); + psa_purge_storage(); } /* END_CASE */ /* BEGIN_CASE */ -void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) +void generate_key_smoke(int type_arg, int bits_arg, int alg_arg) { psa_key_type_t type = type_arg; psa_key_bits_t bits = bits_arg; @@ -1197,88 +1200,93 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; - driver.persistent_data_size = sizeof( psa_key_slot_number_t ); + driver.persistent_data_size = sizeof(psa_key_slot_number_t); key_management.p_allocate = counter_allocate; key_management.p_generate = null_generate; key_management.p_destroy = null_destroy; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); /* Create a key. */ - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | - PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); - PSA_ASSERT( psa_generate_key( &attributes, &returned_id ) ); - if( ! check_persistent_data( location, - &shadow_counter, sizeof( shadow_counter ) ) ) + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); + PSA_ASSERT(psa_generate_key(&attributes, &returned_id)); + if (!check_persistent_data(location, + &shadow_counter, sizeof(shadow_counter))) { goto exit; + } /* Do stuff with the key. */ - if( ! smoke_test_key( id ) ) + if (!smoke_test_key(id)) { goto exit; + } /* Restart and try again. */ - mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); - if( ! check_persistent_data( location, - &shadow_counter, sizeof( shadow_counter ) ) ) + mbedtls_psa_crypto_free(); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); + if (!check_persistent_data(location, + &shadow_counter, sizeof(shadow_counter))) { goto exit; - if( ! smoke_test_key( id ) ) + } + if (!smoke_test_key(id)) { goto exit; + } /* We're done. */ - PSA_ASSERT( psa_destroy_key( id ) ); - if( ! check_persistent_data( location, - &shadow_counter, sizeof( shadow_counter ) ) ) + PSA_ASSERT(psa_destroy_key(id)); + if (!check_persistent_data(location, + &shadow_counter, sizeof(shadow_counter))) { goto exit; - TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); + } + TEST_EQUAL(psa_open_key(id, &handle), PSA_ERROR_DOES_NOT_EXIST); exit: - PSA_DONE( ); - counter_reset( ); - psa_purge_storage( ); + PSA_DONE(); + counter_reset(); + psa_purge_storage(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_verify( int flow, - int type_arg, int alg_arg, - int bits_arg, data_t *key_material, - data_t *input ) +void sign_verify(int flow, + int type_arg, int alg_arg, + int bits_arg, data_t *key_material, + data_t *input) { psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; size_t bits = bits_arg; /* Pass bits=0 to import, bits>0 to fake-generate */ - int generating = ( bits != 0 ); + int generating = (bits != 0); psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_drv_se_asymmetric_t asymmetric; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; mbedtls_svc_key_id_t sw_key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1286,23 +1294,23 @@ void sign_verify( int flow, uint8_t signature[PSA_SIGNATURE_MAX_SIZE]; size_t signature_length; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); - memset( &asymmetric, 0, sizeof( asymmetric ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); + memset(&asymmetric, 0, sizeof(asymmetric)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; driver.asymmetric = &asymmetric; - driver.persistent_data_size = sizeof( ram_slot_usage_t ); + driver.persistent_data_size = sizeof(ram_slot_usage_t); key_management.p_allocate = ram_allocate; key_management.p_destroy = ram_destroy; - if( generating ) + if (generating) { key_management.p_generate = ram_fake_generate; - else + } else { key_management.p_import = ram_import; - switch( flow ) - { + } + switch (flow) { case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION: break; case SIGN_IN_DRIVER_AND_PARALLEL_CREATION: @@ -1313,208 +1321,206 @@ void sign_verify( int flow, key_management.p_export_public = ram_export_public; break; default: - TEST_ASSERT( ! "unsupported flow (should be SIGN_IN_xxx)" ); + TEST_ASSERT(!"unsupported flow (should be SIGN_IN_xxx)"); break; } asymmetric.p_verify = ram_verify; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); /* Prepare to create two keys with the same key material: a transparent * key, and one that goes through the driver. */ - psa_set_key_usage_flags( &sw_attributes, - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &sw_attributes, alg ); - psa_set_key_type( &sw_attributes, type ); + psa_set_key_usage_flags(&sw_attributes, + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&sw_attributes, alg); + psa_set_key_type(&sw_attributes, type); drv_attributes = sw_attributes; - psa_set_key_id( &drv_attributes, id ); - psa_set_key_lifetime( &drv_attributes, lifetime ); + psa_set_key_id(&drv_attributes, id); + psa_set_key_lifetime(&drv_attributes, lifetime); /* Create the key in the driver. */ - if( generating ) - { - psa_set_key_bits( &drv_attributes, bits ); - PSA_ASSERT( psa_generate_key( &drv_attributes, &returned_id ) ); + if (generating) { + psa_set_key_bits(&drv_attributes, bits); + PSA_ASSERT(psa_generate_key(&drv_attributes, &returned_id)); /* Since we called a generate method that does not actually * generate material, store the desired result of generation in * the mock secure element storage. */ - PSA_ASSERT( psa_get_key_attributes( id, &drv_attributes ) ); - TEST_EQUAL( key_material->len, PSA_BITS_TO_BYTES( bits ) ); - memcpy( ram_slots[ram_min_slot].content, key_material->x, - key_material->len ); - } - else - { - PSA_ASSERT( psa_import_key( &drv_attributes, - key_material->x, key_material->len, - &returned_id ) ); + PSA_ASSERT(psa_get_key_attributes(id, &drv_attributes)); + TEST_EQUAL(key_material->len, PSA_BITS_TO_BYTES(bits)); + memcpy(ram_slots[ram_min_slot].content, key_material->x, + key_material->len); + } else { + PSA_ASSERT(psa_import_key(&drv_attributes, + key_material->x, key_material->len, + &returned_id)); } /* Either import the same key in software, or export the driver's * public key and import that. */ - switch( flow ) - { + switch (flow) { case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION: case SIGN_IN_DRIVER_AND_PARALLEL_CREATION: - PSA_ASSERT( psa_import_key( &sw_attributes, - key_material->x, key_material->len, - &sw_key ) ); + PSA_ASSERT(psa_import_key(&sw_attributes, + key_material->x, key_material->len, + &sw_key)); break; case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC: { - uint8_t public_key[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE( PSA_VENDOR_ECC_MAX_CURVE_BITS )]; + uint8_t public_key[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) + ]; size_t public_key_length; - PSA_ASSERT( psa_export_public_key( id, - public_key, sizeof( public_key ), - &public_key_length ) ); - psa_set_key_type( &sw_attributes, - PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ) ); - PSA_ASSERT( psa_import_key( &sw_attributes, - public_key, public_key_length, - &sw_key ) ); + PSA_ASSERT(psa_export_public_key(id, + public_key, sizeof(public_key), + &public_key_length)); + psa_set_key_type(&sw_attributes, + PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type)); + PSA_ASSERT(psa_import_key(&sw_attributes, + public_key, public_key_length, + &sw_key)); break; } } /* Sign with the chosen key. */ - switch( flow ) - { + switch (flow) { case SIGN_IN_DRIVER_AND_PARALLEL_CREATION: case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC: PSA_ASSERT_VIA_DRIVER( - psa_sign_hash( id, alg, - input->x, input->len, - signature, sizeof( signature ), - &signature_length ), - PSA_SUCCESS ); + psa_sign_hash(id, alg, + input->x, input->len, + signature, sizeof(signature), + &signature_length), + PSA_SUCCESS); break; case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION: - PSA_ASSERT( psa_sign_hash( sw_key, alg, - input->x, input->len, - signature, sizeof( signature ), - &signature_length ) ); + PSA_ASSERT(psa_sign_hash(sw_key, alg, + input->x, input->len, + signature, sizeof(signature), + &signature_length)); break; } /* Verify with both keys. */ - PSA_ASSERT( psa_verify_hash( sw_key, alg, - input->x, input->len, - signature, signature_length ) ); + PSA_ASSERT(psa_verify_hash(sw_key, alg, + input->x, input->len, + signature, signature_length)); PSA_ASSERT_VIA_DRIVER( - psa_verify_hash( id, alg, - input->x, input->len, - signature, signature_length ), - PSA_SUCCESS ); + psa_verify_hash(id, alg, + input->x, input->len, + signature, signature_length), + PSA_SUCCESS); /* Change the signature and verify again. */ signature[0] ^= 1; - TEST_EQUAL( psa_verify_hash( sw_key, alg, - input->x, input->len, - signature, signature_length ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_verify_hash(sw_key, alg, + input->x, input->len, + signature, signature_length), + PSA_ERROR_INVALID_SIGNATURE); PSA_ASSERT_VIA_DRIVER( - psa_verify_hash( id, alg, - input->x, input->len, - signature, signature_length ), - PSA_ERROR_INVALID_SIGNATURE ); + psa_verify_hash(id, alg, + input->x, input->len, + signature, signature_length), + PSA_ERROR_INVALID_SIGNATURE); exit: /* * Driver key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &drv_attributes ); + psa_reset_key_attributes(&drv_attributes); - psa_destroy_key( id ); - psa_destroy_key( sw_key ); - PSA_DONE( ); - ram_slots_reset( ); - psa_purge_storage( ); + psa_destroy_key(id); + psa_destroy_key(sw_key); + PSA_DONE(); + ram_slots_reset(); + psa_purge_storage(); } /* END_CASE */ /* BEGIN_CASE */ -void register_key_smoke_test( int lifetime_arg, - int owner_id_arg, - int id_arg, - int validate, - int expected_status_arg ) +void register_key_smoke_test(int lifetime_arg, + int owner_id_arg, + int id_arg, + int validate, + int expected_status_arg) { psa_key_lifetime_t lifetime = lifetime_arg; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); psa_status_t expected_status = expected_status_arg; psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg); psa_key_handle_t handle; size_t bit_size = 48; psa_key_slot_number_t wanted_slot = 0x123456789; psa_status_t status; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); + memset(&driver, 0, sizeof(driver)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; - memset( &key_management, 0, sizeof( key_management ) ); + memset(&key_management, 0, sizeof(key_management)); driver.key_management = &key_management; key_management.p_destroy = null_destroy; - if( validate >= 0 ) - { + if (validate >= 0) { key_management.p_validate_slot_number = validate_slot_number_as_directed; validate_slot_number_directions.slot_number = wanted_slot; validate_slot_number_directions.method = PSA_KEY_CREATION_REGISTER; validate_slot_number_directions.status = - ( validate > 0 ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED ); + (validate > 0 ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED); } - mbedtls_test_set_step( 1 ); - PSA_ASSERT( psa_register_se_driver( MIN_DRIVER_LOCATION, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + mbedtls_test_set_step(1); + PSA_ASSERT(psa_register_se_driver(MIN_DRIVER_LOCATION, &driver)); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - psa_set_key_bits( &attributes, bit_size ); - psa_set_key_slot_number( &attributes, wanted_slot ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + psa_set_key_bits(&attributes, bit_size); + psa_set_key_slot_number(&attributes, wanted_slot); - status = mbedtls_psa_register_se_key( &attributes ); - TEST_EQUAL( status, expected_status ); + status = mbedtls_psa_register_se_key(&attributes); + TEST_EQUAL(status, expected_status); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { goto exit; + } /* Test that the key exists and has the expected attributes. */ - if( ! check_key_attributes( id, &attributes ) ) + if (!check_key_attributes(id, &attributes)) { goto exit; + } #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) mbedtls_svc_key_id_t invalid_id = - mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg ); - TEST_EQUAL( psa_open_key( invalid_id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); + mbedtls_svc_key_id_make(owner_id_arg + 1, id_arg); + TEST_EQUAL(psa_open_key(invalid_id, &handle), PSA_ERROR_DOES_NOT_EXIST); #endif - PSA_ASSERT( psa_purge_key( id ) ); + PSA_ASSERT(psa_purge_key(id)); /* Restart and try again. */ - mbedtls_test_set_step( 2 ); - PSA_SESSION_DONE( ); - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); - if( ! check_key_attributes( id, &attributes ) ) + mbedtls_test_set_step(2); + PSA_SESSION_DONE(); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); + if (!check_key_attributes(id, &attributes)) { goto exit; + } /* This time, destroy the key. */ - PSA_ASSERT( psa_destroy_key( id ) ); - TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); + PSA_ASSERT(psa_destroy_key(id)); + TEST_EQUAL(psa_open_key(id, &handle), PSA_ERROR_DOES_NOT_EXIST); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( id ); - PSA_DONE( ); - psa_purge_storage( ); - memset( &validate_slot_number_directions, 0, - sizeof( validate_slot_number_directions ) ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(id); + PSA_DONE(); + psa_purge_storage(); + memset(&validate_slot_number_directions, 0, + sizeof(validate_slot_number_directions)); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index 12c58ebbbadd..6f28f93e579d 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -7,18 +7,16 @@ /** The location and lifetime used for tests that use a single driver. */ #define TEST_DRIVER_LOCATION 1 #define TEST_SE_PERSISTENT_LIFETIME \ - ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ - PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION ) ) + (PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ + PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION)) -static struct -{ +static struct { uint16_t called; psa_key_location_t location; psa_status_t return_value; } mock_init_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t key_slot; psa_key_attributes_t attributes; @@ -26,8 +24,7 @@ static struct psa_status_t return_value; } mock_generate_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t key_slot; psa_key_attributes_t attributes; @@ -36,24 +33,21 @@ static struct psa_status_t return_value; } mock_import_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t slot_number; size_t data_size; psa_status_t return_value; } mock_export_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t slot_number; size_t data_size; psa_status_t return_value; } mock_export_public_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t key_slot; psa_algorithm_t alg; @@ -62,8 +56,7 @@ static struct psa_status_t return_value; } mock_sign_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t key_slot; psa_algorithm_t alg; @@ -72,21 +65,19 @@ static struct psa_status_t return_value; } mock_verify_data; -static struct -{ +static struct { uint16_t called; psa_status_t return_value; } mock_allocate_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t slot_number; psa_status_t return_value; } mock_destroy_data; #define MAX_KEY_ID_FOR_TEST 10 -static void psa_purge_storage( void ) +static void psa_purge_storage(void) { psa_key_id_t id; psa_key_location_t location; @@ -94,48 +85,50 @@ static void psa_purge_storage( void ) /* The tests may have potentially created key ids from 1 to * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id * 0, which file-based storage uses as a temporary file. */ - for( id = 0; id <= MAX_KEY_ID_FOR_TEST; id++ ) - psa_destroy_persistent_key( mbedtls_svc_key_id_make( 1, id ) ); + for (id = 0; id <= MAX_KEY_ID_FOR_TEST; id++) { + psa_destroy_persistent_key(mbedtls_svc_key_id_make(1, id)); + } /* Purge the transaction file. */ - psa_crypto_stop_transaction( ); + psa_crypto_stop_transaction(); /* Purge driver persistent data. */ - for( location = 0; location < PSA_MAX_SE_LOCATION; location++ ) - psa_destroy_se_persistent_data( location ); + for (location = 0; location < PSA_MAX_SE_LOCATION; location++) { + psa_destroy_se_persistent_data(location); + } } -static void mock_teardown( void ) +static void mock_teardown(void) { - memset( &mock_init_data, 0, sizeof( mock_init_data ) ); - memset( &mock_import_data, 0, sizeof( mock_import_data ) ); - memset( &mock_export_data, 0, sizeof( mock_export_data ) ); - memset( &mock_export_public_data, 0, sizeof( mock_export_public_data ) ); - memset( &mock_sign_data, 0, sizeof( mock_sign_data ) ); - memset( &mock_verify_data, 0, sizeof( mock_verify_data ) ); - memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); - memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); - memset( &mock_generate_data, 0, sizeof( mock_generate_data ) ); - psa_purge_storage( ); + memset(&mock_init_data, 0, sizeof(mock_init_data)); + memset(&mock_import_data, 0, sizeof(mock_import_data)); + memset(&mock_export_data, 0, sizeof(mock_export_data)); + memset(&mock_export_public_data, 0, sizeof(mock_export_public_data)); + memset(&mock_sign_data, 0, sizeof(mock_sign_data)); + memset(&mock_verify_data, 0, sizeof(mock_verify_data)); + memset(&mock_allocate_data, 0, sizeof(mock_allocate_data)); + memset(&mock_destroy_data, 0, sizeof(mock_destroy_data)); + memset(&mock_generate_data, 0, sizeof(mock_generate_data)); + psa_purge_storage(); } -static psa_status_t mock_init( psa_drv_se_context_t *drv_context, - void *persistent_data, - psa_key_location_t location ) +static psa_status_t mock_init(psa_drv_se_context_t *drv_context, + void *persistent_data, + psa_key_location_t location) { (void) drv_context; (void) persistent_data; mock_init_data.called++; mock_init_data.location = location; - return( mock_init_data.return_value ); + return mock_init_data.return_value; } -static psa_status_t mock_generate( psa_drv_se_context_t *drv_context, - psa_key_slot_number_t key_slot, - const psa_key_attributes_t *attributes, - uint8_t *pubkey, - size_t pubkey_size, - size_t *pubkey_length ) +static psa_status_t mock_generate(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, + const psa_key_attributes_t *attributes, + uint8_t *pubkey, + size_t pubkey_size, + size_t *pubkey_length) { (void) drv_context; (void) pubkey; @@ -146,15 +139,15 @@ static psa_status_t mock_generate( psa_drv_se_context_t *drv_context, mock_generate_data.attributes = *attributes; mock_generate_data.pubkey_size = pubkey_size; - return( mock_generate_data.return_value ); + return mock_generate_data.return_value; } -static psa_status_t mock_import( psa_drv_se_context_t *drv_context, - psa_key_slot_number_t key_slot, - const psa_key_attributes_t *attributes, - const uint8_t *data, - size_t data_length, - size_t *bits ) +static psa_status_t mock_import(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + size_t *bits) { (void) drv_context; (void) data; @@ -166,14 +159,14 @@ static psa_status_t mock_import( psa_drv_se_context_t *drv_context, mock_import_data.attributes = *attributes; mock_import_data.data_length = data_length; - return( mock_import_data.return_value ); + return mock_import_data.return_value; } -psa_status_t mock_export( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - uint8_t *p_data, - size_t data_size, - size_t *p_data_length ) +psa_status_t mock_export(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length) { (void) context; (void) p_data; @@ -183,14 +176,14 @@ psa_status_t mock_export( psa_drv_se_context_t *context, mock_export_data.slot_number = slot_number; mock_export_data.data_size = data_size; - return( mock_export_data.return_value ); + return mock_export_data.return_value; } -psa_status_t mock_export_public( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - uint8_t *p_data, - size_t data_size, - size_t *p_data_length ) +psa_status_t mock_export_public(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length) { (void) context; (void) p_data; @@ -200,17 +193,17 @@ psa_status_t mock_export_public( psa_drv_se_context_t *context, mock_export_public_data.slot_number = slot_number; mock_export_public_data.data_size = data_size; - return( mock_export_public_data.return_value ); + return mock_export_public_data.return_value; } -psa_status_t mock_sign( psa_drv_se_context_t *context, - psa_key_slot_number_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - uint8_t *p_signature, - size_t signature_size, - size_t *p_signature_length ) +psa_status_t mock_sign(psa_drv_se_context_t *context, + psa_key_slot_number_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length) { (void) context; (void) p_hash; @@ -226,13 +219,13 @@ psa_status_t mock_sign( psa_drv_se_context_t *context, return mock_sign_data.return_value; } -psa_status_t mock_verify( psa_drv_se_context_t *context, - psa_key_slot_number_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - const uint8_t *p_signature, - size_t signature_length ) +psa_status_t mock_verify(psa_drv_se_context_t *context, + psa_key_slot_number_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length) { (void) context; (void) p_hash; @@ -247,11 +240,11 @@ psa_status_t mock_verify( psa_drv_se_context_t *context, return mock_verify_data.return_value; } -psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, - void *persistent_data, - const psa_key_attributes_t *attributes, - psa_key_creation_method_t method, - psa_key_slot_number_t *key_slot ) +psa_status_t mock_allocate(psa_drv_se_context_t *drv_context, + void *persistent_data, + const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, + psa_key_slot_number_t *key_slot) { (void) drv_context; (void) persistent_data; @@ -262,12 +255,12 @@ psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, mock_allocate_data.called++; *key_slot = 0; - return( mock_allocate_data.return_value ); + return mock_allocate_data.return_value; } -psa_status_t mock_destroy( psa_drv_se_context_t *context, - void *persistent_data, - psa_key_slot_number_t slot_number ) +psa_status_t mock_destroy(psa_drv_se_context_t *context, + void *persistent_data, + psa_key_slot_number_t slot_number) { (void) context; (void) persistent_data; @@ -275,7 +268,7 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context, mock_destroy_data.called++; mock_destroy_data.slot_number = slot_number; - return( mock_destroy_data.return_value ); + return mock_destroy_data.return_value; } /* END_HEADER */ @@ -286,11 +279,11 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context, */ /* BEGIN_CASE */ -void mock_init( int location_arg, - int expected_register_status_arg, - int driver_status_arg, - int expected_psa_status_arg, - int expected_called ) +void mock_init(int location_arg, + int expected_register_status_arg, + int driver_status_arg, + int expected_psa_status_arg, + int expected_called) { psa_key_location_t location = location_arg; psa_status_t expected_register_status = expected_register_status_arg; @@ -304,112 +297,110 @@ void mock_init( int location_arg, mock_init_data.return_value = driver_status; - TEST_EQUAL( psa_register_se_driver( location, &driver ), - expected_register_status ); + TEST_EQUAL(psa_register_se_driver(location, &driver), + expected_register_status); psa_crypto_init_called = 1; - TEST_EQUAL( psa_crypto_init( ), expected_psa_status ); + TEST_EQUAL(psa_crypto_init(), expected_psa_status); - TEST_EQUAL( mock_init_data.called, expected_called ); - if( expected_called ) - TEST_EQUAL( mock_init_data.location, location ); + TEST_EQUAL(mock_init_data.called, expected_called); + if (expected_called) { + TEST_EQUAL(mock_init_data.location, location); + } exit: - if( psa_crypto_init_called ) - PSA_DONE( ); - mock_teardown( ); + if (psa_crypto_init_called) { + PSA_DONE(); + } + mock_teardown(); } /* END_CASE */ /* BEGIN_CASE */ -void mock_import( int mock_alloc_return_value, - int mock_import_return_value, - int bits, - int expected_result ) +void mock_import(int mock_alloc_return_value, + int mock_import_return_value, + int bits, + int expected_result) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; mock_allocate_data.return_value = mock_alloc_return_value; mock_import_data.return_value = mock_import_return_value; mock_import_data.bits = bits; - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; key_management.p_import = mock_import; key_management.p_destroy = mock_destroy; key_management.p_allocate = mock_allocate; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - TEST_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) == expected_result ); - - TEST_ASSERT( mock_allocate_data.called == 1 ); - TEST_ASSERT( mock_import_data.called == - ( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) ); - - if( mock_alloc_return_value == PSA_SUCCESS ) - { - TEST_ASSERT( mbedtls_svc_key_id_equal( - mock_import_data.attributes.core.id, id ) ); - } - else - { - TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( - mock_import_data.attributes.core.id ) == 0 ); - TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( - mock_import_data.attributes.core.id ) == 0 ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + TEST_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id) == expected_result); + + TEST_ASSERT(mock_allocate_data.called == 1); + TEST_ASSERT(mock_import_data.called == + (mock_alloc_return_value == PSA_SUCCESS ? 1 : 0)); + + if (mock_alloc_return_value == PSA_SUCCESS) { + TEST_ASSERT(mbedtls_svc_key_id_equal( + mock_import_data.attributes.core.id, id)); + } else { + TEST_ASSERT(MBEDTLS_SVC_KEY_ID_GET_KEY_ID( + mock_import_data.attributes.core.id) == 0); + TEST_ASSERT(MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( + mock_import_data.attributes.core.id) == 0); } - TEST_ASSERT( mock_import_data.attributes.core.lifetime == - ( mock_alloc_return_value == PSA_SUCCESS? lifetime : 0 ) ); - TEST_ASSERT( mock_import_data.attributes.core.policy.usage == - ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_USAGE_EXPORT : 0 ) ); - TEST_ASSERT( mock_import_data.attributes.core.type == - ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_TYPE_RAW_DATA : 0 ) ); - - if( expected_result == PSA_SUCCESS ) - { - PSA_ASSERT( psa_destroy_key( id ) ); - TEST_ASSERT( mock_destroy_data.called == 1 ); + TEST_ASSERT(mock_import_data.attributes.core.lifetime == + (mock_alloc_return_value == PSA_SUCCESS ? lifetime : 0)); + TEST_ASSERT(mock_import_data.attributes.core.policy.usage == + (mock_alloc_return_value == PSA_SUCCESS ? PSA_KEY_USAGE_EXPORT : 0)); + TEST_ASSERT(mock_import_data.attributes.core.type == + (mock_alloc_return_value == PSA_SUCCESS ? PSA_KEY_TYPE_RAW_DATA : 0)); + + if (expected_result == PSA_SUCCESS) { + PSA_ASSERT(psa_destroy_key(id)); + TEST_ASSERT(mock_destroy_data.called == 1); } exit: - PSA_DONE( ); - mock_teardown( ); + PSA_DONE(); + mock_teardown(); } /* END_CASE */ /* BEGIN_CASE */ -void mock_export( int mock_export_return_value, int expected_result ) +void mock_export(int mock_export_return_value, int expected_result) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; - uint8_t exported[sizeof( key_material )]; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; + uint8_t exported[sizeof(key_material)]; size_t exported_length; mock_export_data.return_value = mock_export_return_value; - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; driver.p_init = mock_init; @@ -418,119 +409,115 @@ void mock_export( int mock_export_return_value, int expected_result ) key_management.p_destroy = mock_destroy; key_management.p_allocate = mock_allocate; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + PSA_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id)); - TEST_ASSERT( psa_export_key( id, - exported, sizeof( exported ), - &exported_length ) == expected_result ); + TEST_ASSERT(psa_export_key(id, + exported, sizeof(exported), + &exported_length) == expected_result); - TEST_ASSERT( mock_export_data.called == 1 ); + TEST_ASSERT(mock_export_data.called == 1); - PSA_ASSERT( psa_destroy_key( id ) ); + PSA_ASSERT(psa_destroy_key(id)); - TEST_ASSERT( mock_destroy_data.called == 1 ); + TEST_ASSERT(mock_destroy_data.called == 1); exit: - PSA_DONE( ); - mock_teardown( ); + PSA_DONE(); + mock_teardown(); } /* END_CASE */ /* BEGIN_CASE */ -void mock_generate( int mock_alloc_return_value, - int mock_generate_return_value, - int expected_result ) +void mock_generate(int mock_alloc_return_value, + int mock_generate_return_value, + int expected_result) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mock_allocate_data.return_value = mock_alloc_return_value; mock_generate_data.return_value = mock_generate_return_value; - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; key_management.p_generate = mock_generate; key_management.p_destroy = mock_destroy; key_management.p_allocate = mock_allocate; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - psa_set_key_bits( &attributes, 8 ); - TEST_ASSERT( psa_generate_key( &attributes, &returned_id) == expected_result ); - TEST_ASSERT( mock_allocate_data.called == 1 ); - TEST_ASSERT( mock_generate_data.called == - ( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) ); - - if( mock_alloc_return_value == PSA_SUCCESS ) - { - TEST_ASSERT( mbedtls_svc_key_id_equal( - mock_generate_data.attributes.core.id, id ) ); - } - else - { - TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( - mock_generate_data.attributes.core.id ) == 0 ); - TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( - mock_generate_data.attributes.core.id ) == 0 ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + psa_set_key_bits(&attributes, 8); + TEST_ASSERT(psa_generate_key(&attributes, &returned_id) == expected_result); + TEST_ASSERT(mock_allocate_data.called == 1); + TEST_ASSERT(mock_generate_data.called == + (mock_alloc_return_value == PSA_SUCCESS ? 1 : 0)); + + if (mock_alloc_return_value == PSA_SUCCESS) { + TEST_ASSERT(mbedtls_svc_key_id_equal( + mock_generate_data.attributes.core.id, id)); + } else { + TEST_ASSERT(MBEDTLS_SVC_KEY_ID_GET_KEY_ID( + mock_generate_data.attributes.core.id) == 0); + TEST_ASSERT(MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( + mock_generate_data.attributes.core.id) == 0); } - TEST_ASSERT( mock_generate_data.attributes.core.lifetime == - ( mock_alloc_return_value == PSA_SUCCESS? lifetime : 0 ) ); - TEST_ASSERT( mock_generate_data.attributes.core.policy.usage == - ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_USAGE_EXPORT : 0 ) ); - TEST_ASSERT( mock_generate_data.attributes.core.type == - ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_TYPE_RAW_DATA : 0 ) ); - - if( expected_result == PSA_SUCCESS ) - { - PSA_ASSERT( psa_destroy_key( id ) ); - TEST_ASSERT( mock_destroy_data.called == 1 ); + TEST_ASSERT(mock_generate_data.attributes.core.lifetime == + (mock_alloc_return_value == PSA_SUCCESS ? lifetime : 0)); + TEST_ASSERT(mock_generate_data.attributes.core.policy.usage == + (mock_alloc_return_value == PSA_SUCCESS ? PSA_KEY_USAGE_EXPORT : 0)); + TEST_ASSERT(mock_generate_data.attributes.core.type == + (mock_alloc_return_value == PSA_SUCCESS ? PSA_KEY_TYPE_RAW_DATA : 0)); + + if (expected_result == PSA_SUCCESS) { + PSA_ASSERT(psa_destroy_key(id)); + TEST_ASSERT(mock_destroy_data.called == 1); } exit: - PSA_DONE( ); - mock_teardown( ); + PSA_DONE(); + mock_teardown(); } /* END_CASE */ /* BEGIN_CASE */ -void mock_export_public( int mock_export_public_return_value, - int expected_result ) +void mock_export_public(int mock_export_public_return_value, + int expected_result) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; - uint8_t exported[sizeof( key_material )]; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; + uint8_t exported[sizeof(key_material)]; size_t exported_length; mock_export_public_data.return_value = mock_export_public_return_value; - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; key_management.p_import = mock_import; @@ -538,52 +525,52 @@ void mock_export_public( int mock_export_public_return_value, key_management.p_destroy = mock_destroy; key_management.p_allocate = mock_allocate; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_PUBLIC_KEY ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_PUBLIC_KEY); - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) ); + PSA_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id)); - TEST_ASSERT( psa_export_public_key( id, exported, sizeof(exported), - &exported_length ) == expected_result ); - TEST_ASSERT( mock_export_public_data.called == 1 ); + TEST_ASSERT(psa_export_public_key(id, exported, sizeof(exported), + &exported_length) == expected_result); + TEST_ASSERT(mock_export_public_data.called == 1); - PSA_ASSERT( psa_destroy_key( id ) ); - TEST_ASSERT( mock_destroy_data.called == 1 ); + PSA_ASSERT(psa_destroy_key(id)); + TEST_ASSERT(mock_destroy_data.called == 1); exit: - PSA_DONE( ); - mock_teardown( ); + PSA_DONE(); + mock_teardown(); } /* END_CASE */ /* BEGIN_CASE */ -void mock_sign( int mock_sign_return_value, int expected_result ) +void mock_sign(int mock_sign_return_value, int expected_result) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_drv_se_asymmetric_t asymmetric; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); - const uint8_t hash[1] = {'H'}; - uint8_t signature[1] = {'S'}; + const uint8_t hash[1] = { 'H' }; + uint8_t signature[1] = { 'S' }; size_t signature_length; mock_sign_data.return_value = mock_sign_return_value; - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); - memset( &asymmetric, 0, sizeof( asymmetric ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); + memset(&asymmetric, 0, sizeof(asymmetric)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; @@ -595,55 +582,55 @@ void mock_sign( int mock_sign_return_value, int expected_result ) driver.asymmetric = &asymmetric; asymmetric.p_sign = mock_sign; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, algorithm ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_KEY_PAIR ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, algorithm); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR); - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) ); + PSA_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id)); - TEST_ASSERT( psa_sign_hash( id, algorithm, - hash, sizeof( hash ), - signature, sizeof( signature ), - &signature_length) - == expected_result ); - TEST_ASSERT( mock_sign_data.called == 1 ); + TEST_ASSERT(psa_sign_hash(id, algorithm, + hash, sizeof(hash), + signature, sizeof(signature), + &signature_length) + == expected_result); + TEST_ASSERT(mock_sign_data.called == 1); - PSA_ASSERT( psa_destroy_key( id ) ); - TEST_ASSERT( mock_destroy_data.called == 1 ); + PSA_ASSERT(psa_destroy_key(id)); + TEST_ASSERT(mock_destroy_data.called == 1); exit: - PSA_DONE( ); - mock_teardown( ); + PSA_DONE(); + mock_teardown(); } /* END_CASE */ /* BEGIN_CASE */ -void mock_verify( int mock_verify_return_value, int expected_result ) +void mock_verify(int mock_verify_return_value, int expected_result) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_drv_se_asymmetric_t asymmetric; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); - const uint8_t hash[1] = {'H'}; - const uint8_t signature[1] = {'S'}; + const uint8_t hash[1] = { 'H' }; + const uint8_t signature[1] = { 'S' }; mock_verify_data.return_value = mock_verify_return_value; - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); - memset( &asymmetric, 0, sizeof( asymmetric ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); + memset(&asymmetric, 0, sizeof(asymmetric)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; @@ -655,30 +642,30 @@ void mock_verify( int mock_verify_return_value, int expected_result ) driver.asymmetric = &asymmetric; asymmetric.p_verify = mock_verify; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, algorithm ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, algorithm); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) ); + PSA_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id)); - TEST_ASSERT( psa_verify_hash( id, algorithm, - hash, sizeof( hash ), - signature, sizeof( signature ) ) - == expected_result ); - TEST_ASSERT( mock_verify_data.called == 1 ); + TEST_ASSERT(psa_verify_hash(id, algorithm, + hash, sizeof(hash), + signature, sizeof(signature)) + == expected_result); + TEST_ASSERT(mock_verify_data.called == 1); - PSA_ASSERT( psa_destroy_key( id ) ); - TEST_ASSERT( mock_destroy_data.called == 1 ); + PSA_ASSERT(psa_destroy_key(id)); + TEST_ASSERT(mock_destroy_data.called == 1); exit: - PSA_DONE( ); - mock_teardown( ); + PSA_DONE(); + mock_teardown(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index d57766319c87..e3bb0d34fd80 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -4,8 +4,7 @@ #include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" -typedef enum -{ +typedef enum { /**< Close key(s) */ INVALIDATE_BY_CLOSING, @@ -28,15 +27,13 @@ typedef enum INVALIDATE_BY_PURGING_WITH_SHUTDOWN, } invalidate_method_t; -typedef enum -{ +typedef enum { KEEP_OPEN, CLOSE_BEFORE, CLOSE_AFTER, } reopen_policy_t; -typedef enum -{ +typedef enum { INVALID_HANDLE_0, INVALID_HANDLE_UNOPENED, INVALID_HANDLE_CLOSED, @@ -46,61 +43,59 @@ typedef enum /** Apply \p invalidate_method to invalidate the specified key: * close it, destroy it, or do nothing; */ -static int invalidate_key( invalidate_method_t invalidate_method, - mbedtls_svc_key_id_t key ) +static int invalidate_key(invalidate_method_t invalidate_method, + mbedtls_svc_key_id_t key) { - switch( invalidate_method ) - { + switch (invalidate_method) { /* Closing the key invalidate only volatile keys, not persistent ones. */ case INVALIDATE_BY_CLOSING: case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN: - PSA_ASSERT( psa_close_key( key ) ); + PSA_ASSERT(psa_close_key(key)); break; case INVALIDATE_BY_DESTROYING: case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN: - PSA_ASSERT( psa_destroy_key( key ) ); + PSA_ASSERT(psa_destroy_key(key)); break; /* Purging the key just purges RAM data of persistent keys. */ case INVALIDATE_BY_PURGING: case INVALIDATE_BY_PURGING_WITH_SHUTDOWN: - PSA_ASSERT( psa_purge_key( key ) ); + PSA_ASSERT(psa_purge_key(key)); break; case INVALIDATE_BY_SHUTDOWN: break; } - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } /** Restart the PSA subsystem if \p invalidate_method says so. */ -static int invalidate_psa( invalidate_method_t invalidate_method ) +static int invalidate_psa(invalidate_method_t invalidate_method) { - switch( invalidate_method ) - { + switch (invalidate_method) { case INVALIDATE_BY_CLOSING: case INVALIDATE_BY_DESTROYING: case INVALIDATE_BY_PURGING: - return( 1 ); + return 1; case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN: case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN: case INVALIDATE_BY_PURGING_WITH_SHUTDOWN: /* All keys must have been closed. */ - PSA_SESSION_DONE( ); + PSA_SESSION_DONE(); break; case INVALIDATE_BY_SHUTDOWN: /* Some keys may remain behind, and we're testing that this * properly closes them. */ - mbedtls_psa_crypto_free( ); + mbedtls_psa_crypto_free(); break; } - PSA_ASSERT( psa_crypto_init( ) ); - ASSERT_PSA_PRISTINE( ); - return( 1 ); + PSA_ASSERT(psa_crypto_init()); + ASSERT_PSA_PRISTINE(); + return 1; exit: - return( 0 ); + return 0; } /* END_HEADER */ @@ -111,10 +106,10 @@ exit: */ /* BEGIN_CASE */ -void transient_slot_lifecycle( int owner_id_arg, - int usage_arg, int alg_arg, - int type_arg, data_t *key_data, - int invalidate_method_arg ) +void transient_slot_lifecycle(int owner_id_arg, + int usage_arg, int alg_arg, + int type_arg, data_t *key_data, + int invalidate_method_arg) { psa_algorithm_t alg = alg_arg; psa_key_usage_t usage_flags = usage_arg; @@ -123,40 +118,40 @@ void transient_slot_lifecycle( int owner_id_arg, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_test_set_step( 1 ); - PSA_ASSERT( psa_crypto_init( ) ); + mbedtls_test_set_step(1); + PSA_ASSERT(psa_crypto_init()); /* Import a key. */ #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) mbedtls_key_owner_id_t owner_id = owner_id_arg; - mbedtls_set_key_owner_id( &attributes, owner_id ); + mbedtls_set_key_owner_id(&attributes, owner_id); #else - (void)owner_id_arg; + (void) owner_id_arg; #endif - psa_set_key_usage_flags( &attributes, usage_flags ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - TEST_ASSERT( ! mbedtls_svc_key_id_is_null( key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - psa_reset_key_attributes( &attributes ); + psa_set_key_usage_flags(&attributes, usage_flags); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + TEST_ASSERT(!mbedtls_svc_key_id_is_null(key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), type); + psa_reset_key_attributes(&attributes); #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) { psa_key_handle_t handle; mbedtls_svc_key_id_t key_with_invalid_owner = - mbedtls_svc_key_id_make( owner_id + 1, - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) ); - - TEST_ASSERT( mbedtls_key_owner_id_equal( - owner_id, - MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( key ) ) ); - TEST_EQUAL( psa_open_key( key_with_invalid_owner, &handle ), - PSA_ERROR_DOES_NOT_EXIST ); + mbedtls_svc_key_id_make(owner_id + 1, + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key)); + + TEST_ASSERT(mbedtls_key_owner_id_equal( + owner_id, + MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key))); + TEST_EQUAL(psa_open_key(key_with_invalid_owner, &handle), + PSA_ERROR_DOES_NOT_EXIST); } #endif @@ -164,42 +159,44 @@ void transient_slot_lifecycle( int owner_id_arg, * Purge the key and make sure that it is still valid, as purging a * volatile key shouldn't invalidate/destroy it. */ - PSA_ASSERT( psa_purge_key( key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - psa_reset_key_attributes( &attributes ); + PSA_ASSERT(psa_purge_key(key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), type); + psa_reset_key_attributes(&attributes); /* Do something that invalidates the key. */ - mbedtls_test_set_step( 2 ); - if( ! invalidate_key( invalidate_method, key ) ) + mbedtls_test_set_step(2); + if (!invalidate_key(invalidate_method, key)) { goto exit; - if( ! invalidate_psa( invalidate_method ) ) + } + if (!invalidate_psa(invalidate_method)) { goto exit; + } /* Test that the key is now invalid. */ - TEST_EQUAL( psa_get_key_attributes( key, &attributes ), - PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_close_key( key ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL(psa_get_key_attributes(key, &attributes), + PSA_ERROR_INVALID_HANDLE); + TEST_EQUAL(psa_close_key(key), PSA_ERROR_INVALID_HANDLE); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ -void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, - int usage_arg, int alg_arg, int alg2_arg, - int type_arg, data_t *key_data, - int invalidate_method_arg ) +void persistent_slot_lifecycle(int lifetime_arg, int owner_id_arg, int id_arg, + int usage_arg, int alg_arg, int alg2_arg, + int type_arg, data_t *key_data, + int invalidate_method_arg) { psa_key_lifetime_t lifetime = lifetime_arg; - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg); psa_algorithm_t alg = alg_arg; psa_algorithm_t alg2 = alg2_arg; psa_key_usage_t usage_flags = usage_arg; @@ -214,112 +211,110 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) mbedtls_svc_key_id_t wrong_owner_id = - mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg ); + mbedtls_svc_key_id_make(owner_id_arg + 1, id_arg); mbedtls_svc_key_id_t invalid_svc_key_id = MBEDTLS_SVC_KEY_ID_INIT; #endif - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - mbedtls_test_set_step( 1 ); - PSA_ASSERT( psa_crypto_init( ) ); + mbedtls_test_set_step(1); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_type( &attributes, type ); - psa_set_key_usage_flags( &attributes, usage_flags ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_enrollment_algorithm( &attributes, alg2 ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &returned_id ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( id, returned_id ) ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_type(&attributes, type); + psa_set_key_usage_flags(&attributes, usage_flags); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_enrollment_algorithm(&attributes, alg2); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &returned_id)); + TEST_ASSERT(mbedtls_svc_key_id_equal(id, returned_id)); #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_svc_key_id ), - PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL(psa_open_key(wrong_owner_id, &invalid_svc_key_id), + PSA_ERROR_DOES_NOT_EXIST); #endif - PSA_ASSERT( psa_get_key_attributes( id, &attributes ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), id ) ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - mbedtls_test_update_key_usage_flags( usage_flags ) ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); + PSA_ASSERT(psa_get_key_attributes(id, &attributes)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), id)); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), + mbedtls_test_update_key_usage_flags(usage_flags)); + TEST_EQUAL(psa_get_key_algorithm(&attributes), alg); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), alg2); + TEST_EQUAL(psa_get_key_type(&attributes), type); /* Close the key and then open it. */ - PSA_ASSERT( psa_close_key( id ) ); + PSA_ASSERT(psa_close_key(id)); #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_svc_key_id ), - PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL(psa_open_key(wrong_owner_id, &invalid_svc_key_id), + PSA_ERROR_DOES_NOT_EXIST); #endif - PSA_ASSERT( psa_open_key( id, &handle ) ); - TEST_ASSERT( ! psa_key_handle_is_null( handle ) ); - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), id ) ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - mbedtls_test_update_key_usage_flags( usage_flags ) ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); + PSA_ASSERT(psa_open_key(id, &handle)); + TEST_ASSERT(!psa_key_handle_is_null(handle)); + PSA_ASSERT(psa_get_key_attributes(handle, &attributes)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), id)); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), + mbedtls_test_update_key_usage_flags(usage_flags)); + TEST_EQUAL(psa_get_key_algorithm(&attributes), alg); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), alg2); + TEST_EQUAL(psa_get_key_type(&attributes), type); /* * Do something that wipes key data in volatile memory or destroy the * key. */ - mbedtls_test_set_step( 2 ); - if( ! invalidate_key( invalidate_method, id ) ) + mbedtls_test_set_step(2); + if (!invalidate_key(invalidate_method, id)) { goto exit; - if( ! invalidate_psa( invalidate_method ) ) + } + if (!invalidate_psa(invalidate_method)) { goto exit; + } /* Try to reaccess the key. If we destroyed it, check that it doesn't * exist. Otherwise check that it still exists and has the expected * content. */ - switch( invalidate_method ) - { + switch (invalidate_method) { case INVALIDATE_BY_CLOSING: case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN: case INVALIDATE_BY_PURGING: case INVALIDATE_BY_PURGING_WITH_SHUTDOWN: case INVALIDATE_BY_SHUTDOWN: - PSA_ASSERT( psa_open_key( id, &handle ) ); - PSA_ASSERT( psa_get_key_attributes( id, &read_attributes ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), - psa_get_key_lifetime( &read_attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), - psa_get_key_id( &read_attributes ) ) ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - mbedtls_test_update_key_usage_flags( usage_flags ) ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), - psa_get_key_algorithm( &read_attributes ) ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), - psa_get_key_enrollment_algorithm( &read_attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), - psa_get_key_type( &read_attributes ) ); - TEST_EQUAL( psa_get_key_bits( &attributes ), - psa_get_key_bits( &read_attributes ) ); - ASSERT_ALLOC( reexported, key_data->len ); - if( usage_flags & PSA_KEY_USAGE_EXPORT ) - { - PSA_ASSERT( psa_export_key( id, reexported, key_data->len, - &reexported_length ) ); - ASSERT_COMPARE( key_data->x, key_data->len, - reexported, reexported_length ); - } - else - { - TEST_EQUAL( psa_export_key( id, reexported, - key_data->len, &reexported_length ), - PSA_ERROR_NOT_PERMITTED ); + PSA_ASSERT(psa_open_key(id, &handle)); + PSA_ASSERT(psa_get_key_attributes(id, &read_attributes)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), + psa_get_key_lifetime(&read_attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), + psa_get_key_id(&read_attributes))); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), + mbedtls_test_update_key_usage_flags(usage_flags)); + TEST_EQUAL(psa_get_key_algorithm(&attributes), + psa_get_key_algorithm(&read_attributes)); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), + psa_get_key_enrollment_algorithm(&read_attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), + psa_get_key_type(&read_attributes)); + TEST_EQUAL(psa_get_key_bits(&attributes), + psa_get_key_bits(&read_attributes)); + ASSERT_ALLOC(reexported, key_data->len); + if (usage_flags & PSA_KEY_USAGE_EXPORT) { + PSA_ASSERT(psa_export_key(id, reexported, key_data->len, + &reexported_length)); + ASSERT_COMPARE(key_data->x, key_data->len, + reexported, reexported_length); + } else { + TEST_EQUAL(psa_export_key(id, reexported, + key_data->len, &reexported_length), + PSA_ERROR_NOT_PERMITTED); } - PSA_ASSERT( psa_close_key( handle ) ); + PSA_ASSERT(psa_close_key(handle)); break; case INVALIDATE_BY_DESTROYING: @@ -328,11 +323,11 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, * Test that the key handle and identifier are now not referring to an * existing key. */ - TEST_EQUAL( psa_get_key_attributes( handle, &read_attributes ), - PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_get_key_attributes( id, &read_attributes ), - PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL(psa_get_key_attributes(handle, &read_attributes), + PSA_ERROR_INVALID_HANDLE); + TEST_EQUAL(psa_close_key(handle), PSA_ERROR_INVALID_HANDLE); + TEST_EQUAL(psa_get_key_attributes(id, &read_attributes), + PSA_ERROR_INVALID_HANDLE); break; } @@ -341,158 +336,159 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); - psa_reset_key_attributes( &read_attributes ); + psa_reset_key_attributes(&attributes); + psa_reset_key_attributes(&read_attributes); - PSA_DONE( ); - mbedtls_free( reexported ); + PSA_DONE(); + mbedtls_free(reexported); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ -void create_existent( int lifetime_arg, int owner_id_arg, int id_arg, - int reopen_policy_arg ) +void create_existent(int lifetime_arg, int owner_id_arg, int id_arg, + int reopen_policy_arg) { psa_key_lifetime_t lifetime = lifetime_arg; - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg); mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA; const uint8_t material1[5] = "a key"; const uint8_t material2[5] = "b key"; - size_t bits1 = PSA_BYTES_TO_BITS( sizeof( material1 ) ); - uint8_t reexported[sizeof( material1 )]; + size_t bits1 = PSA_BYTES_TO_BITS(sizeof(material1)); + uint8_t reexported[sizeof(material1)]; size_t reexported_length; reopen_policy_t reopen_policy = reopen_policy_arg; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Create a key. */ - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_type( &attributes, type1 ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, 0 ); - PSA_ASSERT( psa_import_key( &attributes, material1, sizeof( material1 ), - &returned_id ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( id, returned_id ) ); - - if( reopen_policy == CLOSE_BEFORE ) - PSA_ASSERT( psa_close_key( id ) ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_type(&attributes, type1); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, 0); + PSA_ASSERT(psa_import_key(&attributes, material1, sizeof(material1), + &returned_id)); + TEST_ASSERT(mbedtls_svc_key_id_equal(id, returned_id)); + + if (reopen_policy == CLOSE_BEFORE) { + PSA_ASSERT(psa_close_key(id)); + } /* Attempt to create a new key in the same slot. */ - TEST_EQUAL( psa_import_key( &attributes, material2, sizeof( material2 ), - &returned_id ), - PSA_ERROR_ALREADY_EXISTS ); - TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_id ) ); + TEST_EQUAL(psa_import_key(&attributes, material2, sizeof(material2), + &returned_id), + PSA_ERROR_ALREADY_EXISTS); + TEST_ASSERT(mbedtls_svc_key_id_is_null(returned_id)); - if( reopen_policy == CLOSE_AFTER ) - PSA_ASSERT( psa_close_key( id ) ); + if (reopen_policy == CLOSE_AFTER) { + PSA_ASSERT(psa_close_key(id)); + } /* Check that the original key hasn't changed. */ - psa_reset_key_attributes( &attributes ); - PSA_ASSERT( psa_get_key_attributes( id, &attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), id ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); - TEST_EQUAL( psa_get_key_type( &attributes ), type1 ); - TEST_EQUAL( psa_get_key_bits( &attributes ), bits1 ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), PSA_KEY_USAGE_EXPORT ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - - PSA_ASSERT( psa_export_key( id, - reexported, sizeof( reexported ), - &reexported_length ) ); - ASSERT_COMPARE( material1, sizeof( material1 ), - reexported, reexported_length ); - - PSA_ASSERT( psa_close_key( id ) ); + psa_reset_key_attributes(&attributes); + PSA_ASSERT(psa_get_key_attributes(id, &attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), id)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime); + TEST_EQUAL(psa_get_key_type(&attributes), type1); + TEST_EQUAL(psa_get_key_bits(&attributes), bits1); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), PSA_KEY_USAGE_EXPORT); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); + + PSA_ASSERT(psa_export_key(id, + reexported, sizeof(reexported), + &reexported_length)); + ASSERT_COMPARE(material1, sizeof(material1), + reexported, reexported_length); + + PSA_ASSERT(psa_close_key(id)); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void open_fail( int id_arg, - int expected_status_arg ) +void open_fail(int id_arg, + int expected_status_arg) { - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, id_arg); psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = mbedtls_svc_key_id_make( 0xdead, 0xdead ); + psa_key_handle_t handle = mbedtls_svc_key_id_make(0xdead, 0xdead); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - TEST_EQUAL( psa_open_key( id, &handle ), expected_status ); - TEST_ASSERT( psa_key_handle_is_null( handle ) ); + TEST_EQUAL(psa_open_key(id, &handle), expected_status); + TEST_ASSERT(psa_key_handle_is_null(handle)); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void create_fail( int lifetime_arg, int id_arg, - int expected_status_arg ) +void create_fail(int lifetime_arg, int id_arg, + int expected_status_arg) { psa_key_lifetime_t lifetime = lifetime_arg; - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, id_arg); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_status = expected_status_arg; mbedtls_svc_key_id_t returned_id = - mbedtls_svc_key_id_make( 0xdead, 0xdead ); - uint8_t material[1] = {'k'}; + mbedtls_svc_key_id_make(0xdead, 0xdead); + uint8_t material[1] = { 'k' }; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_lifetime( &attributes, lifetime ); - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + psa_set_key_lifetime(&attributes, lifetime); + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { /* * Not possible to set a key identifier different from 0 through * PSA key attributes APIs thus accessing to the attributes * directly. */ attributes.core.id = id; + } else { + psa_set_key_id(&attributes, id); } - else - psa_set_key_id( &attributes, id ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - TEST_EQUAL( psa_import_key( &attributes, material, sizeof( material ), - &returned_id ), - expected_status ); - TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_id ) ); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + TEST_EQUAL(psa_import_key(&attributes, material, sizeof(material), + &returned_id), + expected_status); + TEST_ASSERT(mbedtls_svc_key_id_is_null(returned_id)); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, - int source_id_arg, int source_usage_arg, - int source_alg_arg, int source_alg2_arg, - int type_arg, data_t *material, - int target_lifetime_arg, int target_owner_id_arg, - int target_id_arg, int target_usage_arg, - int target_alg_arg, int target_alg2_arg, - int expected_usage_arg, - int expected_alg_arg, int expected_alg2_arg ) +void copy_across_lifetimes(int source_lifetime_arg, int source_owner_id_arg, + int source_id_arg, int source_usage_arg, + int source_alg_arg, int source_alg2_arg, + int type_arg, data_t *material, + int target_lifetime_arg, int target_owner_id_arg, + int target_id_arg, int target_usage_arg, + int target_alg_arg, int target_alg2_arg, + int expected_usage_arg, + int expected_alg_arg, int expected_alg2_arg) { psa_key_lifetime_t source_lifetime = source_lifetime_arg; mbedtls_svc_key_id_t source_id = - mbedtls_svc_key_id_make( source_owner_id_arg, source_id_arg ); + mbedtls_svc_key_id_make(source_owner_id_arg, source_id_arg); psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -500,7 +496,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, mbedtls_svc_key_id_t returned_source_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_lifetime_t target_lifetime = target_lifetime_arg; mbedtls_svc_key_id_t target_id = - mbedtls_svc_key_id_make( target_owner_id_arg, target_id_arg ); + mbedtls_svc_key_id_make(target_owner_id_arg, target_id_arg); psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -511,127 +507,120 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, psa_algorithm_t expected_alg2 = expected_alg2_arg; uint8_t *export_buffer = NULL; - TEST_USES_KEY_ID( source_id ); - TEST_USES_KEY_ID( target_id ); + TEST_USES_KEY_ID(source_id); + TEST_USES_KEY_ID(target_id); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Populate the source slot. */ - psa_set_key_id( &source_attributes, source_id ); - psa_set_key_lifetime( &source_attributes, source_lifetime ); - - psa_set_key_type( &source_attributes, source_type ); - psa_set_key_usage_flags( &source_attributes, source_usage ); - psa_set_key_algorithm( &source_attributes, source_alg ); - psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg ); - PSA_ASSERT( psa_import_key( &source_attributes, - material->x, material->len, - &returned_source_id ) ); + psa_set_key_id(&source_attributes, source_id); + psa_set_key_lifetime(&source_attributes, source_lifetime); + + psa_set_key_type(&source_attributes, source_type); + psa_set_key_usage_flags(&source_attributes, source_usage); + psa_set_key_algorithm(&source_attributes, source_alg); + psa_set_key_enrollment_algorithm(&source_attributes, source_alg2_arg); + PSA_ASSERT(psa_import_key(&source_attributes, + material->x, material->len, + &returned_source_id)); /* Update the attributes with the bit size. */ - PSA_ASSERT( psa_get_key_attributes( returned_source_id, - &source_attributes ) ); + PSA_ASSERT(psa_get_key_attributes(returned_source_id, + &source_attributes)); /* Prepare the target slot. */ - psa_set_key_id( &target_attributes, target_id ); - psa_set_key_lifetime( &target_attributes, target_lifetime ); + psa_set_key_id(&target_attributes, target_id); + psa_set_key_lifetime(&target_attributes, target_lifetime); - psa_set_key_usage_flags( &target_attributes, target_usage ); - psa_set_key_algorithm( &target_attributes, target_alg ); - psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); + psa_set_key_usage_flags(&target_attributes, target_usage); + psa_set_key_algorithm(&target_attributes, target_alg); + psa_set_key_enrollment_algorithm(&target_attributes, target_alg2_arg); /* Copy the key. */ - PSA_ASSERT( psa_copy_key( returned_source_id, - &target_attributes, &returned_target_id ) ); + PSA_ASSERT(psa_copy_key(returned_source_id, + &target_attributes, &returned_target_id)); /* Destroy the source to ensure that this doesn't affect the target. */ - PSA_ASSERT( psa_destroy_key( returned_source_id ) ); + PSA_ASSERT(psa_destroy_key(returned_source_id)); /* If the target key is persistent, restart the system to make * sure that the material is still alive. */ - if( ! PSA_KEY_LIFETIME_IS_VOLATILE( target_lifetime ) ) - { - mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_open_key( target_id, &target_handle ) ); + if (!PSA_KEY_LIFETIME_IS_VOLATILE(target_lifetime)) { + mbedtls_psa_crypto_free(); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_open_key(target_id, &target_handle)); } /* Test that the target slot has the expected content. */ - psa_reset_key_attributes( &target_attributes ); - PSA_ASSERT( psa_get_key_attributes( returned_target_id, - &target_attributes ) ); - - if( ! PSA_KEY_LIFETIME_IS_VOLATILE( target_lifetime ) ) - { - TEST_ASSERT( mbedtls_svc_key_id_equal( - target_id, psa_get_key_id( &target_attributes ) ) ); - } - else - { + psa_reset_key_attributes(&target_attributes); + PSA_ASSERT(psa_get_key_attributes(returned_target_id, + &target_attributes)); + + if (!PSA_KEY_LIFETIME_IS_VOLATILE(target_lifetime)) { + TEST_ASSERT(mbedtls_svc_key_id_equal( + target_id, psa_get_key_id(&target_attributes))); + } else { #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( returned_target_id ), - target_owner_id_arg ); + TEST_EQUAL(MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(returned_target_id), + target_owner_id_arg); #endif } - TEST_EQUAL( target_lifetime, psa_get_key_lifetime( &target_attributes ) ); - TEST_EQUAL( source_type, psa_get_key_type( &target_attributes ) ); - TEST_EQUAL( psa_get_key_bits( &source_attributes ), - psa_get_key_bits( &target_attributes ) ); - TEST_EQUAL( expected_usage, psa_get_key_usage_flags( &target_attributes ) ); - TEST_EQUAL( expected_alg, psa_get_key_algorithm( &target_attributes ) ); - TEST_EQUAL( expected_alg2, - psa_get_key_enrollment_algorithm( &target_attributes ) ); - if( expected_usage & PSA_KEY_USAGE_EXPORT ) - { + TEST_EQUAL(target_lifetime, psa_get_key_lifetime(&target_attributes)); + TEST_EQUAL(source_type, psa_get_key_type(&target_attributes)); + TEST_EQUAL(psa_get_key_bits(&source_attributes), + psa_get_key_bits(&target_attributes)); + TEST_EQUAL(expected_usage, psa_get_key_usage_flags(&target_attributes)); + TEST_EQUAL(expected_alg, psa_get_key_algorithm(&target_attributes)); + TEST_EQUAL(expected_alg2, + psa_get_key_enrollment_algorithm(&target_attributes)); + if (expected_usage & PSA_KEY_USAGE_EXPORT) { size_t length; - ASSERT_ALLOC( export_buffer, material->len ); - PSA_ASSERT( psa_export_key( returned_target_id, export_buffer, - material->len, &length ) ); - ASSERT_COMPARE( material->x, material->len, - export_buffer, length ); - } - else - { + ASSERT_ALLOC(export_buffer, material->len); + PSA_ASSERT(psa_export_key(returned_target_id, export_buffer, + material->len, &length)); + ASSERT_COMPARE(material->x, material->len, + export_buffer, length); + } else { size_t length; /* Check that the key is actually non-exportable. */ - TEST_EQUAL( psa_export_key( returned_target_id, export_buffer, - material->len, &length ), - PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL(psa_export_key(returned_target_id, export_buffer, + material->len, &length), + PSA_ERROR_NOT_PERMITTED); } - PSA_ASSERT( psa_destroy_key( returned_target_id ) ); + PSA_ASSERT(psa_destroy_key(returned_target_id)); exit: /* * Source and target key attributes may have been returned by * psa_get_key_attributes() thus reset them as required. */ - psa_reset_key_attributes( &source_attributes ); - psa_reset_key_attributes( &target_attributes ); + psa_reset_key_attributes(&source_attributes); + psa_reset_key_attributes(&target_attributes); - PSA_DONE( ); - mbedtls_free( export_buffer ); + PSA_DONE(); + mbedtls_free(export_buffer); } /* END_CASE */ /* BEGIN_CASE */ -void copy_to_occupied( int source_lifetime_arg, int source_id_arg, - int source_usage_arg, int source_alg_arg, - int source_type_arg, data_t *source_material, - int target_lifetime_arg, int target_id_arg, - int target_usage_arg, int target_alg_arg, - int target_type_arg, data_t *target_material ) +void copy_to_occupied(int source_lifetime_arg, int source_id_arg, + int source_usage_arg, int source_alg_arg, + int source_type_arg, data_t *source_material, + int target_lifetime_arg, int target_id_arg, + int target_usage_arg, int target_alg_arg, + int target_type_arg, data_t *target_material) { psa_key_lifetime_t source_lifetime = source_lifetime_arg; mbedtls_svc_key_id_t source_id = - mbedtls_svc_key_id_make( 1, source_id_arg ); + mbedtls_svc_key_id_make(1, source_id_arg); psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; psa_key_type_t source_type = source_type_arg; mbedtls_svc_key_id_t returned_source_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_lifetime_t target_lifetime = target_lifetime_arg; mbedtls_svc_key_id_t target_id = - mbedtls_svc_key_id_make( 1, target_id_arg ); + mbedtls_svc_key_id_make(1, target_id_arg); psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; psa_key_type_t target_type = target_type_arg; @@ -642,96 +631,92 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, psa_key_attributes_t attributes1 = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes2 = PSA_KEY_ATTRIBUTES_INIT; - TEST_USES_KEY_ID( source_id ); - TEST_USES_KEY_ID( target_id ); + TEST_USES_KEY_ID(source_id); + TEST_USES_KEY_ID(target_id); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Populate the source slot. */ - if( ! PSA_KEY_LIFETIME_IS_VOLATILE( source_lifetime ) ) - { - psa_set_key_id( &attributes, source_id ); - psa_set_key_lifetime( &attributes, source_lifetime ); + if (!PSA_KEY_LIFETIME_IS_VOLATILE(source_lifetime)) { + psa_set_key_id(&attributes, source_id); + psa_set_key_lifetime(&attributes, source_lifetime); } - psa_set_key_type( &attributes, source_type ); - psa_set_key_usage_flags( &attributes, source_usage ); - psa_set_key_algorithm( &attributes, source_alg ); - PSA_ASSERT( psa_import_key( &attributes, - source_material->x, source_material->len, - &returned_source_id ) ); + psa_set_key_type(&attributes, source_type); + psa_set_key_usage_flags(&attributes, source_usage); + psa_set_key_algorithm(&attributes, source_alg); + PSA_ASSERT(psa_import_key(&attributes, + source_material->x, source_material->len, + &returned_source_id)); /* Populate the target slot. */ - if( mbedtls_svc_key_id_equal( target_id, source_id ) ) - { + if (mbedtls_svc_key_id_equal(target_id, source_id)) { returned_target_id = returned_source_id; - } - else - { - psa_set_key_id( &attributes1, target_id ); - psa_set_key_lifetime( &attributes1, target_lifetime ); - psa_set_key_type( &attributes1, target_type ); - psa_set_key_usage_flags( &attributes1, target_usage ); - psa_set_key_algorithm( &attributes1, target_alg ); - PSA_ASSERT( psa_import_key( &attributes1, - target_material->x, target_material->len, - &returned_target_id ) ); + } else { + psa_set_key_id(&attributes1, target_id); + psa_set_key_lifetime(&attributes1, target_lifetime); + psa_set_key_type(&attributes1, target_type); + psa_set_key_usage_flags(&attributes1, target_usage); + psa_set_key_algorithm(&attributes1, target_alg); + PSA_ASSERT(psa_import_key(&attributes1, + target_material->x, target_material->len, + &returned_target_id)); } - PSA_ASSERT( psa_get_key_attributes( returned_target_id, &attributes1 ) ); + PSA_ASSERT(psa_get_key_attributes(returned_target_id, &attributes1)); /* Make a copy attempt. */ - psa_set_key_id( &attributes, target_id ); - psa_set_key_lifetime( &attributes, target_lifetime ); - TEST_EQUAL( psa_copy_key( returned_source_id, - &attributes, &new_key ), - PSA_ERROR_ALREADY_EXISTS ); - TEST_ASSERT( mbedtls_svc_key_id_is_null( new_key ) ); + psa_set_key_id(&attributes, target_id); + psa_set_key_lifetime(&attributes, target_lifetime); + TEST_EQUAL(psa_copy_key(returned_source_id, + &attributes, &new_key), + PSA_ERROR_ALREADY_EXISTS); + TEST_ASSERT(mbedtls_svc_key_id_is_null(new_key)); /* Test that the target slot is unaffected. */ - PSA_ASSERT( psa_get_key_attributes( returned_target_id, &attributes2 ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes1 ), - psa_get_key_id( &attributes2 ) ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes1 ), - psa_get_key_lifetime( &attributes2 ) ); - TEST_EQUAL( psa_get_key_type( &attributes1 ), - psa_get_key_type( &attributes2 ) ); - TEST_EQUAL( psa_get_key_bits( &attributes1 ), - psa_get_key_bits( &attributes2 ) ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes1 ), - psa_get_key_usage_flags( &attributes2 ) ); - TEST_EQUAL( psa_get_key_algorithm( &attributes1 ), - psa_get_key_algorithm( &attributes2 ) ); - if( target_usage & PSA_KEY_USAGE_EXPORT ) - { + PSA_ASSERT(psa_get_key_attributes(returned_target_id, &attributes2)); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes1), + psa_get_key_id(&attributes2))); + TEST_EQUAL(psa_get_key_lifetime(&attributes1), + psa_get_key_lifetime(&attributes2)); + TEST_EQUAL(psa_get_key_type(&attributes1), + psa_get_key_type(&attributes2)); + TEST_EQUAL(psa_get_key_bits(&attributes1), + psa_get_key_bits(&attributes2)); + TEST_EQUAL(psa_get_key_usage_flags(&attributes1), + psa_get_key_usage_flags(&attributes2)); + TEST_EQUAL(psa_get_key_algorithm(&attributes1), + psa_get_key_algorithm(&attributes2)); + if (target_usage & PSA_KEY_USAGE_EXPORT) { size_t length; - ASSERT_ALLOC( export_buffer, target_material->len ); - PSA_ASSERT( psa_export_key( returned_target_id, export_buffer, - target_material->len, &length ) ); - ASSERT_COMPARE( target_material->x, target_material->len, - export_buffer, length ); + ASSERT_ALLOC(export_buffer, target_material->len); + PSA_ASSERT(psa_export_key(returned_target_id, export_buffer, + target_material->len, &length)); + ASSERT_COMPARE(target_material->x, target_material->len, + export_buffer, length); } - PSA_ASSERT( psa_destroy_key( returned_source_id ) ); - if( ! mbedtls_svc_key_id_equal( target_id, source_id ) ) - PSA_ASSERT( psa_destroy_key( returned_target_id ) ); + PSA_ASSERT(psa_destroy_key(returned_source_id)); + if (!mbedtls_svc_key_id_equal(target_id, source_id)) { + PSA_ASSERT(psa_destroy_key(returned_target_id)); + } exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes1 ); - psa_reset_key_attributes( &attributes2 ); + psa_reset_key_attributes(&attributes1); + psa_reset_key_attributes(&attributes2); - PSA_DONE( ); - mbedtls_free( export_buffer ); + PSA_DONE(); + mbedtls_free(export_buffer); } /* END_CASE */ /* BEGIN_CASE */ -void invalid_handle( int handle_construction, - int close_status_arg ) +void invalid_handle(int handle_construction, + int close_status_arg) { psa_key_handle_t valid_handle = PSA_KEY_HANDLE_INIT; psa_key_handle_t invalid_handle = PSA_KEY_HANDLE_INIT; @@ -740,20 +725,19 @@ void invalid_handle( int handle_construction, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t material[1] = "a"; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Allocate a handle and store a key in it. */ - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - psa_set_key_usage_flags( &attributes, 0 ); - psa_set_key_algorithm( &attributes, 0 ); - PSA_ASSERT( psa_import_key( &attributes, - material, sizeof( material ), - &valid_handle ) ); - TEST_ASSERT( ! psa_key_handle_is_null( valid_handle ) ); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + psa_set_key_usage_flags(&attributes, 0); + psa_set_key_algorithm(&attributes, 0); + PSA_ASSERT(psa_import_key(&attributes, + material, sizeof(material), + &valid_handle)); + TEST_ASSERT(!psa_key_handle_is_null(valid_handle)); /* Construct an invalid handle as specified in the test case data. */ - switch( handle_construction ) - { + switch (handle_construction) { case INVALID_HANDLE_0: invalid_handle = PSA_KEY_HANDLE_INIT; break; @@ -770,129 +754,129 @@ void invalid_handle( int handle_construction, * unopened and thus invalid identifier. */ - if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) == - PSA_KEY_ID_VOLATILE_MIN ) + if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(valid_handle) == + PSA_KEY_ID_VOLATILE_MIN) { key_id = PSA_KEY_ID_VOLATILE_MIN + 1; - else - key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) - 1; + } else { + key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(valid_handle) - 1; + } invalid_handle = - mbedtls_svc_key_id_make( 0, key_id ); + mbedtls_svc_key_id_make(0, key_id); break; case INVALID_HANDLE_CLOSED: - PSA_ASSERT( psa_import_key( &attributes, - material, sizeof( material ), - &invalid_handle ) ); - PSA_ASSERT( psa_destroy_key( invalid_handle ) ); + PSA_ASSERT(psa_import_key(&attributes, + material, sizeof(material), + &invalid_handle)); + PSA_ASSERT(psa_destroy_key(invalid_handle)); break; case INVALID_HANDLE_HUGE: invalid_handle = - mbedtls_svc_key_id_make( 0, PSA_KEY_ID_VENDOR_MAX + 1 ); + mbedtls_svc_key_id_make(0, PSA_KEY_ID_VENDOR_MAX + 1); break; default: - TEST_ASSERT( ! "unknown handle construction" ); + TEST_ASSERT(!"unknown handle construction"); } /* Attempt to use the invalid handle. */ - TEST_EQUAL( psa_get_key_attributes( invalid_handle, &attributes ), - PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_close_key( invalid_handle ), close_status ); - TEST_EQUAL( psa_destroy_key( invalid_handle ), close_status ); + TEST_EQUAL(psa_get_key_attributes(invalid_handle, &attributes), + PSA_ERROR_INVALID_HANDLE); + TEST_EQUAL(psa_close_key(invalid_handle), close_status); + TEST_EQUAL(psa_destroy_key(invalid_handle), close_status); /* After all this, check that the original handle is intact. */ - PSA_ASSERT( psa_get_key_attributes( valid_handle, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), PSA_KEY_TYPE_RAW_DATA ); - TEST_EQUAL( psa_get_key_bits( &attributes ), - PSA_BYTES_TO_BITS( sizeof( material ) ) ); - PSA_ASSERT( psa_close_key( valid_handle ) ); + PSA_ASSERT(psa_get_key_attributes(valid_handle, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), PSA_KEY_TYPE_RAW_DATA); + TEST_EQUAL(psa_get_key_bits(&attributes), + PSA_BYTES_TO_BITS(sizeof(material))); + PSA_ASSERT(psa_close_key(valid_handle)); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void many_transient_keys( int max_keys_arg ) +void many_transient_keys(int max_keys_arg) { mbedtls_svc_key_id_t *keys = NULL; size_t max_keys = max_keys_arg; size_t i, j; psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - uint8_t exported[sizeof( size_t )]; + uint8_t exported[sizeof(size_t)]; size_t exported_length; - ASSERT_ALLOC( keys, max_keys ); - PSA_ASSERT( psa_crypto_init( ) ); + ASSERT_ALLOC(keys, max_keys); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, 0 ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, 0); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); - for( i = 0; i < max_keys; i++ ) - { - status = psa_import_key( &attributes, - (uint8_t *) &i, sizeof( i ), - &keys[i] ); - if( status == PSA_ERROR_INSUFFICIENT_MEMORY ) + for (i = 0; i < max_keys; i++) { + status = psa_import_key(&attributes, + (uint8_t *) &i, sizeof(i), + &keys[i]); + if (status == PSA_ERROR_INSUFFICIENT_MEMORY) { break; - PSA_ASSERT( status ); - TEST_ASSERT( ! mbedtls_svc_key_id_is_null( keys[i] ) ); - for( j = 0; j < i; j++ ) - TEST_ASSERT( ! mbedtls_svc_key_id_equal( keys[i], keys[j] ) ); + } + PSA_ASSERT(status); + TEST_ASSERT(!mbedtls_svc_key_id_is_null(keys[i])); + for (j = 0; j < i; j++) { + TEST_ASSERT(!mbedtls_svc_key_id_equal(keys[i], keys[j])); + } } max_keys = i; - for( i = 1; i < max_keys; i++ ) - { - PSA_ASSERT( psa_close_key( keys[i - 1] ) ); - PSA_ASSERT( psa_export_key( keys[i], - exported, sizeof( exported ), - &exported_length ) ); - ASSERT_COMPARE( exported, exported_length, - (uint8_t *) &i, sizeof( i ) ); + for (i = 1; i < max_keys; i++) { + PSA_ASSERT(psa_close_key(keys[i - 1])); + PSA_ASSERT(psa_export_key(keys[i], + exported, sizeof(exported), + &exported_length)); + ASSERT_COMPARE(exported, exported_length, + (uint8_t *) &i, sizeof(i)); } - PSA_ASSERT( psa_close_key( keys[i - 1] ) ); + PSA_ASSERT(psa_close_key(keys[i - 1])); exit: - PSA_DONE( ); - mbedtls_free( keys ); + PSA_DONE(); + mbedtls_free(keys); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ -void key_slot_eviction_to_import_new_key( int lifetime_arg ) +void key_slot_eviction_to_import_new_key(int lifetime_arg) { - psa_key_lifetime_t lifetime = (psa_key_lifetime_t)lifetime_arg; + psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg; size_t i; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - uint8_t exported[sizeof( size_t )]; + uint8_t exported[sizeof(size_t)]; size_t exported_length; mbedtls_svc_key_id_t key, returned_key_id; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, 0 ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, 0); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); /* * Create MBEDTLS_PSA_KEY_SLOT_COUNT persistent keys. */ - for( i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++ ) - { - key = mbedtls_svc_key_id_make( i, i + 1 ); - psa_set_key_id( &attributes, key ); - PSA_ASSERT( psa_import_key( &attributes, - (uint8_t *) &i, sizeof( i ), - &returned_key_id ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key ) ); + for (i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++) { + key = mbedtls_svc_key_id_make(i, i + 1); + psa_set_key_id(&attributes, key); + PSA_ASSERT(psa_import_key(&attributes, + (uint8_t *) &i, sizeof(i), + &returned_key_id)); + TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, key)); } /* @@ -902,18 +886,19 @@ void key_slot_eviction_to_import_new_key( int lifetime_arg ) * description in RAM. */ i = MBEDTLS_PSA_KEY_SLOT_COUNT; - key = mbedtls_svc_key_id_make( i, i + 1 ); - psa_set_key_id( &attributes, key ); - psa_set_key_lifetime( &attributes, lifetime ); - - PSA_ASSERT( psa_import_key( &attributes, - (uint8_t *) &i, sizeof( i ), - &returned_key_id ) ); - if( lifetime != PSA_KEY_LIFETIME_VOLATILE ) - TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key ) ); - else - TEST_ASSERT( psa_key_id_is_volatile( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( returned_key_id ) ) ); + key = mbedtls_svc_key_id_make(i, i + 1); + psa_set_key_id(&attributes, key); + psa_set_key_lifetime(&attributes, lifetime); + + PSA_ASSERT(psa_import_key(&attributes, + (uint8_t *) &i, sizeof(i), + &returned_key_id)); + if (lifetime != PSA_KEY_LIFETIME_VOLATILE) { + TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, key)); + } else { + TEST_ASSERT(psa_key_id_is_volatile( + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(returned_key_id))); + } /* * Check that we can export all ( MBEDTLS_PSA_KEY_SLOT_COUNT + 1 ) keys, @@ -922,120 +907,118 @@ void key_slot_eviction_to_import_new_key( int lifetime_arg ) * slots when creating the last key is restored in a RAM slot to export * its value. */ - for( i = 0; i <= MBEDTLS_PSA_KEY_SLOT_COUNT; i++ ) - { - if( i < MBEDTLS_PSA_KEY_SLOT_COUNT ) - key = mbedtls_svc_key_id_make( i, i + 1 ); - else + for (i = 0; i <= MBEDTLS_PSA_KEY_SLOT_COUNT; i++) { + if (i < MBEDTLS_PSA_KEY_SLOT_COUNT) { + key = mbedtls_svc_key_id_make(i, i + 1); + } else { key = returned_key_id; - - PSA_ASSERT( psa_export_key( key, - exported, sizeof( exported ), - &exported_length ) ); - ASSERT_COMPARE( exported, exported_length, - (uint8_t *) &i, sizeof( i ) ); - PSA_ASSERT( psa_destroy_key( key ) ); + } + + PSA_ASSERT(psa_export_key(key, + exported, sizeof(exported), + &exported_length)); + ASSERT_COMPARE(exported, exported_length, + (uint8_t *) &i, sizeof(i)); + PSA_ASSERT(psa_destroy_key(key)); } exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ -void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( ) +void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation() { psa_status_t status; size_t i; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - uint8_t exported[sizeof( size_t )]; + uint8_t exported[sizeof(size_t)]; size_t exported_length; mbedtls_svc_key_id_t persistent_key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t persistent_key2 = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t *keys = NULL; - TEST_ASSERT( MBEDTLS_PSA_KEY_SLOT_COUNT >= 1 ); + TEST_ASSERT(MBEDTLS_PSA_KEY_SLOT_COUNT >= 1); - ASSERT_ALLOC( keys, MBEDTLS_PSA_KEY_SLOT_COUNT ); - PSA_ASSERT( psa_crypto_init( ) ); + ASSERT_ALLOC(keys, MBEDTLS_PSA_KEY_SLOT_COUNT); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY ); - psa_set_key_algorithm( &attributes, 0 ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY); + psa_set_key_algorithm(&attributes, 0); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); /* * Create a persistent key */ - persistent_key = mbedtls_svc_key_id_make( 0x100, 0x205 ); - psa_set_key_id( &attributes, persistent_key ); - PSA_ASSERT( psa_import_key( &attributes, - (uint8_t *) &persistent_key, - sizeof( persistent_key ), - &returned_key_id ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, persistent_key ) ); + persistent_key = mbedtls_svc_key_id_make(0x100, 0x205); + psa_set_key_id(&attributes, persistent_key); + PSA_ASSERT(psa_import_key(&attributes, + (uint8_t *) &persistent_key, + sizeof(persistent_key), + &returned_key_id)); + TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, persistent_key)); /* * Create MBEDTLS_PSA_KEY_SLOT_COUNT volatile keys */ - psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE ); - for( i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++ ) - { - PSA_ASSERT( psa_import_key( &attributes, - (uint8_t *) &i, sizeof( i ), - &keys[i]) ); + psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_VOLATILE); + for (i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++) { + PSA_ASSERT(psa_import_key(&attributes, + (uint8_t *) &i, sizeof(i), + &keys[i])); } - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); /* * Check that we cannot access the persistent key as all slots are * occupied by volatile keys and the implementation needs to load the * persistent key description in a slot to be able to access it. */ - status = psa_get_key_attributes( persistent_key, &attributes ); - TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY ); + status = psa_get_key_attributes(persistent_key, &attributes); + TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_MEMORY); /* * Check we can export the volatile key created last and that it has the * expected value. Then, destroy it. */ - PSA_ASSERT( psa_export_key( keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1], - exported, sizeof( exported ), - &exported_length ) ); + PSA_ASSERT(psa_export_key(keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1], + exported, sizeof(exported), + &exported_length)); i = MBEDTLS_PSA_KEY_SLOT_COUNT - 1; - ASSERT_COMPARE( exported, exported_length, (uint8_t *) &i, sizeof( i ) ); - PSA_ASSERT( psa_destroy_key( keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1] ) ); + ASSERT_COMPARE(exported, exported_length, (uint8_t *) &i, sizeof(i)); + PSA_ASSERT(psa_destroy_key(keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1])); /* * Check that we can now access the persistent key again. */ - PSA_ASSERT( psa_get_key_attributes( persistent_key, &attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( attributes.core.id, - persistent_key ) ); + PSA_ASSERT(psa_get_key_attributes(persistent_key, &attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal(attributes.core.id, + persistent_key)); /* * Check that we cannot copy the persistent key as all slots are occupied * by the persistent key and the volatile keys and the slot containing the * persistent key cannot be reclaimed as it contains the key to copy. */ - persistent_key2 = mbedtls_svc_key_id_make( 0x100, 0x204 ); - psa_set_key_id( &attributes, persistent_key2 ); - status = psa_copy_key( persistent_key, &attributes, &returned_key_id ); - TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY ); + persistent_key2 = mbedtls_svc_key_id_make(0x100, 0x204); + psa_set_key_id(&attributes, persistent_key2); + status = psa_copy_key(persistent_key, &attributes, &returned_key_id); + TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_MEMORY); /* * Check we can export the remaining volatile keys and that they have the * expected values. */ - for( i = 0; i < ( MBEDTLS_PSA_KEY_SLOT_COUNT - 1 ); i++ ) - { - PSA_ASSERT( psa_export_key( keys[i], - exported, sizeof( exported ), - &exported_length ) ); - ASSERT_COMPARE( exported, exported_length, - (uint8_t *) &i, sizeof( i ) ); - PSA_ASSERT( psa_destroy_key( keys[i] ) ); + for (i = 0; i < (MBEDTLS_PSA_KEY_SLOT_COUNT - 1); i++) { + PSA_ASSERT(psa_export_key(keys[i], + exported, sizeof(exported), + &exported_length)); + ASSERT_COMPARE(exported, exported_length, + (uint8_t *) &i, sizeof(i)); + PSA_ASSERT(psa_destroy_key(keys[i])); } /* @@ -1043,19 +1026,19 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( ) * value. */ - PSA_ASSERT( psa_export_key( persistent_key, exported, sizeof( exported ), - &exported_length ) ); - ASSERT_COMPARE( exported, exported_length, - (uint8_t *) &persistent_key, sizeof( persistent_key ) ); + PSA_ASSERT(psa_export_key(persistent_key, exported, sizeof(exported), + &exported_length)); + ASSERT_COMPARE(exported, exported_length, + (uint8_t *) &persistent_key, sizeof(persistent_key)); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( persistent_key ); - PSA_DONE( ); - mbedtls_free( keys ); + psa_destroy_key(persistent_key); + PSA_DONE(); + mbedtls_free(keys); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_storage_format.function b/tests/suites/test_suite_psa_crypto_storage_format.function index 7f0a00e879ea..ee66f7d73423 100644 --- a/tests/suites/test_suite_psa_crypto_storage_format.function +++ b/tests/suites/test_suite_psa_crypto_storage_format.function @@ -16,10 +16,10 @@ * On error, including if the key representation in storage differs, * mark the test case as failed and return 0. On success, return 1. */ -static int test_written_key( const psa_key_attributes_t *attributes, - const data_t *material, - psa_storage_uid_t uid, - const data_t *expected_representation ) +static int test_written_key(const psa_key_attributes_t *attributes, + const data_t *material, + psa_storage_uid_t uid, + const data_t *expected_representation) { mbedtls_svc_key_id_t created_key_id = MBEDTLS_SVC_KEY_ID_INIT; uint8_t *actual_representation = NULL; @@ -28,136 +28,153 @@ static int test_written_key( const psa_key_attributes_t *attributes, int ok = 0; /* Create a key with the given parameters. */ - PSA_ASSERT( psa_import_key( attributes, material->x, material->len, - &created_key_id ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( attributes ), - created_key_id ) ); + PSA_ASSERT(psa_import_key(attributes, material->x, material->len, + &created_key_id)); + TEST_ASSERT(mbedtls_svc_key_id_equal(psa_get_key_id(attributes), + created_key_id)); /* Check that the key is represented as expected. */ - PSA_ASSERT( psa_its_get_info( uid, &storage_info ) ); - TEST_EQUAL( storage_info.size, expected_representation->len ); - ASSERT_ALLOC( actual_representation, storage_info.size ); - PSA_ASSERT( psa_its_get( uid, 0, storage_info.size, - actual_representation, &length ) ); - ASSERT_COMPARE( expected_representation->x, expected_representation->len, - actual_representation, length ); + PSA_ASSERT(psa_its_get_info(uid, &storage_info)); + TEST_EQUAL(storage_info.size, expected_representation->len); + ASSERT_ALLOC(actual_representation, storage_info.size); + PSA_ASSERT(psa_its_get(uid, 0, storage_info.size, + actual_representation, &length)); + ASSERT_COMPARE(expected_representation->x, expected_representation->len, + actual_representation, length); ok = 1; exit: - mbedtls_free( actual_representation ); - return( ok ); + mbedtls_free(actual_representation); + return ok; } /** Check if a key is exportable. */ -static int can_export( const psa_key_attributes_t *attributes ) +static int can_export(const psa_key_attributes_t *attributes) { - if( psa_get_key_usage_flags( attributes ) & PSA_KEY_USAGE_EXPORT ) - return( 1 ); - else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( attributes ) ) ) - return( 1 ); - else - return( 0 ); + if (psa_get_key_usage_flags(attributes) & PSA_KEY_USAGE_EXPORT) { + return 1; + } else if (PSA_KEY_TYPE_IS_PUBLIC_KEY(psa_get_key_type(attributes))) { + return 1; + } else { + return 0; + } } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) -static int is_accelerated_rsa( psa_algorithm_t alg ) +static int is_accelerated_rsa(psa_algorithm_t alg) { #if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) - if ( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) - return( 1 ); + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) { + return 1; + } #endif #if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) - if( PSA_ALG_IS_RSA_PSS( alg ) ) - return( 1 ); + if (PSA_ALG_IS_RSA_PSS(alg)) { + return 1; + } #endif #if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) - if( PSA_ALG_IS_RSA_OAEP( alg ) ) - return( 1 ); + if (PSA_ALG_IS_RSA_OAEP(alg)) { + return 1; + } #endif (void) alg; - return( 0 ); + return 0; } /* Whether the algorithm is implemented as a builtin, i.e. not accelerated, * and calls mbedtls_md() functions that require the hash algorithm to * also be built-in. */ -static int is_builtin_calling_md( psa_algorithm_t alg ) +static int is_builtin_calling_md(psa_algorithm_t alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) - return( 1 ); + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) { + return 1; + } #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - if( PSA_ALG_IS_RSA_PSS( alg ) ) - return( 1 ); + if (PSA_ALG_IS_RSA_PSS(alg)) { + return 1; + } #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) - if( PSA_ALG_IS_RSA_OAEP( alg ) ) - return( 1 ); + if (PSA_ALG_IS_RSA_OAEP(alg)) { + return 1; + } #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - if( PSA_ALG_IS_DETERMINISTIC_ECDSA( alg ) ) - return( 1 ); + if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)) { + return 1; + } #endif (void) alg; - return( 0 ); + return 0; } -static int has_builtin_hash( psa_algorithm_t alg ) +static int has_builtin_hash(psa_algorithm_t alg) { #if !defined(MBEDTLS_MD2_C) - if( alg == PSA_ALG_MD2 ) - return( 0 ); + if (alg == PSA_ALG_MD2) { + return 0; + } #endif #if !defined(MBEDTLS_MD4_C) - if( alg == PSA_ALG_MD4 ) - return( 0 ); + if (alg == PSA_ALG_MD4) { + return 0; + } #endif #if !defined(MBEDTLS_MD5_C) - if( alg == PSA_ALG_MD5 ) - return( 0 ); + if (alg == PSA_ALG_MD5) { + return 0; + } #endif #if !defined(MBEDTLS_RIPEMD160_C) - if( alg == PSA_ALG_RIPEMD160 ) - return( 0 ); + if (alg == PSA_ALG_RIPEMD160) { + return 0; + } #endif #if !defined(MBEDTLS_SHA1_C) - if( alg == PSA_ALG_SHA_1 ) - return( 0 ); + if (alg == PSA_ALG_SHA_1) { + return 0; + } #endif #if !defined(MBEDTLS_SHA224_C) - if( alg == PSA_ALG_SHA_224 ) - return( 0 ); + if (alg == PSA_ALG_SHA_224) { + return 0; + } #endif #if !defined(MBEDTLS_SHA256_C) - if( alg == PSA_ALG_SHA_256 ) - return( 0 ); + if (alg == PSA_ALG_SHA_256) { + return 0; + } #endif #if !defined(MBEDTLS_SHA384_C) - if( alg == PSA_ALG_SHA_384 ) - return( 0 ); + if (alg == PSA_ALG_SHA_384) { + return 0; + } #endif #if !defined(MBEDTLS_SHA512_C) - if( alg == PSA_ALG_SHA_512 ) - return( 0 ); + if (alg == PSA_ALG_SHA_512) { + return 0; + } #endif (void) alg; - return( 1 ); + return 1; } #endif /* Mbed TLS doesn't support certain combinations of key type and algorithm * in certain configurations. */ -static int can_exercise( const psa_key_attributes_t *attributes ) +static int can_exercise(const psa_key_attributes_t *attributes) { - psa_key_type_t key_type = psa_get_key_type( attributes ); - psa_algorithm_t alg = psa_get_key_algorithm( attributes ); + psa_key_type_t key_type = psa_get_key_type(attributes); + psa_algorithm_t alg = psa_get_key_algorithm(attributes); psa_algorithm_t hash_alg = - PSA_ALG_IS_HASH_AND_SIGN( alg ) ? PSA_ALG_SIGN_GET_HASH( alg ) : - PSA_ALG_IS_RSA_OAEP( alg ) ? PSA_ALG_RSA_OAEP_GET_HASH( alg ) : + PSA_ALG_IS_HASH_AND_SIGN(alg) ? PSA_ALG_SIGN_GET_HASH(alg) : + PSA_ALG_IS_RSA_OAEP(alg) ? PSA_ALG_RSA_OAEP_GET_HASH(alg) : PSA_ALG_NONE; - psa_key_usage_t usage = psa_get_key_usage_flags( attributes ); + psa_key_usage_t usage = psa_get_key_usage_flags(attributes); #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) /* We test some configurations using drivers where the driver doesn't @@ -171,32 +188,28 @@ static int can_exercise( const psa_key_attributes_t *attributes ) * affected. All RSA signatures are affected except raw PKCS#1v1.5. * OAEP is also affected. */ - if( PSA_ALG_IS_DETERMINISTIC_ECDSA( alg ) && - ! ( usage & ( PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE ) ) ) - { + if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) && + !(usage & (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE))) { /* Verification only. Verification doesn't use the hash algorithm. */ - return( 1 ); + return 1; } #if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) - if( PSA_ALG_IS_DETERMINISTIC_ECDSA( alg ) && - ( hash_alg == PSA_ALG_MD5 || - hash_alg == PSA_ALG_RIPEMD160 || - hash_alg == PSA_ALG_SHA_1 ) ) - { - return( 0 ); + if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) && + (hash_alg == PSA_ALG_MD5 || + hash_alg == PSA_ALG_RIPEMD160 || + hash_alg == PSA_ALG_SHA_1)) { + return 0; } #endif - if( is_accelerated_rsa( alg ) && - ( hash_alg == PSA_ALG_RIPEMD160 || hash_alg == PSA_ALG_SHA_384 ) ) - { - return( 0 ); + if (is_accelerated_rsa(alg) && + (hash_alg == PSA_ALG_RIPEMD160 || hash_alg == PSA_ALG_SHA_384)) { + return 0; } #if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) - if( PSA_ALG_IS_RSA_OAEP( alg ) && - ( hash_alg == PSA_ALG_RIPEMD160 || hash_alg == PSA_ALG_SHA_384 ) ) - { - return( 0 ); + if (PSA_ALG_IS_RSA_OAEP(alg) && + (hash_alg == PSA_ALG_RIPEMD160 || hash_alg == PSA_ALG_SHA_384)) { + return 0; } #endif @@ -204,9 +217,8 @@ static int can_exercise( const psa_key_attributes_t *attributes ) * hash internally only dispatch to the internal md module, not to * PSA. Until this is supported, don't try to actually perform * operations when the operation is built-in and the hash isn't. */ - if( is_builtin_calling_md( alg ) && ! has_builtin_hash( hash_alg ) ) - { - return( 0 ); + if (is_builtin_calling_md(alg) && !has_builtin_hash(hash_alg)) { + return 0; } #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 */ @@ -214,7 +226,7 @@ static int can_exercise( const psa_key_attributes_t *attributes ) (void) alg; (void) hash_alg; (void) usage; - return( 1 ); + return 1; } /** Write a key with the given representation to storage, then check @@ -223,78 +235,73 @@ static int can_exercise( const psa_key_attributes_t *attributes ) * On error, including if the key representation in storage differs, * mark the test case as failed and return 0. On success, return 1. */ -static int test_read_key( const psa_key_attributes_t *expected_attributes, - const data_t *expected_material, - psa_storage_uid_t uid, - const data_t *representation, - int flags ) +static int test_read_key(const psa_key_attributes_t *expected_attributes, + const data_t *expected_material, + psa_storage_uid_t uid, + const data_t *representation, + int flags) { psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t key_id = psa_get_key_id( expected_attributes ); + mbedtls_svc_key_id_t key_id = psa_get_key_id(expected_attributes); struct psa_storage_info_t storage_info; int ok = 0; uint8_t *exported_material = NULL; size_t length; /* Prime the storage with a key file. */ - PSA_ASSERT( psa_its_set( uid, representation->len, representation->x, 0 ) ); + PSA_ASSERT(psa_its_set(uid, representation->len, representation->x, 0)); /* Check that the injected key exists and looks as expected. */ - PSA_ASSERT( psa_get_key_attributes( key_id, &actual_attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( key_id, - psa_get_key_id( &actual_attributes ) ) ); - TEST_EQUAL( psa_get_key_lifetime( expected_attributes ), - psa_get_key_lifetime( &actual_attributes ) ); - TEST_EQUAL( psa_get_key_type( expected_attributes ), - psa_get_key_type( &actual_attributes ) ); - TEST_EQUAL( psa_get_key_bits( expected_attributes ), - psa_get_key_bits( &actual_attributes ) ); - TEST_EQUAL( psa_get_key_usage_flags( expected_attributes ), - psa_get_key_usage_flags( &actual_attributes ) ); - TEST_EQUAL( psa_get_key_algorithm( expected_attributes ), - psa_get_key_algorithm( &actual_attributes ) ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( expected_attributes ), - psa_get_key_enrollment_algorithm( &actual_attributes ) ); - if( can_export( expected_attributes ) ) - { - ASSERT_ALLOC( exported_material, expected_material->len ); - PSA_ASSERT( psa_export_key( key_id, - exported_material, expected_material->len, - &length ) ); - ASSERT_COMPARE( expected_material->x, expected_material->len, - exported_material, length ); + PSA_ASSERT(psa_get_key_attributes(key_id, &actual_attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal(key_id, + psa_get_key_id(&actual_attributes))); + TEST_EQUAL(psa_get_key_lifetime(expected_attributes), + psa_get_key_lifetime(&actual_attributes)); + TEST_EQUAL(psa_get_key_type(expected_attributes), + psa_get_key_type(&actual_attributes)); + TEST_EQUAL(psa_get_key_bits(expected_attributes), + psa_get_key_bits(&actual_attributes)); + TEST_EQUAL(psa_get_key_usage_flags(expected_attributes), + psa_get_key_usage_flags(&actual_attributes)); + TEST_EQUAL(psa_get_key_algorithm(expected_attributes), + psa_get_key_algorithm(&actual_attributes)); + TEST_EQUAL(psa_get_key_enrollment_algorithm(expected_attributes), + psa_get_key_enrollment_algorithm(&actual_attributes)); + if (can_export(expected_attributes)) { + ASSERT_ALLOC(exported_material, expected_material->len); + PSA_ASSERT(psa_export_key(key_id, + exported_material, expected_material->len, + &length)); + ASSERT_COMPARE(expected_material->x, expected_material->len, + exported_material, length); } - if( ( flags & TEST_FLAG_EXERCISE ) && can_exercise( &actual_attributes ) ) - { - TEST_ASSERT( mbedtls_test_psa_exercise_key( - key_id, - psa_get_key_usage_flags( expected_attributes ), - psa_get_key_algorithm( expected_attributes ) ) ); + if ((flags & TEST_FLAG_EXERCISE) && can_exercise(&actual_attributes)) { + TEST_ASSERT(mbedtls_test_psa_exercise_key( + key_id, + psa_get_key_usage_flags(expected_attributes), + psa_get_key_algorithm(expected_attributes))); } - if( flags & TEST_FLAG_READ_ONLY ) - { + if (flags & TEST_FLAG_READ_ONLY) { /* Read-only keys cannot be removed through the API. * The key will be removed through ITS in the cleanup code below. */ - TEST_EQUAL( PSA_ERROR_NOT_PERMITTED, psa_destroy_key( key_id ) ); - } - else - { + TEST_EQUAL(PSA_ERROR_NOT_PERMITTED, psa_destroy_key(key_id)); + } else { /* Destroy the key. Confirm through direct access to the storage. */ - PSA_ASSERT( psa_destroy_key( key_id ) ); - TEST_EQUAL( PSA_ERROR_DOES_NOT_EXIST, - psa_its_get_info( uid, &storage_info ) ); + PSA_ASSERT(psa_destroy_key(key_id)); + TEST_EQUAL(PSA_ERROR_DOES_NOT_EXIST, + psa_its_get_info(uid, &storage_info)); } ok = 1; exit: - psa_reset_key_attributes( &actual_attributes ); - psa_its_remove( uid ); - mbedtls_free( exported_material ); - return( ok ); + psa_reset_key_attributes(&actual_attributes); + psa_its_remove(uid); + mbedtls_free(exported_material); + return ok; } /* END_HEADER */ @@ -305,10 +312,10 @@ exit: */ /* BEGIN_CASE */ -void key_storage_save( int lifetime_arg, int type_arg, int bits_arg, - int usage_arg, int alg_arg, int alg2_arg, - data_t *material, - data_t *representation ) +void key_storage_save(int lifetime_arg, int type_arg, int bits_arg, + int usage_arg, int alg_arg, int alg2_arg, + data_t *material, + data_t *representation) { /* Forward compatibility: save a key in the current format and * check that it has the expected format so that future versions @@ -320,40 +327,40 @@ void key_storage_save( int lifetime_arg, int type_arg, int bits_arg, psa_key_usage_t usage = usage_arg; psa_algorithm_t alg = alg_arg; psa_algorithm_t alg2 = alg2_arg; - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 0, 1 ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(0, 1); psa_storage_uid_t uid = 1; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_INIT( ); - TEST_USES_KEY_ID( key_id ); + PSA_INIT(); + TEST_USES_KEY_ID(key_id); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_enrollment_algorithm( &attributes, alg2 ); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_enrollment_algorithm(&attributes, alg2); /* This is the current storage format. Test that we know exactly how * the key is stored. The stability of the test data in future * versions of Mbed TLS will guarantee that future versions * can read back what this version wrote. */ - TEST_ASSERT( test_written_key( &attributes, material, - uid, representation ) ); + TEST_ASSERT(test_written_key(&attributes, material, + uid, representation)); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key_id ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key_id); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_storage_read( int lifetime_arg, int type_arg, int bits_arg, - int usage_arg, int alg_arg, int alg2_arg, - data_t *material, - data_t *representation, int flags ) +void key_storage_read(int lifetime_arg, int type_arg, int bits_arg, + int usage_arg, int alg_arg, int alg2_arg, + data_t *material, + data_t *representation, int flags) { /* Backward compatibility: read a key in the format of a past version * and check that this version can use it. */ @@ -364,29 +371,29 @@ void key_storage_read( int lifetime_arg, int type_arg, int bits_arg, psa_key_usage_t usage = usage_arg; psa_algorithm_t alg = alg_arg; psa_algorithm_t alg2 = alg2_arg; - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 0, 1 ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(0, 1); psa_storage_uid_t uid = 1; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_INIT( ); - TEST_USES_KEY_ID( key_id ); + PSA_INIT(); + TEST_USES_KEY_ID(key_id); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_enrollment_algorithm( &attributes, alg2 ); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_enrollment_algorithm(&attributes, alg2); /* Test that we can use a key with the given representation. This * guarantees backward compatibility with keys that were stored by * past versions of Mbed TLS. */ - TEST_ASSERT( test_read_key( &attributes, material, - uid, representation, flags ) ); + TEST_ASSERT(test_read_key(&attributes, material, + uid, representation, flags)); exit: - psa_reset_key_attributes( &attributes ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_its.function b/tests/suites/test_suite_psa_its.function index 12878b53355a..7864b9c88236 100644 --- a/tests/suites/test_suite_psa_its.function +++ b/tests/suites/test_suite_psa_its.function @@ -20,23 +20,23 @@ #define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx%08lx" #define PSA_ITS_STORAGE_SUFFIX ".psa_its" #define PSA_ITS_STORAGE_FILENAME_LENGTH \ - ( sizeof( PSA_ITS_STORAGE_PREFIX ) - 1 + /*prefix without terminating 0*/ \ - 16 + /*UID (64-bit number in hex)*/ \ - 16 + /*UID (64-bit number in hex)*/ \ - sizeof( PSA_ITS_STORAGE_SUFFIX ) - 1 + /*suffix without terminating 0*/ \ - 1 /*terminating null byte*/ ) + (sizeof(PSA_ITS_STORAGE_PREFIX) - 1 + /*prefix without terminating 0*/ \ + 16 + /*UID (64-bit number in hex)*/ \ + 16 + /*UID (64-bit number in hex)*/ \ + sizeof(PSA_ITS_STORAGE_SUFFIX) - 1 + /*suffix without terminating 0*/ \ + 1 /*terminating null byte*/) #define PSA_ITS_STORAGE_TEMP \ PSA_ITS_STORAGE_PREFIX "tempfile" PSA_ITS_STORAGE_SUFFIX -static void psa_its_fill_filename( psa_storage_uid_t uid, char *filename ) +static void psa_its_fill_filename(psa_storage_uid_t uid, char *filename) { /* Break up the UID into two 32-bit pieces so as not to rely on * long long support in snprintf. */ - mbedtls_snprintf( filename, PSA_ITS_STORAGE_FILENAME_LENGTH, - "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s", - PSA_ITS_STORAGE_PREFIX, - (unsigned long) ( uid >> 32 ), - (unsigned long) ( uid & 0xffffffff ), - PSA_ITS_STORAGE_SUFFIX ); + mbedtls_snprintf(filename, PSA_ITS_STORAGE_FILENAME_LENGTH, + "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s", + PSA_ITS_STORAGE_PREFIX, + (unsigned long) (uid >> 32), + (unsigned long) (uid & 0xffffffff), + PSA_ITS_STORAGE_SUFFIX); } /* Maximum uid used by the test, recorded so that cleanup() can delete @@ -44,7 +44,7 @@ static void psa_its_fill_filename( psa_storage_uid_t uid, char *filename ) * need to and should not be taken into account for uid_max. */ static psa_storage_uid_t uid_max = 0; -static void cleanup( void ) +static void cleanup(void) { /* Call remove() on all the files that a test might have created. * We ignore the error if the file exists but remove() fails because @@ -55,25 +55,25 @@ static void cleanup( void ) * test case. */ char filename[PSA_ITS_STORAGE_FILENAME_LENGTH]; psa_storage_uid_t uid; - for( uid = 0; uid < uid_max; uid++ ) - { - psa_its_fill_filename( uid, filename ); - (void) remove( filename ); + for (uid = 0; uid < uid_max; uid++) { + psa_its_fill_filename(uid, filename); + (void) remove(filename); } - psa_its_fill_filename( (psa_storage_uid_t)( -1 ), filename ); - (void) remove( filename ); - (void) remove( PSA_ITS_STORAGE_TEMP ); + psa_its_fill_filename((psa_storage_uid_t) (-1), filename); + (void) remove(filename); + (void) remove(PSA_ITS_STORAGE_TEMP); uid_max = 0; } -static psa_status_t psa_its_set_wrap( psa_storage_uid_t uid, - uint32_t data_length, - const void *p_data, - psa_storage_create_flags_t create_flags ) +static psa_status_t psa_its_set_wrap(psa_storage_uid_t uid, + uint32_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags) { - if( uid_max != (psa_storage_uid_t)( -1 ) && uid_max < uid ) + if (uid_max != (psa_storage_uid_t) (-1) && uid_max < uid) { uid_max = uid; - return( psa_its_set( uid, data_length, p_data, create_flags ) ); + } + return psa_its_set(uid, data_length, p_data, create_flags); } /* END_HEADER */ @@ -84,7 +84,7 @@ static psa_status_t psa_its_set_wrap( psa_storage_uid_t uid, */ /* BEGIN_CASE */ -void set_get_remove( int uid_arg, int flags_arg, data_t *data ) +void set_get_remove(int uid_arg, int flags_arg, data_t *data) { psa_storage_uid_t uid = uid_arg; uint32_t flags = flags_arg; @@ -92,28 +92,28 @@ void set_get_remove( int uid_arg, int flags_arg, data_t *data ) unsigned char *buffer = NULL; size_t ret_len = 0; - ASSERT_ALLOC( buffer, data->len ); + ASSERT_ALLOC(buffer, data->len); - PSA_ASSERT( psa_its_set_wrap( uid, data->len, data->x, flags ) ); + PSA_ASSERT(psa_its_set_wrap(uid, data->len, data->x, flags)); - PSA_ASSERT( psa_its_get_info( uid, &info ) ); - TEST_ASSERT( info.size == data->len ); - TEST_ASSERT( info.flags == flags ); - PSA_ASSERT( psa_its_get( uid, 0, data->len, buffer, &ret_len ) ); - ASSERT_COMPARE( data->x, data->len, buffer, ret_len ); + PSA_ASSERT(psa_its_get_info(uid, &info)); + TEST_ASSERT(info.size == data->len); + TEST_ASSERT(info.flags == flags); + PSA_ASSERT(psa_its_get(uid, 0, data->len, buffer, &ret_len)); + ASSERT_COMPARE(data->x, data->len, buffer, ret_len); - PSA_ASSERT( psa_its_remove( uid ) ); + PSA_ASSERT(psa_its_remove(uid)); exit: - mbedtls_free( buffer ); - cleanup( ); + mbedtls_free(buffer); + cleanup(); } /* END_CASE */ /* BEGIN_CASE */ -void set_overwrite( int uid_arg, - int flags1_arg, data_t *data1, - int flags2_arg, data_t *data2 ) +void set_overwrite(int uid_arg, + int flags1_arg, data_t *data1, + int flags2_arg, data_t *data2) { psa_storage_uid_t uid = uid_arg; uint32_t flags1 = flags1_arg; @@ -122,33 +122,33 @@ void set_overwrite( int uid_arg, unsigned char *buffer = NULL; size_t ret_len = 0; - ASSERT_ALLOC( buffer, MAX( data1->len, data2->len ) ); + ASSERT_ALLOC(buffer, MAX(data1->len, data2->len)); - PSA_ASSERT( psa_its_set_wrap( uid, data1->len, data1->x, flags1 ) ); - PSA_ASSERT( psa_its_get_info( uid, &info ) ); - TEST_ASSERT( info.size == data1->len ); - TEST_ASSERT( info.flags == flags1 ); - PSA_ASSERT( psa_its_get( uid, 0, data1->len, buffer, &ret_len ) ); - ASSERT_COMPARE( data1->x, data1->len, buffer, ret_len ); + PSA_ASSERT(psa_its_set_wrap(uid, data1->len, data1->x, flags1)); + PSA_ASSERT(psa_its_get_info(uid, &info)); + TEST_ASSERT(info.size == data1->len); + TEST_ASSERT(info.flags == flags1); + PSA_ASSERT(psa_its_get(uid, 0, data1->len, buffer, &ret_len)); + ASSERT_COMPARE(data1->x, data1->len, buffer, ret_len); - PSA_ASSERT( psa_its_set_wrap( uid, data2->len, data2->x, flags2 ) ); - PSA_ASSERT( psa_its_get_info( uid, &info ) ); - TEST_ASSERT( info.size == data2->len ); - TEST_ASSERT( info.flags == flags2 ); + PSA_ASSERT(psa_its_set_wrap(uid, data2->len, data2->x, flags2)); + PSA_ASSERT(psa_its_get_info(uid, &info)); + TEST_ASSERT(info.size == data2->len); + TEST_ASSERT(info.flags == flags2); ret_len = 0; - PSA_ASSERT( psa_its_get( uid, 0, data2->len, buffer, &ret_len ) ); - ASSERT_COMPARE( data2->x, data2->len, buffer, ret_len ); + PSA_ASSERT(psa_its_get(uid, 0, data2->len, buffer, &ret_len)); + ASSERT_COMPARE(data2->x, data2->len, buffer, ret_len); - PSA_ASSERT( psa_its_remove( uid ) ); + PSA_ASSERT(psa_its_remove(uid)); exit: - mbedtls_free( buffer ); - cleanup( ); + mbedtls_free(buffer); + cleanup(); } /* END_CASE */ /* BEGIN_CASE */ -void set_multiple( int first_id, int count ) +void set_multiple(int first_id, int count) { psa_storage_uid_t uid0 = first_id; psa_storage_uid_t uid; @@ -156,58 +156,55 @@ void set_multiple( int first_id, int count ) char retrieved[40]; size_t ret_len = 0; - memset( stored, '.', sizeof( stored ) ); - for( uid = uid0; uid < uid0 + count; uid++ ) - { - mbedtls_snprintf( stored, sizeof( stored ), - "Content of file 0x%08lx", (unsigned long) uid ); - PSA_ASSERT( psa_its_set_wrap( uid, sizeof( stored ), stored, 0 ) ); + memset(stored, '.', sizeof(stored)); + for (uid = uid0; uid < uid0 + count; uid++) { + mbedtls_snprintf(stored, sizeof(stored), + "Content of file 0x%08lx", (unsigned long) uid); + PSA_ASSERT(psa_its_set_wrap(uid, sizeof(stored), stored, 0)); } - for( uid = uid0; uid < uid0 + count; uid++ ) - { - mbedtls_snprintf( stored, sizeof( stored ), - "Content of file 0x%08lx", (unsigned long) uid ); - PSA_ASSERT( psa_its_get( uid, 0, sizeof( stored ), retrieved, &ret_len ) ); - ASSERT_COMPARE( retrieved, ret_len, - stored, sizeof( stored ) ); - PSA_ASSERT( psa_its_remove( uid ) ); - TEST_ASSERT( psa_its_get( uid, 0, 0, NULL, NULL ) == - PSA_ERROR_DOES_NOT_EXIST ); + for (uid = uid0; uid < uid0 + count; uid++) { + mbedtls_snprintf(stored, sizeof(stored), + "Content of file 0x%08lx", (unsigned long) uid); + PSA_ASSERT(psa_its_get(uid, 0, sizeof(stored), retrieved, &ret_len)); + ASSERT_COMPARE(retrieved, ret_len, + stored, sizeof(stored)); + PSA_ASSERT(psa_its_remove(uid)); + TEST_ASSERT(psa_its_get(uid, 0, 0, NULL, NULL) == + PSA_ERROR_DOES_NOT_EXIST); } exit: - cleanup( ); + cleanup(); } /* END_CASE */ /* BEGIN_CASE */ -void nonexistent( int uid_arg, int create_and_remove ) +void nonexistent(int uid_arg, int create_and_remove) { psa_storage_uid_t uid = uid_arg; struct psa_storage_info_t info; - if( create_and_remove ) - { - PSA_ASSERT( psa_its_set_wrap( uid, 0, NULL, 0 ) ); - PSA_ASSERT( psa_its_remove( uid ) ); + if (create_and_remove) { + PSA_ASSERT(psa_its_set_wrap(uid, 0, NULL, 0)); + PSA_ASSERT(psa_its_remove(uid)); } - TEST_ASSERT( psa_its_remove( uid ) == PSA_ERROR_DOES_NOT_EXIST ); - TEST_ASSERT( psa_its_get_info( uid, &info ) == - PSA_ERROR_DOES_NOT_EXIST ); - TEST_ASSERT( psa_its_get( uid, 0, 0, NULL, NULL ) == - PSA_ERROR_DOES_NOT_EXIST ); + TEST_ASSERT(psa_its_remove(uid) == PSA_ERROR_DOES_NOT_EXIST); + TEST_ASSERT(psa_its_get_info(uid, &info) == + PSA_ERROR_DOES_NOT_EXIST); + TEST_ASSERT(psa_its_get(uid, 0, 0, NULL, NULL) == + PSA_ERROR_DOES_NOT_EXIST); exit: - cleanup( ); + cleanup(); } /* END_CASE */ /* BEGIN_CASE */ -void get_at( int uid_arg, data_t *data, - int offset, int length_arg, - int expected_status ) +void get_at(int uid_arg, data_t *data, + int offset, int length_arg, + int expected_status) { psa_storage_uid_t uid = uid_arg; unsigned char *buffer = NULL; @@ -217,31 +214,33 @@ void get_at( int uid_arg, data_t *data, size_t i; size_t ret_len = 0; - ASSERT_ALLOC( buffer, length + 16 ); + ASSERT_ALLOC(buffer, length + 16); trailer = buffer + length; - memset( trailer, '-', 16 ); + memset(trailer, '-', 16); - PSA_ASSERT( psa_its_set_wrap( uid, data->len, data->x, 0 ) ); + PSA_ASSERT(psa_its_set_wrap(uid, data->len, data->x, 0)); - status = psa_its_get( uid, offset, length_arg, buffer, &ret_len ); - TEST_ASSERT( status == (psa_status_t) expected_status ); - if( status == PSA_SUCCESS ) - ASSERT_COMPARE( data->x + offset, (size_t) length_arg, - buffer, ret_len ); - for( i = 0; i < 16; i++ ) - TEST_ASSERT( trailer[i] == '-' ); - PSA_ASSERT( psa_its_remove( uid ) ); + status = psa_its_get(uid, offset, length_arg, buffer, &ret_len); + TEST_ASSERT(status == (psa_status_t) expected_status); + if (status == PSA_SUCCESS) { + ASSERT_COMPARE(data->x + offset, (size_t) length_arg, + buffer, ret_len); + } + for (i = 0; i < 16; i++) { + TEST_ASSERT(trailer[i] == '-'); + } + PSA_ASSERT(psa_its_remove(uid)); exit: - mbedtls_free( buffer ); - cleanup( ); + mbedtls_free(buffer); + cleanup(); } /* END_CASE */ /* BEGIN_CASE */ -void get_fail( int uid_arg, data_t *data, - int overwrite_magic, int cut_header, - int expected_status ) +void get_fail(int uid_arg, data_t *data, + int overwrite_magic, int cut_header, + int expected_status) { psa_storage_uid_t uid = uid_arg; unsigned char *buffer = NULL; @@ -252,54 +251,53 @@ void get_fail( int uid_arg, data_t *data, FILE *stream = NULL; char bad_char = 'X'; - PSA_ASSERT( psa_its_set_wrap( uid, data->len, data->x, 0 ) ); + PSA_ASSERT(psa_its_set_wrap(uid, data->len, data->x, 0)); - psa_its_fill_filename( uid, filename ); - stream = fopen( filename, "rb+" ); - TEST_ASSERT( NULL != stream ); - if( 0 != overwrite_magic ) - { + psa_its_fill_filename(uid, filename); + stream = fopen(filename, "rb+"); + TEST_ASSERT(NULL != stream); + if (0 != overwrite_magic) { /* Overwrite the 1st byte of the file, the ITS magic number */ - TEST_ASSERT( fseek( stream, 0, SEEK_SET ) == 0 ); - n = fwrite( &bad_char, 1, 1, stream ); - TEST_ASSERT( 1 == n ); + TEST_ASSERT(fseek(stream, 0, SEEK_SET) == 0); + n = fwrite(&bad_char, 1, 1, stream); + TEST_ASSERT(1 == n); } - if( 0 != cut_header ) - { + if (0 != cut_header) { /* Reopen file and truncate it to 0 byte by specifying the 'w' flag */ - stream = freopen( filename, "wb", stream ); - TEST_ASSERT( NULL != stream ); + stream = freopen(filename, "wb", stream); + TEST_ASSERT(NULL != stream); } - fclose( stream ); + fclose(stream); stream = NULL; - status = psa_its_get( uid, 0, 0, buffer, &ret_len ); - TEST_ASSERT( status == (psa_status_t) expected_status ); - TEST_ASSERT( 0 == ret_len ); - PSA_ASSERT( psa_its_remove( uid ) ); + status = psa_its_get(uid, 0, 0, buffer, &ret_len); + TEST_ASSERT(status == (psa_status_t) expected_status); + TEST_ASSERT(0 == ret_len); + PSA_ASSERT(psa_its_remove(uid)); /* Check if the file is really deleted. */ - stream = fopen( filename, "rb" ); - TEST_ASSERT( NULL == stream ); + stream = fopen(filename, "rb"); + TEST_ASSERT(NULL == stream); exit: - if( stream != NULL ) - fclose( stream ); + if (stream != NULL) { + fclose(stream); + } - mbedtls_free( buffer ); - cleanup( ); + mbedtls_free(buffer); + cleanup(); } /* END_CASE */ /* BEGIN_CASE */ -void set_fail( int uid_arg, data_t *data, - int expected_status ) +void set_fail(int uid_arg, data_t *data, + int expected_status) { psa_storage_uid_t uid = uid_arg; - TEST_ASSERT( psa_its_set_wrap( uid, data->len, data->x, 0 ) == - (psa_status_t) expected_status ); + TEST_ASSERT(psa_its_set_wrap(uid, data->len, data->x, 0) == + (psa_status_t) expected_status); - exit: - cleanup( ); +exit: + cleanup(); } /* END_CASE */ diff --git a/tests/suites/test_suite_random.function b/tests/suites/test_suite_random.function index 37fa36ecd42a..0f0c7fa7e128 100644 --- a/tests/suites/test_suite_random.function +++ b/tests/suites/test_suite_random.function @@ -19,7 +19,7 @@ /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_CTR_DRBG_C */ -void random_twice_with_ctr_drbg( ) +void random_twice_with_ctr_drbg() { mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context drbg; @@ -27,176 +27,176 @@ void random_twice_with_ctr_drbg( ) unsigned char output2[OUTPUT_SIZE]; /* First round */ - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &drbg ); - TEST_EQUAL( 0, mbedtls_ctr_drbg_seed( &drbg, - mbedtls_entropy_func, &entropy, - NULL, 0 ) ); - TEST_EQUAL( 0, mbedtls_ctr_drbg_random( &drbg, - output1, sizeof( output1 ) ) ); - mbedtls_ctr_drbg_free( &drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&drbg); + TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg, + mbedtls_entropy_func, &entropy, + NULL, 0)); + TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg, + output1, sizeof(output1))); + mbedtls_ctr_drbg_free(&drbg); + mbedtls_entropy_free(&entropy); /* Second round */ - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &drbg ); - TEST_EQUAL( 0, mbedtls_ctr_drbg_seed( &drbg, - mbedtls_entropy_func, &entropy, - NULL, 0 ) ); - TEST_EQUAL( 0, mbedtls_ctr_drbg_random( &drbg, - output2, sizeof( output2 ) ) ); - mbedtls_ctr_drbg_free( &drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&drbg); + TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg, + mbedtls_entropy_func, &entropy, + NULL, 0)); + TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg, + output2, sizeof(output2))); + mbedtls_ctr_drbg_free(&drbg); + mbedtls_entropy_free(&entropy); /* The two rounds must generate different random data. */ - TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 ); + TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0); exit: - mbedtls_ctr_drbg_free( &drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&drbg); + mbedtls_entropy_free(&entropy); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_HMAC_DRBG_C */ -void random_twice_with_hmac_drbg( int md_type ) +void random_twice_with_hmac_drbg(int md_type) { mbedtls_entropy_context entropy; mbedtls_hmac_drbg_context drbg; unsigned char output1[OUTPUT_SIZE]; unsigned char output2[OUTPUT_SIZE]; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type); /* First round */ - mbedtls_entropy_init( &entropy ); - mbedtls_hmac_drbg_init( &drbg ); - TEST_EQUAL( 0, mbedtls_hmac_drbg_seed( &drbg, md_info, - mbedtls_entropy_func, &entropy, - NULL, 0 ) ); - TEST_EQUAL( 0, mbedtls_hmac_drbg_random( &drbg, - output1, sizeof( output1 ) ) ); - mbedtls_hmac_drbg_free( &drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_entropy_init(&entropy); + mbedtls_hmac_drbg_init(&drbg); + TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info, + mbedtls_entropy_func, &entropy, + NULL, 0)); + TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg, + output1, sizeof(output1))); + mbedtls_hmac_drbg_free(&drbg); + mbedtls_entropy_free(&entropy); /* Second round */ - mbedtls_entropy_init( &entropy ); - mbedtls_hmac_drbg_init( &drbg ); - TEST_EQUAL( 0, mbedtls_hmac_drbg_seed( &drbg, md_info, - mbedtls_entropy_func, &entropy, - NULL, 0 ) ); - TEST_EQUAL( 0, mbedtls_hmac_drbg_random( &drbg, - output2, sizeof( output2 ) ) ); - mbedtls_hmac_drbg_free( &drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_entropy_init(&entropy); + mbedtls_hmac_drbg_init(&drbg); + TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info, + mbedtls_entropy_func, &entropy, + NULL, 0)); + TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg, + output2, sizeof(output2))); + mbedtls_hmac_drbg_free(&drbg); + mbedtls_entropy_free(&entropy); /* The two rounds must generate different random data. */ - TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 ); + TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0); exit: - mbedtls_hmac_drbg_free( &drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_hmac_drbg_free(&drbg); + mbedtls_entropy_free(&entropy); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void random_twice_with_psa_from_classic( ) +void random_twice_with_psa_from_classic() { unsigned char output1[OUTPUT_SIZE]; unsigned char output2[OUTPUT_SIZE]; /* First round */ - PSA_ASSERT( psa_crypto_init( ) ); - TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE, - output1, sizeof( output1 ) ) ); - PSA_DONE( ); + PSA_ASSERT(psa_crypto_init()); + TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, + output1, sizeof(output1))); + PSA_DONE(); /* Second round */ - PSA_ASSERT( psa_crypto_init( ) ); - TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE, - output2, sizeof( output2 ) ) ); - PSA_DONE( ); + PSA_ASSERT(psa_crypto_init()); + TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, + output2, sizeof(output2))); + PSA_DONE(); /* The two rounds must generate different random data. */ - TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 ); + TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void random_twice_with_psa_from_psa( ) +void random_twice_with_psa_from_psa() { unsigned char output1[OUTPUT_SIZE]; unsigned char output2[OUTPUT_SIZE]; /* First round */ - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_generate_random( output1, sizeof( output1 ) ) ); - PSA_DONE( ); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_generate_random(output1, sizeof(output1))); + PSA_DONE(); /* Second round */ - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_generate_random( output2, sizeof( output2 ) ) ); - PSA_DONE( ); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_generate_random(output2, sizeof(output2))); + PSA_DONE(); /* The two rounds must generate different random data. */ - TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 ); + TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ -void mbedtls_psa_get_random_no_init( ) +void mbedtls_psa_get_random_no_init() { unsigned char output[1]; - TEST_ASSERT( mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE, - output, sizeof( output ) ) != 0 ); + TEST_ASSERT(mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, + output, sizeof(output)) != 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ -void mbedtls_psa_get_random_length( int n ) +void mbedtls_psa_get_random_length(int n) { unsigned char *output = NULL; - PSA_ASSERT( psa_crypto_init( ) ); - ASSERT_ALLOC( output, n ); + PSA_ASSERT(psa_crypto_init()); + ASSERT_ALLOC(output, n); - TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE, - output, n ) ); + TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, + output, n)); exit: - mbedtls_free( output ); - PSA_DONE( ); + mbedtls_free(output); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_ECDSA_C */ -void mbedtls_psa_get_random_ecdsa_sign( int curve ) +void mbedtls_psa_get_random_ecdsa_sign(int curve) { mbedtls_ecp_group grp; mbedtls_mpi d, r, s; unsigned char buf[] = "This is not a hash."; - mbedtls_ecp_group_init( &grp ); - mbedtls_mpi_init( &d ); - mbedtls_mpi_init( &r ); - mbedtls_mpi_init( &s ); - - TEST_EQUAL( 0, mbedtls_mpi_lset( &d, 123456789 ) ); - TEST_EQUAL( 0, mbedtls_ecp_group_load( &grp, curve ) ); - PSA_ASSERT( psa_crypto_init( ) ); - TEST_EQUAL( 0, mbedtls_ecdsa_sign( &grp, &r, &s, &d, - buf, sizeof( buf ), - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_mpi_init(&d); + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); + + TEST_EQUAL(0, mbedtls_mpi_lset(&d, 123456789)); + TEST_EQUAL(0, mbedtls_ecp_group_load(&grp, curve)); + PSA_ASSERT(psa_crypto_init()); + TEST_EQUAL(0, mbedtls_ecdsa_sign(&grp, &r, &s, &d, + buf, sizeof(buf), + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE)); exit: - mbedtls_mpi_free( &d ); - mbedtls_mpi_free( &r ); - mbedtls_mpi_free( &s ); - mbedtls_ecp_group_free( &grp ); - PSA_DONE( ); + mbedtls_mpi_free(&d); + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); + mbedtls_ecp_group_free(&grp); + PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 3c0e35f3a655..fa7fa9586341 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -18,7 +18,7 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void rsa_invalid_param( ) +void rsa_invalid_param() { mbedtls_rsa_context ctx; const int valid_padding = MBEDTLS_RSA_PKCS_V21; @@ -28,460 +28,460 @@ void rsa_invalid_param( ) unsigned char buf[42] = { 0 }; size_t olen; - TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) ); - TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) ); - TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) ); + TEST_INVALID_PARAM(mbedtls_rsa_init(NULL, valid_padding, 0)); + TEST_INVALID_PARAM(mbedtls_rsa_init(&ctx, invalid_padding, 0)); + TEST_VALID_PARAM(mbedtls_rsa_free(NULL)); /* No more variants because only the first argument must be non-NULL. */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_import( NULL, NULL, NULL, - NULL, NULL, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_import_raw( NULL, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_complete( NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_import(NULL, NULL, NULL, + NULL, NULL, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_import_raw(NULL, + NULL, 0, + NULL, 0, + NULL, 0, + NULL, 0, + NULL, 0)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_complete(NULL)); /* No more variants because only the first argument must be non-NULL. */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_export( NULL, NULL, NULL, - NULL, NULL, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_export_raw( NULL, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) ); - - TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL, - valid_padding, 0 ) ); - TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx, - invalid_padding, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_gen_key( NULL, - mbedtls_test_rnd_std_rand, - NULL, 0, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_gen_key( &ctx, NULL, - NULL, 0, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_check_pubkey( NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_check_privkey( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_check_pub_priv( NULL, &ctx ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_check_pub_priv( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_public( NULL, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_public( &ctx, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_public( &ctx, buf, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_private( NULL, NULL, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_private( &ctx, NULL, NULL, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_private( &ctx, NULL, NULL, - buf, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL, + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_export(NULL, NULL, NULL, + NULL, NULL, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_export_raw(NULL, + NULL, 0, + NULL, 0, + NULL, 0, + NULL, 0, + NULL, 0)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_export_crt(NULL, NULL, NULL, NULL)); + + TEST_INVALID_PARAM(mbedtls_rsa_set_padding(NULL, + valid_padding, 0)); + TEST_INVALID_PARAM(mbedtls_rsa_set_padding(&ctx, + invalid_padding, 0)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_gen_key(NULL, + mbedtls_test_rnd_std_rand, + NULL, 0, 0)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_gen_key(&ctx, NULL, + NULL, 0, 0)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_check_pubkey(NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_check_privkey(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_check_pub_priv(NULL, &ctx)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_check_pub_priv(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_public(NULL, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_public(&ctx, NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_public(&ctx, buf, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_private(NULL, NULL, NULL, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_private(&ctx, NULL, NULL, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_private(&ctx, NULL, NULL, + buf, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_encrypt(NULL, NULL, NULL, + valid_mode, + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_encrypt(&ctx, NULL, NULL, + invalid_mode, + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_encrypt(&ctx, NULL, NULL, + valid_mode, + sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_encrypt(&ctx, NULL, NULL, + valid_mode, + sizeof(buf), buf, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_encrypt(NULL, NULL, + NULL, + valid_mode, + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_encrypt(&ctx, NULL, + NULL, + invalid_mode, + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_encrypt(&ctx, NULL, + NULL, + valid_mode, + sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_encrypt(&ctx, NULL, + NULL, + valid_mode, + sizeof(buf), buf, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_encrypt(NULL, NULL, NULL, + valid_mode, + buf, sizeof(buf), + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_encrypt(&ctx, NULL, NULL, + invalid_mode, + buf, sizeof(buf), + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_encrypt(&ctx, NULL, NULL, + valid_mode, + NULL, sizeof(buf), + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_encrypt(&ctx, NULL, NULL, + valid_mode, + buf, sizeof(buf), + sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_encrypt(&ctx, NULL, NULL, + valid_mode, + buf, sizeof(buf), + sizeof(buf), buf, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_decrypt(NULL, NULL, NULL, + valid_mode, &olen, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_decrypt(&ctx, NULL, NULL, + invalid_mode, &olen, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_decrypt(&ctx, NULL, NULL, + valid_mode, NULL, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_decrypt(&ctx, NULL, NULL, + valid_mode, &olen, + NULL, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_decrypt(&ctx, NULL, NULL, + valid_mode, &olen, + buf, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_decrypt(NULL, NULL, + NULL, + valid_mode, &olen, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, NULL, + NULL, + invalid_mode, &olen, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, NULL, + NULL, + valid_mode, NULL, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, NULL, + NULL, + valid_mode, &olen, + NULL, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, NULL, + NULL, + valid_mode, &olen, + buf, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_decrypt(NULL, NULL, NULL, + valid_mode, + buf, sizeof(buf), + &olen, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_decrypt(&ctx, NULL, NULL, + invalid_mode, + buf, sizeof(buf), + &olen, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_decrypt(&ctx, NULL, NULL, + valid_mode, + NULL, sizeof(buf), + NULL, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_decrypt(&ctx, NULL, NULL, + valid_mode, + buf, sizeof(buf), + &olen, + NULL, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_decrypt(&ctx, NULL, NULL, + valid_mode, + buf, sizeof(buf), + &olen, + buf, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_sign(NULL, NULL, NULL, + valid_mode, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL, + invalid_mode, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), buf, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL, + valid_mode, + MBEDTLS_MD_SHA1, + 0, NULL, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_sign(NULL, NULL, NULL, + valid_mode, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL, NULL, + invalid_mode, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), buf, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL, NULL, + valid_mode, + MBEDTLS_MD_SHA1, + 0, NULL, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign(NULL, NULL, NULL, valid_mode, - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign(&ctx, NULL, NULL, invalid_mode, - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign(&ctx, NULL, NULL, valid_mode, - sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, + 0, sizeof(buf), buf, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign(&ctx, NULL, NULL, valid_mode, - sizeof( buf ), buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL, - NULL, - valid_mode, - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, - NULL, - invalid_mode, - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, - NULL, - valid_mode, - sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, - NULL, - valid_mode, - sizeof( buf ), buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL, - valid_mode, - buf, sizeof( buf ), - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - invalid_mode, - buf, sizeof( buf ), - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - valid_mode, - NULL, sizeof( buf ), - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - valid_mode, - buf, sizeof( buf ), - sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - valid_mode, - buf, sizeof( buf ), - sizeof( buf ), buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL, - valid_mode, &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - invalid_mode, &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - valid_mode, NULL, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - valid_mode, &olen, - NULL, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - valid_mode, &olen, - buf, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL, - NULL, - valid_mode, &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, - invalid_mode, &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, - valid_mode, NULL, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, - valid_mode, &olen, - NULL, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, - valid_mode, &olen, - buf, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL, - valid_mode, - buf, sizeof( buf ), - &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - invalid_mode, - buf, sizeof( buf ), - &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - valid_mode, - NULL, sizeof( buf ), - NULL, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - valid_mode, - buf, sizeof( buf ), - &olen, - NULL, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - valid_mode, - buf, sizeof( buf ), - &olen, - buf, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL, + MBEDTLS_MD_SHA1, + 0, NULL, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign_ext(NULL, NULL, NULL, + 0, sizeof(buf), buf, + MBEDTLS_RSA_SALT_LEN_ANY, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign_ext(&ctx, NULL, NULL, + 0, sizeof(buf), NULL, + MBEDTLS_RSA_SALT_LEN_ANY, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign_ext(&ctx, NULL, NULL, + 0, sizeof(buf), buf, + MBEDTLS_RSA_SALT_LEN_ANY, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign_ext(&ctx, NULL, NULL, + MBEDTLS_MD_SHA1, + 0, NULL, + MBEDTLS_RSA_SALT_LEN_ANY, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_verify(NULL, NULL, NULL, valid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, valid_mode, - 0, sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, + 0, sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, valid_mode, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, + 0, sizeof(buf), buf, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, valid_mode, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL, - valid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - valid_mode, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL, + MBEDTLS_MD_SHA1, 0, NULL, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_verify(NULL, NULL, + NULL, + valid_mode, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, NULL, + NULL, + invalid_mode, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, NULL, + NULL, + valid_mode, + 0, sizeof(buf), + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, NULL, + NULL, + valid_mode, + 0, sizeof(buf), buf, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, NULL, + NULL, + valid_mode, + MBEDTLS_MD_SHA1, + 0, NULL, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify(NULL, NULL, NULL, valid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, + 0, sizeof(buf), + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify(&ctx, NULL, NULL, invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, + 0, sizeof(buf), + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify(&ctx, NULL, NULL, valid_mode, - 0, sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, + 0, sizeof(buf), + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify(&ctx, NULL, NULL, valid_mode, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, + 0, sizeof(buf), + buf, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify(&ctx, NULL, NULL, valid_mode, MBEDTLS_MD_SHA1, 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL, - 0, sizeof( buf ), buf, - MBEDTLS_RSA_SALT_LEN_ANY, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL, - 0, sizeof( buf ), NULL, - MBEDTLS_RSA_SALT_LEN_ANY, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL, - 0, sizeof( buf ), buf, - MBEDTLS_RSA_SALT_LEN_ANY, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify_ext(NULL, NULL, NULL, + valid_mode, + 0, sizeof(buf), + buf, + 0, 0, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL, + invalid_mode, + 0, sizeof(buf), + buf, + 0, 0, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), + NULL, 0, 0, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), + buf, 0, 0, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL, + valid_mode, MBEDTLS_MD_SHA1, 0, NULL, - MBEDTLS_RSA_SALT_LEN_ANY, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL, - valid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, - valid_mode, - MBEDTLS_MD_SHA1, 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL, - NULL, - valid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, - NULL, - invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, - NULL, - valid_mode, - 0, sizeof( buf ), - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, - NULL, - valid_mode, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, - NULL, - valid_mode, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL, - valid_mode, - 0, sizeof( buf ), - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), - buf, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, - valid_mode, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); + 0, 0, + buf)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL, - valid_mode, - 0, sizeof( buf ), - buf, - 0, 0, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), - buf, - 0, 0, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), - NULL, 0, 0, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), - buf, 0, 0, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, - valid_mode, - MBEDTLS_MD_SHA1, - 0, NULL, - 0, 0, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_copy( NULL, &ctx ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_copy( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_copy(NULL, &ctx)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_copy(&ctx, NULL)); exit: return; @@ -489,7 +489,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void rsa_init_free( int reinit ) +void rsa_init_free(int reinit) { mbedtls_rsa_context ctx; @@ -498,12 +498,13 @@ void rsa_init_free( int reinit ) * unconditionally on an error path without checking whether it has * already been called in the success path. */ - mbedtls_rsa_init( &ctx, 0, 0 ); - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_init(&ctx, 0, 0); + mbedtls_rsa_free(&ctx); - if( reinit ) - mbedtls_rsa_init( &ctx, 0, 0 ); - mbedtls_rsa_free( &ctx ); + if (reinit) { + mbedtls_rsa_init(&ctx, 0, 0); + } + mbedtls_rsa_free(&ctx); /* This test case always succeeds, functionally speaking. A plausible * bug might trigger an invalid pointer dereference or a memory leak. */ @@ -512,10 +513,10 @@ void rsa_init_free( int reinit ) /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, - int digest, int mod, char * input_P, - char * input_Q, char * input_N, char * input_E, - data_t * result_str, int result ) +void mbedtls_rsa_pkcs1_sign(data_t *message_str, int padding_mode, + int digest, int mod, char *input_P, + char *input_Q, char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; unsigned char output[256]; @@ -523,303 +524,304 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, mbedtls_mpi N, P, Q, E; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, padding_mode, 0); - memset( hash_result, 0x00, sizeof( hash_result ) ); - memset( output, 0x00, sizeof( output ) ); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(hash_result, 0x00, sizeof(hash_result)); + memset(output, 0x00, sizeof(output)); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } - TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, digest, - 0, hash_result, output ) == result ); - if( result == 0 ) - { + TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_pseudo_rand, + &rnd_info, MBEDTLS_RSA_PRIVATE, digest, + 0, hash_result, output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, - int digest, int mod, - char * input_N, char * input_E, - data_t * result_str, int result ) +void mbedtls_rsa_pkcs1_verify(data_t *message_str, int padding_mode, + int digest, int mod, + char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( hash_result, 0x00, sizeof( hash_result ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, padding_mode, 0); + memset(hash_result, 0x00, sizeof(hash_result)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, + hash_result, result_str->x) == result); exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void rsa_pkcs1_sign_raw( data_t * hash_result, - int padding_mode, int mod, - char * input_P, char * input_Q, - char * input_N, char * input_E, - data_t * result_str ) +void rsa_pkcs1_sign_raw(data_t *hash_result, + int padding_mode, int mod, + char *input_P, char *input_Q, + char *input_N, char *input_E, + data_t *result_str) { unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_rsa_init( &ctx, padding_mode, 0 ); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); + mbedtls_rsa_init(&ctx, padding_mode, 0); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); - memset( output, 0x00, sizeof( output ) ); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(output, 0x00, sizeof(output)); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); - TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, - MBEDTLS_MD_NONE, hash_result->len, - hash_result->x, output ) == 0 ); + TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_pseudo_rand, + &rnd_info, MBEDTLS_RSA_PRIVATE, + MBEDTLS_MD_NONE, hash_result->len, + hash_result->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); #if defined(MBEDTLS_PKCS1_V15) /* For PKCS#1 v1.5, there is an alternative way to generate signatures */ - if( padding_mode == MBEDTLS_RSA_PKCS_V15 ) - { + if (padding_mode == MBEDTLS_RSA_PKCS_V15) { int res; - memset( output, 0x00, sizeof( output) ); + memset(output, 0x00, sizeof(output)); - res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, &rnd_info, - MBEDTLS_RSA_PRIVATE, hash_result->len, - hash_result->x, output ); + res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, &rnd_info, + MBEDTLS_RSA_PRIVATE, hash_result->len, + hash_result->x, output); #if !defined(MBEDTLS_RSA_ALT) - TEST_ASSERT( res == 0 ); + TEST_ASSERT(res == 0); #else - TEST_ASSERT( ( res == 0 ) || - ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) ); + TEST_ASSERT((res == 0) || + (res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION)); #endif - if( res == 0 ) - { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, - result_str->len ) == 0 ); + if (res == 0) { + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, + result_str->len) == 0); } } #endif /* MBEDTLS_PKCS1_V15 */ exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void rsa_pkcs1_verify_raw( data_t * hash_result, - int padding_mode, int mod, - char * input_N, char * input_E, - data_t * result_str, int correct ) +void rsa_pkcs1_verify_raw(data_t *hash_result, + int padding_mode, int mod, + char *input_N, char *input_E, + data_t *result_str, int correct) { unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( output, 0x00, sizeof( output ) ); + mbedtls_rsa_init(&ctx, padding_mode, 0); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct ); + TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, + hash_result->len, hash_result->x, + result_str->x) == correct); #if defined(MBEDTLS_PKCS1_V15) /* For PKCS#1 v1.5, there is an alternative way to verify signatures */ - if( padding_mode == MBEDTLS_RSA_PKCS_V15 ) - { + if (padding_mode == MBEDTLS_RSA_PKCS_V15) { int res; int ok; size_t olen; - res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, - NULL, NULL, MBEDTLS_RSA_PUBLIC, - &olen, result_str->x, output, sizeof( output ) ); + res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, + NULL, NULL, MBEDTLS_RSA_PUBLIC, + &olen, result_str->x, output, sizeof(output)); #if !defined(MBEDTLS_RSA_ALT) - TEST_ASSERT( res == 0 ); + TEST_ASSERT(res == 0); #else - TEST_ASSERT( ( res == 0 ) || - ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) ); + TEST_ASSERT((res == 0) || + (res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION)); #endif - if( res == 0 ) - { - ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0; - if( correct == 0 ) - TEST_ASSERT( ok == 1 ); - else - TEST_ASSERT( ok == 0 ); + if (res == 0) { + ok = olen == hash_result->len && memcmp(output, hash_result->x, olen) == 0; + if (correct == 0) { + TEST_ASSERT(ok == 1); + } else { + TEST_ASSERT(ok == 0); + } } } #endif /* MBEDTLS_PKCS1_V15 */ exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode, - int mod, char * input_N, char * input_E, - data_t * result_str, int result ) +void mbedtls_rsa_pkcs1_encrypt(data_t *message_str, int padding_mode, + int mod, char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( output, 0x00, sizeof( output ) ); + mbedtls_rsa_init(&ctx, padding_mode, 0); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PUBLIC, - message_str->len, message_str->x, - output ) == result ); - if( result == 0 ) - { + TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info, MBEDTLS_RSA_PUBLIC, + message_str->len, message_str->x, + output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode, - int mod, char * input_N, char * input_E, - data_t * result_str, int result ) +void rsa_pkcs1_encrypt_bad_rng(data_t *message_str, int padding_mode, + int mod, char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( output, 0x00, sizeof( output ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, padding_mode, 0); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand, - NULL, MBEDTLS_RSA_PUBLIC, - message_str->len, message_str->x, - output ) == result ); - if( result == 0 ) - { + TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx, &mbedtls_test_rnd_zero_rand, + NULL, MBEDTLS_RSA_PUBLIC, + message_str->len, message_str->x, + output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, - int mod, char * input_P, - char * input_Q, char * input_N, - char * input_E, int max_output, - data_t * result_str, int result ) +void mbedtls_rsa_pkcs1_decrypt(data_t *message_str, int padding_mode, + int mod, char *input_P, + char *input_Q, char *input_N, + char *input_E, int max_output, + data_t *result_str, int result) { unsigned char output[32]; mbedtls_rsa_context ctx; @@ -827,107 +829,104 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_mpi N, P, Q, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); + mbedtls_rsa_init(&ctx, padding_mode, 0); - memset( output, 0x00, sizeof( output ) ); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(output, 0x00, sizeof(output)); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); output_len = 0; - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, - &output_len, message_str->x, output, - max_output ) == result ); - if( result == 0 ) - { + TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, mbedtls_test_rnd_pseudo_rand, + &rnd_info, MBEDTLS_RSA_PRIVATE, + &output_len, message_str->x, output, + max_output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - output_len, - result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + output_len, + result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_public( data_t * message_str, int mod, - char * input_N, char * input_E, - data_t * result_str, int result ) +void mbedtls_rsa_public(data_t *message_str, int mod, + char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char output[256]; mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */ mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 ); - memset( output, 0x00, sizeof( output ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_rsa_init(&ctx2, MBEDTLS_RSA_PKCS_V15, 0); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); /* Check test data consistency */ - TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(message_str->len == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result ); - if( result == 0 ) - { + TEST_ASSERT(mbedtls_rsa_public(&ctx, message_str->x, output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } /* And now with the copy */ - TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_copy(&ctx2, &ctx) == 0); /* clear the original to be sure */ - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 ); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx2) == 0); - memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result ); - if( result == 0 ) - { + memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_rsa_public(&ctx2, message_str->x, output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); - mbedtls_rsa_free( &ctx2 ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); + mbedtls_rsa_free(&ctx2); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_private( data_t * message_str, int mod, - char * input_P, char * input_Q, - char * input_N, char * input_E, - data_t * result_str, int result ) +void mbedtls_rsa_private(data_t *message_str, int mod, + char *input_P, char *input_Q, + char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char output[256]; mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */ @@ -935,149 +934,136 @@ void mbedtls_rsa_private( data_t * message_str, int mod, mbedtls_test_rnd_pseudo_info rnd_info; int i; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_rsa_init(&ctx2, MBEDTLS_RSA_PKCS_V15, 0); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); /* Check test data consistency */ - TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); + TEST_ASSERT(message_str->len == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); /* repeat three times to test updating of blinding values */ - for( i = 0; i < 3; i++ ) - { - memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand, - &rnd_info, message_str->x, - output ) == result ); - if( result == 0 ) - { - - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, - result_str->len ) == 0 ); + for (i = 0; i < 3; i++) { + memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_rsa_private(&ctx, mbedtls_test_rnd_pseudo_rand, + &rnd_info, message_str->x, + output) == result); + if (result == 0) { + + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, + result_str->len) == 0); } } /* And now one more time with the copy */ - TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_copy(&ctx2, &ctx) == 0); /* clear the original to be sure */ - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 ); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx2) == 0); - memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand, - &rnd_info, message_str->x, - output ) == result ); - if( result == 0 ) - { + memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_rsa_private(&ctx2, mbedtls_test_rnd_pseudo_rand, + &rnd_info, message_str->x, + output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx2.len, - result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx2.len, + result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); - mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 ); + mbedtls_rsa_free(&ctx); mbedtls_rsa_free(&ctx2); } /* END_CASE */ /* BEGIN_CASE */ -void rsa_check_privkey_null( ) +void rsa_check_privkey_null() { mbedtls_rsa_context ctx; - memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) ); + memset(&ctx, 0x00, sizeof(mbedtls_rsa_context)); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_check_pubkey( char * input_N, char * input_E, int result ) +void mbedtls_rsa_check_pubkey(char *input_N, char *input_E, int result) { mbedtls_rsa_context ctx; mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0); - if( strlen( input_N ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); + if (strlen(input_N)) { + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); } - if( strlen( input_E ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + if (strlen(input_E)) { + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); } - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == result); exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_check_privkey( int mod, char * input_P, char * input_Q, - char * input_N, char * input_E, char * input_D, - char * input_DP, char * input_DQ, char * input_QP, - int result ) +void mbedtls_rsa_check_privkey(int mod, char *input_P, char *input_Q, + char *input_N, char *input_E, char *input_D, + char *input_DP, char *input_DQ, char *input_QP, + int result) { mbedtls_rsa_context ctx; - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0); ctx.len = mod / 8; - if( strlen( input_P ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.P, input_P ) == 0 ); + if (strlen(input_P)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.P, input_P) == 0); } - if( strlen( input_Q ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.Q, input_Q ) == 0 ); + if (strlen(input_Q)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.Q, input_Q) == 0); } - if( strlen( input_N ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.N, input_N ) == 0 ); + if (strlen(input_N)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.N, input_N) == 0); } - if( strlen( input_E ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.E, input_E ) == 0 ); + if (strlen(input_E)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.E, input_E) == 0); } - if( strlen( input_D ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.D, input_D ) == 0 ); + if (strlen(input_D)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.D, input_D) == 0); } #if !defined(MBEDTLS_RSA_NO_CRT) - if( strlen( input_DP ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DP, input_DP ) == 0 ); + if (strlen(input_DP)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.DP, input_DP) == 0); } - if( strlen( input_DQ ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DQ, input_DQ ) == 0 ); + if (strlen(input_DQ)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.DQ, input_DQ) == 0); } - if( strlen( input_QP ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.QP, input_QP ) == 0 ); + if (strlen(input_QP)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.QP, input_QP) == 0); } #else ((void) input_DP); @@ -1085,68 +1071,58 @@ void mbedtls_rsa_check_privkey( int mod, char * input_P, char * input_Q, ((void) input_QP); #endif - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result ); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == result); exit: - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void rsa_check_pubpriv( int mod, char * input_Npub, char * input_Epub, - char * input_P, char * input_Q, char * input_N, - char * input_E, char * input_D, char * input_DP, - char * input_DQ, char * input_QP, int result ) +void rsa_check_pubpriv(int mod, char *input_Npub, char *input_Epub, + char *input_P, char *input_Q, char *input_N, + char *input_E, char *input_D, char *input_DP, + char *input_DQ, char *input_QP, int result) { mbedtls_rsa_context pub, prv; - mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init(&pub, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_rsa_init(&prv, MBEDTLS_RSA_PKCS_V15, 0); pub.len = mod / 8; prv.len = mod / 8; - if( strlen( input_Npub ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &pub.N, input_Npub ) == 0 ); + if (strlen(input_Npub)) { + TEST_ASSERT(mbedtls_test_read_mpi(&pub.N, input_Npub) == 0); } - if( strlen( input_Epub ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &pub.E, input_Epub ) == 0 ); + if (strlen(input_Epub)) { + TEST_ASSERT(mbedtls_test_read_mpi(&pub.E, input_Epub) == 0); } - if( strlen( input_P ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.P, input_P ) == 0 ); + if (strlen(input_P)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.P, input_P) == 0); } - if( strlen( input_Q ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.Q, input_Q ) == 0 ); + if (strlen(input_Q)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.Q, input_Q) == 0); } - if( strlen( input_N ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.N, input_N ) == 0 ); + if (strlen(input_N)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.N, input_N) == 0); } - if( strlen( input_E ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.E, input_E ) == 0 ); + if (strlen(input_E)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.E, input_E) == 0); } - if( strlen( input_D ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.D, input_D ) == 0 ); + if (strlen(input_D)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.D, input_D) == 0); } #if !defined(MBEDTLS_RSA_NO_CRT) - if( strlen( input_DP ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.DP, input_DP ) == 0 ); + if (strlen(input_DP)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.DP, input_DP) == 0); } - if( strlen( input_DQ ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.DQ, input_DQ ) == 0 ); + if (strlen(input_DQ)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.DQ, input_DQ) == 0); } - if( strlen( input_QP ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.QP, input_QP ) == 0 ); + if (strlen(input_QP)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.QP, input_QP) == 0); } #else ((void) input_DP); @@ -1154,155 +1130,153 @@ void rsa_check_pubpriv( int mod, char * input_Npub, char * input_Epub, ((void) input_QP); #endif - TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result ); + TEST_ASSERT(mbedtls_rsa_check_pub_priv(&pub, &prv) == result); exit: - mbedtls_rsa_free( &pub ); - mbedtls_rsa_free( &prv ); + mbedtls_rsa_free(&pub); + mbedtls_rsa_free(&prv); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */ -void mbedtls_rsa_gen_key( int nrbits, int exponent, int result) +void mbedtls_rsa_gen_key(int nrbits, int exponent, int result) { mbedtls_rsa_context ctx; mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; const char *pers = "test_suite_rsa"; - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - mbedtls_rsa_init ( &ctx, 0, 0 ); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + mbedtls_rsa_init(&ctx, 0, 0); - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers)) == 0); - TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result ); - if( result == 0 ) - { - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 ); + TEST_ASSERT(mbedtls_rsa_gen_key(&ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, + exponent) == result); + if (result == 0) { + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx.P, &ctx.Q) > 0); } exit: - mbedtls_rsa_free( &ctx ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_rsa_free(&ctx); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */ -void mbedtls_rsa_deduce_primes( char *input_N, - char *input_D, - char *input_E, - char *output_P, - char *output_Q, - int corrupt, int result ) +void mbedtls_rsa_deduce_primes(char *input_N, + char *input_D, + char *input_E, + char *output_P, + char *output_Q, + int corrupt, int result) { mbedtls_mpi N, P, Pp, Q, Qp, D, E; - mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); + mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&Pp); mbedtls_mpi_init(&Qp); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &D, input_D ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Qp, output_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Pp, output_Q ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&D, input_D) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Qp, output_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Pp, output_Q) == 0); - if( corrupt ) - TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 ); + if (corrupt) { + TEST_ASSERT(mbedtls_mpi_add_int(&D, &D, 2) == 0); + } /* Try to deduce P, Q from N, D, E only. */ - TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result ); + TEST_ASSERT(mbedtls_rsa_deduce_primes(&N, &D, &E, &P, &Q) == result); - if( !corrupt ) - { + if (!corrupt) { /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */ - TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) || - ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) ); + TEST_ASSERT((mbedtls_mpi_cmp_mpi(&P, &Pp) == 0 && mbedtls_mpi_cmp_mpi(&Q, &Qp) == 0) || + (mbedtls_mpi_cmp_mpi(&P, &Qp) == 0 && mbedtls_mpi_cmp_mpi(&Q, &Pp) == 0)); } exit: - mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); + mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&Pp); mbedtls_mpi_free(&Qp); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_deduce_private_exponent( char *input_P, - char *input_Q, - char *input_E, - char *output_D, - int corrupt, int result ) +void mbedtls_rsa_deduce_private_exponent(char *input_P, + char *input_Q, + char *input_E, + char *output_D, + int corrupt, int result) { mbedtls_mpi P, Q, D, Dp, E, R, Rp; - mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp ); - mbedtls_mpi_init( &E ); - mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp ); + mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&Dp); + mbedtls_mpi_init(&E); + mbedtls_mpi_init(&R); mbedtls_mpi_init(&Rp); - TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Dp, output_D ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Dp, output_D) == 0); - if( corrupt ) - { + if (corrupt) { /* Make E even */ - TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_set_bit(&E, 0, 0) == 0); } /* Try to deduce D from N, P, Q, E. */ - TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q, - &E, &D ) == result ); + TEST_ASSERT(mbedtls_rsa_deduce_private_exponent(&P, &Q, + &E, &D) == result); - if( !corrupt ) - { + if (!corrupt) { /* * Check that D and Dp agree modulo LCM(P-1, Q-1). */ /* Replace P,Q by P-1, Q-1 */ - TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_sub_int(&P, &P, 1) == 0); + TEST_ASSERT(mbedtls_mpi_sub_int(&Q, &Q, 1) == 0); /* Check D == Dp modulo P-1 */ - TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 ); + TEST_ASSERT(mbedtls_mpi_mod_mpi(&R, &D, &P) == 0); + TEST_ASSERT(mbedtls_mpi_mod_mpi(&Rp, &Dp, &P) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &Rp) == 0); /* Check D == Dp modulo Q-1 */ - TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 ); - TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 ); + TEST_ASSERT(mbedtls_mpi_mod_mpi(&R, &D, &Q) == 0); + TEST_ASSERT(mbedtls_mpi_mod_mpi(&Rp, &Dp, &Q) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &Rp) == 0); } exit: - mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp ); - mbedtls_mpi_free( &E ); - mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp ); + mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&Dp); + mbedtls_mpi_free(&E); + mbedtls_mpi_free(&R); mbedtls_mpi_free(&Rp); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */ -void mbedtls_rsa_import( char *input_N, - char *input_P, - char *input_Q, - char *input_D, - char *input_E, - int successive, - int is_priv, - int res_check, - int res_complete ) +void mbedtls_rsa_import(char *input_N, + char *input_P, + char *input_Q, + char *input_D, + char *input_E, + int successive, + int is_priv, + int res_check, + int res_complete) { mbedtls_mpi N, P, Q, D, E; mbedtls_rsa_context ctx; @@ -1316,140 +1290,143 @@ void mbedtls_rsa_import( char *input_N, mbedtls_ctr_drbg_context ctr_drbg; const char *pers = "test_suite_rsa"; - const int have_N = ( strlen( input_N ) > 0 ); - const int have_P = ( strlen( input_P ) > 0 ); - const int have_Q = ( strlen( input_Q ) > 0 ); - const int have_D = ( strlen( input_D ) > 0 ); - const int have_E = ( strlen( input_E ) > 0 ); - - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - mbedtls_rsa_init( &ctx, 0, 0 ); + const int have_N = (strlen(input_N) > 0); + const int have_P = (strlen(input_P) > 0); + const int have_Q = (strlen(input_Q) > 0); + const int have_D = (strlen(input_D) > 0); + const int have_E = (strlen(input_E) > 0); - mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + mbedtls_rsa_init(&ctx, 0, 0); - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, strlen( pers ) ) == 0 ); + mbedtls_mpi_init(&N); + mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); - if( have_N ) - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, strlen(pers)) == 0); - if( have_P ) - TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 ); + if (have_N) { + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + } - if( have_Q ) - TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 ); + if (have_P) { + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + } - if( have_D ) - TEST_ASSERT( mbedtls_test_read_mpi( &D, input_D ) == 0 ); + if (have_Q) { + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + } - if( have_E ) - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + if (have_D) { + TEST_ASSERT(mbedtls_test_read_mpi(&D, input_D) == 0); + } - if( !successive ) - { - TEST_ASSERT( mbedtls_rsa_import( &ctx, - have_N ? &N : NULL, - have_P ? &P : NULL, - have_Q ? &Q : NULL, - have_D ? &D : NULL, - have_E ? &E : NULL ) == 0 ); + if (have_E) { + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); } - else - { + + if (!successive) { + TEST_ASSERT(mbedtls_rsa_import(&ctx, + have_N ? &N : NULL, + have_P ? &P : NULL, + have_Q ? &Q : NULL, + have_D ? &D : NULL, + have_E ? &E : NULL) == 0); + } else { /* Import N, P, Q, D, E separately. * This should make no functional difference. */ - TEST_ASSERT( mbedtls_rsa_import( &ctx, - have_N ? &N : NULL, - NULL, NULL, NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, + have_N ? &N : NULL, + NULL, NULL, NULL, NULL) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, - NULL, - have_P ? &P : NULL, - NULL, NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, + NULL, + have_P ? &P : NULL, + NULL, NULL, NULL) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, - NULL, NULL, - have_Q ? &Q : NULL, - NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, + NULL, NULL, + have_Q ? &Q : NULL, + NULL, NULL) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, - NULL, NULL, NULL, - have_D ? &D : NULL, - NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, + NULL, NULL, NULL, + have_D ? &D : NULL, + NULL) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, - NULL, NULL, NULL, NULL, - have_E ? &E : NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, + NULL, NULL, NULL, NULL, + have_E ? &E : NULL) == 0); } - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete ); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == res_complete); /* On expected success, perform some public and private * key operations to check if the key is working properly. */ - if( res_complete == 0 ) - { - if( is_priv ) - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check ); - else - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check ); - - if( res_check != 0 ) + if (res_complete == 0) { + if (is_priv) { + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == res_check); + } else { + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == res_check); + } + + if (res_check != 0) { goto exit; + } - buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) ); - buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) ); - buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) ); - if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL ) + buf_orig = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx)); + buf_enc = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx)); + buf_dec = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx)); + if (buf_orig == NULL || buf_enc == NULL || buf_dec == NULL) { goto exit; + } - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg, - buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctr_drbg, + buf_orig, mbedtls_rsa_get_len(&ctx)) == 0); /* Make sure the number we're generating is smaller than the modulus */ buf_orig[0] = 0x00; - TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 ); + TEST_ASSERT(mbedtls_rsa_public(&ctx, buf_orig, buf_enc) == 0); - if( is_priv ) - { - TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random, - &ctr_drbg, buf_enc, - buf_dec ) == 0 ); + if (is_priv) { + TEST_ASSERT(mbedtls_rsa_private(&ctx, mbedtls_ctr_drbg_random, + &ctr_drbg, buf_enc, + buf_dec) == 0); - TEST_ASSERT( memcmp( buf_orig, buf_dec, - mbedtls_rsa_get_len( &ctx ) ) == 0 ); + TEST_ASSERT(memcmp(buf_orig, buf_dec, + mbedtls_rsa_get_len(&ctx)) == 0); } } exit: - mbedtls_free( buf_orig ); - mbedtls_free( buf_enc ); - mbedtls_free( buf_dec ); + mbedtls_free(buf_orig); + mbedtls_free(buf_enc); + mbedtls_free(buf_dec); - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); - mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); + mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_export( char *input_N, - char *input_P, - char *input_Q, - char *input_D, - char *input_E, - int is_priv, - int successive ) +void mbedtls_rsa_export(char *input_N, + char *input_P, + char *input_Q, + char *input_D, + char *input_E, + int is_priv, + int successive) { /* Original MPI's with which we set up the RSA context */ mbedtls_mpi N, P, Q, D, E; @@ -1457,184 +1434,190 @@ void mbedtls_rsa_export( char *input_N, /* Exported MPI's */ mbedtls_mpi Ne, Pe, Qe, De, Ee; - const int have_N = ( strlen( input_N ) > 0 ); - const int have_P = ( strlen( input_P ) > 0 ); - const int have_Q = ( strlen( input_Q ) > 0 ); - const int have_D = ( strlen( input_D ) > 0 ); - const int have_E = ( strlen( input_E ) > 0 ); + const int have_N = (strlen(input_N) > 0); + const int have_P = (strlen(input_P) > 0); + const int have_Q = (strlen(input_Q) > 0); + const int have_D = (strlen(input_D) > 0); + const int have_E = (strlen(input_E) > 0); mbedtls_rsa_context ctx; - mbedtls_rsa_init( &ctx, 0, 0 ); + mbedtls_rsa_init(&ctx, 0, 0); - mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); + mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); - mbedtls_mpi_init( &Ne ); - mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe ); - mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee ); + mbedtls_mpi_init(&Ne); + mbedtls_mpi_init(&Pe); mbedtls_mpi_init(&Qe); + mbedtls_mpi_init(&De); mbedtls_mpi_init(&Ee); /* Setup RSA context */ - if( have_N ) - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); + if (have_N) { + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + } - if( have_P ) - TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 ); + if (have_P) { + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + } - if( have_Q ) - TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 ); + if (have_Q) { + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + } - if( have_D ) - TEST_ASSERT( mbedtls_test_read_mpi( &D, input_D ) == 0 ); + if (have_D) { + TEST_ASSERT(mbedtls_test_read_mpi(&D, input_D) == 0); + } - if( have_E ) - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + if (have_E) { + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + } - TEST_ASSERT( mbedtls_rsa_import( &ctx, - strlen( input_N ) ? &N : NULL, - strlen( input_P ) ? &P : NULL, - strlen( input_Q ) ? &Q : NULL, - strlen( input_D ) ? &D : NULL, - strlen( input_E ) ? &E : NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, + strlen(input_N) ? &N : NULL, + strlen(input_P) ? &P : NULL, + strlen(input_Q) ? &Q : NULL, + strlen(input_D) ? &D : NULL, + strlen(input_E) ? &E : NULL) == 0); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); /* * Export parameters and compare to original ones. */ /* N and E must always be present. */ - if( !successive ) - { - TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 ); - } - else - { - TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 ); + if (!successive) { + TEST_ASSERT(mbedtls_rsa_export(&ctx, &Ne, NULL, NULL, NULL, &Ee) == 0); + } else { + TEST_ASSERT(mbedtls_rsa_export(&ctx, &Ne, NULL, NULL, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, NULL, NULL, NULL, &Ee) == 0); } - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 ); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&N, &Ne) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&E, &Ee) == 0); /* If we were providing enough information to setup a complete private context, * we expect to be able to export all core parameters. */ - if( is_priv ) - { - if( !successive ) - { - TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe, - &De, NULL ) == 0 ); - } - else - { - TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL, - NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe, - NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, - &De, NULL ) == 0 ); + if (is_priv) { + if (!successive) { + TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, &Pe, &Qe, + &De, NULL) == 0); + } else { + TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, &Pe, NULL, + NULL, NULL) == 0); + TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, NULL, &Qe, + NULL, NULL) == 0); + TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, NULL, NULL, + &De, NULL) == 0); } - if( have_P ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 ); + if (have_P) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P, &Pe) == 0); + } - if( have_Q ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 ); + if (have_Q) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Q, &Qe) == 0); + } - if( have_D ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 ); + if (have_D) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&D, &De) == 0); + } /* While at it, perform a sanity check */ - TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee, - NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_validate_params(&Ne, &Pe, &Qe, &De, &Ee, + NULL, NULL) == 0); } exit: - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); - mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); + mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); - mbedtls_mpi_free( &Ne ); - mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe ); - mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee ); + mbedtls_mpi_free(&Ne); + mbedtls_mpi_free(&Pe); mbedtls_mpi_free(&Qe); + mbedtls_mpi_free(&De); mbedtls_mpi_free(&Ee); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void mbedtls_rsa_validate_params( char *input_N, - char *input_P, - char *input_Q, - char *input_D, - char *input_E, - int prng, int result ) +void mbedtls_rsa_validate_params(char *input_N, + char *input_P, + char *input_Q, + char *input_D, + char *input_E, + int prng, int result) { /* Original MPI's with which we set up the RSA context */ mbedtls_mpi N, P, Q, D, E; - const int have_N = ( strlen( input_N ) > 0 ); - const int have_P = ( strlen( input_P ) > 0 ); - const int have_Q = ( strlen( input_Q ) > 0 ); - const int have_D = ( strlen( input_D ) > 0 ); - const int have_E = ( strlen( input_E ) > 0 ); + const int have_N = (strlen(input_N) > 0); + const int have_P = (strlen(input_P) > 0); + const int have_Q = (strlen(input_Q) > 0); + const int have_D = (strlen(input_D) > 0); + const int have_E = (strlen(input_E) > 0); mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; const char *pers = "test_suite_rsa"; - mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); + mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ) == 0 ); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers)) == 0); - if( have_N ) - TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 ); + if (have_N) { + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + } - if( have_P ) - TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 ); + if (have_P) { + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + } - if( have_Q ) - TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 ); + if (have_Q) { + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + } - if( have_D ) - TEST_ASSERT( mbedtls_test_read_mpi( &D, input_D ) == 0 ); + if (have_D) { + TEST_ASSERT(mbedtls_test_read_mpi(&D, input_D) == 0); + } - if( have_E ) - TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 ); + if (have_E) { + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + } - TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL, - have_P ? &P : NULL, - have_Q ? &Q : NULL, - have_D ? &D : NULL, - have_E ? &E : NULL, - prng ? mbedtls_ctr_drbg_random : NULL, - prng ? &ctr_drbg : NULL ) == result ); + TEST_ASSERT(mbedtls_rsa_validate_params(have_N ? &N : NULL, + have_P ? &P : NULL, + have_Q ? &Q : NULL, + have_D ? &D : NULL, + have_E ? &E : NULL, + prng ? mbedtls_ctr_drbg_random : NULL, + prng ? &ctr_drbg : NULL) == result); exit: - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); - mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); + mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */ -void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P, - data_t *input_Q, data_t *input_D, - data_t *input_E, int is_priv, - int successive ) +void mbedtls_rsa_export_raw(data_t *input_N, data_t *input_P, + data_t *input_Q, data_t *input_D, + data_t *input_E, int is_priv, + int successive) { /* Exported buffers */ unsigned char bufNe[256]; @@ -1645,94 +1628,90 @@ void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P, mbedtls_rsa_context ctx; - mbedtls_rsa_init( &ctx, 0, 0 ); + mbedtls_rsa_init(&ctx, 0, 0); /* Setup RSA context */ - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - input_N->len ? input_N->x : NULL, input_N->len, - input_P->len ? input_P->x : NULL, input_P->len, - input_Q->len ? input_Q->x : NULL, input_Q->len, - input_D->len ? input_D->x : NULL, input_D->len, - input_E->len ? input_E->x : NULL, input_E->len ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + input_N->len ? input_N->x : NULL, input_N->len, + input_P->len ? input_P->x : NULL, input_P->len, + input_Q->len ? input_Q->x : NULL, input_Q->len, + input_D->len ? input_D->x : NULL, input_D->len, + input_E->len ? input_E->x : NULL, input_E->len) == 0); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); /* * Export parameters and compare to original ones. */ /* N and E must always be present. */ - if( !successive ) - { - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len, - NULL, 0, NULL, 0, NULL, 0, - bufEe, input_E->len ) == 0 ); + if (!successive) { + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, bufNe, input_N->len, + NULL, 0, NULL, 0, NULL, 0, + bufEe, input_E->len) == 0); + } else { + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, bufNe, input_N->len, + NULL, 0, NULL, 0, NULL, 0, + NULL, 0) == 0); + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, + NULL, 0, NULL, 0, NULL, 0, + bufEe, input_E->len) == 0); } - else - { - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len, - NULL, 0, NULL, 0, NULL, 0, - NULL, 0 ) == 0 ); - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, - NULL, 0, NULL, 0, NULL, 0, - bufEe, input_E->len ) == 0 ); - } - TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 ); - TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 ); + TEST_ASSERT(memcmp(input_N->x, bufNe, input_N->len) == 0); + TEST_ASSERT(memcmp(input_E->x, bufEe, input_E->len) == 0); /* If we were providing enough information to setup a complete private context, * we expect to be able to export all core parameters. */ - if( is_priv ) - { - if( !successive ) - { - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, - bufPe, input_P->len ? input_P->len : sizeof( bufPe ), - bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ), - bufDe, input_D->len ? input_D->len : sizeof( bufDe ), - NULL, 0 ) == 0 ); - } - else - { - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, - bufPe, input_P->len ? input_P->len : sizeof( bufPe ), - NULL, 0, NULL, 0, - NULL, 0 ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, - bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ), - NULL, 0, NULL, 0 ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0, - bufDe, input_D->len ? input_D->len : sizeof( bufDe ), - NULL, 0 ) == 0 ); + if (is_priv) { + if (!successive) { + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, + bufPe, input_P->len ? input_P->len : sizeof(bufPe), + bufQe, input_Q->len ? input_Q->len : sizeof(bufQe), + bufDe, input_D->len ? input_D->len : sizeof(bufDe), + NULL, 0) == 0); + } else { + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, + bufPe, input_P->len ? input_P->len : sizeof(bufPe), + NULL, 0, NULL, 0, + NULL, 0) == 0); + + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, NULL, 0, + bufQe, input_Q->len ? input_Q->len : sizeof(bufQe), + NULL, 0, NULL, 0) == 0); + + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, NULL, 0, NULL, 0, + bufDe, input_D->len ? input_D->len : sizeof(bufDe), + NULL, 0) == 0); } - if( input_P->len ) - TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 ); + if (input_P->len) { + TEST_ASSERT(memcmp(input_P->x, bufPe, input_P->len) == 0); + } - if( input_Q->len ) - TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 ); + if (input_Q->len) { + TEST_ASSERT(memcmp(input_Q->x, bufQe, input_Q->len) == 0); + } - if( input_D->len ) - TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 ); + if (input_D->len) { + TEST_ASSERT(memcmp(input_D->x, bufDe, input_D->len) == 0); + } } exit: - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */ -void mbedtls_rsa_import_raw( data_t *input_N, - data_t *input_P, data_t *input_Q, - data_t *input_D, data_t *input_E, - int successive, - int is_priv, - int res_check, - int res_complete ) +void mbedtls_rsa_import_raw(data_t *input_N, + data_t *input_P, data_t *input_Q, + data_t *input_D, data_t *input_E, + int successive, + int is_priv, + int res_check, + int res_complete) { /* Buffers used for encryption-decryption test */ unsigned char *buf_orig = NULL; @@ -1745,108 +1724,108 @@ void mbedtls_rsa_import_raw( data_t *input_N, const char *pers = "test_suite_rsa"; - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - mbedtls_rsa_init( &ctx, 0, 0 ); - - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ) == 0 ); - - if( !successive ) - { - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len, - ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len, - ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len, - ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len, - ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 ); - } - else - { + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + mbedtls_rsa_init(&ctx, 0, 0); + + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers)) == 0); + + if (!successive) { + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + (input_N->len > 0) ? input_N->x : NULL, input_N->len, + (input_P->len > 0) ? input_P->x : NULL, input_P->len, + (input_Q->len > 0) ? input_Q->x : NULL, input_Q->len, + (input_D->len > 0) ? input_D->x : NULL, input_D->len, + (input_E->len > 0) ? input_E->x : NULL, + input_E->len) == 0); + } else { /* Import N, P, Q, D, E separately. * This should make no functional difference. */ - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len, - NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - NULL, 0, - ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len, - NULL, 0, NULL, 0, NULL, 0 ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - NULL, 0, NULL, 0, - ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len, - NULL, 0, NULL, 0 ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - NULL, 0, NULL, 0, NULL, 0, - ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len, - NULL, 0 ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - NULL, 0, NULL, 0, NULL, 0, NULL, 0, - ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + (input_N->len > 0) ? input_N->x : NULL, input_N->len, + NULL, 0, NULL, 0, NULL, 0, NULL, 0) == 0); + + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + NULL, 0, + (input_P->len > 0) ? input_P->x : NULL, input_P->len, + NULL, 0, NULL, 0, NULL, 0) == 0); + + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + NULL, 0, NULL, 0, + (input_Q->len > 0) ? input_Q->x : NULL, input_Q->len, + NULL, 0, NULL, 0) == 0); + + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + NULL, 0, NULL, 0, NULL, 0, + (input_D->len > 0) ? input_D->x : NULL, input_D->len, + NULL, 0) == 0); + + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + NULL, 0, NULL, 0, NULL, 0, NULL, 0, + (input_E->len > 0) ? input_E->x : NULL, + input_E->len) == 0); } - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete ); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == res_complete); /* On expected success, perform some public and private * key operations to check if the key is working properly. */ - if( res_complete == 0 ) - { - if( is_priv ) - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check ); - else - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check ); - - if( res_check != 0 ) + if (res_complete == 0) { + if (is_priv) { + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == res_check); + } else { + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == res_check); + } + + if (res_check != 0) { goto exit; + } - buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) ); - buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) ); - buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) ); - if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL ) + buf_orig = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx)); + buf_enc = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx)); + buf_dec = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx)); + if (buf_orig == NULL || buf_enc == NULL || buf_dec == NULL) { goto exit; + } - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg, - buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctr_drbg, + buf_orig, mbedtls_rsa_get_len(&ctx)) == 0); /* Make sure the number we're generating is smaller than the modulus */ buf_orig[0] = 0x00; - TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 ); + TEST_ASSERT(mbedtls_rsa_public(&ctx, buf_orig, buf_enc) == 0); - if( is_priv ) - { - TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random, - &ctr_drbg, buf_enc, - buf_dec ) == 0 ); + if (is_priv) { + TEST_ASSERT(mbedtls_rsa_private(&ctx, mbedtls_ctr_drbg_random, + &ctr_drbg, buf_enc, + buf_dec) == 0); - TEST_ASSERT( memcmp( buf_orig, buf_dec, - mbedtls_rsa_get_len( &ctx ) ) == 0 ); + TEST_ASSERT(memcmp(buf_orig, buf_dec, + mbedtls_rsa_get_len(&ctx)) == 0); } } exit: - mbedtls_free( buf_orig ); - mbedtls_free( buf_enc ); - mbedtls_free( buf_dec ); + mbedtls_free(buf_orig); + mbedtls_free(buf_enc); + mbedtls_free(buf_dec); - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void rsa_selftest( ) +void rsa_selftest() { - TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_rsa_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function index f3477ec78eca..02c410eac6c1 100644 --- a/tests/suites/test_suite_shax.function +++ b/tests/suites/test_suite_shax.function @@ -5,46 +5,46 @@ /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */ -void sha1_valid_param( ) +void sha1_valid_param() { - TEST_VALID_PARAM( mbedtls_sha1_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_sha1_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA1_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void sha1_invalid_param( ) +void sha1_invalid_param() { mbedtls_sha1_context ctx; unsigned char buf[64] = { 0 }; - size_t const buflen = sizeof( buf ); + size_t const buflen = sizeof(buf); - TEST_INVALID_PARAM( mbedtls_sha1_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_sha1_init(NULL)); - TEST_INVALID_PARAM( mbedtls_sha1_clone( NULL, &ctx ) ); - TEST_INVALID_PARAM( mbedtls_sha1_clone( &ctx, NULL ) ); + TEST_INVALID_PARAM(mbedtls_sha1_clone(NULL, &ctx)); + TEST_INVALID_PARAM(mbedtls_sha1_clone(&ctx, NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_starts_ret( NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_starts_ret(NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_update_ret( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_update_ret( &ctx, NULL, buflen ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_update_ret(NULL, buf, buflen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_update_ret(&ctx, NULL, buflen)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_finish_ret( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_finish_ret( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_finish_ret(NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_finish_ret(&ctx, NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_internal_sha1_process( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_internal_sha1_process( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_internal_sha1_process(NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_internal_sha1_process(&ctx, NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_ret( NULL, buflen, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_ret( buf, buflen, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_ret(NULL, buflen, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_ret(buf, buflen, NULL)); exit: return; @@ -52,69 +52,69 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */ -void mbedtls_sha1( data_t * src_str, data_t * hash ) +void mbedtls_sha1(data_t *src_str, data_t *hash) { unsigned char output[41]; memset(output, 0x00, 41); - TEST_ASSERT( mbedtls_sha1_ret( src_str->x, src_str->len, output ) == 0 ); + TEST_ASSERT(mbedtls_sha1_ret(src_str->x, src_str->len, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 20, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 20, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void sha256_valid_param( ) +void sha256_valid_param() { - TEST_VALID_PARAM( mbedtls_sha256_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_sha256_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void sha256_invalid_param( ) +void sha256_invalid_param() { mbedtls_sha256_context ctx; unsigned char buf[64] = { 0 }; - size_t const buflen = sizeof( buf ); + size_t const buflen = sizeof(buf); int valid_type = 0; int invalid_type = 42; - TEST_INVALID_PARAM( mbedtls_sha256_init( NULL ) ); - - TEST_INVALID_PARAM( mbedtls_sha256_clone( NULL, &ctx ) ); - TEST_INVALID_PARAM( mbedtls_sha256_clone( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_starts_ret( NULL, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_starts_ret( &ctx, invalid_type ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_update_ret( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_update_ret( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_finish_ret( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_finish_ret( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_internal_sha256_process( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_internal_sha256_process( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_ret( NULL, buflen, - buf, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_ret( buf, buflen, - NULL, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_ret( buf, buflen, - buf, invalid_type ) ); + TEST_INVALID_PARAM(mbedtls_sha256_init(NULL)); + + TEST_INVALID_PARAM(mbedtls_sha256_clone(NULL, &ctx)); + TEST_INVALID_PARAM(mbedtls_sha256_clone(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_starts_ret(NULL, valid_type)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_starts_ret(&ctx, invalid_type)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_update_ret(NULL, buf, buflen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_update_ret(&ctx, NULL, buflen)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_finish_ret(NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_finish_ret(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_internal_sha256_process(NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_internal_sha256_process(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_ret(NULL, buflen, + buf, valid_type)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_ret(buf, buflen, + NULL, valid_type)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_ret(buf, buflen, + buf, invalid_type)); exit: return; @@ -122,83 +122,83 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void sha224( data_t * src_str, data_t * hash ) +void sha224(data_t *src_str, data_t *hash) { unsigned char output[57]; memset(output, 0x00, 57); - TEST_ASSERT( mbedtls_sha256_ret( src_str->x, src_str->len, output, 1 ) == 0 ); + TEST_ASSERT(mbedtls_sha256_ret(src_str->x, src_str->len, output, 1) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 28, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 28, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void mbedtls_sha256( data_t * src_str, data_t * hash ) +void mbedtls_sha256(data_t *src_str, data_t *hash) { unsigned char output[65]; memset(output, 0x00, 65); - TEST_ASSERT( mbedtls_sha256_ret( src_str->x, src_str->len, output, 0 ) == 0 ); + TEST_ASSERT(mbedtls_sha256_ret(src_str->x, src_str->len, output, 0) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 32, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 32, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */ -void sha512_valid_param( ) +void sha512_valid_param() { - TEST_VALID_PARAM( mbedtls_sha512_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_sha512_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void sha512_invalid_param( ) +void sha512_invalid_param() { mbedtls_sha512_context ctx; unsigned char buf[64] = { 0 }; - size_t const buflen = sizeof( buf ); + size_t const buflen = sizeof(buf); int valid_type = 0; int invalid_type = 42; - TEST_INVALID_PARAM( mbedtls_sha512_init( NULL ) ); - - TEST_INVALID_PARAM( mbedtls_sha512_clone( NULL, &ctx ) ); - TEST_INVALID_PARAM( mbedtls_sha512_clone( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_starts_ret( NULL, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_starts_ret( &ctx, invalid_type ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_update_ret( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_update_ret( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_finish_ret( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_finish_ret( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_internal_sha512_process( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_internal_sha512_process( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_ret( NULL, buflen, - buf, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_ret( buf, buflen, - NULL, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_ret( buf, buflen, - buf, invalid_type ) ); + TEST_INVALID_PARAM(mbedtls_sha512_init(NULL)); + + TEST_INVALID_PARAM(mbedtls_sha512_clone(NULL, &ctx)); + TEST_INVALID_PARAM(mbedtls_sha512_clone(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_starts_ret(NULL, valid_type)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_starts_ret(&ctx, invalid_type)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_update_ret(NULL, buf, buflen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_update_ret(&ctx, NULL, buflen)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_finish_ret(NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_finish_ret(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_internal_sha512_process(NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_internal_sha512_process(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_ret(NULL, buflen, + buf, valid_type)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_ret(buf, buflen, + NULL, valid_type)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_ret(buf, buflen, + buf, invalid_type)); exit: return; @@ -206,50 +206,50 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */ -void sha384( data_t * src_str, data_t * hash ) +void sha384(data_t *src_str, data_t *hash) { unsigned char output[97]; memset(output, 0x00, 97); - TEST_ASSERT( mbedtls_sha512_ret( src_str->x, src_str->len, output, 1 ) == 0 ); + TEST_ASSERT(mbedtls_sha512_ret(src_str->x, src_str->len, output, 1) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 48, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 48, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */ -void mbedtls_sha512( data_t * src_str, data_t * hash ) +void mbedtls_sha512(data_t *src_str, data_t *hash) { unsigned char output[129]; memset(output, 0x00, 129); - TEST_ASSERT( mbedtls_sha512_ret( src_str->x, src_str->len, output, 0 ) == 0 ); + TEST_ASSERT(mbedtls_sha512_ret(src_str->x, src_str->len, output, 0) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 64, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 64, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA1_C:MBEDTLS_SELF_TEST */ -void sha1_selftest( ) +void sha1_selftest() { - TEST_ASSERT( mbedtls_sha1_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_sha1_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_SELF_TEST */ -void sha256_selftest( ) +void sha256_selftest() { - TEST_ASSERT( mbedtls_sha256_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_sha256_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_SELF_TEST */ -void sha512_selftest( ) +void sha512_selftest() { - TEST_ASSERT( mbedtls_sha512_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_sha512_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 7575f7874fab..5a928208ea8d 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -12,16 +12,14 @@ #include -enum -{ -#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ - tls1_3_label_ ## name, -MBEDTLS_SSL_TLS1_3_LABEL_LIST +enum { +#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ + tls1_3_label_ ## name, + MBEDTLS_SSL_TLS1_3_LABEL_LIST #undef MBEDTLS_SSL_TLS1_3_LABEL }; -typedef struct log_pattern -{ +typedef struct log_pattern { const char *pattern; size_t counter; } log_pattern; @@ -31,9 +29,9 @@ typedef struct log_pattern * this case, it will count the instances of a log_pattern in the received * logged messages. */ -void log_analyzer( void *ctx, int level, - const char *file, int line, - const char *str ) +void log_analyzer(void *ctx, int level, + const char *file, int line, + const char *str) { log_pattern *p = (log_pattern *) ctx; @@ -41,10 +39,9 @@ void log_analyzer( void *ctx, int level, (void) line; (void) file; - if( NULL != p && + if (NULL != p && NULL != p->pattern && - NULL != strstr( str, p->pattern ) ) - { + NULL != strstr(str, p->pattern)) { p->counter++; } } @@ -52,8 +49,7 @@ void log_analyzer( void *ctx, int level, /* Invalid minor version used when not specifying a min/max version or expecting a test to fail */ #define TEST_SSL_MINOR_VERSION_NONE -1 -typedef struct handshake_test_options -{ +typedef struct handshake_test_options { const char *cipher; int client_min_version; int client_max_version; @@ -79,38 +75,37 @@ typedef struct handshake_test_options int resize_buffers; } handshake_test_options; -void init_handshake_options( handshake_test_options *opts ) +void init_handshake_options(handshake_test_options *opts) { - opts->cipher = ""; - opts->client_min_version = TEST_SSL_MINOR_VERSION_NONE; - opts->client_max_version = TEST_SSL_MINOR_VERSION_NONE; - opts->server_min_version = TEST_SSL_MINOR_VERSION_NONE; - opts->server_max_version = TEST_SSL_MINOR_VERSION_NONE; - opts->expected_negotiated_version = MBEDTLS_SSL_MINOR_VERSION_3; - opts->pk_alg = MBEDTLS_PK_RSA; - opts->psk_str = NULL; - opts->dtls = 0; - opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE; - opts->serialize = 0; - opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE; - opts->cli_msg_len = 100; - opts->srv_msg_len = 100; - opts->expected_cli_fragments = 1; - opts->expected_srv_fragments = 1; - opts->renegotiate = 0; - opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; - opts->srv_log_obj = NULL; - opts->srv_log_obj = NULL; - opts->srv_log_fun = NULL; - opts->cli_log_fun = NULL; - opts->resize_buffers = 1; + opts->cipher = ""; + opts->client_min_version = TEST_SSL_MINOR_VERSION_NONE; + opts->client_max_version = TEST_SSL_MINOR_VERSION_NONE; + opts->server_min_version = TEST_SSL_MINOR_VERSION_NONE; + opts->server_max_version = TEST_SSL_MINOR_VERSION_NONE; + opts->expected_negotiated_version = MBEDTLS_SSL_MINOR_VERSION_3; + opts->pk_alg = MBEDTLS_PK_RSA; + opts->psk_str = NULL; + opts->dtls = 0; + opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE; + opts->serialize = 0; + opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE; + opts->cli_msg_len = 100; + opts->srv_msg_len = 100; + opts->expected_cli_fragments = 1; + opts->expected_srv_fragments = 1; + opts->renegotiate = 0; + opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; + opts->srv_log_obj = NULL; + opts->srv_log_obj = NULL; + opts->srv_log_fun = NULL; + opts->cli_log_fun = NULL; + opts->resize_buffers = 1; } /* * Buffer structure for custom I/O callbacks. */ -typedef struct mbedtls_test_buffer -{ +typedef struct mbedtls_test_buffer { size_t start; size_t content_length; size_t capacity; @@ -121,32 +116,34 @@ typedef struct mbedtls_test_buffer * Initialises \p buf. After calling this function it is safe to call * `mbedtls_test_buffer_free()` on \p buf. */ -void mbedtls_test_buffer_init( mbedtls_test_buffer *buf ) +void mbedtls_test_buffer_init(mbedtls_test_buffer *buf) { - memset( buf, 0, sizeof( *buf ) ); + memset(buf, 0, sizeof(*buf)); } /* * Sets up \p buf. After calling this function it is safe to call * `mbedtls_test_buffer_put()` and `mbedtls_test_buffer_get()` on \p buf. */ -int mbedtls_test_buffer_setup( mbedtls_test_buffer *buf, size_t capacity ) +int mbedtls_test_buffer_setup(mbedtls_test_buffer *buf, size_t capacity) { - buf->buffer = (unsigned char*) mbedtls_calloc( capacity, - sizeof( unsigned char ) ); - if( NULL == buf->buffer ) + buf->buffer = (unsigned char *) mbedtls_calloc(capacity, + sizeof(unsigned char)); + if (NULL == buf->buffer) { return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } buf->capacity = capacity; return 0; } -void mbedtls_test_buffer_free( mbedtls_test_buffer *buf ) +void mbedtls_test_buffer_free(mbedtls_test_buffer *buf) { - if( buf->buffer != NULL ) - mbedtls_free( buf->buffer ); + if (buf->buffer != NULL) { + mbedtls_free(buf->buffer); + } - memset( buf, 0, sizeof( *buf ) ); + memset(buf, 0, sizeof(*buf)); } /* @@ -160,49 +157,44 @@ void mbedtls_test_buffer_free( mbedtls_test_buffer *buf ) * \retval -1, if \p buf is NULL, it hasn't been set up or \p input_len is not * zero and \p input is NULL. */ -int mbedtls_test_buffer_put( mbedtls_test_buffer *buf, - const unsigned char *input, size_t input_len ) +int mbedtls_test_buffer_put(mbedtls_test_buffer *buf, + const unsigned char *input, size_t input_len) { size_t overflow = 0; - if( ( buf == NULL ) || ( buf->buffer == NULL ) ) + if ((buf == NULL) || (buf->buffer == NULL)) { return -1; + } /* Reduce input_len to a number that fits in the buffer. */ - if ( ( buf->content_length + input_len ) > buf->capacity ) - { + if ((buf->content_length + input_len) > buf->capacity) { input_len = buf->capacity - buf->content_length; } - if( input == NULL ) - { - return ( input_len == 0 ) ? 0 : -1; + if (input == NULL) { + return (input_len == 0) ? 0 : -1; } - /* Check if the buffer has not come full circle and free space is not in - * the middle */ - if( buf->start + buf->content_length < buf->capacity ) - { + /* Check if the buffer has not come full circle and free space is not in + * the middle */ + if (buf->start + buf->content_length < buf->capacity) { /* Calculate the number of bytes that need to be placed at lower memory - * address */ - if( buf->start + buf->content_length + input_len - > buf->capacity ) - { - overflow = ( buf->start + buf->content_length + input_len ) - % buf->capacity; + * address */ + if (buf->start + buf->content_length + input_len + > buf->capacity) { + overflow = (buf->start + buf->content_length + input_len) + % buf->capacity; } - memcpy( buf->buffer + buf->start + buf->content_length, input, - input_len - overflow ); - memcpy( buf->buffer, input + input_len - overflow, overflow ); + memcpy(buf->buffer + buf->start + buf->content_length, input, + input_len - overflow); + memcpy(buf->buffer, input + input_len - overflow, overflow); - } - else - { + } else { /* The buffer has come full circle and free space is in the middle */ - memcpy( buf->buffer + buf->start + buf->content_length - buf->capacity, - input, input_len ); + memcpy(buf->buffer + buf->start + buf->content_length - buf->capacity, + input, input_len); } buf->content_length += input_len; @@ -221,35 +213,36 @@ int mbedtls_test_buffer_put( mbedtls_test_buffer *buf, * \retval 0 <= value < \p output_len, if the data is not available. * \retval -1, if \buf is NULL or it hasn't been set up. */ -int mbedtls_test_buffer_get( mbedtls_test_buffer *buf, - unsigned char* output, size_t output_len ) +int mbedtls_test_buffer_get(mbedtls_test_buffer *buf, + unsigned char *output, size_t output_len) { size_t overflow = 0; - if( ( buf == NULL ) || ( buf->buffer == NULL ) ) + if ((buf == NULL) || (buf->buffer == NULL)) { return -1; + } - if( output == NULL && output_len == 0 ) + if (output == NULL && output_len == 0) { return 0; + } - if( buf->content_length < output_len ) + if (buf->content_length < output_len) { output_len = buf->content_length; + } /* Calculate the number of bytes that need to be drawn from lower memory * address */ - if( buf->start + output_len > buf->capacity ) - { - overflow = ( buf->start + output_len ) % buf->capacity; + if (buf->start + output_len > buf->capacity) { + overflow = (buf->start + output_len) % buf->capacity; } - if( output != NULL ) - { - memcpy( output, buf->buffer + buf->start, output_len - overflow ); - memcpy( output + output_len - overflow, buf->buffer, overflow ); + if (output != NULL) { + memcpy(output, buf->buffer + buf->start, output_len - overflow); + memcpy(output + output_len - overflow, buf->buffer, overflow); } buf->content_length -= output_len; - buf->start = ( buf->start + output_len ) % buf->capacity; + buf->start = (buf->start + output_len) % buf->capacity; return output_len; } @@ -263,8 +256,7 @@ int mbedtls_test_buffer_get( mbedtls_test_buffer *buf, /* * Context for a message metadata queue (fifo) that is on top of the ring buffer. */ -typedef struct mbedtls_test_message_queue -{ +typedef struct mbedtls_test_message_queue { size_t *messages; int pos; int num; @@ -280,12 +272,13 @@ typedef struct mbedtls_test_message_queue * \retval 0, if a metadata queue of a given length can be allocated. * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed. */ -int mbedtls_test_message_queue_setup( mbedtls_test_message_queue *queue, - size_t capacity ) +int mbedtls_test_message_queue_setup(mbedtls_test_message_queue *queue, + size_t capacity) { - queue->messages = (size_t*) mbedtls_calloc( capacity, sizeof( size_t ) ); - if( NULL == queue->messages ) + queue->messages = (size_t *) mbedtls_calloc(capacity, sizeof(size_t)); + if (NULL == queue->messages) { return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } queue->capacity = capacity; queue->pos = 0; @@ -294,15 +287,17 @@ int mbedtls_test_message_queue_setup( mbedtls_test_message_queue *queue, return 0; } -void mbedtls_test_message_queue_free( mbedtls_test_message_queue *queue ) +void mbedtls_test_message_queue_free(mbedtls_test_message_queue *queue) { - if( queue == NULL ) + if (queue == NULL) { return; + } - if( queue->messages != NULL ) - mbedtls_free( queue->messages ); + if (queue->messages != NULL) { + mbedtls_free(queue->messages); + } - memset( queue, 0, sizeof( *queue ) ); + memset(queue, 0, sizeof(*queue)); } /* @@ -313,17 +308,19 @@ void mbedtls_test_message_queue_free( mbedtls_test_message_queue *queue ) * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full. * \retval \p len, if the push was successful. */ -int mbedtls_test_message_queue_push_info( mbedtls_test_message_queue *queue, - size_t len ) +int mbedtls_test_message_queue_push_info(mbedtls_test_message_queue *queue, + size_t len) { int place; - if( queue == NULL ) + if (queue == NULL) { return MBEDTLS_TEST_ERROR_ARG_NULL; + } - if( queue->num >= queue->capacity ) + if (queue->num >= queue->capacity) { return MBEDTLS_ERR_SSL_WANT_WRITE; + } - place = ( queue->pos + queue->num ) % queue->capacity; + place = (queue->pos + queue->num) % queue->capacity; queue->messages[place] = len; queue->num++; return len; @@ -339,24 +336,27 @@ int mbedtls_test_message_queue_push_info( mbedtls_test_message_queue *queue, * \retval message length, if the pop was successful, up to the given \p buf_len. */ -int mbedtls_test_message_queue_pop_info( mbedtls_test_message_queue *queue, - size_t buf_len ) +int mbedtls_test_message_queue_pop_info(mbedtls_test_message_queue *queue, + size_t buf_len) { size_t message_length; - if( queue == NULL ) + if (queue == NULL) { return MBEDTLS_TEST_ERROR_ARG_NULL; - if( queue->num == 0 ) + } + if (queue->num == 0) { return MBEDTLS_ERR_SSL_WANT_READ; + } message_length = queue->messages[queue->pos]; queue->messages[queue->pos] = 0; queue->num--; queue->pos++; queue->pos %= queue->capacity; - if( queue->pos < 0 ) + if (queue->pos < 0) { queue->pos += queue->capacity; + } - return ( message_length > buf_len ) ? buf_len : message_length; + return (message_length > buf_len) ? buf_len : message_length; } /* @@ -371,16 +371,18 @@ int mbedtls_test_message_queue_pop_info( mbedtls_test_message_queue *queue, * set to the full message length so that the * caller knows what portion of the message can be dropped. */ -int mbedtls_test_message_queue_peek_info( mbedtls_test_message_queue *queue, - size_t buf_len, size_t* msg_len ) +int mbedtls_test_message_queue_peek_info(mbedtls_test_message_queue *queue, + size_t buf_len, size_t *msg_len) { - if( queue == NULL || msg_len == NULL ) + if (queue == NULL || msg_len == NULL) { return MBEDTLS_TEST_ERROR_ARG_NULL; - if( queue->num == 0 ) + } + if (queue->num == 0) { return MBEDTLS_ERR_SSL_WANT_READ; + } *msg_len = queue->messages[queue->pos]; - return ( *msg_len > buf_len ) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0; + return (*msg_len > buf_len) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0; } /* * Context for the I/O callbacks simulating network connection. @@ -388,8 +390,7 @@ int mbedtls_test_message_queue_peek_info( mbedtls_test_message_queue *queue, #define MBEDTLS_MOCK_SOCKET_CONNECTED 1 -typedef struct mbedtls_mock_socket -{ +typedef struct mbedtls_mock_socket { int status; mbedtls_test_buffer *input; mbedtls_test_buffer *output; @@ -399,9 +400,9 @@ typedef struct mbedtls_mock_socket /* * Setup and teardown functions for mock sockets. */ -void mbedtls_mock_socket_init( mbedtls_mock_socket *socket ) +void mbedtls_mock_socket_init(mbedtls_mock_socket *socket) { - memset( socket, 0, sizeof( *socket ) ); + memset(socket, 0, sizeof(*socket)); } /* @@ -417,27 +418,27 @@ void mbedtls_mock_socket_init( mbedtls_mock_socket *socket ) * phenomenon that when closing a UDP connection the peer is not aware of the * connection having been closed. */ -void mbedtls_mock_socket_close( mbedtls_mock_socket* socket ) +void mbedtls_mock_socket_close(mbedtls_mock_socket *socket) { - if( socket == NULL ) + if (socket == NULL) { return; + } - if( socket->input != NULL ) - { - mbedtls_test_buffer_free( socket->input ); - mbedtls_free( socket->input ); + if (socket->input != NULL) { + mbedtls_test_buffer_free(socket->input); + mbedtls_free(socket->input); } - if( socket->output != NULL ) - { - mbedtls_test_buffer_free( socket->output ); - mbedtls_free( socket->output ); + if (socket->output != NULL) { + mbedtls_test_buffer_free(socket->output); + mbedtls_free(socket->output); } - if( socket->peer != NULL ) - memset( socket->peer, 0, sizeof( *socket->peer ) ); + if (socket->peer != NULL) { + memset(socket->peer, 0, sizeof(*socket->peer)); + } - memset( socket, 0, sizeof( *socket ) ); + memset(socket, 0, sizeof(*socket)); } /* @@ -450,35 +451,31 @@ void mbedtls_mock_socket_close( mbedtls_mock_socket* socket ) * the correct value allows for simulation of MTU, sanity testing the mock * implementation and mocking TCP connections with lower memory cost. */ -int mbedtls_mock_socket_connect( mbedtls_mock_socket* peer1, - mbedtls_mock_socket* peer2, - size_t bufsize ) +int mbedtls_mock_socket_connect(mbedtls_mock_socket *peer1, + mbedtls_mock_socket *peer2, + size_t bufsize) { int ret = -1; peer1->output = - (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof( mbedtls_test_buffer ) ); - if( peer1->output == NULL ) - { + (mbedtls_test_buffer *) mbedtls_calloc(1, sizeof(mbedtls_test_buffer)); + if (peer1->output == NULL) { ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } - mbedtls_test_buffer_init( peer1->output ); - if( 0 != ( ret = mbedtls_test_buffer_setup( peer1->output, bufsize ) ) ) - { + mbedtls_test_buffer_init(peer1->output); + if (0 != (ret = mbedtls_test_buffer_setup(peer1->output, bufsize))) { goto exit; } peer2->output = - (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof( mbedtls_test_buffer) ); - if( peer2->output == NULL ) - { + (mbedtls_test_buffer *) mbedtls_calloc(1, sizeof(mbedtls_test_buffer)); + if (peer2->output == NULL) { ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } - mbedtls_test_buffer_init( peer2->output ); - if( 0 != ( ret = mbedtls_test_buffer_setup( peer2->output, bufsize ) ) ) - { + mbedtls_test_buffer_init(peer2->output); + if (0 != (ret = mbedtls_test_buffer_setup(peer2->output, bufsize))) { goto exit; } @@ -492,10 +489,9 @@ int mbedtls_mock_socket_connect( mbedtls_mock_socket* peer1, exit: - if( ret != 0 ) - { - mbedtls_mock_socket_close( peer1 ); - mbedtls_mock_socket_close( peer2 ); + if (ret != 0) { + mbedtls_mock_socket_close(peer1); + mbedtls_mock_socket_close(peer2); } return ret; @@ -505,58 +501,60 @@ exit: * Callbacks for simulating blocking I/O over connection-oriented transport. */ -int mbedtls_mock_tcp_send_b( void *ctx, const unsigned char *buf, size_t len ) +int mbedtls_mock_tcp_send_b(void *ctx, const unsigned char *buf, size_t len) { - mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx; + mbedtls_mock_socket *socket = (mbedtls_mock_socket *) ctx; - if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED ) + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { return -1; + } - return mbedtls_test_buffer_put( socket->output, buf, len ); + return mbedtls_test_buffer_put(socket->output, buf, len); } -int mbedtls_mock_tcp_recv_b( void *ctx, unsigned char *buf, size_t len ) +int mbedtls_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len) { - mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx; + mbedtls_mock_socket *socket = (mbedtls_mock_socket *) ctx; - if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED ) + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { return -1; + } - return mbedtls_test_buffer_get( socket->input, buf, len ); + return mbedtls_test_buffer_get(socket->input, buf, len); } /* * Callbacks for simulating non-blocking I/O over connection-oriented transport. */ -int mbedtls_mock_tcp_send_nb( void *ctx, const unsigned char *buf, size_t len ) +int mbedtls_mock_tcp_send_nb(void *ctx, const unsigned char *buf, size_t len) { - mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx; + mbedtls_mock_socket *socket = (mbedtls_mock_socket *) ctx; - if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED ) + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { return -1; + } - if( socket->output->capacity == socket->output->content_length ) - { + if (socket->output->capacity == socket->output->content_length) { return MBEDTLS_ERR_SSL_WANT_WRITE; } - return mbedtls_test_buffer_put( socket->output, buf, len ); + return mbedtls_test_buffer_put(socket->output, buf, len); } -int mbedtls_mock_tcp_recv_nb( void *ctx, unsigned char *buf, size_t len ) +int mbedtls_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len) { - mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx; + mbedtls_mock_socket *socket = (mbedtls_mock_socket *) ctx; - if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED ) + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { return -1; + } - if( socket->input->content_length == 0 ) - { + if (socket->input->content_length == 0) { return MBEDTLS_ERR_SSL_WANT_READ; } - return mbedtls_test_buffer_get( socket->input, buf, len ); + return mbedtls_test_buffer_get(socket->input, buf, len); } /* Errors used in the message socket mocks */ @@ -572,14 +570,13 @@ int mbedtls_mock_tcp_recv_nb( void *ctx, unsigned char *buf, size_t len ) * considered as an owner of the input queue only, which is initialized and * freed in the respective setup and free calls. */ -typedef struct mbedtls_test_message_socket_context -{ - mbedtls_test_message_queue* queue_input; - mbedtls_test_message_queue* queue_output; - mbedtls_mock_socket* socket; +typedef struct mbedtls_test_message_socket_context { + mbedtls_test_message_queue *queue_input; + mbedtls_test_message_queue *queue_output; + mbedtls_mock_socket *socket; } mbedtls_test_message_socket_context; -void mbedtls_message_socket_init( mbedtls_test_message_socket_context *ctx ) +void mbedtls_message_socket_init(mbedtls_test_message_socket_context *ctx) { ctx->queue_input = NULL; ctx->queue_output = NULL; @@ -595,19 +592,20 @@ void mbedtls_message_socket_init( mbedtls_test_message_socket_context *ctx ) * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message * queue failed. */ -int mbedtls_message_socket_setup( mbedtls_test_message_queue* queue_input, - mbedtls_test_message_queue* queue_output, - size_t queue_capacity, - mbedtls_mock_socket* socket, - mbedtls_test_message_socket_context* ctx ) +int mbedtls_message_socket_setup(mbedtls_test_message_queue *queue_input, + mbedtls_test_message_queue *queue_output, + size_t queue_capacity, + mbedtls_mock_socket *socket, + mbedtls_test_message_socket_context *ctx) { - int ret = mbedtls_test_message_queue_setup( queue_input, queue_capacity ); - if( ret != 0 ) + int ret = mbedtls_test_message_queue_setup(queue_input, queue_capacity); + if (ret != 0) { return ret; + } ctx->queue_input = queue_input; ctx->queue_output = queue_output; ctx->socket = socket; - mbedtls_mock_socket_init( socket ); + mbedtls_mock_socket_init(socket); return 0; } @@ -616,14 +614,15 @@ int mbedtls_message_socket_setup( mbedtls_test_message_queue* queue_input, * Close a given message socket context, along with the socket itself. Free the * memory allocated by the input queue. */ -void mbedtls_message_socket_close( mbedtls_test_message_socket_context* ctx ) +void mbedtls_message_socket_close(mbedtls_test_message_socket_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_test_message_queue_free( ctx->queue_input ); - mbedtls_mock_socket_close( ctx->socket ); - memset( ctx, 0, sizeof( *ctx ) ); + mbedtls_test_message_queue_free(ctx->queue_input); + mbedtls_mock_socket_close(ctx->socket); + memset(ctx, 0, sizeof(*ctx)); } /* @@ -638,28 +637,29 @@ void mbedtls_message_socket_close( mbedtls_test_message_socket_context* ctx ) * This function will also return any error from * mbedtls_test_message_queue_push_info. */ -int mbedtls_mock_tcp_send_msg( void *ctx, const unsigned char *buf, size_t len ) +int mbedtls_mock_tcp_send_msg(void *ctx, const unsigned char *buf, size_t len) { - mbedtls_test_message_queue* queue; - mbedtls_mock_socket* socket; - mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context*) ctx; + mbedtls_test_message_queue *queue; + mbedtls_mock_socket *socket; + mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context *) ctx; - if( context == NULL || context->socket == NULL - || context->queue_output == NULL ) - { + if (context == NULL || context->socket == NULL + || context->queue_output == NULL) { return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; } queue = context->queue_output; socket = context->socket; - if( queue->num >= queue->capacity ) + if (queue->num >= queue->capacity) { return MBEDTLS_ERR_SSL_WANT_WRITE; + } - if( mbedtls_mock_tcp_send_b( socket, buf, len ) != (int) len ) + if (mbedtls_mock_tcp_send_b(socket, buf, len) != (int) len) { return MBEDTLS_TEST_ERROR_SEND_FAILED; + } - return mbedtls_test_message_queue_push_info( queue, len ); + return mbedtls_test_message_queue_push_info(queue, len); } /* @@ -674,18 +674,17 @@ int mbedtls_mock_tcp_send_msg( void *ctx, const unsigned char *buf, size_t len ) * This function will also return any error other than * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from mbedtls_test_message_queue_peek_info. */ -int mbedtls_mock_tcp_recv_msg( void *ctx, unsigned char *buf, size_t buf_len ) +int mbedtls_mock_tcp_recv_msg(void *ctx, unsigned char *buf, size_t buf_len) { - mbedtls_test_message_queue* queue; - mbedtls_mock_socket* socket; - mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context*) ctx; + mbedtls_test_message_queue *queue; + mbedtls_mock_socket *socket; + mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context *) ctx; size_t drop_len = 0; size_t msg_len; int ret; - if( context == NULL || context->socket == NULL - || context->queue_input == NULL ) - { + if (context == NULL || context->socket == NULL + || context->queue_input == NULL) { return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; } @@ -694,33 +693,30 @@ int mbedtls_mock_tcp_recv_msg( void *ctx, unsigned char *buf, size_t buf_len ) /* Peek first, so that in case of a socket error the data remains in * the queue. */ - ret = mbedtls_test_message_queue_peek_info( queue, buf_len, &msg_len ); - if( ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED ) - { + ret = mbedtls_test_message_queue_peek_info(queue, buf_len, &msg_len); + if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { /* Calculate how much to drop */ drop_len = msg_len - buf_len; /* Set the requested message len to be buffer length */ msg_len = buf_len; - } else if( ret != 0 ) - { + } else if (ret != 0) { return ret; } - if( mbedtls_mock_tcp_recv_b( socket, buf, msg_len ) != (int) msg_len ) + if (mbedtls_mock_tcp_recv_b(socket, buf, msg_len) != (int) msg_len) { return MBEDTLS_TEST_ERROR_RECV_FAILED; + } - if( ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED ) - { + if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { /* Drop the remaining part of the message */ - if( mbedtls_mock_tcp_recv_b( socket, NULL, drop_len ) != (int) drop_len ) - { - /* Inconsistent state - part of the message was read, - * and a part couldn't. Not much we can do here, but it should not - * happen in test environment, unless forced manually. */ + if (mbedtls_mock_tcp_recv_b(socket, NULL, drop_len) != (int) drop_len) { + /* Inconsistent state - part of the message was read, + * and a part couldn't. Not much we can do here, but it should not + * happen in test environment, unless forced manually. */ } } - mbedtls_test_message_queue_pop_info( queue, buf_len ); + mbedtls_test_message_queue_pop_info(queue, buf_len); return msg_len; } @@ -732,18 +728,16 @@ int mbedtls_mock_tcp_recv_msg( void *ctx, unsigned char *buf, size_t buf_len ) /* * Structure with endpoint's certificates for SSL communication tests. */ -typedef struct mbedtls_endpoint_certificate -{ - mbedtls_x509_crt* ca_cert; - mbedtls_x509_crt* cert; - mbedtls_pk_context* pkey; +typedef struct mbedtls_endpoint_certificate { + mbedtls_x509_crt *ca_cert; + mbedtls_x509_crt *cert; + mbedtls_pk_context *pkey; } mbedtls_endpoint_certificate; /* * Endpoint structure for SSL communication tests. */ -typedef struct mbedtls_endpoint -{ +typedef struct mbedtls_endpoint { const char *name; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; @@ -756,34 +750,29 @@ typedef struct mbedtls_endpoint /* * Deinitializes certificates from endpoint represented by \p ep. */ -void mbedtls_endpoint_certificate_free( mbedtls_endpoint *ep ) +void mbedtls_endpoint_certificate_free(mbedtls_endpoint *ep) { - mbedtls_endpoint_certificate *cert = &( ep->cert ); - if( cert != NULL ) - { - if( cert->ca_cert != NULL ) - { - mbedtls_x509_crt_free( cert->ca_cert ); - mbedtls_free( cert->ca_cert ); + mbedtls_endpoint_certificate *cert = &(ep->cert); + if (cert != NULL) { + if (cert->ca_cert != NULL) { + mbedtls_x509_crt_free(cert->ca_cert); + mbedtls_free(cert->ca_cert); cert->ca_cert = NULL; } - if( cert->cert != NULL ) - { - mbedtls_x509_crt_free( cert->cert ); - mbedtls_free( cert->cert ); + if (cert->cert != NULL) { + mbedtls_x509_crt_free(cert->cert); + mbedtls_free(cert->cert); cert->cert = NULL; } - if( cert->pkey != NULL ) - { + if (cert->pkey != NULL) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( mbedtls_pk_get_type( cert->pkey ) == MBEDTLS_PK_OPAQUE ) - { + if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) { mbedtls_svc_key_id_t *key_slot = cert->pkey->pk_ctx; - psa_destroy_key( *key_slot ); + psa_destroy_key(*key_slot); } #endif - mbedtls_pk_free( cert->pkey ); - mbedtls_free( cert->pkey ); + mbedtls_pk_free(cert->pkey); + mbedtls_free(cert->pkey); cert->pkey = NULL; } } @@ -795,103 +784,91 @@ void mbedtls_endpoint_certificate_free( mbedtls_endpoint *ep ) * * \retval 0 on success, otherwise error code. */ -int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg ) +int mbedtls_endpoint_certificate_init(mbedtls_endpoint *ep, int pk_alg) { int i = 0; int ret = -1; mbedtls_endpoint_certificate *cert = NULL; - if( ep == NULL ) - { + if (ep == NULL) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - cert = &( ep->cert ); - ASSERT_ALLOC( cert->ca_cert, 1 ); - ASSERT_ALLOC( cert->cert, 1 ); - ASSERT_ALLOC( cert->pkey, 1 ); + cert = &(ep->cert); + ASSERT_ALLOC(cert->ca_cert, 1); + ASSERT_ALLOC(cert->cert, 1); + ASSERT_ALLOC(cert->pkey, 1); - mbedtls_x509_crt_init( cert->ca_cert ); - mbedtls_x509_crt_init( cert->cert ); - mbedtls_pk_init( cert->pkey ); + mbedtls_x509_crt_init(cert->ca_cert); + mbedtls_x509_crt_init(cert->cert); + mbedtls_pk_init(cert->pkey); /* Load the trusted CA */ - for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ ) - { - ret = mbedtls_x509_crt_parse_der( cert->ca_cert, - (const unsigned char *) mbedtls_test_cas_der[i], - mbedtls_test_cas_der_len[i] ); - TEST_ASSERT( ret == 0 ); + for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) { + ret = mbedtls_x509_crt_parse_der(cert->ca_cert, + (const unsigned char *) mbedtls_test_cas_der[i], + mbedtls_test_cas_der_len[i]); + TEST_ASSERT(ret == 0); } /* Load own certificate and private key */ - if( ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER ) - { - if( pk_alg == MBEDTLS_PK_RSA ) - { - ret = mbedtls_x509_crt_parse( cert->cert, - (const unsigned char*) mbedtls_test_srv_crt_rsa_sha256_der, - mbedtls_test_srv_crt_rsa_sha256_der_len ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_pk_parse_key( cert->pkey, - (const unsigned char*) mbedtls_test_srv_key_rsa_der, - mbedtls_test_srv_key_rsa_der_len, NULL, 0 ); - TEST_ASSERT( ret == 0 ); + if (ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER) { + if (pk_alg == MBEDTLS_PK_RSA) { + ret = mbedtls_x509_crt_parse(cert->cert, + (const unsigned char *) mbedtls_test_srv_crt_rsa_sha256_der, + mbedtls_test_srv_crt_rsa_sha256_der_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key(cert->pkey, + (const unsigned char *) mbedtls_test_srv_key_rsa_der, + mbedtls_test_srv_key_rsa_der_len, NULL, 0); + TEST_ASSERT(ret == 0); + } else { + ret = mbedtls_x509_crt_parse(cert->cert, + (const unsigned char *) mbedtls_test_srv_crt_ec_der, + mbedtls_test_srv_crt_ec_der_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key(cert->pkey, + (const unsigned char *) mbedtls_test_srv_key_ec_der, + mbedtls_test_srv_key_ec_der_len, NULL, 0); + TEST_ASSERT(ret == 0); } - else - { - ret = mbedtls_x509_crt_parse( cert->cert, - (const unsigned char*) mbedtls_test_srv_crt_ec_der, - mbedtls_test_srv_crt_ec_der_len ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_pk_parse_key( cert->pkey, - (const unsigned char*) mbedtls_test_srv_key_ec_der, - mbedtls_test_srv_key_ec_der_len, NULL, 0 ); - TEST_ASSERT( ret == 0 ); - } - } - else - { - if( pk_alg == MBEDTLS_PK_RSA ) - { - ret = mbedtls_x509_crt_parse( cert->cert, - (const unsigned char *) mbedtls_test_cli_crt_rsa_der, - mbedtls_test_cli_crt_rsa_der_len ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_pk_parse_key( cert->pkey, - (const unsigned char *) mbedtls_test_cli_key_rsa_der, - mbedtls_test_cli_key_rsa_der_len, NULL, 0 ); - TEST_ASSERT( ret == 0 ); - } - else - { - ret = mbedtls_x509_crt_parse( cert->cert, - (const unsigned char *) mbedtls_test_cli_crt_ec_der, - mbedtls_test_cli_crt_ec_len ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_pk_parse_key( cert->pkey, - (const unsigned char *) mbedtls_test_cli_key_ec_der, - mbedtls_test_cli_key_ec_der_len, NULL, 0 ); - TEST_ASSERT( ret == 0 ); + } else { + if (pk_alg == MBEDTLS_PK_RSA) { + ret = mbedtls_x509_crt_parse(cert->cert, + (const unsigned char *) mbedtls_test_cli_crt_rsa_der, + mbedtls_test_cli_crt_rsa_der_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key(cert->pkey, + (const unsigned char *) mbedtls_test_cli_key_rsa_der, + mbedtls_test_cli_key_rsa_der_len, NULL, 0); + TEST_ASSERT(ret == 0); + } else { + ret = mbedtls_x509_crt_parse(cert->cert, + (const unsigned char *) mbedtls_test_cli_crt_ec_der, + mbedtls_test_cli_crt_ec_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key(cert->pkey, + (const unsigned char *) mbedtls_test_cli_key_ec_der, + mbedtls_test_cli_key_ec_der_len, NULL, 0); + TEST_ASSERT(ret == 0); } } - mbedtls_ssl_conf_ca_chain( &( ep->conf ), cert->ca_cert, NULL ); + mbedtls_ssl_conf_ca_chain(&(ep->conf), cert->ca_cert, NULL); - ret = mbedtls_ssl_conf_own_cert( &( ep->conf ), cert->cert, - cert->pkey ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert, + cert->pkey); + TEST_ASSERT(ret == 0); exit: - if( ret != 0 ) - { - mbedtls_endpoint_certificate_free( ep ); + if (ret != 0) { + mbedtls_endpoint_certificate_free(ep); } return ret; @@ -911,87 +888,85 @@ exit: * * \retval 0 on success, otherwise error code. */ -int mbedtls_endpoint_init( mbedtls_endpoint *ep, int endpoint_type, int pk_alg, - mbedtls_test_message_socket_context *dtls_context, - mbedtls_test_message_queue *input_queue, - mbedtls_test_message_queue *output_queue, - const mbedtls_ecp_group_id *curves ) +int mbedtls_endpoint_init(mbedtls_endpoint *ep, int endpoint_type, int pk_alg, + mbedtls_test_message_socket_context *dtls_context, + mbedtls_test_message_queue *input_queue, + mbedtls_test_message_queue *output_queue, + const mbedtls_ecp_group_id *curves) { int ret = -1; - if( dtls_context != NULL && ( input_queue == NULL || output_queue == NULL ) ) + if (dtls_context != NULL && (input_queue == NULL || output_queue == NULL)) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( ep == NULL ) + if (ep == NULL) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; - - memset( ep, 0, sizeof( *ep ) ); - - ep->name = ( endpoint_type == MBEDTLS_SSL_IS_SERVER ) ? "Server" : "Client"; - - mbedtls_ssl_init( &( ep->ssl ) ); - mbedtls_ssl_config_init( &( ep->conf ) ); - mbedtls_ctr_drbg_init( &( ep->ctr_drbg ) ); - mbedtls_ssl_conf_rng( &( ep->conf ), - mbedtls_ctr_drbg_random, - &( ep->ctr_drbg ) ); - mbedtls_entropy_init( &( ep->entropy ) ); - if( dtls_context != NULL ) - { - TEST_ASSERT( mbedtls_message_socket_setup( input_queue, output_queue, - 100, &( ep->socket ), - dtls_context ) == 0 ); } - else - { - mbedtls_mock_socket_init( &( ep->socket ) ); + + memset(ep, 0, sizeof(*ep)); + + ep->name = (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? "Server" : "Client"; + + mbedtls_ssl_init(&(ep->ssl)); + mbedtls_ssl_config_init(&(ep->conf)); + mbedtls_ctr_drbg_init(&(ep->ctr_drbg)); + mbedtls_ssl_conf_rng(&(ep->conf), + mbedtls_ctr_drbg_random, + &(ep->ctr_drbg)); + mbedtls_entropy_init(&(ep->entropy)); + if (dtls_context != NULL) { + TEST_ASSERT(mbedtls_message_socket_setup(input_queue, output_queue, + 100, &(ep->socket), + dtls_context) == 0); + } else { + mbedtls_mock_socket_init(&(ep->socket)); } - ret = mbedtls_ctr_drbg_seed( &( ep->ctr_drbg ), mbedtls_entropy_func, - &( ep->entropy ), (const unsigned char *) ( ep->name ), - strlen( ep->name ) ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ctr_drbg_seed(&(ep->ctr_drbg), mbedtls_entropy_func, + &(ep->entropy), (const unsigned char *) (ep->name), + strlen(ep->name)); + TEST_ASSERT(ret == 0); /* Non-blocking callbacks without timeout */ - if( dtls_context != NULL ) - { - mbedtls_ssl_set_bio( &( ep->ssl ), dtls_context, - mbedtls_mock_tcp_send_msg, - mbedtls_mock_tcp_recv_msg, - NULL ); - } - else - { - mbedtls_ssl_set_bio( &( ep->ssl ), &( ep->socket ), - mbedtls_mock_tcp_send_nb, - mbedtls_mock_tcp_recv_nb, - NULL ); - } - - ret = mbedtls_ssl_config_defaults( &( ep->conf ), endpoint_type, - ( dtls_context != NULL ) ? - MBEDTLS_SSL_TRANSPORT_DATAGRAM : - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ); - TEST_ASSERT( ret == 0 ); + if (dtls_context != NULL) { + mbedtls_ssl_set_bio(&(ep->ssl), dtls_context, + mbedtls_mock_tcp_send_msg, + mbedtls_mock_tcp_recv_msg, + NULL); + } else { + mbedtls_ssl_set_bio(&(ep->ssl), &(ep->socket), + mbedtls_mock_tcp_send_nb, + mbedtls_mock_tcp_recv_nb, + NULL); + } + + ret = mbedtls_ssl_config_defaults(&(ep->conf), endpoint_type, + (dtls_context != NULL) ? + MBEDTLS_SSL_TRANSPORT_DATAGRAM : + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT); + TEST_ASSERT(ret == 0); #if defined(MBEDTLS_ECP_C) - if( curves != NULL ) - mbedtls_ssl_conf_curves( &(ep->conf), curves ); + if (curves != NULL) { + mbedtls_ssl_conf_curves(&(ep->conf), curves); + } #else (void) curves; #endif - ret = mbedtls_ssl_setup( &( ep->ssl ), &( ep->conf ) ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf)); + TEST_ASSERT(ret == 0); #if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C) - if( endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL ) - mbedtls_ssl_conf_dtls_cookies( &( ep->conf ), NULL, NULL, NULL ); + if (endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL) { + mbedtls_ssl_conf_dtls_cookies(&(ep->conf), NULL, NULL, NULL); + } #endif - ret = mbedtls_endpoint_certificate_init( ep, pk_alg ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_endpoint_certificate_init(ep, pk_alg); + TEST_ASSERT(ret == 0); exit: return ret; @@ -1000,23 +975,20 @@ exit: /* * Deinitializes endpoint represented by \p ep. */ -void mbedtls_endpoint_free( mbedtls_endpoint *ep, - mbedtls_test_message_socket_context *context ) +void mbedtls_endpoint_free(mbedtls_endpoint *ep, + mbedtls_test_message_socket_context *context) { - mbedtls_endpoint_certificate_free( ep ); + mbedtls_endpoint_certificate_free(ep); - mbedtls_ssl_free( &( ep->ssl ) ); - mbedtls_ssl_config_free( &( ep->conf ) ); - mbedtls_ctr_drbg_free( &( ep->ctr_drbg ) ); - mbedtls_entropy_free( &( ep->entropy ) ); + mbedtls_ssl_free(&(ep->ssl)); + mbedtls_ssl_config_free(&(ep->conf)); + mbedtls_ctr_drbg_free(&(ep->ctr_drbg)); + mbedtls_entropy_free(&(ep->entropy)); - if( context != NULL ) - { - mbedtls_message_socket_close( context ); - } - else - { - mbedtls_mock_socket_close( &( ep->socket ) ); + if (context != NULL) { + mbedtls_message_socket_close(context); + } else { + mbedtls_mock_socket_close(&(ep->socket)); } } @@ -1027,45 +999,40 @@ void mbedtls_endpoint_free( mbedtls_endpoint *ep, * * \retval 0 on success, otherwise error code. */ -int mbedtls_move_handshake_to_state( mbedtls_ssl_context *ssl, - mbedtls_ssl_context *second_ssl, - int state ) +int mbedtls_move_handshake_to_state(mbedtls_ssl_context *ssl, + mbedtls_ssl_context *second_ssl, + int state) { enum { BUFFSIZE = 1024 }; int max_steps = 1000; int ret = 0; - if( ssl == NULL || second_ssl == NULL ) - { + if (ssl == NULL || second_ssl == NULL) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* Perform communication via connected sockets */ - while( ( ssl->state != state ) && ( --max_steps >= 0 ) ) - { + while ((ssl->state != state) && (--max_steps >= 0)) { /* If /p second_ssl ends the handshake procedure before /p ssl then * there is no need to call the next step */ - if( second_ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - ret = mbedtls_ssl_handshake_step( second_ssl ); - if( ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { + if (second_ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + ret = mbedtls_ssl_handshake_step(second_ssl); + if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { return ret; } } /* We only care about the \p ssl state and returns, so we call it last, * to leave the iteration as soon as the state is as expected. */ - ret = mbedtls_ssl_handshake_step( ssl ); - if( ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { + ret = mbedtls_ssl_handshake_step(ssl); + if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { return ret; } } - return ( max_steps >= 0 ) ? ret : -1; + return (max_steps >= 0) ? ret : -1; } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ @@ -1073,38 +1040,32 @@ int mbedtls_move_handshake_to_state( mbedtls_ssl_context *ssl, /* * Write application data. Increase write counter if necessary. */ -int mbedtls_ssl_write_fragment( mbedtls_ssl_context *ssl, unsigned char *buf, - int buf_len, int *written, - const int expected_fragments ) +int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl, unsigned char *buf, + int buf_len, int *written, + const int expected_fragments) { - int ret = mbedtls_ssl_write( ssl, buf + *written, buf_len - *written ); - if( ret > 0 ) - { + int ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written); + if (ret > 0) { *written += ret; } - if( expected_fragments == 0 ) - { + if (expected_fragments == 0) { /* Used for DTLS and the message size larger than MFL. In that case * the message can not be fragmented and the library should return * MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned * to prevent a dead loop inside mbedtls_exchange_data(). */ return ret; - } - else if( expected_fragments == 1 ) - { + } else if (expected_fragments == 1) { /* Used for TLS/DTLS and the message size lower than MFL */ - TEST_ASSERT( ret == buf_len || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - } - else - { + TEST_ASSERT(ret == buf_len || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } else { /* Used for TLS and the message size larger than MFL */ - TEST_ASSERT( expected_fragments > 1 ); - TEST_ASSERT( ( ret >= 0 && ret <= buf_len ) || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + TEST_ASSERT(expected_fragments > 1); + TEST_ASSERT((ret >= 0 && ret <= buf_len) || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); } return 0; @@ -1117,33 +1078,27 @@ exit: /* * Read application data and increase read counter and fragments counter if necessary. */ -int mbedtls_ssl_read_fragment( mbedtls_ssl_context *ssl, unsigned char *buf, - int buf_len, int *read, - int *fragments, const int expected_fragments ) +int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl, unsigned char *buf, + int buf_len, int *read, + int *fragments, const int expected_fragments) { - int ret = mbedtls_ssl_read( ssl, buf + *read, buf_len - *read ); - if( ret > 0 ) - { - ( *fragments )++; + int ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read); + if (ret > 0) { + (*fragments)++; *read += ret; } - if( expected_fragments == 0 ) - { - TEST_ASSERT( ret == 0 ); - } - else if( expected_fragments == 1 ) - { - TEST_ASSERT( ret == buf_len || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - } - else - { - TEST_ASSERT( expected_fragments > 1 ); - TEST_ASSERT( ( ret >= 0 && ret <= buf_len ) || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + if (expected_fragments == 0) { + TEST_ASSERT(ret == 0); + } else if (expected_fragments == 1) { + TEST_ASSERT(ret == buf_len || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } else { + TEST_ASSERT(expected_fragments > 1); + TEST_ASSERT((ret >= 0 && ret <= buf_len) || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); } return 0; @@ -1159,54 +1114,52 @@ exit: * and version. */ -#define CHK( x ) \ +#define CHK(x) \ do \ { \ - if( !( x ) ) \ + if (!(x)) \ { \ ret = -1; \ goto cleanup; \ } \ - } while( 0 ) + } while (0) -void set_ciphersuite( mbedtls_ssl_config *conf, const char *cipher, - int* forced_ciphersuite ) +void set_ciphersuite(mbedtls_ssl_config *conf, const char *cipher, + int *forced_ciphersuite) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( cipher ); + forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(cipher); forced_ciphersuite[1] = 0; ciphersuite_info = - mbedtls_ssl_ciphersuite_from_id( forced_ciphersuite[0] ); + mbedtls_ssl_ciphersuite_from_id(forced_ciphersuite[0]); - TEST_ASSERT( ciphersuite_info != NULL ); - TEST_ASSERT( ciphersuite_info->min_minor_ver <= conf->max_minor_ver ); - TEST_ASSERT( ciphersuite_info->max_minor_ver >= conf->min_minor_ver ); + TEST_ASSERT(ciphersuite_info != NULL); + TEST_ASSERT(ciphersuite_info->min_minor_ver <= conf->max_minor_ver); + TEST_ASSERT(ciphersuite_info->max_minor_ver >= conf->min_minor_ver); - if( conf->max_minor_ver > ciphersuite_info->max_minor_ver ) - { + if (conf->max_minor_ver > ciphersuite_info->max_minor_ver) { conf->max_minor_ver = ciphersuite_info->max_minor_ver; } - if( conf->min_minor_ver < ciphersuite_info->min_minor_ver ) - { + if (conf->min_minor_ver < ciphersuite_info->min_minor_ver) { conf->min_minor_ver = ciphersuite_info->min_minor_ver; } - mbedtls_ssl_conf_ciphersuites( conf, forced_ciphersuite ); + mbedtls_ssl_conf_ciphersuites(conf, forced_ciphersuite); exit: return; } -int psk_dummy_callback( void *p_info, mbedtls_ssl_context *ssl, - const unsigned char *name, size_t name_len ) +int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl, + const unsigned char *name, size_t name_len) { (void) p_info; (void) ssl; (void) name; (void) name_len; - return ( 0 ); + return 0; } #if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX @@ -1215,12 +1168,12 @@ int psk_dummy_callback( void *p_info, mbedtls_ssl_context *ssl, #define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX #endif -static int build_transforms( mbedtls_ssl_transform *t_in, - mbedtls_ssl_transform *t_out, - int cipher_type, int hash_id, - int etm, int tag_mode, int ver, - size_t cid0_len, - size_t cid1_len ) +static int build_transforms(mbedtls_ssl_transform *t_in, + mbedtls_ssl_transform *t_out, + int cipher_type, int hash_id, + int etm, int tag_mode, int ver, + size_t cid0_len, + size_t cid1_len) { mbedtls_cipher_info_t const *cipher_info; int ret = 0; @@ -1231,11 +1184,11 @@ static int build_transforms( mbedtls_ssl_transform *t_in, unsigned char iv_enc[16], iv_dec[16]; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - unsigned char cid0[ SSL_CID_LEN_MIN ]; - unsigned char cid1[ SSL_CID_LEN_MIN ]; + unsigned char cid0[SSL_CID_LEN_MIN]; + unsigned char cid1[SSL_CID_LEN_MIN]; - mbedtls_test_rnd_std_rand( NULL, cid0, sizeof( cid0 ) ); - mbedtls_test_rnd_std_rand( NULL, cid1, sizeof( cid1 ) ); + mbedtls_test_rnd_std_rand(NULL, cid0, sizeof(cid0)); + mbedtls_test_rnd_std_rand(NULL, cid1, sizeof(cid1)); #else ((void) cid0_len); ((void) cid1_len); @@ -1244,91 +1197,87 @@ static int build_transforms( mbedtls_ssl_transform *t_in, maclen = 0; /* Pick cipher */ - cipher_info = mbedtls_cipher_info_from_type( cipher_type ); - CHK( cipher_info != NULL ); - CHK( cipher_info->iv_size <= 16 ); - CHK( cipher_info->key_bitlen % 8 == 0 ); + cipher_info = mbedtls_cipher_info_from_type(cipher_type); + CHK(cipher_info != NULL); + CHK(cipher_info->iv_size <= 16); + CHK(cipher_info->key_bitlen % 8 == 0); /* Pick keys */ keylen = cipher_info->key_bitlen / 8; /* Allocate `keylen + 1` bytes to ensure that we get * a non-NULL pointers from `mbedtls_calloc` even if * `keylen == 0` in the case of the NULL cipher. */ - CHK( ( key0 = mbedtls_calloc( 1, keylen + 1 ) ) != NULL ); - CHK( ( key1 = mbedtls_calloc( 1, keylen + 1 ) ) != NULL ); - memset( key0, 0x1, keylen ); - memset( key1, 0x2, keylen ); + CHK((key0 = mbedtls_calloc(1, keylen + 1)) != NULL); + CHK((key1 = mbedtls_calloc(1, keylen + 1)) != NULL); + memset(key0, 0x1, keylen); + memset(key1, 0x2, keylen); /* Setup cipher contexts */ - CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_enc, cipher_info ) == 0 ); - CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_dec, cipher_info ) == 0 ); - CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_enc, cipher_info ) == 0 ); - CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_dec, cipher_info ) == 0 ); + CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_enc, cipher_info) == 0); + CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_dec, cipher_info) == 0); + CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_enc, cipher_info) == 0); + CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_dec, cipher_info) == 0); #if defined(MBEDTLS_CIPHER_MODE_CBC) - if( cipher_info->mode == MBEDTLS_MODE_CBC ) - { - CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_enc, - MBEDTLS_PADDING_NONE ) == 0 ); - CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_dec, - MBEDTLS_PADDING_NONE ) == 0 ); - CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_enc, - MBEDTLS_PADDING_NONE ) == 0 ); - CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_dec, - MBEDTLS_PADDING_NONE ) == 0 ); + if (cipher_info->mode == MBEDTLS_MODE_CBC) { + CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_enc, + MBEDTLS_PADDING_NONE) == 0); + CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_dec, + MBEDTLS_PADDING_NONE) == 0); + CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_enc, + MBEDTLS_PADDING_NONE) == 0); + CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_dec, + MBEDTLS_PADDING_NONE) == 0); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ - CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_enc, key0, - keylen << 3, MBEDTLS_ENCRYPT ) == 0 ); - CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_dec, key1, - keylen << 3, MBEDTLS_DECRYPT ) == 0 ); - CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_enc, key1, - keylen << 3, MBEDTLS_ENCRYPT ) == 0 ); - CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_dec, key0, - keylen << 3, MBEDTLS_DECRYPT ) == 0 ); + CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_enc, key0, + keylen << 3, MBEDTLS_ENCRYPT) == 0); + CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_dec, key1, + keylen << 3, MBEDTLS_DECRYPT) == 0); + CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_enc, key1, + keylen << 3, MBEDTLS_ENCRYPT) == 0); + CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_dec, key0, + keylen << 3, MBEDTLS_DECRYPT) == 0); /* Setup MAC contexts */ #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - if( cipher_info->mode == MBEDTLS_MODE_CBC || - cipher_info->mode == MBEDTLS_MODE_STREAM ) - { + if (cipher_info->mode == MBEDTLS_MODE_CBC || + cipher_info->mode == MBEDTLS_MODE_STREAM) { mbedtls_md_info_t const *md_info; /* Pick hash */ - md_info = mbedtls_md_info_from_type( hash_id ); - CHK( md_info != NULL ); + md_info = mbedtls_md_info_from_type(hash_id); + CHK(md_info != NULL); /* Pick hash keys */ - maclen = mbedtls_md_get_size( md_info ); - CHK( ( md0 = mbedtls_calloc( 1, maclen ) ) != NULL ); - CHK( ( md1 = mbedtls_calloc( 1, maclen ) ) != NULL ); - memset( md0, 0x5, maclen ); - memset( md1, 0x6, maclen ); - - CHK( mbedtls_md_setup( &t_out->md_ctx_enc, md_info, 1 ) == 0 ); - CHK( mbedtls_md_setup( &t_out->md_ctx_dec, md_info, 1 ) == 0 ); - CHK( mbedtls_md_setup( &t_in->md_ctx_enc, md_info, 1 ) == 0 ); - CHK( mbedtls_md_setup( &t_in->md_ctx_dec, md_info, 1 ) == 0 ); - - if( ver > MBEDTLS_SSL_MINOR_VERSION_0 ) - { - CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_enc, - md0, maclen ) == 0 ); - CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_dec, - md1, maclen ) == 0 ); - CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_enc, - md1, maclen ) == 0 ); - CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_dec, - md0, maclen ) == 0 ); + maclen = mbedtls_md_get_size(md_info); + CHK((md0 = mbedtls_calloc(1, maclen)) != NULL); + CHK((md1 = mbedtls_calloc(1, maclen)) != NULL); + memset(md0, 0x5, maclen); + memset(md1, 0x6, maclen); + + CHK(mbedtls_md_setup(&t_out->md_ctx_enc, md_info, 1) == 0); + CHK(mbedtls_md_setup(&t_out->md_ctx_dec, md_info, 1) == 0); + CHK(mbedtls_md_setup(&t_in->md_ctx_enc, md_info, 1) == 0); + CHK(mbedtls_md_setup(&t_in->md_ctx_dec, md_info, 1) == 0); + + if (ver > MBEDTLS_SSL_MINOR_VERSION_0) { + CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_enc, + md0, maclen) == 0); + CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_dec, + md1, maclen) == 0); + CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_enc, + md1, maclen) == 0); + CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_dec, + md0, maclen) == 0); } #if defined(MBEDTLS_SSL_PROTO_SSL3) - else - { - memcpy( &t_in->mac_enc, md0, maclen ); - memcpy( &t_in->mac_dec, md1, maclen ); - memcpy( &t_out->mac_enc, md1, maclen ); - memcpy( &t_out->mac_dec, md0, maclen ); + else { + memcpy(&t_in->mac_enc, md0, maclen); + memcpy(&t_in->mac_dec, md1, maclen); + memcpy(&t_out->mac_enc, md1, maclen); + memcpy(&t_out->mac_dec, md0, maclen); } #endif } @@ -1340,8 +1289,8 @@ static int build_transforms( mbedtls_ssl_transform *t_in, /* Pick IV's (regardless of whether they * are being used by the transform). */ ivlen = cipher_info->iv_size; - memset( iv_enc, 0x3, sizeof( iv_enc ) ); - memset( iv_dec, 0x4, sizeof( iv_dec ) ); + memset(iv_enc, 0x3, sizeof(iv_enc)); + memset(iv_dec, 0x4, sizeof(iv_dec)); /* * Setup transforms @@ -1360,17 +1309,14 @@ static int build_transforms( mbedtls_ssl_transform *t_in, t_out->ivlen = ivlen; t_in->ivlen = ivlen; - switch( cipher_info->mode ) - { + switch (cipher_info->mode) { case MBEDTLS_MODE_GCM: case MBEDTLS_MODE_CCM: #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if (ver == MBEDTLS_SSL_MINOR_VERSION_4) { t_out->fixed_ivlen = 12; t_in->fixed_ivlen = 12; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ { t_out->fixed_ivlen = 4; @@ -1378,8 +1324,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in, } t_out->maclen = 0; t_in->maclen = 0; - switch( tag_mode ) - { + switch (tag_mode) { case 0: /* Full tag */ t_out->taglen = 16; t_in->taglen = 16; @@ -1399,8 +1344,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in, t_in->fixed_ivlen = 12; t_out->maclen = 0; t_in->maclen = 0; - switch( tag_mode ) - { + switch (tag_mode) { case 0: /* Full tag */ t_out->taglen = 16; t_in->taglen = 16; @@ -1421,8 +1365,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in, t_in->fixed_ivlen = 0; /* redundant, must be 0 */ t_out->taglen = 0; t_in->taglen = 0; - switch( tag_mode ) - { + switch (tag_mode) { case 0: /* Full tag */ t_out->maclen = maclen; t_in->maclen = maclen; @@ -1444,88 +1387,91 @@ static int build_transforms( mbedtls_ssl_transform *t_in, /* Setup IV's */ - memcpy( &t_in->iv_dec, iv_dec, sizeof( iv_dec ) ); - memcpy( &t_in->iv_enc, iv_enc, sizeof( iv_enc ) ); - memcpy( &t_out->iv_dec, iv_enc, sizeof( iv_enc ) ); - memcpy( &t_out->iv_enc, iv_dec, sizeof( iv_dec ) ); + memcpy(&t_in->iv_dec, iv_dec, sizeof(iv_dec)); + memcpy(&t_in->iv_enc, iv_enc, sizeof(iv_enc)); + memcpy(&t_out->iv_dec, iv_enc, sizeof(iv_enc)); + memcpy(&t_out->iv_enc, iv_dec, sizeof(iv_dec)); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) /* Add CID */ - memcpy( &t_in->in_cid, cid0, cid0_len ); - memcpy( &t_in->out_cid, cid1, cid1_len ); + memcpy(&t_in->in_cid, cid0, cid0_len); + memcpy(&t_in->out_cid, cid1, cid1_len); t_in->in_cid_len = cid0_len; t_in->out_cid_len = cid1_len; - memcpy( &t_out->in_cid, cid1, cid1_len ); - memcpy( &t_out->out_cid, cid0, cid0_len ); + memcpy(&t_out->in_cid, cid1, cid1_len); + memcpy(&t_out->out_cid, cid0, cid0_len); t_out->in_cid_len = cid1_len; t_out->out_cid_len = cid0_len; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ cleanup: - mbedtls_free( key0 ); - mbedtls_free( key1 ); + mbedtls_free(key0); + mbedtls_free(key1); - mbedtls_free( md0 ); - mbedtls_free( md1 ); + mbedtls_free(md0); + mbedtls_free(md1); - return( ret ); + return ret; } /* * Populate a session structure for serialization tests. * Choose dummy values, mostly non-0 to distinguish from the init default. */ -static int ssl_populate_session( mbedtls_ssl_session *session, - int ticket_len, - const char *crt_file ) +static int ssl_populate_session(mbedtls_ssl_session *session, + int ticket_len, + const char *crt_file) { #if defined(MBEDTLS_HAVE_TIME) - session->start = mbedtls_time( NULL ) - 42; + session->start = mbedtls_time(NULL) - 42; #endif session->ciphersuite = 0xabcd; session->compression = 1; - session->id_len = sizeof( session->id ); - memset( session->id, 66, session->id_len ); - memset( session->master, 17, sizeof( session->master ) ); + session->id_len = sizeof(session->id); + memset(session->id, 66, session->id_len); + memset(session->master, 17, sizeof(session->master)); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && defined(MBEDTLS_FS_IO) - if( strlen( crt_file ) != 0 ) - { + if (strlen(crt_file) != 0) { mbedtls_x509_crt tmp_crt; int ret; - mbedtls_x509_crt_init( &tmp_crt ); - ret = mbedtls_x509_crt_parse_file( &tmp_crt, crt_file ); - if( ret != 0 ) - return( ret ); + mbedtls_x509_crt_init(&tmp_crt); + ret = mbedtls_x509_crt_parse_file(&tmp_crt, crt_file); + if (ret != 0) { + return ret; + } #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* Move temporary CRT. */ - session->peer_cert = mbedtls_calloc( 1, sizeof( *session->peer_cert ) ); - if( session->peer_cert == NULL ) - return( -1 ); + session->peer_cert = mbedtls_calloc(1, sizeof(*session->peer_cert)); + if (session->peer_cert == NULL) { + return -1; + } *session->peer_cert = tmp_crt; - memset( &tmp_crt, 0, sizeof( tmp_crt ) ); + memset(&tmp_crt, 0, sizeof(tmp_crt)); #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /* Calculate digest of temporary CRT. */ session->peer_cert_digest = - mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ); - if( session->peer_cert_digest == NULL ) - return( -1 ); - ret = mbedtls_md( mbedtls_md_info_from_type( - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE ), - tmp_crt.raw.p, tmp_crt.raw.len, - session->peer_cert_digest ); - if( ret != 0 ) - return( ret ); + mbedtls_calloc(1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN); + if (session->peer_cert_digest == NULL) { + return -1; + } + ret = mbedtls_md(mbedtls_md_info_from_type( + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE), + tmp_crt.raw.p, tmp_crt.raw.len, + session->peer_cert_digest); + if (ret != 0) { + return ret; + } session->peer_cert_digest_type = MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; session->peer_cert_digest_len = MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - mbedtls_x509_crt_free( &tmp_crt ); + mbedtls_x509_crt_free(&tmp_crt); } #else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */ (void) crt_file; @@ -1533,12 +1479,12 @@ static int ssl_populate_session( mbedtls_ssl_session *session, session->verify_result = 0xdeadbeef; #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - if( ticket_len != 0 ) - { - session->ticket = mbedtls_calloc( 1, ticket_len ); - if( session->ticket == NULL ) - return( -1 ); - memset( session->ticket, 33, ticket_len ); + if (ticket_len != 0) { + session->ticket = mbedtls_calloc(1, ticket_len); + if (session->ticket == NULL) { + return -1; + } + memset(session->ticket, 33, ticket_len); } session->ticket_len = ticket_len; session->ticket_lifetime = 86401; @@ -1556,7 +1502,7 @@ static int ssl_populate_session( mbedtls_ssl_session *session, session->encrypt_then_mac = 1; #endif - return( 0 ); + return 0; } /* @@ -1579,22 +1525,21 @@ static int ssl_populate_session( mbedtls_ssl_session *session, * * \retval 0 on success, otherwise error code. */ -int mbedtls_exchange_data( mbedtls_ssl_context *ssl_1, - int msg_len_1, const int expected_fragments_1, - mbedtls_ssl_context *ssl_2, - int msg_len_2, const int expected_fragments_2 ) +int mbedtls_exchange_data(mbedtls_ssl_context *ssl_1, + int msg_len_1, const int expected_fragments_1, + mbedtls_ssl_context *ssl_2, + int msg_len_2, const int expected_fragments_2) { - unsigned char *msg_buf_1 = malloc( msg_len_1 ); - unsigned char *msg_buf_2 = malloc( msg_len_2 ); - unsigned char *in_buf_1 = malloc( msg_len_2 ); - unsigned char *in_buf_2 = malloc( msg_len_1 ); + unsigned char *msg_buf_1 = malloc(msg_len_1); + unsigned char *msg_buf_2 = malloc(msg_len_2); + unsigned char *in_buf_1 = malloc(msg_len_2); + unsigned char *in_buf_2 = malloc(msg_len_1); int msg_type, ret = -1; /* Perform this test with two message types. At first use a message * consisting of only 0x00 for the client and only 0xFF for the server. * At the second time use message with generated data */ - for( msg_type = 0; msg_type < 2; msg_type++ ) - { + for (msg_type = 0; msg_type < 2; msg_type++) { int written_1 = 0; int written_2 = 0; int read_1 = 0; @@ -1602,99 +1547,83 @@ int mbedtls_exchange_data( mbedtls_ssl_context *ssl_1, int fragments_1 = 0; int fragments_2 = 0; - if( msg_type == 0 ) - { - memset( msg_buf_1, 0x00, msg_len_1 ); - memset( msg_buf_2, 0xff, msg_len_2 ); - } - else - { + if (msg_type == 0) { + memset(msg_buf_1, 0x00, msg_len_1); + memset(msg_buf_2, 0xff, msg_len_2); + } else { int i, j = 0; - for( i = 0; i < msg_len_1; i++ ) - { + for (i = 0; i < msg_len_1; i++) { msg_buf_1[i] = j++ & 0xFF; } - for( i = 0; i < msg_len_2; i++ ) - { - msg_buf_2[i] = ( j -= 5 ) & 0xFF; + for (i = 0; i < msg_len_2; i++) { + msg_buf_2[i] = (j -= 5) & 0xFF; } } - while( read_1 < msg_len_2 || read_2 < msg_len_1 ) - { + while (read_1 < msg_len_2 || read_2 < msg_len_1) { /* ssl_1 sending */ - if( msg_len_1 > written_1 ) - { - ret = mbedtls_ssl_write_fragment( ssl_1, msg_buf_1, - msg_len_1, &written_1, - expected_fragments_1 ); - if( expected_fragments_1 == 0 ) - { + if (msg_len_1 > written_1) { + ret = mbedtls_ssl_write_fragment(ssl_1, msg_buf_1, + msg_len_1, &written_1, + expected_fragments_1); + if (expected_fragments_1 == 0) { /* This error is expected when the message is too large and * cannot be fragmented */ - TEST_ASSERT( ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); msg_len_1 = 0; - } - else - { - TEST_ASSERT( ret == 0 ); + } else { + TEST_ASSERT(ret == 0); } } /* ssl_2 sending */ - if( msg_len_2 > written_2 ) - { - ret = mbedtls_ssl_write_fragment( ssl_2, msg_buf_2, - msg_len_2, &written_2, - expected_fragments_2 ); - if( expected_fragments_2 == 0 ) - { + if (msg_len_2 > written_2) { + ret = mbedtls_ssl_write_fragment(ssl_2, msg_buf_2, + msg_len_2, &written_2, + expected_fragments_2); + if (expected_fragments_2 == 0) { /* This error is expected when the message is too large and * cannot be fragmented */ - TEST_ASSERT( ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); msg_len_2 = 0; - } - else - { - TEST_ASSERT( ret == 0 ); + } else { + TEST_ASSERT(ret == 0); } } /* ssl_1 reading */ - if( read_1 < msg_len_2 ) - { - ret = mbedtls_ssl_read_fragment( ssl_1, in_buf_1, - msg_len_2, &read_1, - &fragments_2, - expected_fragments_2 ); - TEST_ASSERT( ret == 0 ); + if (read_1 < msg_len_2) { + ret = mbedtls_ssl_read_fragment(ssl_1, in_buf_1, + msg_len_2, &read_1, + &fragments_2, + expected_fragments_2); + TEST_ASSERT(ret == 0); } /* ssl_2 reading */ - if( read_2 < msg_len_1 ) - { - ret = mbedtls_ssl_read_fragment( ssl_2, in_buf_2, - msg_len_1, &read_2, - &fragments_1, - expected_fragments_1 ); - TEST_ASSERT( ret == 0 ); + if (read_2 < msg_len_1) { + ret = mbedtls_ssl_read_fragment(ssl_2, in_buf_2, + msg_len_1, &read_2, + &fragments_1, + expected_fragments_1); + TEST_ASSERT(ret == 0); } } ret = -1; - TEST_ASSERT( 0 == memcmp( msg_buf_1, in_buf_2, msg_len_1 ) ); - TEST_ASSERT( 0 == memcmp( msg_buf_2, in_buf_1, msg_len_2 ) ); - TEST_ASSERT( fragments_1 == expected_fragments_1 ); - TEST_ASSERT( fragments_2 == expected_fragments_2 ); + TEST_ASSERT(0 == memcmp(msg_buf_1, in_buf_2, msg_len_1)); + TEST_ASSERT(0 == memcmp(msg_buf_2, in_buf_1, msg_len_2)); + TEST_ASSERT(fragments_1 == expected_fragments_1); + TEST_ASSERT(fragments_2 == expected_fragments_2); } ret = 0; exit: - free( msg_buf_1 ); - free( in_buf_1 ); - free( msg_buf_2 ); - free( in_buf_2 ); + free(msg_buf_1); + free(in_buf_1); + free(msg_buf_2); + free(in_buf_2); return ret; } @@ -1705,17 +1634,17 @@ exit: * * \retval 0 on success, otherwise error code. */ -int exchange_data( mbedtls_ssl_context *ssl_1, - mbedtls_ssl_context *ssl_2 ) +int exchange_data(mbedtls_ssl_context *ssl_1, + mbedtls_ssl_context *ssl_2) { - return mbedtls_exchange_data( ssl_1, 256, 1, - ssl_2, 256, 1 ); + return mbedtls_exchange_data(ssl_1, 256, 1, + ssl_2, 256, 1); } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_C) -void perform_handshake( handshake_test_options* options ) +void perform_handshake(handshake_test_options *options) { /* forced_ciphersuite needs to last until the end of the handshake */ int forced_ciphersuite[2]; @@ -1736,360 +1665,332 @@ void perform_handshake( handshake_test_options* options ) #endif int expected_handshake_result = 0; - USE_PSA_INIT( ); - mbedtls_platform_zeroize( &client, sizeof( client ) ); - mbedtls_platform_zeroize( &server, sizeof( server ) ); + USE_PSA_INIT(); + mbedtls_platform_zeroize(&client, sizeof(client)); + mbedtls_platform_zeroize(&server, sizeof(server)); mbedtls_test_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); + mbedtls_message_socket_init(&server_context); + mbedtls_message_socket_init(&client_context); /* Client side */ - if( options->dtls != 0 ) - { - TEST_ASSERT( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT, - options->pk_alg, &client_context, - &client_queue, - &server_queue, NULL ) == 0 ); + if (options->dtls != 0) { + TEST_ASSERT(mbedtls_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, + options->pk_alg, &client_context, + &client_queue, + &server_queue, NULL) == 0); #if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &client.ssl, &timer_client, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&client.ssl, &timer_client, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #endif - } - else - { - TEST_ASSERT( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT, - options->pk_alg, NULL, NULL, - NULL, NULL ) == 0 ); + } else { + TEST_ASSERT(mbedtls_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, + options->pk_alg, NULL, NULL, + NULL, NULL) == 0); } - if( options->client_min_version != TEST_SSL_MINOR_VERSION_NONE ) - { - mbedtls_ssl_conf_min_version( &client.conf, MBEDTLS_SSL_MAJOR_VERSION_3, - options->client_min_version ); + if (options->client_min_version != TEST_SSL_MINOR_VERSION_NONE) { + mbedtls_ssl_conf_min_version(&client.conf, MBEDTLS_SSL_MAJOR_VERSION_3, + options->client_min_version); } - if( options->client_max_version != TEST_SSL_MINOR_VERSION_NONE ) - { - mbedtls_ssl_conf_max_version( &client.conf, MBEDTLS_SSL_MAJOR_VERSION_3, - options->client_max_version ); + if (options->client_max_version != TEST_SSL_MINOR_VERSION_NONE) { + mbedtls_ssl_conf_max_version(&client.conf, MBEDTLS_SSL_MAJOR_VERSION_3, + options->client_max_version); } - if( strlen( options->cipher ) > 0 ) - { - set_ciphersuite( &client.conf, options->cipher, forced_ciphersuite ); + if (strlen(options->cipher) > 0) { + set_ciphersuite(&client.conf, options->cipher, forced_ciphersuite); } -#if defined (MBEDTLS_DEBUG_C) - if( options->cli_log_fun ) - { - mbedtls_debug_set_threshold( 4 ); - mbedtls_ssl_conf_dbg( &client.conf, options->cli_log_fun, - options->cli_log_obj ); +#if defined(MBEDTLS_DEBUG_C) + if (options->cli_log_fun) { + mbedtls_debug_set_threshold(4); + mbedtls_ssl_conf_dbg(&client.conf, options->cli_log_fun, + options->cli_log_obj); } #endif /* Server side */ - if( options->dtls != 0 ) - { - TEST_ASSERT( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, - options->pk_alg, &server_context, - &server_queue, - &client_queue, NULL ) == 0 ); + if (options->dtls != 0) { + TEST_ASSERT(mbedtls_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, + options->pk_alg, &server_context, + &server_queue, + &client_queue, NULL) == 0); #if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #endif - } - else - { - TEST_ASSERT( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, - options->pk_alg, NULL, NULL, - NULL, NULL ) == 0 ); + } else { + TEST_ASSERT(mbedtls_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, + options->pk_alg, NULL, NULL, + NULL, NULL) == 0); } - mbedtls_ssl_conf_authmode( &server.conf, options->srv_auth_mode ); + mbedtls_ssl_conf_authmode(&server.conf, options->srv_auth_mode); - if( options->server_min_version != TEST_SSL_MINOR_VERSION_NONE ) - { - mbedtls_ssl_conf_min_version( &server.conf, MBEDTLS_SSL_MAJOR_VERSION_3, - options->server_min_version ); + if (options->server_min_version != TEST_SSL_MINOR_VERSION_NONE) { + mbedtls_ssl_conf_min_version(&server.conf, MBEDTLS_SSL_MAJOR_VERSION_3, + options->server_min_version); } - if( options->server_max_version != TEST_SSL_MINOR_VERSION_NONE ) - { - mbedtls_ssl_conf_max_version( &server.conf, MBEDTLS_SSL_MAJOR_VERSION_3, - options->server_max_version ); + if (options->server_max_version != TEST_SSL_MINOR_VERSION_NONE) { + mbedtls_ssl_conf_max_version(&server.conf, MBEDTLS_SSL_MAJOR_VERSION_3, + options->server_max_version); } #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - TEST_ASSERT( mbedtls_ssl_conf_max_frag_len( &(server.conf), - (unsigned char) options->mfl ) == 0 ); - TEST_ASSERT( mbedtls_ssl_conf_max_frag_len( &(client.conf), - (unsigned char) options->mfl ) == 0 ); + TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(server.conf), + (unsigned char) options->mfl) == 0); + TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(client.conf), + (unsigned char) options->mfl) == 0); #else - TEST_ASSERT( MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl ); + TEST_ASSERT(MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl); #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( options->psk_str != NULL && options->psk_str->len > 0 ) - { - TEST_ASSERT( mbedtls_ssl_conf_psk( &client.conf, options->psk_str->x, - options->psk_str->len, - (const unsigned char *) psk_identity, - strlen( psk_identity ) ) == 0 ); - - TEST_ASSERT( mbedtls_ssl_conf_psk( &server.conf, options->psk_str->x, - options->psk_str->len, - (const unsigned char *) psk_identity, - strlen( psk_identity ) ) == 0 ); - - mbedtls_ssl_conf_psk_cb( &server.conf, psk_dummy_callback, NULL ); + if (options->psk_str != NULL && options->psk_str->len > 0) { + TEST_ASSERT(mbedtls_ssl_conf_psk(&client.conf, options->psk_str->x, + options->psk_str->len, + (const unsigned char *) psk_identity, + strlen(psk_identity)) == 0); + + TEST_ASSERT(mbedtls_ssl_conf_psk(&server.conf, options->psk_str->x, + options->psk_str->len, + (const unsigned char *) psk_identity, + strlen(psk_identity)) == 0); + + mbedtls_ssl_conf_psk_cb(&server.conf, psk_dummy_callback, NULL); } #endif #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( options->renegotiate ) - { - mbedtls_ssl_conf_renegotiation( &(server.conf), - MBEDTLS_SSL_RENEGOTIATION_ENABLED ); - mbedtls_ssl_conf_renegotiation( &(client.conf), - MBEDTLS_SSL_RENEGOTIATION_ENABLED ); - - mbedtls_ssl_conf_legacy_renegotiation( &(server.conf), - options->legacy_renegotiation ); - mbedtls_ssl_conf_legacy_renegotiation( &(client.conf), - options->legacy_renegotiation ); + if (options->renegotiate) { + mbedtls_ssl_conf_renegotiation(&(server.conf), + MBEDTLS_SSL_RENEGOTIATION_ENABLED); + mbedtls_ssl_conf_renegotiation(&(client.conf), + MBEDTLS_SSL_RENEGOTIATION_ENABLED); + + mbedtls_ssl_conf_legacy_renegotiation(&(server.conf), + options->legacy_renegotiation); + mbedtls_ssl_conf_legacy_renegotiation(&(client.conf), + options->legacy_renegotiation); } #endif /* MBEDTLS_SSL_RENEGOTIATION */ -#if defined (MBEDTLS_DEBUG_C) - if( options->srv_log_fun ) - { - mbedtls_debug_set_threshold( 4 ); - mbedtls_ssl_conf_dbg( &server.conf, options->srv_log_fun, - options->srv_log_obj ); +#if defined(MBEDTLS_DEBUG_C) + if (options->srv_log_fun) { + mbedtls_debug_set_threshold(4); + mbedtls_ssl_conf_dbg(&server.conf, options->srv_log_fun, + options->srv_log_obj); } #endif - TEST_ASSERT( mbedtls_mock_socket_connect( &(client.socket), - &(server.socket), - BUFFSIZE ) == 0 ); + TEST_ASSERT(mbedtls_mock_socket_connect(&(client.socket), + &(server.socket), + BUFFSIZE) == 0); #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if( options->resize_buffers != 0 ) - { + if (options->resize_buffers != 0) { /* Ensure that the buffer sizes are appropriate before resizes */ - TEST_ASSERT( client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN ); - TEST_ASSERT( client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN ); - TEST_ASSERT( server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN ); - TEST_ASSERT( server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN ); + TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); } #endif - if( options->expected_negotiated_version == TEST_SSL_MINOR_VERSION_NONE ) - { + if (options->expected_negotiated_version == TEST_SSL_MINOR_VERSION_NONE) { expected_handshake_result = MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; } - TEST_ASSERT( mbedtls_move_handshake_to_state( &(client.ssl), - &(server.ssl), - MBEDTLS_SSL_HANDSHAKE_OVER ) - == expected_handshake_result ); + TEST_ASSERT(mbedtls_move_handshake_to_state(&(client.ssl), + &(server.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER) + == expected_handshake_result); - if( expected_handshake_result != 0 ) - { + if (expected_handshake_result != 0) { /* Connection will have failed by this point, skip to cleanup */ goto exit; } - TEST_ASSERT( client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER ); - TEST_ASSERT( server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER ); + TEST_ASSERT(client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER); + TEST_ASSERT(server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER); /* Check that we agree on the version... */ - TEST_ASSERT( client.ssl.minor_ver == server.ssl.minor_ver ); + TEST_ASSERT(client.ssl.minor_ver == server.ssl.minor_ver); /* And check that the version negotiated is the expected one. */ - TEST_EQUAL( client.ssl.minor_ver, options->expected_negotiated_version ); + TEST_EQUAL(client.ssl.minor_ver, options->expected_negotiated_version); #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if( options->resize_buffers != 0 ) - { - if( options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_0 && - options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_1 ) - { + if (options->resize_buffers != 0) { + if (options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_0 && + options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_1) { /* A server, when using DTLS, might delay a buffer resize to happen * after it receives a message, so we force it. */ - TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 ); - - TEST_ASSERT( client.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen( &client.ssl ) ); - TEST_ASSERT( client.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen( &client.ssl ) ); - TEST_ASSERT( server.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen( &server.ssl ) ); - TEST_ASSERT( server.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen( &server.ssl ) ); + TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); + + TEST_ASSERT(client.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&client.ssl)); + TEST_ASSERT(client.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&client.ssl)); + TEST_ASSERT(server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&server.ssl)); + TEST_ASSERT(server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&server.ssl)); } } #endif - if( options->cli_msg_len != 0 || options->srv_msg_len != 0 ) - { + if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { /* Start data exchanging test */ - TEST_ASSERT( mbedtls_exchange_data( &(client.ssl), options->cli_msg_len, - options->expected_cli_fragments, - &(server.ssl), options->srv_msg_len, - options->expected_srv_fragments ) - == 0 ); + TEST_ASSERT(mbedtls_exchange_data(&(client.ssl), options->cli_msg_len, + options->expected_cli_fragments, + &(server.ssl), options->srv_msg_len, + options->expected_srv_fragments) + == 0); } #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( options->serialize == 1 ) - { - TEST_ASSERT( options->dtls == 1 ); + if (options->serialize == 1) { + TEST_ASSERT(options->dtls == 1); - TEST_ASSERT( mbedtls_ssl_context_save( &(server.ssl), NULL, - 0, &context_buf_len ) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), NULL, + 0, &context_buf_len) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); - context_buf = mbedtls_calloc( 1, context_buf_len ); - TEST_ASSERT( context_buf != NULL ); + context_buf = mbedtls_calloc(1, context_buf_len); + TEST_ASSERT(context_buf != NULL); - TEST_ASSERT( mbedtls_ssl_context_save( &(server.ssl), context_buf, - context_buf_len, - &context_buf_len ) == 0 ); + TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), context_buf, + context_buf_len, + &context_buf_len) == 0); - mbedtls_ssl_free( &(server.ssl) ); - mbedtls_ssl_init( &(server.ssl) ); + mbedtls_ssl_free(&(server.ssl)); + mbedtls_ssl_init(&(server.ssl)); - TEST_ASSERT( mbedtls_ssl_setup( &(server.ssl), &(server.conf) ) == 0 ); + TEST_ASSERT(mbedtls_ssl_setup(&(server.ssl), &(server.conf)) == 0); - mbedtls_ssl_set_bio( &( server.ssl ), &server_context, - mbedtls_mock_tcp_send_msg, - mbedtls_mock_tcp_recv_msg, - NULL ); + mbedtls_ssl_set_bio(&(server.ssl), &server_context, + mbedtls_mock_tcp_send_msg, + mbedtls_mock_tcp_recv_msg, + NULL); #if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #endif #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if( options->resize_buffers != 0 ) - { + if (options->resize_buffers != 0) { /* Ensure that the buffer sizes are appropriate before resizes */ - TEST_ASSERT( server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN ); - TEST_ASSERT( server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN ); + TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); } #endif - TEST_ASSERT( mbedtls_ssl_context_load( &( server.ssl ), context_buf, - context_buf_len ) == 0 ); + TEST_ASSERT(mbedtls_ssl_context_load(&(server.ssl), context_buf, + context_buf_len) == 0); #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) /* Validate buffer sizes after context deserialization */ - if( options->resize_buffers != 0 ) - { - TEST_ASSERT( server.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen( &server.ssl ) ); - TEST_ASSERT( server.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen( &server.ssl ) ); + if (options->resize_buffers != 0) { + TEST_ASSERT(server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&server.ssl)); + TEST_ASSERT(server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&server.ssl)); } #endif /* Retest writing/reading */ - if( options->cli_msg_len != 0 || options->srv_msg_len != 0 ) - { - TEST_ASSERT( mbedtls_exchange_data( &(client.ssl), - options->cli_msg_len, - options->expected_cli_fragments, - &(server.ssl), - options->srv_msg_len, - options->expected_srv_fragments ) - == 0 ); + if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { + TEST_ASSERT(mbedtls_exchange_data(&(client.ssl), + options->cli_msg_len, + options->expected_cli_fragments, + &(server.ssl), + options->srv_msg_len, + options->expected_srv_fragments) + == 0); } } #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( options->renegotiate ) - { + if (options->renegotiate) { /* Start test with renegotiation */ - TEST_ASSERT( server.ssl.renego_status == - MBEDTLS_SSL_INITIAL_HANDSHAKE ); - TEST_ASSERT( client.ssl.renego_status == - MBEDTLS_SSL_INITIAL_HANDSHAKE ); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_INITIAL_HANDSHAKE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_INITIAL_HANDSHAKE); /* After calling this function for the server, it only sends a handshake * request. All renegotiation should happen during data exchanging */ - TEST_ASSERT( mbedtls_ssl_renegotiate( &(server.ssl) ) == 0 ); - TEST_ASSERT( server.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_PENDING ); - TEST_ASSERT( client.ssl.renego_status == - MBEDTLS_SSL_INITIAL_HANDSHAKE ); - - TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 ); - TEST_ASSERT( server.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE ); - TEST_ASSERT( client.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE ); + TEST_ASSERT(mbedtls_ssl_renegotiate(&(server.ssl)) == 0); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_PENDING); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_INITIAL_HANDSHAKE); + + TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); /* After calling mbedtls_ssl_renegotiate for the client all renegotiation * should happen inside this function. However in this test, we cannot * perform simultaneous communication between client and server so this * function will return waiting error on the socket. All rest of * renegotiation should happen during data exchanging */ - ret = mbedtls_ssl_renegotiate( &(client.ssl) ); + ret = mbedtls_ssl_renegotiate(&(client.ssl)); #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if( options->resize_buffers != 0 ) - { + if (options->resize_buffers != 0) { /* Ensure that the buffer sizes are appropriate before resizes */ - TEST_ASSERT( client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN ); - TEST_ASSERT( client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN ); + TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); } #endif - TEST_ASSERT( ret == 0 || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - TEST_ASSERT( server.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE ); - TEST_ASSERT( client.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ); - - TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 ); - TEST_ASSERT( server.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE ); - TEST_ASSERT( client.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE ); + TEST_ASSERT(ret == 0 || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS); + + TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) /* Validate buffer sizes after renegotiation */ - if( options->resize_buffers != 0 ) - { - TEST_ASSERT( client.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen( &client.ssl ) ); - TEST_ASSERT( client.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen( &client.ssl ) ); - TEST_ASSERT( server.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen( &server.ssl ) ); - TEST_ASSERT( server.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen( &server.ssl ) ); + if (options->resize_buffers != 0) { + TEST_ASSERT(client.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&client.ssl)); + TEST_ASSERT(client.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&client.ssl)); + TEST_ASSERT(server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&server.ssl)); + TEST_ASSERT(server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&server.ssl)); } #endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ } #endif /* MBEDTLS_SSL_RENEGOTIATION */ exit: - mbedtls_endpoint_free( &client, options->dtls != 0 ? &client_context : NULL ); - mbedtls_endpoint_free( &server, options->dtls != 0 ? &server_context : NULL ); -#if defined (MBEDTLS_DEBUG_C) - if( options->cli_log_fun || options->srv_log_fun ) - { - mbedtls_debug_set_threshold( 0 ); + mbedtls_endpoint_free(&client, options->dtls != 0 ? &client_context : NULL); + mbedtls_endpoint_free(&server, options->dtls != 0 ? &server_context : NULL); +#if defined(MBEDTLS_DEBUG_C) + if (options->cli_log_fun || options->srv_log_fun) { + mbedtls_debug_set_threshold(0); } #endif #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( context_buf != NULL ) - mbedtls_free( context_buf ); + if (context_buf != NULL) { + mbedtls_free(context_buf); + } #endif } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ @@ -2109,56 +2010,56 @@ void test_callback_buffer_sanity() unsigned char input[MSGLEN]; unsigned char output[MSGLEN]; - memset( input, 0, sizeof( input ) ); + memset(input, 0, sizeof(input)); /* Make sure calling put and get on NULL buffer results in error. */ - TEST_ASSERT( mbedtls_test_buffer_put( NULL, input, sizeof( input ) ) - == -1 ); - TEST_ASSERT( mbedtls_test_buffer_get( NULL, output, sizeof( output ) ) - == -1 ); - TEST_ASSERT( mbedtls_test_buffer_put( NULL, NULL, sizeof( input ) ) == -1 ); + TEST_ASSERT(mbedtls_test_buffer_put(NULL, input, sizeof(input)) + == -1); + TEST_ASSERT(mbedtls_test_buffer_get(NULL, output, sizeof(output)) + == -1); + TEST_ASSERT(mbedtls_test_buffer_put(NULL, NULL, sizeof(input)) == -1); - TEST_ASSERT( mbedtls_test_buffer_put( NULL, NULL, 0 ) == -1 ); - TEST_ASSERT( mbedtls_test_buffer_get( NULL, NULL, 0 ) == -1 ); + TEST_ASSERT(mbedtls_test_buffer_put(NULL, NULL, 0) == -1); + TEST_ASSERT(mbedtls_test_buffer_get(NULL, NULL, 0) == -1); /* Make sure calling put and get on a buffer that hasn't been set up results * in error. */ - mbedtls_test_buffer_init( &buf ); + mbedtls_test_buffer_init(&buf); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, sizeof( input ) ) == -1 ); - TEST_ASSERT( mbedtls_test_buffer_get( &buf, output, sizeof( output ) ) - == -1 ); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, sizeof( input ) ) == -1 ); + TEST_ASSERT(mbedtls_test_buffer_put(&buf, input, sizeof(input)) == -1); + TEST_ASSERT(mbedtls_test_buffer_get(&buf, output, sizeof(output)) + == -1); + TEST_ASSERT(mbedtls_test_buffer_put(&buf, NULL, sizeof(input)) == -1); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, 0 ) == -1 ); - TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, 0 ) == -1 ); + TEST_ASSERT(mbedtls_test_buffer_put(&buf, NULL, 0) == -1); + TEST_ASSERT(mbedtls_test_buffer_get(&buf, NULL, 0) == -1); /* Make sure calling put and get on NULL input only results in * error if the length is not zero, and that a NULL output is valid for data * dropping. */ - TEST_ASSERT( mbedtls_test_buffer_setup( &buf, sizeof( input ) ) == 0 ); + TEST_ASSERT(mbedtls_test_buffer_setup(&buf, sizeof(input)) == 0); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, sizeof( input ) ) == -1 ); - TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, sizeof( output ) ) - == 0 ); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, 0 ) == 0 ); - TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, 0 ) == 0 ); + TEST_ASSERT(mbedtls_test_buffer_put(&buf, NULL, sizeof(input)) == -1); + TEST_ASSERT(mbedtls_test_buffer_get(&buf, NULL, sizeof(output)) + == 0); + TEST_ASSERT(mbedtls_test_buffer_put(&buf, NULL, 0) == 0); + TEST_ASSERT(mbedtls_test_buffer_get(&buf, NULL, 0) == 0); /* Make sure calling put several times in the row is safe */ - TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, sizeof( input ) ) - == sizeof( input ) ); - TEST_ASSERT( mbedtls_test_buffer_get( &buf, output, 2 ) == 2 ); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, 2 ) == 1 ); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, 2 ) == 0 ); + TEST_ASSERT(mbedtls_test_buffer_put(&buf, input, sizeof(input)) + == sizeof(input)); + TEST_ASSERT(mbedtls_test_buffer_get(&buf, output, 2) == 2); + TEST_ASSERT(mbedtls_test_buffer_put(&buf, input, 1) == 1); + TEST_ASSERT(mbedtls_test_buffer_put(&buf, input, 2) == 1); + TEST_ASSERT(mbedtls_test_buffer_put(&buf, input, 2) == 0); exit: - mbedtls_test_buffer_free( &buf ); + mbedtls_test_buffer_free(&buf); } /* END_CASE */ @@ -2176,9 +2077,9 @@ exit: */ /* BEGIN_CASE */ -void test_callback_buffer( int size, int put1, int put1_ret, - int get1, int get1_ret, int put2, int put2_ret, - int get2, int get2_ret ) +void test_callback_buffer(int size, int put1, int put1_ret, + int get1, int get1_ret, int put2, int put2_ret, + int get2, int get2_ret) { enum { ROUNDS = 2 }; size_t put[ROUNDS]; @@ -2186,96 +2087,91 @@ void test_callback_buffer( int size, int put1, int put1_ret, size_t get[ROUNDS]; int get_ret[ROUNDS]; mbedtls_test_buffer buf; - unsigned char* input = NULL; + unsigned char *input = NULL; size_t input_len; - unsigned char* output = NULL; + unsigned char *output = NULL; size_t output_len; size_t i, j, written, read; - mbedtls_test_buffer_init( &buf ); - TEST_ASSERT( mbedtls_test_buffer_setup( &buf, size ) == 0 ); + mbedtls_test_buffer_init(&buf); + TEST_ASSERT(mbedtls_test_buffer_setup(&buf, size) == 0); /* Check the sanity of input parameters and initialise local variables. That * is, ensure that the amount of data is not negative and that we are not * expecting more to put or get than we actually asked for. */ - TEST_ASSERT( put1 >= 0 ); + TEST_ASSERT(put1 >= 0); put[0] = put1; put_ret[0] = put1_ret; - TEST_ASSERT( put1_ret <= put1 ); - TEST_ASSERT( put2 >= 0 ); + TEST_ASSERT(put1_ret <= put1); + TEST_ASSERT(put2 >= 0); put[1] = put2; put_ret[1] = put2_ret; - TEST_ASSERT( put2_ret <= put2 ); + TEST_ASSERT(put2_ret <= put2); - TEST_ASSERT( get1 >= 0 ); + TEST_ASSERT(get1 >= 0); get[0] = get1; get_ret[0] = get1_ret; - TEST_ASSERT( get1_ret <= get1 ); - TEST_ASSERT( get2 >= 0 ); + TEST_ASSERT(get1_ret <= get1); + TEST_ASSERT(get2 >= 0); get[1] = get2; get_ret[1] = get2_ret; - TEST_ASSERT( get2_ret <= get2 ); + TEST_ASSERT(get2_ret <= get2); input_len = 0; /* Calculate actual input and output lengths */ - for( j = 0; j < ROUNDS; j++ ) - { - if( put_ret[j] > 0 ) - { + for (j = 0; j < ROUNDS; j++) { + if (put_ret[j] > 0) { input_len += put_ret[j]; } } /* In order to always have a valid pointer we always allocate at least 1 * byte. */ - if( input_len == 0 ) + if (input_len == 0) { input_len = 1; - ASSERT_ALLOC( input, input_len ); + } + ASSERT_ALLOC(input, input_len); output_len = 0; - for( j = 0; j < ROUNDS; j++ ) - { - if( get_ret[j] > 0 ) - { + for (j = 0; j < ROUNDS; j++) { + if (get_ret[j] > 0) { output_len += get_ret[j]; } } - TEST_ASSERT( output_len <= input_len ); + TEST_ASSERT(output_len <= input_len); /* In order to always have a valid pointer we always allocate at least 1 * byte. */ - if( output_len == 0 ) + if (output_len == 0) { output_len = 1; - ASSERT_ALLOC( output, output_len ); + } + ASSERT_ALLOC(output, output_len); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < input_len; i++ ) - { + for (i = 0; i < input_len; i++) { input[i] = i & 0xFF; } written = read = 0; - for( j = 0; j < ROUNDS; j++ ) - { - TEST_ASSERT( put_ret[j] == mbedtls_test_buffer_put( &buf, - input + written, put[j] ) ); + for (j = 0; j < ROUNDS; j++) { + TEST_ASSERT(put_ret[j] == mbedtls_test_buffer_put(&buf, + input + written, put[j])); written += put_ret[j]; - TEST_ASSERT( get_ret[j] == mbedtls_test_buffer_get( &buf, - output + read, get[j] ) ); + TEST_ASSERT(get_ret[j] == mbedtls_test_buffer_get(&buf, + output + read, get[j])); read += get_ret[j]; - TEST_ASSERT( read <= written ); - if( get_ret[j] > 0 ) - { - TEST_ASSERT( memcmp( output + read - get_ret[j], - input + read - get_ret[j], get_ret[j] ) - == 0 ); + TEST_ASSERT(read <= written); + if (get_ret[j] > 0) { + TEST_ASSERT(memcmp(output + read - get_ret[j], + input + read - get_ret[j], get_ret[j]) + == 0); } } exit: - mbedtls_free( input ); - mbedtls_free( output ); - mbedtls_test_buffer_free( &buf ); + mbedtls_free(input); + mbedtls_free(output); + mbedtls_test_buffer_free(&buf); } /* END_CASE */ @@ -2285,30 +2181,30 @@ exit: */ /* BEGIN_CASE */ -void ssl_mock_sanity( ) +void ssl_mock_sanity() { enum { MSGLEN = 105 }; unsigned char message[MSGLEN] = { 0 }; unsigned char received[MSGLEN] = { 0 }; mbedtls_mock_socket socket; - mbedtls_mock_socket_init( &socket ); - TEST_ASSERT( mbedtls_mock_tcp_send_b( &socket, message, MSGLEN ) < 0 ); - mbedtls_mock_socket_close( &socket ); - mbedtls_mock_socket_init( &socket ); - TEST_ASSERT( mbedtls_mock_tcp_recv_b( &socket, received, MSGLEN ) < 0 ); - mbedtls_mock_socket_close( &socket ); + mbedtls_mock_socket_init(&socket); + TEST_ASSERT(mbedtls_mock_tcp_send_b(&socket, message, MSGLEN) < 0); + mbedtls_mock_socket_close(&socket); + mbedtls_mock_socket_init(&socket); + TEST_ASSERT(mbedtls_mock_tcp_recv_b(&socket, received, MSGLEN) < 0); + mbedtls_mock_socket_close(&socket); - mbedtls_mock_socket_init( &socket ); - TEST_ASSERT( mbedtls_mock_tcp_send_nb( &socket, message, MSGLEN ) < 0 ); - mbedtls_mock_socket_close( &socket ); - mbedtls_mock_socket_init( &socket ); - TEST_ASSERT( mbedtls_mock_tcp_recv_nb( &socket, received, MSGLEN ) < 0 ); - mbedtls_mock_socket_close( &socket ); + mbedtls_mock_socket_init(&socket); + TEST_ASSERT(mbedtls_mock_tcp_send_nb(&socket, message, MSGLEN) < 0); + mbedtls_mock_socket_close(&socket); + mbedtls_mock_socket_init(&socket); + TEST_ASSERT(mbedtls_mock_tcp_recv_nb(&socket, received, MSGLEN) < 0); + mbedtls_mock_socket_close(&socket); exit: - mbedtls_mock_socket_close( &socket ); + mbedtls_mock_socket_close(&socket); } /* END_CASE */ @@ -2318,7 +2214,7 @@ exit: */ /* BEGIN_CASE */ -void ssl_mock_tcp( int blocking ) +void ssl_mock_tcp(int blocking) { enum { MSGLEN = 105 }; enum { BUFLEN = MSGLEN / 5 }; @@ -2332,94 +2228,76 @@ void ssl_mock_tcp( int blocking ) mbedtls_ssl_recv_t *recv; unsigned i; - if( blocking == 0 ) - { + if (blocking == 0) { send = mbedtls_mock_tcp_send_nb; recv = mbedtls_mock_tcp_recv_nb; - } - else - { + } else { send = mbedtls_mock_tcp_send_b; recv = mbedtls_mock_tcp_recv_b; } - mbedtls_mock_socket_init( &client ); - mbedtls_mock_socket_init( &server ); + mbedtls_mock_socket_init(&client); + mbedtls_mock_socket_init(&server); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } /* Make sure that sending a message takes a few iterations. */ - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, BUFLEN ) ); + TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, BUFLEN)); /* Send the message to the server */ send_ret = recv_ret = 1; written = read = 0; - while( send_ret != 0 || recv_ret != 0 ) - { - send_ret = send( &client, message + written, MSGLEN - written ); + while (send_ret != 0 || recv_ret != 0) { + send_ret = send(&client, message + written, MSGLEN - written); - TEST_ASSERT( send_ret >= 0 ); - TEST_ASSERT( send_ret <= BUFLEN ); + TEST_ASSERT(send_ret >= 0); + TEST_ASSERT(send_ret <= BUFLEN); written += send_ret; /* If the buffer is full we can test blocking and non-blocking send */ - if ( send_ret == BUFLEN ) - { - int blocking_ret = send( &client, message , 1 ); - if ( blocking ) - { - TEST_ASSERT( blocking_ret == 0 ); - } - else - { - TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + if (send_ret == BUFLEN) { + int blocking_ret = send(&client, message, 1); + if (blocking) { + TEST_ASSERT(blocking_ret == 0); + } else { + TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE); } } - recv_ret = recv( &server, received + read, MSGLEN - read ); + recv_ret = recv(&server, received + read, MSGLEN - read); /* The result depends on whether any data was sent */ - if ( send_ret > 0 ) - { - TEST_ASSERT( recv_ret > 0 ); - TEST_ASSERT( recv_ret <= BUFLEN ); + if (send_ret > 0) { + TEST_ASSERT(recv_ret > 0); + TEST_ASSERT(recv_ret <= BUFLEN); read += recv_ret; - } - else if( blocking ) - { - TEST_ASSERT( recv_ret == 0 ); - } - else - { - TEST_ASSERT( recv_ret == MBEDTLS_ERR_SSL_WANT_READ ); + } else if (blocking) { + TEST_ASSERT(recv_ret == 0); + } else { + TEST_ASSERT(recv_ret == MBEDTLS_ERR_SSL_WANT_READ); recv_ret = 0; } /* If the buffer is empty we can test blocking and non-blocking read */ - if ( recv_ret == BUFLEN ) - { - int blocking_ret = recv( &server, received, 1 ); - if ( blocking ) - { - TEST_ASSERT( blocking_ret == 0 ); - } - else - { - TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_READ ); + if (recv_ret == BUFLEN) { + int blocking_ret = recv(&server, received, 1); + if (blocking) { + TEST_ASSERT(blocking_ret == 0); + } else { + TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_READ); } } } - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); exit: - mbedtls_mock_socket_close( &client ); - mbedtls_mock_socket_close( &server ); + mbedtls_mock_socket_close(&client); + mbedtls_mock_socket_close(&server); } /* END_CASE */ @@ -2430,7 +2308,7 @@ exit: */ /* BEGIN_CASE */ -void ssl_mock_tcp_interleaving( int blocking ) +void ssl_mock_tcp_interleaving(int blocking) { enum { ROUNDS = 2 }; enum { MSGLEN = 105 }; @@ -2447,305 +2325,283 @@ void ssl_mock_tcp_interleaving( int blocking ) mbedtls_ssl_send_t *send; mbedtls_ssl_recv_t *recv; - if( blocking == 0 ) - { + if (blocking == 0) { send = mbedtls_mock_tcp_send_nb; recv = mbedtls_mock_tcp_recv_nb; - } - else - { + } else { send = mbedtls_mock_tcp_send_b; recv = mbedtls_mock_tcp_recv_b; } - mbedtls_mock_socket_init( &client ); - mbedtls_mock_socket_init( &server ); + mbedtls_mock_socket_init(&client); + mbedtls_mock_socket_init(&server); /* Fill up the buffers with structured data so that unwanted changes * can be detected */ - for( i = 0; i < ROUNDS; i++ ) - { - for( j = 0; j < MSGLEN; j++ ) - { - message[i][j] = ( i * MSGLEN + j ) & 0xFF; + for (i = 0; i < ROUNDS; i++) { + for (j = 0; j < MSGLEN; j++) { + message[i][j] = (i * MSGLEN + j) & 0xFF; } } /* Make sure that sending a message takes a few iterations. */ - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, BUFLEN ) ); + TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, BUFLEN)); /* Send the message from both sides, interleaving. */ progress = 1; - for( i = 0; i < ROUNDS; i++ ) - { + for (i = 0; i < ROUNDS; i++) { written[i] = 0; read[i] = 0; } /* This loop does not stop as long as there was a successful write or read * of at least one byte on either side. */ - while( progress != 0 ) - { + while (progress != 0) { mbedtls_mock_socket *socket; - for( i = 0; i < ROUNDS; i++ ) - { + for (i = 0; i < ROUNDS; i++) { /* First sending is from the client */ - socket = ( i % 2 == 0 ) ? ( &client ) : ( &server ); + socket = (i % 2 == 0) ? (&client) : (&server); - send_ret[i] = send( socket, message[i] + written[i], - MSGLEN - written[i] ); - TEST_ASSERT( send_ret[i] >= 0 ); - TEST_ASSERT( send_ret[i] <= BUFLEN ); + send_ret[i] = send(socket, message[i] + written[i], + MSGLEN - written[i]); + TEST_ASSERT(send_ret[i] >= 0); + TEST_ASSERT(send_ret[i] <= BUFLEN); written[i] += send_ret[i]; /* If the buffer is full we can test blocking and non-blocking * send */ - if ( send_ret[i] == BUFLEN ) - { - int blocking_ret = send( socket, message[i] , 1 ); - if ( blocking ) - { - TEST_ASSERT( blocking_ret == 0 ); - } - else - { - TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + if (send_ret[i] == BUFLEN) { + int blocking_ret = send(socket, message[i], 1); + if (blocking) { + TEST_ASSERT(blocking_ret == 0); + } else { + TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE); } } } - for( i = 0; i < ROUNDS; i++ ) - { + for (i = 0; i < ROUNDS; i++) { /* First receiving is from the server */ - socket = ( i % 2 == 0 ) ? ( &server ) : ( &client ); + socket = (i % 2 == 0) ? (&server) : (&client); - recv_ret[i] = recv( socket, received[i] + read[i], - MSGLEN - read[i] ); + recv_ret[i] = recv(socket, received[i] + read[i], + MSGLEN - read[i]); /* The result depends on whether any data was sent */ - if ( send_ret[i] > 0 ) - { - TEST_ASSERT( recv_ret[i] > 0 ); - TEST_ASSERT( recv_ret[i] <= BUFLEN ); + if (send_ret[i] > 0) { + TEST_ASSERT(recv_ret[i] > 0); + TEST_ASSERT(recv_ret[i] <= BUFLEN); read[i] += recv_ret[i]; - } - else if( blocking ) - { - TEST_ASSERT( recv_ret[i] == 0 ); - } - else - { - TEST_ASSERT( recv_ret[i] == MBEDTLS_ERR_SSL_WANT_READ ); + } else if (blocking) { + TEST_ASSERT(recv_ret[i] == 0); + } else { + TEST_ASSERT(recv_ret[i] == MBEDTLS_ERR_SSL_WANT_READ); recv_ret[i] = 0; } /* If the buffer is empty we can test blocking and non-blocking * read */ - if ( recv_ret[i] == BUFLEN ) - { - int blocking_ret = recv( socket, received[i], 1 ); - if ( blocking ) - { - TEST_ASSERT( blocking_ret == 0 ); - } - else - { - TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_READ ); + if (recv_ret[i] == BUFLEN) { + int blocking_ret = recv(socket, received[i], 1); + if (blocking) { + TEST_ASSERT(blocking_ret == 0); + } else { + TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_READ); } } } progress = 0; - for( i = 0; i < ROUNDS; i++ ) - { + for (i = 0; i < ROUNDS; i++) { progress += send_ret[i] + recv_ret[i]; } } - for( i = 0; i < ROUNDS; i++ ) - TEST_ASSERT( memcmp( message[i], received[i], MSGLEN ) == 0 ); + for (i = 0; i < ROUNDS; i++) { + TEST_ASSERT(memcmp(message[i], received[i], MSGLEN) == 0); + } exit: - mbedtls_mock_socket_close( &client ); - mbedtls_mock_socket_close( &server ); + mbedtls_mock_socket_close(&client); + mbedtls_mock_socket_close(&server); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_queue_sanity( ) +void ssl_message_queue_sanity() { mbedtls_test_message_queue queue; /* Trying to push/pull to an empty queue */ - TEST_ASSERT( mbedtls_test_message_queue_push_info( NULL, 1 ) - == MBEDTLS_TEST_ERROR_ARG_NULL ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( NULL, 1 ) - == MBEDTLS_TEST_ERROR_ARG_NULL ); + TEST_ASSERT(mbedtls_test_message_queue_push_info(NULL, 1) + == MBEDTLS_TEST_ERROR_ARG_NULL); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(NULL, 1) + == MBEDTLS_TEST_ERROR_ARG_NULL); - TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 ); - TEST_ASSERT( queue.capacity == 3 ); - TEST_ASSERT( queue.num == 0 ); + TEST_ASSERT(mbedtls_test_message_queue_setup(&queue, 3) == 0); + TEST_ASSERT(queue.capacity == 3); + TEST_ASSERT(queue.num == 0); exit: - mbedtls_test_message_queue_free( &queue ); + mbedtls_test_message_queue_free(&queue); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_queue_basic( ) +void ssl_message_queue_basic() { mbedtls_test_message_queue queue; - TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 ); + TEST_ASSERT(mbedtls_test_message_queue_setup(&queue, 3) == 0); /* Sanity test - 3 pushes and 3 pops with sufficient space */ - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); - TEST_ASSERT( queue.capacity == 3 ); - TEST_ASSERT( queue.num == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); - TEST_ASSERT( queue.capacity == 3 ); - TEST_ASSERT( queue.num == 2 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 ); - TEST_ASSERT( queue.capacity == 3 ); - TEST_ASSERT( queue.num == 3 ); - - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 ); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(queue.capacity == 3); + TEST_ASSERT(queue.num == 1); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(queue.capacity == 3); + TEST_ASSERT(queue.num == 2); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 2) == 2); + TEST_ASSERT(queue.capacity == 3); + TEST_ASSERT(queue.num == 3); + + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 2) == 2); exit: - mbedtls_test_message_queue_free( &queue ); + mbedtls_test_message_queue_free(&queue); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_queue_overflow_underflow( ) +void ssl_message_queue_overflow_underflow() { mbedtls_test_message_queue queue; - TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 ); + TEST_ASSERT(mbedtls_test_message_queue_setup(&queue, 3) == 0); /* 4 pushes (last one with an error), 4 pops (last one with an error) */ - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 3 ) - == MBEDTLS_ERR_SSL_WANT_WRITE ); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 2) == 2); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 3) + == MBEDTLS_ERR_SSL_WANT_WRITE); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 ); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 2) == 2); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) - == MBEDTLS_ERR_SSL_WANT_READ ); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) + == MBEDTLS_ERR_SSL_WANT_READ); exit: - mbedtls_test_message_queue_free( &queue ); + mbedtls_test_message_queue_free(&queue); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_queue_interleaved( ) +void ssl_message_queue_interleaved() { mbedtls_test_message_queue queue; - TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 ); + TEST_ASSERT(mbedtls_test_message_queue_setup(&queue, 3) == 0); /* Interleaved test - [2 pushes, 1 pop] twice, and then two pops * (to wrap around the buffer) */ - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 1) == 1); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) == 1); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 3 ) == 3 ); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 2) == 2); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 3) == 3); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 ); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 2) == 2); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 5 ) == 5 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 8 ) == 8 ); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 5) == 5); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 8) == 8); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 3 ) == 3 ); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 3) == 3); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 5 ) == 5 ); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 5) == 5); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 8 ) == 8 ); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 8) == 8); exit: - mbedtls_test_message_queue_free( &queue ); + mbedtls_test_message_queue_free(&queue); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_queue_insufficient_buffer( ) +void ssl_message_queue_insufficient_buffer() { mbedtls_test_message_queue queue; size_t message_len = 10; size_t buffer_len = 5; - TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 1 ) == 0 ); + TEST_ASSERT(mbedtls_test_message_queue_setup(&queue, 1) == 0); /* Popping without a sufficient buffer */ - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, message_len ) - == (int) message_len ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, buffer_len ) - == (int) buffer_len ); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, message_len) + == (int) message_len); + TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, buffer_len) + == (int) buffer_len); exit: - mbedtls_test_message_queue_free( &queue ); + mbedtls_test_message_queue_free(&queue); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_uninitialized( ) +void ssl_message_mock_uninitialized() { enum { MSGLEN = 10 }; - unsigned char message[MSGLEN] = {0}, received[MSGLEN]; + unsigned char message[MSGLEN] = { 0 }, received[MSGLEN]; mbedtls_mock_socket client, server; mbedtls_test_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); + mbedtls_message_socket_init(&server_context); + mbedtls_message_socket_init(&client_context); /* Send with a NULL context */ - TEST_ASSERT( mbedtls_mock_tcp_send_msg( NULL, message, MSGLEN ) - == MBEDTLS_TEST_ERROR_CONTEXT_ERROR ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(NULL, message, MSGLEN) + == MBEDTLS_TEST_ERROR_CONTEXT_ERROR); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( NULL, message, MSGLEN ) - == MBEDTLS_TEST_ERROR_CONTEXT_ERROR ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(NULL, message, MSGLEN) + == MBEDTLS_TEST_ERROR_CONTEXT_ERROR); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 1, - &server, - &server_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 1, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 1, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 1, + &client, + &client_context) == 0); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, MSGLEN ) - == MBEDTLS_TEST_ERROR_SEND_FAILED ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, MSGLEN) + == MBEDTLS_TEST_ERROR_SEND_FAILED); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MBEDTLS_ERR_SSL_WANT_READ ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + == MBEDTLS_ERR_SSL_WANT_READ); /* Push directly to a queue to later simulate a disconnected behavior */ - TEST_ASSERT( mbedtls_test_message_queue_push_info( &server_queue, MSGLEN ) - == MSGLEN ); + TEST_ASSERT(mbedtls_test_message_queue_push_info(&server_queue, MSGLEN) + == MSGLEN); /* Test if there's an error when trying to read from a disconnected * socket */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MBEDTLS_TEST_ERROR_RECV_FAILED ); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + == MBEDTLS_TEST_ERROR_RECV_FAILED); +exit: + mbedtls_message_socket_close(&server_context); + mbedtls_message_socket_close(&client_context); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_basic( ) +void ssl_message_mock_basic() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; @@ -2753,54 +2609,53 @@ void ssl_message_mock_basic( ) unsigned i; mbedtls_test_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); + mbedtls_message_socket_init(&server_context); + mbedtls_message_socket_init(&client_context); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 1, - &server, - &server_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 1, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 1, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 1, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - MSGLEN ) ); + TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, + MSGLEN)); /* Send the message to the server */ - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); /* Read from the server */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); - memset( received, 0, MSGLEN ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); + memset(received, 0, MSGLEN); /* Send the message to the client */ - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &server_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&server_context, message, + MSGLEN) == MSGLEN); /* Read from the client */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, MSGLEN ) - == MSGLEN ); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&client_context, received, MSGLEN) + == MSGLEN); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); +exit: + mbedtls_message_socket_close(&server_context); + mbedtls_message_socket_close(&client_context); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_queue_overflow_underflow( ) +void ssl_message_mock_queue_overflow_underflow() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; @@ -2808,57 +2663,56 @@ void ssl_message_mock_queue_overflow_underflow( ) unsigned i; mbedtls_test_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); + mbedtls_message_socket_init(&server_context); + mbedtls_message_socket_init(&client_context); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 2, - &server, - &server_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 2, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 2, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 2, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - MSGLEN*2 ) ); + TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, + MSGLEN*2)); /* Send three message to the server, last one with an error */ - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN - 1 ) == MSGLEN - 1 ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN - 1) == MSGLEN - 1); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) - == MBEDTLS_ERR_SSL_WANT_WRITE ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MBEDTLS_ERR_SSL_WANT_WRITE); /* Read three messages from the server, last one with an error */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, - MSGLEN - 1 ) == MSGLEN - 1 ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, + MSGLEN - 1) == MSGLEN - 1); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MBEDTLS_ERR_SSL_WANT_READ ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + == MBEDTLS_ERR_SSL_WANT_READ); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); +exit: + mbedtls_message_socket_close(&server_context); + mbedtls_message_socket_close(&client_context); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_socket_overflow( ) +void ssl_message_mock_socket_overflow() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; @@ -2866,48 +2720,47 @@ void ssl_message_mock_socket_overflow( ) unsigned i; mbedtls_test_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); + mbedtls_message_socket_init(&server_context); + mbedtls_message_socket_init(&client_context); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 2, - &server, - &server_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 2, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 2, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 2, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - MSGLEN ) ); + TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, + MSGLEN)); /* Send two message to the server, second one with an error */ - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) - == MBEDTLS_TEST_ERROR_SEND_FAILED ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MBEDTLS_TEST_ERROR_SEND_FAILED); /* Read the only message from the server */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); +exit: + mbedtls_message_socket_close(&server_context); + mbedtls_message_socket_close(&client_context); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_truncated( ) +void ssl_message_mock_truncated() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; @@ -2915,58 +2768,57 @@ void ssl_message_mock_truncated( ) unsigned i; mbedtls_test_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); + mbedtls_message_socket_init(&server_context); + mbedtls_message_socket_init(&client_context); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 2, - &server, - &server_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 2, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 2, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 2, + &client, + &client_context) == 0); - memset( received, 0, MSGLEN ); + memset(received, 0, MSGLEN); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - 2 * MSGLEN ) ); + TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, + 2 * MSGLEN)); /* Send two messages to the server, the second one small enough to fit in the * receiver's buffer. */ - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN / 2 ) == MSGLEN / 2 ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN / 2) == MSGLEN / 2); /* Read a truncated message from the server */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN/2 ) - == MSGLEN/2 ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN/2) + == MSGLEN/2); /* Test that the first half of the message is valid, and second one isn't */ - TEST_ASSERT( memcmp( message, received, MSGLEN/2 ) == 0 ); - TEST_ASSERT( memcmp( message + MSGLEN/2, received + MSGLEN/2, MSGLEN/2 ) - != 0 ); - memset( received, 0, MSGLEN ); + TEST_ASSERT(memcmp(message, received, MSGLEN/2) == 0); + TEST_ASSERT(memcmp(message + MSGLEN/2, received + MSGLEN/2, MSGLEN/2) + != 0); + memset(received, 0, MSGLEN); /* Read a full message from the server */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN/2 ) - == MSGLEN / 2 ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN/2) + == MSGLEN / 2); /* Test that the first half of the message is valid */ - TEST_ASSERT( memcmp( message, received, MSGLEN/2 ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN/2) == 0); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); +exit: + mbedtls_message_socket_close(&server_context); + mbedtls_message_socket_close(&client_context); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_socket_read_error( ) +void ssl_message_mock_socket_read_error() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; @@ -2974,53 +2826,52 @@ void ssl_message_mock_socket_read_error( ) unsigned i; mbedtls_test_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); + mbedtls_message_socket_init(&server_context); + mbedtls_message_socket_init(&client_context); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 1, - &server, - &server_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 1, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 1, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 1, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - MSGLEN ) ); + TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, + MSGLEN)); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); /* Force a read error by disconnecting the socket by hand */ server.status = 0; - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MBEDTLS_TEST_ERROR_RECV_FAILED ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + == MBEDTLS_TEST_ERROR_RECV_FAILED); /* Return to a valid state */ server.status = MBEDTLS_MOCK_SOCKET_CONNECTED; - memset( received, 0, sizeof( received ) ); + memset(received, 0, sizeof(received)); /* Test that even though the server tried to read once disconnected, the * continuity is preserved */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); +exit: + mbedtls_message_socket_close(&server_context); + mbedtls_message_socket_close(&client_context); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_interleaved_one_way( ) +void ssl_message_mock_interleaved_one_way() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; @@ -3028,59 +2879,56 @@ void ssl_message_mock_interleaved_one_way( ) unsigned i; mbedtls_test_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); + mbedtls_message_socket_init(&server_context); + mbedtls_message_socket_init(&client_context); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 3, - &server, - &server_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 3, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 3, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 3, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - MSGLEN*3 ) ); + TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, + MSGLEN*3)); /* Interleaved test - [2 sends, 1 read] twice, and then two reads * (to wrap around the buffer) */ - for( i = 0; i < 2; i++ ) - { - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + for (i = 0; i < 2; i++) { + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, - MSGLEN ) == MSGLEN ); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); - memset( received, 0, sizeof( received ) ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); + memset(received, 0, sizeof(received)); } - for( i = 0; i < 2; i++ ) - { - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, - MSGLEN ) == MSGLEN ); + for (i = 0; i < 2; i++) { + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); } - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MBEDTLS_ERR_SSL_WANT_READ ); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + == MBEDTLS_ERR_SSL_WANT_READ); +exit: + mbedtls_message_socket_close(&server_context); + mbedtls_message_socket_close(&client_context); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_interleaved_two_ways( ) +void ssl_message_mock_interleaved_two_ways() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; @@ -3088,132 +2936,128 @@ void ssl_message_mock_interleaved_two_ways( ) unsigned i; mbedtls_test_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); + mbedtls_message_socket_init(&server_context); + mbedtls_message_socket_init(&client_context); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 3, - &server, - &server_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 3, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 3, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 3, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - MSGLEN*3 ) ); + TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, + MSGLEN*3)); /* Interleaved test - [2 sends, 1 read] twice, both ways, and then two reads * (to wrap around the buffer) both ways. */ - for( i = 0; i < 2; i++ ) - { - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + for (i = 0; i < 2; i++) { + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &server_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&server_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &server_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_send_msg(&server_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - memset( received, 0, sizeof( received ) ); + memset(received, 0, sizeof(received)); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&client_context, received, + MSGLEN) == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - memset( received, 0, sizeof( received ) ); + memset(received, 0, sizeof(received)); } - for( i = 0; i < 2; i++ ) - { - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, - MSGLEN ) == MSGLEN ); + for (i = 0; i < 2; i++) { + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); - memset( received, 0, sizeof( received ) ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); + memset(received, 0, sizeof(received)); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&client_context, received, + MSGLEN) == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); - memset( received, 0, sizeof( received ) ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); + memset(received, 0, sizeof(received)); } - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MBEDTLS_ERR_SSL_WANT_READ ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + == MBEDTLS_ERR_SSL_WANT_READ); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, MSGLEN ) - == MBEDTLS_ERR_SSL_WANT_READ ); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); + TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&client_context, received, MSGLEN) + == MBEDTLS_ERR_SSL_WANT_READ); +exit: + mbedtls_message_socket_close(&server_context); + mbedtls_message_socket_close(&client_context); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */ -void ssl_dtls_replay( data_t * prevs, data_t * new, int ret ) +void ssl_dtls_replay(data_t *prevs, data_t *new, int ret) { uint32_t len = 0; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); - TEST_ASSERT( mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) == 0 ); - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + TEST_ASSERT(mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_DATAGRAM, + MBEDTLS_SSL_PRESET_DEFAULT) == 0); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); /* Read previous record numbers */ - for( len = 0; len < prevs->len; len += 6 ) - { - memcpy( ssl.in_ctr + 2, prevs->x + len, 6 ); - mbedtls_ssl_dtls_replay_update( &ssl ); + for (len = 0; len < prevs->len; len += 6) { + memcpy(ssl.in_ctr + 2, prevs->x + len, 6); + mbedtls_ssl_dtls_replay_update(&ssl); } /* Check new number */ - memcpy( ssl.in_ctr + 2, new->x, 6 ); - TEST_ASSERT( mbedtls_ssl_dtls_replay_check( &ssl ) == ret ); + memcpy(ssl.in_ctr + 2, new->x, 6); + TEST_ASSERT(mbedtls_ssl_dtls_replay_check(&ssl) == ret); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -void ssl_set_hostname_twice( char *hostname0, char *hostname1 ) +void ssl_set_hostname_twice(char *hostname0, char *hostname1) { mbedtls_ssl_context ssl; - mbedtls_ssl_init( &ssl ); + mbedtls_ssl_init(&ssl); - TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname0 ) == 0 ); - TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname1 ) == 0 ); + TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname0) == 0); + TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname1) == 0); - mbedtls_ssl_free( &ssl ); + mbedtls_ssl_free(&ssl); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_crypt_record( int cipher_type, int hash_id, - int etm, int tag_mode, int ver, - int cid0_len, int cid1_len ) +void ssl_crypt_record(int cipher_type, int hash_id, + int etm, int tag_mode, int ver, + int cid0_len, int cid1_len) { /* * Test several record encryptions and decryptions @@ -3230,27 +3074,23 @@ void ssl_crypt_record( int cipher_type, int hash_id, size_t const buflen = 512; mbedtls_record rec, rec_backup; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_transform_init( &t0 ); - mbedtls_ssl_transform_init( &t1 ); - TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id, - etm, tag_mode, ver, - (size_t) cid0_len, - (size_t) cid1_len ) == 0 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_transform_init(&t0); + mbedtls_ssl_transform_init(&t1); + TEST_ASSERT(build_transforms(&t0, &t1, cipher_type, hash_id, + etm, tag_mode, ver, + (size_t) cid0_len, + (size_t) cid1_len) == 0); - TEST_ASSERT( ( buf = mbedtls_calloc( 1, buflen ) ) != NULL ); + TEST_ASSERT((buf = mbedtls_calloc(1, buflen)) != NULL); - while( num_records-- > 0 ) - { + while (num_records-- > 0) { mbedtls_ssl_transform *t_dec, *t_enc; /* Take turns in who's sending and who's receiving. */ - if( num_records % 3 == 0 ) - { + if (num_records % 3 == 0) { t_dec = &t0; t_enc = &t1; - } - else - { + } else { t_dec = &t1; t_enc = &t0; } @@ -3267,7 +3107,7 @@ void ssl_crypt_record( int cipher_type, int hash_id, * type is sensible. */ - memset( rec.ctr, num_records, sizeof( rec.ctr ) ); + memset(rec.ctr, num_records, sizeof(rec.ctr)); rec.type = 42; rec.ver[0] = num_records; rec.ver[1] = num_records; @@ -3282,71 +3122,68 @@ void ssl_crypt_record( int cipher_type, int hash_id, * paddings. */ rec.data_len = 1 + num_records; - memset( rec.buf + rec.data_offset, 42, rec.data_len ); + memset(rec.buf + rec.data_offset, 42, rec.data_len); /* Make a copy for later comparison */ rec_backup = rec; /* Encrypt record */ - ret = mbedtls_ssl_encrypt_buf( &ssl, t_enc, &rec, - mbedtls_test_rnd_std_rand, NULL ); - TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - if( ret != 0 ) - { + ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec, + mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); + if (ret != 0) { continue; } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( rec.cid_len != 0 ) - { + if (rec.cid_len != 0) { /* DTLS 1.2 + CID hides the real content type and * uses a special CID content type in the protected * record. Double-check this. */ - TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_CID ); + TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_CID); } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if (t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) { /* TLS 1.3 hides the real content type and * always uses Application Data as the content type * for protected records. Double-check this. */ - TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA ); + TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA); } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ /* Decrypt record with t_dec */ - ret = mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ssl_decrypt_buf(&ssl, t_dec, &rec); + TEST_ASSERT(ret == 0); /* Compare results */ - TEST_ASSERT( rec.type == rec_backup.type ); - TEST_ASSERT( memcmp( rec.ctr, rec_backup.ctr, 8 ) == 0 ); - TEST_ASSERT( rec.ver[0] == rec_backup.ver[0] ); - TEST_ASSERT( rec.ver[1] == rec_backup.ver[1] ); - TEST_ASSERT( rec.data_len == rec_backup.data_len ); - TEST_ASSERT( rec.data_offset == rec_backup.data_offset ); - TEST_ASSERT( memcmp( rec.buf + rec.data_offset, - rec_backup.buf + rec_backup.data_offset, - rec.data_len ) == 0 ); + TEST_ASSERT(rec.type == rec_backup.type); + TEST_ASSERT(memcmp(rec.ctr, rec_backup.ctr, 8) == 0); + TEST_ASSERT(rec.ver[0] == rec_backup.ver[0]); + TEST_ASSERT(rec.ver[1] == rec_backup.ver[1]); + TEST_ASSERT(rec.data_len == rec_backup.data_len); + TEST_ASSERT(rec.data_offset == rec_backup.data_offset); + TEST_ASSERT(memcmp(rec.buf + rec.data_offset, + rec_backup.buf + rec_backup.data_offset, + rec.data_len) == 0); } exit: /* Cleanup */ - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_transform_free( &t0 ); - mbedtls_ssl_transform_free( &t1 ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_transform_free(&t0); + mbedtls_ssl_transform_free(&t1); - mbedtls_free( buf ); + mbedtls_free(buf); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_crypt_record_small( int cipher_type, int hash_id, - int etm, int tag_mode, int ver, - int cid0_len, int cid1_len ) +void ssl_crypt_record_small(int cipher_type, int hash_id, + int etm, int tag_mode, int ver, + int cid0_len, int cid1_len) { /* * Test pairs of encryption and decryption with an increasing @@ -3386,26 +3223,24 @@ void ssl_crypt_record_small( int cipher_type, int hash_id, int seen_success; /* Indicates if in the current mode we've * already seen a successful test. */ - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_transform_init( &t0 ); - mbedtls_ssl_transform_init( &t1 ); - TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id, - etm, tag_mode, ver, - (size_t) cid0_len, - (size_t) cid1_len ) == 0 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_transform_init(&t0); + mbedtls_ssl_transform_init(&t1); + TEST_ASSERT(build_transforms(&t0, &t1, cipher_type, hash_id, + etm, tag_mode, ver, + (size_t) cid0_len, + (size_t) cid1_len) == 0); - TEST_ASSERT( ( buf = mbedtls_calloc( 1, buflen ) ) != NULL ); + TEST_ASSERT((buf = mbedtls_calloc(1, buflen)) != NULL); - for( mode=1; mode <= 3; mode++ ) - { + for (mode = 1; mode <= 3; mode++) { seen_success = 0; - for( offset=0; offset <= threshold; offset++ ) - { + for (offset = 0; offset <= threshold; offset++) { mbedtls_ssl_transform *t_dec, *t_enc; t_dec = &t0; t_enc = &t1; - memset( rec.ctr, offset, sizeof( rec.ctr ) ); + memset(rec.ctr, offset, sizeof(rec.ctr)); rec.type = 42; rec.ver[0] = offset; rec.ver[1] = offset; @@ -3415,8 +3250,7 @@ void ssl_crypt_record_small( int cipher_type, int hash_id, rec.cid_len = 0; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - switch( mode ) - { + switch (mode) { case 1: /* Space in the beginning */ rec.data_offset = offset; rec.data_len = buflen - offset - default_post_padding; @@ -3433,85 +3267,82 @@ void ssl_crypt_record_small( int cipher_type, int hash_id, break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); break; } - memset( rec.buf + rec.data_offset, 42, rec.data_len ); + memset(rec.buf + rec.data_offset, 42, rec.data_len); /* Make a copy for later comparison */ rec_backup = rec; /* Encrypt record */ - ret = mbedtls_ssl_encrypt_buf( &ssl, t_enc, &rec, - mbedtls_test_rnd_std_rand, NULL ); - - if( ( mode == 1 || mode == 2 ) && seen_success ) - { - TEST_ASSERT( ret == 0 ); - } - else - { - TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - if( ret == 0 ) + ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec, + mbedtls_test_rnd_std_rand, NULL); + + if ((mode == 1 || mode == 2) && seen_success) { + TEST_ASSERT(ret == 0); + } else { + TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); + if (ret == 0) { seen_success = 1; + } } - if( ret != 0 ) + if (ret != 0) { continue; + } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( rec.cid_len != 0 ) - { + if (rec.cid_len != 0) { /* DTLS 1.2 + CID hides the real content type and * uses a special CID content type in the protected * record. Double-check this. */ - TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_CID ); + TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_CID); } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if (t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) { /* TLS 1.3 hides the real content type and * always uses Application Data as the content type * for protected records. Double-check this. */ - TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA ); + TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA); } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ /* Decrypt record with t_dec */ - TEST_ASSERT( mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec ) == 0 ); + TEST_ASSERT(mbedtls_ssl_decrypt_buf(&ssl, t_dec, &rec) == 0); /* Compare results */ - TEST_ASSERT( rec.type == rec_backup.type ); - TEST_ASSERT( memcmp( rec.ctr, rec_backup.ctr, 8 ) == 0 ); - TEST_ASSERT( rec.ver[0] == rec_backup.ver[0] ); - TEST_ASSERT( rec.ver[1] == rec_backup.ver[1] ); - TEST_ASSERT( rec.data_len == rec_backup.data_len ); - TEST_ASSERT( rec.data_offset == rec_backup.data_offset ); - TEST_ASSERT( memcmp( rec.buf + rec.data_offset, - rec_backup.buf + rec_backup.data_offset, - rec.data_len ) == 0 ); + TEST_ASSERT(rec.type == rec_backup.type); + TEST_ASSERT(memcmp(rec.ctr, rec_backup.ctr, 8) == 0); + TEST_ASSERT(rec.ver[0] == rec_backup.ver[0]); + TEST_ASSERT(rec.ver[1] == rec_backup.ver[1]); + TEST_ASSERT(rec.data_len == rec_backup.data_len); + TEST_ASSERT(rec.data_offset == rec_backup.data_offset); + TEST_ASSERT(memcmp(rec.buf + rec.data_offset, + rec_backup.buf + rec_backup.data_offset, + rec.data_len) == 0); } - TEST_ASSERT( seen_success == 1 ); + TEST_ASSERT(seen_success == 1); } exit: /* Cleanup */ - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_transform_free( &t0 ); - mbedtls_ssl_transform_free( &t1 ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_transform_free(&t0); + mbedtls_ssl_transform_free(&t1); - mbedtls_free( buf ); + mbedtls_free(buf); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */ -void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, - int length_selector ) +void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac, + int length_selector) { /* * Test record decryption for CBC without EtM, focused on the verification @@ -3542,50 +3373,48 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, int exp_ret; const unsigned char pad_max_len = 255; /* Per the standard */ - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_transform_init( &t0 ); - mbedtls_ssl_transform_init( &t1 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_transform_init(&t0); + mbedtls_ssl_transform_init(&t1); /* Set up transforms with dummy keys */ - TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id, - 0, trunc_hmac, - MBEDTLS_SSL_MINOR_VERSION_3, - 0 , 0 ) == 0 ); + TEST_ASSERT(build_transforms(&t0, &t1, cipher_type, hash_id, + 0, trunc_hmac, + MBEDTLS_SSL_MINOR_VERSION_3, + 0, 0) == 0); /* Determine padding/plaintext length */ - TEST_ASSERT( length_selector >= -2 && length_selector <= 255 ); + TEST_ASSERT(length_selector >= -2 && length_selector <= 255); block_size = t0.ivlen; - if( length_selector < 0 ) - { + if (length_selector < 0) { plaintext_len = 0; /* Minimal padding * The +1 is for the padding_length byte, not counted in padlen. */ - padlen = block_size - ( t0.maclen + 1 ) % block_size; + padlen = block_size - (t0.maclen + 1) % block_size; /* Maximal padding? */ - if( length_selector == -2 ) - padlen += block_size * ( ( pad_max_len - padlen ) / block_size ); - } - else - { + if (length_selector == -2) { + padlen += block_size * ((pad_max_len - padlen) / block_size); + } + } else { padlen = length_selector; /* Minimal non-zero plaintext_length giving desired padding. * The +1 is for the padding_length byte, not counted in padlen. */ - plaintext_len = block_size - ( padlen + t0.maclen + 1 ) % block_size; + plaintext_len = block_size - (padlen + t0.maclen + 1) % block_size; } /* Prepare a buffer for record data */ buflen = block_size - + plaintext_len - + t0.maclen - + padlen + 1; - ASSERT_ALLOC( buf, buflen ); - ASSERT_ALLOC( buf_save, buflen ); + + plaintext_len + + t0.maclen + + padlen + 1; + ASSERT_ALLOC(buf, buflen); + ASSERT_ALLOC(buf_save, buflen); /* Prepare a dummy record header */ - memset( rec.ctr, 0, sizeof( rec.ctr ) ); + memset(rec.ctr, 0, sizeof(rec.ctr)); rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; rec.ver[0] = MBEDTLS_SSL_MAJOR_VERSION_3; rec.ver[1] = MBEDTLS_SSL_MINOR_VERSION_3; @@ -3598,82 +3427,81 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, rec.buf_len = buflen; rec.data_offset = block_size; rec.data_len = plaintext_len; - memset( rec.buf + rec.data_offset, 42, rec.data_len ); + memset(rec.buf + rec.data_offset, 42, rec.data_len); /* Serialized version of record header for MAC purposes */ - memcpy( add_data, rec.ctr, 8 ); + memcpy(add_data, rec.ctr, 8); add_data[8] = rec.type; add_data[9] = rec.ver[0]; add_data[10] = rec.ver[1]; - add_data[11] = ( rec.data_len >> 8 ) & 0xff; - add_data[12] = ( rec.data_len >> 0 ) & 0xff; + add_data[11] = (rec.data_len >> 8) & 0xff; + add_data[12] = (rec.data_len >> 0) & 0xff; /* Set dummy IV */ - memset( t0.iv_enc, 0x55, t0.ivlen ); - memcpy( rec.buf, t0.iv_enc, t0.ivlen ); + memset(t0.iv_enc, 0x55, t0.ivlen); + memcpy(rec.buf, t0.iv_enc, t0.ivlen); /* * Prepare a pre-encryption record (with MAC and padding), and save it. */ /* MAC with additional data */ - TEST_EQUAL( 0, mbedtls_md_hmac_update( &t0.md_ctx_enc, add_data, 13 ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_update( &t0.md_ctx_enc, - rec.buf + rec.data_offset, - rec.data_len ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_finish( &t0.md_ctx_enc, mac ) ); + TEST_EQUAL(0, mbedtls_md_hmac_update(&t0.md_ctx_enc, add_data, 13)); + TEST_EQUAL(0, mbedtls_md_hmac_update(&t0.md_ctx_enc, + rec.buf + rec.data_offset, + rec.data_len)); + TEST_EQUAL(0, mbedtls_md_hmac_finish(&t0.md_ctx_enc, mac)); - memcpy( rec.buf + rec.data_offset + rec.data_len, mac, t0.maclen ); + memcpy(rec.buf + rec.data_offset + rec.data_len, mac, t0.maclen); rec.data_len += t0.maclen; /* Pad */ - memset( rec.buf + rec.data_offset + rec.data_len, padlen, padlen + 1 ); + memset(rec.buf + rec.data_offset + rec.data_len, padlen, padlen + 1); rec.data_len += padlen + 1; /* Save correct pre-encryption record */ rec_save = rec; rec_save.buf = buf_save; - memcpy( buf_save, buf, buflen ); + memcpy(buf_save, buf, buflen); /* * Encrypt and decrypt the correct record, expecting success */ - TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc, - t0.iv_enc, t0.ivlen, - rec.buf + rec.data_offset, rec.data_len, - rec.buf + rec.data_offset, &olen ) ); + TEST_EQUAL(0, mbedtls_cipher_crypt(&t0.cipher_ctx_enc, + t0.iv_enc, t0.ivlen, + rec.buf + rec.data_offset, rec.data_len, + rec.buf + rec.data_offset, &olen)); rec.data_offset -= t0.ivlen; rec.data_len += t0.ivlen; - TEST_EQUAL( 0, mbedtls_ssl_decrypt_buf( &ssl, &t1, &rec ) ); + TEST_EQUAL(0, mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec)); /* * Modify each byte of the pre-encryption record before encrypting and * decrypting it, expecting failure every time. */ - for( i = block_size; i < buflen; i++ ) - { - mbedtls_test_set_step( i ); + for (i = block_size; i < buflen; i++) { + mbedtls_test_set_step(i); /* Restore correct pre-encryption record */ rec = rec_save; rec.buf = buf; - memcpy( buf, buf_save, buflen ); + memcpy(buf, buf_save, buflen); /* Corrupt one byte of the data (could be plaintext, MAC or padding) */ rec.buf[i] ^= 0x01; /* Encrypt */ - TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc, - t0.iv_enc, t0.ivlen, - rec.buf + rec.data_offset, rec.data_len, - rec.buf + rec.data_offset, &olen ) ); + TEST_EQUAL(0, mbedtls_cipher_crypt(&t0.cipher_ctx_enc, + t0.iv_enc, t0.ivlen, + rec.buf + rec.data_offset, rec.data_len, + rec.buf + rec.data_offset, &olen)); rec.data_offset -= t0.ivlen; rec.data_len += t0.ivlen; /* Decrypt and expect failure */ - TEST_EQUAL( MBEDTLS_ERR_SSL_INVALID_MAC, - mbedtls_ssl_decrypt_buf( &ssl, &t1, &rec ) ); + TEST_EQUAL(MBEDTLS_ERR_SSL_INVALID_MAC, + mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec)); } /* @@ -3688,214 +3516,213 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, * (Start the loop with correct padding, just to double-check that record * saving did work, and that we're overwriting the correct bytes.) */ - for( i = padlen; i <= pad_max_len; i++ ) - { - mbedtls_test_set_step( i ); + for (i = padlen; i <= pad_max_len; i++) { + mbedtls_test_set_step(i); /* Restore correct pre-encryption record */ rec = rec_save; rec.buf = buf; - memcpy( buf, buf_save, buflen ); + memcpy(buf, buf_save, buflen); /* Set padding bytes to new value */ - memset( buf + buflen - padlen - 1, i, padlen + 1 ); + memset(buf + buflen - padlen - 1, i, padlen + 1); /* Encrypt */ - TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc, - t0.iv_enc, t0.ivlen, - rec.buf + rec.data_offset, rec.data_len, - rec.buf + rec.data_offset, &olen ) ); + TEST_EQUAL(0, mbedtls_cipher_crypt(&t0.cipher_ctx_enc, + t0.iv_enc, t0.ivlen, + rec.buf + rec.data_offset, rec.data_len, + rec.buf + rec.data_offset, &olen)); rec.data_offset -= t0.ivlen; rec.data_len += t0.ivlen; /* Decrypt and expect failure except the first time */ - exp_ret = ( i == padlen ) ? 0 : MBEDTLS_ERR_SSL_INVALID_MAC; - TEST_EQUAL( exp_ret, mbedtls_ssl_decrypt_buf( &ssl, &t1, &rec ) ); + exp_ret = (i == padlen) ? 0 : MBEDTLS_ERR_SSL_INVALID_MAC; + TEST_EQUAL(exp_ret, mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec)); } exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_transform_free( &t0 ); - mbedtls_ssl_transform_free( &t1 ); - mbedtls_free( buf ); - mbedtls_free( buf_save ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_transform_free(&t0); + mbedtls_ssl_transform_free(&t1); + mbedtls_free(buf); + mbedtls_free(buf_save); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ -void ssl_tls1_3_hkdf_expand_label( int hash_alg, - data_t *secret, - int label_idx, - data_t *ctx, - int desired_length, - data_t *expected ) +void ssl_tls1_3_hkdf_expand_label(int hash_alg, + data_t *secret, + int label_idx, + data_t *ctx, + int desired_length, + data_t *expected) { - unsigned char dst[ 100 ]; + unsigned char dst[100]; unsigned char const *lbl = NULL; size_t lbl_len; -#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ - if( label_idx == (int) tls1_3_label_ ## name ) \ +#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ + if (label_idx == (int) tls1_3_label_ ## name) \ { \ lbl = mbedtls_ssl_tls1_3_labels.name; \ - lbl_len = sizeof( mbedtls_ssl_tls1_3_labels.name ); \ + lbl_len = sizeof(mbedtls_ssl_tls1_3_labels.name); \ } -MBEDTLS_SSL_TLS1_3_LABEL_LIST + MBEDTLS_SSL_TLS1_3_LABEL_LIST #undef MBEDTLS_SSL_TLS1_3_LABEL - TEST_ASSERT( lbl != NULL ); + TEST_ASSERT(lbl != NULL); /* Check sanity of test parameters. */ - TEST_ASSERT( (size_t) desired_length <= sizeof( dst ) ); - TEST_ASSERT( (size_t) desired_length == expected->len ); - - TEST_ASSERT( mbedtls_ssl_tls1_3_hkdf_expand_label( - (mbedtls_md_type_t) hash_alg, - secret->x, secret->len, - lbl, lbl_len, - ctx->x, ctx->len, - dst, desired_length ) == 0 ); - - ASSERT_COMPARE( dst, (size_t) desired_length, - expected->x, (size_t) expected->len ); + TEST_ASSERT((size_t) desired_length <= sizeof(dst)); + TEST_ASSERT((size_t) desired_length == expected->len); + + TEST_ASSERT(mbedtls_ssl_tls1_3_hkdf_expand_label( + (mbedtls_md_type_t) hash_alg, + secret->x, secret->len, + lbl, lbl_len, + ctx->x, ctx->len, + dst, desired_length) == 0); + + ASSERT_COMPARE(dst, (size_t) desired_length, + expected->x, (size_t) expected->len); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ -void ssl_tls1_3_traffic_key_generation( int hash_alg, - data_t *server_secret, - data_t *client_secret, - int desired_iv_len, - int desired_key_len, - data_t *expected_server_write_key, - data_t *expected_server_write_iv, - data_t *expected_client_write_key, - data_t *expected_client_write_iv ) +void ssl_tls1_3_traffic_key_generation(int hash_alg, + data_t *server_secret, + data_t *client_secret, + int desired_iv_len, + int desired_key_len, + data_t *expected_server_write_key, + data_t *expected_server_write_iv, + data_t *expected_client_write_key, + data_t *expected_client_write_iv) { mbedtls_ssl_key_set keys; /* Check sanity of test parameters. */ - TEST_ASSERT( client_secret->len == server_secret->len ); - TEST_ASSERT( expected_client_write_iv->len == expected_server_write_iv->len && - expected_client_write_iv->len == (size_t) desired_iv_len ); - TEST_ASSERT( expected_client_write_key->len == expected_server_write_key->len && - expected_client_write_key->len == (size_t) desired_key_len ); - - TEST_ASSERT( mbedtls_ssl_tls1_3_make_traffic_keys( - (mbedtls_md_type_t) hash_alg, - client_secret->x, - server_secret->x, - client_secret->len /* == server_secret->len */, - desired_key_len, desired_iv_len, - &keys ) == 0 ); - - ASSERT_COMPARE( keys.client_write_key, - keys.key_len, - expected_client_write_key->x, - (size_t) desired_key_len ); - ASSERT_COMPARE( keys.server_write_key, - keys.key_len, - expected_server_write_key->x, - (size_t) desired_key_len ); - ASSERT_COMPARE( keys.client_write_iv, - keys.iv_len, - expected_client_write_iv->x, - (size_t) desired_iv_len ); - ASSERT_COMPARE( keys.server_write_iv, - keys.iv_len, - expected_server_write_iv->x, - (size_t) desired_iv_len ); + TEST_ASSERT(client_secret->len == server_secret->len); + TEST_ASSERT(expected_client_write_iv->len == expected_server_write_iv->len && + expected_client_write_iv->len == (size_t) desired_iv_len); + TEST_ASSERT(expected_client_write_key->len == expected_server_write_key->len && + expected_client_write_key->len == (size_t) desired_key_len); + + TEST_ASSERT(mbedtls_ssl_tls1_3_make_traffic_keys( + (mbedtls_md_type_t) hash_alg, + client_secret->x, + server_secret->x, + client_secret->len /* == server_secret->len */, + desired_key_len, desired_iv_len, + &keys) == 0); + + ASSERT_COMPARE(keys.client_write_key, + keys.key_len, + expected_client_write_key->x, + (size_t) desired_key_len); + ASSERT_COMPARE(keys.server_write_key, + keys.key_len, + expected_server_write_key->x, + (size_t) desired_key_len); + ASSERT_COMPARE(keys.client_write_iv, + keys.iv_len, + expected_client_write_iv->x, + (size_t) desired_iv_len); + ASSERT_COMPARE(keys.server_write_iv, + keys.iv_len, + expected_server_write_iv->x, + (size_t) desired_iv_len); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ -void ssl_tls1_3_derive_secret( int hash_alg, - data_t *secret, - int label_idx, - data_t *ctx, - int desired_length, - int already_hashed, - data_t *expected ) +void ssl_tls1_3_derive_secret(int hash_alg, + data_t *secret, + int label_idx, + data_t *ctx, + int desired_length, + int already_hashed, + data_t *expected) { - unsigned char dst[ 100 ]; + unsigned char dst[100]; unsigned char const *lbl = NULL; size_t lbl_len; -#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ - if( label_idx == (int) tls1_3_label_ ## name ) \ +#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ + if (label_idx == (int) tls1_3_label_ ## name) \ { \ lbl = mbedtls_ssl_tls1_3_labels.name; \ - lbl_len = sizeof( mbedtls_ssl_tls1_3_labels.name ); \ + lbl_len = sizeof(mbedtls_ssl_tls1_3_labels.name); \ } -MBEDTLS_SSL_TLS1_3_LABEL_LIST + MBEDTLS_SSL_TLS1_3_LABEL_LIST #undef MBEDTLS_SSL_TLS1_3_LABEL - TEST_ASSERT( lbl != NULL ); + TEST_ASSERT(lbl != NULL); /* Check sanity of test parameters. */ - TEST_ASSERT( (size_t) desired_length <= sizeof( dst ) ); - TEST_ASSERT( (size_t) desired_length == expected->len ); - - TEST_ASSERT( mbedtls_ssl_tls1_3_derive_secret( - (mbedtls_md_type_t) hash_alg, - secret->x, secret->len, - lbl, lbl_len, - ctx->x, ctx->len, - already_hashed, - dst, desired_length ) == 0 ); - - ASSERT_COMPARE( dst, desired_length, - expected->x, desired_length ); + TEST_ASSERT((size_t) desired_length <= sizeof(dst)); + TEST_ASSERT((size_t) desired_length == expected->len); + + TEST_ASSERT(mbedtls_ssl_tls1_3_derive_secret( + (mbedtls_md_type_t) hash_alg, + secret->x, secret->len, + lbl, lbl_len, + ctx->x, ctx->len, + already_hashed, + dst, desired_length) == 0); + + ASSERT_COMPARE(dst, desired_length, + expected->x, desired_length); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ -void ssl_tls1_3_key_evolution( int hash_alg, - data_t *secret, - data_t *input, - data_t *expected ) +void ssl_tls1_3_key_evolution(int hash_alg, + data_t *secret, + data_t *input, + data_t *expected) { - unsigned char secret_new[ MBEDTLS_MD_MAX_SIZE ]; + unsigned char secret_new[MBEDTLS_MD_MAX_SIZE]; - TEST_ASSERT( mbedtls_ssl_tls1_3_evolve_secret( - (mbedtls_md_type_t) hash_alg, - secret->len ? secret->x : NULL, - input->len ? input->x : NULL, input->len, - secret_new ) == 0 ); + TEST_ASSERT(mbedtls_ssl_tls1_3_evolve_secret( + (mbedtls_md_type_t) hash_alg, + secret->len ? secret->x : NULL, + input->len ? input->x : NULL, input->len, + secret_new) == 0); - ASSERT_COMPARE( secret_new, (size_t) expected->len, - expected->x, (size_t) expected->len ); + ASSERT_COMPARE(secret_new, (size_t) expected->len, + expected->x, (size_t) expected->len); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_tls_prf( int type, data_t * secret, data_t * random, - char *label, data_t *result_str, int exp_ret ) +void ssl_tls_prf(int type, data_t *secret, data_t *random, + char *label, data_t *result_str, int exp_ret) { unsigned char *output; - output = mbedtls_calloc( 1, result_str->len ); - if( output == NULL ) + output = mbedtls_calloc(1, result_str->len); + if (output == NULL) { goto exit; + } - USE_PSA_INIT( ); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_ssl_tls_prf( type, secret->x, secret->len, - label, random->x, random->len, - output, result_str->len ) == exp_ret ); + TEST_ASSERT(mbedtls_ssl_tls_prf(type, secret->x, secret->len, + label, random->x, random->len, + output, result_str->len) == exp_ret); - if( exp_ret == 0 ) - { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - result_str->len, result_str->len ) == 0 ); + if (exp_ret == 0) { + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + result_str->len, result_str->len) == 0); } exit: - mbedtls_free( output ); - USE_PSA_DONE( ); + mbedtls_free(output); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_serialize_session_save_load( int ticket_len, char *crt_file ) +void ssl_serialize_session_save_load(int ticket_len, char *crt_file) { mbedtls_ssl_session original, restored; unsigned char *buf = NULL; @@ -3905,98 +3732,95 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file ) * Test that a save-load pair is the identity */ - mbedtls_ssl_session_init( &original ); - mbedtls_ssl_session_init( &restored ); + mbedtls_ssl_session_init(&original); + mbedtls_ssl_session_init(&restored); /* Prepare a dummy session to work on */ - TEST_ASSERT( ssl_populate_session( &original, ticket_len, crt_file ) == 0 ); + TEST_ASSERT(ssl_populate_session(&original, ticket_len, crt_file) == 0); /* Serialize it */ - TEST_ASSERT( mbedtls_ssl_session_save( &original, NULL, 0, &len ) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - TEST_ASSERT( ( buf = mbedtls_calloc( 1, len ) ) != NULL ); - TEST_ASSERT( mbedtls_ssl_session_save( &original, buf, len, &len ) - == 0 ); + TEST_ASSERT(mbedtls_ssl_session_save(&original, NULL, 0, &len) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); + TEST_ASSERT((buf = mbedtls_calloc(1, len)) != NULL); + TEST_ASSERT(mbedtls_ssl_session_save(&original, buf, len, &len) + == 0); /* Restore session from serialized data */ - TEST_ASSERT( mbedtls_ssl_session_load( &restored, buf, len) == 0 ); + TEST_ASSERT(mbedtls_ssl_session_load(&restored, buf, len) == 0); /* * Make sure both session structures are identical */ #if defined(MBEDTLS_HAVE_TIME) - TEST_ASSERT( original.start == restored.start ); + TEST_ASSERT(original.start == restored.start); #endif - TEST_ASSERT( original.ciphersuite == restored.ciphersuite ); - TEST_ASSERT( original.compression == restored.compression ); - TEST_ASSERT( original.id_len == restored.id_len ); - TEST_ASSERT( memcmp( original.id, - restored.id, sizeof( original.id ) ) == 0 ); - TEST_ASSERT( memcmp( original.master, - restored.master, sizeof( original.master ) ) == 0 ); + TEST_ASSERT(original.ciphersuite == restored.ciphersuite); + TEST_ASSERT(original.compression == restored.compression); + TEST_ASSERT(original.id_len == restored.id_len); + TEST_ASSERT(memcmp(original.id, + restored.id, sizeof(original.id)) == 0); + TEST_ASSERT(memcmp(original.master, + restored.master, sizeof(original.master)) == 0); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - TEST_ASSERT( ( original.peer_cert == NULL ) == - ( restored.peer_cert == NULL ) ); - if( original.peer_cert != NULL ) - { - TEST_ASSERT( original.peer_cert->raw.len == - restored.peer_cert->raw.len ); - TEST_ASSERT( memcmp( original.peer_cert->raw.p, - restored.peer_cert->raw.p, - original.peer_cert->raw.len ) == 0 ); + TEST_ASSERT((original.peer_cert == NULL) == + (restored.peer_cert == NULL)); + if (original.peer_cert != NULL) { + TEST_ASSERT(original.peer_cert->raw.len == + restored.peer_cert->raw.len); + TEST_ASSERT(memcmp(original.peer_cert->raw.p, + restored.peer_cert->raw.p, + original.peer_cert->raw.len) == 0); } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - TEST_ASSERT( original.peer_cert_digest_type == - restored.peer_cert_digest_type ); - TEST_ASSERT( original.peer_cert_digest_len == - restored.peer_cert_digest_len ); - TEST_ASSERT( ( original.peer_cert_digest == NULL ) == - ( restored.peer_cert_digest == NULL ) ); - if( original.peer_cert_digest != NULL ) - { - TEST_ASSERT( memcmp( original.peer_cert_digest, - restored.peer_cert_digest, - original.peer_cert_digest_len ) == 0 ); + TEST_ASSERT(original.peer_cert_digest_type == + restored.peer_cert_digest_type); + TEST_ASSERT(original.peer_cert_digest_len == + restored.peer_cert_digest_len); + TEST_ASSERT((original.peer_cert_digest == NULL) == + (restored.peer_cert_digest == NULL)); + if (original.peer_cert_digest != NULL) { + TEST_ASSERT(memcmp(original.peer_cert_digest, + restored.peer_cert_digest, + original.peer_cert_digest_len) == 0); } #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ - TEST_ASSERT( original.verify_result == restored.verify_result ); + TEST_ASSERT(original.verify_result == restored.verify_result); #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - TEST_ASSERT( original.ticket_len == restored.ticket_len ); - if( original.ticket_len != 0 ) - { - TEST_ASSERT( original.ticket != NULL ); - TEST_ASSERT( restored.ticket != NULL ); - TEST_ASSERT( memcmp( original.ticket, - restored.ticket, original.ticket_len ) == 0 ); - } - TEST_ASSERT( original.ticket_lifetime == restored.ticket_lifetime ); + TEST_ASSERT(original.ticket_len == restored.ticket_len); + if (original.ticket_len != 0) { + TEST_ASSERT(original.ticket != NULL); + TEST_ASSERT(restored.ticket != NULL); + TEST_ASSERT(memcmp(original.ticket, + restored.ticket, original.ticket_len) == 0); + } + TEST_ASSERT(original.ticket_lifetime == restored.ticket_lifetime); #endif #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - TEST_ASSERT( original.mfl_code == restored.mfl_code ); + TEST_ASSERT(original.mfl_code == restored.mfl_code); #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - TEST_ASSERT( original.trunc_hmac == restored.trunc_hmac ); + TEST_ASSERT(original.trunc_hmac == restored.trunc_hmac); #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - TEST_ASSERT( original.encrypt_then_mac == restored.encrypt_then_mac ); + TEST_ASSERT(original.encrypt_then_mac == restored.encrypt_then_mac); #endif exit: - mbedtls_ssl_session_free( &original ); - mbedtls_ssl_session_free( &restored ); - mbedtls_free( buf ); + mbedtls_ssl_session_free(&original); + mbedtls_ssl_session_free(&restored); + mbedtls_free(buf); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_serialize_session_load_save( int ticket_len, char *crt_file ) +void ssl_serialize_session_load_save(int ticket_len, char *crt_file) { mbedtls_ssl_session session; unsigned char *buf1 = NULL, *buf2 = NULL; @@ -4006,47 +3830,47 @@ void ssl_serialize_session_load_save( int ticket_len, char *crt_file ) * Test that a load-save pair is the identity */ - mbedtls_ssl_session_init( &session ); + mbedtls_ssl_session_init(&session); /* Prepare a dummy session to work on */ - TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 ); + TEST_ASSERT(ssl_populate_session(&session, ticket_len, crt_file) == 0); /* Get desired buffer size for serializing */ - TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &len0 ) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &len0) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); /* Allocate first buffer */ - buf1 = mbedtls_calloc( 1, len0 ); - TEST_ASSERT( buf1 != NULL ); + buf1 = mbedtls_calloc(1, len0); + TEST_ASSERT(buf1 != NULL); /* Serialize to buffer and free live session */ - TEST_ASSERT( mbedtls_ssl_session_save( &session, buf1, len0, &len1 ) - == 0 ); - TEST_ASSERT( len0 == len1 ); - mbedtls_ssl_session_free( &session ); + TEST_ASSERT(mbedtls_ssl_session_save(&session, buf1, len0, &len1) + == 0); + TEST_ASSERT(len0 == len1); + mbedtls_ssl_session_free(&session); /* Restore session from serialized data */ - TEST_ASSERT( mbedtls_ssl_session_load( &session, buf1, len1 ) == 0 ); + TEST_ASSERT(mbedtls_ssl_session_load(&session, buf1, len1) == 0); /* Allocate second buffer and serialize to it */ - buf2 = mbedtls_calloc( 1, len0 ); - TEST_ASSERT( buf2 != NULL ); - TEST_ASSERT( mbedtls_ssl_session_save( &session, buf2, len0, &len2 ) - == 0 ); + buf2 = mbedtls_calloc(1, len0); + TEST_ASSERT(buf2 != NULL); + TEST_ASSERT(mbedtls_ssl_session_save(&session, buf2, len0, &len2) + == 0); /* Make sure both serialized versions are identical */ - TEST_ASSERT( len1 == len2 ); - TEST_ASSERT( memcmp( buf1, buf2, len1 ) == 0 ); + TEST_ASSERT(len1 == len2); + TEST_ASSERT(memcmp(buf1, buf2, len1) == 0); exit: - mbedtls_ssl_session_free( &session ); - mbedtls_free( buf1 ); - mbedtls_free( buf2 ); + mbedtls_ssl_session_free(&session); + mbedtls_free(buf1); + mbedtls_free(buf2); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_serialize_session_save_buf_size( int ticket_len, char *crt_file ) +void ssl_serialize_session_save_buf_size(int ticket_len, char *crt_file) { mbedtls_ssl_session session; unsigned char *buf = NULL; @@ -4056,33 +3880,32 @@ void ssl_serialize_session_save_buf_size( int ticket_len, char *crt_file ) * Test that session_save() fails cleanly on small buffers */ - mbedtls_ssl_session_init( &session ); + mbedtls_ssl_session_init(&session); /* Prepare dummy session and get serialized size */ - TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len ) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + TEST_ASSERT(ssl_populate_session(&session, ticket_len, crt_file) == 0); + TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); /* Try all possible bad lengths */ - for( bad_len = 1; bad_len < good_len; bad_len++ ) - { + for (bad_len = 1; bad_len < good_len; bad_len++) { /* Allocate exact size so that asan/valgrind can detect any overwrite */ - mbedtls_free( buf ); - TEST_ASSERT( ( buf = mbedtls_calloc( 1, bad_len ) ) != NULL ); - TEST_ASSERT( mbedtls_ssl_session_save( &session, buf, bad_len, - &test_len ) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - TEST_ASSERT( test_len == good_len ); + mbedtls_free(buf); + TEST_ASSERT((buf = mbedtls_calloc(1, bad_len)) != NULL); + TEST_ASSERT(mbedtls_ssl_session_save(&session, buf, bad_len, + &test_len) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); + TEST_ASSERT(test_len == good_len); } exit: - mbedtls_ssl_session_free( &session ); - mbedtls_free( buf ); + mbedtls_ssl_session_free(&session); + mbedtls_free(buf); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_serialize_session_load_buf_size( int ticket_len, char *crt_file ) +void ssl_serialize_session_load_buf_size(int ticket_len, char *crt_file) { mbedtls_ssl_session session; unsigned char *good_buf = NULL, *bad_buf = NULL; @@ -4092,44 +3915,43 @@ void ssl_serialize_session_load_buf_size( int ticket_len, char *crt_file ) * Test that session_load() fails cleanly on small buffers */ - mbedtls_ssl_session_init( &session ); + mbedtls_ssl_session_init(&session); /* Prepare serialized session data */ - TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len ) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - TEST_ASSERT( ( good_buf = mbedtls_calloc( 1, good_len ) ) != NULL ); - TEST_ASSERT( mbedtls_ssl_session_save( &session, good_buf, good_len, - &good_len ) == 0 ); - mbedtls_ssl_session_free( &session ); + TEST_ASSERT(ssl_populate_session(&session, ticket_len, crt_file) == 0); + TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); + TEST_ASSERT((good_buf = mbedtls_calloc(1, good_len)) != NULL); + TEST_ASSERT(mbedtls_ssl_session_save(&session, good_buf, good_len, + &good_len) == 0); + mbedtls_ssl_session_free(&session); /* Try all possible bad lengths */ - for( bad_len = 0; bad_len < good_len; bad_len++ ) - { + for (bad_len = 0; bad_len < good_len; bad_len++) { /* Allocate exact size so that asan/valgrind can detect any overread */ - mbedtls_free( bad_buf ); - bad_buf = mbedtls_calloc( 1, bad_len ? bad_len : 1 ); - TEST_ASSERT( bad_buf != NULL ); - memcpy( bad_buf, good_buf, bad_len ); + mbedtls_free(bad_buf); + bad_buf = mbedtls_calloc(1, bad_len ? bad_len : 1); + TEST_ASSERT(bad_buf != NULL); + memcpy(bad_buf, good_buf, bad_len); - TEST_ASSERT( mbedtls_ssl_session_load( &session, bad_buf, bad_len ) - == MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_ssl_session_load(&session, bad_buf, bad_len) + == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); } exit: - mbedtls_ssl_session_free( &session ); - mbedtls_free( good_buf ); - mbedtls_free( bad_buf ); + mbedtls_ssl_session_free(&session); + mbedtls_free(good_buf); + mbedtls_free(bad_buf); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_session_serialize_version_check( int corrupt_major, - int corrupt_minor, - int corrupt_patch, - int corrupt_config ) +void ssl_session_serialize_version_check(int corrupt_major, + int corrupt_minor, + int corrupt_patch, + int corrupt_config) { - unsigned char serialized_session[ 2048 ]; + unsigned char serialized_session[2048]; size_t serialized_session_len; unsigned cur_byte; mbedtls_ssl_session session; @@ -4139,44 +3961,43 @@ void ssl_session_serialize_version_check( int corrupt_major, corrupt_config == 1, corrupt_config == 1 }; - mbedtls_ssl_session_init( &session ); + mbedtls_ssl_session_init(&session); /* Infer length of serialized session. */ - TEST_ASSERT( mbedtls_ssl_session_save( &session, - serialized_session, - sizeof( serialized_session ), - &serialized_session_len ) == 0 ); + TEST_ASSERT(mbedtls_ssl_session_save(&session, + serialized_session, + sizeof(serialized_session), + &serialized_session_len) == 0); - mbedtls_ssl_session_free( &session ); + mbedtls_ssl_session_free(&session); /* Without any modification, we should be able to successfully * de-serialize the session - double-check that. */ - TEST_ASSERT( mbedtls_ssl_session_load( &session, - serialized_session, - serialized_session_len ) == 0 ); - mbedtls_ssl_session_free( &session ); + TEST_ASSERT(mbedtls_ssl_session_load(&session, + serialized_session, + serialized_session_len) == 0); + mbedtls_ssl_session_free(&session); /* Go through the bytes in the serialized session header and * corrupt them bit-by-bit. */ - for( cur_byte = 0; cur_byte < sizeof( should_corrupt_byte ); cur_byte++ ) - { + for (cur_byte = 0; cur_byte < sizeof(should_corrupt_byte); cur_byte++) { int cur_bit; - unsigned char * const byte = &serialized_session[ cur_byte ]; + unsigned char * const byte = &serialized_session[cur_byte]; - if( should_corrupt_byte[ cur_byte ] == 0 ) + if (should_corrupt_byte[cur_byte] == 0) { continue; + } - for( cur_bit = 0; cur_bit < CHAR_BIT; cur_bit++ ) - { + for (cur_bit = 0; cur_bit < CHAR_BIT; cur_bit++) { unsigned char const corrupted_bit = 0x1u << cur_bit; /* Modify a single bit in the serialized session. */ *byte ^= corrupted_bit; /* Attempt to deserialize */ - TEST_ASSERT( mbedtls_ssl_session_load( &session, - serialized_session, - serialized_session_len ) == - MBEDTLS_ERR_SSL_VERSION_MISMATCH ); + TEST_ASSERT(mbedtls_ssl_session_load(&session, + serialized_session, + serialized_session_len) == + MBEDTLS_ERR_SSL_VERSION_MISMATCH); /* Undo the change */ *byte ^= corrupted_bit; @@ -4187,25 +4008,25 @@ void ssl_session_serialize_version_check( int corrupt_major, /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ -void mbedtls_endpoint_sanity( int endpoint_type ) +void mbedtls_endpoint_sanity(int endpoint_type) { enum { BUFFSIZE = 1024 }; mbedtls_endpoint ep; int ret = -1; - ret = mbedtls_endpoint_init( NULL, endpoint_type, MBEDTLS_PK_RSA, - NULL, NULL, NULL, NULL ); - TEST_ASSERT( MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret ); + ret = mbedtls_endpoint_init(NULL, endpoint_type, MBEDTLS_PK_RSA, + NULL, NULL, NULL, NULL); + TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret); - ret = mbedtls_endpoint_certificate_init( NULL, MBEDTLS_PK_RSA ); - TEST_ASSERT( MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret ); + ret = mbedtls_endpoint_certificate_init(NULL, MBEDTLS_PK_RSA); + TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret); - ret = mbedtls_endpoint_init( &ep, endpoint_type, MBEDTLS_PK_RSA, - NULL, NULL, NULL, NULL ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_endpoint_init(&ep, endpoint_type, MBEDTLS_PK_RSA, + NULL, NULL, NULL, NULL); + TEST_ASSERT(ret == 0); exit: - mbedtls_endpoint_free( &ep, NULL ); + mbedtls_endpoint_free(&ep, NULL); } /* END_CASE */ @@ -4216,51 +4037,48 @@ void move_handshake_to_state(int endpoint_type, int state, int need_pass) mbedtls_endpoint base_ep, second_ep; int ret = -1; - mbedtls_platform_zeroize( &base_ep, sizeof( base_ep ) ); - mbedtls_platform_zeroize( &second_ep, sizeof( second_ep ) ); - - ret = mbedtls_endpoint_init( &base_ep, endpoint_type, MBEDTLS_PK_RSA, - NULL, NULL, NULL, NULL ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_endpoint_init( &second_ep, - ( endpoint_type == MBEDTLS_SSL_IS_SERVER ) ? - MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, - MBEDTLS_PK_RSA, NULL, NULL, NULL, NULL ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_mock_socket_connect( &(base_ep.socket), - &(second_ep.socket), - BUFFSIZE ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_move_handshake_to_state( &(base_ep.ssl), - &(second_ep.ssl), - state ); - if( need_pass ) - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( base_ep.ssl.state == state ); - } - else - { - TEST_ASSERT( ret != 0 ); - TEST_ASSERT( base_ep.ssl.state != state ); + mbedtls_platform_zeroize(&base_ep, sizeof(base_ep)); + mbedtls_platform_zeroize(&second_ep, sizeof(second_ep)); + + ret = mbedtls_endpoint_init(&base_ep, endpoint_type, MBEDTLS_PK_RSA, + NULL, NULL, NULL, NULL); + TEST_ASSERT(ret == 0); + + ret = mbedtls_endpoint_init(&second_ep, + (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? + MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, + MBEDTLS_PK_RSA, NULL, NULL, NULL, NULL); + TEST_ASSERT(ret == 0); + + ret = mbedtls_mock_socket_connect(&(base_ep.socket), + &(second_ep.socket), + BUFFSIZE); + TEST_ASSERT(ret == 0); + + ret = mbedtls_move_handshake_to_state(&(base_ep.ssl), + &(second_ep.ssl), + state); + if (need_pass) { + TEST_ASSERT(ret == 0); + TEST_ASSERT(base_ep.ssl.state == state); + } else { + TEST_ASSERT(ret != 0); + TEST_ASSERT(base_ep.ssl.state != state); } exit: - mbedtls_endpoint_free( &base_ep, NULL ); - mbedtls_endpoint_free( &second_ep, NULL ); + mbedtls_endpoint_free(&base_ep, NULL); + mbedtls_endpoint_free(&second_ep, NULL); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_SHA256_C */ -void handshake_version( int dtls, int client_min_version, int client_max_version, - int server_min_version, int server_max_version, - int expected_negotiated_version ) +void handshake_version(int dtls, int client_min_version, int client_max_version, + int server_min_version, int server_max_version, + int expected_negotiated_version) { handshake_test_options options; - init_handshake_options( &options ); + init_handshake_options(&options); options.client_min_version = client_min_version; options.client_max_version = client_max_version; @@ -4272,13 +4090,12 @@ void handshake_version( int dtls, int client_min_version, int client_max_version options.dtls = dtls; /* By default, SSLv3.0 and TLSv1.0 use 1/n-1 splitting when sending data, so * the number of fragments will be twice as big. */ - if( expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_0 || - expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_1 ) - { + if (expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_0 || + expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_1) { options.expected_cli_fragments = 2; options.expected_srv_fragments = 2; } - perform_handshake( &options ); + perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; @@ -4286,17 +4103,17 @@ void handshake_version( int dtls, int client_min_version, int client_max_version /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ -void handshake_psk_cipher( char* cipher, int pk_alg, data_t *psk_str, int dtls ) +void handshake_psk_cipher(char *cipher, int pk_alg, data_t *psk_str, int dtls) { handshake_test_options options; - init_handshake_options( &options ); + init_handshake_options(&options); options.cipher = cipher; options.dtls = dtls; options.psk_str = psk_str; options.pk_alg = pk_alg; - perform_handshake( &options ); + perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; @@ -4304,9 +4121,9 @@ void handshake_psk_cipher( char* cipher, int pk_alg, data_t *psk_str, int dtls ) /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ -void handshake_cipher( char* cipher, int pk_alg, int dtls ) +void handshake_cipher(char *cipher, int pk_alg, int dtls) { - test_handshake_psk_cipher( cipher, pk_alg, NULL, dtls ); + test_handshake_psk_cipher(cipher, pk_alg, NULL, dtls); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; @@ -4314,12 +4131,12 @@ void handshake_cipher( char* cipher, int pk_alg, int dtls ) /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ -void app_data( int mfl, int cli_msg_len, int srv_msg_len, - int expected_cli_fragments, - int expected_srv_fragments, int dtls ) +void app_data(int mfl, int cli_msg_len, int srv_msg_len, + int expected_cli_fragments, + int expected_srv_fragments, int dtls) { handshake_test_options options; - init_handshake_options( &options ); + init_handshake_options(&options); options.mfl = mfl; options.cli_msg_len = cli_msg_len; @@ -4328,52 +4145,54 @@ void app_data( int mfl, int cli_msg_len, int srv_msg_len, options.expected_srv_fragments = expected_srv_fragments; options.dtls = dtls; - perform_handshake( &options ); + perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_SHA256_C */ -void app_data_tls( int mfl, int cli_msg_len, int srv_msg_len, - int expected_cli_fragments, - int expected_srv_fragments ) +void app_data_tls(int mfl, int cli_msg_len, int srv_msg_len, + int expected_cli_fragments, + int expected_srv_fragments) { - test_app_data( mfl, cli_msg_len, srv_msg_len, expected_cli_fragments, - expected_srv_fragments, 0 ); + test_app_data(mfl, cli_msg_len, srv_msg_len, expected_cli_fragments, + expected_srv_fragments, 0); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ -void app_data_dtls( int mfl, int cli_msg_len, int srv_msg_len, - int expected_cli_fragments, - int expected_srv_fragments ) +void app_data_dtls(int mfl, int cli_msg_len, int srv_msg_len, + int expected_cli_fragments, + int expected_srv_fragments) { - test_app_data( mfl, cli_msg_len, srv_msg_len, expected_cli_fragments, - expected_srv_fragments, 1 ); + test_app_data(mfl, cli_msg_len, srv_msg_len, expected_cli_fragments, + expected_srv_fragments, 1); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ -void handshake_serialization( ) +void handshake_serialization() { handshake_test_options options; - init_handshake_options( &options ); + init_handshake_options(&options); options.serialize = 1; options.dtls = 1; - perform_handshake( &options ); + perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ -void handshake_fragmentation( int mfl, int expected_srv_hs_fragmentation, int expected_cli_hs_fragmentation) +void handshake_fragmentation(int mfl, + int expected_srv_hs_fragmentation, + int expected_cli_hs_fragmentation) { handshake_test_options options; log_pattern srv_pattern, cli_pattern; @@ -4382,7 +4201,7 @@ void handshake_fragmentation( int mfl, int expected_srv_hs_fragmentation, int ex srv_pattern.counter = 0; cli_pattern.counter = 0; - init_handshake_options( &options ); + init_handshake_options(&options); options.dtls = 1; options.mfl = mfl; /* Set cipher to one using CBC so that record splitting can be tested */ @@ -4393,43 +4212,41 @@ void handshake_fragmentation( int mfl, int expected_srv_hs_fragmentation, int ex options.srv_log_fun = log_analyzer; options.cli_log_fun = log_analyzer; - perform_handshake( &options ); + perform_handshake(&options); /* Test if the server received a fragmented handshake */ - if( expected_srv_hs_fragmentation ) - { - TEST_ASSERT( srv_pattern.counter >= 1 ); + if (expected_srv_hs_fragmentation) { + TEST_ASSERT(srv_pattern.counter >= 1); } /* Test if the client received a fragmented handshake */ - if( expected_cli_hs_fragmentation ) - { - TEST_ASSERT( cli_pattern.counter >= 1 ); + if (expected_cli_hs_fragmentation) { + TEST_ASSERT(cli_pattern.counter >= 1); } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ -void renegotiation( int legacy_renegotiation ) +void renegotiation(int legacy_renegotiation) { handshake_test_options options; - init_handshake_options( &options ); + init_handshake_options(&options); options.renegotiate = 1; options.legacy_renegotiation = legacy_renegotiation; options.dtls = 1; - perform_handshake( &options ); + perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ -void resize_buffers( int mfl, int renegotiation, int legacy_renegotiation, - int serialize, int dtls, char *cipher ) +void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation, + int serialize, int dtls, char *cipher) { handshake_test_options options; - init_handshake_options( &options ); + init_handshake_options(&options); options.mfl = mfl; options.cipher = cipher; @@ -4439,17 +4256,17 @@ void resize_buffers( int mfl, int renegotiation, int legacy_renegotiation, options.dtls = dtls; options.resize_buffers = 1; - perform_handshake( &options ); + perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ -void resize_buffers_serialize_mfl( int mfl ) +void resize_buffers_serialize_mfl(int mfl) { - test_resize_buffers( mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1, - (char *) "" ); + test_resize_buffers(mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1, + (char *) ""); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; @@ -4457,10 +4274,10 @@ void resize_buffers_serialize_mfl( int mfl ) /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ -void resize_buffers_renegotiate_mfl( int mfl, int legacy_renegotiation, - char *cipher ) +void resize_buffers_renegotiate_mfl(int mfl, int legacy_renegotiation, + char *cipher) { - test_resize_buffers( mfl, 1, legacy_renegotiation, 0, 1, cipher ); + test_resize_buffers(mfl, 1, legacy_renegotiation, 0, 1, cipher); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; @@ -4468,7 +4285,7 @@ void resize_buffers_renegotiate_mfl( int mfl, int legacy_renegotiation, /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_ECDSA_C */ -void raw_key_agreement_fail( int bad_server_ecdhe_key ) +void raw_key_agreement_fail(int bad_server_ecdhe_key) { enum { BUFFSIZE = 17000 }; mbedtls_endpoint client, server; @@ -4477,87 +4294,87 @@ void raw_key_agreement_fail( int bad_server_ecdhe_key ) mbedtls_ecp_group_id curve_list[] = { MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE }; - USE_PSA_INIT( ); - mbedtls_platform_zeroize( &client, sizeof( client ) ); - mbedtls_platform_zeroize( &server, sizeof( server ) ); + USE_PSA_INIT(); + mbedtls_platform_zeroize(&client, sizeof(client)); + mbedtls_platform_zeroize(&server, sizeof(server)); /* Client side, force SECP256R1 to make one key bitflip fail * the raw key agreement. Flipping the first byte makes the * required 0x04 identifier invalid. */ - TEST_EQUAL( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_PK_ECDSA, NULL, NULL, - NULL, curve_list ), 0 ); + TEST_EQUAL(mbedtls_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_PK_ECDSA, NULL, NULL, + NULL, curve_list), 0); /* Server side */ - TEST_EQUAL( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, - MBEDTLS_PK_ECDSA, NULL, NULL, - NULL, NULL ), 0 ); + TEST_EQUAL(mbedtls_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, + MBEDTLS_PK_ECDSA, NULL, NULL, + NULL, NULL), 0); - TEST_EQUAL( mbedtls_mock_socket_connect( &(client.socket), - &(server.socket), - BUFFSIZE ), 0 ); + TEST_EQUAL(mbedtls_mock_socket_connect(&(client.socket), + &(server.socket), + BUFFSIZE), 0); - TEST_EQUAL( mbedtls_move_handshake_to_state( &(client.ssl), - &(server.ssl), - MBEDTLS_SSL_CLIENT_KEY_EXCHANGE ) - , 0 ); + TEST_EQUAL(mbedtls_move_handshake_to_state(&(client.ssl), + &(server.ssl), + MBEDTLS_SSL_CLIENT_KEY_EXCHANGE) + , 0); - mbedtls_psa_get_stats( &stats ); + mbedtls_psa_get_stats(&stats); /* Save the number of slots in use up to this point. * With PSA, one can be used for the ECDH private key. */ free_slots_before = stats.empty_slots; - if( bad_server_ecdhe_key ) - { + if (bad_server_ecdhe_key) { /* Force a simulated bitflip in the server key. to make the * raw key agreement in ssl_write_client_key_exchange fail. */ (client.ssl).handshake->ecdh_psa_peerkey[0] ^= 0x02; } - TEST_EQUAL( mbedtls_move_handshake_to_state( &(client.ssl), - &(server.ssl), - MBEDTLS_SSL_HANDSHAKE_OVER ), - bad_server_ecdhe_key ? MBEDTLS_ERR_SSL_HW_ACCEL_FAILED : 0 ); + TEST_EQUAL(mbedtls_move_handshake_to_state(&(client.ssl), + &(server.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER), + bad_server_ecdhe_key ? MBEDTLS_ERR_SSL_HW_ACCEL_FAILED : 0); - mbedtls_psa_get_stats( &stats ); + mbedtls_psa_get_stats(&stats); /* Make sure that the key slot is already destroyed in case of failure, * without waiting to close the connection. */ - if( bad_server_ecdhe_key ) - TEST_EQUAL( free_slots_before, stats.empty_slots ); + if (bad_server_ecdhe_key) { + TEST_EQUAL(free_slots_before, stats.empty_slots); + } exit: - mbedtls_endpoint_free( &client, NULL ); - mbedtls_endpoint_free( &server, NULL ); + mbedtls_endpoint_free(&client, NULL); + mbedtls_endpoint_free(&server, NULL); - USE_PSA_DONE( ); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE:MBEDTLS_TEST_HOOKS */ -void cookie_parsing( data_t *cookie, int exp_ret ) +void cookie_parsing(data_t *cookie, int exp_ret) { mbedtls_ssl_context ssl; mbedtls_ssl_config conf; size_t len; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - TEST_EQUAL( mbedtls_ssl_config_defaults( &conf, MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ), - 0 ); - - TEST_EQUAL( mbedtls_ssl_setup( &ssl, &conf ), 0 ); - TEST_EQUAL( mbedtls_ssl_check_dtls_clihlo_cookie( &ssl, ssl.cli_id, - ssl.cli_id_len, - cookie->x, cookie->len, - ssl.out_buf, - MBEDTLS_SSL_OUT_CONTENT_LEN, - &len ), - exp_ret ); - - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + TEST_EQUAL(mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_DATAGRAM, + MBEDTLS_SSL_PRESET_DEFAULT), + 0); + + TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), 0); + TEST_EQUAL(mbedtls_ssl_check_dtls_clihlo_cookie(&ssl, ssl.cli_id, + ssl.cli_id_len, + cookie->x, cookie->len, + ssl.out_buf, + MBEDTLS_SSL_OUT_CONTENT_LEN, + &len), + exp_ret); + + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); } /* END_CASE */ diff --git a/tests/suites/test_suite_timing.function b/tests/suites/test_suite_timing.function index 74dc82317128..59c1207994c9 100644 --- a/tests/suites/test_suite_timing.function +++ b/tests/suites/test_suite_timing.function @@ -17,7 +17,7 @@ */ /* BEGIN_CASE */ -void timing_hardclock( ) +void timing_hardclock() { (void) mbedtls_timing_hardclock(); /* This goto is added to avoid warnings from the generated code. */ @@ -26,49 +26,43 @@ void timing_hardclock( ) /* END_CASE */ /* BEGIN_CASE */ -void timing_get_timer( ) +void timing_get_timer() { struct mbedtls_timing_hr_time time; - (void) mbedtls_timing_get_timer( &time, 1 ); - (void) mbedtls_timing_get_timer( &time, 0 ); + (void) mbedtls_timing_get_timer(&time, 1); + (void) mbedtls_timing_get_timer(&time, 0); /* This goto is added to avoid warnings from the generated code. */ goto exit; } /* END_CASE */ /* BEGIN_CASE */ -void timing_set_alarm( int seconds ) +void timing_set_alarm(int seconds) { - if( seconds == 0 ) - { - mbedtls_set_alarm( seconds ); - TEST_ASSERT( mbedtls_timing_alarmed == 1 ); - } - else - { - mbedtls_set_alarm( seconds ); - TEST_ASSERT( mbedtls_timing_alarmed == 0 || - mbedtls_timing_alarmed == 1 ); + if (seconds == 0) { + mbedtls_set_alarm(seconds); + TEST_ASSERT(mbedtls_timing_alarmed == 1); + } else { + mbedtls_set_alarm(seconds); + TEST_ASSERT(mbedtls_timing_alarmed == 0 || + mbedtls_timing_alarmed == 1); } } /* END_CASE */ /* BEGIN_CASE */ -void timing_delay( int fin_ms ) +void timing_delay(int fin_ms) { mbedtls_timing_delay_context ctx; int result; - if( fin_ms == 0 ) - { - mbedtls_timing_set_delay( &ctx, 0, 0 ); - result = mbedtls_timing_get_delay( &ctx ); - TEST_ASSERT( result == -1 ); - } - else - { - mbedtls_timing_set_delay( &ctx, fin_ms / 2, fin_ms ); - result = mbedtls_timing_get_delay( &ctx ); - TEST_ASSERT( result >= 0 && result <= 2 ); + if (fin_ms == 0) { + mbedtls_timing_set_delay(&ctx, 0, 0); + result = mbedtls_timing_get_delay(&ctx); + TEST_ASSERT(result == -1); + } else { + mbedtls_timing_set_delay(&ctx, fin_ms / 2, fin_ms); + result = mbedtls_timing_get_delay(&ctx); + TEST_ASSERT(result >= 0 && result <= 2); } } /* END_CASE */ diff --git a/tests/suites/test_suite_version.function b/tests/suites/test_suite_version.function index 7d59794bd385..981f8ab85f41 100644 --- a/tests/suites/test_suite_version.function +++ b/tests/suites/test_suite_version.function @@ -8,34 +8,34 @@ */ /* BEGIN_CASE */ -void check_compiletime_version( char * version_str ) +void check_compiletime_version(char *version_str) { char build_str[100]; char build_str_full[100]; unsigned int build_int; - memset( build_str, 0, 100 ); - memset( build_str_full, 0, 100 ); + memset(build_str, 0, 100); + memset(build_str_full, 0, 100); - mbedtls_snprintf( build_str, 100, "%d.%d.%d", MBEDTLS_VERSION_MAJOR, - MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH ); + mbedtls_snprintf(build_str, 100, "%d.%d.%d", MBEDTLS_VERSION_MAJOR, + MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH); - mbedtls_snprintf( build_str_full, 100, "mbed TLS %d.%d.%d", MBEDTLS_VERSION_MAJOR, - MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH ); + mbedtls_snprintf(build_str_full, 100, "mbed TLS %d.%d.%d", MBEDTLS_VERSION_MAJOR, + MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH); build_int = MBEDTLS_VERSION_MAJOR << 24 | - MBEDTLS_VERSION_MINOR << 16 | - MBEDTLS_VERSION_PATCH << 8; + MBEDTLS_VERSION_MINOR << 16 | + MBEDTLS_VERSION_PATCH << 8; - TEST_ASSERT( build_int == MBEDTLS_VERSION_NUMBER ); - TEST_ASSERT( strcmp( build_str, MBEDTLS_VERSION_STRING ) == 0 ); - TEST_ASSERT( strcmp( build_str_full, MBEDTLS_VERSION_STRING_FULL ) == 0 ); - TEST_ASSERT( strcmp( version_str, MBEDTLS_VERSION_STRING ) == 0 ); + TEST_ASSERT(build_int == MBEDTLS_VERSION_NUMBER); + TEST_ASSERT(strcmp(build_str, MBEDTLS_VERSION_STRING) == 0); + TEST_ASSERT(strcmp(build_str_full, MBEDTLS_VERSION_STRING_FULL) == 0); + TEST_ASSERT(strcmp(version_str, MBEDTLS_VERSION_STRING) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void check_runtime_version( char * version_str ) +void check_runtime_version(char *version_str) { char build_str[100]; char get_str[100]; @@ -43,31 +43,31 @@ void check_runtime_version( char * version_str ) char get_str_full[100]; unsigned int get_int; - memset( build_str, 0, 100 ); - memset( get_str, 0, 100 ); - memset( build_str_full, 0, 100 ); - memset( get_str_full, 0, 100 ); + memset(build_str, 0, 100); + memset(get_str, 0, 100); + memset(build_str_full, 0, 100); + memset(get_str_full, 0, 100); get_int = mbedtls_version_get_number(); - mbedtls_version_get_string( get_str ); - mbedtls_version_get_string_full( get_str_full ); + mbedtls_version_get_string(get_str); + mbedtls_version_get_string_full(get_str_full); - mbedtls_snprintf( build_str, 100, "%u.%u.%u", - (get_int >> 24) & 0xFF, - (get_int >> 16) & 0xFF, - (get_int >> 8) & 0xFF ); - mbedtls_snprintf( build_str_full, 100, "mbed TLS %s", version_str ); + mbedtls_snprintf(build_str, 100, "%u.%u.%u", + (get_int >> 24) & 0xFF, + (get_int >> 16) & 0xFF, + (get_int >> 8) & 0xFF); + mbedtls_snprintf(build_str_full, 100, "mbed TLS %s", version_str); - TEST_ASSERT( strcmp( build_str, version_str ) == 0 ); - TEST_ASSERT( strcmp( build_str_full, get_str_full ) == 0 ); - TEST_ASSERT( strcmp( version_str, get_str ) == 0 ); + TEST_ASSERT(strcmp(build_str, version_str) == 0); + TEST_ASSERT(strcmp(build_str_full, get_str_full) == 0); + TEST_ASSERT(strcmp(version_str, get_str) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_VERSION_FEATURES */ -void check_feature( char *feature, int result ) +void check_feature(char *feature, int result) { - int check = mbedtls_version_check_feature( feature ); - TEST_ASSERT( check == result ); + int check = mbedtls_version_check_feature(feature); + TEST_ASSERT(check == result); } /* END_CASE */ diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index ba5c860dd4fc..91ac00db3f59 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -12,8 +12,8 @@ #if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19 #error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \ -than the current threshold 19. To test larger values, please \ -adapt the script tests/data_files/dir-max/long.sh." + than the current threshold 19. To test larger values, please \ + adapt the script tests/data_files/dir-max/long.sh." #endif /* Test-only profile allowing all digests, PK algorithms, and curves. */ @@ -29,12 +29,12 @@ const mbedtls_x509_crt_profile profile_all = profile. */ const mbedtls_x509_crt_profile compat_profile = { - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_RIPEMD160) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA224) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), 0xFFFFFFFF, /* Any PK alg */ 0xFFFFFFFF, /* Any curve */ 1024, @@ -42,23 +42,23 @@ const mbedtls_x509_crt_profile compat_profile = const mbedtls_x509_crt_profile profile_rsa3072 = { - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), - MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), + MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_RSA), 0, 3072, }; const mbedtls_x509_crt_profile profile_sha512 = { - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), 0xFFFFFFFF, /* Any PK alg */ 0xFFFFFFFF, /* Any curve */ 1024, }; -int verify_none( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) +int verify_none(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags) { ((void) data); ((void) crt); @@ -68,7 +68,7 @@ int verify_none( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint3 return 0; } -int verify_all( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) +int verify_all(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags) { ((void) data); ((void) crt); @@ -79,7 +79,7 @@ int verify_all( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32 } #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -int ca_callback_fail( void *data, mbedtls_x509_crt const *child, mbedtls_x509_crt **candidates ) +int ca_callback_fail(void *data, mbedtls_x509_crt const *child, mbedtls_x509_crt **candidates) { ((void) data); ((void) child); @@ -88,8 +88,8 @@ int ca_callback_fail( void *data, mbedtls_x509_crt const *child, mbedtls_x509_cr return -1; } -int ca_callback( void *data, mbedtls_x509_crt const *child, - mbedtls_x509_crt **candidates ) +int ca_callback(void *data, mbedtls_x509_crt const *child, + mbedtls_x509_crt **candidates) { int ret = 0; mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data; @@ -105,25 +105,21 @@ int ca_callback( void *data, mbedtls_x509_crt const *child, * and parent `Subject` field. */ ((void) child); - first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); - if( first == NULL ) - { + first = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); + if (first == NULL) { ret = -1; goto exit; } - mbedtls_x509_crt_init( first ); + mbedtls_x509_crt_init(first); - if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) - { + if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) { ret = -1; goto exit; } - while( ca->next != NULL ) - { + while (ca->next != NULL) { ca = ca->next; - if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) - { + if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) { ret = -1; goto exit; } @@ -131,19 +127,18 @@ int ca_callback( void *data, mbedtls_x509_crt const *child, exit: - if( ret != 0 ) - { - mbedtls_x509_crt_free( first ); - mbedtls_free( first ); + if (ret != 0) { + mbedtls_x509_crt_free(first); + mbedtls_free(first); first = NULL; } *candidates = first; - return( ret ); + return ret; } #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -int verify_fatal( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) +int verify_fatal(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags) { int *levels = (int *) data; @@ -151,13 +146,12 @@ int verify_fatal( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint ((void) certificate_depth); /* Simulate a fatal error in the callback */ - if( *levels & ( 1 << certificate_depth ) ) - { - *flags |= ( 1 << certificate_depth ); - return( -1 - certificate_depth ); + if (*levels & (1 << certificate_depth)) { + *flags |= (1 << certificate_depth); + return -1 - certificate_depth; } - return( 0 ); + return 0; } /* strsep() not available on Windows */ @@ -166,28 +160,27 @@ char *mystrsep(char **stringp, const char *delim) const char *p; char *ret = *stringp; - if( *stringp == NULL ) - return( NULL ); + if (*stringp == NULL) { + return NULL; + } - for( ; ; (*stringp)++ ) - { - if( **stringp == '\0' ) - { + for (;; (*stringp)++) { + if (**stringp == '\0') { *stringp = NULL; goto done; } - for( p = delim; *p != '\0'; p++ ) - if( **stringp == *p ) - { + for (p = delim; *p != '\0'; p++) { + if (**stringp == *p) { **stringp = '\0'; (*stringp)++; goto done; } + } } done: - return( ret ); + return ret; } #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -196,195 +189,204 @@ typedef struct { char *p; } verify_print_context; -void verify_print_init( verify_print_context *ctx ) +void verify_print_init(verify_print_context *ctx) { - memset( ctx, 0, sizeof( verify_print_context ) ); + memset(ctx, 0, sizeof(verify_print_context)); ctx->p = ctx->buf; } -int verify_print( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) +int verify_print(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags) { int ret; verify_print_context *ctx = (verify_print_context *) data; char *p = ctx->p; - size_t n = ctx->buf + sizeof( ctx->buf ) - ctx->p; + size_t n = ctx->buf + sizeof(ctx->buf) - ctx->p; ((void) flags); - ret = mbedtls_snprintf( p, n, "depth %d - serial ", certificate_depth ); + ret = mbedtls_snprintf(p, n, "depth %d - serial ", certificate_depth); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_serial_gets( p, n, &crt->serial ); + ret = mbedtls_x509_serial_gets(p, n, &crt->serial); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, " - subject " ); + ret = mbedtls_snprintf(p, n, " - subject "); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &crt->subject ); + ret = mbedtls_x509_dn_gets(p, n, &crt->subject); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, " - flags 0x%08x\n", *flags ); + ret = mbedtls_snprintf(p, n, " - flags 0x%08x\n", *flags); MBEDTLS_X509_SAFE_SNPRINTF; ctx->p = p; - return( 0 ); + return 0; } -int verify_parse_san( mbedtls_x509_subject_alternative_name *san, - char **buf, size_t *size ) +int verify_parse_san(mbedtls_x509_subject_alternative_name *san, + char **buf, size_t *size) { int ret; size_t i; char *p = *buf; size_t n = *size; - ret = mbedtls_snprintf( p, n, "type : %d", san->type ); + ret = mbedtls_snprintf(p, n, "type : %d", san->type); MBEDTLS_X509_SAFE_SNPRINTF; - switch( san->type ) - { - case( MBEDTLS_X509_SAN_OTHER_NAME ): - ret = mbedtls_snprintf( p, n, "\notherName :"); + switch (san->type) { + case (MBEDTLS_X509_SAN_OTHER_NAME): + ret = mbedtls_snprintf(p, n, "\notherName :"); MBEDTLS_X509_SAFE_SNPRINTF; - if( MBEDTLS_OID_CMP( MBEDTLS_OID_ON_HW_MODULE_NAME, - &san->san.other_name.value.hardware_module_name.oid ) != 0 ) - { - ret = mbedtls_snprintf( p, n, " hardware module name :" ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, + &san->san.other_name.value.hardware_module_name.oid) != 0) { + ret = mbedtls_snprintf(p, n, " hardware module name :"); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, " hardware type : " ); + ret = mbedtls_snprintf(p, n, " hardware type : "); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_oid_get_numeric_string( p, n, - &san->san.other_name.value.hardware_module_name.oid ); + ret = mbedtls_oid_get_numeric_string(p, + n, + &san->san.other_name.value.hardware_module_name.oid); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, ", hardware serial number : " ); + ret = mbedtls_snprintf(p, n, ", hardware serial number : "); MBEDTLS_X509_SAFE_SNPRINTF; - for( i = 0; i < san->san.other_name.value.hardware_module_name.val.len; i++ ) - { - ret = mbedtls_snprintf( p, n, "%02X", san->san.other_name.value.hardware_module_name.val.p[i] ); + for (i = 0; i < san->san.other_name.value.hardware_module_name.val.len; i++) { + ret = mbedtls_snprintf(p, + n, + "%02X", + san->san.other_name.value.hardware_module_name.val.p[i]); MBEDTLS_X509_SAFE_SNPRINTF; } } - break;/* MBEDTLS_OID_ON_HW_MODULE_NAME */ - case( MBEDTLS_X509_SAN_DNS_NAME ): - ret = mbedtls_snprintf( p, n, "\ndNSName : " ); + break;/* MBEDTLS_OID_ON_HW_MODULE_NAME */ + case (MBEDTLS_X509_SAN_DNS_NAME): + ret = mbedtls_snprintf(p, n, "\ndNSName : "); MBEDTLS_X509_SAFE_SNPRINTF; - if( san->san.unstructured_name.len >= n ) - { + if (san->san.unstructured_name.len >= n) { *p = '\0'; - return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; } n -= san->san.unstructured_name.len; - for( i = 0; i < san->san.unstructured_name.len; i++ ) + for (i = 0; i < san->san.unstructured_name.len; i++) { *p++ = san->san.unstructured_name.p[i]; - break;/* MBEDTLS_X509_SAN_DNS_NAME */ + } + break;/* MBEDTLS_X509_SAN_DNS_NAME */ default: - /* - * Should not happen. - */ - return( -1 ); + /* + * Should not happen. + */ + return -1; } - ret = mbedtls_snprintf( p, n, "\n" ); + ret = mbedtls_snprintf(p, n, "\n"); MBEDTLS_X509_SAFE_SNPRINTF; *size = n; *buf = p; - return( 0 ); + return 0; } -int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf const *oid, - int critical, const unsigned char *cp, const unsigned char *end ) +int parse_crt_ext_cb(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf const *oid, + int critical, const unsigned char *cp, const unsigned char *end) { - ( void ) crt; - ( void ) critical; - mbedtls_x509_buf *new_oid = (mbedtls_x509_buf *)p_ctx; - if( oid->tag == MBEDTLS_ASN1_OID && - MBEDTLS_OID_CMP( MBEDTLS_OID_CERTIFICATE_POLICIES, oid ) == 0 ) - { + (void) crt; + (void) critical; + mbedtls_x509_buf *new_oid = (mbedtls_x509_buf *) p_ctx; + if (oid->tag == MBEDTLS_ASN1_OID && + MBEDTLS_OID_CMP(MBEDTLS_OID_CERTIFICATE_POLICIES, oid) == 0) { /* Handle unknown certificate policy */ int ret, parse_ret = 0; size_t len; - unsigned char **p = (unsigned char **)&cp; + unsigned char **p = (unsigned char **) &cp; /* Get main sequence tag */ - ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( *p + len != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* * Cannot be an empty sequence. */ - if( len == 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (len == 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - while( *p < end ) - { + while (*p < end) { const unsigned char *policy_end; /* * Get the policy sequence */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != + 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } policy_end = *p + len; - if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, - MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* * Recognize exclusively the policy with OID 1 */ - if( len != 1 || *p[0] != 1 ) + if (len != 1 || *p[0] != 1) { parse_ret = MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; + } *p += len; - /* - * If there is an optional qualifier, then *p < policy_end - * Check the Qualifier len to verify it doesn't exceed policy_end. - */ - if( *p < policy_end ) - { - if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + /* + * If there is an optional qualifier, then *p < policy_end + * Check the Qualifier len to verify it doesn't exceed policy_end. + */ + if (*p < policy_end) { + if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* * Skip the optional policy qualifiers. */ *p += len; } - if( *p != policy_end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != policy_end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( parse_ret ); + return parse_ret; + } else if (new_oid != NULL && new_oid->tag == oid->tag && new_oid->len == oid->len && + memcmp(new_oid->p, oid->p, oid->len) == 0) { + return 0; + } else { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } - else if( new_oid != NULL && new_oid->tag == oid->tag && new_oid->len == oid->len && - memcmp( new_oid->p, oid->p, oid->len ) == 0 ) - return( 0 ); - else - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } #endif /* MBEDTLS_X509_CRT_PARSE_C */ /* END_HEADER */ @@ -395,7 +397,7 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void x509_parse_san( char * crt_file, char * result_str ) +void x509_parse_san(char *crt_file, char *result_str) { int ret; mbedtls_x509_crt crt; @@ -403,142 +405,141 @@ void x509_parse_san( char * crt_file, char * result_str ) mbedtls_x509_sequence *cur = NULL; char buf[2000]; char *p = buf; - size_t n = sizeof( buf ); + size_t n = sizeof(buf); - mbedtls_x509_crt_init( &crt ); - memset( buf, 0, 2000 ); + mbedtls_x509_crt_init(&crt); + memset(buf, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); - if( crt.ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) - { + if (crt.ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) { cur = &crt.subject_alt_names; - while( cur != NULL ) - { - ret = mbedtls_x509_parse_subject_alt_name( &cur->buf, &san ); - TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + while (cur != NULL) { + ret = mbedtls_x509_parse_subject_alt_name(&cur->buf, &san); + TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE); /* * If san type not supported, ignore. */ - if( ret == 0) - TEST_ASSERT( verify_parse_san( &san, &p, &n ) == 0 ); + if (ret == 0) { + TEST_ASSERT(verify_parse_san(&san, &p, &n) == 0); + } cur = cur->next; } } - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buf, result_str) == 0); exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void x509_cert_info( char * crt_file, char * result_str ) +void x509_cert_info(char *crt_file, char *result_str) { mbedtls_x509_crt crt; char buf[2000]; int res; - mbedtls_x509_crt_init( &crt ); - memset( buf, 0, 2000 ); + mbedtls_x509_crt_init(&crt); + memset(buf, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - res = mbedtls_x509_crt_info( buf, 2000, "", &crt ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + res = mbedtls_x509_crt_info(buf, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buf, result_str) == 0); exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */ -void mbedtls_x509_crl_info( char * crl_file, char * result_str ) +void mbedtls_x509_crl_info(char *crl_file, char *result_str) { mbedtls_x509_crl crl; char buf[2000]; int res; - mbedtls_x509_crl_init( &crl ); - memset( buf, 0, 2000 ); + mbedtls_x509_crl_init(&crl); + memset(buf, 0, 2000); - TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 ); - res = mbedtls_x509_crl_info( buf, 2000, "", &crl ); + TEST_ASSERT(mbedtls_x509_crl_parse_file(&crl, crl_file) == 0); + res = mbedtls_x509_crl_info(buf, 2000, "", &crl); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buf, result_str) == 0); exit: - mbedtls_x509_crl_free( &crl ); + mbedtls_x509_crl_free(&crl); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */ -void mbedtls_x509_crl_parse( char * crl_file, int result ) +void mbedtls_x509_crl_parse(char *crl_file, int result) { mbedtls_x509_crl crl; char buf[2000]; - mbedtls_x509_crl_init( &crl ); - memset( buf, 0, 2000 ); + mbedtls_x509_crl_init(&crl); + memset(buf, 0, 2000); - TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == result ); + TEST_ASSERT(mbedtls_x509_crl_parse_file(&crl, crl_file) == result); exit: - mbedtls_x509_crl_free( &crl ); + mbedtls_x509_crl_free(&crl); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C */ -void mbedtls_x509_csr_info( char * csr_file, char * result_str ) +void mbedtls_x509_csr_info(char *csr_file, char *result_str) { mbedtls_x509_csr csr; char buf[2000]; int res; - mbedtls_x509_csr_init( &csr ); - memset( buf, 0, 2000 ); + mbedtls_x509_csr_init(&csr); + memset(buf, 0, 2000); - TEST_ASSERT( mbedtls_x509_csr_parse_file( &csr, csr_file ) == 0 ); - res = mbedtls_x509_csr_info( buf, 2000, "", &csr ); + TEST_ASSERT(mbedtls_x509_csr_parse_file(&csr, csr_file) == 0); + res = mbedtls_x509_csr_info(buf, 2000, "", &csr); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buf, result_str) == 0); exit: - mbedtls_x509_csr_free( &csr ); + mbedtls_x509_csr_free(&csr); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ -void x509_verify_info( int flags, char * prefix, char * result_str ) +void x509_verify_info(int flags, char *prefix, char *result_str) { char buf[2000]; int res; - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - res = mbedtls_x509_crt_verify_info( buf, sizeof( buf ), prefix, flags ); + res = mbedtls_x509_crt_verify_info(buf, sizeof(buf), prefix, flags); - TEST_ASSERT( res >= 0 ); + TEST_ASSERT(res >= 0); - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buf, result_str) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C */ -void x509_verify_restart( char *crt_file, char *ca_file, - int result, int flags_result, - int max_ops, int min_restart, int max_restart ) +void x509_verify_restart(char *crt_file, char *ca_file, + int result, int flags_result, + int max_ops, int min_restart, int max_restart) { int ret, cnt_restart; mbedtls_x509_crt_restart_ctx rs_ctx; @@ -556,46 +557,46 @@ void x509_verify_restart( char *crt_file, char *ca_file, * - x509_verify() for server10 -> int-ca3 -> int-ca2: ~ 25500 */ - mbedtls_x509_crt_restart_init( &rs_ctx ); - mbedtls_x509_crt_init( &crt ); - mbedtls_x509_crt_init( &ca ); + mbedtls_x509_crt_restart_init(&rs_ctx); + mbedtls_x509_crt_init(&crt); + mbedtls_x509_crt_init(&ca); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&ca, ca_file) == 0); - mbedtls_ecp_set_max_ops( max_ops ); + mbedtls_ecp_set_max_ops(max_ops); cnt_restart = 0; do { - ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL, - &mbedtls_x509_crt_profile_default, NULL, &flags, - NULL, NULL, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_x509_crt_verify_restartable(&crt, &ca, NULL, + &mbedtls_x509_crt_profile_default, NULL, &flags, + NULL, NULL, &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == result ); - TEST_ASSERT( flags == (uint32_t) flags_result ); + TEST_ASSERT(ret == result); + TEST_ASSERT(flags == (uint32_t) flags_result); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); /* Do we leak memory when aborting? */ - ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL, - &mbedtls_x509_crt_profile_default, NULL, &flags, - NULL, NULL, &rs_ctx ); - TEST_ASSERT( ret == result || ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + ret = mbedtls_x509_crt_verify_restartable(&crt, &ca, NULL, + &mbedtls_x509_crt_profile_default, NULL, &flags, + NULL, NULL, &rs_ctx); + TEST_ASSERT(ret == result || ret == MBEDTLS_ERR_ECP_IN_PROGRESS); exit: - mbedtls_x509_crt_restart_free( &rs_ctx ); - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_free( &ca ); + mbedtls_x509_crt_restart_free(&rs_ctx); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_free(&ca); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C */ -void x509_verify( char *crt_file, char *ca_file, char *crl_file, - char *cn_name_str, int result, int flags_result, - char *profile_str, - char *verify_callback ) +void x509_verify(char *crt_file, char *ca_file, char *crl_file, + char *cn_name_str, int result, int flags_result, + char *profile_str, + char *verify_callback) { mbedtls_x509_crt crt; mbedtls_x509_crt ca; @@ -603,103 +604,120 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file, uint32_t flags = 0; int res; int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) = NULL; - char * cn_name = NULL; + char *cn_name = NULL; const mbedtls_x509_crt_profile *profile; - mbedtls_x509_crt_init( &crt ); - mbedtls_x509_crt_init( &ca ); - mbedtls_x509_crl_init( &crl ); + mbedtls_x509_crt_init(&crt); + mbedtls_x509_crt_init(&ca); + mbedtls_x509_crl_init(&crl); - USE_PSA_INIT( ); + USE_PSA_INIT(); - if( strcmp( cn_name_str, "NULL" ) != 0 ) + if (strcmp(cn_name_str, "NULL") != 0) { cn_name = cn_name_str; + } - if( strcmp( profile_str, "" ) == 0 ) + if (strcmp(profile_str, "") == 0) { profile = &mbedtls_x509_crt_profile_default; - else if( strcmp( profile_str, "next" ) == 0 ) + } else if (strcmp(profile_str, "next") == 0) { profile = &mbedtls_x509_crt_profile_next; - else if( strcmp( profile_str, "suite_b" ) == 0 ) + } else if (strcmp(profile_str, "suite_b") == 0) { profile = &mbedtls_x509_crt_profile_suiteb; - else if( strcmp( profile_str, "compat" ) == 0 ) + } else if (strcmp(profile_str, "compat") == 0) { profile = &compat_profile; - else if( strcmp( profile_str, "all" ) == 0 ) + } else if (strcmp(profile_str, "all") == 0) { profile = &profile_all; - else - TEST_ASSERT( "Unknown algorithm profile" == 0 ); + } else { + TEST_ASSERT("Unknown algorithm profile" == 0); + } - if( strcmp( verify_callback, "NULL" ) == 0 ) + if (strcmp(verify_callback, "NULL") == 0) { f_vrfy = NULL; - else if( strcmp( verify_callback, "verify_none" ) == 0 ) + } else if (strcmp(verify_callback, "verify_none") == 0) { f_vrfy = verify_none; - else if( strcmp( verify_callback, "verify_all" ) == 0 ) + } else if (strcmp(verify_callback, "verify_all") == 0) { f_vrfy = verify_all; - else - TEST_ASSERT( "No known verify callback selected" == 0 ); + } else { + TEST_ASSERT("No known verify callback selected" == 0); + } - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&ca, ca_file) == 0); + TEST_ASSERT(mbedtls_x509_crl_parse_file(&crl, crl_file) == 0); - res = mbedtls_x509_crt_verify_with_profile( &crt, &ca, &crl, profile, cn_name, &flags, f_vrfy, NULL ); + res = mbedtls_x509_crt_verify_with_profile(&crt, + &ca, + &crl, + profile, + cn_name, + &flags, + f_vrfy, + NULL); - TEST_ASSERT( res == ( result ) ); - TEST_ASSERT( flags == (uint32_t)( flags_result ) ); + TEST_ASSERT(res == (result)); + TEST_ASSERT(flags == (uint32_t) (flags_result)); #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) /* CRLs aren't supported with CA callbacks, so skip the CA callback * version of the test if CRLs are in use. */ - if( crl_file == NULL || strcmp( crl_file, "" ) == 0 ) - { + if (crl_file == NULL || strcmp(crl_file, "") == 0) { flags = 0; - res = mbedtls_x509_crt_verify_with_ca_cb( &crt, ca_callback, &ca, profile, cn_name, &flags, f_vrfy, NULL ); - - TEST_ASSERT( res == ( result ) ); - TEST_ASSERT( flags == (uint32_t)( flags_result ) ); + res = mbedtls_x509_crt_verify_with_ca_cb(&crt, + ca_callback, + &ca, + profile, + cn_name, + &flags, + f_vrfy, + NULL); + + TEST_ASSERT(res == (result)); + TEST_ASSERT(flags == (uint32_t) (flags_result)); } #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ exit: - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_free( &ca ); - mbedtls_x509_crl_free( &crl ); - USE_PSA_DONE( ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_free(&ca); + mbedtls_x509_crl_free(&crl); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -void x509_verify_ca_cb_failure( char *crt_file, char *ca_file, char *name, - int exp_ret ) +void x509_verify_ca_cb_failure(char *crt_file, char *ca_file, char *name, + int exp_ret) { int ret; mbedtls_x509_crt crt; mbedtls_x509_crt ca; uint32_t flags = 0; - mbedtls_x509_crt_init( &crt ); - mbedtls_x509_crt_init( &ca ); + mbedtls_x509_crt_init(&crt); + mbedtls_x509_crt_init(&ca); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&ca, ca_file) == 0); - if( strcmp( name, "NULL" ) == 0 ) + if (strcmp(name, "NULL") == 0) { name = NULL; + } - ret = mbedtls_x509_crt_verify_with_ca_cb( &crt, ca_callback_fail, &ca, - &compat_profile, name, &flags, - NULL, NULL ); + ret = mbedtls_x509_crt_verify_with_ca_cb(&crt, ca_callback_fail, &ca, + &compat_profile, name, &flags, + NULL, NULL); - TEST_ASSERT( ret == exp_ret ); - TEST_ASSERT( flags == (uint32_t)( -1 ) ); + TEST_ASSERT(ret == exp_ret); + TEST_ASSERT(flags == (uint32_t) (-1)); exit: - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_free( &ca ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_free(&ca); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void x509_verify_callback( char *crt_file, char *ca_file, char *name, - int exp_ret, char *exp_vrfy_out ) +void x509_verify_callback(char *crt_file, char *ca_file, char *name, + int exp_ret, char *exp_vrfy_out) { int ret; mbedtls_x509_crt crt; @@ -707,94 +725,96 @@ void x509_verify_callback( char *crt_file, char *ca_file, char *name, uint32_t flags = 0; verify_print_context vrfy_ctx; - mbedtls_x509_crt_init( &crt ); - mbedtls_x509_crt_init( &ca ); - verify_print_init( &vrfy_ctx ); + mbedtls_x509_crt_init(&crt); + mbedtls_x509_crt_init(&ca); + verify_print_init(&vrfy_ctx); - USE_PSA_INIT( ); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&ca, ca_file) == 0); - if( strcmp( name, "NULL" ) == 0 ) + if (strcmp(name, "NULL") == 0) { name = NULL; + } - ret = mbedtls_x509_crt_verify_with_profile( &crt, &ca, NULL, - &compat_profile, - name, &flags, - verify_print, &vrfy_ctx ); + ret = mbedtls_x509_crt_verify_with_profile(&crt, &ca, NULL, + &compat_profile, + name, &flags, + verify_print, &vrfy_ctx); - TEST_ASSERT( ret == exp_ret ); - TEST_ASSERT( strcmp( vrfy_ctx.buf, exp_vrfy_out ) == 0 ); + TEST_ASSERT(ret == exp_ret); + TEST_ASSERT(strcmp(vrfy_ctx.buf, exp_vrfy_out) == 0); exit: - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_free( &ca ); - USE_PSA_DONE( ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_free(&ca); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_dn_gets( char * crt_file, char * entity, char * result_str ) +void mbedtls_x509_dn_gets(char *crt_file, char *entity, char *result_str) { mbedtls_x509_crt crt; char buf[2000]; int res = 0; - mbedtls_x509_crt_init( &crt ); - memset( buf, 0, 2000 ); + mbedtls_x509_crt_init(&crt); + memset(buf, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - if( strcmp( entity, "subject" ) == 0 ) - res = mbedtls_x509_dn_gets( buf, 2000, &crt.subject ); - else if( strcmp( entity, "issuer" ) == 0 ) - res = mbedtls_x509_dn_gets( buf, 2000, &crt.issuer ); - else - TEST_ASSERT( "Unknown entity" == 0 ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + if (strcmp(entity, "subject") == 0) { + res = mbedtls_x509_dn_gets(buf, 2000, &crt.subject); + } else if (strcmp(entity, "issuer") == 0) { + res = mbedtls_x509_dn_gets(buf, 2000, &crt.issuer); + } else { + TEST_ASSERT("Unknown entity" == 0); + } - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buf, result_str) == 0); exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ -void mbedtls_x509_dn_gets_subject_replace( char * crt_file, char * new_subject_ou, char * result_str, int ret ) +void mbedtls_x509_dn_gets_subject_replace(char *crt_file, + char *new_subject_ou, + char *result_str, + int ret) { mbedtls_x509_crt crt; char buf[2000]; int res = 0; - mbedtls_x509_crt_init( &crt ); - memset( buf, 0, 2000 ); + mbedtls_x509_crt_init(&crt); + memset(buf, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); crt.subject.next->val.p = (unsigned char *) new_subject_ou; - crt.subject.next->val.len = strlen( new_subject_ou ); + crt.subject.next->val.len = strlen(new_subject_ou); - res = mbedtls_x509_dn_gets( buf, 2000, &crt.subject ); + res = mbedtls_x509_dn_gets(buf, 2000, &crt.subject); - if ( ret != 0 ) - { - TEST_ASSERT( res == ret ); - } - else - { - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + if (ret != 0) { + TEST_ASSERT(res == ret); + } else { + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); + TEST_ASSERT(strcmp(buf, result_str) == 0); } exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_get_name( char * rdn_sequence, int exp_ret ) +void mbedtls_x509_get_name(char *rdn_sequence, int exp_ret) { unsigned char *name; unsigned char *p; @@ -803,160 +823,158 @@ void mbedtls_x509_get_name( char * rdn_sequence, int exp_ret ) mbedtls_x509_name *allocated, *prev; int ret; - memset( &head, 0, sizeof( head ) ); + memset(&head, 0, sizeof(head)); - name = mbedtls_test_unhexify_alloc( rdn_sequence, &name_len ); + name = mbedtls_test_unhexify_alloc(rdn_sequence, &name_len); p = name; - ret = mbedtls_x509_get_name( &p, ( name + name_len ), &head ); - if( ret == 0 ) - { + ret = mbedtls_x509_get_name(&p, (name + name_len), &head); + if (ret == 0) { allocated = head.next; - while( allocated != NULL ) - { + while (allocated != NULL) { prev = allocated; allocated = allocated->next; - mbedtls_free( prev ); + mbedtls_free(prev); } } - TEST_EQUAL( ret, exp_ret ); + TEST_EQUAL(ret, exp_ret); - mbedtls_free( name ); + mbedtls_free(name); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_time_is_past( char * crt_file, char * entity, int result ) +void mbedtls_x509_time_is_past(char *crt_file, char *entity, int result) { mbedtls_x509_crt crt; - mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init(&crt); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); - if( strcmp( entity, "valid_from" ) == 0 ) - TEST_ASSERT( mbedtls_x509_time_is_past( &crt.valid_from ) == result ); - else if( strcmp( entity, "valid_to" ) == 0 ) - TEST_ASSERT( mbedtls_x509_time_is_past( &crt.valid_to ) == result ); - else - TEST_ASSERT( "Unknown entity" == 0 ); + if (strcmp(entity, "valid_from") == 0) { + TEST_ASSERT(mbedtls_x509_time_is_past(&crt.valid_from) == result); + } else if (strcmp(entity, "valid_to") == 0) { + TEST_ASSERT(mbedtls_x509_time_is_past(&crt.valid_to) == result); + } else { + TEST_ASSERT("Unknown entity" == 0); + } exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_time_is_future( char * crt_file, char * entity, int result ) +void mbedtls_x509_time_is_future(char *crt_file, char *entity, int result) { mbedtls_x509_crt crt; - mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init(&crt); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); - if( strcmp( entity, "valid_from" ) == 0 ) - TEST_ASSERT( mbedtls_x509_time_is_future( &crt.valid_from ) == result ); - else if( strcmp( entity, "valid_to" ) == 0 ) - TEST_ASSERT( mbedtls_x509_time_is_future( &crt.valid_to ) == result ); - else - TEST_ASSERT( "Unknown entity" == 0 ); + if (strcmp(entity, "valid_from") == 0) { + TEST_ASSERT(mbedtls_x509_time_is_future(&crt.valid_from) == result); + } else if (strcmp(entity, "valid_to") == 0) { + TEST_ASSERT(mbedtls_x509_time_is_future(&crt.valid_to) == result); + } else { + TEST_ASSERT("Unknown entity" == 0); + } exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */ -void x509parse_crt_file( char * crt_file, int result ) +void x509parse_crt_file(char *crt_file, int result) { mbedtls_x509_crt crt; - mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init(&crt); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == result ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == result); exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ -void x509parse_crt( data_t * buf, char * result_str, int result ) +void x509parse_crt(data_t *buf, char *result_str, int result) { mbedtls_x509_crt crt; unsigned char output[2000]; int res; - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + mbedtls_x509_crt_init(&crt); + memset(output, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_der( &crt, buf->x, buf->len ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + TEST_ASSERT(mbedtls_x509_crt_parse_der(&crt, buf->x, buf->len) == (result)); + if ((result) == 0) { + res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_ASSERT(strcmp((char *) output, result_str) == 0); } - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_init(&crt); + memset(output, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_der_nocopy( &crt, buf->x, buf->len ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + TEST_ASSERT(mbedtls_x509_crt_parse_der_nocopy(&crt, buf->x, buf->len) == (result)); + if ((result) == 0) { + res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_ASSERT(strcmp((char *) output, result_str) == 0); } - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_init(&crt); + memset(output, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 0, NULL, NULL ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + TEST_ASSERT(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, NULL, + NULL) == (result)); + if ((result) == 0) { + res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_ASSERT(strcmp((char *) output, result_str) == 0); } - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_init(&crt); + memset(output, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, NULL, NULL ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + TEST_ASSERT(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, NULL, + NULL) == (result)); + if ((result) == 0) { + res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_ASSERT(strcmp((char *) output, result_str) == 0); } exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ -void x509parse_crt_cb( data_t * buf, char * result_str, int result ) +void x509parse_crt_cb(data_t *buf, char *result_str, int result) { mbedtls_x509_crt crt; mbedtls_x509_buf oid; @@ -965,119 +983,119 @@ void x509parse_crt_cb( data_t * buf, char * result_str, int result ) oid.tag = MBEDTLS_ASN1_OID; oid.len = MBEDTLS_OID_SIZE(MBEDTLS_OID_PKIX "\x01\x1F"); - oid.p = (unsigned char *)MBEDTLS_OID_PKIX "\x01\x1F"; + oid.p = (unsigned char *) MBEDTLS_OID_PKIX "\x01\x1F"; - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + mbedtls_x509_crt_init(&crt); + memset(output, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 0, parse_crt_ext_cb, &oid ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + TEST_ASSERT(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, parse_crt_ext_cb, + &oid) == (result)); + if ((result) == 0) { + res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_ASSERT(strcmp((char *) output, result_str) == 0); } - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_init(&crt); + memset(output, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, parse_crt_ext_cb, &oid ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + TEST_ASSERT(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, parse_crt_ext_cb, + &oid) == (result)); + if ((result) == 0) { + res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_ASSERT(strcmp((char *) output, result_str) == 0); } exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C */ -void x509parse_crl( data_t * buf, char * result_str, int result ) +void x509parse_crl(data_t *buf, char *result_str, int result) { mbedtls_x509_crl crl; unsigned char output[2000]; int res; - mbedtls_x509_crl_init( &crl ); - memset( output, 0, 2000 ); + mbedtls_x509_crl_init(&crl); + memset(output, 0, 2000); - TEST_ASSERT( mbedtls_x509_crl_parse( &crl, buf->x, buf->len ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crl_info( (char *) output, 2000, "", &crl ); + TEST_ASSERT(mbedtls_x509_crl_parse(&crl, buf->x, buf->len) == (result)); + if ((result) == 0) { + res = mbedtls_x509_crl_info((char *) output, 2000, "", &crl); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_ASSERT(strcmp((char *) output, result_str) == 0); } exit: - mbedtls_x509_crl_free( &crl ); + mbedtls_x509_crl_free(&crl); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C */ -void mbedtls_x509_csr_parse( data_t * csr_der, char * ref_out, int ref_ret ) +void mbedtls_x509_csr_parse(data_t *csr_der, char *ref_out, int ref_ret) { mbedtls_x509_csr csr; char my_out[1000]; int my_ret; - mbedtls_x509_csr_init( &csr ); - memset( my_out, 0, sizeof( my_out ) ); + mbedtls_x509_csr_init(&csr); + memset(my_out, 0, sizeof(my_out)); - my_ret = mbedtls_x509_csr_parse_der( &csr, csr_der->x, csr_der->len ); - TEST_ASSERT( my_ret == ref_ret ); + my_ret = mbedtls_x509_csr_parse_der(&csr, csr_der->x, csr_der->len); + TEST_ASSERT(my_ret == ref_ret); - if( ref_ret == 0 ) - { - size_t my_out_len = mbedtls_x509_csr_info( my_out, sizeof( my_out ), "", &csr ); - TEST_ASSERT( my_out_len == strlen( ref_out ) ); - TEST_ASSERT( strcmp( my_out, ref_out ) == 0 ); + if (ref_ret == 0) { + size_t my_out_len = mbedtls_x509_csr_info(my_out, sizeof(my_out), "", &csr); + TEST_ASSERT(my_out_len == strlen(ref_out)); + TEST_ASSERT(strcmp(my_out, ref_out) == 0); } exit: - mbedtls_x509_csr_free( &csr ); + mbedtls_x509_csr_free(&csr); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_crt_parse_path( char * crt_path, int ret, int nb_crt ) +void mbedtls_x509_crt_parse_path(char *crt_path, int ret, int nb_crt) { mbedtls_x509_crt chain, *cur; int i; - mbedtls_x509_crt_init( &chain ); + mbedtls_x509_crt_init(&chain); - TEST_ASSERT( mbedtls_x509_crt_parse_path( &chain, crt_path ) == ret ); + TEST_ASSERT(mbedtls_x509_crt_parse_path(&chain, crt_path) == ret); /* Check how many certs we got */ - for( i = 0, cur = &chain; cur != NULL; cur = cur->next ) - if( cur->raw.p != NULL ) + for (i = 0, cur = &chain; cur != NULL; cur = cur->next) { + if (cur->raw.p != NULL) { i++; + } + } - TEST_ASSERT( i == nb_crt ); + TEST_ASSERT(i == nb_crt); exit: - mbedtls_x509_crt_free( &chain ); + mbedtls_x509_crt_free(&chain); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_crt_verify_max( char *ca_file, char *chain_dir, int nb_int, - int ret_chk, int flags_chk ) +void mbedtls_x509_crt_verify_max(char *ca_file, char *chain_dir, int nb_int, + int ret_chk, int flags_chk) { char file_buf[128]; int ret; @@ -1089,80 +1107,82 @@ void mbedtls_x509_crt_verify_max( char *ca_file, char *chain_dir, int nb_int, * with NN.crt signed by NN-1.crt */ - mbedtls_x509_crt_init( &trusted ); - mbedtls_x509_crt_init( &chain ); + mbedtls_x509_crt_init(&trusted); + mbedtls_x509_crt_init(&chain); - USE_PSA_INIT( ); + USE_PSA_INIT(); /* Load trusted root */ - TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, ca_file ) == 0 ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&trusted, ca_file) == 0); /* Load a chain with nb_int intermediates (from 01 to nb_int), * plus one "end-entity" cert (nb_int + 1) */ - ret = mbedtls_snprintf( file_buf, sizeof file_buf, "%s/c%02d.pem", chain_dir, - nb_int + 1 ); - TEST_ASSERT( ret > 0 && (size_t) ret < sizeof file_buf ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, file_buf ) == 0 ); + ret = mbedtls_snprintf(file_buf, sizeof file_buf, "%s/c%02d.pem", chain_dir, + nb_int + 1); + TEST_ASSERT(ret > 0 && (size_t) ret < sizeof file_buf); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&chain, file_buf) == 0); /* Try to verify that chain */ - ret = mbedtls_x509_crt_verify( &chain, &trusted, NULL, NULL, &flags, - NULL, NULL ); - TEST_ASSERT( ret == ret_chk ); - TEST_ASSERT( flags == (uint32_t) flags_chk ); + ret = mbedtls_x509_crt_verify(&chain, &trusted, NULL, NULL, &flags, + NULL, NULL); + TEST_ASSERT(ret == ret_chk); + TEST_ASSERT(flags == (uint32_t) flags_chk); exit: - mbedtls_x509_crt_free( &chain ); - mbedtls_x509_crt_free( &trusted ); - USE_PSA_DONE( ); + mbedtls_x509_crt_free(&chain); + mbedtls_x509_crt_free(&trusted); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_crt_verify_chain( char *chain_paths, char *trusted_ca, - int flags_result, int result, - char *profile_name, int vrfy_fatal_lvls ) +void mbedtls_x509_crt_verify_chain(char *chain_paths, char *trusted_ca, + int flags_result, int result, + char *profile_name, int vrfy_fatal_lvls) { - char* act; + char *act; uint32_t flags; int res; mbedtls_x509_crt trusted, chain; const mbedtls_x509_crt_profile *profile = NULL; - mbedtls_x509_crt_init( &chain ); - mbedtls_x509_crt_init( &trusted ); + mbedtls_x509_crt_init(&chain); + mbedtls_x509_crt_init(&trusted); - USE_PSA_INIT( ); + USE_PSA_INIT(); - while( ( act = mystrsep( &chain_paths, " " ) ) != NULL ) - TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, act ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, trusted_ca ) == 0 ); + while ((act = mystrsep(&chain_paths, " ")) != NULL) { + TEST_ASSERT(mbedtls_x509_crt_parse_file(&chain, act) == 0); + } + TEST_ASSERT(mbedtls_x509_crt_parse_file(&trusted, trusted_ca) == 0); - if( strcmp( profile_name, "" ) == 0 ) + if (strcmp(profile_name, "") == 0) { profile = &mbedtls_x509_crt_profile_default; - else if( strcmp( profile_name, "next" ) == 0 ) + } else if (strcmp(profile_name, "next") == 0) { profile = &mbedtls_x509_crt_profile_next; - else if( strcmp( profile_name, "suiteb" ) == 0 ) + } else if (strcmp(profile_name, "suiteb") == 0) { profile = &mbedtls_x509_crt_profile_suiteb; - else if( strcmp( profile_name, "rsa3072" ) == 0 ) + } else if (strcmp(profile_name, "rsa3072") == 0) { profile = &profile_rsa3072; - else if( strcmp( profile_name, "sha512" ) == 0 ) + } else if (strcmp(profile_name, "sha512") == 0) { profile = &profile_sha512; + } - res = mbedtls_x509_crt_verify_with_profile( &chain, &trusted, NULL, profile, - NULL, &flags, verify_fatal, &vrfy_fatal_lvls ); + res = mbedtls_x509_crt_verify_with_profile(&chain, &trusted, NULL, profile, + NULL, &flags, verify_fatal, &vrfy_fatal_lvls); - TEST_ASSERT( res == ( result ) ); - TEST_ASSERT( flags == (uint32_t)( flags_result ) ); + TEST_ASSERT(res == (result)); + TEST_ASSERT(flags == (uint32_t) (flags_result)); exit: - mbedtls_x509_crt_free( &trusted ); - mbedtls_x509_crt_free( &chain ); - USE_PSA_DONE( ); + mbedtls_x509_crt_free(&trusted); + mbedtls_x509_crt_free(&chain); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ -void x509_oid_desc( data_t * buf, char * ref_desc ) +void x509_oid_desc(data_t *buf, char *ref_desc) { mbedtls_x509_buf oid; const char *desc = NULL; @@ -1173,114 +1193,110 @@ void x509_oid_desc( data_t * buf, char * ref_desc ) oid.p = buf->x; oid.len = buf->len; - ret = mbedtls_oid_get_extended_key_usage( &oid, &desc ); + ret = mbedtls_oid_get_extended_key_usage(&oid, &desc); - if( strcmp( ref_desc, "notfound" ) == 0 ) - { - TEST_ASSERT( ret != 0 ); - TEST_ASSERT( desc == NULL ); - } - else - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( desc != NULL ); - TEST_ASSERT( strcmp( desc, ref_desc ) == 0 ); + if (strcmp(ref_desc, "notfound") == 0) { + TEST_ASSERT(ret != 0); + TEST_ASSERT(desc == NULL); + } else { + TEST_ASSERT(ret == 0); + TEST_ASSERT(desc != NULL); + TEST_ASSERT(strcmp(desc, ref_desc) == 0); } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ -void x509_oid_numstr( data_t * oid_buf, char * numstr, int blen, int ret ) +void x509_oid_numstr(data_t *oid_buf, char *numstr, int blen, int ret) { mbedtls_x509_buf oid; char num_buf[100]; - memset( num_buf, 0x2a, sizeof num_buf ); + memset(num_buf, 0x2a, sizeof num_buf); oid.tag = MBEDTLS_ASN1_OID; oid.p = oid_buf->x; oid.len = oid_buf->len; - TEST_ASSERT( (size_t) blen <= sizeof num_buf ); + TEST_ASSERT((size_t) blen <= sizeof num_buf); - TEST_ASSERT( mbedtls_oid_get_numeric_string( num_buf, blen, &oid ) == ret ); + TEST_ASSERT(mbedtls_oid_get_numeric_string(num_buf, blen, &oid) == ret); - if( ret >= 0 ) - { - TEST_ASSERT( num_buf[ret] == 0 ); - TEST_ASSERT( strcmp( num_buf, numstr ) == 0 ); + if (ret >= 0) { + TEST_ASSERT(num_buf[ret] == 0); + TEST_ASSERT(strcmp(num_buf, numstr) == 0); } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_KEY_USAGE */ -void x509_check_key_usage( char * crt_file, int usage, int ret ) +void x509_check_key_usage(char *crt_file, int usage, int ret) { mbedtls_x509_crt crt; - mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init(&crt); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); - TEST_ASSERT( mbedtls_x509_crt_check_key_usage( &crt, usage ) == ret ); + TEST_ASSERT(mbedtls_x509_crt_check_key_usage(&crt, usage) == ret); exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ -void x509_check_extended_key_usage( char * crt_file, data_t * oid, int ret - ) +void x509_check_extended_key_usage(char *crt_file, data_t *oid, int ret + ) { mbedtls_x509_crt crt; - mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init(&crt); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); - TEST_ASSERT( mbedtls_x509_crt_check_extended_key_usage( &crt, (const char *)oid->x, oid->len ) == ret ); + TEST_ASSERT(mbedtls_x509_crt_check_extended_key_usage(&crt, (const char *) oid->x, + oid->len) == ret); exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ -void x509_get_time( int tag, char * time_str, int ret, int year, int mon, - int day, int hour, int min, int sec ) +void x509_get_time(int tag, char *time_str, int ret, int year, int mon, + int day, int hour, int min, int sec) { mbedtls_x509_time time; unsigned char buf[21]; - unsigned char* start = buf; - unsigned char* end = buf; + unsigned char *start = buf; + unsigned char *end = buf; - memset( &time, 0x00, sizeof( time ) ); - *end = (unsigned char)tag; end++; - *end = strlen( time_str ); - TEST_ASSERT( *end < 20 ); + memset(&time, 0x00, sizeof(time)); + *end = (unsigned char) tag; end++; + *end = strlen(time_str); + TEST_ASSERT(*end < 20); end++; - memcpy( end, time_str, (size_t)*(end - 1) ); + memcpy(end, time_str, (size_t) *(end - 1)); end += *(end - 1); - TEST_ASSERT( mbedtls_x509_get_time( &start, end, &time ) == ret ); - if( ret == 0 ) - { - TEST_ASSERT( year == time.year ); - TEST_ASSERT( mon == time.mon ); - TEST_ASSERT( day == time.day ); - TEST_ASSERT( hour == time.hour ); - TEST_ASSERT( min == time.min ); - TEST_ASSERT( sec == time.sec ); + TEST_ASSERT(mbedtls_x509_get_time(&start, end, &time) == ret); + if (ret == 0) { + TEST_ASSERT(year == time.year); + TEST_ASSERT(mon == time.mon); + TEST_ASSERT(day == time.day); + TEST_ASSERT(hour == time.hour); + TEST_ASSERT(min == time.min); + TEST_ASSERT(sec == time.sec); } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT */ -void x509_parse_rsassa_pss_params( data_t * params, int params_tag, - int ref_msg_md, int ref_mgf_md, - int ref_salt_len, int ref_ret ) +void x509_parse_rsassa_pss_params(data_t *params, int params_tag, + int ref_msg_md, int ref_mgf_md, + int ref_salt_len, int ref_ret) { int my_ret; mbedtls_x509_buf buf; @@ -1291,16 +1307,15 @@ void x509_parse_rsassa_pss_params( data_t * params, int params_tag, buf.len = params->len; buf.tag = params_tag; - my_ret = mbedtls_x509_get_rsassa_pss_params( &buf, &my_msg_md, &my_mgf_md, - &my_salt_len ); + my_ret = mbedtls_x509_get_rsassa_pss_params(&buf, &my_msg_md, &my_mgf_md, + &my_salt_len); - TEST_ASSERT( my_ret == ref_ret ); + TEST_ASSERT(my_ret == ref_ret); - if( ref_ret == 0 ) - { - TEST_ASSERT( my_msg_md == (mbedtls_md_type_t) ref_msg_md ); - TEST_ASSERT( my_mgf_md == (mbedtls_md_type_t) ref_mgf_md ); - TEST_ASSERT( my_salt_len == ref_salt_len ); + if (ref_ret == 0) { + TEST_ASSERT(my_msg_md == (mbedtls_md_type_t) ref_msg_md); + TEST_ASSERT(my_mgf_md == (mbedtls_md_type_t) ref_mgf_md); + TEST_ASSERT(my_salt_len == ref_salt_len); } exit: @@ -1309,8 +1324,8 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_SELF_TEST */ -void x509_selftest( ) +void x509_selftest() { - TEST_ASSERT( mbedtls_x509_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_x509_self_test(1) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index b27a25218382..84da1438ec21 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -8,64 +8,61 @@ #include "mbedtls/asn1write.h" #if defined(MBEDTLS_RSA_C) -int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen, - const unsigned char *input, unsigned char *output, - size_t output_max_len ) +int mbedtls_rsa_decrypt_func(void *ctx, int mode, size_t *olen, + const unsigned char *input, unsigned char *output, + size_t output_max_len) { - return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, NULL, NULL, mode, olen, - input, output, output_max_len ) ); + return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx, NULL, NULL, mode, olen, + input, output, output_max_len); } -int mbedtls_rsa_sign_func( void *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, - const unsigned char *hash, unsigned char *sig ) +int mbedtls_rsa_sign_func(void *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, + const unsigned char *hash, unsigned char *sig) { - return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, mode, - md_alg, hashlen, hash, sig ) ); + return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx, f_rng, p_rng, mode, + md_alg, hashlen, hash, sig); } -size_t mbedtls_rsa_key_len_func( void *ctx ) +size_t mbedtls_rsa_key_len_func(void *ctx) { - return( ((const mbedtls_rsa_context *) ctx)->len ); + return ((const mbedtls_rsa_context *) ctx)->len; } #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ defined(MBEDTLS_PEM_WRITE_C) && defined(MBEDTLS_X509_CSR_WRITE_C) -static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen ) +static int x509_crt_verifycsr(const unsigned char *buf, size_t buflen) { unsigned char hash[MBEDTLS_MD_MAX_SIZE]; const mbedtls_md_info_t *md_info; mbedtls_x509_csr csr; int ret = 0; - mbedtls_x509_csr_init( &csr ); + mbedtls_x509_csr_init(&csr); - if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 ) - { + if (mbedtls_x509_csr_parse(&csr, buf, buflen) != 0) { ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; goto cleanup; } - md_info = mbedtls_md_info_from_type( csr.sig_md ); - if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 ) - { + md_info = mbedtls_md_info_from_type(csr.sig_md); + if (mbedtls_md(md_info, csr.cri.p, csr.cri.len, hash) != 0) { /* Note: this can't happen except after an internal error */ ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; goto cleanup; } - if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk, - csr.sig_md, hash, mbedtls_md_get_size( md_info ), - csr.sig.p, csr.sig.len ) != 0 ) - { + if (mbedtls_pk_verify_ext(csr.sig_pk, csr.sig_opts, &csr.pk, + csr.sig_md, hash, mbedtls_md_get_size(md_info), + csr.sig.p, csr.sig.len) != 0) { ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED; goto cleanup; } cleanup: - mbedtls_x509_csr_free( &csr ); - return( ret ); + mbedtls_x509_csr_free(&csr); + return ret; } #endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */ @@ -91,11 +88,11 @@ cleanup: */ #define EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH 12 -static int csr_set_extended_key_usage( mbedtls_x509write_csr *ctx, - const char *oid, size_t oid_len ) +static int csr_set_extended_key_usage(mbedtls_x509write_csr *ctx, + const char *oid, size_t oid_len) { unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 }; - unsigned char *p = buf + sizeof( buf ); + unsigned char *p = buf + sizeof(buf); int ret; size_t len = 0; @@ -103,18 +100,21 @@ static int csr_set_extended_key_usage( mbedtls_x509write_csr *ctx, * Following functions fail anyway if the temporary buffer is not large, * but we set an extra check here to emphasize a possible source of errors */ - if ( oid_len > EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH ) - { + if (oid_len > EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH) { return MBEDTLS_ERR_X509_BAD_INPUT_DATA; } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( &p, buf, oid, oid_len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, ret ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(&p, buf, oid, oid_len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, ret)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_EXTENDED_KEY_USAGE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_EXTENDED_KEY_USAGE ), p, len ); + ret = mbedtls_x509write_csr_set_extension(ctx, + MBEDTLS_OID_EXTENDED_KEY_USAGE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE), + p, + len); return ret; } @@ -127,9 +127,9 @@ static int csr_set_extended_key_usage( mbedtls_x509write_csr *ctx, */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */ -void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type, - int key_usage, int set_key_usage, int cert_type, - int set_cert_type, int set_extension ) +void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type, + int key_usage, int set_key_usage, int cert_type, + int set_cert_type, int set_extension) { mbedtls_pk_context key; mbedtls_x509write_csr req; @@ -142,64 +142,67 @@ void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type, const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; mbedtls_test_rnd_pseudo_info rnd_info; - memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); - mbedtls_x509write_csr_init( &req ); + mbedtls_x509write_csr_init(&req); - mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); + mbedtls_pk_init(&key); + TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL) == 0); - mbedtls_x509write_csr_set_md_alg( &req, md_type ); - mbedtls_x509write_csr_set_key( &req, &key ); - TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 ); - if( set_key_usage != 0 ) - TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 ); - if( set_cert_type != 0 ) - TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 ); - if ( set_extension != 0 ) - TEST_ASSERT( csr_set_extended_key_usage( &req, MBEDTLS_OID_SERVER_AUTH, - MBEDTLS_OID_SIZE( MBEDTLS_OID_SERVER_AUTH ) ) == 0 ); + mbedtls_x509write_csr_set_md_alg(&req, md_type); + mbedtls_x509write_csr_set_key(&req, &key); + TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0); + if (set_key_usage != 0) { + TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0); + } + if (set_cert_type != 0) { + TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0); + } + if (set_extension != 0) { + TEST_ASSERT(csr_set_extended_key_usage(&req, MBEDTLS_OID_SERVER_AUTH, + MBEDTLS_OID_SIZE(MBEDTLS_OID_SERVER_AUTH)) == 0); + } - ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf), + mbedtls_test_rnd_pseudo_rand, &rnd_info); + TEST_ASSERT(ret == 0); - pem_len = strlen( (char *) buf ); + pem_len = strlen((char *) buf); - for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index ) - { - TEST_ASSERT( buf[buf_index] == 0 ); + for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { + TEST_ASSERT(buf[buf_index] == 0); } - f = fopen( cert_req_check_file, "r" ); - TEST_ASSERT( f != NULL ); - olen = fread( check_buf, 1, sizeof( check_buf ), f ); - fclose( f ); + f = fopen(cert_req_check_file, "r"); + TEST_ASSERT(f != NULL); + olen = fread(check_buf, 1, sizeof(check_buf), f); + fclose(f); - TEST_ASSERT( olen >= pem_len - 1 ); - TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 ); + TEST_ASSERT(olen >= pem_len - 1); + TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0); - der_len = mbedtls_x509write_csr_der( &req, buf, sizeof( buf ), - mbedtls_test_rnd_pseudo_rand, - &rnd_info ); - TEST_ASSERT( der_len >= 0 ); + der_len = mbedtls_x509write_csr_der(&req, buf, sizeof(buf), + mbedtls_test_rnd_pseudo_rand, + &rnd_info); + TEST_ASSERT(der_len >= 0); - if( der_len == 0 ) + if (der_len == 0) { goto exit; + } - ret = mbedtls_x509write_csr_der( &req, buf, (size_t)( der_len - 1 ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + ret = mbedtls_x509write_csr_der(&req, buf, (size_t) (der_len - 1), + mbedtls_test_rnd_pseudo_rand, &rnd_info); + TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); exit: - mbedtls_x509write_csr_free( &req ); - mbedtls_pk_free( &key ); + mbedtls_x509write_csr_free(&req); + mbedtls_pk_free(&key); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */ -void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, - int cert_type ) +void x509_csr_check_opaque(char *key_file, int md_type, int key_usage, + int cert_type) { mbedtls_pk_context key; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; @@ -211,53 +214,55 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; mbedtls_test_rnd_pseudo_info rnd_info; - memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); - mbedtls_x509write_csr_init( &req ); + mbedtls_x509write_csr_init(&req); - USE_PSA_INIT( ); + USE_PSA_INIT(); - md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type ); - TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE ); + md_alg_psa = mbedtls_psa_translate_md((mbedtls_md_type_t) md_type); + TEST_ASSERT(md_alg_psa != MBEDTLS_MD_NONE); - mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); - TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &key_id, md_alg_psa ) == 0 ); + mbedtls_pk_init(&key); + TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL) == 0); + TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&key, &key_id, md_alg_psa) == 0); - mbedtls_x509write_csr_set_md_alg( &req, md_type ); - mbedtls_x509write_csr_set_key( &req, &key ); - TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 ); - if( key_usage != 0 ) - TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 ); - if( cert_type != 0 ) - TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 ); + mbedtls_x509write_csr_set_md_alg(&req, md_type); + mbedtls_x509write_csr_set_key(&req, &key); + TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0); + if (key_usage != 0) { + TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0); + } + if (cert_type != 0) { + TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0); + } - ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ) - 1, - mbedtls_test_rnd_pseudo_rand, &rnd_info ); + ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf) - 1, + mbedtls_test_rnd_pseudo_rand, &rnd_info); - TEST_ASSERT( ret == 0 ); + TEST_ASSERT(ret == 0); - pem_len = strlen( (char *) buf ); + pem_len = strlen((char *) buf); buf[pem_len] = '\0'; - TEST_ASSERT( x509_crt_verifycsr( buf, pem_len + 1 ) == 0 ); + TEST_ASSERT(x509_crt_verifycsr(buf, pem_len + 1) == 0); exit: - mbedtls_x509write_csr_free( &req ); - mbedtls_pk_free( &key ); - psa_destroy_key( key_id ); - PSA_DONE( ); + mbedtls_x509write_csr_free(&req); + mbedtls_pk_free(&key); + psa_destroy_key(key_id); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */ -void x509_crt_check( char *subject_key_file, char *subject_pwd, - char *subject_name, char *issuer_key_file, - char *issuer_pwd, char *issuer_name, - char *serial_str, char *not_before, char *not_after, - int md_type, int key_usage, int set_key_usage, - int cert_type, int set_cert_type, int auth_ident, - int ver, char *cert_check_file, int rsa_alt, int is_ca ) +void x509_crt_check(char *subject_key_file, char *subject_pwd, + char *subject_name, char *issuer_key_file, + char *issuer_pwd, char *issuer_name, + char *serial_str, char *not_before, char *not_after, + int md_type, int key_usage, int set_key_usage, + int cert_type, int set_cert_type, int auth_ident, + int ver, char *cert_check_file, int rsa_alt, int is_ca) { mbedtls_pk_context subject_key, issuer_key, issuer_key_alt; mbedtls_pk_context *key = &issuer_key; @@ -274,30 +279,29 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd, FILE *f; mbedtls_test_rnd_pseudo_info rnd_info; - memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) ); - mbedtls_mpi_init( &serial ); + memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); + mbedtls_mpi_init(&serial); - mbedtls_pk_init( &subject_key ); - mbedtls_pk_init( &issuer_key ); - mbedtls_pk_init( &issuer_key_alt ); + mbedtls_pk_init(&subject_key); + mbedtls_pk_init(&issuer_key); + mbedtls_pk_init(&issuer_key_alt); - mbedtls_x509write_crt_init( &crt ); + mbedtls_x509write_crt_init(&crt); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &subject_key, subject_key_file, - subject_pwd ) == 0 ); + TEST_ASSERT(mbedtls_pk_parse_keyfile(&subject_key, subject_key_file, + subject_pwd) == 0); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &issuer_key, issuer_key_file, - issuer_pwd ) == 0 ); + TEST_ASSERT(mbedtls_pk_parse_keyfile(&issuer_key, issuer_key_file, + issuer_pwd) == 0); #if defined(MBEDTLS_RSA_C) /* For RSA PK contexts, create a copy as an alternative RSA context. */ - if( rsa_alt == 1 && mbedtls_pk_get_type( &issuer_key ) == MBEDTLS_PK_RSA ) - { - TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &issuer_key_alt, - mbedtls_pk_rsa( issuer_key ), - mbedtls_rsa_decrypt_func, - mbedtls_rsa_sign_func, - mbedtls_rsa_key_len_func ) == 0 ); + if (rsa_alt == 1 && mbedtls_pk_get_type(&issuer_key) == MBEDTLS_PK_RSA) { + TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&issuer_key_alt, + mbedtls_pk_rsa(issuer_key), + mbedtls_rsa_decrypt_func, + mbedtls_rsa_sign_func, + mbedtls_rsa_key_len_func) == 0); key = &issuer_key_alt; } @@ -305,130 +309,125 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd, (void) rsa_alt; #endif - TEST_ASSERT( mbedtls_test_read_mpi( &serial, serial_str ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&serial, serial_str) == 0); - if( ver != -1 ) - mbedtls_x509write_crt_set_version( &crt, ver ); + if (ver != -1) { + mbedtls_x509write_crt_set_version(&crt, ver); + } - TEST_ASSERT( mbedtls_x509write_crt_set_serial( &crt, &serial ) == 0 ); - TEST_ASSERT( mbedtls_x509write_crt_set_validity( &crt, not_before, - not_after ) == 0 ); - mbedtls_x509write_crt_set_md_alg( &crt, md_type ); - TEST_ASSERT( mbedtls_x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 ); - TEST_ASSERT( mbedtls_x509write_crt_set_subject_name( &crt, subject_name ) == 0 ); - mbedtls_x509write_crt_set_subject_key( &crt, &subject_key ); + TEST_ASSERT(mbedtls_x509write_crt_set_serial(&crt, &serial) == 0); + TEST_ASSERT(mbedtls_x509write_crt_set_validity(&crt, not_before, + not_after) == 0); + mbedtls_x509write_crt_set_md_alg(&crt, md_type); + TEST_ASSERT(mbedtls_x509write_crt_set_issuer_name(&crt, issuer_name) == 0); + TEST_ASSERT(mbedtls_x509write_crt_set_subject_name(&crt, subject_name) == 0); + mbedtls_x509write_crt_set_subject_key(&crt, &subject_key); - mbedtls_x509write_crt_set_issuer_key( &crt, key ); + mbedtls_x509write_crt_set_issuer_key(&crt, key); - if( crt.version >= MBEDTLS_X509_CRT_VERSION_3 ) - { + if (crt.version >= MBEDTLS_X509_CRT_VERSION_3) { /* For the CA case, a path length of -1 means unlimited. */ - TEST_ASSERT( mbedtls_x509write_crt_set_basic_constraints( &crt, is_ca, - (is_ca ? -1 : 0) ) == 0 ); - TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 ); - if( auth_ident ) - TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 ); - if( set_key_usage != 0 ) - TEST_ASSERT( mbedtls_x509write_crt_set_key_usage( &crt, key_usage ) == 0 ); - if( set_cert_type != 0 ) - TEST_ASSERT( mbedtls_x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 ); + TEST_ASSERT(mbedtls_x509write_crt_set_basic_constraints(&crt, is_ca, + (is_ca ? -1 : 0)) == 0); + TEST_ASSERT(mbedtls_x509write_crt_set_subject_key_identifier(&crt) == 0); + if (auth_ident) { + TEST_ASSERT(mbedtls_x509write_crt_set_authority_key_identifier(&crt) == 0); + } + if (set_key_usage != 0) { + TEST_ASSERT(mbedtls_x509write_crt_set_key_usage(&crt, key_usage) == 0); + } + if (set_cert_type != 0) { + TEST_ASSERT(mbedtls_x509write_crt_set_ns_cert_type(&crt, cert_type) == 0); + } } - ret = mbedtls_x509write_crt_pem( &crt, buf, sizeof( buf ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_x509write_crt_pem(&crt, buf, sizeof(buf), + mbedtls_test_rnd_pseudo_rand, &rnd_info); + TEST_ASSERT(ret == 0); - pem_len = strlen( (char *) buf ); + pem_len = strlen((char *) buf); // check that the rest of the buffer remains clear - for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index ) - { - TEST_ASSERT( buf[buf_index] == 0 ); + for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { + TEST_ASSERT(buf[buf_index] == 0); } - if( *cert_check_file != '\0' ) - { - f = fopen( cert_check_file, "r" ); - TEST_ASSERT( f != NULL ); - olen = fread( check_buf, 1, sizeof( check_buf ), f ); - fclose( f ); - TEST_ASSERT( olen < sizeof( check_buf ) ); - TEST_ASSERT( olen >= pem_len - 1 ); - TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 ); + if (*cert_check_file != '\0') { + f = fopen(cert_check_file, "r"); + TEST_ASSERT(f != NULL); + olen = fread(check_buf, 1, sizeof(check_buf), f); + fclose(f); + TEST_ASSERT(olen < sizeof(check_buf)); + TEST_ASSERT(olen >= pem_len - 1); + TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0); } - der_len = mbedtls_x509write_crt_der( &crt, buf, sizeof( buf ), - mbedtls_test_rnd_pseudo_rand, - &rnd_info ); - TEST_ASSERT( der_len >= 0 ); + der_len = mbedtls_x509write_crt_der(&crt, buf, sizeof(buf), + mbedtls_test_rnd_pseudo_rand, + &rnd_info); + TEST_ASSERT(der_len >= 0); - if( der_len == 0 ) + if (der_len == 0) { goto exit; + } // Not testing against file, check date format - if( *cert_check_file == '\0' ) - { + if (*cert_check_file == '\0') { // UTC tag if before 2050, 2 digits less for year - if( not_before[0] == '2' && ( not_before[1] > '0' || not_before[2] > '4' ) ) - { + if (not_before[0] == '2' && (not_before[1] > '0' || not_before[2] > '4')) { before_tag = MBEDTLS_ASN1_GENERALIZED_TIME; - } - else - { + } else { before_tag = MBEDTLS_ASN1_UTC_TIME; not_before += 2; } - if( not_after[0] == '2' && ( not_after[1] > '0' || not_after[2] > '4' ) ) - { + if (not_after[0] == '2' && (not_after[1] > '0' || not_after[2] > '4')) { after_tag = MBEDTLS_ASN1_GENERALIZED_TIME; - } - else - { + } else { after_tag = MBEDTLS_ASN1_UTC_TIME; not_after += 2; } - end = buf + sizeof( buf ); - for( p = end - der_len ; p < end ; ) - { + end = buf + sizeof(buf); + for (p = end - der_len; p < end;) { tag = *p++; sz = *p++; - if( tag == MBEDTLS_ASN1_UTC_TIME || tag == MBEDTLS_ASN1_GENERALIZED_TIME ) - { + if (tag == MBEDTLS_ASN1_UTC_TIME || tag == MBEDTLS_ASN1_GENERALIZED_TIME) { // Check correct tag and time written - TEST_ASSERT( before_tag == tag ); - TEST_ASSERT( memcmp( p, not_before, sz - 1 ) == 0 ); + TEST_ASSERT(before_tag == tag); + TEST_ASSERT(memcmp(p, not_before, sz - 1) == 0); p += sz; tag = *p++; sz = *p++; - TEST_ASSERT( after_tag == tag ); - TEST_ASSERT( memcmp( p, not_after, sz - 1 ) == 0 ); + TEST_ASSERT(after_tag == tag); + TEST_ASSERT(memcmp(p, not_after, sz - 1) == 0); break; } // Increment if long form ASN1 length - if( sz & 0x80 ) + if (sz & 0x80) { p += sz & 0x0F; - if( tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) + } + if (tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { p += sz; + } } - TEST_ASSERT( p < end ); + TEST_ASSERT(p < end); } - ret = mbedtls_x509write_crt_der( &crt, buf, (size_t)( der_len - 1 ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + ret = mbedtls_x509write_crt_der(&crt, buf, (size_t) (der_len - 1), + mbedtls_test_rnd_pseudo_rand, &rnd_info); + TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); exit: - mbedtls_x509write_crt_free( &crt ); - mbedtls_pk_free( &issuer_key_alt ); - mbedtls_pk_free( &subject_key ); - mbedtls_pk_free( &issuer_key ); - mbedtls_mpi_free( &serial ); + mbedtls_x509write_crt_free(&crt); + mbedtls_pk_free(&issuer_key_alt); + mbedtls_pk_free(&subject_key); + mbedtls_pk_free(&issuer_key); + mbedtls_mpi_free(&serial); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */ -void mbedtls_x509_string_to_names( char * name, char * parsed_name, int result - ) +void mbedtls_x509_string_to_names(char *name, char *parsed_name, int result + ) { int ret; size_t len = 0; @@ -436,38 +435,38 @@ void mbedtls_x509_string_to_names( char * name, char * parsed_name, int result mbedtls_x509_name parsed, *parsed_cur, *parsed_prv; unsigned char buf[1024], out[1024], *c; - memset( &parsed, 0, sizeof( parsed ) ); - memset( out, 0, sizeof( out ) ); - memset( buf, 0, sizeof( buf ) ); - c = buf + sizeof( buf ); + memset(&parsed, 0, sizeof(parsed)); + memset(out, 0, sizeof(out)); + memset(buf, 0, sizeof(buf)); + c = buf + sizeof(buf); - ret = mbedtls_x509_string_to_names( &names, name ); - TEST_ASSERT( ret == result ); + ret = mbedtls_x509_string_to_names(&names, name); + TEST_ASSERT(ret == result); - if( ret != 0 ) + if (ret != 0) { goto exit; + } - ret = mbedtls_x509_write_names( &c, buf, names ); - TEST_ASSERT( ret > 0 ); + ret = mbedtls_x509_write_names(&c, buf, names); + TEST_ASSERT(ret > 0); - TEST_ASSERT( mbedtls_asn1_get_tag( &c, buf + sizeof( buf ), &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) == 0 ); - TEST_ASSERT( mbedtls_x509_get_name( &c, buf + sizeof( buf ), &parsed ) == 0 ); + TEST_ASSERT(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) == 0); + TEST_ASSERT(mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed) == 0); - ret = mbedtls_x509_dn_gets( (char *) out, sizeof( out ), &parsed ); - TEST_ASSERT( ret > 0 ); + ret = mbedtls_x509_dn_gets((char *) out, sizeof(out), &parsed); + TEST_ASSERT(ret > 0); - TEST_ASSERT( strcmp( (char *) out, parsed_name ) == 0 ); + TEST_ASSERT(strcmp((char *) out, parsed_name) == 0); exit: - mbedtls_asn1_free_named_data_list( &names ); + mbedtls_asn1_free_named_data_list(&names); parsed_cur = parsed.next; - while( parsed_cur != 0 ) - { + while (parsed_cur != 0) { parsed_prv = parsed_cur; parsed_cur = parsed_cur->next; - mbedtls_free( parsed_prv ); + mbedtls_free(parsed_prv); } } /* END_CASE */ diff --git a/tests/suites/test_suite_xtea.function b/tests/suites/test_suite_xtea.function index 1d5b29b8ab2b..7e06e309e233 100644 --- a/tests/suites/test_suite_xtea.function +++ b/tests/suites/test_suite_xtea.function @@ -8,8 +8,8 @@ */ /* BEGIN_CASE */ -void xtea_encrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst ) +void xtea_encrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst) { unsigned char output[100]; mbedtls_xtea_context ctx; @@ -17,15 +17,15 @@ void xtea_encrypt_ecb( data_t * key_str, data_t * src_str, memset(output, 0x00, 100); - mbedtls_xtea_setup( &ctx, key_str->x ); - TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->x, output ) == 0 ); + mbedtls_xtea_setup(&ctx, key_str->x); + TEST_ASSERT(mbedtls_xtea_crypt_ecb(&ctx, MBEDTLS_XTEA_ENCRYPT, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void xtea_decrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst ) +void xtea_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_xtea_context ctx; @@ -33,16 +33,16 @@ void xtea_decrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst ) memset(output, 0x00, 100); - mbedtls_xtea_setup( &ctx, key_str->x ); - TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->x, output ) == 0 ); + mbedtls_xtea_setup(&ctx, key_str->x); + TEST_ASSERT(mbedtls_xtea_crypt_ecb(&ctx, MBEDTLS_XTEA_DECRYPT, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void xtea_encrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void xtea_encrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_xtea_context ctx; @@ -50,18 +50,18 @@ void xtea_encrypt_cbc( data_t * key_str, data_t * iv_str, memset(output, 0x00, 100); - mbedtls_xtea_setup( &ctx, key_str->x ); - TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->len, iv_str->x, - src_str->x, output ) == 0 ); + mbedtls_xtea_setup(&ctx, key_str->x); + TEST_ASSERT(mbedtls_xtea_crypt_cbc(&ctx, MBEDTLS_XTEA_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void xtea_decrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void xtea_decrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_xtea_context ctx; @@ -69,18 +69,18 @@ void xtea_decrypt_cbc( data_t * key_str, data_t * iv_str, memset(output, 0x00, 100); - mbedtls_xtea_setup( &ctx, key_str->x ); - TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->len, iv_str->x, - src_str->x, output ) == 0 ); + mbedtls_xtea_setup(&ctx, key_str->x); + TEST_ASSERT(mbedtls_xtea_crypt_cbc(&ctx, MBEDTLS_XTEA_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void xtea_selftest( ) +void xtea_selftest() { - TEST_ASSERT( mbedtls_xtea_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_xtea_self_test(1) == 0); } /* END_CASE */